Cross Reference: /freebsd-10.2-release/crypto/openssl/ssl/d1

Deleted Added

sdiff udiff text old ( 205128 ) new ( 215697 )

full compact

d1_both.c (205128)	d1_both.c (215697)
1/* ssl/d1_both.c / 2/ 3 * DTLS implementation written by Nagendra Modadugu 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 5 / 6/ ==================================================================== 7 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. 8 * --- 109 unchanged lines hidden (view full) --- 118#include <stdio.h> 119#include "ssl_locl.h" 120#include <openssl/buffer.h> 121#include <openssl/rand.h> 122#include <openssl/objects.h> 123#include <openssl/evp.h> 124#include <openssl/x509.h> 125	1/* ssl/d1_both.c / 2/ 3 * DTLS implementation written by Nagendra Modadugu 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 5 / 6/ ==================================================================== 7 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. 8 * --- 109 unchanged lines hidden (view full) --- 118#include <stdio.h> 119#include "ssl_locl.h" 120#include <openssl/buffer.h> 121#include <openssl/rand.h> 122#include <openssl/objects.h> 123#include <openssl/evp.h> 124#include <openssl/x509.h> 125
	126#define RSMBLY_BITMASK_SIZE(msg_len) (((msg_len) + 7) / 8)
126	127
	128#define RSMBLY_BITMASK_MARK(bitmask, start, end) { \ 129 if ((end) - (start) <= 8) { \ 130 long ii; \ 131 for (ii = (start); ii < (end); ii++) bitmask[((ii) >> 3)] \|= (1 << ((ii) & 7)); \ 132 } else { \ 133 long ii; \ 134 bitmask[((start) >> 3)] \|= bitmask_start_values[((start) & 7)]; \ 135 for (ii = (((start) >> 3) + 1); ii < ((((end) - 1)) >> 3); ii++) bitmask[ii] = 0xff; \ 136 bitmask[(((end) - 1) >> 3)] \|= bitmask_end_values[((end) & 7)]; \ 137 } } 138 139#define RSMBLY_BITMASK_IS_COMPLETE(bitmask, msg_len, is_complete) { \ 140 long ii; \ 141 OPENSSL_assert((msg_len) > 0); \ 142 is_complete = 1; \ 143 if (bitmask[(((msg_len) - 1) >> 3)] != bitmask_end_values[((msg_len) & 7)]) is_complete = 0; \ 144 if (is_complete) for (ii = (((msg_len) - 1) >> 3) - 1; ii >= 0 ; ii--) \ 145 if (bitmask[ii] != 0xff) { is_complete = 0; break; } } 146 147#if 0 148#define RSMBLY_BITMASK_PRINT(bitmask, msg_len) { \ 149 long ii; \ 150 printf("bitmask: "); for (ii = 0; ii < (msg_len); ii++) \ 151 printf("%d ", (bitmask[ii >> 3] & (1 << (ii & 7))) >> (ii & 7)); \ 152 printf("\n"); } 153#endif 154 155static unsigned char bitmask_start_values[] = {0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe0, 0xc0, 0x80}; 156static unsigned char bitmask_end_values[] = {0x00, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f}; 157
127/* XDTLS: figure out the right values / 128static unsigned int g_probable_mtu[] = {1500 - 28, 512 - 28, 256 - 28}; 129* 130static unsigned int dtls1_min_mtu(void); 131static unsigned int dtls1_guess_mtu(unsigned int curr_mtu); 132static void dtls1_fix_message_header(SSL s, unsigned long frag_off, 133* unsigned long frag_len); 134static unsigned char dtls1_write_message_header(SSL s, 135 unsigned char p); 136static void dtls1_set_message_header_int(SSL s, unsigned char mt, 137 unsigned long len, unsigned short seq_num, unsigned long frag_off, 138 unsigned long frag_len); 139static long dtls1_get_message_fragment(SSL s, int st1, int stn, 140* long max, int ok); 141* 142static hm_fragment *	