summaryrefslogtreecommitdiffstats
path: root/lib/libssl/d1_both.c
diff options
context:
space:
mode:
authorjsing <jsing@openbsd.org>2014-04-14 14:16:33 +0000
committerjsing <jsing@openbsd.org>2014-04-14 14:16:33 +0000
commit4a47b8599b77ab4995e48a7ceb6baedc16b1bbd7 (patch)
treee762f5bd6e622364fe028c01c115c1cbb76798f5 /lib/libssl/d1_both.c
parentFirst pass at applying KNF to the OpenSSL code, which almost makes it (diff)
downloadwireguard-openbsd-4a47b8599b77ab4995e48a7ceb6baedc16b1bbd7.tar.xz
wireguard-openbsd-4a47b8599b77ab4995e48a7ceb6baedc16b1bbd7.zip
First pass at applying KNF to the OpenSSL code, which almost makes it
readable. This pass is whitespace only and can readily be verified using tr and md5.
Diffstat (limited to 'lib/libssl/d1_both.c')
-rw-r--r--lib/libssl/d1_both.c1066
1 files changed, 501 insertions, 565 deletions
diff --git a/lib/libssl/d1_both.c b/lib/libssl/d1_both.c
index a265fed22fd..c051e84874a 100644
--- a/lib/libssl/d1_both.c
+++ b/lib/libssl/d1_both.c
@@ -152,102 +152,102 @@
printf("\n"); }
#endif
-static unsigned char bitmask_start_values[] = {0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe0, 0xc0, 0x80};
-static unsigned char bitmask_end_values[] = {0xff, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f};
+static unsigned char bitmask_start_values[] = {
+ 0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe0, 0xc0, 0x80
+};
+static unsigned char bitmask_end_values[] = {
+ 0xff, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f
+};
/* XDTLS: figure out the right values */
static unsigned int g_probable_mtu[] = {1500 - 28, 512 - 28, 256 - 28};
static unsigned int dtls1_guess_mtu(unsigned int curr_mtu);
-static void dtls1_fix_message_header(SSL *s, unsigned long frag_off,
- unsigned long frag_len);
-static unsigned char *dtls1_write_message_header(SSL *s,
- unsigned char *p);
+static void dtls1_fix_message_header(SSL *s, unsigned long frag_off,
+ unsigned long frag_len);
+static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p);
static void dtls1_set_message_header_int(SSL *s, unsigned char mt,
- unsigned long len, unsigned short seq_num, unsigned long frag_off,
- unsigned long frag_len);
-static long dtls1_get_message_fragment(SSL *s, int st1, int stn,
- long max, int *ok);
+ unsigned long len, unsigned short seq_num, unsigned long frag_off,
+ unsigned long frag_len);
+static long dtls1_get_message_fragment(SSL *s, int st1, int stn, long max,
+ int *ok);
static hm_fragment *
dtls1_hm_fragment_new(unsigned long frag_len, int reassembly)
- {
+{
hm_fragment *frag = NULL;
unsigned char *buf = NULL;
unsigned char *bitmask = NULL;
frag = (hm_fragment *)OPENSSL_malloc(sizeof(hm_fragment));
- if ( frag == NULL)
+ if (frag == NULL)
return NULL;
- if (frag_len)
- {
+ if (frag_len) {
buf = (unsigned char *)OPENSSL_malloc(frag_len);
- if ( buf == NULL)
- {
+ if (buf == NULL) {
OPENSSL_free(frag);
return NULL;
- }
}
+ }
/* zero length fragment gets zero frag->fragment */
frag->fragment = buf;
/* Initialize reassembly bitmask if necessary */
- if (reassembly)
- {
+ if (reassembly) {
bitmask = (unsigned char *)OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len));
- if (bitmask == NULL)
- {
- if (buf != NULL) OPENSSL_free(buf);
+ if (bitmask == NULL) {
+ if (buf != NULL)
+ OPENSSL_free(buf);
OPENSSL_free(frag);
return NULL;
- }
- memset(bitmask, 0, RSMBLY_BITMASK_SIZE(frag_len));
}
+ memset(bitmask, 0, RSMBLY_BITMASK_SIZE(frag_len));
+ }
frag->reassembly = bitmask;
return frag;
- }
+}
static void
dtls1_hm_fragment_free(hm_fragment *frag)
- {
+{
- if (frag->msg_header.is_ccs)
- {
+ if (frag->msg_header.is_ccs) {
EVP_CIPHER_CTX_free(frag->msg_header.saved_retransmit_state.enc_write_ctx);
EVP_MD_CTX_destroy(frag->msg_header.saved_retransmit_state.write_hash);
- }
- if (frag->fragment) OPENSSL_free(frag->fragment);
- if (frag->reassembly) OPENSSL_free(frag->reassembly);
- OPENSSL_free(frag);
}
+ if (frag->fragment)
+ OPENSSL_free(frag->fragment);
+ if (frag->reassembly)
+ OPENSSL_free(frag->reassembly);
+ OPENSSL_free(frag);
+}
/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */
-int dtls1_do_write(SSL *s, int type)
- {
+int
+dtls1_do_write(SSL *s, int type)
+{
int ret;
int curr_mtu;
unsigned int len, frag_off, mac_size, blocksize;
/* AHA! Figure out the MTU, and stick to the right size */
- if (s->d1->mtu < dtls1_min_mtu() && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
- {
- s->d1->mtu =
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
+ if (s->d1->mtu < dtls1_min_mtu() && !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
+ s->d1->mtu = BIO_ctrl(SSL_get_wbio(s),
+ BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
/* I've seen the kernel return bogus numbers when it doesn't know
* (initial write), so just make sure we have a reasonable number */
- if (s->d1->mtu < dtls1_min_mtu())
- {
+ if (s->d1->mtu < dtls1_min_mtu()) {
s->d1->mtu = 0;
s->d1->mtu = dtls1_guess_mtu(s->d1->mtu);
- BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU,
- s->d1->mtu, NULL);
- }
+ BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU,
+ s->d1->mtu, NULL);
}
+ }
#if 0
mtu = s->d1->mtu;
@@ -257,154 +257,144 @@ int dtls1_do_write(SSL *s, int type)
curr_mtu = mtu - BIO_wpending(SSL_get_wbio(s));
- if ( curr_mtu > 0)
+ if (curr_mtu > 0)
mtu = curr_mtu;
- else if ( ( ret = BIO_flush(SSL_get_wbio(s))) <= 0)
+ else if (( ret = BIO_flush(SSL_get_wbio(s))) <= 0)
return ret;
