1. "unsigned long long" isn't portable changed: to BN_ULLONG.
2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used.
2. Avoid lots of compiler warnings about signed/unsigned mismatches.
3. Include new library directory pqueue in mk1mf build system.
4. Update symbols.
#endif
struct sockaddr peer;
- socklen_t peerlen = sizeof(peer);
+ int peerlen = sizeof(peer);
int enable_timeouts = 0 ;
long mtu = 0;
struct timeval timeout;
sbio=BIO_new_dgram(s,BIO_NOCLOSE);
- if (getsockname(s, &peer, &peerlen) < 0)
+ if (getsockname(s, &peer, (void *)&peerlen) < 0)
{
BIO_printf(bio_err, "getsockname:errno=%d\n",
get_last_socket_error());
#define USE_SOCKETS
#include "cryptlib.h"
-#include <sys/socket.h>
-
#include <openssl/bio.h>
#define IP_MTU 14 /* linux is lame */
bio_dgram_data *data = (bio_dgram_data *)b->ptr;
struct sockaddr peer;
- socklen_t peerlen = sizeof(peer);
+ int peerlen = sizeof(peer);
if (out != NULL)
{
clear_socket_error();
memset(&peer, 0x00, peerlen);
- ret=recvfrom(b->num,out,outl,0,&peer,&peerlen);
+ /* Last arg in recvfrom is signed on some platforms and
+ * unsigned on others. It is of type socklen_t on some
+ * but this is not universal. Cast to (void *) to avoid
+ * compiler warnings.
+ */
+ ret=recvfrom(b->num,out,outl,0,&peer,(void *)&peerlen);
if ( ! data->connected && ret > 0)
BIO_ctrl(b, BIO_CTRL_DGRAM_CONNECT, 0, &peer);
#endif
case BIO_CTRL_DGRAM_QUERY_MTU:
sockopt_len = sizeof(sockopt_val);
- if ((ret = getsockopt(b->num, IPPROTO_IP, IP_MTU, &sockopt_val,
+ if ((ret = getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val,
&sockopt_len)) < 0 || sockopt_val < 0)
{ ret = 0; }
else
break;
case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
if ( getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
- ptr, (socklen_t *)&ret) < 0)
+ ptr, (void *)&ret) < 0)
{ perror("getsockopt"); ret = -1; }
break;
case BIO_CTRL_DGRAM_SET_SEND_TIMEOUT:
break;
case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
if ( getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
- ptr, (socklen_t *)&ret) < 0)
+ ptr, (void *)&ret) < 0)
{ perror("getsockopt"); ret = -1; }
break;
case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
else
ret = 0;
break;
+#ifdef EMSGSIZE
case BIO_CTRL_DGRAM_MTU_EXCEEDED:
if ( data->_errno == EMSGSIZE)
{
else
ret = 0;
break;
+#endif
default:
ret=0;
break;
*
*/
+#include "cryptlib.h"
+#include <openssl/bn.h>
#include "pqueue.h"
-#include "crypto.h"
typedef struct _pqueue
{
} pqueue_s;
pitem *
-pitem_new(unsigned long long priority, void *data)
+pitem_new(BN_ULLONG priority, void *data)
{
pitem *item = (pitem *) OPENSSL_malloc(sizeof(pitem));
if (item == NULL) return NULL;
}
pitem *
-pqueue_find(pqueue_s *pq, unsigned long long priority)
+pqueue_find(pqueue_s *pq, BN_ULLONG priority)
{
pitem *next, *prev = NULL;
pitem *found = NULL;
typedef struct _pitem
{
- unsigned long long priority;
+ BN_ULLONG priority;
void *data;
struct _pitem *next;
} pitem;
typedef struct _pitem *piterator;
