Move s->packet and s->packet_length into s->rlayer
Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell
@@ -193,8 +193,8 @@ static int dtls1_copy_record(SSL *s, pitem *item)
|
|||||||
|
|
||||||
SSL3_BUFFER_release(&s->rlayer.rbuf);
|
SSL3_BUFFER_release(&s->rlayer.rbuf);
|
||||||
|
|
||||||
s->packet = rdata->packet;
|
s->rlayer.packet = rdata->packet;
|
||||||
s->packet_length = rdata->packet_length;
|
s->rlayer.packet_length = rdata->packet_length;
|
||||||
memcpy(&s->rlayer.rbuf, &(rdata->rbuf), sizeof(SSL3_BUFFER));
|
memcpy(&s->rlayer.rbuf, &(rdata->rbuf), sizeof(SSL3_BUFFER));
|
||||||
memcpy(&s->rlayer.rrec, &(rdata->rrec), sizeof(SSL3_RECORD));
|
memcpy(&s->rlayer.rrec, &(rdata->rrec), sizeof(SSL3_RECORD));
|
||||||
|
|
||||||
@@ -226,8 +226,8 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
rdata->packet = s->packet;
|
rdata->packet = s->rlayer.packet;
|
||||||
rdata->packet_length = s->packet_length;
|
rdata->packet_length = s->rlayer.packet_length;
|
||||||
memcpy(&(rdata->rbuf), &s->rlayer.rbuf, sizeof(SSL3_BUFFER));
|
memcpy(&(rdata->rbuf), &s->rlayer.rbuf, sizeof(SSL3_BUFFER));
|
||||||
memcpy(&(rdata->rrec), &s->rlayer.rrec, sizeof(SSL3_RECORD));
|
memcpy(&(rdata->rrec), &s->rlayer.rrec, sizeof(SSL3_RECORD));
|
||||||
|
|
||||||
@@ -243,8 +243,8 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
s->packet = NULL;
|
s->rlayer.packet = NULL;
|
||||||
s->packet_length = 0;
|
s->rlayer.packet_length = 0;
|
||||||
memset(&s->rlayer.rbuf, 0, sizeof(SSL3_BUFFER));
|
memset(&s->rlayer.rbuf, 0, sizeof(SSL3_BUFFER));
|
||||||
memset(&s->rlayer.rrec, 0, sizeof(SSL3_RECORD));
|
memset(&s->rlayer.rrec, 0, sizeof(SSL3_RECORD));
|
||||||
|
|
||||||
|
|||||||
@@ -148,6 +148,11 @@ typedef struct record_layer_st {
|
|||||||
SSL3_RECORD rrec;
|
SSL3_RECORD rrec;
|
||||||
/* goes out from here */
|
/* goes out from here */
|
||||||
SSL3_RECORD wrec;
|
SSL3_RECORD wrec;
|
||||||
|
|
||||||
|
/* used internally to point at a raw packet */
|
||||||
|
unsigned char *packet;
|
||||||
|
unsigned int packet_length;
|
||||||
|
|
||||||
} RECORD_LAYER;
|
} RECORD_LAYER;
|
||||||
|
|
||||||
|
|
||||||
@@ -161,6 +166,9 @@ typedef struct record_layer_st {
|
|||||||
#define RECORD_LAYER_set_read_ahead(rl, ra) ((rl)->read_ahead = (ra))
|
#define RECORD_LAYER_set_read_ahead(rl, ra) ((rl)->read_ahead = (ra))
|
||||||
#define RECORD_LAYER_get_read_ahead(rl) ((rl)->read_ahead)
|
#define RECORD_LAYER_get_read_ahead(rl) ((rl)->read_ahead)
|
||||||
#define RECORD_LAYER_setup_comp_buffer(rl) (SSL3_RECORD_setup(&(rl)->rrec))
|
#define RECORD_LAYER_setup_comp_buffer(rl) (SSL3_RECORD_setup(&(rl)->rrec))
|
||||||
|
#define RECORD_LAYER_get_packet(rl) ((rl)->packet)
|
||||||
|
#define RECORD_LAYER_get_packet_length(rl) ((rl)->packet_length)
|
||||||
|
#define RECORD_LAYER_add_packet_length(rl, inc) ((rl)->packet_length += (inc))
|
||||||
|
|
||||||
void RECORD_LAYER_init(RECORD_LAYER *rl, SSL *s);
|
void RECORD_LAYER_init(RECORD_LAYER *rl, SSL *s);
|
||||||
void RECORD_LAYER_clear(RECORD_LAYER *rl);
|
void RECORD_LAYER_clear(RECORD_LAYER *rl);
|
||||||
@@ -193,6 +201,8 @@ void dtls1_reset_seq_numbers(SSL *s, int rw);
|
|||||||
#define RECORD_LAYER_get_wbuf(rl) (&(rl)->wbuf)
|
#define RECORD_LAYER_get_wbuf(rl) (&(rl)->wbuf)
|
||||||
#define RECORD_LAYER_get_rrec(rl) (&(rl)->rrec)
|
#define RECORD_LAYER_get_rrec(rl) (&(rl)->rrec)
|
||||||
#define RECORD_LAYER_get_wrec(rl) (&(rl)->wrec)
|
#define RECORD_LAYER_get_wrec(rl) (&(rl)->wrec)
|
||||||
|
#define RECORD_LAYER_set_packet(rl, p) ((rl)->packet = (p))
|
||||||
|