158/* XDTLS: figure out the right values / 159static unsigned int g_probable_mtu[] = {1500 - 28, 512 - 28, 256 - 28}; 160* 161static unsigned int dtls1_min_mtu(void); 162static unsigned int dtls1_guess_mtu(unsigned int curr_mtu); 163static void dtls1_fix_message_header(SSL s, unsigned long frag_off, 164* unsigned long frag_len); 165static unsigned char dtls1_write_message_header(SSL s, 166 unsigned char p); 167static void dtls1_set_message_header_int(SSL s, unsigned char mt, 168 unsigned long len, unsigned short seq_num, unsigned long frag_off, 169 unsigned long frag_len); 170static long dtls1_get_message_fragment(SSL s, int st1, int stn, 171* long max, int ok); 172* 173static hm_fragment *
143dtls1_hm_fragment_new(unsigned long frag_len)	174dtls1_hm_fragment_new(unsigned long frag_len, int reassembly)
144 { 145 hm_fragment frag = NULL; 146* unsigned char *buf = NULL;	175 { 176 hm_fragment frag = NULL; 177* unsigned char *buf = NULL;
	178 unsigned char *bitmask = NULL;
147 148 frag = (hm_fragment )OPENSSL_malloc(sizeof(hm_fragment)); 149* if ( frag == NULL) 150 return NULL; 151 152 if (frag_len) 153 { 154 buf = (unsigned char )OPENSSL_malloc(frag_len); 155* if ( buf == NULL) 156 { 157 OPENSSL_free(frag); 158 return NULL; 159 } 160 } 161 162 /* zero length fragment gets zero frag->fragment / 163* frag->fragment = buf; 164	179 180 frag = (hm_fragment )OPENSSL_malloc(sizeof(hm_fragment)); 181* if ( frag == NULL) 182 return NULL; 183 184 if (frag_len) 185 { 186 buf = (unsigned char )OPENSSL_malloc(frag_len); 187* if ( buf == NULL) 188 { 189 OPENSSL_free(frag); 190 return NULL; 191 } 192 } 193 194 /* zero length fragment gets zero frag->fragment / 195* frag->fragment = buf; 196
	197 /* Initialize reassembly bitmask if necessary / 198* if (reassembly) 199 { 200 bitmask = (unsigned char )OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len)); 201* if (bitmask == NULL) 202 { 203 if (buf != NULL) OPENSSL_free(buf); 204 OPENSSL_free(frag); 205 return NULL; 206 } 207 memset(bitmask, 0, RSMBLY_BITMASK_SIZE(frag_len)); 208 } 209 210 frag->reassembly = bitmask; 211
165 return frag; 166 } 167 168static void 169dtls1_hm_fragment_free(hm_fragment frag) 170* { 171 if (frag->fragment) OPENSSL_free(frag->fragment);	212 return frag; 213 } 214 215static void 216dtls1_hm_fragment_free(hm_fragment frag) 217* { 218 if (frag->fragment) OPENSSL_free(frag->fragment);
	219 if (frag->reassembly) OPENSSL_free(frag->reassembly);
172 OPENSSL_free(frag); 173 } 174 175/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) / 176int dtls1_do_write(SSL s, int type) 177 { 178 int ret; 179 int curr_mtu; --- 178 unchanged lines hidden (view full) --- 358 * maximum acceptable body length 'max'. 359 * Read an entire handshake message. Handshake messages arrive in 360 * fragments. 361 / 362long dtls1_get_message(SSL s, int st1, int stn, int mt, long max, int ok) 363* { 364 int i, al; 365 struct hm_header_st *msg_hdr;	220 OPENSSL_free(frag); 221 } 222 223/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) / 224int dtls1_do_write(SSL s, int type) 225 { 226 int ret; 227 int curr_mtu; --- 178 unchanged lines hidden (view full) --- 406 * maximum acceptable body length 'max'. 407 * Read an entire handshake message. Handshake messages arrive in 408 * fragments. 409 / 410long dtls1_get_message(SSL s, int st1, int stn, int mt, long max, int ok) 411* { 412 int i, al; 413 struct hm_header_st *msg_hdr;
