diff options
| author | beck <> | 2017-01-23 06:45:30 +0000 |
|---|---|---|
| committer | beck <> | 2017-01-23 06:45:30 +0000 |
| commit | fedd988b9f44e5e0ccf1a340f14354f32800d524 (patch) | |
| tree | dfb700c2a3d1498e8069f1fab4c6691ef0f3fef1 | |
| parent | 3b1c7c5973d7e6aca42940bd4e07900c35d585f5 (diff) | |
| download | openbsd-fedd988b9f44e5e0ccf1a340f14354f32800d524.tar.gz openbsd-fedd988b9f44e5e0ccf1a340f14354f32800d524.tar.bz2 openbsd-fedd988b9f44e5e0ccf1a340f14354f32800d524.zip | |
Move a large part of ssl_st into internal, so we can see what squeals.
ok jsing@
| -rw-r--r-- | src/lib/libssl/d1_both.c | 140 | ||||
| -rw-r--r-- | src/lib/libssl/d1_clnt.c | 82 | ||||
| -rw-r--r-- | src/lib/libssl/d1_enc.c | 22 | ||||
| -rw-r--r-- | src/lib/libssl/d1_pkt.c | 100 | ||||
| -rw-r--r-- | src/lib/libssl/d1_srtp.c | 18 | ||||
| -rw-r--r-- | src/lib/libssl/d1_srvr.c | 78 | ||||
| -rw-r--r-- | src/lib/libssl/s23_clnt.c | 36 | ||||
| -rw-r--r-- | src/lib/libssl/s23_pkt.c | 34 | ||||
| -rw-r--r-- | src/lib/libssl/s23_srvr.c | 36 | ||||
| -rw-r--r-- | src/lib/libssl/s3_both.c | 86 | ||||
| -rw-r--r-- | src/lib/libssl/s3_cbc.c | 4 | ||||
| -rw-r--r-- | src/lib/libssl/s3_clnt.c | 116 | ||||
| -rw-r--r-- | src/lib/libssl/s3_lib.c | 62 | ||||
| -rw-r--r-- | src/lib/libssl/s3_pkt.c | 122 | ||||
| -rw-r--r-- | src/lib/libssl/s3_srvr.c | 150 | ||||
| -rw-r--r-- | src/lib/libssl/ssl.h | 104 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_cert.c | 12 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_lib.c | 220 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_locl.h | 108 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_sess.c | 30 | ||||
| -rw-r--r-- | src/lib/libssl/t1_enc.c | 80 | ||||
| -rw-r--r-- | src/lib/libssl/t1_lib.c | 140 |
22 files changed, 892 insertions, 888 deletions
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c index 962b73ed6c..f440a8baf2 100644 --- a/src/lib/libssl/d1_both.c +++ b/src/lib/libssl/d1_both.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_both.c,v 1.43 2017/01/23 04:55:26 beck Exp $ */ | 1 | /* $OpenBSD: d1_both.c,v 1.44 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -223,7 +223,7 @@ dtls1_hm_fragment_free(hm_fragment *frag) | |||
| 223 | free(frag); | 223 | free(frag); |
| 224 | } | 224 | } |
| 225 | 225 | ||
| 226 | /* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */ | 226 | /* send s->internal->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */ |
| 227 | int | 227 | int |
| 228 | dtls1_do_write(SSL *s, int type) | 228 | dtls1_do_write(SSL *s, int type) |
| 229 | { | 229 | { |
| @@ -253,23 +253,23 @@ dtls1_do_write(SSL *s, int type) | |||
| 253 | OPENSSL_assert(D1I(s)->mtu >= dtls1_min_mtu()); | 253 | OPENSSL_assert(D1I(s)->mtu >= dtls1_min_mtu()); |
| 254 | /* should have something reasonable now */ | 254 | /* should have something reasonable now */ |
| 255 | 255 | ||
| 256 | if (s->init_off == 0 && type == SSL3_RT_HANDSHAKE) | 256 | if (s->internal->init_off == 0 && type == SSL3_RT_HANDSHAKE) |
