summaryrefslogtreecommitdiffstats
path: root/ssl
diff options
context:
space:
mode:
authorMatt Caswell <matt@openssl.org>2015-02-04 11:14:36 +0100
committerMatt Caswell <matt@openssl.org>2015-03-26 16:02:00 +0100
commitc661ac16891460eaf443db3303a7b1358b14526d (patch)
treef1ddc6a785c04884d693b0ca4cde5911d029c3cd /ssl
parentFix seg fault in dtls1_new (diff)
downloadopenssl-c661ac16891460eaf443db3303a7b1358b14526d.tar.xz
openssl-c661ac16891460eaf443db3303a7b1358b14526d.zip
Move handshake_fragment, handshake_fragment_len, alert_fragment and
alert_fragment_len from s->d1 to s->rlayer.d Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r--ssl/record/d1_pkt.c64
-rw-r--r--ssl/record/rec_layer.h9
-rw-r--r--ssl/ssl_locl.h9
3 files changed, 44 insertions, 38 deletions
diff --git a/ssl/record/d1_pkt.c b/ssl/record/d1_pkt.c
index e5a27883a7..7803273c11 100644
--- a/ssl/record/d1_pkt.c
+++ b/ssl/record/d1_pkt.c
@@ -396,7 +396,8 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
return ret;
/*
- * Now s->d1->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE.
+ * Now s->rlayer.d->handshake_fragment_len == 0 if
+ * type == SSL3_RT_HANDSHAKE.
*/
#ifndef OPENSSL_NO_SCTP
@@ -583,13 +584,13 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
unsigned int *dest_len = NULL;
if (rr->type == SSL3_RT_HANDSHAKE) {
- dest_maxlen = sizeof s->d1->handshake_fragment;
- dest = s->d1->handshake_fragment;
- dest_len = &s->d1->handshake_fragment_len;
+ dest_maxlen = sizeof s->rlayer.d->handshake_fragment;
+ dest = s->rlayer.d->handshake_fragment;
+ dest_len = &s->rlayer.d->handshake_fragment_len;
} else if (rr->type == SSL3_RT_ALERT) {
- dest_maxlen = sizeof(s->d1->alert_fragment);
- dest = s->d1->alert_fragment;
- dest_len = &s->d1->alert_fragment_len;
+ dest_maxlen = sizeof(s->rlayer.d->alert_fragment);
+ dest = s->rlayer.d->alert_fragment;
+ dest_len = &s->rlayer.d->alert_fragment_len;
}
#ifndef OPENSSL_NO_HEARTBEATS
else if (rr->type == TLS1_RT_HEARTBEAT) {
@@ -657,21 +658,21 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
}
/*-
- * s->d1->handshake_fragment_len == 12 iff rr->type == SSL3_RT_HANDSHAKE;
- * s->d1->alert_fragment_len == 7 iff rr->type == SSL3_RT_ALERT.
+ * s->rlayer.d->handshake_fragment_len == 12 iff rr->type == SSL3_RT_HANDSHAKE;
+ * s->rlayer.d->alert_fragment_len == 7 iff rr->type == SSL3_RT_ALERT.
* (Possibly rr is 'empty' now, i.e. rr->length may be 0.)
*/
/* If we are a client, check for an incoming 'Hello Request': */
if ((!s->server) &&
- (s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
- (s->d1->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
+ (s->rlayer.d->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
+ (s->rlayer.d->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
(s->session != NULL) && (s->session->cipher != NULL)) {
- s->d1->handshake_fragment_len = 0;
+ s->rlayer.d->handshake_fragment_len = 0;
- if ((s->d1->handshake_fragment[1] != 0) ||
- (s->d1->handshake_fragment[2] != 0) ||
- (s->d1->handshake_fragment[3] != 0)) {
+ if ((s->rlayer.d->handshake_fragment[1] != 0) ||
+ (s->rlayer.d->handshake_fragment[2] != 0) ||
+ (s->rlayer.d->handshake_fragment[3] != 0)) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_HELLO_REQUEST);
goto err;
@@ -683,7 +684,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
if (s->msg_callback)
s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
- s->d1->handshake_fragment, 4, s,
+ s->rlayer.d->handshake_fragment, 4, s,
s->msg_callback_arg);
if (SSL_is_init_finished(s) &&
@@ -728,15 +729,16 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
goto start;
}
- if (s->d1->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH) {
- int alert_level = s->d1->alert_fragment[0];
- int alert_descr = s->d1->alert_fragment[1];
+ if (s->rlayer.d->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH) {