	414 unsigned char p; 415* unsigned long msg_len;
366 367 /* s3->tmp is used to store messages that are unexpected, caused 368 * by the absence of an optional handshake message / 369* if (s->s3->tmp.reuse_message) 370 { 371 s->s3->tmp.reuse_message=0; 372 if ((mt >= 0) && (s->s3->tmp.message_type != mt)) 373 { 374 al=SSL_AD_UNEXPECTED_MESSAGE; 375 SSLerr(SSL_F_DTLS1_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE); 376 goto f_err; 377 } 378 ok=1; 379* s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH; 380 s->init_num = (int)s->s3->tmp.message_size; 381 return s->init_num; 382 } 383 384 msg_hdr = &s->d1->r_msg_hdr;	416 417 /* s3->tmp is used to store messages that are unexpected, caused 418 * by the absence of an optional handshake message / 419* if (s->s3->tmp.reuse_message) 420 { 421 s->s3->tmp.reuse_message=0; 422 if ((mt >= 0) && (s->s3->tmp.message_type != mt)) 423 { 424 al=SSL_AD_UNEXPECTED_MESSAGE; 425 SSLerr(SSL_F_DTLS1_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE); 426 goto f_err; 427 } 428 ok=1; 429* s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH; 430 s->init_num = (int)s->s3->tmp.message_size; 431 return s->init_num; 432 } 433 434 msg_hdr = &s->d1->r_msg_hdr;
385 do 386 { 387 if ( msg_hdr->frag_off == 0) 388 { 389 /* s->d1->r_message_header.msg_len = 0; / 390* memset(msg_hdr, 0x00, sizeof(struct hm_header_st)); 391 }	435 memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
392	436
393 i = dtls1_get_message_fragment(s, st1, stn, max, ok); 394 if ( i == DTLS1_HM_BAD_FRAGMENT \|\| 395 i == DTLS1_HM_FRAGMENT_RETRY) /* bad fragment received / 396* continue; 397 else if ( i <= 0 && !ok) 398* return i;	437again: 438 i = dtls1_get_message_fragment(s, st1, stn, max, ok); 439 if ( i == DTLS1_HM_BAD_FRAGMENT \|\| 440 i == DTLS1_HM_FRAGMENT_RETRY) /* bad fragment received / 441* goto again; 442 else if ( i <= 0 && !ok) 443* return i;
399	444
400 /* Note that s->init_sum is used as a counter summing 401 * up fragments' lengths: as soon as they sum up to 402 * handshake packet length, we assume we have got all 403 * the fragments. Overlapping fragments would cause 404 * premature termination, so we don't expect overlaps. 405 * Well, handling overlaps would require something more 406 * drastic. Indeed, as it is now there is no way to 407 * tell if out-of-order fragment from the middle was 408 * the last. '>=' is the best/least we can do to control 409 * the potential damage caused by malformed overlaps. / 410* if ((unsigned int)s->init_num >= msg_hdr->msg_len) 411 { 412 unsigned char p = (unsigned char )s->init_buf->data; 413 unsigned long msg_len = msg_hdr->msg_len;	445 p = (unsigned char )s->init_buf->data; 446* msg_len = msg_hdr->msg_len;
414	447
415 /* reconstruct message header as if it was 416 * sent in single fragment / 417* (p++) = msg_hdr->type; 418* l2n3(msg_len,p); 419 s2n (msg_hdr->seq,p); 420 l2n3(0,p); 421 l2n3(msg_len,p); 422 if (s->client_version != DTLS1_BAD_VER) 423 p -= DTLS1_HM_HEADER_LENGTH, 424 msg_len += DTLS1_HM_HEADER_LENGTH;	448 /* reconstruct message header / 449* (p++) = msg_hdr->type; 450* l2n3(msg_len,p); 451 s2n (msg_hdr->seq,p); 452 l2n3(0,p); 453 l2n3(msg_len,p); 454 if (s->version != DTLS1_BAD_VER) { 455 p -= DTLS1_HM_HEADER_LENGTH; 456 msg_len += DTLS1_HM_HEADER_LENGTH; 457 }
