ssl_ciph.c ssl_stat.c ssl_rsa.c \
ssl_asn1.c ssl_txt.c ssl_algs.c ssl_conf.c \
bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c \
- record/ssl3_buffer.c
+ record/ssl3_buffer.c record/ssl3_record.c
LIBOBJ= \
s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s3_cbc.o \
s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \
ssl_ciph.o ssl_stat.o ssl_rsa.o \
ssl_asn1.o ssl_txt.o ssl_algs.o ssl_conf.o \
bio_ssl.o ssl_err.o kssl.o t1_reneg.o tls_srp.o t1_trce.o ssl_utst.o \
- record/ssl3_buffer.o
+ record/ssl3_buffer.o record/ssl3_record.o
SRC= $(LIBSRC)
#ifndef OPENSSL_NO_HEARTBEATS
int dtls1_process_heartbeat(SSL *s)
{
- unsigned char *p = &s->s3->rrec.data[0], *pl;
+ unsigned char *p, *pl;
unsigned short hbtype;
unsigned int payload;
unsigned int padding = 16; /* Use minimum padding */
+ unsigned int length;
+
+ p = SSL3_RECORD_get_data(RECORD_LAYER_get_rrec(&s->rlayer));
+ length = SSL3_RECORD_get_length(RECORD_LAYER_get_rrec(&s->rlayer));
if (s->msg_callback)
s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
- &s->s3->rrec.data[0], s->s3->rrec.length,
- s, s->msg_callback_arg);
+ p, length, s, s->msg_callback_arg);
/* Read type and payload length first */
- if (1 + 2 + 16 > s->s3->rrec.length)
+ if (1 + 2 + 16 > length)
return 0; /* silently discard */
- if (s->s3->rrec.length > SSL3_RT_MAX_PLAIN_LENGTH)
+ if (length > SSL3_RT_MAX_PLAIN_LENGTH)
return 0; /* silently discard per RFC 6520 sec. 4 */
hbtype = *p++;
n2s(p, payload);
- if (1 + 2 + payload + 16 > s->s3->rrec.length)
+ if (1 + 2 + payload + 16 > length)
return 0; /* silently discard per RFC 6520 sec. 4 */
pl = p;
s->packet_length = rdata->packet_length;
memcpy(RECORD_LAYER_get_rbuf(&s->rlayer), &(rdata->rbuf),
sizeof(SSL3_BUFFER));
- memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD));
+ memcpy(RECORD_LAYER_get_rrec(&s->rlayer), &(rdata->rrec),
+ sizeof(SSL3_RECORD));
/* Set proper sequence number for mac calculation */
memcpy(&(s->s3->read_sequence[2]), &(rdata->packet[5]), 6);
rdata->packet_length = s->packet_length;
memcpy(&(rdata->rbuf), RECORD_LAYER_get_rbuf(&s->rlayer),
sizeof(SSL3_BUFFER));
- memcpy(&(rdata->rrec), &(s->s3->rrec), sizeof(SSL3_RECORD));
+ memcpy(&(rdata->rrec), RECORD_LAYER_get_rrec(&s->rlayer),
+ sizeof(SSL3_RECORD));
item->data = rdata;
s->packet = NULL;
s->packet_length = 0;
memset(RECORD_LAYER_get_rbuf(&s->rlayer), 0, sizeof(SSL3_BUFFER));
- memset(&(s->s3->rrec), 0, sizeof(SSL3_RECORD));
+ memset(RECORD_LAYER_get_rrec(&s->rlayer), 0, sizeof(SSL3_RECORD));
if (!ssl3_setup_buffers(s)) {
SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
if (!dtls1_process_record(s))
return (0);
if (dtls1_buffer_record(s, &(s->d1->processed_rcds),
- s->s3->rrec.seq_num) < 0)
+ SSL3_RECORD_get_seq_num(RECORD_LAYER_get_rrec(&s->rlayer))) < 0)
return -1;
}
}
unsigned int mac_size;
unsigned char md[EVP_MAX_MD_SIZE];
- rr = &(s->s3->rrec);
+ rr = RECORD_LAYER_get_rrec(&s->rlayer);
sess = s->session;
/*
DTLS1_BITMAP *bitmap;
unsigned int is_next_epoch;
- rr = &(s->s3->rrec);
+ rr = RECORD_LAYER_get_rrec(&s->rlayer);
/*
* The epoch may have changed. If so, process all the pending records.