| 257 | OPENSSL_assert(s->init_num == | 257 | OPENSSL_assert(s->internal->init_num == |
| 258 | (int)D1I(s)->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH); | 258 | (int)D1I(s)->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH); |
| 259 | 259 | ||
| 260 | if (s->write_hash) | 260 | if (s->internal->write_hash) |
| 261 | mac_size = EVP_MD_CTX_size(s->write_hash); | 261 | mac_size = EVP_MD_CTX_size(s->internal->write_hash); |
| 262 | else | 262 | else |
| 263 | mac_size = 0; | 263 | mac_size = 0; |
| 264 | 264 | ||
| 265 | if (s->enc_write_ctx && | 265 | if (s->internal->enc_write_ctx && |
| 266 | (EVP_CIPHER_mode( s->enc_write_ctx->cipher) & EVP_CIPH_CBC_MODE)) | 266 | (EVP_CIPHER_mode( s->internal->enc_write_ctx->cipher) & EVP_CIPH_CBC_MODE)) |
| 267 | blocksize = 2 * EVP_CIPHER_block_size(s->enc_write_ctx->cipher); | 267 | blocksize = 2 * EVP_CIPHER_block_size(s->internal->enc_write_ctx->cipher); |
| 268 | else | 268 | else |
| 269 | blocksize = 0; | 269 | blocksize = 0; |
| 270 | 270 | ||
| 271 | frag_off = 0; | 271 | frag_off = 0; |
| 272 | while (s->init_num) { | 272 | while (s->internal->init_num) { |
| 273 | curr_mtu = D1I(s)->mtu - BIO_wpending(SSL_get_wbio(s)) - | 273 | curr_mtu = D1I(s)->mtu - BIO_wpending(SSL_get_wbio(s)) - |
| 274 | DTLS1_RT_HEADER_LENGTH - mac_size - blocksize; | 274 | DTLS1_RT_HEADER_LENGTH - mac_size - blocksize; |
| 275 | 275 | ||
| @@ -282,36 +282,36 @@ dtls1_do_write(SSL *s, int type) | |||
| 282 | mac_size - blocksize; | 282 | mac_size - blocksize; |
| 283 | } | 283 | } |
| 284 | 284 | ||
| 285 | if (s->init_num > curr_mtu) | 285 | if (s->internal->init_num > curr_mtu) |
| 286 | len = curr_mtu; | 286 | len = curr_mtu; |
| 287 | else | 287 | else |
| 288 | len = s->init_num; | 288 | len = s->internal->init_num; |
| 289 | 289 | ||
| 290 | 290 | ||
| 291 | /* XDTLS: this function is too long. split out the CCS part */ | 291 | /* XDTLS: this function is too long. split out the CCS part */ |
| 292 | if (type == SSL3_RT_HANDSHAKE) { | 292 | if (type == SSL3_RT_HANDSHAKE) { |
| 293 | if (s->init_off != 0) { | 293 | if (s->internal->init_off != 0) { |
| 294 | OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH); | 294 | OPENSSL_assert(s->internal->init_off > DTLS1_HM_HEADER_LENGTH); |
| 295 | s->init_off -= DTLS1_HM_HEADER_LENGTH; | 295 | s->internal->init_off -= DTLS1_HM_HEADER_LENGTH; |
| 296 | s->init_num += DTLS1_HM_HEADER_LENGTH; | 296 | s->internal->init_num += DTLS1_HM_HEADER_LENGTH; |
| 297 | 297 | ||
| 298 | if (s->init_num > curr_mtu) | 298 | if (s->internal->init_num > curr_mtu) |
| 299 | len = curr_mtu; | 299 | len = curr_mtu; |
| 300 | else | 300 | else |
| 301 | len = s->init_num; | 301 | len = s->internal->init_num; |
| 302 | } | 302 | } |
| 303 | 303 | ||
| 304 | dtls1_fix_message_header(s, frag_off, | 304 | dtls1_fix_message_header(s, frag_off, |
| 305 | len - DTLS1_HM_HEADER_LENGTH); | 305 | len - DTLS1_HM_HEADER_LENGTH); |
| 306 | 306 | ||
| 307 | dtls1_write_message_header(s, | 307 | dtls1_write_message_header(s, |
