* permitted in a DTLS handshake message for |s|. The minimum is 16KB, but
* may be greater if the maximum certificate list size requires it.
*/
-static unsigned long dtls1_max_handshake_message_len(const SSL *s)
+static size_t dtls1_max_handshake_message_len(const SSL *s)
{
- unsigned long max_len =
- DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
- if (max_len < (unsigned long)s->max_cert_list)
+ size_t max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
+ if (max_len < s->max_cert_list)
return s->max_cert_list;
return max_len;
}
int i = -1, is_complete;
unsigned char seq64be[8];
size_t frag_len = msg_hdr->frag_len;
- size_t read;
+ size_t readbytes;
if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len ||
msg_hdr->msg_len > dtls1_max_handshake_message_len(s))
devnull,
frag_len >
sizeof(devnull) ? sizeof(devnull) :
- frag_len, 0, &read);
+ frag_len, 0, &readbytes);
if (i <= 0)
goto err;
- frag_len -= read;
+ frag_len -= readbytes;
}
return DTLS1_HM_FRAGMENT_RETRY;
}
/* read the body of the fragment (header has already been read */
i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, NULL,
frag->fragment + msg_hdr->frag_off,
- frag_len, 0, &read);
- if (i <= 0 || read != frag_len)
+ frag_len, 0, &readbytes);
+ if (i <= 0 || readbytes != frag_len)
i = -1;
if (i <= 0)
goto err;
pitem *item = NULL;
unsigned char seq64be[8];
size_t frag_len = msg_hdr->frag_len;
- size_t read;
+ size_t readbytes;
if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len)
goto err;
devnull,
frag_len >
sizeof(devnull) ? sizeof(devnull) :
- frag_len, 0, &read);
+ frag_len, 0, &readbytes);
if (i <= 0)
goto err;
- frag_len -= read;
+ frag_len -= readbytes;
}
} else {
if (frag_len != msg_hdr->msg_len) {
- return dtls1_reassemble_fragment(s, msg_hdr);;
+ return dtls1_reassemble_fragment(s, msg_hdr);
}
if (frag_len > dtls1_max_handshake_message_len(s))
* read the body of the fragment (header has already been read
*/
i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, NULL,
- frag->fragment, frag_len, 0, &read);
- if (i<=0 || read != frag_len)
+ frag->fragment, frag_len, 0,
+ &readbytes);
+ if (i<=0 || readbytes != frag_len)
i = -1;
if (i <= 0)
goto err;
size_t mlen, frag_off, frag_len;
int i, al, recvd_type;
struct hm_header_st msg_hdr;
- size_t read;
+ size_t readbytes;
*errtype = 0;
/* read handshake message header */
i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, &recvd_type, wire,
- DTLS1_HM_HEADER_LENGTH, 0, &read);
+ DTLS1_HM_HEADER_LENGTH, 0, &readbytes);
if (i <= 0) { /* nbio, or an error */
s->rwstate = SSL_READING;
*len = 0;
goto f_err;
}
- memcpy(s->init_buf->data, wire, read);
- s->init_num = read - 1;
+ memcpy(s->init_buf->data, wire, readbytes);
+ s->init_num = readbytes - 1;
s->init_msg = s->init_buf->data + 1;
s->s3->tmp.message_type = SSL3_MT_CHANGE_CIPHER_SPEC;
- s->s3->tmp.message_size = read - 1;
- *len = read - 1;
+ s->s3->tmp.message_size = readbytes - 1;
+ *len = readbytes - 1;
return 1;
}
/* Handshake fails if message header is incomplete */
- if (read != DTLS1_HM_HEADER_LENGTH) {
+ if (readbytes != DTLS1_HM_HEADER_LENGTH) {
al = SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_DTLS_GET_REASSEMBLED_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);
goto f_err;
return 0;
}
- if (!s->server && s->d1->r_msg_hdr.frag_off == 0 &&
- wire[0] == SSL3_MT_HELLO_REQUEST) {
+ if (!s->server
+ && s->d1->r_msg_hdr.frag_off == 0
+ && s->statem.hand_state != TLS_ST_OK
+ && wire[0] == SSL3_MT_HELLO_REQUEST) {
/*
* The server may always send 'Hello Request' messages -- we are
* doing a handshake anyway now, so ignore them if their format is
(unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, NULL,
- &p[frag_off], frag_len, 0, &read);
+ &p[frag_off], frag_len, 0, &readbytes);
/*
* This shouldn't ever fail due to NBIO because we already checked
return 0;
}
} else {
- read = 0;
+ readbytes = 0;
}
/*
* XDTLS: an incorrectly formatted fragment should cause the handshake
* to fail
*/
- if (read != frag_len) {
+ if (readbytes != frag_len) {
al = SSL3_AD_ILLEGAL_PARAMETER;
SSLerr(SSL_F_DTLS_GET_REASSEMBLED_MESSAGE, SSL3_AD_ILLEGAL_PARAMETER);
goto f_err;
*/
return code;
}
-#ifndef OPENSSL_NO_HEARTBEATS
- /* done, no need to send a retransmit */
- if (!SSL_in_init(s) && !s->tlsext_hb_pending)
-#else
/* done, no need to send a retransmit */
if (!SSL_in_init(s))
-#endif
{
BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
return code;