- if ( BIO_wpending(SSL_get_wbio(s)) + s->init_num >= mtu)
- {
+ if (BIO_wpending(SSL_get_wbio(s)) + s->init_num >= mtu) {
ret = BIO_flush(SSL_get_wbio(s));
- if ( ret <= 0)
+ if (ret <= 0)
return ret;
mtu = s->d1->mtu - (DTLS1_HM_HEADER_LENGTH + DTLS1_RT_HEADER_LENGTH);
- }
+ }
#endif
- OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu()); /* should have something reasonable now */
+ OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu());
+ /* should have something reasonable now */
- if ( s->init_off == 0 && type == SSL3_RT_HANDSHAKE)
- OPENSSL_assert(s->init_num ==
- (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
+ if (s->init_off == 0 && type == SSL3_RT_HANDSHAKE)
+ OPENSSL_assert(s->init_num ==
+ (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
if (s->write_hash)
mac_size = EVP_MD_CTX_size(s->write_hash);
else
mac_size = 0;
- if (s->enc_write_ctx &&
+ if (s->enc_write_ctx &&
(EVP_CIPHER_mode( s->enc_write_ctx->cipher) & EVP_CIPH_CBC_MODE))
- blocksize = 2 * EVP_CIPHER_block_size(s->enc_write_ctx->cipher);
+ blocksize = 2 * EVP_CIPHER_block_size(s->enc_write_ctx->cipher);
else
blocksize = 0;
frag_off = 0;
- while( s->init_num)
- {
- curr_mtu = s->d1->mtu - BIO_wpending(SSL_get_wbio(s)) -
- DTLS1_RT_HEADER_LENGTH - mac_size - blocksize;
+ while (s->init_num) {
+ curr_mtu = s->d1->mtu - BIO_wpending(SSL_get_wbio(s)) -
+ DTLS1_RT_HEADER_LENGTH - mac_size - blocksize;
- if ( curr_mtu <= DTLS1_HM_HEADER_LENGTH)
- {
+ if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) {
/* grr.. we could get an error if MTU picked was wrong */
ret = BIO_flush(SSL_get_wbio(s));
- if ( ret <= 0)
+ if (ret <= 0)
return ret;
curr_mtu = s->d1->mtu - DTLS1_RT_HEADER_LENGTH -
- mac_size - blocksize;
- }
+ mac_size - blocksize;
+ }
- if ( s->init_num > curr_mtu)
+ if (s->init_num > curr_mtu)
len = curr_mtu;
else
len = s->init_num;
/* XDTLS: this function is too long. split out the CCS part */
- if ( type == SSL3_RT_HANDSHAKE)
- {
- if ( s->init_off != 0)
- {
+ if (type == SSL3_RT_HANDSHAKE) {
+ if (s->init_off != 0) {
OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH);
s->init_off -= DTLS1_HM_HEADER_LENGTH;
s->init_num += DTLS1_HM_HEADER_LENGTH;
- if ( s->init_num > curr_mtu)
+ if (s->init_num > curr_mtu)
len = curr_mtu;
else
len = s->init_num;
- }
+ }
- dtls1_fix_message_header(s, frag_off,
- len - DTLS1_HM_HEADER_LENGTH);
+ dtls1_fix_message_header(s, frag_off,
+ len - DTLS1_HM_HEADER_LENGTH);
dtls1_write_message_header(s, (unsigned char *)&s->init_buf->data[s->init_off]);
OPENSSL_assert(len >= DTLS1_HM_HEADER_LENGTH);
- }
+ }
- ret=dtls1_write_bytes(s,type,&s->init_buf->data[s->init_off],
- len);
- if (ret < 0)
- {
+ ret = dtls1_write_bytes(s, type,
+ &s->init_buf->data[s->init_off], len);
+ if (ret < 0) {
/* might need to update MTU here, but we don't know
* which previous packet caused the failure -- so can't
* really retransmit anything. continue as if everything
* is fine and wait for an alert to handle the
* retransmit
*/
- if ( BIO_ctrl(SSL_get_wbio(s),
- BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0 )
+ if (BIO_ctrl(SSL_get_wbio(s),
+ BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0)
s->d1->mtu = BIO_ctrl(SSL_get_wbio(s),
- BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
+ BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
else
- return(-1);
- }
- else
- {
+ return (-1);
+ } else {
/* bad if this assert fails, only part of the handshake
* message got sent. but why would this happen? */
OPENSSL_assert(len == (unsigned int)ret);
- if (type == SSL3_RT_HANDSHAKE && ! s->d1->retransmitting)
- {
+ if (type == SSL3_RT_HANDSHAKE && ! s->d1->retransmitting) {
/* should not be done for 'Hello Request's, but in that case
* we'll ignore the result anyway */
unsigned char *p = (unsigned char *)&s->init_buf->data[s->init_off];
const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
int xlen;
- if (frag_off == 0 && s->version != DTLS1_BAD_VER)
- {
+ if (frag_off == 0 && s->version != DTLS1_BAD_VER) {
/* reconstruct message header is if it
* is being sent in single fragment */
*p++ = msg_hdr->type;
- l2n3(msg_hdr->msg_len,p);
- s2n (msg_hdr->seq,p);
- l2n3(0,p);
- l2n3(msg_hdr->msg_len,p);
- p -= DTLS1_HM_HEADER_LENGTH;
+ l2n3(msg_hdr->msg_len, p);
+ s2n (msg_hdr->seq, p);
+ l2n3(0, p);
+ l2n3(msg_hdr->msg_len, p);
+ p -= DTLS1_HM_HEADER_LENGTH;
xlen = ret;
- }
- else
- {
- p += DTLS1_HM_HEADER_LENGTH;
+ } else {
+ p += DTLS1_HM_HEADER_LENGTH;
xlen = ret - DTLS1_HM_HEADER_LENGTH;
- }
+ }
ssl3_finish_mac(s, p, xlen);
- }
+ }
- if (ret == s->init_num)
- {
+ if (ret == s->init_num) {
if (s->msg_callback)
- s->msg_callback(1, s->version, type, s->init_buf->data,
- (size_t)(s->init_off + s->init_num), s,
- s->msg_callback_arg);
+ s->msg_callback(1, s->version, type,
+ s->init_buf->data,
+ (size_t)(s->init_off + s->init_num),
+ s, s->msg_callback_arg);
- s->init_off = 0; /* done writing this message */
+ s->init_off = 0;
+ /* done writing this message */
s->init_num = 0;
- return(1);
- }
- s->init_off+=ret;
- s->init_num-=ret;
- frag_off += (ret -= DTLS1_HM_HEADER_LENGTH);
+ return (1);
}
+ s->init_off += ret;
+ s->init_num -= ret;
+ frag_off += (ret -= DTLS1_HM_HEADER_LENGTH);
}
- return(0);
}
+ return (0);
+}
/* Obtain handshake message of message type 'mt' (any if mt == -1),
@@ -412,8 +402,9 @@ int dtls1_do_write(SSL *s, int type)
* Read an entire handshake message. Handshake messages arrive in
* fragments.
