projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
PR: 1828
[oweals/openssl.git]
/
ssl
/
d1_pkt.c
diff --git
a/ssl/d1_pkt.c
b/ssl/d1_pkt.c
index 333a26c0c2845f981f94888070340721bd42a14f..b0ab1e850cafe00b717690767b25c57863d5b8c7 100644
(file)
--- a/
ssl/d1_pkt.c
+++ b/
ssl/d1_pkt.c
@@
-120,6
+120,7
@@
#include <openssl/evp.h>
#include <openssl/buffer.h>
#include <openssl/pqueue.h>
#include <openssl/evp.h>
#include <openssl/buffer.h>
#include <openssl/pqueue.h>
+#include <openssl/rand.h>
static int have_handshake_fragment(SSL *s, int type, unsigned char *buf,
int len, int peek);
static int have_handshake_fragment(SSL *s, int type, unsigned char *buf,
int len, int peek);
@@
-560,6
+561,7
@@
again:
goto f_err;
}
goto f_err;
}
+ s->client_version = version;
/* now s->rstate == SSL_ST_READ_BODY */
}
/* now s->rstate == SSL_ST_READ_BODY */
}
@@
-595,6
+597,7
@@
again:
/* check whether this is a repeat, or aged record */
if ( ! dtls1_record_replay_check(s, bitmap, &(rr->seq_num)))
{
/* check whether this is a repeat, or aged record */
if ( ! dtls1_record_replay_check(s, bitmap, &(rr->seq_num)))
{
+ rr->length = 0;
s->packet_length=0; /* dump this record */
goto again; /* get another record */
}
s->packet_length=0; /* dump this record */
goto again; /* get another record */
}
@@
-809,6
+812,14
@@
start:
* may be fragmented--don't always expect dest_maxlen bytes */
if ( rr->length < dest_maxlen)
{
* may be fragmented--don't always expect dest_maxlen bytes */
if ( rr->length < dest_maxlen)
{
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+ /*
+ * for normal alerts rr->length is 2, while
+ * dest_maxlen is 7 if we were to handle this
+ * non-existing alert...
+ */
+ FIX ME
+#endif
s->rstate=SSL_ST_READ_HEADER;
rr->length = 0;
goto start;
s->rstate=SSL_ST_READ_HEADER;
rr->length = 0;
goto start;
@@
-931,7
+942,9
@@
start:
n2s(p, seq);
n2l3(p, frag_off);
n2s(p, seq);
n2l3(p, frag_off);
- dtls1_retransmit_message(s, seq, frag_off, &found);
+ dtls1_retransmit_message(s,
+ dtls1_get_queue_priority(frag->msg_header.seq, 0),
+ frag_off, &found);
if ( ! found && SSL_in_init(s))
{
/* fprintf( stderr,"in init = %d\n", SSL_in_init(s)); */
if ( ! found && SSL_in_init(s))
{
/* fprintf( stderr,"in init = %d\n", SSL_in_init(s)); */
@@
-1004,8
+1017,8
@@
start:
/* do this whenever CCS is processed */
dtls1_reset_seq_numbers(s, SSL3_CC_READ);
/* do this whenever CCS is processed */
dtls1_reset_seq_numbers(s, SSL3_CC_READ);
- /* handshake read seq is reset upon handshake completion */
- s->d1->handshake_read_seq++;
+ if (s->client_version == DTLS1_BAD_VER)
+
s->d1->handshake_read_seq++;
goto start;
}
goto start;
}
@@
-1024,6
+1037,16
@@
start:
goto start;
}
goto start;
}
+ /* If we are server, we may have a repeated FINISHED of the
+ * client here, then retransmit our CCS and FINISHED.
+ */
+ if (msg_hdr.type == SSL3_MT_FINISHED)
+ {
+ dtls1_retransmit_buffered_messages(s);
+ rr->length = 0;
+ goto start;
+ }
+
if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
{
if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
{
@@
-1249,7
+1272,7
@@
int dtls1_write_bytes(SSL *s, int type, const void *buf_, int len)
else
s->s3->wnum += i;
else
s->s3->wnum += i;
- return
tot +
i;
+ return i;
}
int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment)
}
int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment)
@@
-1395,8
+1418,14
@@
int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len,
/* ssl3_enc can only have an error on read */
/* ssl3_enc can only have an error on read */
- wr->length += bs; /* bs != 0 in case of CBC. The enc fn provides
- * the randomness */
+ if (bs) /* bs != 0 in case of CBC */
+ {
+ RAND_pseudo_bytes(p,bs);
+ /* master IV and last CBC residue stand for
+ * the rest of randomness */
+ wr->length += bs;
+ }
+
s->method->ssl3_enc->enc(s,1);
/* record length after mac and block padding */
s->method->ssl3_enc->enc(s,1);
/* record length after mac and block padding */
@@
-1568,7
+1597,7
@@
int dtls1_dispatch_alert(SSL *s)
{
int i,j;
void (*cb)(const SSL *ssl,int type,int val)=NULL;
{
int i,j;
void (*cb)(const SSL *ssl,int type,int val)=NULL;
- unsigned char buf[
2 + 2 + 3]; /* alert level + alert desc + message seq +frag_off */
+ unsigned char buf[
DTLS1_AL_HEADER_LENGTH];
unsigned char *ptr = &buf[0];
s->s3->alert_dispatch=0;
unsigned char *ptr = &buf[0];
s->s3->alert_dispatch=0;
@@
-1577,6
+1606,7
@@
int dtls1_dispatch_alert(SSL *s)
*ptr++ = s->s3->send_alert[0];
*ptr++ = s->s3->send_alert[1];
*ptr++ = s->s3->send_alert[0];
*ptr++ = s->s3->send_alert[1];
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE)
{
s2n(s->d1->handshake_read_seq, ptr);
if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE)
{
s2n(s->d1->handshake_read_seq, ptr);
@@
-1592,6
+1622,7
@@
int dtls1_dispatch_alert(SSL *s)
#endif
l2n3(s->d1->r_msg_hdr.frag_off, ptr);
}
#endif
l2n3(s->d1->r_msg_hdr.frag_off, ptr);
}
+#endif
i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0);
if (i <= 0)
i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0);
if (i <= 0)
@@
-1601,8
+1632,11
@@
int dtls1_dispatch_alert(SSL *s)
}
else
{
}
else
{
- if ( s->s3->send_alert[0] == SSL3_AL_FATAL ||
- s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE)
+ if (s->s3->send_alert[0] == SSL3_AL_FATAL
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+ || s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+#endif
+ )
(void)BIO_flush(s->wbio);
if (s->msg_callback)
(void)BIO_flush(s->wbio);
if (s->msg_callback)
@@
-1736,6
+1770,7
@@
dtls1_reset_seq_numbers(SSL *s, int rw)
else
{
seq = s->s3->write_sequence;
else
{
seq = s->s3->write_sequence;
+ memcpy(s->d1->last_write_sequence, seq, sizeof(s->s3->write_sequence));
s->d1->w_epoch++;
}
s->d1->w_epoch++;
}