425	458
426 ssl3_finish_mac(s, p, msg_len); 427 if (s->msg_callback) 428 s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, 429 p, msg_len, 430 s, s->msg_callback_arg);	459 ssl3_finish_mac(s, p, msg_len); 460 if (s->msg_callback) 461 s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, 462 p, msg_len, 463 s, s->msg_callback_arg);
431	464
432 memset(msg_hdr, 0x00, sizeof(struct hm_header_st));	465 memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
433	466
434 s->d1->handshake_read_seq++; 435 /* we just read a handshake message from the other side: 436 * this means that we don't need to retransmit of the 437 * buffered messages. 438 * XDTLS: may be able clear out this 439 * buffer a little sooner (i.e if an out-of-order 440 * handshake message/record is received at the record 441 * layer. 442 * XDTLS: exception is that the server needs to 443 * know that change cipher spec and finished messages 444 * have been received by the client before clearing this 445 * buffer. this can simply be done by waiting for the 446 * first data segment, but is there a better way? / 447* dtls1_clear_record_buffer(s);	467 s->d1->handshake_read_seq++; 468 /* we just read a handshake message from the other side: 469 * this means that we don't need to retransmit of the 470 * buffered messages. 471 * XDTLS: may be able clear out this 472 * buffer a little sooner (i.e if an out-of-order 473 * handshake message/record is received at the record 474 * layer. 475 * XDTLS: exception is that the server needs to 476 * know that change cipher spec and finished messages 477 * have been received by the client before clearing this 478 * buffer. this can simply be done by waiting for the 479 * first data segment, but is there a better way? / 480* dtls1_clear_record_buffer(s);
448	481
449 s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH; 450 return s->init_num; 451 } 452 else 453 msg_hdr->frag_off = i; 454 } while(1) ;	482 s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH; 483 return s->init_num;
455 456f_err: 457 ssl3_send_alert(s,SSL3_AL_FATAL,al); 458 ok = 0; 459* return -1; 460 } 461 462 --- 59 unchanged lines hidden (view full) --- 522 int al; 523 524 ok = 0; 525* item = pqueue_peek(s->d1->buffered_messages); 526 if ( item == NULL) 527 return 0; 528 529 frag = (hm_fragment *)item->data;	484 485f_err: 486 ssl3_send_alert(s,SSL3_AL_FATAL,al); 487 ok = 0; 488* return -1; 489 } 490 491 --- 59 unchanged lines hidden (view full) --- 551 int al; 552 553 ok = 0; 554* item = pqueue_peek(s->d1->buffered_messages); 555 if ( item == NULL) 556 return 0; 557 558 frag = (hm_fragment *)item->data;
	559 560 /* Don't return if reassembly still in progress / 561* if (frag->reassembly != NULL) 562 return 0;
530 531 if ( s->d1->handshake_read_seq == frag->msg_header.seq) 532 { 533 unsigned long frag_len = frag->msg_header.frag_len; 534 pqueue_pop(s->d1->buffered_messages); 535 536 al=dtls1_preprocess_fragment(s,&frag->msg_header,max); 537 --- 19 unchanged lines hidden (view full) --- 557 return -1; 558 } 559 else 560 return 0; 561 } 562 563 564static int	563 564 if ( s->d1->handshake_read_seq == frag->msg_header.seq) 565 { 566 unsigned long frag_len = frag->msg_header.frag_len; 567 pqueue_pop(s->d1->buffered_messages); 568 569 al=dtls1_preprocess_fragment(s,&frag->msg_header,max); 570 --- 19 unchanged lines hidden (view full) --- 590 return -1; 591 } 592 else 593 return 0; 594 } 595 596 597static int
