Move s->packet and s->packet_length into s->rlayer

[openssl.git] / ssl / d1_both.c
diff --git a/ssl/d1_both.c b/ssl/d1_both.c

index a7d0a82085302c992475e76ddc42311ab07aae8e..587eb9e53ad606a03a9f18dc3b01b662ac1e511c 100644 (file)
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -989,7 +989,10 @@ int dtls1_send_change_cipher_spec(SSL *s, int a, int b)
                                       s->d1->handshake_write_seq, 0, 0);
  
          /* buffer the message to handle re-xmits */
                                       s->d1->handshake_write_seq, 0, 0);
  
          /* buffer the message to handle re-xmits */
-        dtls1_buffer_message(s, 1);
+        if(!dtls1_buffer_message(s, 1)) {
+            SSLerr(SSL_F_DTLS1_SEND_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
+            return -1;
+        }
  
          s->state = b;
      }
  
          s->state = b;
      }
@@ -1237,7 +1240,7 @@ void dtls1_clear_record_buffer(SSL *s)
      }
  }
  
      }
  }
  
-unsigned char *dtls1_set_message_header(SSL *s, unsigned char *p,
+void dtls1_set_message_header(SSL *s, unsigned char *p,
                                          unsigned char mt, unsigned long len,
                                          unsigned long frag_off,
                                          unsigned long frag_len)
                                          unsigned char mt, unsigned long len,
                                          unsigned long frag_off,
                                          unsigned long frag_len)
@@ -1250,8 +1253,6 @@ unsigned char *dtls1_set_message_header(SSL *s, unsigned char *p,
  
      dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq,
                                   frag_off, frag_len);
  
      dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq,
                                   frag_off, frag_len);
-
-    return p += DTLS1_HM_HEADER_LENGTH;
  }
  
  /* don't actually do the writing, wait till the MTU has been retrieved */
  }
  
  /* don't actually do the writing, wait till the MTU has been retrieved */
@@ -1346,27 +1347,26 @@ int dtls1_shutdown(SSL *s)
  }
  
  #ifndef OPENSSL_NO_HEARTBEATS
  }
  
  #ifndef OPENSSL_NO_HEARTBEATS
-int dtls1_process_heartbeat(SSL *s)
+int dtls1_process_heartbeat(SSL *s, unsigned char *p, unsigned int length)
  {
  {
-    unsigned char *p = &s->s3->rrec.data[0], *pl;
+    unsigned char *pl;
      unsigned short hbtype;
      unsigned int payload;
      unsigned int padding = 16;  /* Use minimum padding */
  
      if (s->msg_callback)
          s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
      unsigned short hbtype;
      unsigned int payload;
      unsigned int padding = 16;  /* Use minimum padding */
  
      if (s->msg_callback)
          s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT,
-                        &s->s3->rrec.data[0], s->s3->rrec.length,
-                        s, s->msg_callback_arg);
+                        p, length, s, s->msg_callback_arg);
  
      /* Read type and payload length first */
  
      /* Read type and payload length first */
-    if (1 + 2 + 16 > s->s3->rrec.length)
+    if (1 + 2 + 16 > length)
          return 0;               /* silently discard */
          return 0;               /* silently discard */
-    if (s->s3->rrec.length > SSL3_RT_MAX_PLAIN_LENGTH)
+    if (length > SSL3_RT_MAX_PLAIN_LENGTH)
          return 0;               /* silently discard per RFC 6520 sec. 4 */
  
      hbtype = *p++;
      n2s(p, payload);
          return 0;               /* silently discard per RFC 6520 sec. 4 */
  
      hbtype = *p++;
      n2s(p, payload);
-    if (1 + 2 + payload + 16 > s->s3->rrec.length)
+    if (1 + 2 + payload + 16 > length)
          return 0;               /* silently discard per RFC 6520 sec. 4 */
      pl = p;
  
          return 0;               /* silently discard per RFC 6520 sec. 4 */
      pl = p;
  
@@ -1395,7 +1395,10 @@ int dtls1_process_heartbeat(SSL *s)
          memcpy(bp, pl, payload);
          bp += payload;
          /* Random padding */
          memcpy(bp, pl, payload);
          bp += payload;
          /* Random padding */
-        RAND_pseudo_bytes(bp, padding);
+        if (RAND_bytes(bp, padding) <= 0) {
+            OPENSSL_free(buffer);
+            return -1;
+        }
  
          r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
  
  
          r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
  
@@ -1429,7 +1432,7 @@ int dtls1_process_heartbeat(SSL *s)
  int dtls1_heartbeat(SSL *s)
  {
      unsigned char *buf, *p;
  int dtls1_heartbeat(SSL *s)
  {
      unsigned char *buf, *p;
-    int ret;
+    int ret = -1;
      unsigned int payload = 18;  /* Sequence number + random bytes */
      unsigned int padding = 16;  /* Use minimum padding */
  
      unsigned int payload = 18;  /* Sequence number + random bytes */
      unsigned int padding = 16;  /* Use minimum padding */
  
@@ -1481,10 +1484,16 @@ int dtls1_heartbeat(SSL *s)
      /* Sequence number */
      s2n(s->tlsext_hb_seq, p);
      /* 16 random bytes */
      /* Sequence number */
      s2n(s->tlsext_hb_seq, p);
      /* 16 random bytes */
-    RAND_pseudo_bytes(p, 16);
+    if (RAND_bytes(p, 16) <= 0) {
+        SSLerr(SSL_F_DTLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
      p += 16;
      /* Random padding */
      p += 16;
      /* Random padding */
-    RAND_pseudo_bytes(p, padding);
+    if (RAND_bytes(p, padding) <= 0) {
+        SSLerr(SSL_F_DTLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
  
      ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
      if (ret >= 0) {
  
      ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
      if (ret >= 0) {
@@ -1497,6 +1506,7 @@ int dtls1_heartbeat(SSL *s)
          s->tlsext_hb_pending = 1;
      }
  
          s->tlsext_hb_pending = 1;
      }
  
+ err:
      OPENSSL_free(buf);
  
      return ret;
      OPENSSL_free(buf);
  
      return ret;