1: /* ssl/s3_clnt.c */
    2: /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
    3:  * All rights reserved.
    4:  *
    5:  * This package is an SSL implementation written
    6:  * by Eric Young (eay@cryptsoft.com).
    7:  * The implementation was written so as to conform with Netscapes SSL.
    8:  * 
    9:  * This library is free for commercial and non-commercial use as long as
   10:  * the following conditions are aheared to.  The following conditions
   11:  * apply to all code found in this distribution, be it the RC4, RSA,
   12:  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
   13:  * included with this distribution is covered by the same copyright terms
   14:  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
   15:  * 
   16:  * Copyright remains Eric Young's, and as such any Copyright notices in
   17:  * the code are not to be removed.
   18:  * If this package is used in a product, Eric Young should be given attribution
   19:  * as the author of the parts of the library used.
   20:  * This can be in the form of a textual message at program startup or
   21:  * in documentation (online or textual) provided with the package.
   22:  * 
   23:  * Redistribution and use in source and binary forms, with or without
   24:  * modification, are permitted provided that the following conditions
   25:  * are met:
   26:  * 1. Redistributions of source code must retain the copyright
   27:  *    notice, this list of conditions and the following disclaimer.
   28:  * 2. Redistributions in binary form must reproduce the above copyright
   29:  *    notice, this list of conditions and the following disclaimer in the
   30:  *    documentation and/or other materials provided with the distribution.
   31:  * 3. All advertising materials mentioning features or use of this software
   32:  *    must display the following acknowledgement:
   33:  *    "This product includes cryptographic software written by
   34:  *     Eric Young (eay@cryptsoft.com)"
   35:  *    The word 'cryptographic' can be left out if the rouines from the library
   36:  *    being used are not cryptographic related :-).
   37:  * 4. If you include any Windows specific code (or a derivative thereof) from 
   38:  *    the apps directory (application code) you must include an acknowledgement:
   39:  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
   40:  * 
   41:  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
   42:  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   43:  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   44:  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
   45:  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   46:  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   47:  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   48:  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   49:  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   50:  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   51:  * SUCH DAMAGE.
   52:  * 
   53:  * The licence and distribution terms for any publically available version or
   54:  * derivative of this code cannot be changed.  i.e. this code cannot simply be
   55:  * copied and put under another distribution licence
   56:  * [including the GNU Public Licence.]
   57:  */
   58: /* ====================================================================
   59:  * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
   60:  *
   61:  * Redistribution and use in source and binary forms, with or without
   62:  * modification, are permitted provided that the following conditions
   63:  * are met:
   64:  *
   65:  * 1. Redistributions of source code must retain the above copyright
   66:  *    notice, this list of conditions and the following disclaimer. 
   67:  *
   68:  * 2. Redistributions in binary form must reproduce the above copyright
   69:  *    notice, this list of conditions and the following disclaimer in
   70:  *    the documentation and/or other materials provided with the
   71:  *    distribution.
   72:  *
   73:  * 3. All advertising materials mentioning features or use of this
   74:  *    software must display the following acknowledgment:
   75:  *    "This product includes software developed by the OpenSSL Project
   76:  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
   77:  *
   78:  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
   79:  *    endorse or promote products derived from this software without
   80:  *    prior written permission. For written permission, please contact
   81:  *    openssl-core@openssl.org.
   82:  *
   83:  * 5. Products derived from this software may not be called "OpenSSL"
   84:  *    nor may "OpenSSL" appear in their names without prior written
   85:  *    permission of the OpenSSL Project.
   86:  *
   87:  * 6. Redistributions of any form whatsoever must retain the following
   88:  *    acknowledgment:
   89:  *    "This product includes software developed by the OpenSSL Project
   90:  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
   91:  *
   92:  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
   93:  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   94:  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
   95:  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
   96:  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
   97:  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
   98:  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
   99:  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  100:  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  101:  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  102:  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  103:  * OF THE POSSIBILITY OF SUCH DAMAGE.
  104:  * ====================================================================
  105:  *
  106:  * This product includes cryptographic software written by Eric Young
  107:  * (eay@cryptsoft.com).  This product includes software written by Tim
  108:  * Hudson (tjh@cryptsoft.com).
  109:  *
  110:  */
  111: /* ====================================================================
  112:  * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
  113:  *
  114:  * Portions of the attached software ("Contribution") are developed by 
  115:  * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
  116:  *
  117:  * The Contribution is licensed pursuant to the OpenSSL open source
  118:  * license provided above.