+ int alert_level = s->rlayer.d->alert_fragment[0];
+ int alert_descr = s->rlayer.d->alert_fragment[1];
- s->d1->alert_fragment_len = 0;
+ s->rlayer.d->alert_fragment_len = 0;
if (s->msg_callback)
s->msg_callback(0, s->version, SSL3_RT_ALERT,
- s->d1->alert_fragment, 2, s, s->msg_callback_arg);
+ s->rlayer.d->alert_fragment, 2, s,
+ s->msg_callback_arg);
if (s->info_callback != NULL)
cb = s->info_callback;
@@ -775,7 +777,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
if (alert_descr == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {
unsigned short seq;
unsigned int frag_off;
- unsigned char *p = &(s->d1->alert_fragment[2]);
+ unsigned char *p = &(s->rlayer.d->alert_fragment[2]);
n2s(p, seq);
n2l3(p, frag_off);
@@ -887,7 +889,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
/*
* Unexpected handshake message (Client Hello, or protocol violation)
*/
- if ((s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
+ if ((s->rlayer.d->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) &&
!s->in_handshake) {
struct hm_header_st msg_hdr;
@@ -1010,24 +1012,25 @@ have_handshake_fragment(SSL *s, int type, unsigned char *buf,
int len, int peek)
{
- if ((type == SSL3_RT_HANDSHAKE) && (s->d1->handshake_fragment_len > 0))
+ if ((type == SSL3_RT_HANDSHAKE)
+ && (s->rlayer.d->handshake_fragment_len > 0))
/* (partially) satisfy request from storage */
{
- unsigned char *src = s->d1->handshake_fragment;
+ unsigned char *src = s->rlayer.d->handshake_fragment;
unsigned char *dst = buf;
unsigned int k, n;
/* peek == 0 */
n = 0;
- while ((len > 0) && (s->d1->handshake_fragment_len > 0)) {
+ while ((len > 0) && (s->rlayer.d->handshake_fragment_len > 0)) {
*dst++ = *src++;
len--;
- s->d1->handshake_fragment_len--;
+ s->rlayer.d->handshake_fragment_len--;
n++;
}
/* move any remaining fragment bytes: */
- for (k = 0; k < s->d1->handshake_fragment_len; k++)
- s->d1->handshake_fragment[k] = *src++;
+ for (k = 0; k < s->rlayer.d->handshake_fragment_len; k++)
+ s->rlayer.d->handshake_fragment[k] = *src++;
return n;
}
@@ -1264,7 +1267,8 @@ void dtls1_reset_seq_numbers(SSL *s, int rw)
if (rw & SSL3_CC_READ) {
seq = s->rlayer.read_sequence;
s->rlayer.d->r_epoch++;
- memcpy(&(s->rlayer.d->bitmap), &(s->rlayer.d->next_bitmap), sizeof(DTLS1_BITMAP));
+ memcpy(&(s->rlayer.d->bitmap), &(s->rlayer.d->next_bitmap),
+ sizeof(DTLS1_BITMAP));
memset(&(s->rlayer.d->next_bitmap), 0x00, sizeof(DTLS1_BITMAP));
} else {
seq = s->rlayer.write_sequence;
diff --git a/ssl/record/rec_layer.h b/ssl/record/rec_layer.h
index 2159041bfe..62e2b01d49 100644
--- a/ssl/record/rec_layer.h
+++ b/ssl/record/rec_layer.h
@@ -151,6 +151,15 @@ typedef struct dtls_record_layer_st {
/* Received handshake records (processed and unprocessed) */
record_pqueue unprocessed_rcds;
record_pqueue processed_rcds;
+
+ /*
+ * storage for Alert/Handshake protocol data received but not yet
+ * processed by ssl3_read_bytes:
+ */
+ unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
+ unsigned int alert_fragment_len;
+ unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
+ unsigned int handshake_fragment_len;
} DTLS_RECORD_LAYER;
typedef struct record_layer_st {
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index e5fb64c078..87b103dec9 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1434,14 +1434,7 @@ typedef struct dtls1_state_st {
struct timeval next_timeout;
/* Timeout duration */
unsigned short timeout_duration;
- /*
- * storage for Alert/Handshake protocol data received but not yet
- * processed by ssl3_read_bytes:
- */
- unsigned char alert_fragment[DTLS1_AL_HEADER_LENGTH];
- unsigned int alert_fragment_len;
- unsigned char handshake_fragment[DTLS1_HM_HEADER_LENGTH];
- unsigned int handshake_fragment_len;
+
unsigned int retransmitting;
/*
* Set when the handshake is ready to process peer's ChangeCipherSpec message.