| 308 | (unsigned char *)&s->init_buf->data[s->init_off]); | 308 | (unsigned char *)&s->internal->init_buf->data[s->internal->init_off]); |
| 309 | 309 | ||
| 310 | OPENSSL_assert(len >= DTLS1_HM_HEADER_LENGTH); | 310 | OPENSSL_assert(len >= DTLS1_HM_HEADER_LENGTH); |
| 311 | } | 311 | } |
| 312 | 312 | ||
| 313 | ret = dtls1_write_bytes(s, type, | 313 | ret = dtls1_write_bytes(s, type, |
| 314 | &s->init_buf->data[s->init_off], len); | 314 | &s->internal->init_buf->data[s->internal->init_off], len); |
| 315 | if (ret < 0) { | 315 | if (ret < 0) { |
| 316 | /* | 316 | /* |
| 317 | * Might need to update MTU here, but we don't know | 317 | * Might need to update MTU here, but we don't know |
| @@ -342,7 +342,7 @@ dtls1_do_write(SSL *s, int type) | |||
| 342 | * but in that case we'll ignore the result | 342 | * but in that case we'll ignore the result |
| 343 | * anyway | 343 | * anyway |
| 344 | */ | 344 | */ |
| 345 | unsigned char *p = (unsigned char *)&s->init_buf->data[s->init_off]; | 345 | unsigned char *p = (unsigned char *)&s->internal->init_buf->data[s->internal->init_off]; |
| 346 | const struct hm_header_st *msg_hdr = &D1I(s)->w_msg_hdr; | 346 | const struct hm_header_st *msg_hdr = &D1I(s)->w_msg_hdr; |
| 347 | int xlen; | 347 | int xlen; |
| 348 | 348 | ||
| @@ -366,21 +366,21 @@ dtls1_do_write(SSL *s, int type) | |||
| 366 | tls1_finish_mac(s, p, xlen); | 366 | tls1_finish_mac(s, p, xlen); |
| 367 | } | 367 | } |
| 368 | 368 | ||
| 369 | if (ret == s->init_num) { | 369 | if (ret == s->internal->init_num) { |
| 370 | if (s->internal->msg_callback) | 370 | if (s->internal->msg_callback) |
| 371 | s->internal->msg_callback(1, s->version, type, | 371 | s->internal->msg_callback(1, s->version, type, |
| 372 | s->init_buf->data, | 372 | s->internal->init_buf->data, |
| 373 | (size_t)(s->init_off + s->init_num), | 373 | (size_t)(s->internal->init_off + s->internal->init_num), |
| 374 | s, s->internal->msg_callback_arg); | 374 | s, s->internal->msg_callback_arg); |
| 375 | 375 | ||
| 376 | s->init_off = 0; | 376 | s->internal->init_off = 0; |
| 377 | /* done writing this message */ | 377 | /* done writing this message */ |
| 378 | s->init_num = 0; | 378 | s->internal->init_num = 0; |
| 379 | 379 | ||
| 380 | return (1); | 380 | return (1); |
| 381 | } | 381 | } |
| 382 | s->init_off += ret; | 382 | s->internal->init_off += ret; |
| 383 | s->init_num -= ret; | 383 | s->internal->init_num -= ret; |
| 384 | frag_off += (ret -= DTLS1_HM_HEADER_LENGTH); | 384 | frag_off += (ret -= DTLS1_HM_HEADER_LENGTH); |
| 385 | } | 385 | } |
| 386 | } | 386 | } |
| @@ -415,9 +415,9 @@ dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) | |||
| 415 | goto f_err; | 415 | goto f_err; |
| 416 | } | 416 | } |
| 417 | *ok = 1; | 417 | *ok = 1; |
| 418 | s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH; | 418 | s->internal->init_msg = s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH; |
| 419 | s->init_num = (int)S3I(s)->tmp.message_size; | 419 | s->internal->init_num = (int)S3I(s)->tmp.message_size; |
