No fprintf in the txt_db component
[openssl.git] / ssl / d1_both.c
index 48c75b2227a71f002a2492bad2b1d12b390b2304..569b561e85992f8e7971e0ed778211d9227355f6 100644 (file)
@@ -170,12 +170,12 @@ static hm_fragment *dtls1_hm_fragment_new(unsigned long frag_len,
     unsigned char *buf = NULL;
     unsigned char *bitmask = NULL;
 
-    frag = (hm_fragment *)OPENSSL_malloc(sizeof(hm_fragment));
+    frag = OPENSSL_malloc(sizeof(*frag));
     if (frag == NULL)
         return NULL;
 
     if (frag_len) {
-        buf = (unsigned char *)OPENSSL_malloc(frag_len);
+        buf = OPENSSL_malloc(frag_len);
         if (buf == NULL) {
             OPENSSL_free(frag);
             return NULL;
@@ -187,11 +187,9 @@ static hm_fragment *dtls1_hm_fragment_new(unsigned long frag_len,
 
     /* Initialize reassembly bitmask if necessary */
     if (reassembly) {
-        bitmask =
-            (unsigned char *)OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len));
+        bitmask = OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len));
         if (bitmask == NULL) {
-            if (buf != NULL)
-                OPENSSL_free(buf);
+            OPENSSL_free(buf);
             OPENSSL_free(frag);
             return NULL;
         }
@@ -205,17 +203,16 @@ static hm_fragment *dtls1_hm_fragment_new(unsigned long frag_len,
 
 void dtls1_hm_fragment_free(hm_fragment *frag)
 {
-
+    if (!frag)
+        return;
     if (frag->msg_header.is_ccs) {
         EVP_CIPHER_CTX_free(frag->msg_header.
                             saved_retransmit_state.enc_write_ctx);
         EVP_MD_CTX_destroy(frag->msg_header.
                            saved_retransmit_state.write_hash);
     }
-    if (frag->fragment)
-        OPENSSL_free(frag->fragment);
-    if (frag->reassembly)
-        OPENSSL_free(frag->reassembly);
+    OPENSSL_free(frag->fragment);
+    OPENSSL_free(frag->reassembly);
     OPENSSL_free(frag);
 }
 
@@ -470,7 +467,7 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
     }
 
     msg_hdr = &s->d1->r_msg_hdr;
-    memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+    memset(msg_hdr, 0, sizeof(*msg_hdr));
 
  again:
     i = dtls1_get_message_fragment(s, st1, stn, max, ok);
@@ -481,6 +478,12 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
         return i;
     }
 
+    if (mt >= 0 && s->s3->tmp.message_type != mt) {
+        al = SSL_AD_UNEXPECTED_MESSAGE;
+        SSLerr(SSL_F_DTLS1_GET_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
+        goto f_err;
+    }
+
     p = (unsigned char *)s->init_buf->data;
     msg_len = msg_hdr->msg_len;
 
@@ -500,7 +503,7 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
         s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
                         p, msg_len, s, s->msg_callback_arg);
 
-    memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+    memset(msg_hdr, 0, sizeof(*msg_hdr));
 
     /* Don't change sequence numbers while listening */
     if (!s->d1->listen)
@@ -728,7 +731,7 @@ dtls1_reassemble_fragment(SSL *s, const struct hm_header_st *msg_hdr, int *ok)
     return DTLS1_HM_FRAGMENT_RETRY;
 
  err:
-    if (frag != NULL && item == NULL)
+    if (item == NULL)
         dtls1_hm_fragment_free(frag);
     *ok = 0;
     return i;
@@ -825,7 +828,7 @@ dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st *msg_hdr,
     return DTLS1_HM_FRAGMENT_RETRY;
 
  err:
-    if (frag != NULL && item == NULL)
+    if (item == NULL)
         dtls1_hm_fragment_free(frag);
     *ok = 0;
     return i;
@@ -961,7 +964,7 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
 /*-
  * for these 2 messages, we need to
  * ssl->enc_read_ctx                    re-init
- * ssl->s3->read_sequence               zero
+ * ssl->rlayer.read_sequence            zero
  * ssl->s3->read_mac_secret             re-init
  * ssl->session->read_sym_enc           assign
  * ssl->session->read_compression       assign
@@ -989,7 +992,7 @@ int dtls1_send_change_cipher_spec(SSL *s, int a, int b)
                                      s->d1->handshake_write_seq, 0, 0);
 
