s->d1->handshake_write_seq, 0, 0);
/* buffer the message to handle re-xmits */
- dtls1_buffer_message(s, 1);
+ if(!dtls1_buffer_message(s, 1)) {
+ SSLerr(SSL_F_DTLS1_SEND_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
s->state = b;
}
}
}
-unsigned char *dtls1_set_message_header(SSL *s, unsigned char *p,
+void dtls1_set_message_header(SSL *s, unsigned char *p,
unsigned char mt, unsigned long len,
unsigned long frag_off,
unsigned long frag_len)
dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq,
frag_off, frag_len);
-
- return p += DTLS1_HM_HEADER_LENGTH;
}
/* don't actually do the writing, wait till the MTU has been retrieved */
memcpy(bp, pl, payload);
bp += payload;
/* Random padding */
- RAND_pseudo_bytes(bp, padding);
+ if (RAND_bytes(bp, padding) <= 0) {
+ OPENSSL_free(buffer);
+ return -1;
+ }
r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length);
int dtls1_heartbeat(SSL *s)
{
unsigned char *buf, *p;
- int ret;
+ int ret = -1;
unsigned int payload = 18; /* Sequence number + random bytes */
unsigned int padding = 16; /* Use minimum padding */
/* Sequence number */
s2n(s->tlsext_hb_seq, p);
/* 16 random bytes */
- RAND_pseudo_bytes(p, 16);
+ if (RAND_bytes(p, 16) <= 0) {
+ SSLerr(SSL_F_DTLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
p += 16;
/* Random padding */
- RAND_pseudo_bytes(p, padding);
+ if (RAND_bytes(p, padding) <= 0) {
+ SSLerr(SSL_F_DTLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding);
if (ret >= 0) {
s->tlsext_hb_pending = 1;
}
+ err:
OPENSSL_free(buf);
return ret;