projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Don't send zero length session ID if stateless session resupmtion is
[openssl.git]
/
ssl
/
d1_both.c
diff --git
a/ssl/d1_both.c
b/ssl/d1_both.c
index 219244db0d3e07da8f24c9d264327cff3b9c6fc9..87c8c9306f4d090d24e4e11d25860c03dfeda3c5 100644
(file)
--- a/
ssl/d1_both.c
+++ b/
ssl/d1_both.c
@@
-297,9
+297,9
@@
int dtls1_do_write(SSL *s, int type)
{
/* should not be done for 'Hello Request's, but in that case
* we'll ignore the result anyway */
{
/* should not be done for 'Hello Request's, but in that case
* we'll ignore the result anyway */
- unsigned char *p = &s->init_buf->data[s->init_off];
+ unsigned char *p =
(unsigned char *)
&s->init_buf->data[s->init_off];
const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
- int len;
+ int
x
len;
if (frag_off == 0)
{
if (frag_off == 0)
{
@@
-311,15
+311,15
@@
int dtls1_do_write(SSL *s, int type)
l2n3(0,p);
l2n3(msg_hdr->msg_len,p);
p -= DTLS1_HM_HEADER_LENGTH;
l2n3(0,p);
l2n3(msg_hdr->msg_len,p);
p -= DTLS1_HM_HEADER_LENGTH;
- len = ret;
+
x
len = ret;
}
else
{
p += DTLS1_HM_HEADER_LENGTH;
}
else
{
p += DTLS1_HM_HEADER_LENGTH;
- len = ret - DTLS1_HM_HEADER_LENGTH;
+
x
len = ret - DTLS1_HM_HEADER_LENGTH;
}
}
- ssl3_finish_mac(s, p, len);
+ ssl3_finish_mac(s, p,
x
len);
}
if (ret == s->init_num)
}
if (ret == s->init_num)
@@
-398,7
+398,7
@@
long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
* the potential damage caused by malformed overlaps. */
if ((unsigned int)s->init_num >= msg_hdr->msg_len)
{
* the potential damage caused by malformed overlaps. */
if ((unsigned int)s->init_num >= msg_hdr->msg_len)
{
- unsigned char *p = s->init_buf->data;
+ unsigned char *p =
(unsigned char *)
s->init_buf->data;
unsigned long msg_len = msg_hdr->msg_len;
/* reconstruct message header as if it was
unsigned long msg_len = msg_hdr->msg_len;
/* reconstruct message header as if it was
@@
-524,7
+524,7
@@
dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
if (al==0) /* no alert */
{
if (al==0) /* no alert */
{
- unsigned char *p = s->init_buf->data+DTLS1_HM_HEADER_LENGTH;
+ unsigned char *p =
(unsigned char *)
s->init_buf->data+DTLS1_HM_HEADER_LENGTH;
memcpy(&p[frag->msg_header.frag_off],
frag->fragment,frag->msg_header.frag_len);
}
memcpy(&p[frag->msg_header.frag_off],
frag->fragment,frag->msg_header.frag_len);
}
@@
-682,7
+682,7
@@
dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
if ( frag_len > 0)
{
if ( frag_len > 0)
{
- unsigned char *p=s->init_buf->data+DTLS1_HM_HEADER_LENGTH;
+ unsigned char *p=
(unsigned char *)
s->init_buf->data+DTLS1_HM_HEADER_LENGTH;
i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
&p[frag_off],frag_len,0);
i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
&p[frag_off],frag_len,0);
@@
-774,8
+774,6
@@
int dtls1_send_change_cipher_spec(SSL *s, int a, int b)
p=(unsigned char *)s->init_buf->data;
*p++=SSL3_MT_CCS;
s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
p=(unsigned char *)s->init_buf->data;
*p++=SSL3_MT_CCS;
s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
- s->d1->next_handshake_write_seq++;
-
s->init_num=DTLS1_CCS_HEADER_LENGTH;
s->init_off=0;
s->init_num=DTLS1_CCS_HEADER_LENGTH;
s->init_off=0;
@@
-965,6
+963,7
@@
dtls1_buffer_message(SSL *s, int is_ccs)
pitem *item;
hm_fragment *frag;
unsigned char seq64be[8];
pitem *item;
hm_fragment *frag;
unsigned char seq64be[8];
+ unsigned int epoch = s->d1->w_epoch;
/* this function is called immediately after a message has
* been serialized */
/* this function is called immediately after a message has
* been serialized */
@@
-978,6
+977,7
@@
dtls1_buffer_message(SSL *s, int is_ccs)
{
OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
DTLS1_CCS_HEADER_LENGTH == (unsigned int)s->init_num);
{
OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
DTLS1_CCS_HEADER_LENGTH == (unsigned int)s->init_num);
+ epoch++;
}
else
{
}
else
{
@@
-993,6
+993,8
@@
dtls1_buffer_message(SSL *s, int is_ccs)
frag->msg_header.is_ccs = is_ccs;
memset(seq64be,0,sizeof(seq64be));
frag->msg_header.is_ccs = is_ccs;
memset(seq64be,0,sizeof(seq64be));
+ seq64be[0] = (unsigned char)(epoch>>8);
+ seq64be[1] = (unsigned char)(epoch);
seq64be[6] = (unsigned char)(frag->msg_header.seq>>8);
seq64be[7] = (unsigned char)(frag->msg_header.seq);
seq64be[6] = (unsigned char)(frag->msg_header.seq>>8);
seq64be[7] = (unsigned char)(frag->msg_header.seq);