* s->s3->rrec.off, - offset into 'data' for next read
* s->s3->rrec.length, - number of bytes.
*/
- rr = &(s->s3->rrec);
+ rr = RECORD_LAYER_get_rrec(&s->rlayer);
/*
* We are not handshaking and have no data yet, so process data buffered
cmp = satsub64be(seq, bitmap->max_seq_num);
if (cmp > 0) {
- memcpy(s->s3->rrec.seq_num, seq, 8);
+ SSL3_RECORD_set_seq_num(RECORD_LAYER_get_rrec(&s->rlayer), seq);
return 1; /* this record in new */
}
shift = -cmp;
else if (bitmap->map & (1UL << shift))
return 0; /* record previously received */
- memcpy(s->s3->rrec.seq_num, seq, 8);
+ SSL3_RECORD_set_seq_num(RECORD_LAYER_get_rrec(&s->rlayer), seq);
return 1;
}
#define RECORD_LAYER_get_read_ahead(rl) ((rl)->read_ahead)
#define RECORD_LAYER_get_rbuf(rl) (&(rl)->rbuf)
#define RECORD_LAYER_get_wbuf(rl) (&(rl)->wbuf)
+#define RECORD_LAYER_get_rrec(rl) (&(rl)->s->s3->rrec)
--- /dev/null
+/* ssl/record/ssl3_record.c */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "../ssl_locl.h"
+
+void SSL3_RECORD_clear(SSL3_RECORD *r)
+{
+ memset(r->seq_num, 0, sizeof(r->seq_num));
+}
+
+void SSL3_RECORD_release(SSL3_RECORD *r)
+{
+ if (r->comp != NULL)
+ OPENSSL_free(r->comp);
+ r->comp = NULL;
+}
+
+int SSL3_RECORD_setup(SSL3_RECORD *r, size_t len)
+{
+ if (r->comp == NULL)
+ r->comp = (unsigned char *) OPENSSL_malloc(len);
+ if (r->comp == NULL)
+ return 0;
+ return 1;
+}
+
+void SSL3_RECORD_set_seq_num(SSL3_RECORD *r, const unsigned char *seq_num)
+{
+ memcpy(r->seq_num, seq_num, 8);
+}
--- /dev/null
+/* ssl/record/ssl3_record.h */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2015 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+typedef struct ssl3_record_st {
+ /* type of record */
+ /*
+ * r
+ */ int type;
+ /* How many bytes available */
+ /*
+ * rw
+ */ unsigned int length;
+ /*
+ * How many bytes were available before padding was removed? This is used
+ * to implement the MAC check in constant time for CBC records.
