* Application data protocol
* none of our business
*/
-int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len)
+int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
{
int al,i,j,ret;
unsigned int n;
if (!ssl3_setup_buffers(s))
return(-1);
- if ((type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type)
+ if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type) ||
+ (peek && (type != SSL3_RT_APPLICATION_DATA)))
{
SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_INTERNAL_ERROR);
return -1;
{
unsigned char *src = s->s3->handshake_fragment;
unsigned char *dst = buf;
+ unsigned int k;
+ /* peek == 0 */
n = 0;
while ((len > 0) && (s->s3->handshake_fragment_len > 0))
{
n++;
}
/* move any remaining fragment bytes: */
- for (i = 0; i < s->s3->handshake_fragment_len; i++)
- s->s3->handshake_fragment[i] = *src++;
+ for (k = 0; k < s->s3->handshake_fragment_len; k++)
+ s->s3->handshake_fragment[k] = *src++;
return n;
}
* s->s3->rrec.length, - number of bytes. */
rr = &(s->s3->rrec);
- /* get new packet */
+ /* get new packet if necessary */
if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY))
{
ret=ssl3_get_record(s);
goto err;
}
- /* If the other end has shutdown, throw anything we read away */
+ /* If the other end has shut down, throw anything we read away
+ * (even in 'peek' mode) */
if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
{
rr->length=0;
n = (unsigned int)len;
memcpy(buf,&(rr->data[rr->off]),n);
- rr->length-=n;
- rr->off+=n;
- if (rr->length == 0)
+ if (!peek)
{
- s->rstate=SSL_ST_READ_HEADER;
- rr->off=0;
+ rr->length-=n;
+ rr->off+=n;
+ if (rr->length == 0)
+ {
+ s->rstate=SSL_ST_READ_HEADER;
+ rr->off=0;
+ }
}
return(n);
}
return(-1);
}
- if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+ if (!(s->mode & SSL_MODE_AUTO_RETRY))
{
- BIO *bio;
- /* In the case where we try to read application data
- * the first time, but we trigger an SSL handshake, we
- * return -1 with the retry option set. I do this
- * otherwise renegotiation can cause nasty problems
- * in the blocking world */ /* ? */
- s->rwstate=SSL_READING;
- bio=SSL_get_rbio(s);
- BIO_clear_retry_flags(bio);
- BIO_set_retry_read(bio);
- return(-1);
+ if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+ {
+ BIO *bio;
+ /* In the case where we try to read application data,
+ * but we trigger an SSL handshake, we return -1 with
+ * the retry option set. Otherwise renegotiation may
+ * cause nasty problems in the blocking world */
+ s->rwstate=SSL_READING;
+ bio=SSL_get_rbio(s);
+ BIO_clear_retry_flags(bio);
+ BIO_set_retry_read(bio);
+ return(-1);
+ }
}
}
}
s->rwstate=SSL_NOTHING;
s->s3->fatal_alert = alert_descr;
SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
- sprintf(tmp,"%d",alert_descr);
+ BIO_snprintf(tmp,sizeof tmp,"%d",alert_descr);
ERR_add_error_data(2,"SSL alert number ",tmp);
s->shutdown|=SSL_RECEIVED_SHUTDOWN;
SSL_CTX_remove_session(s->ctx,s->session);
return(-1);
}
- if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+ if (!(s->mode & SSL_MODE_AUTO_RETRY))
{
- BIO *bio;
- /* In the case where we try to read application data
- * the first time, but we trigger an SSL handshake, we
- * return -1 with the retry option set. I do this
- * otherwise renegotiation can cause nasty problems
- * in the blocking world */ /* ? */
- s->rwstate=SSL_READING;
- bio=SSL_get_rbio(s);
- BIO_clear_retry_flags(bio);
- BIO_set_retry_read(bio);
- return(-1);
+ if (s->s3->rbuf.left == 0) /* no read-ahead left? */
+ {
+ BIO *bio;
+ /* In the case where we try to read application data,
+ * but we trigger an SSL handshake, we return -1 with
+ * the retry option set. Otherwise renegotiation may
+ * cause nasty problems in the blocking world */
+ s->rwstate=SSL_READING;
+ bio=SSL_get_rbio(s);
+ BIO_clear_retry_flags(bio);
+ BIO_set_retry_read(bio);
+ return(-1);
+ }
}
goto start;
}