In BIO_write(), update the write statistics, not the read statistics.

[oweals/openssl.git] / ssl / d1_srvr.c

diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index 99f154ba65159a95f2127e6002ff3cacebe3ae17..0bbf8ae7f311b6f25ada781bad2d339973da9b0a 100644 (file)
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -136,33 +136,15 @@ static SSL_METHOD *dtls1_get_server_method(int ver)
                return(NULL);
        }
 
-SSL_METHOD *DTLSv1_server_method(void)
-       {
-       static int init=1;
-       static SSL_METHOD DTLSv1_server_data;
-
-       if (init)
-               {
-               CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-               if (init)
-                       {
-                       memcpy((char *)&DTLSv1_server_data,(char *)dtlsv1_base_method(),
-                               sizeof(SSL_METHOD));
-                       DTLSv1_server_data.ssl_accept=dtls1_accept;
-                       DTLSv1_server_data.get_ssl_method=dtls1_get_server_method;
-                       init=0;
-                       }
-                       
-               CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-               }
-       return(&DTLSv1_server_data);
-       }
+IMPLEMENT_dtls1_meth_func(DTLSv1_server_method,
+                       dtls1_accept,
+                       ssl_undefined_function,
+                       dtls1_get_server_method)
 
 int dtls1_accept(SSL *s)
        {
        BUF_MEM *buf;
-       unsigned long l,Time=time(NULL);
+       unsigned long l,Time=(unsigned long)time(NULL);
        void (*cb)(const SSL *ssl,int type,int val)=NULL;
        long num1;
        int ret= -1;
@@ -303,6 +285,10 @@ int dtls1_accept(SSL *s)
                        s->d1->send_cookie = 0;
                        s->state=SSL3_ST_SW_FLUSH;
                        s->s3->tmp.next_state=SSL3_ST_SR_CLNT_HELLO_A;
+
+                       /* HelloVerifyRequests resets Finished MAC */
+                       if (s->client_version != DTLS1_BAD_VER)
+                               ssl3_init_finished_mac(s);
                        break;
                        
                case SSL3_ST_SW_SRVR_HELLO_A:
@@ -638,20 +624,24 @@ int dtls1_send_hello_verify_request(SSL *s)
                buf = (unsigned char *)s->init_buf->data;
 
                msg = p = &(buf[DTLS1_HM_HEADER_LENGTH]);
-               *(p++) = s->version >> 8;
-               *(p++) = s->version & 0xFF;
+               if (s->client_version == DTLS1_BAD_VER)
+                       *(p++) = DTLS1_BAD_VER>>8,
+                       *(p++) = DTLS1_BAD_VER&0xff;
+               else
+                       *(p++) = s->version >> 8,
+                       *(p++) = s->version & 0xFF;
 
-               *(p++) = (unsigned char) s->d1->cookie_len;
-        if ( s->ctx->app_gen_cookie_cb != NULL &&
-            s->ctx->app_gen_cookie_cb(s, s->d1->cookie, 
-                &(s->d1->cookie_len)) == 0)
-            {
+               if (s->ctx->app_gen_cookie_cb != NULL &&
+                   s->ctx->app_gen_cookie_cb(s, s->d1->cookie, 
+                   &(s->d1->cookie_len)) == 0)
+                       {
                        SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,ERR_R_INTERNAL_ERROR);
-            return 0;
-            }
-        /* else the cookie is assumed to have 
-         * been initialized by the application */
+                       return 0;
+                       }
+               /* else the cookie is assumed to have 
+                * been initialized by the application */
 
+               *(p++) = (unsigned char) s->d1->cookie_len;
                memcpy(p, s->d1->cookie, s->d1->cookie_len);
                p += s->d1->cookie_len;
                msg_len = p - msg;
@@ -676,21 +666,26 @@ int dtls1_send_server_hello(SSL *s)
        {
        unsigned char *buf;
        unsigned char *p,*d;
-       int i,sl;
+       int i;
+       unsigned int sl;
        unsigned long l,Time;
 
        if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
                {
                buf=(unsigned char *)s->init_buf->data;
                p=s->s3->server_random;
-               Time=time(NULL);                        /* Time */
+               Time=(unsigned long)time(NULL);                 /* Time */
                l2n(Time,p);
                RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
                /* Do the message type and length last */
                d=p= &(buf[DTLS1_HM_HEADER_LENGTH]);
 
-               *(p++)=s->version>>8;
-               *(p++)=s->version&0xff;
+               if (s->client_version == DTLS1_BAD_VER)
+                       *(p++)=DTLS1_BAD_VER>>8,
+                       *(p++)=DTLS1_BAD_VER&0xff;
+               else
+                       *(p++)=s->version>>8,
+                       *(p++)=s->version&0xff;
 
                /* Random stuff */
                memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
@@ -722,10 +717,14 @@ int dtls1_send_server_hello(SSL *s)
                p+=i;
 
                /* put the compression method */
+#ifdef OPENSSL_NO_COMP
+               *(p++)=0;
+#else
                if (s->s3->tmp.new_compression == NULL)
                        *(p++)=0;
                else
                        *(p++)=s->s3->tmp.new_compression->id;
+#endif
 
                /* do the header */
                l=(p-d);
@@ -733,7 +732,7 @@ int dtls1_send_server_hello(SSL *s)
 
                d = dtls1_set_message_header(s, d, SSL3_MT_SERVER_HELLO, l, 0, l);
 
-               s->state=SSL3_ST_CW_CLNT_HELLO_B;
+               s->state=SSL3_ST_SW_SRVR_HELLO_B;
                /* number of bytes to write */
                s->init_num=p-buf;
                s->init_off=0;
@@ -742,7 +741,7 @@ int dtls1_send_server_hello(SSL *s)
                dtls1_buffer_message(s, 0);
                }
 
-       /* SSL3_ST_CW_CLNT_HELLO_B */
+       /* SSL3_ST_SW_SRVR_HELLO_B */
        return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
        }
 
@@ -766,7 +765,7 @@ int dtls1_send_server_done(SSL *s)
                dtls1_buffer_message(s, 0);
                }
 
-       /* SSL3_ST_CW_CLNT_HELLO_B */
+       /* SSL3_ST_SW_SRVR_DONE_B */
        return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
        }
 
@@ -1022,6 +1021,7 @@ int dtls1_send_certificate_request(SSL *s)
        STACK_OF(X509_NAME) *sk=NULL;
        X509_NAME *name;
        BUF_MEM *buf;
+       unsigned int msg_len;
 
        if (s->state == SSL3_ST_SW_CERT_REQ_A)
                {
@@ -1099,6 +1099,10 @@ int dtls1_send_certificate_request(SSL *s)
 #endif
 
                /* XDTLS:  set message header ? */
+               msg_len = s->init_num - DTLS1_HM_HEADER_LENGTH;
+               dtls1_set_message_header(s, (void *)s->init_buf->data,
+                       SSL3_MT_CERTIFICATE_REQUEST, msg_len, 0, msg_len);
+
                /* buffer the message to handle re-xmits */
                dtls1_buffer_message(s, 0);