*/
-long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
- {
+long
+dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
+{
int i, al;
struct hm_header_st *msg_hdr;
unsigned char *p;
@@ -421,30 +412,28 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
/* s3->tmp is used to store messages that are unexpected, caused
* by the absence of an optional handshake message */
- if (s->s3->tmp.reuse_message)
- {
- s->s3->tmp.reuse_message=0;
- if ((mt >= 0) && (s->s3->tmp.message_type != mt))
- {
- al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_DTLS1_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
+ if (s->s3->tmp.reuse_message) {
+ s->s3->tmp.reuse_message = 0;
+ if ((mt >= 0) && (s->s3->tmp.message_type != mt)) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
goto f_err;
- }
- *ok=1;
+ }
+ *ok = 1;
s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
s->init_num = (int)s->s3->tmp.message_size;
return s->init_num;
- }
+ }
msg_hdr = &s->d1->r_msg_hdr;
memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
again:
i = dtls1_get_message_fragment(s, st1, stn, max, ok);
- if ( i == DTLS1_HM_BAD_FRAGMENT ||
- i == DTLS1_HM_FRAGMENT_RETRY) /* bad fragment received */
+ if (i == DTLS1_HM_BAD_FRAGMENT ||
+ i == DTLS1_HM_FRAGMENT_RETRY) /* bad fragment received */
goto again;
- else if ( i <= 0 && !*ok)
+ else if (i <= 0 && !*ok)
return i;
p = (unsigned char *)s->init_buf->data;
@@ -452,20 +441,19 @@ again:
/* reconstruct message header */
*(p++) = msg_hdr->type;
- l2n3(msg_len,p);
- s2n (msg_hdr->seq,p);
- l2n3(0,p);
- l2n3(msg_len,p);
+ l2n3(msg_len, p);
+ s2n (msg_hdr->seq, p);
+ l2n3(0, p);
+ l2n3(msg_len, p);
if (s->version != DTLS1_BAD_VER) {
- p -= DTLS1_HM_HEADER_LENGTH;
+ p -= DTLS1_HM_HEADER_LENGTH;
msg_len += DTLS1_HM_HEADER_LENGTH;
}
ssl3_finish_mac(s, p, msg_len);
if (s->msg_callback)
- s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
- p, msg_len,
- s, s->msg_callback_arg);
+ s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, msg_len,
+ s, s->msg_callback_arg);
memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
@@ -477,64 +465,59 @@ again:
return s->init_num;
f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
*ok = 0;
return -1;
- }
+}
-static int dtls1_preprocess_fragment(SSL *s,struct hm_header_st *msg_hdr,int max)
- {
- size_t frag_off,frag_len,msg_len;
+static int
+dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr, int max) {
+ size_t frag_off, frag_len, msg_len;
- msg_len = msg_hdr->msg_len;
+ msg_len = msg_hdr->msg_len;
frag_off = msg_hdr->frag_off;
frag_len = msg_hdr->frag_len;
/* sanity checking */
- if ( (frag_off+frag_len) > msg_len)
- {
- SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ if ((frag_off + frag_len) > msg_len) {
+ SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, SSL_R_EXCESSIVE_MESSAGE_SIZE);
return SSL_AD_ILLEGAL_PARAMETER;
- }
+ }
- if ( (frag_off+frag_len) > (unsigned long)max)
- {
- SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ if ((frag_off + frag_len) > (unsigned long)max) {
+ SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, SSL_R_EXCESSIVE_MESSAGE_SIZE);
return SSL_AD_ILLEGAL_PARAMETER;
- }
+ }
if ( s->d1->r_msg_hdr.frag_off == 0) /* first fragment */
- {
+ {
/* msg_len is limited to 2^24, but is effectively checked
* against max above */
- if (!BUF_MEM_grow_clean(s->init_buf,msg_len+DTLS1_HM_HEADER_LENGTH))
- {
- SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT,ERR_R_BUF_LIB);
+ if (!BUF_MEM_grow_clean(s->init_buf, msg_len + DTLS1_HM_HEADER_LENGTH)) {
+ SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, ERR_R_BUF_LIB);
return SSL_AD_INTERNAL_ERROR;
- }
+ }
- s->s3->tmp.message_size = msg_len;
+ s->s3->tmp.message_size = msg_len;
s->d1->r_msg_hdr.msg_len = msg_len;
- s->s3->tmp.message_type = msg_hdr->type;
- s->d1->r_msg_hdr.type = msg_hdr->type;
- s->d1->r_msg_hdr.seq = msg_hdr->seq;
- }
- else if (msg_len != s->d1->r_msg_hdr.msg_len)
- {
+ s->s3->tmp.message_type = msg_hdr->type;
+ s->d1->r_msg_hdr.type = msg_hdr->type;
+ s->d1->r_msg_hdr.seq = msg_hdr->seq;
+ } else if (msg_len != s->d1->r_msg_hdr.msg_len) {
/* They must be playing with us! BTW, failure to enforce
* upper limit would open possibility for buffer overrun. */
- SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, SSL_R_EXCESSIVE_MESSAGE_SIZE);
return SSL_AD_ILLEGAL_PARAMETER;
- }
+ }
return 0; /* no error */
- }
+}
static int
dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
- {
+{
/* (0) check whether the desired fragment is available
* if so:
* (1) copy over the fragment to s->init_buf->data[]
@@ -546,58 +529,54 @@ dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
*ok = 0;
item = pqueue_peek(s->d1->buffered_messages);
- if ( item == NULL)
+ if (item == NULL)
return 0;
frag = (hm_fragment *)item->data;
-
+
/* Don't return if reassembly still in progress */
if (frag->reassembly != NULL)
return 0;
- if ( s->d1->handshake_read_seq == frag->msg_header.seq)
- {
+ if (s->d1->handshake_read_seq == frag->msg_header.seq) {
unsigned long frag_len = frag->msg_header.frag_len;
pqueue_pop(s->d1->buffered_messages);
- al=dtls1_preprocess_fragment(s,&frag->msg_header,max);
+ al = dtls1_preprocess_fragment(s, &frag->msg_header, max);
- if (al==0) /* no alert */
- {
- unsigned char *p = (unsigned char *)s->init_buf->data+DTLS1_HM_HEADER_LENGTH;
+ if (al == 0) /* no alert */
+ {
+ unsigned char *p = (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
memcpy(&p[frag->msg_header.frag_off],
- frag->fragment,frag->msg_header.frag_len);
- }
+ frag->fragment, frag->msg_header.frag_len);
+ }
dtls1_hm_fragment_free(frag);
pitem_free(item);
- if (al==0)
- {
+ if (al == 0) {
*ok = 1;
return frag_len;
- }
+ }
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
s->init_num = 0;
*ok = 0;
return -1;
- }
- else
+ } else
return 0;
- }
+}
static int
-dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)
- {
+dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok) {
hm_fragment *frag = NULL;
pitem *item = NULL;
int i = -1, is_complete;
unsigned char seq64be[8];
unsigned long frag_len = msg_hdr->frag_len, max_len;
- if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len)
+ if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len)
goto err;
/* Determine maximum allowed message size. Depends on (user set)
@@ -608,104 +587,99 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)
else
max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
- if ((msg_hdr->frag_off+frag_len) > max_len)
+ if ((msg_hdr->frag_off + frag_len) > max_len)
goto err;
/* Try to find item in queue */
- memset(seq64be,0,sizeof(seq64be));
- seq64be[6] = (unsigned char) (msg_hdr->seq>>8);
- seq64be[7] = (unsigned char) msg_hdr->seq;
+ memset(seq64be, 0, sizeof(seq64be));
+ seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
+ seq64be[7] = (unsigned char)msg_hdr->seq;
item = pqueue_find(s->d1->buffered_messages, seq64be);
- if (item == NULL)
- {
+ if (item == NULL) {
frag = dtls1_hm_fragment_new(msg_hdr->msg_len, 1);
- if ( frag == NULL)
+ if (frag == NULL)
goto err;
memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
frag->msg_header.frag_len = frag->msg_header.msg_len;
frag->msg_header.frag_off = 0;
- }
- else
+ } else
frag = (hm_fragment*) item->data;
/* If message is already reassembled, this must be a
* retransmit and can be dropped.
*/
- if (frag->reassembly == NULL)
- {
+ if (frag->reassembly == NULL) {
unsigned char devnull [256];
- while (frag_len)
- {
- i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
- devnull,
- frag_len>sizeof(devnull)?sizeof(devnull):frag_len,0);
- if (i<=0) goto err;
+ while (frag_len) {
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ devnull, frag_len > sizeof(devnull) ?
