Rename DTLS1_BITMAP to DTLS_BITMAP

The 1 in DTLS1 is confusing and is removed. We also tweak the structure
to always be able to track 64 packets regardless of whether we are on a
32 bit or 64 bit system.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)

diff --git a/ssl/record/methods/dtls_meth.c b/ssl/record/methods/dtls_meth.c
index e24614a1bdfd9707c3d2bb3811a5b331274d73a4..d5dae75c4ff4e56e73da8a1fc34b5c54a86749cd 100644 (file)
--- a/ssl/record/methods/dtls_meth.c
+++ b/ssl/record/methods/dtls_meth.c
@@ -36,7 +36,7 @@ static int satsub64be(const unsigned char *v1, const unsigned char *v2)
         return (int)ret;
 }
 
-static int dtls_record_replay_check(OSSL_RECORD_LAYER *rl, DTLS1_BITMAP *bitmap)
+static int dtls_record_replay_check(OSSL_RECORD_LAYER *rl, DTLS_BITMAP *bitmap)
 {
     int cmp;
     unsigned int shift;
@@ -50,7 +50,7 @@ static int dtls_record_replay_check(OSSL_RECORD_LAYER *rl, DTLS1_BITMAP *bitmap)
     shift = -cmp;
     if (shift >= sizeof(bitmap->map) * 8)
         return 0;               /* stale, outside the window */
-    else if (bitmap->map & (1UL << shift))
+    else if (bitmap->map & ((uint64_t)1 << shift))
         return 0;               /* record previously received */
 
     SSL3_RECORD_set_seq_num(&rl->rrec[0], seq);
@@ -58,7 +58,7 @@ static int dtls_record_replay_check(OSSL_RECORD_LAYER *rl, DTLS1_BITMAP *bitmap)
 }
 
 static void dtls_record_bitmap_update(OSSL_RECORD_LAYER *rl,
-                                      DTLS1_BITMAP *bitmap)
+                                      DTLS_BITMAP *bitmap)
 {
     int cmp;
     unsigned int shift;
@@ -75,12 +75,12 @@ static void dtls_record_bitmap_update(OSSL_RECORD_LAYER *rl,
     } else {
         shift = -cmp;
         if (shift < sizeof(bitmap->map) * 8)
-            bitmap->map |= 1UL << shift;
+            bitmap->map |= (uint64_t)1 << shift;
     }
 }
 
-static DTLS1_BITMAP *dtls_get_bitmap(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rr,
-                                     unsigned int *is_next_epoch)
+static DTLS_BITMAP *dtls_get_bitmap(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rr,
+                                    unsigned int *is_next_epoch)
 {
     *is_next_epoch = 0;
 
@@ -108,7 +108,7 @@ static void dtls_set_in_init(OSSL_RECORD_LAYER *rl, int in_init)
     rl->in_init = in_init;
 }
 
-static int dtls_process_record(OSSL_RECORD_LAYER *rl, DTLS1_BITMAP *bitmap)
+static int dtls_process_record(OSSL_RECORD_LAYER *rl, DTLS_BITMAP *bitmap)
 {
     int i;
     int enc_err;
@@ -387,7 +387,7 @@ int dtls_get_more_records(OSSL_RECORD_LAYER *rl)
     SSL3_RECORD *rr;
     unsigned char *p = NULL;
     unsigned short version;
-    DTLS1_BITMAP *bitmap;
+    DTLS_BITMAP *bitmap;
     unsigned int is_next_epoch;
 
     rl->num_recs = 0;

diff --git a/ssl/record/methods/recmethod_local.h b/ssl/record/methods/recmethod_local.h
index 69cb77938b86c4543e0fbd4c41875ebc60958aeb..d85e377b68b5e38a9ec3443b595524ec1486d399 100644 (file)
--- a/ssl/record/methods/recmethod_local.h
+++ b/ssl/record/methods/recmethod_local.h
@@ -13,6 +13,13 @@
 #include "../../ssl_local.h"
 #include "../record_local.h"
 
+typedef struct dtls_bitmap_st {
+    /* Track 64 packets */
+    uint64_t map;
+    /* Max record number seen so far, 64-bit value in big-endian encoding */
+    unsigned char max_seq_num[SEQ_NUM_SIZE];
+} DTLS_BITMAP;
+
 /* Protocol version specific function pointers */
 struct record_functions_st
 {
@@ -172,9 +179,9 @@ struct ossl_record_layer_st
     record_pqueue processed_rcds;
 
     /* records being received in the current epoch */
-    DTLS1_BITMAP bitmap;
+    DTLS_BITMAP bitmap;
     /* renegotiation starts a new set of sequence numbers */
-    DTLS1_BITMAP next_bitmap;
+    DTLS_BITMAP next_bitmap;
 
     /*
      * Whether we are currently in a hanshake or not. Only maintained for DTLS

diff --git a/ssl/record/record.h b/ssl/record/record.h
index d6f46efa520ee6923e778fc7f24ae8dd6159d2fd..0d2f0adf3ec8ee64162360e60a0d0f41cb28a95f 100644 (file)
--- a/ssl/record/record.h
+++ b/ssl/record/record.h
@@ -92,13 +92,6 @@ typedef struct tls_record_st {
 #endif
 } TLS_RECORD;
 
-typedef struct dtls1_bitmap_st {
-    /* Track 32 packets on 32-bit systems and 64 - on 64-bit systems */
-    unsigned long map;
-    /* Max record number seen so far, 64-bit value in big-endian encoding */
-    unsigned char max_seq_num[SEQ_NUM_SIZE];
-} DTLS1_BITMAP;
-
 typedef struct record_pqueue_st {
     uint16_t epoch;
     struct pqueue_st *q;

diff --git a/util/indent.pro b/util/indent.pro
index 4851c7338a73ba9f9d46cf5a74e461fa9087ebea..928218c5d37db41dfc740c176b0427ea97c10e24 100644 (file)
--- a/util/indent.pro
+++ b/util/indent.pro
@@ -188,7 +188,7 @@
 -T DSO_METHOD
 -T DSO_NAME_CONVERTER_FUNC
 -T DSO_VMS_INTERNAL
--T DTLS1_BITMAP
+-T DTLS_BITMAP
 -T DTLS1_RECORD_DATA
 -T DTLS1_STATE
 -T Dl_info