#define RECORD_LAYER_reset_packet_length(rl) ((rl)->packet_length = 0)
|
||||||
|
|
||||||
__owur int ssl3_read_n(SSL *s, int n, int max, int extend);
|
__owur int ssl3_read_n(SSL *s, int n, int max, int extend);
|
||||||
__owur int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
|
__owur int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
|
||||||
|
|||||||
@@ -94,19 +94,20 @@ int ssl23_read_bytes(SSL *s, int n)
|
|||||||
unsigned char *p;
|
unsigned char *p;
|
||||||
int j;
|
int j;
|
||||||
|
|
||||||
if (s->packet_length < (unsigned int)n) {
|
if (RECORD_LAYER_get_packet_length(&s->rlayer) < (unsigned int)n) {
|
||||||
p = s->packet;
|
p = RECORD_LAYER_get_packet(&s->rlayer);
|
||||||
|
|
||||||
for (;;) {
|
for (;;) {
|
||||||
s->rwstate = SSL_READING;
|
s->rwstate = SSL_READING;
|
||||||
j = BIO_read(s->rbio, (char *)&(p[s->packet_length]),
|
j = BIO_read(s->rbio,
|
||||||
n - s->packet_length);
|
(char *)&(p[RECORD_LAYER_get_packet_length(&s->rlayer)]),
|
||||||
|
n - RECORD_LAYER_get_packet_length(&s->rlayer));
|
||||||
if (j <= 0)
|
if (j <= 0)
|
||||||
return (j);
|
return (j);
|
||||||
s->rwstate = SSL_NOTHING;
|
s->rwstate = SSL_NOTHING;
|
||||||
s->packet_length += j;
|
RECORD_LAYER_add_packet_length(&s->rlayer, j);
|
||||||
if (s->packet_length >= (unsigned int)n)
|
if (RECORD_LAYER_get_packet_length(&s->rlayer) >= (unsigned int)n)
|
||||||
return (s->packet_length);
|
return (RECORD_LAYER_get_packet_length(&s->rlayer));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return (n);
|
return (n);
|
||||||
|
|||||||
@@ -187,7 +187,7 @@ int RECORD_LAYER_write_pending(RECORD_LAYER *rl)
|
|||||||
|
|
||||||
int RECORD_LAYER_set_data(RECORD_LAYER *rl, const unsigned char *buf, int len)
|
int RECORD_LAYER_set_data(RECORD_LAYER *rl, const unsigned char *buf, int len)
|
||||||
{
|
{
|
||||||
rl->s->packet_length = len;
|
rl->packet_length = len;
|
||||||
if(len != 0) {
|
if(len != 0) {
|
||||||
rl->s->rstate = SSL_ST_READ_HEADER;
|
rl->s->rstate = SSL_ST_READ_HEADER;
|
||||||
if (!SSL3_BUFFER_is_initialised(&rl->rbuf))
|
if (!SSL3_BUFFER_is_initialised(&rl->rbuf))
|
||||||
@@ -195,7 +195,7 @@ int RECORD_LAYER_set_data(RECORD_LAYER *rl, const unsigned char *buf, int len)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
rl->s->packet = SSL3_BUFFER_get_buf(&rl->rbuf);
|
rl->packet = SSL3_BUFFER_get_buf(&rl->rbuf);
|
||||||
SSL3_BUFFER_set_data(&rl->rbuf, buf, len);
|
SSL3_BUFFER_set_data(&rl->rbuf, buf, len);
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
@@ -261,8 +261,8 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
|
|||||||
rb->offset = align;
|
rb->offset = align;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
s->packet = rb->buf + rb->offset;
|
s->rlayer.packet = rb->buf + rb->offset;
|
||||||
s->packet_length = 0;
|
s->rlayer.packet_length = 0;
|
||||||
/* ... now we can act as if 'extend' was set */
|
/* ... now we can act as if 'extend' was set */
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -280,7 +280,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
|
|||||||
|
|
||||||
/* if there is enough in the buffer from a previous read, take some */
|
/* if there is enough in the buffer from a previous read, take some */
|
||||||
if (left >= n) {
|
if (left >= n) {
|
||||||
s->packet_length += n;
|
s->rlayer.packet_length += n;
|
||||||
rb->left = left - n;
|
rb->left = left - n;
|
||||||
rb->offset += n;
|
rb->offset += n;
|
||||||
return (n);
|
return (n);
|
||||||
@@ -288,15 +288,15 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
|
|||||||
|
|
||||||
/* else we need to read more data */
