211 static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
214 static int dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
344     SSL3_RECORD *rr;
355         rr = &s->s3->rrec;
372             bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
399                 rr->length = 0;
469     SSL3_RECORD *rr;
473     rr = &(s->s3->rrec);
477      * At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
480     rr->input = &(s->packet[DTLS1_RT_HEADER_LENGTH]);
483      * ok, we can now read from 's->packet' data into 'rr' rr->input points
484      * at rr->length bytes, which need to be copied into rr->data by either
486      * the rr->data buffer, rr->input will be pointed at the new buffer
490      * We now have - encrypted [ MAC [ compressed [ plain ] ] ] rr->length
495     if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
501     /* decrypt in place in 'rr->input' */
502     rr->data = rr->input;
513         rr->length = 0;
518     printf("dec %d\n", rr->length);
521         for (z = 0; z < rr->length; z++)
522             printf("%02X%c", rr->data[z], ((z + 1) % 16) ? ' ' : '\n');
537          * kludge: *_cbc_remove_padding passes padding length in rr->type
539         orig_len = rr->length + ((unsigned int)rr->type >> 8);
564             ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);
565             rr->length -= mac_size;
572             rr->length -= mac_size;
573             mac = &rr->data[rr->length];
580         if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
586         rr->length = 0;
593         if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH) {
606     if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {
612     rr->off = 0;
650     SSL3_RECORD *rr;
656     rr = &(s->s3->rrec);
694         rr->type = *(p++);
700         n2s(p, rr->epoch);
705         n2s(p, rr->length);
711         if (!s->first_packet && rr->type != SSL3_RT_ALERT) {
714                 rr->length = 0;
722             rr->length = 0;
727         if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
729             rr->length = 0;
739     if (rr->length > s->packet_length - DTLS1_RT_HEADER_LENGTH) {
741         i = rr->length;
745             rr->length = 0;
751          * now n == rr->length, and s->packet_length ==
752          * DTLS1_RT_HEADER_LENGTH + rr->length
758     bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
760         rr->length = 0;
774         if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
778             rr->length = 0;
787     if (rr->length == 0)
799                 (s, &(s->d1->unprocessed_rcds), rr->seq_num) < 0)
802         rr->length = 0;
808         rr->length = 0;
849     SSL3_RECORD *rr;
907     rr = &(s->s3->rrec);
913     if (s->state == SSL_ST_OK && rr->length == 0) {
938     if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) {
950     if (s->d1->listen && rr->type != SSL3_RT_HANDSHAKE) {
951         rr->length = 0;
959     if (rr->type != SSL3_RT_ALERT && rr->length != 0)
966         && (rr->type != SSL3_RT_HANDSHAKE)) {
972         if (dtls1_buffer_record(s, &(s->d1->buffered_app_data), rr->seq_num) <
977         rr->length = 0;
986         rr->length = 0;
991     if (type == rr->type) {     /* SSL3_RT_APPLICATION_DATA or
1007         if ((unsigned int)len > rr->length)
1008             n = rr->length;
1012         memcpy(buf, &(rr->data[rr->off]), n);
1014             rr->length -= n;
1015             rr->off += n;
1016             if (rr->length == 0) {
1018                 rr->off = 0;
1027             rr->type == SSL3_RT_APPLICATION_DATA &&
1051      * If we get here, then type != rr->type; if we have a handshake message,
1064         if (rr->type == SSL3_RT_HANDSHAKE) {
1068         } else if (rr->type == SSL3_RT_ALERT) {
1074         else if (rr->type == TLS1_RT_HEARTBEAT) {
1078             rr->length = 0;
1086         else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC) {
1091             if (rr->type == SSL3_RT_APPLICATION_DATA) {
1112             if (rr->length < dest_maxlen) {
1115                  * for normal alerts rr->length is 2, while
1122                 rr->length = 0;
1128                 dest[k] = rr->data[rr->off++];
1129                 rr->length--;
1136      * s->d1->handshake_fragment_len == 12  iff  rr->type == SSL3_RT_HANDSHAKE;
1137      * s->d1->alert_fragment_len == 7      iff  rr->type == SSL3_RT_ALERT.
1138      * (Possibly rr is 'empty' now, i.e. rr->length may be 0.)
1218         rr->length = 0;
1326         rr->length = 0;
1330     if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
1334         dtls1_get_ccs_header(rr->data, &ccs_hdr);
1344         if ((rr->length != ccs_hdr_len) ||
1345             (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) {
1351         rr->length = 0;
1355                             rr->data, 1, s, s->msg_callback_arg);
1397         dtls1_get_message_header(rr->data, &msg_hdr);
1398         if (rr->epoch != s->d1->r_epoch) {
1399             rr->length = 0;
1412             rr->length = 0;
1457     switch (rr->type) {
1462             rr->length = 0;
1475          * happen when type != rr->type
1931 static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
1938     if (rr->epoch == s->d1->r_epoch)
1946     else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&
1948              (rr->type == SSL3_RT_HANDSHAKE || rr->type == SSL3_RT_ALERT)) {
1958 dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
1963     if (rr->type == SSL3_RT_APPLICATION_DATA || rr->type == SSL3_RT_ALERT)
1971         unsigned char *data = rr->data;
1973         if (rr->type == SSL3_RT_HANDSHAKE ||
1974             rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
1979             if (rr->type == SSL3_RT_HANDSHAKE) {
1996             if (rr->type == SSL3_RT_HANDSHAKE &&
2001                      (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC ||

Indexes created Tue Jun 18 09:53:56 MDT 2024