  119:  *
  120:  * ECC cipher suite support in OpenSSL originally written by
  121:  * Vipul Gupta and Sumit Gupta of Sun Microsystems Laboratories.
  122:  *
  123:  */
  124: 
  125: #include <stdio.h>
  126: #include "ssl_locl.h"
  127: #include "kssl_lcl.h"
  128: #include <openssl/buffer.h>
  129: #include <openssl/rand.h>
  130: #include <openssl/objects.h>
  131: #include <openssl/evp.h>
  132: #include <openssl/md5.h>
  133: #ifndef OPENSSL_NO_DH
  134: #include <openssl/dh.h>
  135: #endif
  136: #include <openssl/bn.h>
  137: 
  138: static SSL_METHOD *ssl3_get_client_method(int ver);
  139: static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b);
  140: #ifndef OPENSSL_NO_TLSEXT
  141: static int ssl3_check_finished(SSL *s);
  142: #endif
  143: 
  144: #ifndef OPENSSL_NO_ECDH
  145: static int curve_id2nid(int curve_id);
  146: int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs);
  147: #endif
  148: 
  149: static SSL_METHOD *ssl3_get_client_method(int ver)
  150:         {
  151:         if (ver == SSL3_VERSION)
  152:                 return(SSLv3_client_method());
  153:         else
  154:                 return(NULL);
  155:         }
  156: 
  157: IMPLEMENT_ssl3_meth_func(SSLv3_client_method,
  158:                         ssl_undefined_function,
  159:                         ssl3_connect,
  160:                         ssl3_get_client_method)
  161: 
  162: int ssl3_connect(SSL *s)
  163:         {
  164:         BUF_MEM *buf=NULL;
  165:         unsigned long Time=(unsigned long)time(NULL),l;
  166:         long num1;
  167:         void (*cb)(const SSL *ssl,int type,int val)=NULL;
  168:         int ret= -1;
  169:         int new_state,state,skip=0;;
  170: 
  171:         RAND_add(&Time,sizeof(Time),0);
  172:         ERR_clear_error();
  173:         clear_sys_error();
  174: 
  175:         if (s->info_callback != NULL)
  176:                 cb=s->info_callback;
  177:         else if (s->ctx->info_callback != NULL)
  178:                 cb=s->ctx->info_callback;
  179:         
  180:         s->in_handshake++;
  181:         if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s); 
  182: 
  183:         for (;;)
  184:                 {
  185:                 state=s->state;
  186: 
  187:                 switch(s->state)
  188:                         {
  189:                 case SSL_ST_RENEGOTIATE:
  190:                         s->new_session=1;
  191:                         s->state=SSL_ST_CONNECT;
  192:                         s->ctx->stats.sess_connect_renegotiate++;
  193:                         /* break */
  194:                 case SSL_ST_BEFORE:
  195:                 case SSL_ST_CONNECT:
  196:                 case SSL_ST_BEFORE|SSL_ST_CONNECT:
  197:                 case SSL_ST_OK|SSL_ST_CONNECT:
  198: 
  199:                         s->server=0;
  200:                         if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
  201: 
  202:                         if ((s->version & 0xff00 ) != 0x0300)
  203:                                 {
  204:                                 SSLerr(SSL_F_SSL3_CONNECT, ERR_R_INTERNAL_ERROR);
  205:                                 ret = -1;
  206:                                 goto end;
  207:                                 }
  208:                                 
  209:                         /* s->version=SSL3_VERSION; */
  210:                         s->type=SSL_ST_CONNECT;
  211: 
  212:                         if (s->init_buf == NULL)
  213:                                 {
  214:                                 if ((buf=BUF_MEM_new()) == NULL)
  215:                                         {
  216:                                         ret= -1;
  217:                                         goto end;
  218:                                         }
  219:                                 if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
  220:                                         {
  221:                                         ret= -1;
  222:                                         goto end;
  223:                                         }
  224:                                 s->init_buf=buf;
  225:                                 buf=NULL;
  226:                                 }
  227: 
  228:                         if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
  229: 
  230:                         /* setup buffing BIO */
  231:                         if (!ssl_init_wbio_buffer(s,0)) { ret= -1; goto end; }
  232: 
  233:                         /* don't push the buffering BIO quite yet */
  234: 
  235:                         ssl3_init_finished_mac(s);
  236: 
  237:                         s->state=SSL3_ST_CW_CLNT_HELLO_A;
  238:                         s->ctx->stats.sess_connect++;
  239:                         s->init_num=0;
  240:                         break;
  241: 
  242:                 case SSL3_ST_CW_CLNT_HELLO_A:
  243:                 case SSL3_ST_CW_CLNT_HELLO_B:
  244: 
  245:                         s->shutdown=0;
  246:                         ret=ssl3_client_hello(s);