	598dtls1_reassemble_fragment(SSL s, struct hm_header_st msg_hdr, int ok) 599* { 600 hm_fragment frag = NULL; 601* pitem item = NULL; 602* int i = -1, is_complete; 603 PQ_64BIT seq64; 604 unsigned long frag_len = msg_hdr->frag_len, max_len; 605 606 if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len) 607 goto err; 608 609 /* Determine maximum allowed message size. Depends on (user set) 610 * maximum certificate length, but 16k is minimum. 611 / 612* if (DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH < s->max_cert_list) 613 max_len = s->max_cert_list; 614 else 615 max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH; 616 617 if ((msg_hdr->frag_off+frag_len) > max_len) 618 goto err; 619 620 /* Try to find item in queue / 621* pq_64bit_init(&seq64); 622 pq_64bit_assign_word(&seq64, msg_hdr->seq); 623 item = pqueue_find(s->d1->buffered_messages, seq64); 624 pq_64bit_free(&seq64); 625 626 if (item == NULL) 627 { 628 frag = dtls1_hm_fragment_new(msg_hdr->msg_len, 1); 629 if ( frag == NULL) 630 goto err; 631 memcpy(&(frag->msg_header), msg_hdr, sizeof(msg_hdr)); 632* frag->msg_header.frag_len = frag->msg_header.msg_len; 633 frag->msg_header.frag_off = 0; 634 } 635 else 636 frag = (hm_fragment) item->data; 637* 638 /* If message is already reassembled, this must be a 639 * retransmit and can be dropped. 640 / 641* if (frag->reassembly == NULL) 642 { 643 unsigned char devnull [256]; 644 645 while (frag_len) 646 { 647 i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE, 648 devnull, 649 frag_len>sizeof(devnull)?sizeof(devnull):frag_len,0); 650 if (i<=0) goto err; 651 frag_len -= i; 652 } 653 return DTLS1_HM_FRAGMENT_RETRY; 654 } 655 656 /* read the body of the fragment (header has already been read / 657* i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE, 658 frag->fragment + msg_hdr->frag_off,frag_len,0); 659 if (i<=0 \|\| (unsigned long)i!=frag_len) 660 goto err; 661 662 RSMBLY_BITMASK_MARK(frag->reassembly, (long)msg_hdr->frag_off, 663 (long)(msg_hdr->frag_off + frag_len)); 664 665 RSMBLY_BITMASK_IS_COMPLETE(frag->reassembly, (long)msg_hdr->msg_len, 666 is_complete); 667 668 if (is_complete) 669 { 670 OPENSSL_free(frag->reassembly); 671 frag->reassembly = NULL; 672 } 673 674 if (item == NULL) 675 { 676 pq_64bit_init(&seq64); 677 pq_64bit_assign_word(&seq64, msg_hdr->seq); 678 item = pitem_new(seq64, frag); 679 pq_64bit_free(&seq64); 680 681 if (item == NULL) 682 { 683 goto err; 684 i = -1; 685 } 686 687 pqueue_insert(s->d1->buffered_messages, item); 688 } 689 690 return DTLS1_HM_FRAGMENT_RETRY; 691 692err: 693 if (frag != NULL) dtls1_hm_fragment_free(frag); 694 if (item != NULL) OPENSSL_free(item); 695 ok = 0; 696* return i; 697 } 698 699 700static int