+ */
+ /*
+ * rw
+ */ unsigned int orig_len;
+ /* read/write offset into 'buf' */
+ /*
+ * r
+ */ unsigned int off;
+ /* pointer to the record data */
+ /*
+ * rw
+ */ unsigned char *data;
+ /* where the decode bytes are */
+ /*
+ * rw
+ */ unsigned char *input;
+ /* only used with decompression - malloc()ed */
+ /*
+ * r
+ */ unsigned char *comp;
+ /* epoch number, needed by DTLS1 */
+ /*
+ * r
+ */ unsigned long epoch;
+ /* sequence number, needed by DTLS1 */
+ /*
+ * r
+ */ unsigned char seq_num[8];
+} SSL3_RECORD;
+
+#define SSL3_RECORD_get_type(r) ((r)->type)
+#define SSL3_RECORD_get_length(r) ((r)->length)
+#define SSL3_RECORD_get_data(r) ((r)->data)
+#define SSL3_RECORD_get_seq_num(r) ((r)->seq_num)
+
+void SSL3_RECORD_clear(SSL3_RECORD *r);
+void SSL3_RECORD_release(SSL3_RECORD *r);
+int SSL3_RECORD_setup(SSL3_RECORD *r, size_t len);
+void SSL3_RECORD_set_seq_num(SSL3_RECORD *r, const unsigned char *seq_num);
SSL_R_COMPRESSION_LIBRARY_ERROR);
goto err2;
}
- if (s->s3->rrec.comp == NULL)
- s->s3->rrec.comp = (unsigned char *)
- OPENSSL_malloc(SSL3_RT_MAX_PLAIN_LENGTH);
- if (s->s3->rrec.comp == NULL)
+ if(!SSL3_RECORD_setup(RECORD_LAYER_get_rrec(&s->rlayer),
+ SSL3_RT_MAX_PLAIN_LENGTH))
goto err;
}
#endif
enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
} else {
ds = s->enc_read_ctx;
- rec = &(s->s3->rrec);
+ rec = RECORD_LAYER_get_rrec(&s->rlayer);
if (s->enc_read_ctx == NULL)
enc = NULL;
else
seq = &(ssl->s3->write_sequence[0]);
hash = ssl->write_hash;
} else {
- rec = &(ssl->s3->rrec);
+ rec = RECORD_LAYER_get_rrec(&ssl->rlayer);
mac_sec = &(ssl->s3->read_mac_secret[0]);
seq = &(ssl->s3->read_sequence[0]);
hash = ssl->read_hash;
if (s->rstate == SSL_ST_READ_BODY)
return 0;
- return (s->s3->rrec.type ==
- SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
+ return (SSL3_RECORD_get_type(RECORD_LAYER_get_rrec(&s->rlayer))
+ == SSL3_RT_APPLICATION_DATA)
+ ? SSL3_RECORD_get_length(RECORD_LAYER_get_rrec(&s->rlayer)) : 0;
}
int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len)
if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL)
goto err;
memset(s3, 0, sizeof *s3);
- memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
- memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
-
s->s3 = s3;
-
+ SSL3_RECORD_clear(RECORD_LAYER_get_rrec(&s->rlayer));
+ memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
+
#ifndef OPENSSL_NO_SRP
if(!SSL_SRP_CTX_init(s))
goto err;
return;
ssl3_cleanup_key_block(s);
- if (s->s3->rrec.comp != NULL)
- OPENSSL_free(s->s3->rrec.comp);
+ SSL3_RECORD_release(RECORD_LAYER_get_rrec(&s->rlayer));
#ifndef OPENSSL_NO_DH
DH_free(s->s3->tmp.dh);
#endif
if (s->s3->tmp.ca_names != NULL)
sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
- if (s->s3->rrec.comp != NULL) {
- OPENSSL_free(s->s3->rrec.comp);
- s->s3->rrec.comp = NULL;
- }
+ SSL3_RECORD_release(RECORD_LAYER_get_rrec(&s->rlayer));
#ifndef OPENSSL_NO_DH
DH_free(s->s3->tmp.dh);
s->s3->tmp.dh = NULL;
size_t extra;
unsigned empty_record_count = 0;
- rr = &(s->s3->rrec);
+ rr = RECORD_LAYER_get_rrec(&s->rlayer);
sess = s->session;
if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
int i;
SSL3_RECORD *rr;
- rr = &(ssl->s3->rrec);
+ rr = RECORD_LAYER_get_rrec(&ssl->rlayer);
i = COMP_expand_block(ssl->expand, rr->comp,
SSL3_RT_MAX_PLAIN_LENGTH, rr->data,
(int)rr->length);
* s->s3->rrec.off, - offset into 'data' for next read
* s->s3->rrec.length, - number of bytes.