  247:                         if (ret <= 0) goto end;
  248:                         s->state=SSL3_ST_CR_SRVR_HELLO_A;
  249:                         s->init_num=0;
  250: 
  251:                         /* turn on buffering for the next lot of output */
  252:                         if (s->bbio != s->wbio)
  253:                                 s->wbio=BIO_push(s->bbio,s->wbio);
  254: 
  255:                         break;
  256: 
  257:                 case SSL3_ST_CR_SRVR_HELLO_A:
  258:                 case SSL3_ST_CR_SRVR_HELLO_B:
  259:                         ret=ssl3_get_server_hello(s);
  260:                         if (ret <= 0) goto end;
  261:                         if (s->hit)
  262:                                 s->state=SSL3_ST_CR_FINISHED_A;
  263:                         else
  264:                                 s->state=SSL3_ST_CR_CERT_A;
  265:                         s->init_num=0;
  266:                         break;
  267: 
  268:                 case SSL3_ST_CR_CERT_A:
  269:                 case SSL3_ST_CR_CERT_B:
  270: #ifndef OPENSSL_NO_TLSEXT
  271:                         ret=ssl3_check_finished(s);
  272:                         if (ret <= 0) goto end;
  273:                         if (ret == 2)
  274:                                 {
  275:                                 s->hit = 1;
  276:                                 s->state=SSL3_ST_CR_FINISHED_A;
  277:                                 s->init_num=0;
  278:                                 break;
  279:                                 }
  280: #endif
  281:                         /* Check if it is anon DH/ECDH */
  282:                         if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
  283:                                 {
  284:                                 ret=ssl3_get_server_certificate(s);
  285:                                 if (ret <= 0) goto end;
  286:                                 }
  287:                         else
  288:                                 skip=1;
  289:                         s->state=SSL3_ST_CR_KEY_EXCH_A;
  290:                         s->init_num=0;
  291:                         break;
  292: 
  293:                 case SSL3_ST_CR_KEY_EXCH_A:
  294:                 case SSL3_ST_CR_KEY_EXCH_B:
  295:                         ret=ssl3_get_key_exchange(s);
  296:                         if (ret <= 0) goto end;
  297:                         s->state=SSL3_ST_CR_CERT_REQ_A;
  298:                         s->init_num=0;
  299: 
  300:                         /* at this point we check that we have the
  301:                          * required stuff from the server */
  302:                         if (!ssl3_check_cert_and_algorithm(s))
  303:                                 {
  304:                                 ret= -1;
  305:                                 goto end;
  306:                                 }
  307:                         break;
  308: 
  309:                 case SSL3_ST_CR_CERT_REQ_A:
  310:                 case SSL3_ST_CR_CERT_REQ_B:
  311:                         ret=ssl3_get_certificate_request(s);
  312:                         if (ret <= 0) goto end;
  313:                         s->state=SSL3_ST_CR_SRVR_DONE_A;
  314:                         s->init_num=0;
  315:                         break;
  316: 
  317:                 case SSL3_ST_CR_SRVR_DONE_A:
  318:                 case SSL3_ST_CR_SRVR_DONE_B:
  319:                         ret=ssl3_get_server_done(s);
  320:                         if (ret <= 0) goto end;
  321:                         if (s->s3->tmp.cert_req)
  322:                                 s->state=SSL3_ST_CW_CERT_A;
  323:                         else
  324:                                 s->state=SSL3_ST_CW_KEY_EXCH_A;
  325:                         s->init_num=0;
  326: 
  327:                         break;
  328: 
  329:                 case SSL3_ST_CW_CERT_A:
  330:                 case SSL3_ST_CW_CERT_B:
  331:                 case SSL3_ST_CW_CERT_C:
  332:                 case SSL3_ST_CW_CERT_D:
  333:                         ret=ssl3_send_client_certificate(s);
  334:                         if (ret <= 0) goto end;
  335:                         s->state=SSL3_ST_CW_KEY_EXCH_A;
  336:                         s->init_num=0;
  337:                         break;
  338: 
  339:                 case SSL3_ST_CW_KEY_EXCH_A:
  340:                 case SSL3_ST_CW_KEY_EXCH_B:
  341:                         ret=ssl3_send_client_key_exchange(s);
  342:                         if (ret <= 0) goto end;
  343:                         l=s->s3->tmp.new_cipher->algorithms;
  344:                         /* EAY EAY EAY need to check for DH fix cert
  345:                          * sent back */
  346:                         /* For TLS, cert_req is set to 2, so a cert chain
  347:                          * of nothing is sent, but no verify packet is sent */
  348:                         /* XXX: For now, we do not support client 
  349:                          * authentication in ECDH cipher suites with
  350:                          * ECDH (rather than ECDSA) certificates.
