projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
In BIO_write(), update the write statistics, not the read statistics.
[oweals/openssl.git]
/
ssl
/
d1_pkt.c
diff --git
a/ssl/d1_pkt.c
b/ssl/d1_pkt.c
index 6a68dd110e4a09f1c902bd5de77ab9b616d96211..eb56cf987ba3a12a4da4be7af6f0a46abbe200a4 100644
(file)
--- a/
ssl/d1_pkt.c
+++ b/
ssl/d1_pkt.c
@@
-561,6
+561,7
@@
again:
goto f_err;
}
goto f_err;
}
+ s->client_version = version;
/* now s->rstate == SSL_ST_READ_BODY */
}
/* now s->rstate == SSL_ST_READ_BODY */
}
@@
-596,6
+597,7
@@
again:
/* check whether this is a repeat, or aged record */
if ( ! dtls1_record_replay_check(s, bitmap, &(rr->seq_num)))
{
/* check whether this is a repeat, or aged record */
if ( ! dtls1_record_replay_check(s, bitmap, &(rr->seq_num)))
{
+ rr->length = 0;
s->packet_length=0; /* dump this record */
goto again; /* get another record */
}
s->packet_length=0; /* dump this record */
goto again; /* get another record */
}
@@
-810,6
+812,14
@@
start:
* may be fragmented--don't always expect dest_maxlen bytes */
if ( rr->length < dest_maxlen)
{
* may be fragmented--don't always expect dest_maxlen bytes */
if ( rr->length < dest_maxlen)
{
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+ /*
+ * for normal alerts rr->length is 2, while
+ * dest_maxlen is 7 if we were to handle this
+ * non-existing alert...
+ */
+ FIX ME
+#endif
s->rstate=SSL_ST_READ_HEADER;
rr->length = 0;
goto start;
s->rstate=SSL_ST_READ_HEADER;
rr->length = 0;
goto start;
@@
-1005,8
+1015,8
@@
start:
/* do this whenever CCS is processed */
dtls1_reset_seq_numbers(s, SSL3_CC_READ);
/* do this whenever CCS is processed */
dtls1_reset_seq_numbers(s, SSL3_CC_READ);
- /* handshake read seq is reset upon handshake completion */
- s->d1->handshake_read_seq++;
+ if (s->client_version == DTLS1_BAD_VER)
+
s->d1->handshake_read_seq++;
goto start;
}
goto start;
}
@@
-1250,7
+1260,7
@@
int dtls1_write_bytes(SSL *s, int type, const void *buf_, int len)
else
s->s3->wnum += i;
else
s->s3->wnum += i;
- return
tot +
i;
+ return i;
}
int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment)
}
int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment)
@@
-1575,7
+1585,7
@@
int dtls1_dispatch_alert(SSL *s)
{
int i,j;
void (*cb)(const SSL *ssl,int type,int val)=NULL;
{
int i,j;
void (*cb)(const SSL *ssl,int type,int val)=NULL;
- unsigned char buf[
2 + 2 + 3]; /* alert level + alert desc + message seq +frag_off */
+ unsigned char buf[
DTLS1_AL_HEADER_LENGTH];
unsigned char *ptr = &buf[0];
s->s3->alert_dispatch=0;
unsigned char *ptr = &buf[0];
s->s3->alert_dispatch=0;
@@
-1584,6
+1594,7
@@
int dtls1_dispatch_alert(SSL *s)
*ptr++ = s->s3->send_alert[0];
*ptr++ = s->s3->send_alert[1];
*ptr++ = s->s3->send_alert[0];
*ptr++ = s->s3->send_alert[1];
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE)
{
s2n(s->d1->handshake_read_seq, ptr);
if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE)
{
s2n(s->d1->handshake_read_seq, ptr);
@@
-1599,6
+1610,7
@@
int dtls1_dispatch_alert(SSL *s)
#endif
l2n3(s->d1->r_msg_hdr.frag_off, ptr);
}
#endif
l2n3(s->d1->r_msg_hdr.frag_off, ptr);
}
+#endif
i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0);
if (i <= 0)
i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0);
if (i <= 0)
@@
-1608,8
+1620,11
@@
int dtls1_dispatch_alert(SSL *s)
}
else
{
}
else
{
- if ( s->s3->send_alert[0] == SSL3_AL_FATAL ||
- s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE)
+ if (s->s3->send_alert[0] == SSL3_AL_FATAL
+#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+ || s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
+#endif
+ )
(void)BIO_flush(s->wbio);
if (s->msg_callback)
(void)BIO_flush(s->wbio);
if (s->msg_callback)