* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* Application data protocol
* none of our business
*/
-int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len)
+int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
{
- int al,i,j,n,ret;
+ int al,i,j,ret;
+ unsigned int n;
SSL3_RECORD *rr;
void (*cb)()=NULL;
+ if (peek)
+ {
+ SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_FIXME); /* proper implementation not yet completed */
+ return -1;
+ }
+
if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
if (!ssl3_setup_buffers(s))
return(-1);
{
unsigned char *src = s->s3->handshake_fragment;
unsigned char *dst = buf;
+ unsigned int k;
n = 0;
while ((len > 0) && (s->s3->handshake_fragment_len > 0))
n++;
}
/* move any remaining fragment bytes: */
- for (i = 0; i < s->s3->handshake_fragment_len; i++)
- s->s3->handshake_fragment[i] = *src++;
+ for (k = 0; k < s->s3->handshake_fragment_len; k++)
+ s->s3->handshake_fragment[k] = *src++;
return n;
}
if (len <= 0) return(len);
if ((unsigned int)len > rr->length)
- n=rr->length;
+ n = rr->length;
else
- n=len;
+ n = (unsigned int)len;
- memcpy(buf,&(rr->data[rr->off]),(unsigned int)n);
+ memcpy(buf,&(rr->data[rr->off]),n);
rr->length-=n;
rr->off+=n;
if (rr->length == 0)
* fill that so that we can process the data at a fixed place.
*/
{
- int dest_maxlen = 0;
+ unsigned int dest_maxlen = 0;
unsigned char *dest = NULL;
- int *dest_len = NULL;
+ unsigned int *dest_len = NULL;
if (rr->type == SSL3_RT_HANDSHAKE)
{
ssl3_renegotiate(s);
if (ssl3_renegotiate_check(s))
{
- n=s->handshake_func(s);
- if (n < 0) return(n);
- if (n == 0)
+ i=s->handshake_func(s);
+ if (i < 0) return(i);
+ if (i == 0)
{
SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
return(-1);
}
- if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+ if (!(s->mode & SSL_MODE_AUTO_RETRY))
{
- BIO *bio;
- /* In the case where we try to read application data
- * the first time, but we trigger an SSL handshake, we
- * return -1 with the retry option set. I do this
- * otherwise renegotiation can cause nasty problems
- * in the blocking world */ /* ? */
- s->rwstate=SSL_READING;
- bio=SSL_get_rbio(s);
- BIO_clear_retry_flags(bio);
- BIO_set_retry_read(bio);
- return(-1);
+ if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+ {
+ BIO *bio;
+ /* In the case where we try to read application data,
+ * but we trigger an SSL handshake, we return -1 with
+ * the retry option set. Otherwise renegotiation may
+ * cause nasty problems in the blocking world */
+ s->rwstate=SSL_READING;
+ bio=SSL_get_rbio(s);
+ BIO_clear_retry_flags(bio);
+ BIO_set_retry_read(bio);
+ return(-1);
+ }
}
}
}
if (s->s3->alert_fragment_len >= 2)
{
- i = s->s3->alert_fragment[0];
- n = s->s3->alert_fragment[1];
+ int alert_level = s->s3->alert_fragment[0];
+ int alert_descr = s->s3->alert_fragment[1];
s->s3->alert_fragment_len = 0;
if (cb != NULL)
{
- j=(i<<8)|n;
- cb(s,SSL_CB_READ_ALERT,j);
+ j = (alert_level << 8) | alert_descr;
+ cb(s, SSL_CB_READ_ALERT, j);
}
- if (i == 1) /* warning */
+ if (alert_level == 1) /* warning */
{
- s->s3->warn_alert=n;
- if (n == SSL_AD_CLOSE_NOTIFY)
+ s->s3->warn_alert = alert_descr;
+ if (alert_descr == SSL_AD_CLOSE_NOTIFY)
{
- s->shutdown|=SSL_RECEIVED_SHUTDOWN;
+ s->shutdown |= SSL_RECEIVED_SHUTDOWN;
return(0);
}
}
- else if (i == 2) /* fatal */
+ else if (alert_level == 2) /* fatal */
{
char tmp[16];
s->rwstate=SSL_NOTHING;
- s->s3->fatal_alert=n;
- SSLerr(SSL_F_SSL3_READ_BYTES,
- SSL_AD_REASON_OFFSET+n);
- sprintf(tmp,"%d",n);
+ s->s3->fatal_alert = alert_descr;
+ SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
+ BIO_snprintf(tmp,sizeof tmp,"%d",alert_descr);
ERR_add_error_data(2,"SSL alert number ",tmp);
s->shutdown|=SSL_RECEIVED_SHUTDOWN;
SSL_CTX_remove_session(s->ctx,s->session);
#endif
s->new_session=1;
}
- n=s->handshake_func(s);
- if (n < 0) return(n);
- if (n == 0)
+ i=s->handshake_func(s);
+ if (i < 0) return(i);
+ if (i == 0)
{
SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
return(-1);
}
- if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+ if (!(s->mode & SSL_MODE_AUTO_RETRY))
{
- BIO *bio;
- /* In the case where we try to read application data
- * the first time, but we trigger an SSL handshake, we
- * return -1 with the retry option set. I do this
- * otherwise renegotiation can cause nasty problems
- * in the blocking world */ /* ? */
- s->rwstate=SSL_READING;
- bio=SSL_get_rbio(s);
- BIO_clear_retry_flags(bio);
- BIO_set_retry_read(bio);
- return(-1);
+ if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+ {
+ BIO *bio;
+ /* In the case where we try to read application data,
+ * but we trigger an SSL handshake, we return -1 with
+ * the retry option set. Otherwise renegotiation may
+ * cause nasty problems in the blocking world */
+ s->rwstate=SSL_READING;
+ bio=SSL_get_rbio(s);
+ BIO_clear_retry_flags(bio);
+ BIO_set_retry_read(bio);
+ return(-1);
+ }
}
goto start;
}