/*
* In DTLS we get the whole message in one go - header and body
*/
- ret = dtls_get_message(s, &mt, &len);
+ ret = dtls_get_message(s, &mt);
} else {
ret = tls_get_message_header(s, &mt);
}
/* Fall through */
case READ_STATE_BODY:
- if (!SSL_IS_DTLS(s)) {
- /* We already got this above for DTLS */
+ if (SSL_IS_DTLS(s)) {
+ /*
+ * Actually we already have the body, but we give DTLS the
+ * opportunity to do any further processing.
+ */
+ ret = dtls_get_message_body(s, &len);
+ } else {
ret = tls_get_message_body(s, &len);
- if (ret == 0) {
- /* Could be non-blocking IO */
- return SUB_STATE_ERROR;
- }
+ }
+ if (ret == 0) {
+ /* Could be non-blocking IO */
+ return SUB_STATE_ERROR;
}
s->first_packet = 0;
return 0;
}
-int dtls_get_message(SSL *s, int *mt, size_t *len)
+int dtls_get_message(SSL *s, int *mt)
{
struct hm_header_st *msg_hdr;
unsigned char *p;
*mt = s->s3.tmp.message_type;
p = (unsigned char *)s->init_buf->data;
- *len = s->init_num;
if (*mt == SSL3_MT_CHANGE_CIPHER_SPEC) {
if (s->msg_callback) {
s2n(msg_hdr->seq, p);
l2n3(0, p);
l2n3(msg_len, p);
- if (s->version != DTLS1_BAD_VER) {
- p -= DTLS1_HM_HEADER_LENGTH;
- msg_len += DTLS1_HM_HEADER_LENGTH;
- }
+ memset(msg_hdr, 0, sizeof(*msg_hdr));
+
+ s->d1->handshake_read_seq++;
+
+ s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+
+ return 1;
+}
+
+/*
+ * Actually we already have the message body - but this is an opportunity for
+ * DTLS to do any further processing it wants at the same point that TLS would
+ * be asked for the message body.
+ */
+int dtls_get_message_body(SSL *s, size_t *len)
+{
+ unsigned char *msg = (unsigned char *)s->init_buf->data;
+ size_t msg_len = s->init_num + DTLS1_HM_HEADER_LENGTH;
+
+ if (s->s3.tmp.message_type == SSL3_MT_CHANGE_CIPHER_SPEC) {
+ /* Nothing to be done */
+ goto end;
+ }
/*
* If receiving Finished, record MAC of prior handshake messages for
* Finished verification.
*/
- if (*mt == SSL3_MT_FINISHED && !ssl3_take_mac(s)) {
+ if (*(s->init_buf->data) == SSL3_MT_FINISHED && !ssl3_take_mac(s)) {
/* SSLfatal() already called */
return 0;
}
- if (!ssl3_finish_mac(s, p, msg_len))
+ if (s->version == DTLS1_BAD_VER) {
+ msg += DTLS1_HM_HEADER_LENGTH;
+ msg_len -= DTLS1_HM_HEADER_LENGTH;
+ }
+
+ if (!ssl3_finish_mac(s, msg, msg_len))
return 0;
+
if (s->msg_callback)
s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
- p, msg_len, s, s->msg_callback_arg);
-
- memset(msg_hdr, 0, sizeof(*msg_hdr));
-
- s->d1->handshake_read_seq++;
-
- s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+ s->init_buf->data, s->init_num + DTLS1_HM_HEADER_LENGTH,
+ s, s->msg_callback_arg);
+ end:
+ *len = s->init_num;
return 1;
}
/* Functions for getting new message data */
__owur int tls_get_message_header(SSL *s, int *mt);
__owur int tls_get_message_body(SSL *s, size_t *len);
-__owur int dtls_get_message(SSL *s, int *mt, size_t *len);
+__owur int dtls_get_message(SSL *s, int *mt);
+__owur int dtls_get_message_body(SSL *s, size_t *len);
/* Message construction and processing functions */
__owur int tls_process_initial_server_flight(SSL *s);