mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-21 01:15:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Move handshake_fragment, handshake_fragment_len, alert_fragment and

Browse Source 
alert_fragment_len from s->d1 to s->rlayer.d

Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell 2015-02-04 10:14:36 +00:00
parent 5fb6f80cdf
commit c661ac1689
3 changed files with 44 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
ssl/record/d1_pkt.c
View File

@ -396,7 +396,8 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
return ret; return ret;
/* /*
* Now s->d1->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE. * Now s->rlayer.d->handshake_fragment_len == 0 if
* type == SSL3_RT_HANDSHAKE.
*/ */
#ifndef OPENSSL_NO_SCTP #ifndef OPENSSL_NO_SCTP
@ -583,13 +584,13 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
unsigned int *dest_len = NULL; unsigned int *dest_len = NULL;
if (rr->type == SSL3_RT_HANDSHAKE) { if (rr->type == SSL3_RT_HANDSHAKE) {
dest_maxlen = sizeof s->d1->handshake_fragment; dest_maxlen = sizeof s->rlayer.d->handshake_fragment;
dest = s->d1->handshake_fragment; dest = s->rlayer.d->handshake_fragment;
dest_len = &s->d1->handshake_fragment_len; dest_len = &s->rlayer.d->handshake_fragment_len;
} else if (rr->type == SSL3_RT_ALERT) { } else if (rr->type == SSL3_RT_ALERT) {
dest_maxlen = sizeof(s->d1->alert_fragment); dest_maxlen = sizeof(s->rlayer.d->alert_fragment);
dest = s->d1->alert_fragment; dest = s->rlayer.d->alert_fragment;
dest_len = &s->d1->alert_fragment_len; dest_len = &s->rlayer.d->alert_fragment_len;
} }
#ifndef OPENSSL_NO_HEARTBEATS #ifndef OPENSSL_NO_HEARTBEATS
else if (rr->type == TLS1_RT_HEARTBEAT) { else if (rr->type == TLS1_RT_HEARTBEAT) {
@ -657,21 +658,21 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
} }
/*- /*-
* s->d1->handshake_fragment_len == 12 iff rr->type == SSL3_RT_HANDSHAKE; * s->rlayer.d->handshake_fragment_len == 12 iff rr->type == SSL3_RT_HANDSHAKE;
* s->d1->alert_fragment_len == 7 iff rr->type == SSL3_RT_ALERT. * s->rlayer.d->alert_fragment_len == 7 iff rr->type == SSL3_RT_ALERT.
* (Possibly rr is 'empty' now, i.e. rr->length may be 0.) * (Possibly rr is 'empty' now, i.e. rr->length may be 0.)
*/ */
/* If we are a client, check for an incoming 'Hello Request': */ /* If we are a client, check for an incoming 'Hello Request': */
if ((!s->server) && if ((!s->server) &&
(s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) && (s->rlayer.d->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
(s->d1->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) && (s->rlayer.d->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
(s->session != NULL) && (s->session->cipher != NULL)) { (s->session != NULL) && (s->session->cipher != NULL)) {
s->d1->handshake_fragment_len = 0; s->rlayer.d->handshake_fragment_len = 0;
if ((s->d1->handshake_fragment[1] != 0) || if ((s->rlayer.d->handshake_fragment[1] != 0) ||
(s->d1->handshake_fragment[2] != 0) || (s->rlayer.d->handshake_fragment[2] != 0) ||
(s->d1->handshake_fragment[3] != 0)) { (s->rlayer.d->handshake_fragment[3] != 0)) {
al = SSL_AD_DECODE_ERROR; al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_HELLO_REQUEST); SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_HELLO_REQUEST);
goto err; goto err;
@ -683,7 +684,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
if (s->msg_callback) if (s->msg_callback)
s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
s->d1->handshake_fragment, 4, s, s->rlayer.d->handshake_fragment, 4, s,
s->msg_callback_arg); s->msg_callback_arg);
if (SSL_is_init_finished(s) && if (SSL_is_init_finished(s) &&
@ -728,15 +729,16 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
goto start; goto start;
} }
if (s->d1->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH) { if (s->rlayer.d->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH) {
int alert_level = s->d1->alert_fragment[0]; int alert_level = s->rlayer.d->alert_fragment[0];
int alert_descr = s->d1->alert_fragment[1]; int alert_descr = s->rlayer.d->alert_fragment[1];
s->d1->alert_fragment_len = 0; s->rlayer.d->alert_fragment_len = 0;
if (s->msg_callback) if (s->msg_callback)
s->msg_callback(0, s->version, SSL3_RT_ALERT, s->msg_callback(0, s->version, SSL3_RT_ALERT,
s->d1->alert_fragment, 2, s, s->msg_callback_arg); s->rlayer.d->alert_fragment, 2, s,
s->msg_callback_arg);
if (s->info_callback != NULL) if (s->info_callback != NULL)
cb = s->info_callback; cb = s->info_callback;
@ -775,7 +777,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
if (alert_descr == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) { if (alert_descr == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {
unsigned short seq; unsigned short seq;
unsigned int frag_off; unsigned int frag_off;
unsigned char *p = &(s->d1->alert_fragment[2]); unsigned char *p = &(s->rlayer.d->alert_fragment[2]);
n2s(p, seq); n2s(p, seq);
n2l3(p, frag_off); n2l3(p, frag_off);
@ -887,7 +889,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
/* /*
* Unexpected handshake message (Client Hello, or protocol violation) * Unexpected handshake message (Client Hello, or protocol violation)
*/ */
if ((s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) && if ((s->rlayer.d->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
!s->in_handshake) { !s->in_handshake) {
struct hm_header_st msg_hdr; struct hm_header_st msg_hdr;
@ -1010,24 +1012,25 @@ have_handshake_fragment(SSL *s, int type, unsigned char *buf,
int len, int peek) int len, int peek)
{ {
if ((type == SSL3_RT_HANDSHAKE) && (s->d1->handshake_fragment_len > 0)) if ((type == SSL3_RT_HANDSHAKE)
&& (s->rlayer.d->handshake_fragment_len > 0))
/* (partially) satisfy request from storage */ /* (partially) satisfy request from storage */
{ {
unsigned char *src = s->d1->handshake_fragment; unsigned char *src = s->rlayer.d->handshake_fragment;
unsigned char *dst = buf; unsigned char *dst = buf;
unsigned int k, n; unsigned int k, n;
/* peek == 0 */ /* peek == 0 */
n = 0; n = 0;
while ((len > 0) && (s->d1->handshake_fragment_len > 0)) { while ((len > 0) && (s->rlayer.d->handshake_fragment_len > 0)) {
*dst++ = *src++; *dst++ = *src++;
len--; len--;
s->d1->handshake_fragment_len--; s->rlayer.d->handshake_fragment_len--;
n++; n++;
} }
/* move any remaining fragment bytes: */ /* move any remaining fragment bytes: */
for (k = 0; k < s->d1->handshake_fragment_len; k++) for (k = 0; k < s->rlayer.d->handshake_fragment_len; k++)
s->d1->handshake_fragment[k] = *src++; s->rlayer.d->handshake_fragment[k] = *src++;
return n; return n;
} }
@ -1264,7 +1267,8 @@ void dtls1_reset_seq_numbers(SSL *s, int rw)
if (rw & SSL3_CC_READ) { if (rw & SSL3_CC_READ) {
seq = s->rlayer.read_sequence; seq = s->rlayer.read_sequence;
s->rlayer.d->r_epoch++; s->rlayer.d->r_epoch++;
memcpy(&(s->rlayer.d->bitmap), &(s->rlayer.d->next_bitmap), sizeof(DTLS1_BITMAP)); memcpy(&(s->rlayer.d->bitmap), &(s->rlayer.d->next_bitmap),
sizeof(DTLS1_BITMAP));
memset(&(s->rlayer.d->next_bitmap), 0x00, sizeof(DTLS1_BITMAP)); memset(&(s->rlayer.d->next_bitmap), 0x00, sizeof(DTLS1_BITMAP));
} else { } else {
seq = s->rlayer.write_sequence; seq = s->rlayer.write_sequence;