+ sizeof(devnull) : frag_len, 0);
+ if (i <= 0)
+ goto err;
frag_len -= i;
- }
- return DTLS1_HM_FRAGMENT_RETRY;
}
+ return DTLS1_HM_FRAGMENT_RETRY;
+ }
/* read the body of the fragment (header has already been read */
- i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
- frag->fragment + msg_hdr->frag_off,frag_len,0);
- if (i<=0 || (unsigned long)i!=frag_len)
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ frag->fragment + msg_hdr->frag_off, frag_len, 0);
+ if (i <= 0 || (unsigned long)i != frag_len)
goto err;
RSMBLY_BITMASK_MARK(frag->reassembly, (long)msg_hdr->frag_off,
- (long)(msg_hdr->frag_off + frag_len));
+ (long)(msg_hdr->frag_off + frag_len));
RSMBLY_BITMASK_IS_COMPLETE(frag->reassembly, (long)msg_hdr->msg_len,
- is_complete);
+ is_complete);
- if (is_complete)
- {
+ if (is_complete) {
OPENSSL_free(frag->reassembly);
frag->reassembly = NULL;
- }
+ }
- if (item == NULL)
- {
- memset(seq64be,0,sizeof(seq64be));
- seq64be[6] = (unsigned char)(msg_hdr->seq>>8);
+ if (item == NULL) {
+ memset(seq64be, 0, sizeof(seq64be));
+ seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
seq64be[7] = (unsigned char)(msg_hdr->seq);
item = pitem_new(seq64be, frag);
- if (item == NULL)
- {
+ if (item == NULL) {
goto err;
i = -1;
- }
+ }
pqueue_insert(s->d1->buffered_messages, item);
- }
+ }
return DTLS1_HM_FRAGMENT_RETRY;
err:
- if (frag != NULL) dtls1_hm_fragment_free(frag);
- if (item != NULL) OPENSSL_free(item);
+ if (frag != NULL)
+ dtls1_hm_fragment_free(frag);
+ if (item != NULL)
+ OPENSSL_free(item);
*ok = 0;
return i;
- }
+}
static int
-dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
-{
- int i=-1;
+dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok) {
+ int i = -1;
hm_fragment *frag = NULL;
pitem *item = NULL;
unsigned char seq64be[8];
unsigned long frag_len = msg_hdr->frag_len;
- if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len)
+ if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len)
goto err;
/* Try to find item in queue, to prevent duplicate entries */
- memset(seq64be,0,sizeof(seq64be));
- seq64be[6] = (unsigned char) (msg_hdr->seq>>8);
+ memset(seq64be, 0, sizeof(seq64be));
+ seq64be[6] = (unsigned char) (msg_hdr->seq >> 8);
seq64be[7] = (unsigned char) msg_hdr->seq;
item = pqueue_find(s->d1->buffered_messages, seq64be);
@@ -721,92 +695,89 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
* retransmit.
*/
if (msg_hdr->seq <= s->d1->handshake_read_seq ||
- msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL ||
- (s->d1->handshake_read_seq == 0 && msg_hdr->type == SSL3_MT_FINISHED))
- {
+ msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL ||
+ (s->d1->handshake_read_seq == 0 && msg_hdr->type == SSL3_MT_FINISHED)) {
unsigned char devnull [256];
- while (frag_len)
- {
- i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
- devnull,
- frag_len>sizeof(devnull)?sizeof(devnull):frag_len,0);
- if (i<=0) goto err;
+ while (frag_len) {
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ devnull, frag_len > sizeof(devnull) ?
+ sizeof(devnull) : frag_len, 0);
+ if (i <= 0)
+ goto err;
frag_len -= i;
- }
}
- else
- {
+ } else {
if (frag_len && frag_len < msg_hdr->msg_len)
return dtls1_reassemble_fragment(s, msg_hdr, ok);
frag = dtls1_hm_fragment_new(frag_len, 0);
- if ( frag == NULL)
+ if (frag == NULL)
goto err;
memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
- if (frag_len)
- {
+ if (frag_len) {
/* read the body of the fragment (header has already been read */
- i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
- frag->fragment,frag_len,0);
- if (i<=0 || (unsigned long)i!=frag_len)
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ frag->fragment, frag_len, 0);
+ if (i <= 0 || (unsigned long)i != frag_len)
goto err;
- }
+ }
- memset(seq64be,0,sizeof(seq64be));
- seq64be[6] = (unsigned char)(msg_hdr->seq>>8);
+ memset(seq64be, 0, sizeof(seq64be));
+ seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
seq64be[7] = (unsigned char)(msg_hdr->seq);
item = pitem_new(seq64be, frag);
- if ( item == NULL)
+ if (item == NULL)
goto err;
pqueue_insert(s->d1->buffered_messages, item);
- }
+ }
return DTLS1_HM_FRAGMENT_RETRY;
err:
- if ( frag != NULL) dtls1_hm_fragment_free(frag);
- if ( item != NULL) OPENSSL_free(item);
+ if (frag != NULL)
+ dtls1_hm_fragment_free(frag);
+ if (item != NULL)
+ OPENSSL_free(item);
*ok = 0;
return i;
- }
+}
static long
dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
- {
+{
unsigned char wire[DTLS1_HM_HEADER_LENGTH];
unsigned long len, frag_off, frag_len;
- int i,al;
+ int i, al;
struct hm_header_st msg_hdr;
/* see if we have the required fragment already */
- if ((frag_len = dtls1_retrieve_buffered_fragment(s,max,ok)) || *ok)
- {
- if (*ok) s->init_num = frag_len;
+ if ((frag_len = dtls1_retrieve_buffered_fragment(s, max, ok)) || *ok) {
+ if (*ok)
+ s->init_num = frag_len;
return frag_len;
- }
+ }
/* read handshake message header */
- i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,wire,
- DTLS1_HM_HEADER_LENGTH, 0);
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, wire,
+ DTLS1_HM_HEADER_LENGTH, 0);
if (i <= 0) /* nbio, or an error */
- {
- s->rwstate=SSL_READING;
+ {
+ s->rwstate = SSL_READING;
*ok = 0;
return i;
- }
+ }
/* Handshake fails if message header is incomplete */
- if (i != DTLS1_HM_HEADER_LENGTH)
- {
- al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_UNEXPECTED_MESSAGE);
+ if (i != DTLS1_HM_HEADER_LENGTH) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL_R_UNEXPECTED_MESSAGE);
goto f_err;
- }
+ }
/* parse the message fragment header */
dtls1_get_message_header(wire, &msg_hdr);
@@ -828,62 +799,56 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
return dtls1_reassemble_fragment(s, &msg_hdr, ok);
if (!s->server && s->d1->r_msg_hdr.frag_off == 0 &&
- wire[0] == SSL3_MT_HELLO_REQUEST)
- {
+ wire[0] == SSL3_MT_HELLO_REQUEST) {
/* The server may always send 'Hello Request' messages --
* we are doing a handshake anyway now, so ignore them
* if their format is correct. Does not count for
* 'Finished' MAC. */