         /* buffer the message to handle re-xmits */
-        if(!dtls1_buffer_message(s, 1)) {
+        if (!dtls1_buffer_message(s, 1)) {
             SSLerr(SSL_F_DTLS1_SEND_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
             return -1;
         }
@@ -1110,7 +1113,8 @@ int dtls1_buffer_message(SSL *s, int is_ccs)
     frag->msg_header.saved_retransmit_state.write_hash = s->write_hash;
     frag->msg_header.saved_retransmit_state.compress = s->compress;
     frag->msg_header.saved_retransmit_state.session = s->session;
-    frag->msg_header.saved_retransmit_state.epoch = s->d1->w_epoch;
+    frag->msg_header.saved_retransmit_state.epoch =
+        DTLS_RECORD_LAYER_get_w_epoch(&s->rlayer);
 
     memset(seq64be, 0, sizeof(seq64be));
     seq64be[6] =
@@ -1143,7 +1147,6 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
     unsigned long header_length;
     unsigned char seq64be[8];
     struct dtls1_retransmit_state saved_state;
-    unsigned char save_write_sequence[8];
 
     /*-
       OPENSSL_assert(s->init_num == 0);
@@ -1184,8 +1187,7 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
     saved_state.write_hash = s->write_hash;
     saved_state.compress = s->compress;
     saved_state.session = s->session;
-    saved_state.epoch = s->d1->w_epoch;
-    saved_state.epoch = s->d1->w_epoch;
+    saved_state.epoch = DTLS_RECORD_LAYER_get_w_epoch(&s->rlayer);
 
     s->d1->retransmitting = 1;
 
@@ -1194,15 +1196,8 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
     s->write_hash = frag->msg_header.saved_retransmit_state.write_hash;
     s->compress = frag->msg_header.saved_retransmit_state.compress;
     s->session = frag->msg_header.saved_retransmit_state.session;
-    s->d1->w_epoch = frag->msg_header.saved_retransmit_state.epoch;
-
-    if (frag->msg_header.saved_retransmit_state.epoch ==
-        saved_state.epoch - 1) {
-        memcpy(save_write_sequence, s->s3->write_sequence,
-               sizeof(s->s3->write_sequence));
-        memcpy(s->s3->write_sequence, s->d1->last_write_sequence,
-               sizeof(s->s3->write_sequence));
-    }
+    DTLS_RECORD_LAYER_set_saved_w_epoch(&s->rlayer,
+        frag->msg_header.saved_retransmit_state.epoch);
 
     ret = dtls1_do_write(s, frag->msg_header.is_ccs ?
                          SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE);
@@ -1212,15 +1207,7 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
     s->write_hash = saved_state.write_hash;
     s->compress = saved_state.compress;
     s->session = saved_state.session;
-    s->d1->w_epoch = saved_state.epoch;
-
-    if (frag->msg_header.saved_retransmit_state.epoch ==
-        saved_state.epoch - 1) {
-        memcpy(s->d1->last_write_sequence, s->s3->write_sequence,
-               sizeof(s->s3->write_sequence));
-        memcpy(s->s3->write_sequence, save_write_sequence,
-               sizeof(s->s3->write_sequence));
-    }
+    DTLS_RECORD_LAYER_set_saved_w_epoch(&s->rlayer, saved_state.epoch);
 
     s->d1->retransmitting = 0;
 
@@ -1308,7 +1295,7 @@ unsigned int dtls1_min_mtu(SSL *s)
 void
 dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
 {
-    memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
+    memset(msg_hdr, 0, sizeof(*msg_hdr));
     msg_hdr->type = *(data++);
     n2l3(data, msg_hdr->msg_len);
 
@@ -1317,13 +1304,6 @@ dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
     n2l3(data, msg_hdr->frag_len);
 }
 
-void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr)
-{
-    memset(ccs_hdr, 0x00, sizeof(struct ccs_header_st));
-
-    ccs_hdr->type = *(data++);
-}
-
 int dtls1_shutdown(SSL *s)
 {
     int ret;
@@ -1347,16 +1327,12 @@ int dtls1_shutdown(SSL *s)
 }
 
 #ifndef OPENSSL_NO_HEARTBEATS
-int dtls1_process_heartbeat(SSL *s)
+int dtls1_process_heartbeat(SSL *s, unsigned char *p, unsigned int length)
 {
-    unsigned char *p, *pl;
+    unsigned char *pl;
     unsigned short hbtype;
     unsigned int payload;
     unsigned int padding = 16;  /* Use minimum padding */
-    unsigned int length;
-
-    p = SSL3_RECORD_get_data(RECORD_LAYER_get_rrec(&s->rlayer));
-    length = SSL3_RECORD_get_length(RECORD_LAYER_get_rrec(&s->rlayer));
 
     if (s->msg_callback)
         s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,