-pitem *pitem_new(unsigned long long priority, void *data);
+pitem *pitem_new(BN_ULLONG priority, void *data);
void pitem_free(pitem *item);
pqueue pqueue_new(void);
pitem *pqueue_insert(pqueue pq, pitem *item);
pitem *pqueue_peek(pqueue pq);
pitem *pqueue_pop(pqueue pq);
-pitem *pqueue_find(pqueue pq, unsigned long long priority);
+pitem *pqueue_find(pqueue pq, BN_ULLONG priority);
pitem *pqueue_iterator(pqueue pq);
pitem *pqueue_next(piterator *iter);
if ( s->init_off == 0 && type == SSL3_RT_HANDSHAKE)
OPENSSL_assert(s->init_num ==
- s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
+ (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
frag_off = 0;
while( s->init_num)
/* bad if this assert fails, only part of the handshake
* message got sent. but why would this happen? */
- OPENSSL_assert(len == ret);
+ OPENSSL_assert(len == (unsigned int)ret);
if (type == SSL3_RT_HANDSHAKE && ! s->d1->retransmitting)
/* should not be done for 'Hello Request's, but in that case
else if ( i <= 0 && !*ok)
return i;
- if (s->d1->r_msg_hdr.msg_len == s->init_num - DTLS1_HM_HEADER_LENGTH)
+ if (s->d1->r_msg_hdr.msg_len == (unsigned int)s->init_num - DTLS1_HM_HEADER_LENGTH)
{
memset(&(s->d1->r_msg_hdr), 0x00, sizeof(struct hm_header_st));
frag = (hm_fragment *)item->data;
if ( s->d1->handshake_read_seq == frag->msg_header.seq &&
- frag->msg_header.frag_off <= s->init_num - DTLS1_HM_HEADER_LENGTH)
+ frag->msg_header.frag_off <= (unsigned int)s->init_num - DTLS1_HM_HEADER_LENGTH)
{
pqueue_pop(s->d1->buffered_messages);
overlap = s->init_num - DTLS1_HM_HEADER_LENGTH
/* XDTLS: an incorrectly formatted fragment should cause the
* handshake to fail */
- OPENSSL_assert(i == frag_len);
+ OPENSSL_assert(i == (int)frag_len);
#if 0
/* Successfully read a fragment.
if ( is_ccs)
{
OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
- DTLS1_CCS_HEADER_LENGTH == s->init_num);
+ DTLS1_CCS_HEADER_LENGTH == (unsigned int)s->init_num);
}
else
{
OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
- DTLS1_HM_HEADER_LENGTH == s->init_num);
+ DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
}
frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;
static int have_handshake_fragment(SSL *s, int type, unsigned char *buf,
int len, int peek);
static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap,
- unsigned long long *seq_num);
+ BN_ULLONG *seq_num);
static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap);
static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
unsigned int *is_next_epoch);
unsigned short *priority, unsigned long *offset);
#endif
static int dtls1_buffer_record(SSL *s, record_pqueue *q,
- unsigned long long priority);
+ BN_ULLONG priority);
static int dtls1_process_record(SSL *s);
-static unsigned long long bytes_to_long_long(unsigned char *bytes);
-static void long_long_to_bytes(unsigned long long num, unsigned char *bytes);
+static BN_ULLONG bytes_to_long_long(unsigned char *bytes);
+static void long_long_to_bytes(BN_ULLONG num, unsigned char *bytes);