- if (wire[1] == 0 && wire[2] == 0 && wire[3] == 0)
- {
+ if (wire[1] == 0 && wire[2] == 0 && wire[3] == 0) {
if (s->msg_callback)
- s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
- wire, DTLS1_HM_HEADER_LENGTH, s,
- s->msg_callback_arg);
-
+ s->msg_callback(0, s->version,
+ SSL3_RT_HANDSHAKE, wire,
+ DTLS1_HM_HEADER_LENGTH, s,
+ s->msg_callback_arg);
+
s->init_num = 0;
- return dtls1_get_message_fragment(s, st1, stn,
- max, ok);
- }
+ return dtls1_get_message_fragment(s, st1, stn, max, ok);
+ }
else /* Incorrectly formated Hello request */
- {
- al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_UNEXPECTED_MESSAGE);
+ {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL_R_UNEXPECTED_MESSAGE);
goto f_err;
- }
}
+ }
- if ((al=dtls1_preprocess_fragment(s,&msg_hdr,max)))
+ if ((al = dtls1_preprocess_fragment(s, &msg_hdr, max)))
goto f_err;
/* XDTLS: ressurect this when restart is in place */
- s->state=stn;
+ s->state = stn;
- if ( frag_len > 0)
- {
- unsigned char *p=(unsigned char *)s->init_buf->data+DTLS1_HM_HEADER_LENGTH;
+ if (frag_len > 0) {
+ unsigned char *p = (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
- i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
- &p[frag_off],frag_len,0);
+ i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
+ &p[frag_off], frag_len, 0);
/* XDTLS: fix this--message fragments cannot span multiple packets */
- if (i <= 0)
- {
- s->rwstate=SSL_READING;
+ if (i <= 0) {
+ s->rwstate = SSL_READING;
*ok = 0;
return i;
- }
}
- else
+ } else
i = 0;
/* XDTLS: an incorrectly formatted fragment should cause the
* handshake to fail */
- if (i != (int)frag_len)
- {
- al=SSL3_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL3_AD_ILLEGAL_PARAMETER);
+ if (i != (int)frag_len) {
+ al = SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL3_AD_ILLEGAL_PARAMETER);
goto f_err;
- }
+ }
*ok = 1;
@@ -895,62 +860,59 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
return frag_len;
f_err:
- ssl3_send_alert(s,SSL3_AL_FATAL,al);
+ ssl3_send_alert(s, SSL3_AL_FATAL, al);
s->init_num = 0;
- *ok=0;
- return(-1);
- }
+ *ok = 0;
+ return (-1);
+}
-int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)
- {
- unsigned char *p,*d;
+int
+dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)
+{
+ unsigned char *p, *d;
int i;
unsigned long l;
- if (s->state == a)
- {
- d=(unsigned char *)s->init_buf->data;
- p= &(d[DTLS1_HM_HEADER_LENGTH]);
+ if (s->state == a) {
+ d = (unsigned char *)s->init_buf->data;
+ p = &(d[DTLS1_HM_HEADER_LENGTH]);
- i=s->method->ssl3_enc->final_finish_mac(s,
- sender,slen,s->s3->tmp.finish_md);
+ i = s->method->ssl3_enc->final_finish_mac(s,
+ sender, slen, s->s3->tmp.finish_md);
s->s3->tmp.finish_md_len = i;
memcpy(p, s->s3->tmp.finish_md, i);
- p+=i;
- l=i;
+ p += i;
+ l = i;
- /* Copy the finished so we can use it for
- * renegotiation checks
- */
- if(s->type == SSL_ST_CONNECT)
- {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
- memcpy(s->s3->previous_client_finished,
- s->s3->tmp.finish_md, i);
- s->s3->previous_client_finished_len=i;
- }
- else
- {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
- memcpy(s->s3->previous_server_finished,
- s->s3->tmp.finish_md, i);
- s->s3->previous_server_finished_len=i;
+ /* Copy the finished so we can use it for
+ * renegotiation checks
+ */
+ if (s->type == SSL_ST_CONNECT) {
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+ memcpy(s->s3->previous_client_finished,
+ s->s3->tmp.finish_md, i);
+ s->s3->previous_client_finished_len = i;
+ } else {
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
+ memcpy(s->s3->previous_server_finished,
+ s->s3->tmp.finish_md, i);
+ s->s3->previous_server_finished_len = i;
}
d = dtls1_set_message_header(s, d, SSL3_MT_FINISHED, l, 0, l);
- s->init_num=(int)l+DTLS1_HM_HEADER_LENGTH;
- s->init_off=0;
+ s->init_num = (int)l + DTLS1_HM_HEADER_LENGTH;
+ s->init_off = 0;
/* buffer the message to handle re-xmits */
dtls1_buffer_message(s, 0);
- s->state=b;
- }
+ s->state = b;
+ }
/* SSL3_ST_SEND_xxxxxx_HELLO_B */
- return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
- }
+ return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+}
/* for these 2 messages, we need to
* ssl->enc_read_ctx re-init
@@ -960,161 +922,154 @@ int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)
* ssl->session->read_compression assign
* ssl->session->read_hash assign
*/
-int dtls1_send_change_cipher_spec(SSL *s, int a, int b)
- {
+int
+dtls1_send_change_cipher_spec(SSL *s, int a, int b)
+{
unsigned char *p;
- if (s->state == a)
- {
- p=(unsigned char *)s->init_buf->data;
+ if (s->state == a) {
+ p = (unsigned char *)s->init_buf->data;
*p++=SSL3_MT_CCS;
s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
- s->init_num=DTLS1_CCS_HEADER_LENGTH;
+ s->init_num = DTLS1_CCS_HEADER_LENGTH;
if (s->version == DTLS1_BAD_VER) {
s->d1->next_handshake_write_seq++;
- s2n(s->d1->handshake_write_seq,p);
- s->init_num+=2;
+ s2n(s->d1->handshake_write_seq, p);
+ s->init_num += 2;
}
- s->init_off=0;
+ s->init_off = 0;
- dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
- s->d1->handshake_write_seq, 0, 0);
+ dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
+ s->d1->handshake_write_seq, 0, 0);
/* buffer the message to handle re-xmits */
dtls1_buffer_message(s, 1);
- s->state=b;
- }
+ s->state = b;
+ }
/* SSL3_ST_CW_CHANGE_B */
- return(dtls1_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
- }
+ return (dtls1_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC));
+}
-static int dtls1_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x)
- {
+static int
+dtls1_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x)
+{
int n;
unsigned char *p;
- n=i2d_X509(x,NULL);
- if (!BUF_MEM_grow_clean(buf,(int)(n+(*l)+3)))
- {
- SSLerr(SSL_F_DTLS1_ADD_CERT_TO_BUF,ERR_R_BUF_LIB);
+ n = i2d_X509(x, NULL);
+ if (!BUF_MEM_grow_clean(buf,(int)(n + (*l) + 3))) {
+ SSLerr(SSL_F_DTLS1_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
return 0;
- }
- p=(unsigned char *)&(buf->data[*l]);
- l2n3(n,p);
- i2d_X509(x,&p);
- *l+=n+3;
+ }
