#endif
static void get_current_time(struct timeval *t);
-static void dtls1_set_handshake_header(SSL *s, int type, unsigned long len);
+static int dtls1_set_handshake_header(SSL *s, int type, unsigned long len);
static int dtls1_handshake_write(SSL *s);
const char dtls1_version_str[] = "DTLSv1" OPENSSL_VERSION_PTEXT;
int dtls1_listen(SSL *s, struct sockaddr *client);
{
DTLS1_STATE *d1;
+ if (!DTLS_RECORD_LAYER_new(&s->rlayer)) {
+ return 0;
+ }
+
if (!ssl3_new(s))
return (0);
if ((d1 = OPENSSL_malloc(sizeof *d1)) == NULL) {
}
memset(d1, 0, sizeof *d1);
- /* d1->handshake_epoch=0; */
-
- d1->unprocessed_rcds.q = pqueue_new();
- d1->processed_rcds.q = pqueue_new();
d1->buffered_messages = pqueue_new();
d1->sent_messages = pqueue_new();
- d1->buffered_app_data.q = pqueue_new();
if (s->server) {
d1->cookie_len = sizeof(s->d1->cookie);
d1->link_mtu = 0;
d1->mtu = 0;
- if (!d1->unprocessed_rcds.q || !d1->processed_rcds.q
- || !d1->buffered_messages || !d1->sent_messages
- || !d1->buffered_app_data.q) {
- if (d1->unprocessed_rcds.q)
- pqueue_free(d1->unprocessed_rcds.q);
- if (d1->processed_rcds.q)
- pqueue_free(d1->processed_rcds.q);
+ if (!d1->buffered_messages || !d1->sent_messages) {
if (d1->buffered_messages)
pqueue_free(d1->buffered_messages);
if (d1->sent_messages)
pqueue_free(d1->sent_messages);
- if (d1->buffered_app_data.q)
- pqueue_free(d1->buffered_app_data.q);
OPENSSL_free(d1);
ssl3_free(s);
return (0);
{
pitem *item = NULL;
hm_fragment *frag = NULL;
- DTLS1_RECORD_DATA *rdata;
-
- while ((item = pqueue_pop(s->d1->unprocessed_rcds.q)) != NULL) {
- rdata = (DTLS1_RECORD_DATA *)item->data;
- if (rdata->rbuf.buf) {
- OPENSSL_free(rdata->rbuf.buf);
- }
- OPENSSL_free(item->data);
- pitem_free(item);
- }
-
- while ((item = pqueue_pop(s->d1->processed_rcds.q)) != NULL) {
- rdata = (DTLS1_RECORD_DATA *)item->data;
- if (rdata->rbuf.buf) {
- OPENSSL_free(rdata->rbuf.buf);
- }
- OPENSSL_free(item->data);
- pitem_free(item);
- }
while ((item = pqueue_pop(s->d1->buffered_messages)) != NULL) {
frag = (hm_fragment *)item->data;
dtls1_hm_fragment_free(frag);
pitem_free(item);
}
-
- while ((item = pqueue_pop(s->d1->buffered_app_data.q)) != NULL) {
- rdata = (DTLS1_RECORD_DATA *)item->data;
- if (rdata->rbuf.buf) {
- OPENSSL_free(rdata->rbuf.buf);
- }
- OPENSSL_free(item->data);
- pitem_free(item);
- }
}
void dtls1_free(SSL *s)
{
+ DTLS_RECORD_LAYER_free(&s->rlayer);
+
ssl3_free(s);
dtls1_clear_queues(s);
- pqueue_free(s->d1->unprocessed_rcds.q);
- pqueue_free(s->d1->processed_rcds.q);
pqueue_free(s->d1->buffered_messages);
pqueue_free(s->d1->sent_messages);
- pqueue_free(s->d1->buffered_app_data.q);
OPENSSL_free(s->d1);
s->d1 = NULL;
void dtls1_clear(SSL *s)
{
- pqueue unprocessed_rcds;
- pqueue processed_rcds;
pqueue buffered_messages;
pqueue sent_messages;
- pqueue buffered_app_data;
unsigned int mtu;
unsigned int link_mtu;
+ DTLS_RECORD_LAYER_clear(&s->rlayer);
+
if (s->d1) {
- unprocessed_rcds = s->d1->unprocessed_rcds.q;
- processed_rcds = s->d1->processed_rcds.q;
buffered_messages = s->d1->buffered_messages;
sent_messages = s->d1->sent_messages;
- buffered_app_data = s->d1->buffered_app_data.q;
mtu = s->d1->mtu;
link_mtu = s->d1->link_mtu;
s->d1->link_mtu = link_mtu;
}
- s->d1->unprocessed_rcds.q = unprocessed_rcds;
- s->d1->processed_rcds.q = processed_rcds;
s->d1->buffered_messages = buffered_messages;
s->d1->sent_messages = sent_messages;
- s->d1->buffered_app_data.q = buffered_app_data;
}
ssl3_clear(s);
if (s->options & SSL_OP_CISCO_ANYCONNECT)
- s->version = DTLS1_BAD_VER;
+ s->client_version = s->version = DTLS1_BAD_VER;
else if (s->method->version == DTLS_ANY_VERSION)
s->version = DTLS1_2_VERSION;
else
{
int ret;
+ /* Ensure there is no state left over from a previous invocation */
+ if (!SSL_clear(s))
+ return -1;
+
SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE);
s->d1->listen = 1;
return 1;
}
-static void dtls1_set_handshake_header(SSL *s, int htype, unsigned long len)
+static int dtls1_set_handshake_header(SSL *s, int htype, unsigned long len)
{
unsigned char *p = (unsigned char *)s->init_buf->data;
dtls1_set_message_header(s, p, htype, len, 0, len);
s->init_num = (int)len + DTLS1_HM_HEADER_LENGTH;
s->init_off = 0;
/* Buffer the message to handle re-xmits */
- dtls1_buffer_message(s, 0);
+
+ if (!dtls1_buffer_message(s, 0))
+ return 0;
+
+ return 1;
}
static int dtls1_handshake_write(SSL *s)