|
/* else we need to read more data */
|
||||||
|
|
||||||
len = s->packet_length;
|
len = s->rlayer.packet_length;
|
||||||
pkt = rb->buf + align;
|
pkt = rb->buf + align;
|
||||||
/*
|
/*
|
||||||
* Move any available bytes to front of buffer: 'len' bytes already
|
* Move any available bytes to front of buffer: 'len' bytes already
|
||||||
* pointed to by 'packet', 'left' extra ones at the end
|
* pointed to by 'packet', 'left' extra ones at the end
|
||||||
*/
|
*/
|
||||||
if (s->packet != pkt) { /* len > 0 */
|
if (s->rlayer.packet != pkt) { /* len > 0 */
|
||||||
memmove(pkt, s->packet, len + left);
|
memmove(pkt, s->rlayer.packet, len + left);
|
||||||
s->packet = pkt;
|
s->rlayer.packet = pkt;
|
||||||
rb->offset = len + align;
|
rb->offset = len + align;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -354,7 +354,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
|
|||||||
/* done reading, now the book-keeping */
|
/* done reading, now the book-keeping */
|
||||||
rb->offset += n;
|
rb->offset += n;
|
||||||
rb->left = left - n;
|
rb->left = left - n;
|
||||||
s->packet_length += n;
|
s->rlayer.packet_length += n;
|
||||||
s->rwstate = SSL_NOTHING;
|
s->rwstate = SSL_NOTHING;
|
||||||
return (n);
|
return (n);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -160,7 +160,7 @@ int ssl3_setup_read_buffer(SSL *s)
|
|||||||
b->len = len;
|
b->len = len;
|
||||||
}
|
}
|
||||||
|
|
||||||
s->packet = &(b->buf[0]);
|
RECORD_LAYER_set_packet(&s->rlayer, &(b->buf[0]));
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
err:
|
err:
|
||||||
|
|||||||
@@ -208,14 +208,14 @@ int ssl3_get_record(SSL *s)
|
|||||||
again:
|
again:
|
||||||
/* check if we have the header */
|
/* check if we have the header */
|
||||||
if ((s->rstate != SSL_ST_READ_BODY) ||
|
if ((s->rstate != SSL_ST_READ_BODY) ||
|
||||||
(s->packet_length < SSL3_RT_HEADER_LENGTH)) {
|
(RECORD_LAYER_get_packet_length(&s->rlayer) < SSL3_RT_HEADER_LENGTH)) {
|
||||||
n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH,
|
n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH,
|
||||||
SSL3_BUFFER_get_len(&s->rlayer.rbuf), 0);
|
SSL3_BUFFER_get_len(&s->rlayer.rbuf), 0);
|
||||||
if (n <= 0)
|
if (n <= 0)
|
||||||
return (n); /* error or non-blocking */
|
return (n); /* error or non-blocking */
|
||||||
s->rstate = SSL_ST_READ_BODY;
|
s->rstate = SSL_ST_READ_BODY;
|
||||||
|
|
||||||
p = s->packet;
|
p = RECORD_LAYER_get_packet(&s->rlayer);
|
||||||
if (s->msg_callback)
|
if (s->msg_callback)
|
||||||
s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s,
|
s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s,
|
||||||
s->msg_callback_arg);
|
s->msg_callback_arg);
|
||||||
@@ -260,7 +260,8 @@ int ssl3_get_record(SSL *s)
|
|||||||
|
|
||||||
/* s->rstate == SSL_ST_READ_BODY, get and decode the data */
|
/* s->rstate == SSL_ST_READ_BODY, get and decode the data */
|
||||||
|
|
||||||
if (rr->length > s->packet_length - SSL3_RT_HEADER_LENGTH) {
|
if (rr->length >
|
||||||
|
RECORD_LAYER_get_packet_length(&s->rlayer) - SSL3_RT_HEADER_LENGTH) {
|
||||||
/* now s->packet_length == SSL3_RT_HEADER_LENGTH */
|
/* now s->packet_length == SSL3_RT_HEADER_LENGTH */
|
||||||
i = rr->length;
|
i = rr->length;
|
||||||
n = ssl3_read_n(s, i, i, 1);
|
n = ssl3_read_n(s, i, i, 1);
|
||||||
@@ -278,7 +279,7 @@ int ssl3_get_record(SSL *s)
|
|||||||
* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
|
* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
|
||||||
* and we have that many bytes in s->packet
|
* and we have that many bytes in s->packet