| 420 | return s->init_num; | 420 | return s->internal->init_num; |
| 421 | } | 421 | } |
| 422 | 422 | ||
| 423 | msg_hdr = &D1I(s)->r_msg_hdr; | 423 | msg_hdr = &D1I(s)->r_msg_hdr; |
| @@ -431,7 +431,7 @@ again: | |||
| 431 | else if (i <= 0 && !*ok) | 431 | else if (i <= 0 && !*ok) |
| 432 | return i; | 432 | return i; |
| 433 | 433 | ||
| 434 | p = (unsigned char *)s->init_buf->data; | 434 | p = (unsigned char *)s->internal->init_buf->data; |
| 435 | msg_len = msg_hdr->msg_len; | 435 | msg_len = msg_hdr->msg_len; |
| 436 | 436 | ||
| 437 | /* reconstruct message header */ | 437 | /* reconstruct message header */ |
| @@ -455,8 +455,8 @@ again: | |||
| 455 | if (!D1I(s)->listen) | 455 | if (!D1I(s)->listen) |
| 456 | D1I(s)->handshake_read_seq++; | 456 | D1I(s)->handshake_read_seq++; |
| 457 | 457 | ||
| 458 | s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH; | 458 | s->internal->init_msg = s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH; |
| 459 | return s->init_num; | 459 | return s->internal->init_num; |
| 460 | 460 | ||
| 461 | f_err: | 461 | f_err: |
| 462 | ssl3_send_alert(s, SSL3_AL_FATAL, al); | 462 | ssl3_send_alert(s, SSL3_AL_FATAL, al); |
| @@ -493,7 +493,7 @@ dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr, int max) | |||
| 493 | * msg_len is limited to 2^24, but is effectively checked | 493 | * msg_len is limited to 2^24, but is effectively checked |
| 494 | * against max above | 494 | * against max above |
| 495 | */ | 495 | */ |
| 496 | if (!BUF_MEM_grow_clean(s->init_buf, | 496 | if (!BUF_MEM_grow_clean(s->internal->init_buf, |
| 497 | msg_len + DTLS1_HM_HEADER_LENGTH)) { | 497 | msg_len + DTLS1_HM_HEADER_LENGTH)) { |
| 498 | SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, ERR_R_BUF_LIB); | 498 | SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT, ERR_R_BUF_LIB); |
| 499 | return SSL_AD_INTERNAL_ERROR; | 499 | return SSL_AD_INTERNAL_ERROR; |
| @@ -523,8 +523,8 @@ dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok) | |||
| 523 | /* | 523 | /* |
| 524 | * (0) check whether the desired fragment is available | 524 | * (0) check whether the desired fragment is available |
| 525 | * if so: | 525 | * if so: |
| 526 | * (1) copy over the fragment to s->init_buf->data[] | 526 | * (1) copy over the fragment to s->internal->init_buf->data[] |
| 527 | * (2) update s->init_num | 527 | * (2) update s->internal->init_num |
| 528 | */ | 528 | */ |
| 529 | pitem *item; | 529 | pitem *item; |
| 530 | hm_fragment *frag; | 530 | hm_fragment *frag; |
| @@ -549,7 +549,7 @@ dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok) | |||
| 549 | 549 | ||
| 550 | if (al == 0) /* no alert */ | 550 | if (al == 0) /* no alert */ |
| 551 | { | 551 | { |
| 552 | unsigned char *p = (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH; | 552 | unsigned char *p = (unsigned char *)s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH; |
| 553 | memcpy(&p[frag->msg_header.frag_off], | 553 | memcpy(&p[frag->msg_header.frag_off], |
