unsigned char *buf = NULL;
unsigned char *bitmask = NULL;
- frag = (hm_fragment *)OPENSSL_malloc(sizeof(hm_fragment));
+ frag = OPENSSL_malloc(sizeof(*frag));
if (frag == NULL)
return NULL;
if (frag_len) {
- buf = (unsigned char *)OPENSSL_malloc(frag_len);
+ buf = OPENSSL_malloc(frag_len);
if (buf == NULL) {
OPENSSL_free(frag);
return NULL;
/* Initialize reassembly bitmask if necessary */
if (reassembly) {
- bitmask =
- (unsigned char *)OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len));
+ bitmask = OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len));
if (bitmask == NULL) {
- if (buf != NULL)
- OPENSSL_free(buf);
+ OPENSSL_free(buf);
OPENSSL_free(frag);
return NULL;
}
void dtls1_hm_fragment_free(hm_fragment *frag)
{
-
+ if (!frag)
+ return;
if (frag->msg_header.is_ccs) {
EVP_CIPHER_CTX_free(frag->msg_header.
saved_retransmit_state.enc_write_ctx);
EVP_MD_CTX_destroy(frag->msg_header.
saved_retransmit_state.write_hash);
}
- if (frag->fragment)
- OPENSSL_free(frag->fragment);
- if (frag->reassembly)
- OPENSSL_free(frag->reassembly);
+ OPENSSL_free(frag->fragment);
+ OPENSSL_free(frag->reassembly);
OPENSSL_free(frag);
}
}
msg_hdr = &s->d1->r_msg_hdr;
- memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+ memset(msg_hdr, 0, sizeof(*msg_hdr));
again:
i = dtls1_get_message_fragment(s, st1, stn, max, ok);
return i;
}
+ if (mt >= 0 && s->s3->tmp.message_type != mt) {
+ al = SSL_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+
p = (unsigned char *)s->init_buf->data;
msg_len = msg_hdr->msg_len;
s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
p, msg_len, s, s->msg_callback_arg);
- memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+ memset(msg_hdr, 0, sizeof(*msg_hdr));
/* Don't change sequence numbers while listening */
if (!s->d1->listen)
return DTLS1_HM_FRAGMENT_RETRY;
err:
- if (frag != NULL && item == NULL)
+ if (item == NULL)
dtls1_hm_fragment_free(frag);
*ok = 0;
return i;
return DTLS1_HM_FRAGMENT_RETRY;
err:
- if (frag != NULL && item == NULL)
+ if (item == NULL)
dtls1_hm_fragment_free(frag);
*ok = 0;
return i;
/* parse the message fragment header */
dtls1_get_message_header(wire, &msg_hdr);
+ len = msg_hdr.msg_len;
+ frag_off = msg_hdr.frag_off;
+ frag_len = msg_hdr.frag_len;
+
+ /*
+ * We must have at least frag_len bytes left in the record to be read.
+ * Fragments must not span records.
+ */
+ if (frag_len > RECORD_LAYER_get_rrec_length(&s->rlayer)) {
+ al = SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT, SSL_R_BAD_LENGTH);
+ goto f_err;
+ }
+
/*
* if this is a future (or stale) message it gets buffered
* (or dropped)--no further processing at this time
&& !(s->d1->listen && msg_hdr.seq == 1))
return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);
- len = msg_hdr.msg_len;
- frag_off = msg_hdr.frag_off;
- frag_len = msg_hdr.frag_len;
-
if (frag_len && frag_len < len)
return dtls1_reassemble_fragment(s, &msg_hdr, ok);
if ((al = dtls1_preprocess_fragment(s, &msg_hdr, max)))
goto f_err;
- /* XDTLS: ressurect this when restart is in place */
- s->state = stn;
-
if (frag_len > 0) {
unsigned char *p =
(unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
&p[frag_off], frag_len, 0);
+
/*
- * XDTLS: fix this--message fragments cannot span multiple packets
+ * This shouldn't ever fail due to NBIO because we already checked
+ * that we have enough data in the record
*/
if (i <= 0) {
s->rwstate = SSL_READING;
}
*ok = 1;
+ s->state = stn;
/*
* Note that s->init_num is *not* used as current offset in
s->d1->handshake_write_seq, 0, 0);
/* buffer the message to handle re-xmits */
- if(!dtls1_buffer_message(s, 1)) {
+ if (!dtls1_buffer_message(s, 1)) {
SSLerr(SSL_F_DTLS1_SEND_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
return -1;
}
unsigned long header_length;
unsigned char seq64be[8];
struct dtls1_retransmit_state saved_state;
- unsigned char save_write_sequence[8];
/*-
OPENSSL_assert(s->init_num == 0);
s->write_hash = frag->msg_header.saved_retransmit_state.write_hash;
s->compress = frag->msg_header.saved_retransmit_state.compress;
s->session = frag->msg_header.saved_retransmit_state.session;
- DTLS_RECORD_LAYER_set_w_epoch(&s->rlayer,
+ DTLS_RECORD_LAYER_set_saved_w_epoch(&s->rlayer,
frag->msg_header.saved_retransmit_state.epoch);
- if (frag->msg_header.saved_retransmit_state.epoch ==
- saved_state.epoch - 1) {
-
- memcpy(save_write_sequence, RECORD_LAYER_get_write_sequence(&s->rlayer),
- sizeof(save_write_sequence));
- RECORD_LAYER_set_write_sequence(&s->rlayer, s->d1->last_write_sequence);
- }
-
ret = dtls1_do_write(s, frag->msg_header.is_ccs ?
SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE);
s->write_hash = saved_state.write_hash;
s->compress = saved_state.compress;
s->session = saved_state.session;
- DTLS_RECORD_LAYER_set_w_epoch(&s->rlayer, saved_state.epoch);
-
- if (frag->msg_header.saved_retransmit_state.epoch ==
- saved_state.epoch - 1) {
- memcpy(s->d1->last_write_sequence,
- RECORD_LAYER_get_write_sequence(&s->rlayer),
- sizeof(s->d1->last_write_sequence));
- RECORD_LAYER_set_write_sequence(&s->rlayer, save_write_sequence);
- }
+ DTLS_RECORD_LAYER_set_saved_w_epoch(&s->rlayer, saved_state.epoch);
s->d1->retransmitting = 0;
void
dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
{
- memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+ memset(msg_hdr, 0, sizeof(*msg_hdr));
msg_hdr->type = *(data++);
n2l3(data, msg_hdr->msg_len);
n2l3(data, msg_hdr->frag_len);
}
-void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr)
-{
- memset(ccs_hdr, 0x00, sizeof(struct ccs_header_st));
-
- ccs_hdr->type = *(data++);
-}
-
int dtls1_shutdown(SSL *s)
{
int ret;