565dtls1_process_out_of_seq_message(SSL s, struct hm_header_st msg_hdr, int ok) 566{ 567* int i=-1; 568 hm_fragment frag = NULL; 569* pitem item = NULL; 570* PQ_64BIT seq64; 571 unsigned long frag_len = msg_hdr->frag_len; 572 573 if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len) 574 goto err; 575 576 /* Try to find item in queue, to prevent duplicate entries / 577* pq_64bit_init(&seq64); 578 pq_64bit_assign_word(&seq64, msg_hdr->seq); 579 item = pqueue_find(s->d1->buffered_messages, seq64); 580 pq_64bit_free(&seq64);	701dtls1_process_out_of_seq_message(SSL s, struct hm_header_st msg_hdr, int ok) 702{ 703* int i=-1; 704 hm_fragment frag = NULL; 705* pitem item = NULL; 706* PQ_64BIT seq64; 707 unsigned long frag_len = msg_hdr->frag_len; 708 709 if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len) 710 goto err; 711 712 /* Try to find item in queue, to prevent duplicate entries / 713* pq_64bit_init(&seq64); 714 pq_64bit_assign_word(&seq64, msg_hdr->seq); 715 item = pqueue_find(s->d1->buffered_messages, seq64); 716 pq_64bit_free(&seq64);
581	717 718 /* If we already have an entry and this one is a fragment, 719 * don't discard it and rather try to reassemble it. 720 / 721* if (item != NULL && frag_len < msg_hdr->msg_len) 722 item = NULL; 723
582 /* Discard the message if sequence number was already there, is 583 * too far in the future, already in the queue or if we received 584 * a FINISHED before the SERVER_HELLO, which then must be a stale 585 * retransmit. 586 / 587* if (msg_hdr->seq <= s->d1->handshake_read_seq \|\| 588 msg_hdr->seq > s->d1->handshake_read_seq + 10 \|\| item != NULL \|\| 589 (s->d1->handshake_read_seq == 0 && msg_hdr->type == SSL3_MT_FINISHED)) --- 4 unchanged lines hidden (view full) --- 594 { 595 i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE, 596 devnull, 597 frag_len>sizeof(devnull)?sizeof(devnull):frag_len,0); 598 if (i<=0) goto err; 599 frag_len -= i; 600 } 601 }	724 /* Discard the message if sequence number was already there, is 725 * too far in the future, already in the queue or if we received 726 * a FINISHED before the SERVER_HELLO, which then must be a stale 727 * retransmit. 728 / 729* if (msg_hdr->seq <= s->d1->handshake_read_seq \|\| 730 msg_hdr->seq > s->d1->handshake_read_seq + 10 \|\| item != NULL \|\| 731 (s->d1->handshake_read_seq == 0 && msg_hdr->type == SSL3_MT_FINISHED)) --- 4 unchanged lines hidden (view full) --- 736 { 737 i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE, 738 devnull, 739 frag_len>sizeof(devnull)?sizeof(devnull):frag_len,0); 740 if (i<=0) goto err; 741 frag_len -= i; 742 } 743 }
	744 else 745 { 746 if (frag_len && frag_len < msg_hdr->msg_len) 747 return dtls1_reassemble_fragment(s, msg_hdr, ok);
602	748
603 if (frag_len) 604 { 605 frag = dtls1_hm_fragment_new(frag_len);	749 frag = dtls1_hm_fragment_new(frag_len, 0);
606 if ( frag == NULL) 607 goto err; 608 609 memcpy(&(frag->msg_header), msg_hdr, sizeof(msg_hdr)); 610*	750 if ( frag == NULL) 751 goto err; 752 753 memcpy(&(frag->msg_header), msg_hdr, sizeof(msg_hdr)); 754*
611 /* read the body of the fragment (header has already been read) / 612* i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE, 613 frag->fragment,frag_len,0); 614 if (i<=0 \|\| (unsigned long)i!=frag_len) 615 goto err;	755 if (frag_len) 756 { 757 /* read the body of the fragment (header has already been read) / 758* i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE, 759 frag->fragment,frag_len,0); 760 if (i<=0 \|\| (unsigned long)i!=frag_len) 761 goto err; 762 }