+ p = (unsigned char *)&(buf->data[*l]);
+ l2n3(n, p);
+ i2d_X509(x, &p);
+ *l += n + 3;
return 1;
- }
-unsigned long dtls1_output_cert_chain(SSL *s, X509 *x)
- {
+}
+
+unsigned long
+dtls1_output_cert_chain(SSL *s, X509 *x)
+{
unsigned char *p;
int i;
- unsigned long l= 3 + DTLS1_HM_HEADER_LENGTH;
+ unsigned long l = 3 + DTLS1_HM_HEADER_LENGTH;
BUF_MEM *buf;
/* TLSv1 sends a chain with nothing in it, instead of an alert */
- buf=s->init_buf;
- if (!BUF_MEM_grow_clean(buf,10))
- {
- SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
- return(0);
- }
- if (x != NULL)
- {
+ buf = s->init_buf;
+ if (!BUF_MEM_grow_clean(buf, 10)) {
+ SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN, ERR_R_BUF_LIB);
+ return (0);
+ }
+ if (x != NULL) {
X509_STORE_CTX xs_ctx;
- if (!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,x,NULL))
- {
- SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
- return(0);
- }
-
+ if (!X509_STORE_CTX_init(&xs_ctx, s->ctx->cert_store, x, NULL)) {
+ SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN, ERR_R_X509_LIB);
+ return (0);
+ }
+
X509_verify_cert(&xs_ctx);
/* Don't leave errors in the queue */
ERR_clear_error();
- for (i=0; i < sk_X509_num(xs_ctx.chain); i++)
- {
+ for (i = 0; i < sk_X509_num(xs_ctx.chain); i++) {
x = sk_X509_value(xs_ctx.chain, i);
- if (!dtls1_add_cert_to_buf(buf, &l, x))
- {
+ if (!dtls1_add_cert_to_buf(buf, &l, x)) {
X509_STORE_CTX_cleanup(&xs_ctx);
return 0;
- }
- }
- X509_STORE_CTX_cleanup(&xs_ctx);
- }
- /* Thawte special :-) */
- for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++)
- {
- x=sk_X509_value(s->ctx->extra_certs,i);
+ }
+ }
+ X509_STORE_CTX_cleanup(&xs_ctx);
+ }
+ /* Thawte special :-) */
+ for (i = 0; i < sk_X509_num(s->ctx->extra_certs); i++) {
+ x = sk_X509_value(s->ctx->extra_certs, i);
if (!dtls1_add_cert_to_buf(buf, &l, x))
return 0;
- }
+ }
- l-= (3 + DTLS1_HM_HEADER_LENGTH);
+ l -= (3 + DTLS1_HM_HEADER_LENGTH);
- p=(unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH]);
- l2n3(l,p);
- l+=3;
- p=(unsigned char *)&(buf->data[0]);
+ p = (unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH]);
+ l2n3(l, p);
+ l += 3;
+ p = (unsigned char *)&(buf->data[0]);
p = dtls1_set_message_header(s, p, SSL3_MT_CERTIFICATE, l, 0, l);
- l+=DTLS1_HM_HEADER_LENGTH;
- return(l);
- }
+ l += DTLS1_HM_HEADER_LENGTH;
+ return (l);
+}
-int dtls1_read_failed(SSL *s, int code)
- {
- if ( code > 0)
- {
+int
+dtls1_read_failed(SSL *s, int code)
+{
+ if (code > 0) {
fprintf( stderr, "invalid state reached %s:%d", __FILE__, __LINE__);
return 1;
- }
+ }
- if (!dtls1_is_timer_expired(s))
- {
+ if (!dtls1_is_timer_expired(s)) {
/* not a timeout, none of our business,
let higher layers handle this. in fact it's probably an error */
return code;
- }
+ }
#ifndef OPENSSL_NO_HEARTBEATS
if (!SSL_in_init(s) && !s->tlsext_hb_pending) /* done, no need to send a retransmit */
#else
if (!SSL_in_init(s)) /* done, no need to send a retransmit */
#endif
- {
+ {
BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
return code;
- }
+ }
#if 0 /* for now, each alert contains only one record number */
item = pqueue_peek(state->rcvd_records);
- if ( item )
- {
+ if (item ) {
/* send an alert immediately for all the missing records */
- }
- else
+ } else
#endif
#if 0 /* no more alert sending, just retransmit the last set of messages */
- if ( state->timeout.read_timeouts >= DTLS1_TMO_READ_COUNT)
- ssl3_send_alert(s,SSL3_AL_WARNING,
- DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
+ if (state->timeout.read_timeouts >= DTLS1_TMO_READ_COUNT)
+ ssl3_send_alert(s, SSL3_AL_WARNING,
+ DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
#endif
return dtls1_handle_timeout(s);
- }
+}
int
dtls1_get_queue_priority(unsigned short seq, int is_ccs)
- {
+{
/* The index of the retransmission queue actually is the message sequence number,
* since the queue only contains messages of a single handshake. However, the
* ChangeCipherSpec has no message sequence number and so using only the sequence
@@ -1124,11 +1079,11 @@ dtls1_get_queue_priority(unsigned short seq, int is_ccs)
* index (important for priority queues) and fits in the unsigned short variable.
*/
return seq * 2 - is_ccs;
- }
+}
int
dtls1_retransmit_buffered_messages(SSL *s)
- {
+{
pqueue sent = s->d1->sent_messages;
piterator iter;
pitem *item;
@@ -1137,24 +1092,23 @@ dtls1_retransmit_buffered_messages(SSL *s)
iter = pqueue_iterator(sent);
- for ( item = pqueue_next(&iter); item != NULL; item = pqueue_next(&iter))
- {
+ for (item = pqueue_next(&iter); item != NULL; item = pqueue_next(&iter)) {
frag = (hm_fragment *)item->data;
- if ( dtls1_retransmit_message(s,
- (unsigned short)dtls1_get_queue_priority(frag->msg_header.seq, frag->msg_header.is_ccs),
- 0, &found) <= 0 && found)
- {
+ if (dtls1_retransmit_message(s,
+ (unsigned short)dtls1_get_queue_priority(
+ frag->msg_header.seq, frag->msg_header.is_ccs), 0,
+ &found) <= 0 && found) {
fprintf(stderr, "dtls1_retransmit_message() failed\n");
return -1;
- }
}
+ }
return 1;
- }
+}
int
dtls1_buffer_message(SSL *s, int is_ccs)
- {
+{
pitem *item;
hm_fragment *frag;
unsigned char seq64be[8];
@@ -1167,16 +1121,13 @@ dtls1_buffer_message(SSL *s, int is_ccs)
memcpy(frag->fragment, s->init_buf->data, s->init_num);
- if ( is_ccs)
- {
- OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
- ((s->version==DTLS1_VERSION)?DTLS1_CCS_HEADER_LENGTH:3) == (unsigned int)s->init_num);
- }
- else
- {
- OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
- DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
- }
+ if (is_ccs) {
+ OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
+ ((s->version == DTLS1_VERSION) ? DTLS1_CCS_HEADER_LENGTH : 3) == (unsigned int)s->init_num);
+ } else {
+ OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
+ DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
+ }
frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;
frag->msg_header.seq = s->d1->w_msg_hdr.seq;
@@ -1191,38 +1142,37 @@ dtls1_buffer_message(SSL *s, int is_ccs)
frag->msg_header.saved_retransmit_state.compress = s->compress;
