X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fd1_both.c;h=bcdba7481972c5fb0c9367a4f41f2469c2310778;hp=a7d0a82085302c992475e76ddc42311ab07aae8e;hb=6218a1f57e7e25a6b9a798f00cf5f0e56a02ff31;hpb=5178a16c4375471d25e1f5ef5de46febb62a5529 diff --git a/ssl/d1_both.c b/ssl/d1_both.c index a7d0a82085..bcdba74819 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c @@ -170,12 +170,12 @@ static hm_fragment *dtls1_hm_fragment_new(unsigned long frag_len, unsigned char *buf = NULL; unsigned char *bitmask = NULL; - frag = (hm_fragment *)OPENSSL_malloc(sizeof(hm_fragment)); + frag = OPENSSL_malloc(sizeof(*frag)); if (frag == NULL) return NULL; if (frag_len) { - buf = (unsigned char *)OPENSSL_malloc(frag_len); + buf = OPENSSL_malloc(frag_len); if (buf == NULL) { OPENSSL_free(frag); return NULL; @@ -187,11 +187,9 @@ static hm_fragment *dtls1_hm_fragment_new(unsigned long frag_len, /* Initialize reassembly bitmask if necessary */ if (reassembly) { - bitmask = - (unsigned char *)OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len)); + bitmask = OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len)); if (bitmask == NULL) { - if (buf != NULL) - OPENSSL_free(buf); + OPENSSL_free(buf); OPENSSL_free(frag); return NULL; } @@ -205,17 +203,16 @@ static hm_fragment *dtls1_hm_fragment_new(unsigned long frag_len, void dtls1_hm_fragment_free(hm_fragment *frag) { - + if (!frag) + return; if (frag->msg_header.is_ccs) { EVP_CIPHER_CTX_free(frag->msg_header. saved_retransmit_state.enc_write_ctx); EVP_MD_CTX_destroy(frag->msg_header. saved_retransmit_state.write_hash); } - if (frag->fragment) - OPENSSL_free(frag->fragment); - if (frag->reassembly) - OPENSSL_free(frag->reassembly); + OPENSSL_free(frag->fragment); + OPENSSL_free(frag->reassembly); OPENSSL_free(frag); } @@ -470,7 +467,7 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) } msg_hdr = &s->d1->r_msg_hdr; - memset(msg_hdr, 0x00, sizeof(struct hm_header_st)); + memset(msg_hdr, 0, sizeof(*msg_hdr)); again: i = dtls1_get_message_fragment(s, st1, stn, max, ok); @@ -500,7 +497,7 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, msg_len, s, s->msg_callback_arg); - memset(msg_hdr, 0x00, sizeof(struct hm_header_st)); + memset(msg_hdr, 0, sizeof(*msg_hdr)); /* Don't change sequence numbers while listening */ if (!s->d1->listen) @@ -728,7 +725,7 @@ dtls1_reassemble_fragment(SSL *s, const struct hm_header_st *msg_hdr, int *ok) return DTLS1_HM_FRAGMENT_RETRY; err: - if (frag != NULL && item == NULL) + if (item == NULL) dtls1_hm_fragment_free(frag); *ok = 0; return i; @@ -825,7 +822,7 @@ dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st *msg_hdr, return DTLS1_HM_FRAGMENT_RETRY; err: - if (frag != NULL && item == NULL) + if (item == NULL) dtls1_hm_fragment_free(frag); *ok = 0; return i; @@ -961,7 +958,7 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok) /*- * for these 2 messages, we need to * ssl->enc_read_ctx re-init - * ssl->s3->read_sequence zero + * ssl->rlayer.read_sequence zero * ssl->s3->read_mac_secret re-init * ssl->session->read_sym_enc assign * ssl->session->read_compression assign @@ -989,7 +986,10 @@ int dtls1_send_change_cipher_spec(SSL *s, int a, int b) s->d1->handshake_write_seq, 0, 0); /* buffer the message to handle re-xmits */ - dtls1_buffer_message(s, 1); + if (!dtls1_buffer_message(s, 1)) { + SSLerr(SSL_F_DTLS1_SEND_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR); + return -1; + } s->state = b; } @@ -1107,7 +1107,8 @@ int dtls1_buffer_message(SSL *s, int is_ccs) frag->msg_header.saved_retransmit_state.write_hash = s->write_hash; frag->msg_header.saved_retransmit_state.compress = s->compress; frag->msg_header.saved_retransmit_state.session = s->session; - frag->msg_header.saved_retransmit_state.epoch = s->d1->w_epoch; + frag->msg_header.saved_retransmit_state.epoch = + DTLS_RECORD_LAYER_get_w_epoch(&s->rlayer); memset(seq64be, 0, sizeof(seq64be)); seq64be[6] = @@ -1140,7 +1141,6 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off, unsigned long header_length; unsigned char seq64be[8]; struct dtls1_retransmit_state saved_state; - unsigned char save_write_sequence[8]; /*- OPENSSL_assert(s->init_num == 0); @@ -1181,8 +1181,7 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off, saved_state.write_hash = s->write_hash; saved_state.compress = s->compress; saved_state.session = s->session; - saved_state.epoch = s->d1->w_epoch; - saved_state.epoch = s->d1->w_epoch; + saved_state.epoch = DTLS_RECORD_LAYER_get_w_epoch(&s->rlayer); s->d1->retransmitting = 1; @@ -1191,15 +1190,8 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off, s->write_hash = frag->msg_header.saved_retransmit_state.write_hash; s->compress = frag->msg_header.saved_retransmit_state.compress; s->session = frag->msg_header.saved_retransmit_state.session; - s->d1->w_epoch = frag->msg_header.saved_retransmit_state.epoch; - - if (frag->msg_header.saved_retransmit_state.epoch == - saved_state.epoch - 1) { - memcpy(save_write_sequence, s->s3->write_sequence, - sizeof(s->s3->write_sequence)); - memcpy(s->s3->write_sequence, s->d1->last_write_sequence, - sizeof(s->s3->write_sequence)); - } + DTLS_RECORD_LAYER_set_saved_w_epoch(&s->rlayer, + frag->msg_header.saved_retransmit_state.epoch); ret = dtls1_do_write(s, frag->msg_header.is_ccs ? SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE); @@ -1209,15 +1201,7 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off, s->write_hash = saved_state.write_hash; s->compress = saved_state.compress; s->session = saved_state.session; - s->d1->w_epoch = saved_state.epoch; - - if (frag->msg_header.saved_retransmit_state.epoch == - saved_state.epoch - 1) { - memcpy(s->d1->last_write_sequence, s->s3->write_sequence, - sizeof(s->s3->write_sequence)); - memcpy(s->s3->write_sequence, save_write_sequence, - sizeof(s->s3->write_sequence)); - } + DTLS_RECORD_LAYER_set_saved_w_epoch(&s->rlayer, saved_state.epoch); s->d1->retransmitting = 0; @@ -1237,7 +1221,7 @@ void dtls1_clear_record_buffer(SSL *s) } } -unsigned char *dtls1_set_message_header(SSL *s, unsigned char *p, +void dtls1_set_message_header(SSL *s, unsigned char *p, unsigned char mt, unsigned long len, unsigned long frag_off, unsigned long frag_len) @@ -1250,8 +1234,6 @@ unsigned char *dtls1_set_message_header(SSL *s, unsigned char *p, dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq, frag_off, frag_len); - - return p += DTLS1_HM_HEADER_LENGTH; } /* don't actually do the writing, wait till the MTU has been retrieved */ @@ -1307,7 +1289,7 @@ unsigned int dtls1_min_mtu(SSL *s) void dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr) { - memset(msg_hdr, 0x00, sizeof(struct hm_header_st)); + memset(msg_hdr, 0, sizeof(*msg_hdr)); msg_hdr->type = *(data++); n2l3(data, msg_hdr->msg_len); @@ -1316,13 +1298,6 @@ dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr) n2l3(data, msg_hdr->frag_len); } -void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr) -{ - memset(ccs_hdr, 0x00, sizeof(struct ccs_header_st)); - - ccs_hdr->type = *(data++); -} - int dtls1_shutdown(SSL *s) { int ret; @@ -1346,27 +1321,26 @@ int dtls1_shutdown(SSL *s) } #ifndef OPENSSL_NO_HEARTBEATS -int dtls1_process_heartbeat(SSL *s) +int dtls1_process_heartbeat(SSL *s, unsigned char *p, unsigned int length) { - unsigned char *p = &s->s3->rrec.data[0], *pl; + unsigned char *pl; unsigned short hbtype; unsigned int payload; unsigned int padding = 16; /* Use minimum padding */ if (s->msg_callback) s->msg_callback(0, s->version, TLS1_RT_HEARTBEAT, - &s->s3->rrec.data[0], s->s3->rrec.length, - s, s->msg_callback_arg); + p, length, s, s->msg_callback_arg); /* Read type and payload length first */ - if (1 + 2 + 16 > s->s3->rrec.length) + if (1 + 2 + 16 > length) return 0; /* silently discard */ - if (s->s3->rrec.length > SSL3_RT_MAX_PLAIN_LENGTH) + if (length > SSL3_RT_MAX_PLAIN_LENGTH) return 0; /* silently discard per RFC 6520 sec. 4 */ hbtype = *p++; n2s(p, payload); - if (1 + 2 + payload + 16 > s->s3->rrec.length) + if (1 + 2 + payload + 16 > length) return 0; /* silently discard per RFC 6520 sec. 4 */ pl = p; @@ -1395,7 +1369,10 @@ int dtls1_process_heartbeat(SSL *s) memcpy(bp, pl, payload); bp += payload; /* Random padding */ - RAND_pseudo_bytes(bp, padding); + if (RAND_bytes(bp, padding) <= 0) { + OPENSSL_free(buffer); + return -1; + } r = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, write_length); @@ -1429,7 +1406,7 @@ int dtls1_process_heartbeat(SSL *s) int dtls1_heartbeat(SSL *s) { unsigned char *buf, *p; - int ret; + int ret = -1; unsigned int payload = 18; /* Sequence number + random bytes */ unsigned int padding = 16; /* Use minimum padding */ @@ -1481,10 +1458,16 @@ int dtls1_heartbeat(SSL *s) /* Sequence number */ s2n(s->tlsext_hb_seq, p); /* 16 random bytes */ - RAND_pseudo_bytes(p, 16); + if (RAND_bytes(p, 16) <= 0) { + SSLerr(SSL_F_DTLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR); + goto err; + } p += 16; /* Random padding */ - RAND_pseudo_bytes(p, padding); + if (RAND_bytes(p, padding) <= 0) { + SSLerr(SSL_F_DTLS1_HEARTBEAT, ERR_R_INTERNAL_ERROR); + goto err; + } ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding); if (ret >= 0) { @@ -1497,6 +1480,7 @@ int dtls1_heartbeat(SSL *s) s->tlsext_hb_pending = 1; } + err: OPENSSL_free(buf); return ret;