static void dtls1_clear_timeouts(SSL *s);
static int
-dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned long long priority)
+dtls1_buffer_record(SSL *s, record_pqueue *queue, BN_ULLONG priority)
{
DTLS1_RECORD_DATA *rdata;
pitem *item;
dtls1_get_buffered_record(SSL *s)
{
pitem *item;
- unsigned long long priority =
- (((unsigned long long)s->d1->handshake_read_seq) << 32) |
- ((unsigned long long)s->d1->r_msg_hdr.frag_off);
+ BN_ULLONG priority =
+ (((BN_ULLONG)s->d1->handshake_read_seq) << 32) |
+ ((BN_ULLONG)s->d1->r_msg_hdr.frag_off);
if ( ! SSL_in_init(s)) /* if we're not (re)negotiating,
nothing buffered */
unsigned char *p;
short version;
DTLS1_BITMAP *bitmap;
- unsigned long long read_sequence;
+ BN_ULLONG read_sequence;
unsigned int is_next_epoch;
rr= &(s->s3->rrec);
return i;
}
- if ( s->s3->wnum + i == len)
+ if ( (int)s->s3->wnum + i == len)
s->s3->wnum = 0;
else
s->s3->wnum += i;
/* buffer the record, making it easy to handle retransmits */
if ( type == SSL3_RT_HANDSHAKE || type == SSL3_RT_CHANGE_CIPHER_SPEC)
dtls1_buffer_record(s, wr->data, wr->length,
- *((unsigned long long *)&(s->s3->write_sequence[0])));
+ *((BN_ULLONG *)&(s->s3->write_sequence[0])));
#endif
ssl3_record_sequence_update(&(s->s3->write_sequence[0]));
static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap,
- unsigned long long *seq_num)
+ BN_ULLONG *seq_num)
{
- unsigned long long mask = 0x0000000000000001LL;
- unsigned long long rcd_num;
+ BN_ULLONG mask = 0x0000000000000001L;
+ BN_ULLONG rcd_num;
rcd_num = bytes_to_long_long(s->s3->read_sequence);
static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap)
{
unsigned int shift;
- unsigned long long mask = 0x0000000000000001L;
- unsigned long long rcd_num;
+ BN_ULLONG mask = 0x0000000000000001L;
+ BN_ULLONG rcd_num;
rcd_num = bytes_to_long_long(s->s3->read_sequence);
if (rcd_num >= bitmap->max_seq_num)
{
- shift = rcd_num - bitmap->max_seq_num + 1;
+ shift = (unsigned int)(rcd_num - bitmap->max_seq_num) + 1;
bitmap->max_seq_num = rcd_num + 1;
bitmap->map <<= shift;
- bitmap->map |= 0x0000000000000001LL;
+ bitmap->map |= 0x0000000000000001L;
}
else
{
return &s->d1->bitmap;
/* Only HM and ALERT messages can be from the next epoch */
- else if (rr->epoch == s->d1->r_epoch + 1 &&
+ else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) &&
(rr->type == SSL3_RT_HANDSHAKE ||
rr->type == SSL3_RT_ALERT))
{
}
-static unsigned long long
+static BN_ULLONG
bytes_to_long_long(unsigned char *bytes)
{
- unsigned long long num;
+ BN_ULLONG num;
- num = (((unsigned long long)bytes[0]) << 56) |
- (((unsigned long long)bytes[1]) << 48) |
- (((unsigned long long)bytes[2]) << 40) |
- (((unsigned long long)bytes[3]) << 32) |
- (((unsigned long long)bytes[4]) << 24) |
- (((unsigned long long)bytes[5]) << 16) |
- (((unsigned long long)bytes[6]) << 8) |
- (((unsigned long long)bytes[7]) );
+ num = (((BN_ULLONG)bytes[0]) << 56) |
+ (((BN_ULLONG)bytes[1]) << 48) |
+ (((BN_ULLONG)bytes[2]) << 40) |
