130 static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, 
133 static int dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
333 	SSL3_RECORD *rr;
337 	rr= &(s->s3->rrec);
340 	/* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
343 	rr->input= &(s->packet[DTLS1_RT_HEADER_LENGTH]);
345 	/* ok, we can now read from 's->packet' data into 'rr'
346 	 * rr->input points at rr->length bytes, which
347 	 * need to be copied into rr->data by either
349 	 * When the data is 'copied' into the rr->data buffer,
350 	 * rr->input will be pointed at the new buffer */ 
353 	 * rr->length bytes of encrypted compressed stuff. */
356 	if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH)
363 	/* decrypt in place in 'rr->input' */
364 	rr->data=rr->input;
374 		rr->length = 0;
380 printf("dec %d\n",rr->length);
381 { unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\n'); }
396 		/* kludge: *_cbc_remove_padding passes padding length in rr->type */
397 		orig_len = rr->length+((unsigned int)rr->type>>8);
422 			ssl3_cbc_copy_mac(mac_tmp, rr, mac_size, orig_len);
423 			rr->length -= mac_size;
430 			rr->length -= mac_size;
431 			mac = &rr->data[rr->length];
437 		if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+mac_size)
444 		rr->length = 0;
452 		if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH)
466 	if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH)
473 	rr->off=0;
507 	SSL3_RECORD *rr;
513 	rr= &(s->s3->rrec);
545 		rr->type= *(p++);
551 		n2s(p,rr->epoch);
556 		n2s(p,rr->length);
564 				rr->length = 0;
574 			rr->length = 0;
579 		if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH)
582 			rr->length = 0;
593 	if (rr->length > s->packet_length-DTLS1_RT_HEADER_LENGTH)
596 		i=rr->length;
603 			rr->length = 0;
608 		/* now n == rr->length,
609 		 * and s->packet_length == DTLS1_RT_HEADER_LENGTH + rr->length */
614 	bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
617 	rr->length = 0;
628 	if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
630 		! dtls1_record_replay_check(s, bitmap, &(rr->seq_num)))
632 		rr->length = 0;
638 	if (rr->length == 0) goto again;
649 			dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), &rr->seq_num);
651 		rr->length = 0;
658 		rr->length = 0;
698 	SSL3_RECORD *rr;
739 	rr = &(s->s3->rrec);
745 	if (s->state == SSL_ST_OK && rr->length == 0)
763 	if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY))
777 	if (s->d1->listen && rr->type != SSL3_RT_HANDSHAKE)
779 		rr->length = 0;
787 		&& (rr->type != SSL3_RT_HANDSHAKE))
794 		dtls1_buffer_record(s, &(s->d1->buffered_app_data), &rr->seq_num);
795 		rr->length = 0;
803 		rr->length=0;
809 	if (type == rr->type) /* SSL3_RT_APPLICATION_DATA or SSL3_RT_HANDSHAKE */
823 		if ((unsigned int)len > rr->length)
824 			n = rr->length;
828 		memcpy(buf,&(rr->data[rr->off]),n);
831 			rr->length-=n;
832 			rr->off+=n;
833 			if (rr->length == 0)
836 				rr->off=0;
843 	/* If we get here, then type != rr->type; if we have a handshake
854 		if (rr->type == SSL3_RT_HANDSHAKE)
860 		else if (rr->type == SSL3_RT_ALERT)
867 		else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC)
872 			if (rr->type == SSL3_RT_APPLICATION_DATA)
893 			if ( rr->length < dest_maxlen)
897 				 * for normal alerts rr->length is 2, while
904 				rr->length = 0;
911 				dest[k] = rr->data[rr->off++];
912 				rr->length--;
918 	/* s->d1->handshake_fragment_len == 12  iff  rr->type == SSL3_RT_HANDSHAKE;
919 	 * s->d1->alert_fragment_len == 7      iff  rr->type == SSL3_RT_ALERT.
920 	 * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */
1066 		rr->length=0;
1070 	if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC)
1075 		dtls1_get_ccs_header(rr->data, &ccs_hdr);
1083 		if ((rr->length != ccs_hdr_len) || (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS))
1090 		rr->length=0;
1094 				rr->data, 1, s, s->msg_callback_arg);
1126 		dtls1_get_message_header(rr->data, &msg_hdr);
1127 		if( rr->epoch != s->d1->r_epoch)
1129 			rr->length = 0;
1142 			rr->length = 0;
1187 	switch (rr->type)
1194 			rr->length = 0;
1206 		 * should not happen when type != rr->type */
1707 dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch)
1713     if (rr->epoch == s->d1->r_epoch)
1717     else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&
1718         (rr->type == SSL3_RT_HANDSHAKE ||
1719             rr->type == SSL3_RT_ALERT))
1730 dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr, unsigned short *priority,
1735 	if ( rr->type == SSL3_RT_APPLICATION_DATA ||
1736 		rr->type == SSL3_RT_ALERT)
1744 		unsigned char *data = rr->data;
1746 		if ( rr->type == SSL3_RT_HANDSHAKE ||
1747 			rr->type == SSL3_RT_CHANGE_CIPHER_SPEC)
1753 			if ( rr->type == SSL3_RT_HANDSHAKE)
1771 			if (rr->type == SSL3_RT_HANDSHAKE && 
1776 				(rr->type == SSL3_RT_CHANGE_CIPHER_SPEC ||

Indexes created Fri Jun 21 18:57:21 MDT 2024