Revert another size_t change.

[openssl.git] / ssl / d1_lib.c

diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index d774521aaff9f751ee85075302c0fed5b37a14de..bd28b75e84c47ce93274bf8cfafc47ba2c664922 100644 (file)
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -61,11 +61,9 @@
 #include <openssl/objects.h>
 #include "ssl_locl.h"
 
-const char *dtls1_version_str="DTLSv1" OPENSSL_VERSION_PTEXT;
+const char dtls1_version_str[]="DTLSv1" OPENSSL_VERSION_PTEXT;
 
-static long dtls1_default_timeout(void);
-
-static SSL3_ENC_METHOD DTLSv1_enc_data={
+SSL3_ENC_METHOD DTLSv1_enc_data={
     dtls1_enc,
        tls1_mac,
        tls1_setup_key_block,
@@ -79,50 +77,13 @@ static SSL3_ENC_METHOD DTLSv1_enc_data={
        tls1_alert_code,
        };
 
-static SSL_METHOD DTLSv1_data= {
-       DTLS1_VERSION,
-       dtls1_new,
-       dtls1_clear,
-       dtls1_free,
-       ssl_undefined_function,
-       ssl_undefined_function,
-       ssl3_read,
-       ssl3_peek,
-       ssl3_write,
-       ssl3_shutdown,
-       ssl3_renegotiate,
-       ssl3_renegotiate_check,
-       dtls1_get_message,
-       dtls1_read_bytes,
-       dtls1_write_app_data_bytes,
-       dtls1_dispatch_alert,
-       ssl3_ctrl,
-       ssl3_ctx_ctrl,
-       ssl3_get_cipher_by_char,
-       ssl3_put_cipher_by_char,
-       ssl3_pending,
-       ssl3_num_ciphers,
-       ssl3_get_cipher,
-       ssl_bad_method,
-       dtls1_default_timeout,
-       &DTLSv1_enc_data,
-       ssl_undefined_void_function,
-       ssl3_callback_ctrl,
-       ssl3_ctx_callback_ctrl,
-       };
-
-static long dtls1_default_timeout(void)
+long dtls1_default_timeout(void)
        {
        /* 2 hours, the 24 hours mentioned in the DTLSv1 spec
         * is way too long for http, the cache would over fill */
        return(60*60*2);
        }
 
-SSL_METHOD *dtlsv1_base_method(void)
-       {
-       return(&DTLSv1_data);
-       }
-
 int dtls1_new(SSL *s)
        {
        DTLS1_STATE *d1;
@@ -132,10 +93,10 @@ int dtls1_new(SSL *s)
        memset(d1,0, sizeof *d1);
 
        /* d1->handshake_epoch=0; */
-       d1->bitmap.length=sizeof(d1->bitmap.map) * 8;
+
        d1->unprocessed_rcds.q=pqueue_new();
-    d1->processed_rcds.q=pqueue_new();
-    d1->buffered_messages = pqueue_new();
+       d1->processed_rcds.q=pqueue_new();
+       d1->buffered_messages = pqueue_new();
        d1->sent_messages=pqueue_new();
 
        if ( s->server)
@@ -206,3 +167,23 @@ void dtls1_clear(SSL *s)
        ssl3_clear(s);
        s->version=DTLS1_VERSION;
        }
+
+/*
+ * As it's impossible to use stream ciphers in "datagram" mode, this
+ * simple filter is designed to disengage them in DTLS. Unfortunately
+ * there is no universal way to identify stream SSL_CIPHER, so we have
+ * to explicitly list their SSL_* codes. Currently RC4 is the only one
+ * available, but if new ones emerge, they will have to be added...
+ */
+const SSL_CIPHER *dtls1_get_cipher(unsigned int u)
+       {
+       const SSL_CIPHER *ciph = ssl3_get_cipher(u);
+
+       if (ciph != NULL)
+               {
+               if (ciph->algorithm_enc == SSL_RC4)
+                       return NULL;
+               }
+
+       return ciph;
+       }