frag->msg_header.saved_retransmit_state.session = s->session;
frag->msg_header.saved_retransmit_state.epoch = s->d1->w_epoch;
-
- memset(seq64be,0,sizeof(seq64be));
+
+ memset(seq64be, 0, sizeof(seq64be));
seq64be[6] = (unsigned char)(dtls1_get_queue_priority(frag->msg_header.seq,
- frag->msg_header.is_ccs)>>8);
+ frag->msg_header.is_ccs) >> 8);
seq64be[7] = (unsigned char)(dtls1_get_queue_priority(frag->msg_header.seq,
- frag->msg_header.is_ccs));
+ frag->msg_header.is_ccs));
item = pitem_new(seq64be, frag);
- if ( item == NULL)
- {
+ if (item == NULL) {
dtls1_hm_fragment_free(frag);
return 0;
- }
+ }
#if 0
- fprintf( stderr, "buffered messge: \ttype = %xx\n", msg_buf->type);
- fprintf( stderr, "\t\t\t\t\tlen = %d\n", msg_buf->len);
- fprintf( stderr, "\t\t\t\t\tseq_num = %d\n", msg_buf->seq_num);
+ fprintf(stderr, "buffered messge: \ttype = %xx\n", msg_buf->type);
+ fprintf(stderr, "\t\t\t\t\tlen = %d\n", msg_buf->len);
+ fprintf(stderr, "\t\t\t\t\tseq_num = %d\n", msg_buf->seq_num);
#endif
pqueue_insert(s->d1->sent_messages, item);
return 1;
- }
+}
int
dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
- int *found)
- {
+ int *found)
+{
int ret;
/* XDTLS: for now assuming that read/writes are blocking */
pitem *item;
- hm_fragment *frag ;
+ hm_fragment *frag;
unsigned long header_length;
unsigned char seq64be[8];
struct dtls1_retransmit_state saved_state;
@@ -1234,33 +1184,32 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
*/
/* XDTLS: the requested message ought to be found, otherwise error */
- memset(seq64be,0,sizeof(seq64be));
- seq64be[6] = (unsigned char)(seq>>8);
+ memset(seq64be, 0, sizeof(seq64be));
+ seq64be[6] = (unsigned char)(seq >> 8);
seq64be[7] = (unsigned char)seq;
item = pqueue_find(s->d1->sent_messages, seq64be);
- if ( item == NULL)
- {
+ if (item == NULL) {
fprintf(stderr, "retransmit: message %d non-existant\n", seq);
*found = 0;
return 0;
- }
+ }
*found = 1;
frag = (hm_fragment *)item->data;
- if ( frag->msg_header.is_ccs)
+ if (frag->msg_header.is_ccs)
header_length = DTLS1_CCS_HEADER_LENGTH;
else
header_length = DTLS1_HM_HEADER_LENGTH;
- memcpy(s->init_buf->data, frag->fragment,
- frag->msg_header.msg_len + header_length);
- s->init_num = frag->msg_header.msg_len + header_length;
+ memcpy(s->init_buf->data, frag->fragment,
+ frag->msg_header.msg_len + header_length);
+ s->init_num = frag->msg_header.msg_len + header_length;
- dtls1_set_message_header_int(s, frag->msg_header.type,
- frag->msg_header.msg_len, frag->msg_header.seq, 0,
- frag->msg_header.frag_len);
+ dtls1_set_message_header_int(s, frag->msg_header.type,
+ frag->msg_header.msg_len, frag->msg_header.seq, 0,
+ frag->msg_header.frag_len);
/* save current state */
saved_state.enc_write_ctx = s->enc_write_ctx;
@@ -1269,34 +1218,32 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
saved_state.session = s->session;
saved_state.epoch = s->d1->w_epoch;
saved_state.epoch = s->d1->w_epoch;
-
+
s->d1->retransmitting = 1;
-
+
/* restore state in which the message was originally sent */
s->enc_write_ctx = frag->msg_header.saved_retransmit_state.enc_write_ctx;
s->write_hash = frag->msg_header.saved_retransmit_state.write_hash;
s->compress = frag->msg_header.saved_retransmit_state.compress;
s->session = frag->msg_header.saved_retransmit_state.session;
s->d1->w_epoch = frag->msg_header.saved_retransmit_state.epoch;
-
- if (frag->msg_header.saved_retransmit_state.epoch == saved_state.epoch - 1)
- {
+
+ if (frag->msg_header.saved_retransmit_state.epoch == saved_state.epoch - 1) {
memcpy(save_write_sequence, s->s3->write_sequence, sizeof(s->s3->write_sequence));
memcpy(s->s3->write_sequence, s->d1->last_write_sequence, sizeof(s->s3->write_sequence));
}
-
- ret = dtls1_do_write(s, frag->msg_header.is_ccs ?
- SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE);
-
+
+ ret = dtls1_do_write(s, frag->msg_header.is_ccs ?
+ SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE);
+
/* restore current state */
s->enc_write_ctx = saved_state.enc_write_ctx;
s->write_hash = saved_state.write_hash;
s->compress = saved_state.compress;
s->session = saved_state.session;
s->d1->w_epoch = saved_state.epoch;
-
- if (frag->msg_header.saved_retransmit_state.epoch == saved_state.epoch - 1)
- {
+
+ if (frag->msg_header.saved_retransmit_state.epoch == saved_state.epoch - 1) {
memcpy(s->d1->last_write_sequence, s->s3->write_sequence, sizeof(s->s3->write_sequence));
memcpy(s->s3->write_sequence, save_write_sequence, sizeof(s->s3->write_sequence));
}
@@ -1305,47 +1252,45 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
(void)BIO_flush(SSL_get_wbio(s));
return ret;
- }
+}
/* call this function when the buffered messages are no longer needed */
void
dtls1_clear_record_buffer(SSL *s)
- {
+{
pitem *item;
- for(item = pqueue_pop(s->d1->sent_messages);
- item != NULL; item = pqueue_pop(s->d1->sent_messages))
- {
+ for(item = pqueue_pop(s->d1->sent_messages); item != NULL;
+ item = pqueue_pop(s->d1->sent_messages)) {
dtls1_hm_fragment_free((hm_fragment *)item->data);
pitem_free(item);
- }
}
+}
unsigned char *
dtls1_set_message_header(SSL *s, unsigned char *p, unsigned char mt,
- unsigned long len, unsigned long frag_off, unsigned long frag_len)
- {
+ unsigned long len, unsigned long frag_off, unsigned long frag_len)
+{
/* Don't change sequence numbers while listening */
- if (frag_off == 0 && !s->d1->listen)
- {
+ if (frag_off == 0 && !s->d1->listen) {
s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
s->d1->next_handshake_write_seq++;
- }
+ }
dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq,
- frag_off, frag_len);
+ frag_off, frag_len);
return p += DTLS1_HM_HEADER_LENGTH;
- }
+}
/* don't actually do the writing, wait till the MTU has been retrieved */
static void
dtls1_set_message_header_int(SSL *s, unsigned char mt,
- unsigned long len, unsigned short seq_num, unsigned long frag_off,
- unsigned long frag_len)
- {
+ unsigned long len, unsigned short seq_num, unsigned long frag_off,
+unsigned long frag_len)
+{
struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