616 617 pq_64bit_init(&seq64); 618 pq_64bit_assign_word(&seq64, msg_hdr->seq); 619 620 item = pitem_new(seq64, frag); 621 pq_64bit_free(&seq64); 622 if ( item == NULL) 623 goto err; 624 625 pqueue_insert(s->d1->buffered_messages, item);	763 764 pq_64bit_init(&seq64); 765 pq_64bit_assign_word(&seq64, msg_hdr->seq); 766 767 item = pitem_new(seq64, frag); 768 pq_64bit_free(&seq64); 769 if ( item == NULL) 770 goto err; 771 772 pqueue_insert(s->d1->buffered_messages, item);
626 }	773 }
627 628 return DTLS1_HM_FRAGMENT_RETRY; 629 630err: 631 if ( frag != NULL) dtls1_hm_fragment_free(frag); 632 if ( item != NULL) OPENSSL_free(item); 633 ok = 0; 634* return i; 635 } 636 637 638static long 639dtls1_get_message_fragment(SSL s, int st1, int stn, long max, int ok) 640 { 641 unsigned char wire[DTLS1_HM_HEADER_LENGTH];	774 775 return DTLS1_HM_FRAGMENT_RETRY; 776 777err: 778 if ( frag != NULL) dtls1_hm_fragment_free(frag); 779 if ( item != NULL) OPENSSL_free(item); 780 ok = 0; 781* return i; 782 } 783 784 785static long 786dtls1_get_message_fragment(SSL s, int st1, int stn, long max, int ok) 787 { 788 unsigned char wire[DTLS1_HM_HEADER_LENGTH];
642 unsigned long l, frag_off, frag_len;	789 unsigned long len, frag_off, frag_len;
643 int i,al; 644 struct hm_header_st msg_hdr; 645 646 /* see if we have the required fragment already / 647* if ((frag_len = dtls1_retrieve_buffered_fragment(s,max,ok)) \|\| ok) 648* {	790 int i,al; 791 struct hm_header_st msg_hdr; 792 793 /* see if we have the required fragment already / 794* if ((frag_len = dtls1_retrieve_buffered_fragment(s,max,ok)) \|\| ok) 795* {
649 if (*ok) s->init_num += frag_len;	796 if (*ok) s->init_num = frag_len;
650 return frag_len; 651 } 652 653 /* read handshake message header / 654* i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,wire, 655 DTLS1_HM_HEADER_LENGTH, 0); 656 if (i <= 0) /* nbio, or an error / 657* { --- 8 unchanged lines hidden (view full) --- 666 667 /* 668 * if this is a future (or stale) message it gets buffered 669 * (or dropped)--no further processing at this time 670 / 671* if ( msg_hdr.seq != s->d1->handshake_read_seq) 672 return dtls1_process_out_of_seq_message(s, &msg_hdr, ok); 673	797 return frag_len; 798 } 799 800 /* read handshake message header / 801* i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,wire, 802 DTLS1_HM_HEADER_LENGTH, 0); 803 if (i <= 0) /* nbio, or an error / 804* { --- 8 unchanged lines hidden (view full) --- 813 814 /* 815 * if this is a future (or stale) message it gets buffered 816 * (or dropped)--no further processing at this time 817 / 818* if ( msg_hdr.seq != s->d1->handshake_read_seq) 819 return dtls1_process_out_of_seq_message(s, &msg_hdr, ok); 820
674 l = msg_hdr.msg_len;	821 len = msg_hdr.msg_len;
675 frag_off = msg_hdr.frag_off; 676 frag_len = msg_hdr.frag_len; 677	822 frag_off = msg_hdr.frag_off; 823 frag_len = msg_hdr.frag_len; 824
	825 if (frag_len && frag_len < len) 826 return dtls1_reassemble_fragment(s, &msg_hdr, ok); 827
