Remove some duplicate DTLS code.

In a couple of functions, a sequence number would be calculated twice.

Additionally, in |dtls1_process_out_of_seq_message|, we know that
|frag_len| <= |msg_hdr->msg_len| so the later tests for |frag_len <
msg_hdr->msg_len| can be more clearly written as |frag_len !=
msg_hdr->msg_len|, since that's the only remaining case.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>

diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index ea8f340cffaf72a6688e9a2e1fdacfd64ea885fd..89cdca806480b63022d72a19a99ad23cb1582fee 100644 (file)
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -599,7 +599,7 @@ static unsigned long dtls1_max_handshake_message_len(const SSL *s)
        }
 
 static int
-dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)
+dtls1_reassemble_fragment(SSL *s, const struct hm_header_st* msg_hdr, int *ok)
        {
        hm_fragment *frag = NULL;
        pitem *item = NULL;
@@ -682,10 +682,6 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)
 
        if (item == NULL)
                {
-               memset(seq64be,0,sizeof(seq64be));
-               seq64be[6] = (unsigned char)(msg_hdr->seq>>8);
-               seq64be[7] = (unsigned char)(msg_hdr->seq);
-
                item = pitem_new(seq64be, frag);
                if (item == NULL)
                        {
@@ -711,7 +707,7 @@ err:
 
 
 static int
-dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
+dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st* msg_hdr, int *ok)
 {
        int i=-1;
        hm_fragment *frag = NULL;
@@ -731,7 +727,7 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
        /* If we already have an entry and this one is a fragment,
         * don't discard it and rather try to reassemble it.
         */
-       if (item != NULL && frag_len < msg_hdr->msg_len)
+       if (item != NULL && frag_len != msg_hdr->msg_len)
                item = NULL;
 
        /* Discard the message if sequence number was already there, is
@@ -756,7 +752,7 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
                }
        else
                {
-               if (frag_len < msg_hdr->msg_len)
+               if (frag_len != msg_hdr->msg_len)
                        return dtls1_reassemble_fragment(s, msg_hdr, ok);
 
                if (frag_len > dtls1_max_handshake_message_len(s))
@@ -779,10 +775,6 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
                                goto err;
                        }
 
-               memset(seq64be,0,sizeof(seq64be));
-               seq64be[6] = (unsigned char)(msg_hdr->seq>>8);
-               seq64be[7] = (unsigned char)(msg_hdr->seq);
-
                item = pitem_new(seq64be, frag);
                if ( item == NULL)
                        goto err;