if ( s->init_off == 0 && type == SSL3_RT_HANDSHAKE)
OPENSSL_assert(s->init_num ==
- s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
+ (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
frag_off = 0;
while( s->init_num)
dtls1_fix_message_header(s, frag_off,
len - DTLS1_HM_HEADER_LENGTH);
- dtls1_write_message_header(s, &s->init_buf->data[s->init_off]);
+ dtls1_write_message_header(s, (unsigned char *)&s->init_buf->data[s->init_off]);
OPENSSL_assert(len >= DTLS1_HM_HEADER_LENGTH);
}
/* bad if this assert fails, only part of the handshake
* message got sent. but why would this happen? */
- OPENSSL_assert(len == ret);
+ OPENSSL_assert(len == (unsigned int)ret);
if (type == SSL3_RT_HANDSHAKE && ! s->d1->retransmitting)
/* should not be done for 'Hello Request's, but in that case
* Read an entire handshake message. Handshake messages arrive in
* fragments.
*/
-long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max,
- int *ok)
+long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
{
int i, al;
if ((mt >= 0) && (s->s3->tmp.message_type != mt))
{
al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
goto f_err;
}
*ok=1;
else if ( i <= 0 && !*ok)
return i;
- if (s->d1->r_msg_hdr.msg_len == s->init_num - DTLS1_HM_HEADER_LENGTH)
+ if (s->d1->r_msg_hdr.msg_len == (unsigned int)s->init_num - DTLS1_HM_HEADER_LENGTH)
{
memset(&(s->d1->r_msg_hdr), 0x00, sizeof(struct hm_header_st));
frag = (hm_fragment *)item->data;
if ( s->d1->handshake_read_seq == frag->msg_header.seq &&
- frag->msg_header.frag_off <= s->init_num - DTLS1_HM_HEADER_LENGTH)
+ frag->msg_header.frag_off <= (unsigned int)s->init_num - DTLS1_HM_HEADER_LENGTH)
{
pqueue_pop(s->d1->buffered_messages);
overlap = s->init_num - DTLS1_HM_HEADER_LENGTH
{
hm_fragment *frag = NULL;
pitem *item = NULL;
+ PQ_64BIT seq64;
frag = dtls1_hm_fragment_new(msg_hdr->frag_len);
if ( frag == NULL)
memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
- item = pitem_new(msg_hdr->seq, frag);
+ pq_64bit_init(&seq64);
+ pq_64bit_assign_word(&seq64, msg_hdr->seq);
+
+ item = pitem_new(seq64, frag);
if ( item == NULL)
goto err;
+ pq_64bit_free(&seq64);
+
pqueue_insert(s->d1->buffered_messages, item);
return 1;
{
unsigned char *p;
- p = s->init_buf->data;
+ p = (unsigned char *)s->init_buf->data;
ssl3_finish_mac(s, &p[s->init_num - frag_len], frag_len);
}
if ( (int)msg_hdr->frag_len && !BUF_MEM_grow_clean(s->init_buf,
(int)msg_hdr->frag_len + DTLS1_HM_HEADER_LENGTH + s->init_num))
{
- SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);
+ SSLerr(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE,ERR_R_BUF_LIB);
goto err;
}
- p = s->init_buf->data;
+ p = (unsigned char *)s->init_buf->data;
/* read the body of the fragment (header has already been read */
if ( msg_hdr->frag_len > 0)
}
-static long
+static long
dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
{
unsigned char *p;
if ( frag_off + frag_len > l)
{
al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
goto f_err;
}
else /* Incorrectly formated Hello request */
{
al=SSL_AD_UNEXPECTED_MESSAGE;
- SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_UNEXPECTED_MESSAGE);
goto f_err;
}
}
if (l > (INT_MAX-DTLS1_HM_HEADER_LENGTH))
{
al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
goto f_err;
}
if (l && !BUF_MEM_grow_clean(s->init_buf,(int)l
+ DTLS1_HM_HEADER_LENGTH))
{
- SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,ERR_R_BUF_LIB);
goto err;
}
/* Only do this test when we're reading the expected message.
if ( l > (unsigned long)max)
{
al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
goto f_err;
}
if ( frag_len > (unsigned long)max)
{
al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
goto f_err;
}
if ( frag_len + s->init_num > (INT_MAX - DTLS1_HM_HEADER_LENGTH))
{
al=SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
goto f_err;
}
if ( frag_len & !BUF_MEM_grow_clean(s->init_buf, (int)frag_len
+ DTLS1_HM_HEADER_LENGTH + s->init_num))
{
- SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,ERR_R_BUF_LIB);
goto err;
}
s->state=stn;
/* next state (stn) */
- p = s->init_buf->data;
+ p = (unsigned char *)s->init_buf->data;
if ( frag_len > 0)
{
/* XDTLS: an incorrectly formatted fragment should cause the
* handshake to fail */
- OPENSSL_assert(i == frag_len);
+ OPENSSL_assert(i == (int)frag_len);
#if 0
/* Successfully read a fragment.
buf=s->init_buf;
if (!BUF_MEM_grow_clean(buf,10))
{
- SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
+ SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
return(0);
}
if (x != NULL)
{
if(!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL))
{
- SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
+ SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
return(0);
}
n=i2d_X509(x,NULL);
if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
{
- SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
+ SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
return(0);
}
p=(unsigned char *)&(buf->data[l]);
n=i2d_X509(x,NULL);
if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
{
- SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
+ SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
return(0);
}
p=(unsigned char *)&(buf->data[l]);
{
pitem *item;
hm_fragment *frag;
+ PQ_64BIT seq64;
/* this function is called immediately after a message has
* been serialized */
if ( is_ccs)
{
OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
- DTLS1_CCS_HEADER_LENGTH == s->init_num);
+ DTLS1_CCS_HEADER_LENGTH == (unsigned int)s->init_num);
}
else
{
OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
- DTLS1_HM_HEADER_LENGTH == s->init_num);
+ DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
}
frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;
frag->msg_header.frag_len = s->d1->w_msg_hdr.msg_len;
frag->msg_header.is_ccs = is_ccs;
- item = pitem_new(frag->msg_header.seq, frag);
+ pq_64bit_init(&seq64);
+ pq_64bit_assign_word(&seq64, frag->msg_header.seq);
+
+ item = pitem_new(seq64, frag);
+ pq_64bit_free(&seq64);
if ( item == NULL)
{
dtls1_hm_fragment_free(frag);
pitem *item;
hm_fragment *frag ;
unsigned long header_length;
+ PQ_64BIT seq64;
/*
OPENSSL_assert(s->init_num == 0);
*/
/* XDTLS: the requested message ought to be found, otherwise error */
- item = pqueue_find(s->d1->sent_messages, seq);
+ pq_64bit_init(&seq64);
+ pq_64bit_assign_word(&seq64, seq);
+
+ item = pqueue_find(s->d1->sent_messages, seq64);
+ pq_64bit_free(&seq64);
if ( item == NULL)
{
fprintf(stderr, "retransmit: message %d non-existant\n", seq);
static unsigned int
dtls1_guess_mtu(unsigned int curr_mtu)
{
- int i;
+ size_t i;
if ( curr_mtu == 0 )
return g_probable_mtu[0] ;