| 554 | frag->fragment, frag->msg_header.frag_len); | 554 | frag->fragment, frag->msg_header.frag_len); |
| 555 | } | 555 | } |
| @@ -563,7 +563,7 @@ dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok) | |||
| 563 | } | 563 | } |
| 564 | 564 | ||
| 565 | ssl3_send_alert(s, SSL3_AL_FATAL, al); | 565 | ssl3_send_alert(s, SSL3_AL_FATAL, al); |
| 566 | s->init_num = 0; | 566 | s->internal->init_num = 0; |
| 567 | *ok = 0; | 567 | *ok = 0; |
| 568 | return -1; | 568 | return -1; |
| 569 | } else | 569 | } else |
| @@ -581,8 +581,8 @@ dtls1_max_handshake_message_len(const SSL *s) | |||
| 581 | unsigned long max_len; | 581 | unsigned long max_len; |
| 582 | 582 | ||
| 583 | max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH; | 583 | max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH; |
| 584 | if (max_len < (unsigned long)s->max_cert_list) | 584 | if (max_len < (unsigned long)s->internal->max_cert_list) |
| 585 | return s->max_cert_list; | 585 | return s->internal->max_cert_list; |
| 586 | return max_len; | 586 | return max_len; |
| 587 | } | 587 | } |
| 588 | 588 | ||
| @@ -785,7 +785,7 @@ again: | |||
| 785 | /* see if we have the required fragment already */ | 785 | /* see if we have the required fragment already */ |
| 786 | if ((frag_len = dtls1_retrieve_buffered_fragment(s, max, ok)) || *ok) { | 786 | if ((frag_len = dtls1_retrieve_buffered_fragment(s, max, ok)) || *ok) { |
| 787 | if (*ok) | 787 | if (*ok) |
| 788 | s->init_num = frag_len; | 788 | s->internal->init_num = frag_len; |
| 789 | return frag_len; | 789 | return frag_len; |
| 790 | } | 790 | } |
| 791 | 791 | ||
| @@ -794,7 +794,7 @@ again: | |||
| 794 | DTLS1_HM_HEADER_LENGTH, 0); | 794 | DTLS1_HM_HEADER_LENGTH, 0); |
| 795 | if (i <= 0) /* nbio, or an error */ | 795 | if (i <= 0) /* nbio, or an error */ |
| 796 | { | 796 | { |
| 797 | s->rwstate = SSL_READING; | 797 | s->internal->rwstate = SSL_READING; |
| 798 | *ok = 0; | 798 | *ok = 0; |
| 799 | return i; | 799 | return i; |
| 800 | } | 800 | } |
| @@ -840,7 +840,7 @@ again: | |||
| 840 | DTLS1_HM_HEADER_LENGTH, s, | 840 | DTLS1_HM_HEADER_LENGTH, s, |
| 841 | s->internal->msg_callback_arg); | 841 | s->internal->msg_callback_arg); |
| 842 | 842 | ||
| 843 | s->init_num = 0; | 843 | s->internal->init_num = 0; |
| 844 | goto again; | 844 | goto again; |
| 845 | } | 845 | } |
| 846 | else /* Incorrectly formated Hello request */ | 846 | else /* Incorrectly formated Hello request */ |
| @@ -859,13 +859,13 @@ again: | |||
| 859 | s->state = stn; | 859 | s->state = stn; |
| 860 | 860 | ||
| 861 | if (frag_len > 0) { | 861 | if (frag_len > 0) { |
| 862 | unsigned char *p = (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH; | 862 | unsigned char *p = (unsigned char *)s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH; |
| 863 | 863 | ||
| 864 | i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, | 864 | i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, |
| 865 | &p[frag_off], frag_len, 0); | 865 | &p[frag_off], frag_len, 0); |
