projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
RT3774: double-free in DSA
[openssl.git] / ssl / record / record.h
diff --git a/ssl/record/record.h b/ssl/record/record.h
index 29fc752e6a1375d5715393bb36755d2be2f44161..6931bb4712d310fd13ff03886c310fd26da9f8a2 100644 (file)
--- a/ssl/record/record.h
+++ b/ssl/record/record.h
@@ -109,6 +109,8 @@
  *
  */
 
+#include <openssl/pqueue.h>
+
 /*****************************************************************************
  *                                                                           *
  * These structures should be considered PRIVATE to the record layer. No     *
@@ -127,54 +129,59 @@ typedef struct ssl3_buffer_st {
     int left;
 } SSL3_BUFFER;
 
+#define SEQ_NUM_SIZE                            8
+
 typedef struct ssl3_record_st {
+    /* Record layer version */
+    /* r */
+    int rec_version;
+
     /* type of record */
-    /*
-     * r
-     */ int type;
+    /* r */
+    int type;
+
     /* How many bytes available */
-    /*
-     * rw
-     */ unsigned int length;
+    /* rw */
+    unsigned int length;
+
     /*
      * How many bytes were available before padding was removed? This is used
      * to implement the MAC check in constant time for CBC records.
      */
-    /*
-     * rw
-     */ unsigned int orig_len;
+    /* rw */
+    unsigned int orig_len;
+
     /* read/write offset into 'buf' */
-    /*
-     * r
-     */ unsigned int off;
+    /* r */
+    unsigned int off;
+
     /* pointer to the record data */
-    /*
-     * rw
-     */ unsigned char *data;
+    /* rw */
+    unsigned char *data;
+
     /* where the decode bytes are */
-    /*
-     * rw
-     */ unsigned char *input;
+    /* rw */
+    unsigned char *input;
+
     /* only used with decompression - malloc()ed */
-    /*
-     * r
-     */ unsigned char *comp;
+    /* r */
+    unsigned char *comp;
+
     /* epoch number, needed by DTLS1 */
-    /*
-     * r
-     */ unsigned long epoch;
+    /* r */
+    unsigned long epoch;
+
     /* sequence number, needed by DTLS1 */
-    /*
-     * r
-     */ unsigned char seq_num[8];
+    /* r */
+    unsigned char seq_num[SEQ_NUM_SIZE];
 } SSL3_RECORD;
 
 typedef struct dtls1_bitmap_st {
-    unsigned long map;          /* track 32 packets on 32-bit systems and 64
-                                 * - on 64-bit systems */
+    /* Track 32 packets on 32-bit systems and 64 - on 64-bit systems */
+    unsigned long map;
 
-    unsigned char max_seq_num[8]; /* max record number seen so far, 64-bit
-                                   * value in big-endian encoding */
+    /* Max record number seen so far, 64-bit value in big-endian encoding */
+    unsigned char max_seq_num[SEQ_NUM_SIZE];
 } DTLS1_BITMAP;
 
 typedef struct record_pqueue_st {
@@ -295,6 +302,8 @@ typedef struct record_layer_st {
  *                                                                           *
  *****************************************************************************/
 
+#define MIN_SSL2_RECORD_LEN     9
+
 #define RECORD_LAYER_set_read_ahead(rl, ra)     ((rl)->read_ahead = (ra))
 #define RECORD_LAYER_get_read_ahead(rl)         ((rl)->read_ahead)
 #define RECORD_LAYER_get_packet(rl)             ((rl)->packet)
@@ -316,9 +325,9 @@ void RECORD_LAYER_dup(RECORD_LAYER *dst, RECORD_LAYER *src);
 void RECORD_LAYER_reset_read_sequence(RECORD_LAYER *rl);
 void RECORD_LAYER_reset_write_sequence(RECORD_LAYER *rl);
 int RECORD_LAYER_setup_comp_buffer(RECORD_LAYER *rl);
+int RECORD_LAYER_is_sslv2_record(RECORD_LAYER *rl);
+unsigned int RECORD_LAYER_get_rrec_length(RECORD_LAYER *rl);
 __owur int ssl3_pending(const SSL *s);
-__owur int ssl23_read_bytes(SSL *s, int n);
-__owur int ssl23_write_bytes(SSL *s);
 __owur int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
 __owur int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
                          unsigned int len, int create_empty_fragment);
Unnamed repository; edit this file 'description' to name the repository.