188 static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
191 static int dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
323     SSL3_RECORD *rr;
334         rr = &s->s3->rrec;
351             bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
378                 rr->length = 0;
448     SSL3_RECORD *rr;
452     rr = &(s->s3->rrec);
456      * At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
459     rr->input = &(s->packet[DTLS1_RT_HEADER_LENGTH]);
462      * ok, we can now read from 's->packet' data into 'rr' rr->input points
463      * at rr->length bytes, which need to be copied into rr->data by either
465      * the rr->data buffer, rr->input will be pointed at the new buffer
469      * We now have - encrypted [ MAC [ compressed [ plain ] ] ] rr->length
474     if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
480     /* decrypt in place in 'rr->input' */
481     rr->data = rr->input;
492         rr->length = 0;
497     printf("dec %d\n", rr->length);
500         for (z = 0; z < rr->length; z++)
501             printf("%02X%c", rr->data[z], ((z + 1) % 16) ? ' ' : '\n');
516          * kludge: *_cbc_remove_padding passes padding length in rr->type
518         orig_len = rr->length + ((unsigned int)rr->type >> 8);
543             ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);
544             rr->length -= mac_size;
551             rr->length -= mac_size;
552             mac = &rr->data[rr->length];
559         if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
565         rr->length = 0;
572         if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH) {
585     if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {
591     rr->off = 0;
629     SSL3_RECORD *rr;
635     rr = &(s->s3->rrec);
669         rr->type = *(p++);
675         n2s(p, rr->epoch);
680         n2s(p, rr->length);
686                 rr->length = 0;
694             rr->length = 0;
699         if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
701             rr->length = 0;
711     if (rr->length > s->packet_length - DTLS1_RT_HEADER_LENGTH) {
713         i = rr->length;
717             rr->length = 0;
723          * now n == rr->length, and s->packet_length ==
724          * DTLS1_RT_HEADER_LENGTH + rr->length
730     bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
732         rr->length = 0;
746         if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
750             rr->length = 0;
759     if (rr->length == 0)
771                 (s, &(s->d1->unprocessed_rcds), rr->seq_num) < 0)
774         rr->length = 0;
780         rr->length = 0;
821     SSL3_RECORD *rr;
879     rr = &(s->s3->rrec);
885     if (s->state == SSL_ST_OK && rr->length == 0) {
910     if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) {
922     if (s->d1->listen && rr->type != SSL3_RT_HANDSHAKE) {
923         rr->length = 0;
931     if (rr->type != SSL3_RT_ALERT && rr->length != 0)
938         && (rr->type != SSL3_RT_HANDSHAKE)) {
944         if (dtls1_buffer_record(s, &(s->d1->buffered_app_data), rr->seq_num) <
949         rr->length = 0;
958         rr->length = 0;
963     if (type == rr->type) {     /* SSL3_RT_APPLICATION_DATA or
979         if ((unsigned int)len > rr->length)
980             n = rr->length;
984         memcpy(buf, &(rr->data[rr->off]), n);
986             rr->length -= n;
987             rr->off += n;
988             if (rr->length == 0) {
990                 rr->off = 0;
999             rr->type == SSL3_RT_APPLICATION_DATA &&
1023      * If we get here, then type != rr->type; if we have a handshake message,
1036         if (rr->type == SSL3_RT_HANDSHAKE) {
1040         } else if (rr->type == SSL3_RT_ALERT) {
1046         else if (rr->type == TLS1_RT_HEARTBEAT) {
1050             rr->length = 0;
1058         else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC) {
1063             if (rr->type == SSL3_RT_APPLICATION_DATA) {
1084             if (rr->length < dest_maxlen) {
1087                  * for normal alerts rr->length is 2, while
1094                 rr->length = 0;
1100                 dest[k] = rr->data[rr->off++];
1101                 rr->length--;
1108      * s->d1->handshake_fragment_len == 12  iff  rr->type == SSL3_RT_HANDSHAKE;
1109      * s->d1->alert_fragment_len == 7      iff  rr->type == SSL3_RT_ALERT.
1110      * (Possibly rr is 'empty' now, i.e. rr->length may be 0.)
1279         rr->length = 0;
1283     if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
1287         dtls1_get_ccs_header(rr->data, &ccs_hdr);
1297         if ((rr->length != ccs_hdr_len) ||
1298             (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) {
1304         rr->length = 0;
1308                             rr->data, 1, s, s->msg_callback_arg);
1350         dtls1_get_message_header(rr->data, &msg_hdr);
1351         if (rr->epoch != s->d1->r_epoch) {
1352             rr->length = 0;
1365             rr->length = 0;
1410     switch (rr->type) {
1415             rr->length = 0;
1428          * happen when type != rr->type
1873 static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
1880     if (rr->epoch == s->d1->r_epoch)
1888     else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&
1890              (rr->type == SSL3_RT_HANDSHAKE || rr->type == SSL3_RT_ALERT)) {
1900 dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
1905     if (rr->type == SSL3_RT_APPLICATION_DATA || rr->type == SSL3_RT_ALERT)
1913         unsigned char *data = rr->data;
1915         if (rr->type == SSL3_RT_HANDSHAKE ||
1916             rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
1921             if (rr->type == SSL3_RT_HANDSHAKE) {
1938             if (rr->type == SSL3_RT_HANDSHAKE &&
1943                      (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC ||

Indexes created Thu May 30 22:23:56 MDT 2024