| 866 | /* XDTLS: fix this--message fragments cannot span multiple packets */ | 866 | /* XDTLS: fix this--message fragments cannot span multiple packets */ |
| 867 | if (i <= 0) { | 867 | if (i <= 0) { |
| 868 | s->rwstate = SSL_READING; | 868 | s->internal->rwstate = SSL_READING; |
| 869 | *ok = 0; | 869 | *ok = 0; |
| 870 | return i; | 870 | return i; |
| 871 | } | 871 | } |
| @@ -886,17 +886,17 @@ again: | |||
| 886 | *ok = 1; | 886 | *ok = 1; |
| 887 | 887 | ||
| 888 | /* | 888 | /* |
| 889 | * Note that s->init_num is *not* used as current offset in | 889 | * Note that s->internal->init_num is *not* used as current offset in |
| 890 | * s->init_buf->data, but as a counter summing up fragments' | 890 | * s->internal->init_buf->data, but as a counter summing up fragments' |
| 891 | * lengths: as soon as they sum up to handshake packet | 891 | * lengths: as soon as they sum up to handshake packet |
| 892 | * length, we assume we have got all the fragments. | 892 | * length, we assume we have got all the fragments. |
| 893 | */ | 893 | */ |
| 894 | s->init_num = frag_len; | 894 | s->internal->init_num = frag_len; |
| 895 | return frag_len; | 895 | return frag_len; |
| 896 | 896 | ||
| 897 | f_err: | 897 | f_err: |
| 898 | ssl3_send_alert(s, SSL3_AL_FATAL, al); | 898 | ssl3_send_alert(s, SSL3_AL_FATAL, al); |
| 899 | s->init_num = 0; | 899 | s->internal->init_num = 0; |
| 900 | 900 | ||
| 901 | *ok = 0; | 901 | *ok = 0; |
| 902 | return (-1); | 902 | return (-1); |
| @@ -916,12 +916,12 @@ dtls1_send_change_cipher_spec(SSL *s, int a, int b) | |||
| 916 | unsigned char *p; | 916 | unsigned char *p; |
| 917 | 917 | ||
| 918 | if (s->state == a) { | 918 | if (s->state == a) { |
| 919 | p = (unsigned char *)s->init_buf->data; | 919 | p = (unsigned char *)s->internal->init_buf->data; |
| 920 | *p++=SSL3_MT_CCS; | 920 | *p++=SSL3_MT_CCS; |
| 921 | D1I(s)->handshake_write_seq = D1I(s)->next_handshake_write_seq; | 921 | D1I(s)->handshake_write_seq = D1I(s)->next_handshake_write_seq; |
| 922 | s->init_num = DTLS1_CCS_HEADER_LENGTH; | 922 | s->internal->init_num = DTLS1_CCS_HEADER_LENGTH; |
| 923 | 923 | ||
| 924 | s->init_off = 0; | 924 | s->internal->init_off = 0; |
| 925 | 925 | ||
| 926 | dtls1_set_message_header_int(s, SSL3_MT_CCS, 0, | 926 | dtls1_set_message_header_int(s, SSL3_MT_CCS, 0, |
| 927 | D1I(s)->handshake_write_seq, 0, 0); | 927 | D1I(s)->handshake_write_seq, 0, 0); |
| @@ -1022,21 +1022,21 @@ dtls1_buffer_message(SSL *s, int is_ccs) | |||
| 1022 | * This function is called immediately after a message has | 1022 | * This function is called immediately after a message has |
| 1023 | * been serialized | 1023 | * been serialized |
| 1024 | */ | 1024 | */ |
| 1025 | OPENSSL_assert(s->init_off == 0); | 1025 | OPENSSL_assert(s->internal->init_off == 0); |
| 1026 | 1026 | ||
| 1027 | frag = dtls1_hm_fragment_new(s->init_num, 0); | 1027 | frag = dtls1_hm_fragment_new(s->internal->init_num, 0); |
| 1028 | if (frag == NULL) | 1028 | if (frag == NULL) |
| 1029 | return 0; | 1029 | return 0; |
| 1030 | 1030 | ||