|
||||||
*/
|
*/
|
||||||
rr->input = &(s->packet[SSL3_RT_HEADER_LENGTH]);
|
rr->input = &(RECORD_LAYER_get_packet(&s->rlayer)[SSL3_RT_HEADER_LENGTH]);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* ok, we can now read from 's->packet' data into 'rr' rr->input points
|
* ok, we can now read from 's->packet' data into 'rr' rr->input points
|
||||||
@@ -446,7 +447,7 @@ int ssl3_get_record(SSL *s)
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
/* we have pulled in a full packet so zero things */
|
/* we have pulled in a full packet so zero things */
|
||||||
s->packet_length = 0;
|
RECORD_LAYER_reset_packet_length(&s->rlayer);
|
||||||
|
|
||||||
/* just read a 0 length packet */
|
/* just read a 0 length packet */
|
||||||
if (rr->length == 0) {
|
if (rr->length == 0) {
|
||||||
@@ -1205,7 +1206,7 @@ int dtls1_process_record(SSL *s)
|
|||||||
* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
|
* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
|
||||||
* and we have that many bytes in s->packet
|
* and we have that many bytes in s->packet
|
||||||
*/
|
*/
|
||||||
rr->input = &(s->packet[DTLS1_RT_HEADER_LENGTH]);
|
rr->input = &(RECORD_LAYER_get_packet(&s->rlayer)[DTLS1_RT_HEADER_LENGTH]);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* ok, we can now read from 's->packet' data into 'rr' rr->input points
|
* ok, we can now read from 's->packet' data into 'rr' rr->input points
|
||||||
@@ -1240,7 +1241,7 @@ int dtls1_process_record(SSL *s)
|
|||||||
if (enc_err == 0) {
|
if (enc_err == 0) {
|
||||||
/* For DTLS we simply ignore bad packets. */
|
/* For DTLS we simply ignore bad packets. */
|
||||||
rr->length = 0;
|
rr->length = 0;
|
||||||
s->packet_length = 0;
|
RECORD_LAYER_reset_packet_length(&s->rlayer);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
#ifdef TLS_DEBUG
|
#ifdef TLS_DEBUG
|
||||||
@@ -1308,7 +1309,7 @@ int dtls1_process_record(SSL *s)
|
|||||||
if (enc_err < 0) {
|
if (enc_err < 0) {
|
||||||
/* decryption failed, silently discard message */
|
/* decryption failed, silently discard message */
|
||||||
rr->length = 0;
|
rr->length = 0;
|
||||||
s->packet_length = 0;
|
RECORD_LAYER_reset_packet_length(&s->rlayer);
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1344,7 +1345,7 @@ int dtls1_process_record(SSL *s)
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
/* we have pulled in a full packet so zero things */
|
/* we have pulled in a full packet so zero things */
|
||||||
s->packet_length = 0;
|
RECORD_LAYER_reset_packet_length(&s->rlayer);
|
||||||
return (1);
|
return (1);
|
||||||
|
|
||||||
f_err:
|
f_err:
|
||||||
@@ -1399,7 +1400,7 @@ int dtls1_get_record(SSL *s)
|
|||||||
again:
|
again:
|
||||||
/* check if we have the header */
|
/* check if we have the header */
|
||||||
if ((s->rstate != SSL_ST_READ_BODY) ||
|
if ((s->rstate != SSL_ST_READ_BODY) ||
|
||||||
(s->packet_length < DTLS1_RT_HEADER_LENGTH)) {
|
(RECORD_LAYER_get_packet_length(&s->rlayer) < DTLS1_RT_HEADER_LENGTH)) {
|
||||||
n = ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH,
|
n = ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH,
|
||||||
SSL3_BUFFER_get_len(&s->rlayer.rbuf), 0);
|
SSL3_BUFFER_get_len(&s->rlayer.rbuf), 0);
|
||||||
/* read timeout is handled by dtls1_read_bytes */
|
/* read timeout is handled by dtls1_read_bytes */
|
||||||
@@ -1407,14 +1408,14 @@ int dtls1_get_record(SSL *s)
|
|||||||
return (n); /* error or non-blocking */
|
return (n); /* error or non-blocking */
|
||||||
|
|
||||||
/* this packet contained a partial record, dump it */
|