678 if (!s->server && s->d1->r_msg_hdr.frag_off == 0 && 679 wire[0] == SSL3_MT_HELLO_REQUEST) 680 { 681 /* The server may always send 'Hello Request' messages -- 682 * we are doing a handshake anyway now, so ignore them 683 * if their format is correct. Does not count for 684 * 'Finished' MAC. / 685* if (wire[1] == 0 && wire[2] == 0 && wire[3] == 0) --- 43 unchanged lines hidden (view full) --- 729 OPENSSL_assert(i == (int)frag_len); 730 731 ok = 1; 732* 733 /* Note that s->init_num is not used as current offset in 734 * s->init_buf->data, but as a counter summing up fragments' 735 * lengths: as soon as they sum up to handshake packet 736 * length, we assume we have got all the fragments. */	828 if (!s->server && s->d1->r_msg_hdr.frag_off == 0 && 829 wire[0] == SSL3_MT_HELLO_REQUEST) 830 { 831 /* The server may always send 'Hello Request' messages -- 832 * we are doing a handshake anyway now, so ignore them 833 * if their format is correct. Does not count for 834 * 'Finished' MAC. / 835* if (wire[1] == 0 && wire[2] == 0 && wire[3] == 0) --- 43 unchanged lines hidden (view full) --- 879 OPENSSL_assert(i == (int)frag_len); 880 881 ok = 1; 882* 883 /* Note that s->init_num is not used as current offset in 884 * s->init_buf->data, but as a counter summing up fragments' 885 * lengths: as soon as they sum up to handshake packet 886 * length, we assume we have got all the fragments. */
737 s->init_num += frag_len;	887 s->init_num = frag_len;
738 return frag_len; 739 740f_err: 741 ssl3_send_alert(s,SSL3_AL_FATAL,al); 742 s->init_num = 0; 743 744 ok=0; 745* return(-1); --- 137 unchanged lines hidden (view full) --- 883 884 if (!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,x,NULL)) 885 { 886 SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB); 887 return(0); 888 } 889 890 X509_verify_cert(&xs_ctx);	888 return frag_len; 889 890f_err: 891 ssl3_send_alert(s,SSL3_AL_FATAL,al); 892 s->init_num = 0; 893 894 ok=0; 895* return(-1); --- 137 unchanged lines hidden (view full) --- 1033 1034 if (!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,x,NULL)) 1035 { 1036 SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB); 1037 return(0); 1038 } 1039 1040 X509_verify_cert(&xs_ctx);
	1041 /* Don't leave errors in the queue / 1042* ERR_clear_error();
891 for (i=0; i < sk_X509_num(xs_ctx.chain); i++) 892 { 893 x = sk_X509_value(xs_ctx.chain, i); 894 895 if (!dtls1_add_cert_to_buf(buf, &l, x)) 896 { 897 X509_STORE_CTX_cleanup(&xs_ctx); 898 return 0; --- 106 unchanged lines hidden (view full) --- 1005 pitem item; 1006* hm_fragment frag; 1007* PQ_64BIT seq64; 1008 1009 /* this function is called immediately after a message has 1010 * been serialized / 1011* OPENSSL_assert(s->init_off == 0); 1012	1043 for (i=0; i < sk_X509_num(xs_ctx.chain); i++) 1044 { 1045 x = sk_X509_value(xs_ctx.chain, i); 1046 1047 if (!dtls1_add_cert_to_buf(buf, &l, x)) 1048 { 1049 X509_STORE_CTX_cleanup(&xs_ctx); 1050 return 0; --- 106 unchanged lines hidden (view full) --- 1157 pitem item; 1158* hm_fragment frag; 1159* PQ_64BIT seq64; 1160 1161 /* this function is called immediately after a message has 1162 * been serialized / 1163* OPENSSL_assert(s->init_off == 0); 1164
1013 frag = dtls1_hm_fragment_new(s->init_num);	1165 frag = dtls1_hm_fragment_new(s->init_num, 0);
1014 1015 memcpy(frag->fragment, s->init_buf->data, s->init_num); 1016 1017 if ( is_ccs) 1018 { 1019 OPENSSL_assert(s->d1->w_msg_hdr.msg_len + 1020 DTLS1_CCS_HEADER_LENGTH <= (unsigned int)s->init_num); 1021 } --- 249 unchanged lines hidden ---	1166 1167 memcpy(frag->fragment, s->init_buf->data, s->init_num); 1168 1169 if ( is_ccs) 1170 { 1171 OPENSSL_assert(s->d1->w_msg_hdr.msg_len + 1172 DTLS1_CCS_HEADER_LENGTH <= (unsigned int)s->init_num); 1173 } --- 249 unchanged lines hidden ---