| 1031 | memcpy(frag->fragment, s->init_buf->data, s->init_num); | 1031 | memcpy(frag->fragment, s->internal->init_buf->data, s->internal->init_num); |
| 1032 | 1032 | ||
| 1033 | if (is_ccs) { | 1033 | if (is_ccs) { |
| 1034 | OPENSSL_assert(D1I(s)->w_msg_hdr.msg_len + | 1034 | OPENSSL_assert(D1I(s)->w_msg_hdr.msg_len + |
| 1035 | ((s->version == DTLS1_VERSION) ? | 1035 | ((s->version == DTLS1_VERSION) ? |
| 1036 | DTLS1_CCS_HEADER_LENGTH : 3) == (unsigned int)s->init_num); | 1036 | DTLS1_CCS_HEADER_LENGTH : 3) == (unsigned int)s->internal->init_num); |
| 1037 | } else { | 1037 | } else { |
| 1038 | OPENSSL_assert(D1I(s)->w_msg_hdr.msg_len + | 1038 | OPENSSL_assert(D1I(s)->w_msg_hdr.msg_len + |
| 1039 | DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num); | 1039 | DTLS1_HM_HEADER_LENGTH == (unsigned int)s->internal->init_num); |
| 1040 | } | 1040 | } |
| 1041 | 1041 | ||
| 1042 | frag->msg_header.msg_len = D1I(s)->w_msg_hdr.msg_len; | 1042 | frag->msg_header.msg_len = D1I(s)->w_msg_hdr.msg_len; |
| @@ -1047,8 +1047,8 @@ dtls1_buffer_message(SSL *s, int is_ccs) | |||
| 1047 | frag->msg_header.is_ccs = is_ccs; | 1047 | frag->msg_header.is_ccs = is_ccs; |
| 1048 | 1048 | ||
| 1049 | /* save current state*/ | 1049 | /* save current state*/ |
| 1050 | frag->msg_header.saved_retransmit_state.enc_write_ctx = s->enc_write_ctx; | 1050 | frag->msg_header.saved_retransmit_state.enc_write_ctx = s->internal->enc_write_ctx; |
| 1051 | frag->msg_header.saved_retransmit_state.write_hash = s->write_hash; | 1051 | frag->msg_header.saved_retransmit_state.write_hash = s->internal->write_hash; |
| 1052 | frag->msg_header.saved_retransmit_state.session = s->session; | 1052 | frag->msg_header.saved_retransmit_state.session = s->session; |
| 1053 | frag->msg_header.saved_retransmit_state.epoch = D1I(s)->w_epoch; | 1053 | frag->msg_header.saved_retransmit_state.epoch = D1I(s)->w_epoch; |
| 1054 | 1054 | ||
| @@ -1082,8 +1082,8 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off, | |||
| 1082 | unsigned char save_write_sequence[8]; | 1082 | unsigned char save_write_sequence[8]; |
| 1083 | 1083 | ||
| 1084 | /* | 1084 | /* |
| 1085 | OPENSSL_assert(s->init_num == 0); | 1085 | OPENSSL_assert(s->internal->init_num == 0); |
| 1086 | OPENSSL_assert(s->init_off == 0); | 1086 | OPENSSL_assert(s->internal->init_off == 0); |
| 1087 | */ | 1087 | */ |
| 1088 | 1088 | ||
| 1089 | /* XDTLS: the requested message ought to be found, otherwise error */ | 1089 | /* XDTLS: the requested message ought to be found, otherwise error */ |
| @@ -1108,25 +1108,25 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off, | |||
| 1108 | else | 1108 | else |
| 1109 | header_length = DTLS1_HM_HEADER_LENGTH; | 1109 | header_length = DTLS1_HM_HEADER_LENGTH; |
| 1110 | 1110 | ||
| 1111 | memcpy(s->init_buf->data, frag->fragment, | 1111 | memcpy(s->internal->init_buf->data, frag->fragment, |
| 1112 | frag->msg_header.msg_len + header_length); | 1112 | frag->msg_header.msg_len + header_length); |