9
ssl/record/rec_layer.h
View File

@ -151,6 +151,15 @@ typedef struct dtls_record_layer_st {
/* Received handshake records (processed and unprocessed) */ /* Received handshake records (processed and unprocessed) */
record_pqueue unprocessed_rcds; record_pqueue unprocessed_rcds;
record_pqueue processed_rcds; record_pqueue processed_rcds;
/*
* storage for Alert/Handshake protocol data received but not yet
* processed by ssl3_read_bytes:
*/
unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
unsigned int alert_fragment_len;
unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
unsigned int handshake_fragment_len;
} DTLS_RECORD_LAYER; } DTLS_RECORD_LAYER;
typedef struct record_layer_st { typedef struct record_layer_st {

9
ssl/ssl_locl.h
View File

@ -1434,14 +1434,7 @@ typedef struct dtls1_state_st {
struct timeval next_timeout; struct timeval next_timeout;
/* Timeout duration */ /* Timeout duration */
unsigned short timeout_duration; unsigned short timeout_duration;
/*
* storage for Alert/Handshake protocol data received but not yet
* processed by ssl3_read_bytes:
*/
unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
unsigned int alert_fragment_len;
unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
unsigned int handshake_fragment_len;
unsigned int retransmitting; unsigned int retransmitting;
/* /*
* Set when the handshake is ready to process peer's ChangeCipherSpec message. * Set when the handshake is ready to process peer's ChangeCipherSpec message.