*/
#include <stdio.h>
+#include <assert.h>
#include <limits.h>
#include <errno.h>
#define USE_SOCKETS
&& SSL3_BUFFER_get_left(&rl->wbuf[rl->numwpipes - 1]) != 0;
}
-int RECORD_LAYER_set_data(RECORD_LAYER *rl, const unsigned char *buf,
- size_t len)
-{
- rl->packet_length = len;
- if (len != 0) {
- rl->rstate = SSL_ST_READ_HEADER;
- if (!SSL3_BUFFER_is_initialised(&rl->rbuf))
- if (!ssl3_setup_read_buffer(rl->s))
- return 0;
- }
-
- rl->packet = SSL3_BUFFER_get_buf(&rl->rbuf);
- SSL3_BUFFER_set_data(&rl->rbuf, buf, len);
-
- return 1;
-}
-
void RECORD_LAYER_reset_read_sequence(RECORD_LAYER *rl)
{
memset(rl->read_sequence, 0, sizeof(rl->read_sequence));
if (type == SSL3_RT_APPLICATION_DATA &&
len >= 4 * (max_send_fragment = s->max_send_fragment) &&
s->compress == NULL && s->msg_callback == NULL &&
- !SSL_USE_ETM(s) && SSL_USE_EXPLICIT_IV(s) &&
+ !SSL_WRITE_ETM(s) && SSL_USE_EXPLICIT_IV(s) &&
EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(s->enc_write_ctx)) &
EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK) {
unsigned char aad[13];
maxcomplen = pipelens[j];
if (s->compress != NULL)
- pipelens[j] += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
+ maxcomplen += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
/* write the header */
if (!WPACKET_put_bytes_u8(thispkt, rectype)
* in the wb->buf
*/
- if (!SSL_USE_ETM(s) && mac_size != 0) {
+ if (!SSL_WRITE_ETM(s) && mac_size != 0) {
unsigned char *mac;
if (!WPACKET_allocate_bytes(thispkt, mac_size, &mac)
SSLerr(SSL_F_DO_SSL3_WRITE, ERR_R_INTERNAL_ERROR);
goto err;
}
- if (SSL_USE_ETM(s) && mac_size != 0) {
+ if (SSL_WRITE_ETM(s) && mac_size != 0) {
unsigned char *mac;
if (!WPACKET_allocate_bytes(thispkt, mac_size, &mac)
}
}
- /*
- * TODO(TLS1.3): Temporarily we will just ignore NewSessionTicket messages.
- * Later we will want to process them.
- */
- if (!s->server && SSL_IS_TLS13(s) && s->rlayer.handshake_fragment_len >= 4
- && s->rlayer.handshake_fragment[0] == SSL3_MT_NEWSESSION_TICKET) {
- SSL3_RECORD_set_read(rr);
- goto start;
- }
-
/*-
* s->rlayer.handshake_fragment_len == 4 iff rr->type == SSL3_RT_HANDSHAKE;
* s->rlayer.alert_fragment_len == 2 iff rr->type == SSL3_RT_ALERT.
* (Possibly rr is 'empty' now, i.e. rr->length may be 0.)
*/
- /* If we are a client, check for an incoming 'Hello Request': */
- if ((!s->server) &&
- (s->rlayer.handshake_fragment_len >= 4) &&
- (s->rlayer.handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
- (s->session != NULL) && (s->session->cipher != NULL)) {
- s->rlayer.handshake_fragment_len = 0;
-
- if ((s->rlayer.handshake_fragment[1] != 0) ||
- (s->rlayer.handshake_fragment[2] != 0) ||
- (s->rlayer.handshake_fragment[3] != 0)) {
- al = SSL_AD_DECODE_ERROR;
- SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_BAD_HELLO_REQUEST);
- goto f_err;
- }
-
- if (s->msg_callback)
- s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
- s->rlayer.handshake_fragment, 4, s,
- s->msg_callback_arg);
-
- if (SSL_is_init_finished(s) &&
- !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
- !s->s3->renegotiate) {
- ssl3_renegotiate(s);
- if (ssl3_renegotiate_check(s)) {
- i = s->handshake_func(s);
- if (i < 0)
- return i;
- if (i == 0) {
- SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE);
- return -1;
- }
-
- if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
- if (SSL3_BUFFER_get_left(rbuf) == 0) {
- /* no read-ahead left? */
- BIO *bio;
- /*
- * In the case where we try to read application data,
- * but we trigger an SSL handshake, we return -1 with
- * the retry option set. Otherwise renegotiation may
- * cause nasty problems in the blocking world
- */
- s->rwstate = SSL_READING;
- bio = SSL_get_rbio(s);
- BIO_clear_retry_flags(bio);
- BIO_set_retry_read(bio);
- return -1;
- }
- }
- } else {
- SSL3_RECORD_set_read(rr);
- }
- } else {
- /* Does this ever happen? */
- SSL3_RECORD_set_read(rr);
- }
- /*
- * we either finished a handshake or ignored the request, now try
- * again to obtain the (application) data we were asked for
- */
- goto start;
- }
/*
* If we are a server and get a client hello when renegotiation isn't
* allowed send back a no renegotiation alert and carry on. WARNING:
SSL_is_init_finished(s) &&
!s->s3->send_connection_binding &&
(s->version > SSL3_VERSION) &&
+ !SSL_IS_TLS13(s) &&
(s->rlayer.handshake_fragment_len >= 4) &&
(s->rlayer.handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) &&
(s->session != NULL) && (s->session->cipher != NULL) &&
SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_NO_RENEGOTIATION);
goto f_err;
}
-#ifdef SSL_AD_MISSING_SRP_USERNAME
- else if (alert_descr == SSL_AD_MISSING_SRP_USERNAME)
- return (0);
-#endif
} else if (alert_level == SSL3_AL_FATAL) {
char tmp[16];
}
/*
- * Unexpected handshake message (Client Hello, or protocol violation)
+ * Unexpected handshake message (ClientHello, NewSessionTicket (TLS1.3) or
+ * protocol violation)
*/
if ((s->rlayer.handshake_fragment_len >= 4)
- && !ossl_statem_get_in_handshake(s)) {
- if (SSL_is_init_finished(s) &&
- !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
- ossl_statem_set_in_init(s, 1);
- s->renegotiate = 1;
- s->new_session = 1;
+ && !ossl_statem_get_in_handshake(s)) {
+ /*
+ * To get here we must be trying to read app data but found handshake
+ * data. But if we're trying to read app data, and we're not in init
+ * (which is tested for at the top of this function) then init must be
+ * finished
+ */
+ assert(SSL_is_init_finished(s));
+ if (!SSL_is_init_finished(s)) {
+ al = SSL_AD_INTERNAL_ERROR;
+ SSLerr(SSL_F_SSL3_READ_BYTES, ERR_R_INTERNAL_ERROR);
+ goto f_err;
}
+
+ /* We found handshake data, so we're going back into init */
+ ossl_statem_set_in_init(s, 1);
+
i = s->handshake_func(s);
if (i < 0)
return i;