/* this packet contained a partial record, dump it */
|
||||||
if (s->packet_length != DTLS1_RT_HEADER_LENGTH) {
|
if (RECORD_LAYER_get_packet_length(&s->rlayer) != DTLS1_RT_HEADER_LENGTH) {
|
||||||
s->packet_length = 0;
|
RECORD_LAYER_reset_packet_length(&s->rlayer);
|
||||||
goto again;
|
goto again;
|
||||||
}
|
}
|
||||||
|
|
||||||
s->rstate = SSL_ST_READ_BODY;
|
s->rstate = SSL_ST_READ_BODY;
|
||||||
|
|
||||||
p = s->packet;
|
p = RECORD_LAYER_get_packet(&s->rlayer);
|
||||||
|
|
||||||
if (s->msg_callback)
|
if (s->msg_callback)
|
||||||
s->msg_callback(0, 0, SSL3_RT_HEADER, p, DTLS1_RT_HEADER_LENGTH,
|
s->msg_callback(0, 0, SSL3_RT_HEADER, p, DTLS1_RT_HEADER_LENGTH,
|
||||||
@@ -1439,7 +1440,7 @@ int dtls1_get_record(SSL *s)
|
|||||||
if (version != s->version) {
|
if (version != s->version) {
|
||||||
/* unexpected version, silently discard */
|
/* unexpected version, silently discard */
|
||||||
rr->length = 0;
|
rr->length = 0;
|
||||||
s->packet_length = 0;
|
RECORD_LAYER_reset_packet_length(&s->rlayer);
|
||||||
goto again;
|
goto again;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -1447,14 +1448,14 @@ int dtls1_get_record(SSL *s)
|
|||||||
if ((version & 0xff00) != (s->version & 0xff00)) {
|
if ((version & 0xff00) != (s->version & 0xff00)) {
|
||||||
/* wrong version, silently discard record */
|
/* wrong version, silently discard record */
|
||||||
rr->length = 0;
|
rr->length = 0;
|
||||||
s->packet_length = 0;
|
RECORD_LAYER_reset_packet_length(&s->rlayer);
|
||||||
goto again;
|
goto again;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
|
if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
|
||||||
/* record too long, silently discard it */
|
/* record too long, silently discard it */
|
||||||
rr->length = 0;
|
rr->length = 0;
|
||||||
s->packet_length = 0;
|
RECORD_LAYER_reset_packet_length(&s->rlayer);
|
||||||
goto again;
|
goto again;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1463,14 +1464,15 @@ int dtls1_get_record(SSL *s)
|
|||||||
|
|
||||||
/* s->rstate == SSL_ST_READ_BODY, get and decode the data */
|
/* s->rstate == SSL_ST_READ_BODY, get and decode the data */
|
||||||
|
|
||||||
if (rr->length > s->packet_length - DTLS1_RT_HEADER_LENGTH) {
|
if (rr->length >
|
||||||
|
RECORD_LAYER_get_packet_length(&s->rlayer) - DTLS1_RT_HEADER_LENGTH) {
|
||||||
/* now s->packet_length == DTLS1_RT_HEADER_LENGTH */
|
/* now s->packet_length == DTLS1_RT_HEADER_LENGTH */
|
||||||
i = rr->length;
|
i = rr->length;
|
||||||
n = ssl3_read_n(s, i, i, 1);
|
n = ssl3_read_n(s, i, i, 1);
|
||||||
/* this packet contained a partial record, dump it */
|
/* this packet contained a partial record, dump it */
|
||||||
if (n != i) {
|
if (n != i) {
|
||||||
rr->length = 0;
|
rr->length = 0;
|
||||||
s->packet_length = 0;
|
RECORD_LAYER_reset_packet_length(&s->rlayer);
|
||||||
goto again;
|
goto again;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1485,7 +1487,7 @@ int dtls1_get_record(SSL *s)
|
|||||||
bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
|
bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
|
||||||
if (bitmap == NULL) {
|
if (bitmap == NULL) {
|
||||||
rr->length = 0;
|
rr->length = 0;
|
||||||
s->packet_length = 0; /* dump this record */
|
RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */
|
||||||
goto again; /* get another record */
|
goto again; /* get another record */
|
||||||
}
|
}
|
||||||
#ifndef OPENSSL_NO_SCTP
|
#ifndef OPENSSL_NO_SCTP
|
||||||
@@ -1499,11 +1501,13 @@ int dtls1_get_record(SSL *s)
|
|||||||
* connections and would be dropped unnecessarily.
