/*
- * Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
{
DTLS_RECORD_LAYER *d;
- if ((d = OPENSSL_malloc(sizeof(*d))) == NULL)
+ if ((d = OPENSSL_malloc(sizeof(*d))) == NULL) {
+ SSLerr(SSL_F_DTLS_RECORD_LAYER_NEW, ERR_R_MALLOC_FAILURE);
return 0;
+ }
rl->d = d;
if ((type && (type != SSL3_RT_APPLICATION_DATA) &&
(type != SSL3_RT_HANDSHAKE)) ||
(peek && (type != SSL3_RT_APPLICATION_DATA))) {
- SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR);
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DTLS1_READ_BYTES,
+ ERR_R_INTERNAL_ERROR);
return -1;
}
- if (!ossl_statem_get_in_handshake(s) && SSL_in_init(s))
- {
+ if (!ossl_statem_get_in_handshake(s) && SSL_in_init(s)) {
/* type == SSL3_RT_APPLICATION_DATA */
i = s->handshake_func(s);
/* SSLfatal() already called if appropriate */
/* get new packet if necessary */
if ((SSL3_RECORD_get_length(rr) == 0)
|| (s->rlayer.rstate == SSL_ST_READ_BODY)) {
+ RECORD_LAYER_set_numrpipes(&s->rlayer, 0);
iret = dtls1_get_record(s);
if (iret <= 0) {
iret = dtls1_read_failed(s, iret);
else
goto start;
}
+ RECORD_LAYER_set_numrpipes(&s->rlayer, 1);
}
/*
&& SSL3_RECORD_get_length(rr) != 0)
s->rlayer.alert_count = 0;
+ if (SSL3_RECORD_get_type(rr) != SSL3_RT_HANDSHAKE
+ && SSL3_RECORD_get_type(rr) != SSL3_RT_CHANGE_CIPHER_SPEC
+ && !SSL_in_init(s)
+ && (s->d1->next_timeout.tv_sec != 0
+ || s->d1->next_timeout.tv_usec != 0)) {
+ /*
+ * The timer is still running but we've received something that isn't
+ * handshake data - so the peer must have finished processing our
+ * last handshake flight. Stop the timer.
+ */
+ dtls1_stop_timer(s);
+ }
+
/* we now have a packet which can be read and processed */
if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
return -1;
}
SSL3_RECORD_set_length(rr, 0);
+ SSL3_RECORD_set_read(rr);
goto start;
}
*/
if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
SSL3_RECORD_set_length(rr, 0);
+ SSL3_RECORD_set_read(rr);
s->rwstate = SSL_NOTHING;
return 0;
}
if (recvd_type != NULL)
*recvd_type = SSL3_RECORD_get_type(rr);
- if (len == 0)
+ if (len == 0) {
+ /*
+ * Mark a zero length record as read. This ensures multiple calls to
+ * SSL_read() with a zero length buffer will eventually cause
+ * SSL_pending() to report data as being available.
+ */
+ if (SSL3_RECORD_get_length(rr) == 0)
+ SSL3_RECORD_set_read(rr);
return 0;
+ }
if (len > SSL3_RECORD_get_length(rr))
n = SSL3_RECORD_get_length(rr);
n = len;
memcpy(buf, &(SSL3_RECORD_get_data(rr)[SSL3_RECORD_get_off(rr)]), n);
- if (!peek) {
+ if (peek) {
+ if (SSL3_RECORD_get_length(rr) == 0)
+ SSL3_RECORD_set_read(rr);
+ } else {
SSL3_RECORD_sub_length(rr, n);
SSL3_RECORD_add_off(rr, n);
if (SSL3_RECORD_get_length(rr) == 0) {
s->rlayer.rstate = SSL_ST_READ_HEADER;
SSL3_RECORD_set_off(rr, 0);
+ SSL3_RECORD_set_read(rr);
}
}
#ifndef OPENSSL_NO_SCTP
if (alert_level == SSL3_AL_WARNING) {
s->s3->warn_alert = alert_descr;
+ SSL3_RECORD_set_read(rr);
s->rlayer.alert_count++;
if (s->rlayer.alert_count == MAX_WARN_ALERT_COUNT) {
BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr);
ERR_add_error_data(2, "SSL alert number ", tmp);
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
+ SSL3_RECORD_set_read(rr);
SSL_CTX_remove_session(s->session_ctx, s->session);
return 0;
} else {
* shutdown */
s->rwstate = SSL_NOTHING;
SSL3_RECORD_set_length(rr, 0);
+ SSL3_RECORD_set_read(rr);
return 0;
}
* are still missing, so just drop it.
*/
SSL3_RECORD_set_length(rr, 0);
+ SSL3_RECORD_set_read(rr);
goto start;
}
if (SSL3_RECORD_get_epoch(rr) != s->rlayer.d->r_epoch
|| SSL3_RECORD_get_length(rr) < DTLS1_HM_HEADER_LENGTH) {
SSL3_RECORD_set_length(rr, 0);
+ SSL3_RECORD_set_read(rr);
goto start;
}
return -1;
}
SSL3_RECORD_set_length(rr, 0);
+ SSL3_RECORD_set_read(rr);
+ if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
+ if (SSL3_BUFFER_get_left(&s->rlayer.rbuf) == 0) {
+ /* no read-ahead left? */
+ BIO *bio;
+
+ s->rwstate = SSL_READING;
+ bio = SSL_get_rbio(s);
+ BIO_clear_retry_flags(bio);
+ BIO_set_retry_read(bio);
+ return -1;
+ }
+ }
goto start;
}
SSL3_RECORD_add_length(&wr, eivlen);
if (s->method->ssl3_enc->enc(s, &wr, 1, 1) < 1) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_DTLS1_WRITE,
- ERR_R_INTERNAL_ERROR);
+ if (!ossl_statem_in_error(s)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_DTLS1_WRITE,
+ ERR_R_INTERNAL_ERROR);
+ }
return -1;
}