*/
- rr = &(s->s3->rrec);
+ rr = RECORD_LAYER_get_rrec(&s->rlayer);
/* get new packet if necessary */
if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) {
# include <openssl/symhacks.h>
#include "record/ssl3_buffer.h"
+#include "record/ssl3_record.h"
#include "record/rec_layer.h"
# ifdef OPENSSL_BUILD_SHLIBSSL
RECORD_LAYER rlayer;
};
-typedef struct ssl3_record_st {
- /* type of record */
- /*
- * r
- */ int type;
- /* How many bytes available */
- /*
- * rw
- */ unsigned int length;
- /*
- * How many bytes were available before padding was removed? This is used
- * to implement the MAC check in constant time for CBC records.
- */
- /*
- * rw
- */ unsigned int orig_len;
- /* read/write offset into 'buf' */
- /*
- * r
- */ unsigned int off;
- /* pointer to the record data */
- /*
- * rw
- */ unsigned char *data;
- /* where the decode bytes are */
- /*
- * rw
- */ unsigned char *input;
- /* only used with decompression - malloc()ed */
- /*
- * r
- */ unsigned char *comp;
- /* epoch number, needed by DTLS1 */
- /*
- * r
- */ unsigned long epoch;
- /* sequence number, needed by DTLS1 */
- /*
- * r
- */ unsigned char seq_num[8];
-} SSL3_RECORD;
typedef struct ssl3_state_st {
long flags;
int empty_fragment_done;
/* The value of 'extra' when the buffers were initialized */
int init_extra;
- SSL3_RECORD rrec; /* each decoded record goes in here */
+ SSL3_RECORD rrec; /* each decoded record goes in here */
SSL3_RECORD wrec; /* goes out from here */
/*
* storage for Alert/Handshake protocol data received but not yet
SSL_R_COMPRESSION_LIBRARY_ERROR);
goto err2;
}
- if (s->s3->rrec.comp == NULL)
- s->s3->rrec.comp = (unsigned char *)
- OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
- if (s->s3->rrec.comp == NULL)
+ if (SSL3_RECORD_setup(RECORD_LAYER_get_rrec(&s->rlayer),
+ SSL3_RT_MAX_ENCRYPTED_LENGTH))
goto err;
}
#endif
OPENSSL_assert(n >= 0);
}
ds = s->enc_read_ctx;
- rec = &(s->s3->rrec);
+ rec = RECORD_LAYER_get_rrec(&s->rlayer);
if (s->enc_read_ctx == NULL)
enc = NULL;
else
seq = &(ssl->s3->write_sequence[0]);
hash = ssl->write_hash;
} else {
- rec = &(ssl->s3->rrec);
+ rec = RECORD_LAYER_get_rrec(&ssl->rlayer);
seq = &(ssl->s3->read_sequence[0]);
hash = ssl->read_hash;
}
# ifndef OPENSSL_NO_HEARTBEATS
int tls1_process_heartbeat(SSL *s)
{
- unsigned char *p = &s->s3->rrec.data[0], *pl;
+ unsigned char *p, *pl;
unsigned short hbtype;
unsigned int payload;
unsigned int padding = 16; /* Use minimum padding */
+ unsigned int length;
+
+ p = SSL3_RECORD_get_data(RECORD_LAYER_get_rrec(&s->rlayer));
+ length = SSL3_RECORD_get_length(RECORD_LAYER_get_rrec(&s->rlayer));
if (s->msg_callback)
s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
- &s->s3->rrec.data[0], s->s3->rrec.length,
+ p, length,
s, s->msg_callback_arg);
/* Read type and payload length first */
- if (1 + 2 + 16 > s->s3->rrec.length)
+ if (1 + 2 + 16 > length)
return 0; /* silently discard */
hbtype = *p++;
n2s(p, payload);
- if (1 + 2 + payload + 16 > s->s3->rrec.length)
+ if (1 + 2 + payload + 16 > length)
return 0; /* silently discard per RFC 6520 sec. 4 */
pl = p;
projects / oweals / openssl.git / commitdiff