|
* connections and would be dropped unnecessarily.
|
||||||
*/
|
*/
|
||||||
if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
|
if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
|
||||||
s->packet_length > DTLS1_RT_HEADER_LENGTH &&
|
RECORD_LAYER_get_packet_length(&s->rlayer)
|
||||||
s->packet[DTLS1_RT_HEADER_LENGTH] == SSL3_MT_CLIENT_HELLO) &&
|
> DTLS1_RT_HEADER_LENGTH &&
|
||||||
|
RECORD_LAYER_get_packet(&s->rlayer)[DTLS1_RT_HEADER_LENGTH]
|
||||||
|
== SSL3_MT_CLIENT_HELLO) &&
|
||||||
!dtls1_record_replay_check(s, bitmap)) {
|
!dtls1_record_replay_check(s, bitmap)) {
|
||||||
rr->length = 0;
|
rr->length = 0;
|
||||||
s->packet_length = 0; /* dump this record */
|
RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */
|
||||||
goto again; /* get another record */
|
goto again; /* get another record */
|
||||||
}
|
}
|
||||||
#ifndef OPENSSL_NO_SCTP
|
#ifndef OPENSSL_NO_SCTP
|
||||||
@@ -1529,13 +1533,13 @@ int dtls1_get_record(SSL *s)
|
|||||||
dtls1_record_bitmap_update(s, bitmap);
|
dtls1_record_bitmap_update(s, bitmap);
|
||||||
}
|
}
|
||||||
rr->length = 0;
|
rr->length = 0;
|
||||||
s->packet_length = 0;
|
RECORD_LAYER_reset_packet_length(&s->rlayer);
|
||||||
goto again;
|
goto again;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!dtls1_process_record(s)) {
|
if (!dtls1_process_record(s)) {
|
||||||
rr->length = 0;
|
rr->length = 0;
|
||||||
s->packet_length = 0; /* dump this record */
|
RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */
|
||||||
goto again; /* get another record */
|
goto again; /* get another record */
|
||||||
}
|
}
|
||||||
dtls1_record_bitmap_update(s, bitmap); /* Mark receipt of record. */
|
dtls1_record_bitmap_update(s, bitmap); /* Mark receipt of record. */
|
||||||
|
|||||||
@@ -490,7 +490,7 @@ static int ssl23_get_server_hello(SSL *s)
|
|||||||
|
|
||||||
if (n != 7)
|
if (n != 7)
|
||||||
return (n);
|
return (n);
|
||||||
p = s->packet;
|
p = RECORD_LAYER_get_packet(&s->rlayer);
|
||||||
|
|
||||||
memcpy(buf, p, n);
|
memcpy(buf, p, n);
|
||||||
|
|
||||||
|
|||||||
@@ -264,7 +264,7 @@ int ssl23_get_client_hello(SSL *s)
|
|||||||
if (n != sizeof buf_space)
|
if (n != sizeof buf_space)
|
||||||
return (n); /* n == -1 || n == 0 */
|
return (n); /* n == -1 || n == 0 */
|
||||||
|
|
||||||
p = s->packet;
|
p = RECORD_LAYER_get_packet(&s->rlayer);
|
||||||
|
|
||||||
memcpy(buf, p, n);
|
memcpy(buf, p, n);
|
||||||
|
|
||||||
@@ -415,7 +415,7 @@ int ssl23_get_client_hello(SSL *s)
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
type = 2;
|
type = 2;
|
||||||
p = s->packet;
|
p = RECORD_LAYER_get_packet(&s->rlayer);
|
||||||
v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
|
v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
|
||||||
v[1] = p[4];
|
v[1] = p[4];
|
||||||
|
|
||||||