  351:                          * We need to skip the certificate verify 
  352:                          * message when client's ECDH public key is sent 
  353:                          * inside the client certificate.
  354:                          */
  355:                         if (s->s3->tmp.cert_req == 1)
  356:                                 {
  357:                                 s->state=SSL3_ST_CW_CERT_VRFY_A;
  358:                                 }
  359:                         else
  360:                                 {
  361:                                 s->state=SSL3_ST_CW_CHANGE_A;
  362:                                 s->s3->change_cipher_spec=0;
  363:                                 }
  364: 
  365:                         s->init_num=0;
  366:                         break;
  367: 
  368:                 case SSL3_ST_CW_CERT_VRFY_A:
  369:                 case SSL3_ST_CW_CERT_VRFY_B:
  370:                         ret=ssl3_send_client_verify(s);
  371:                         if (ret <= 0) goto end;
  372:                         s->state=SSL3_ST_CW_CHANGE_A;
  373:                         s->init_num=0;
  374:                         s->s3->change_cipher_spec=0;
  375:                         break;
  376: 
  377:                 case SSL3_ST_CW_CHANGE_A:
  378:                 case SSL3_ST_CW_CHANGE_B:
  379:                         ret=ssl3_send_change_cipher_spec(s,
  380:                                 SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
  381:                         if (ret <= 0) goto end;
  382:                         s->state=SSL3_ST_CW_FINISHED_A;
  383:                         s->init_num=0;
  384: 
  385:                         s->session->cipher=s->s3->tmp.new_cipher;
  386: #ifdef OPENSSL_NO_COMP
  387:                         s->session->compress_meth=0;
  388: #else
  389:                         if (s->s3->tmp.new_compression == NULL)
  390:                                 s->session->compress_meth=0;
  391:                         else
  392:                                 s->session->compress_meth=
  393:                                         s->s3->tmp.new_compression->id;
  394: #endif
  395:                         if (!s->method->ssl3_enc->setup_key_block(s))
  396:                                 {
  397:                                 ret= -1;
  398:                                 goto end;
  399:                                 }
  400: 
  401:                         if (!s->method->ssl3_enc->change_cipher_state(s,
  402:                                 SSL3_CHANGE_CIPHER_CLIENT_WRITE))
  403:                                 {
  404:                                 ret= -1;
  405:                                 goto end;
  406:                                 }
  407: 
  408:                         break;
  409: 
  410:                 case SSL3_ST_CW_FINISHED_A:
  411:                 case SSL3_ST_CW_FINISHED_B:
  412:                         ret=ssl3_send_finished(s,
  413:                                 SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B,
  414:                                 s->method->ssl3_enc->client_finished_label,
  415:                                 s->method->ssl3_enc->client_finished_label_len);
  416:                         if (ret <= 0) goto end;
  417:                         s->state=SSL3_ST_CW_FLUSH;
  418: 
  419:                         /* clear flags */
  420:                         s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
  421:                         if (s->hit)
  422:                                 {
  423:                                 s->s3->tmp.next_state=SSL_ST_OK;
  424:                                 if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
  425:                                         {
  426:                                         s->state=SSL_ST_OK;
  427:                                         s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
  428:                                         s->s3->delay_buf_pop_ret=0;
  429:                                         }
  430:                                 }
  431:                         else
  432:                                 {
  433: #ifndef OPENSSL_NO_TLSEXT
  434:                                 /* Allow NewSessionTicket if ticket expected */
  435:                                 if (s->tlsext_ticket_expected)
  436:                                         s->s3->tmp.next_state=SSL3_ST_CR_SESSION_TICKET_A;
  437:                                 else
  438: #endif
  439:                                 
  440:                                 s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
  441:                                 }
  442:                         s->init_num=0;
  443:                         break;
  444: 
  445: #ifndef OPENSSL_NO_TLSEXT
