Reorganise state machine files Pull out the state machine into a separate sub directory. Also moved some functions which were nothing to do with the state machine but were in state machine files. Pulled all the SSL_METHOD definitions into one place...most of those files had very little left in them any more. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Move PACKET creation into the state machine Previously each message specific process function would create its own PACKET structure. Rather than duplicate all of this code lots of times we should create it in the state machine itself. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Remove redundant code Clean up and remove lots of code that is now no longer needed due to the move to the new state machine. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Move server side DTLS to new state machine Implement all of the necessary changes to make DTLS on the server work with the new state machine code. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Move server side TLS to new state machine Implement all of the necessary changes for moving TLS server side processing into the new state machine code. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Split TLS server functions Split the TLS server ssl3_get_* and ssl3_send_* functions into two ready for the migration to the new state machine code. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Remove useless code RT#4081 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Appease gcc's Wmaybe-uninitialized False positive: gcc (4.8) can't figure out the SSL_IS_DTLS logic. Reviewed-by: Richard Levitte <levitte@openssl.org>
DTLS: remove unused cookie field Note that this commit constifies a user callback parameter and therefore will break compilation for applications using this callback. But unless they are abusing write access to the buffer, the fix is trivial. Reviewed-by: Andy Polyakov <appro@openssl.org>
SSLv2 compat ciphers: clarify comment Reviewed-by: Matt Caswell <matt@openssl.org>
Add PACKET_copy_all Reviewed-by: Matt Caswell <matt@openssl.org>
PACKETize and clean up ssl_bytes_to_cipher_list. Fix alerts. Reviewed-by: Matt Caswell <matt@openssl.org>
ssl3_get_client_hello: rearrange logic Move all packet parsing to the beginning of the method. This limits the SSLv2 compatibility soup to the parsing, and makes the rest of the processing uniform. This is also needed for simpler EMS support: EMS servers need to do an early scan for EMS to make resumption decisions. This'll be easier when the entire ClientHello is parsed in the beginning. As a side effect, 1) PACKETize ssl_get_prev_session and tls1_process_ticket; and 2) Delete dead code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG. Reviewed-by: Matt Caswell <matt@openssl.org>
Remove ssl_put_cipher_by_char Since SSLv3, a CipherSuite is always 2 bytes. The only place where we need 3-byte ciphers is SSLv2-compatible ClientHello processing. So, remove the ssl_put_cipher_by_char indirection. Reviewed-by: Rich Salz <rsalz@openssl.org>
Remove PACKET_(get|goto)_bookmark The bookmark API results in a lot of boilerplate error checking that can be much more easily achieved with a simple struct copy. It also lays the path for removing the third PACKET field. Reviewed-by: Rich Salz <rsalz@openssl.org>
Disentangle RSA premaster secret parsing Simplify encrypted premaster secret reading by using new methods in the PACKET API. Don't overwrite the packet buffer. RSA decrypt accepts truncated ciphertext with leading zeroes omitted, so it's even possible that by crafting a valid ciphertext with several leading zeroes, this could cause a few bytes out-of-bounds write. The write is harmless because of the size of the underlying message buffer, but nevertheless we shouldn't write into the packet. Reviewed-by: Matt Caswell <matt@openssl.org>
Fix PSK identity hint handling. For server use a PSK identity hint value in the CERT structure which is inherited when SSL_new is called and which allows applications to set hints on a per-SSL basis. The previous version of SSL_use_psk_identity_hint tried (wrongly) to use the SSL_SESSION structure. PR#4039 Reviewed-by: Matt Caswell <matt@openssl.org>
Restore SSLerr on PACKET_strndup failure. Reviewed-by: Dr Stephen Henson <steve@openssl.org>
PACKET: add PACKET_memdup and PACKET_strndup Use each once in s3_srvr.c to show how they work. Also fix a bug introduced in c3fc7eeab884b6876a1b4006163f190d325aa047 and made apparent by this change: ssl3_get_next_proto wasn't updating next_proto_negotiated_len Reviewed-by: Matt Caswell <matt@openssl.org>
PACKET: add methods for reading length-prefixed TLS vectors. Rewrite ssl3_get_client_hello to use the new methods. Reviewed-by: Matt Caswell <matt@openssl.org>