@@ -451,27 +451,32 @@ int ssl23_get_client_hello(SSL *s)
|
|||||||
if (j <= 0)
|
if (j <= 0)
|
||||||
return (j);
|
return (j);
|
||||||
|
|
||||||
ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2);
|
ssl3_finish_mac(s, RECORD_LAYER_get_packet(&s->rlayer) + 2,
|
||||||
|
RECORD_LAYER_get_packet_length(&s->rlayer) - 2);
|
||||||
|
|
||||||
/* CLIENT-HELLO */
|
/* CLIENT-HELLO */
|
||||||
if (s->msg_callback)
|
if (s->msg_callback)
|
||||||
s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2,
|
s->msg_callback(0, SSL2_VERSION, 0,
|
||||||
s->packet_length - 2, s, s->msg_callback_arg);
|
RECORD_LAYER_get_packet(&s->rlayer) + 2,
|
||||||
|
RECORD_LAYER_get_packet_length(&s->rlayer) - 2, s,
|
||||||
|
s->msg_callback_arg);
|
||||||
|
|
||||||
p = s->packet;
|
p = RECORD_LAYER_get_packet(&s->rlayer);
|
||||||
p += 5;
|
p += 5;
|
||||||
n2s(p, csl);
|
n2s(p, csl);
|
||||||
n2s(p, sil);
|
n2s(p, sil);
|
||||||
n2s(p, cl);
|
n2s(p, cl);
|
||||||
d = (unsigned char *)s->init_buf->data;
|
d = (unsigned char *)s->init_buf->data;
|
||||||
if ((csl + sil + cl + 11) != s->packet_length) { /* We can't have TLS
|
if ((csl + sil + cl + 11)
|
||||||
* extensions in SSL
|
!= RECORD_LAYER_get_packet_length(&s->rlayer)) {
|
||||||
* 2.0 format *
|
/* We can't have TLS
|
||||||
* Client Hello, can
|
* extensions in SSL
|
||||||
* we? Error
|
* 2.0 format *
|
||||||
* condition should
|
* Client Hello, can
|
||||||
* be * '>'
|
* we? Error
|
||||||
* otherweise */
|
* condition should
|
||||||
|
* be * '>'
|
||||||
|
* otherweise */
|
||||||
SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
|
SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,
|
||||||
SSL_R_RECORD_LENGTH_MISMATCH);
|
SSL_R_RECORD_LENGTH_MISMATCH);
|
||||||
goto err;
|
goto err;
|
||||||
|
|||||||
@@ -3183,7 +3183,6 @@ void ssl3_clear(SSL *s)
|
|||||||
|
|
||||||
ssl_free_wbio_buffer(s);
|
ssl_free_wbio_buffer(s);
|
||||||
|
|
||||||
s->packet_length = 0;
|
|
||||||
s->s3->renegotiate = 0;
|
s->s3->renegotiate = 0;
|
||||||
s->s3->total_renegotiations = 0;
|
s->s3->total_renegotiations = 0;
|
||||||
s->s3->num_renegotiations = 0;
|
s->s3->num_renegotiations = 0;
|
||||||
|
|||||||
@@ -1029,9 +1029,7 @@ struct ssl_st {
|
|||||||
* ssl3_get_message() */
|
* ssl3_get_message() */
|
||||||
int init_num; /* amount read/written */
|
int init_num; /* amount read/written */
|
||||||
int init_off; /* amount read/written */
|
int init_off; /* amount read/written */
|
||||||
/* used internally to point at a raw packet */
|
|
||||||
unsigned char *packet;
|
|
||||||
unsigned int packet_length;
|
|
||||||
struct ssl3_state_st *s3; /* SSLv3 variables */
|
struct ssl3_state_st *s3; /* SSLv3 variables */
|
||||||
struct dtls1_state_st *d1; /* DTLSv1 variables */
|
struct dtls1_state_st *d1; /* DTLSv1 variables */
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user