  446:                 case SSL3_ST_CR_SESSION_TICKET_A:
  447:                 case SSL3_ST_CR_SESSION_TICKET_B:
  448:                         ret=ssl3_get_new_session_ticket(s);
  449:                         if (ret <= 0) goto end;
  450:                         s->state=SSL3_ST_CR_FINISHED_A;
  451:                         s->init_num=0;
  452:                 break;
  453: #endif
  454: 
  455:                 case SSL3_ST_CR_FINISHED_A:
  456:                 case SSL3_ST_CR_FINISHED_B:
  457: 
  458:                         ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
  459:                                 SSL3_ST_CR_FINISHED_B);
  460:                         if (ret <= 0) goto end;
  461: 
  462:                         if (s->hit)
  463:                                 s->state=SSL3_ST_CW_CHANGE_A;
  464:                         else
  465:                                 s->state=SSL_ST_OK;
  466:                         s->init_num=0;
  467:                         break;
  468: 
  469:                 case SSL3_ST_CW_FLUSH:
  470:                         /* number of bytes to be flushed */
  471:                         num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
  472:                         if (num1 > 0)
  473:                                 {
  474:                                 s->rwstate=SSL_WRITING;
  475:                                 num1=BIO_flush(s->wbio);
  476:                                 if (num1 <= 0) { ret= -1; goto end; }
  477:                                 s->rwstate=SSL_NOTHING;
  478:                                 }
  479: 
  480:                         s->state=s->s3->tmp.next_state;
  481:                         break;
  482: 
  483:                 case SSL_ST_OK:
  484:                         /* clean a few things up */
  485:                         ssl3_cleanup_key_block(s);
  486: 
  487:                         if (s->init_buf != NULL)
  488:                                 {
  489:                                 BUF_MEM_free(s->init_buf);
  490:                                 s->init_buf=NULL;
  491:                                 }
  492: 
  493:                         /* If we are not 'joining' the last two packets,
  494:                          * remove the buffering now */
  495:                         if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
  496:                                 ssl_free_wbio_buffer(s);
  497:                         /* else do it later in ssl3_write */
  498: 
  499:                         s->init_num=0;
  500:                         s->new_session=0;
  501: 
  502:                         ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
  503:                         if (s->hit) s->ctx->stats.sess_hit++;
  504: 
  505:                         ret=1;
  506:                         /* s->server=0; */
  507:                         s->handshake_func=ssl3_connect;
  508:                         s->ctx->stats.sess_connect_good++;
  509: 
  510:                         if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
  511: 
  512:                         goto end;
  513:                         /* break; */
  514:                         
  515:                 default:
  516:                         SSLerr(SSL_F_SSL3_CONNECT,SSL_R_UNKNOWN_STATE);
  517:                         ret= -1;
  518:                         goto end;
  519:                         /* break; */
  520:                         }
  521: 
  522:                 /* did we do anything */
  523:                 if (!s->s3->tmp.reuse_message && !skip)
  524:                         {
  525:                         if (s->debug)
  526:                                 {
  527:                                 if ((ret=BIO_flush(s->wbio)) <= 0)
  528:                                         goto end;
  529:                                 }
  530: 
  531:                         if ((cb != NULL) && (s->state != state))
  532:                                 {
  533:                                 new_state=s->state;
  534:                                 s->state=state;
  535:                                 cb(s,SSL_CB_CONNECT_LOOP,1);
  536:                                 s->state=new_state;
  537:                                 }
  538:                         }
  539:                 skip=0;
  540:                 }
  541: end:
  542:         s->in_handshake--;
  543:         if (buf != NULL)
  544:                 BUF_MEM_free(buf);
  545:         if (cb != NULL)
  546:                 cb(s,SSL_CB_CONNECT_EXIT,ret);
  547:         return(ret);
  548:         }
  549: 
  550: 
  551: int ssl3_client_hello(SSL *s)
  552:         {
  553:         unsigned char *buf;
  554:         unsigned char *p,*d;
  555:         int i;
  556:         unsigned long Time,l;
  557: #ifndef OPENSSL_NO_COMP
  558:         int