msg_hdr->type = mt;
@@ -1353,21 +1298,21 @@ dtls1_set_message_header_int(SSL *s, unsigned char mt,
msg_hdr->seq = seq_num;
msg_hdr->frag_off = frag_off;
msg_hdr->frag_len = frag_len;
- }
+}
static void
dtls1_fix_message_header(SSL *s, unsigned long frag_off,
- unsigned long frag_len)
- {
+ unsigned long frag_len)
+{
struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
msg_hdr->frag_off = frag_off;
msg_hdr->frag_len = frag_len;
- }
+}
static unsigned char *
dtls1_write_message_header(SSL *s, unsigned char *p)
- {
+{
struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
*p++ = msg_hdr->type;
@@ -1378,33 +1323,32 @@ dtls1_write_message_header(SSL *s, unsigned char *p)
l2n3(msg_hdr->frag_len, p);
return p;
- }
+}
-unsigned int
+unsigned int
dtls1_min_mtu(void)
- {
- return (g_probable_mtu[(sizeof(g_probable_mtu) /
- sizeof(g_probable_mtu[0])) - 1]);
- }
+{
+ return (g_probable_mtu[(sizeof(g_probable_mtu) /
+ sizeof(g_probable_mtu[0])) - 1]);
+}
-static unsigned int
+static unsigned int
dtls1_guess_mtu(unsigned int curr_mtu)
- {
+{
unsigned int i;
- if ( curr_mtu == 0 )
- return g_probable_mtu[0] ;
+ if (curr_mtu == 0)
+ return g_probable_mtu[0];
- for ( i = 0; i < sizeof(g_probable_mtu)/sizeof(g_probable_mtu[0]); i++)
- if ( curr_mtu > g_probable_mtu[i])
+ for (i = 0; i < sizeof(g_probable_mtu)/sizeof(g_probable_mtu[0]); i++)
+ if (curr_mtu > g_probable_mtu[i])
return g_probable_mtu[i];
return curr_mtu;
- }
+}
void
-dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
- {
+dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr) {
memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
msg_hdr->type = *(data++);
n2l3(data, msg_hdr->msg_len);
@@ -1412,41 +1356,41 @@ dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
n2s(data, msg_hdr->seq);
n2l3(data, msg_hdr->frag_off);
n2l3(data, msg_hdr->frag_len);
- }
+}
void
-dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr)
- {
+dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr) {
memset(ccs_hdr, 0x00, sizeof(struct ccs_header_st));
ccs_hdr->type = *(data++);
- }
+}
-int dtls1_shutdown(SSL *s)
- {
+int
+dtls1_shutdown(SSL *s)
+{
int ret;
#ifndef OPENSSL_NO_SCTP
if (BIO_dgram_is_sctp(SSL_get_wbio(s)) &&
- !(s->shutdown & SSL_SENT_SHUTDOWN))
- {
+ !(s->shutdown & SSL_SENT_SHUTDOWN)) {
ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));
- if (ret < 0) return -1;
+ if (ret < 0)
+ return -1;
if (ret == 0)
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 1, NULL);
- }
+ }
#endif
ret = ssl3_shutdown(s);
#ifndef OPENSSL_NO_SCTP
BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 0, NULL);
#endif
return ret;
- }
+}
#ifndef OPENSSL_NO_HEARTBEATS
int
dtls1_process_heartbeat(SSL *s)
- {
+{
unsigned char *p = &s->s3->rrec.data[0], *pl;
unsigned short hbtype;
unsigned int payload;
@@ -1454,8 +1398,8 @@ dtls1_process_heartbeat(SSL *s)
if (s->msg_callback)
s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
- &s->s3->rrec.data[0], s->s3->rrec.length,
- s, s->msg_callback_arg);
+ &s->s3->rrec.data[0], s->s3->rrec.length,
+ s, s->msg_callback_arg);
/* Read type and payload length first */
if (1 + 2 + 16 > s->s3->rrec.length)
@@ -1466,12 +1410,11 @@ dtls1_process_heartbeat(SSL *s)
return 0; /* silently discard per RFC 6520 sec. 4 */
pl = p;
- if (hbtype == TLS1_HB_REQUEST)
- {
+ if (hbtype == TLS1_HB_REQUEST) {
unsigned char *buffer, *bp;
unsigned int write_length = 1 /* heartbeat type */ +
- 2 /* heartbeat length */ +
- payload + padding;
+ 2 /* heartbeat length */ +
+ payload + padding;
int r;
if (write_length > SSL3_RT_MAX_PLAIN_LENGTH)
@@ -1496,16 +1439,14 @@ dtls1_process_heartbeat(SSL *s)
if (r >= 0 && s->msg_callback)
s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
- buffer, write_length,
- s, s->msg_callback_arg);
+ buffer, write_length,
+ s, s->msg_callback_arg);
OPENSSL_free(buffer);
if (r < 0)
return r;
- }
- else if (hbtype == TLS1_HB_RESPONSE)
- {
+ } else if (hbtype == TLS1_HB_RESPONSE) {
unsigned int seq;
/* We only send sequence numbers (2 bytes unsigned int),
@@ -1513,20 +1454,19 @@ dtls1_process_heartbeat(SSL *s)
* sequence number */
n2s(pl, seq);
- if (payload == 18 && seq == s->tlsext_hb_seq)
- {
+ if (payload == 18 && seq == s->tlsext_hb_seq) {
dtls1_stop_timer(s);
s->tlsext_hb_seq++;
s->tlsext_hb_pending = 0;
- }
}
+ }
return 0;
- }
+}
int
dtls1_heartbeat(SSL *s)
- {
+{
unsigned char *buf, *p;
int ret;
unsigned int payload = 18; /* Sequence number + random bytes */
@@ -1534,25 +1474,22 @@ dtls1_heartbeat(SSL *s)
/* Only send if peer supports and accepts HB requests... */
if (!(s->tlsext_heartbeat & SSL_TLSEXT_HB_ENABLED) ||
- s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS)
- {
- SSLerr(SSL_F_DTLS1_HEARTBEAT,SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT);
+ s->tlsext_heartbeat & SSL_TLSEXT_HB_DONT_SEND_REQUESTS) {
+ SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PEER_DOESNT_ACCEPT);
return -1;
- }
+ }
/* ...and there is none in flight yet... */
- if (s->tlsext_hb_pending)
- {
- SSLerr(SSL_F_DTLS1_HEARTBEAT,SSL_R_TLS_HEARTBEAT_PENDING);
+ if (s->tlsext_hb_pending) {
+ SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_TLS_HEARTBEAT_PENDING);
return -1;
- }
+ }
/* ...and no handshake in progress. */
- if (SSL_in_init(s) || s->in_handshake)
- {
- SSLerr(SSL_F_DTLS1_HEARTBEAT,SSL_R_UNEXPECTED_MESSAGE);
+ if (SSL_in_init(s) || s->in_handshake) {
+ SSLerr(SSL_F_DTLS1_HEARTBEAT, SSL_R_UNEXPECTED_MESSAGE);
return -1;
- }
+ }
/* Check if padding is too long, payload and padding
* must not exceed 2^14 - 3 = 16381 bytes in total.
@@ -1583,19 +1520,18 @@ dtls1_heartbeat(SSL *s)
RAND_pseudo_bytes(p, padding);
ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
- if (ret >= 0)
- {
+ if (ret >= 0) {
if (s->msg_callback)
s->msg_callback(1, s->version, TLS1_RT_HEARTBEAT,
- buf, 3 + payload + padding,
- s, s->msg_callback_arg);
+ buf, 3 + payload + padding,
+ s, s->msg_callback_arg);
dtls1_start_timer(s);
s->tlsext_hb_pending = 1;
- }
+ }
OPENSSL_free(buf);
return ret;
- }
+}
#endif
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.