+ (((BN_ULLONG)bytes[3]) << 32) |
+ (((BN_ULLONG)bytes[4]) << 24) |
+ (((BN_ULLONG)bytes[5]) << 16) |
+ (((BN_ULLONG)bytes[6]) << 8) |
+ (((BN_ULLONG)bytes[7]) );
return num;
}
static void
-long_long_to_bytes(unsigned long long num, unsigned char *bytes)
+long_long_to_bytes(BN_ULLONG num, unsigned char *bytes)
{
bytes[0] = (unsigned char)((num >> 56)&0xff);
bytes[1] = (unsigned char)((num >> 48)&0xff);
typedef struct dtls1_bitmap_st
{
- unsigned long long map;
+ BN_ULLONG map;
unsigned long length; /* sizeof the bitmap in bits */
- unsigned long long max_seq_num; /* max record number seen so far */
+ BN_ULLONG max_seq_num; /* max record number seen so far */
} DTLS1_BITMAP;
struct hm_header_st
unsigned short handshake_read_seq;
/* only matters for handshake messages */
- unsigned long long next_expected_seq_num;
+ BN_ULLONG next_expected_seq_num;
/* Received handshake records (processed and unprocessed) */
record_pqueue unprocessed_rcds;
int ssl3_get_client_hello(SSL *s)
{
int i,j,ok,al,ret= -1;
- int cookie_len;
+ unsigned int cookie_len;
long n;
unsigned long id;
unsigned char *p,*d,*q;
/*rw*/ unsigned char *input; /* where the decode bytes are */
/*r */ unsigned char *comp; /* only used with decompression - malloc()ed */
/*r */ unsigned long epoch; /* epoch number, needed by DTLS1 */
-/*r */ unsigned long long seq_num; /* sequence number, needed by DTLS1 */
+/*r */ BN_ULLONG seq_num; /* sequence number, needed by DTLS1 */
} SSL3_RECORD;
typedef struct ssl3_buffer_st
*((c)++)=(unsigned char)(((l)>> 8)&0xff), \
*((c)++)=(unsigned char)(((l) )&0xff))
-#define n2l6(c,l) (l =((unsigned long long)(*((c)++)))<<40, \
- l|=((unsigned long long)(*((c)++)))<<32, \
- l|=((unsigned long long)(*((c)++)))<<24, \
- l|=((unsigned long long)(*((c)++)))<<16, \
- l|=((unsigned long long)(*((c)++)))<< 8, \
- l|=((unsigned long long)(*((c)++))))
+#define n2l6(c,l) (l =((BN_ULLONG)(*((c)++)))<<40, \
+ l|=((BN_ULLONG)(*((c)++)))<<32, \
+ l|=((BN_ULLONG)(*((c)++)))<<24, \
+ l|=((BN_ULLONG)(*((c)++)))<<16, \
+ l|=((BN_ULLONG)(*((c)++)))<< 8, \
+ l|=((BN_ULLONG)(*((c)++))))
/* NOTE - c is not incremented as per l2c */
#define l2cn(l1,l2,c,n) { \
BN_BLINDING_invert_ex 3713 EXIST::FUNCTION:
BN_BLINDING_get_thread_id 3714 EXIST::FUNCTION:
BN_BLINDING_get_flags 3715 EXIST::FUNCTION:
+pitem_new 3716 EXIST::FUNCTION:
+pqueue_iterator 3717 EXIST::FUNCTION:
+pqueue_print 3718 EXIST::FUNCTION:
+pqueue_find 3719 EXIST::FUNCTION:
+pqueue_peek 3720 EXIST::FUNCTION:
+pqueue_pop 3721 EXIST::FUNCTION:
+BN_MONT_CTX_set_locked 3722 EXIST::FUNCTION:
+pqueue_free 3723 EXIST::FUNCTION:
+pqueue_next 3724 EXIST::FUNCTION:
+pqueue_new 3725 EXIST::FUNCTION:
+pqueue_insert 3726 EXIST::FUNCTION:
+pitem_free 3727 EXIST::FUNCTION:
$crypto.=" crypto/krb5/krb5_asn.h";
$crypto.=" crypto/tmdiff.h";
$crypto.=" crypto/store/store.h";
+$crypto.=" crypto/pqueue/pqueue.h";
my $symhacks="crypto/symhacks.h";
"crypto/ui",
"crypto/krb5",
"crypto/store",
+"crypto/pqueue",
"ssl",
"apps",
"engines",