| 1113 | s->init_num = frag->msg_header.msg_len + header_length; | 1113 | s->internal->init_num = frag->msg_header.msg_len + header_length; |
| 1114 | 1114 | ||
| 1115 | dtls1_set_message_header_int(s, frag->msg_header.type, | 1115 | dtls1_set_message_header_int(s, frag->msg_header.type, |
| 1116 | frag->msg_header.msg_len, frag->msg_header.seq, 0, | 1116 | frag->msg_header.msg_len, frag->msg_header.seq, 0, |
| 1117 | frag->msg_header.frag_len); | 1117 | frag->msg_header.frag_len); |
| 1118 | 1118 | ||
| 1119 | /* save current state */ | 1119 | /* save current state */ |
| 1120 | saved_state.enc_write_ctx = s->enc_write_ctx; | 1120 | saved_state.enc_write_ctx = s->internal->enc_write_ctx; |
| 1121 | saved_state.write_hash = s->write_hash; | 1121 | saved_state.write_hash = s->internal->write_hash; |
| 1122 | saved_state.session = s->session; | 1122 | saved_state.session = s->session; |
| 1123 | saved_state.epoch = D1I(s)->w_epoch; | 1123 | saved_state.epoch = D1I(s)->w_epoch; |
| 1124 | 1124 | ||
| 1125 | D1I(s)->retransmitting = 1; | 1125 | D1I(s)->retransmitting = 1; |
| 1126 | 1126 | ||
| 1127 | /* restore state in which the message was originally sent */ | 1127 | /* restore state in which the message was originally sent */ |
| 1128 | s->enc_write_ctx = frag->msg_header.saved_retransmit_state.enc_write_ctx; | 1128 | s->internal->enc_write_ctx = frag->msg_header.saved_retransmit_state.enc_write_ctx; |
| 1129 | s->write_hash = frag->msg_header.saved_retransmit_state.write_hash; | 1129 | s->internal->write_hash = frag->msg_header.saved_retransmit_state.write_hash; |
| 1130 | s->session = frag->msg_header.saved_retransmit_state.session; | 1130 | s->session = frag->msg_header.saved_retransmit_state.session; |
| 1131 | D1I(s)->w_epoch = frag->msg_header.saved_retransmit_state.epoch; | 1131 | D1I(s)->w_epoch = frag->msg_header.saved_retransmit_state.epoch; |
| 1132 | 1132 | ||
| @@ -1142,8 +1142,8 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off, | |||
| 1142 | SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE); | 1142 | SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE); |
| 1143 | 1143 | ||
| 1144 | /* restore current state */ | 1144 | /* restore current state */ |
| 1145 | s->enc_write_ctx = saved_state.enc_write_ctx; | 1145 | s->internal->enc_write_ctx = saved_state.enc_write_ctx; |
| 1146 | s->write_hash = saved_state.write_hash; | 1146 | s->internal->write_hash = saved_state.write_hash; |
| 1147 | s->session = saved_state.session; | 1147 | s->session = saved_state.session; |
| 1148 | D1I(s)->w_epoch = saved_state.epoch; | 1148 | D1I(s)->w_epoch = saved_state.epoch; |
| 1149 | 1149 | ||
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index 67b874ef6b..5a972f3292 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_clnt.c,v 1.65 2017/01/23 04:55:26 beck Exp $ */ | 1 | /* $OpenBSD: d1_clnt.c,v 1.66 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -203,7 +203,7 @@ dtls1_connect(SSL *s) | |||
| 203 | 203 | ||
| 204 | switch (s->state) { | 204 | switch (s->state) { |
| 205 | case SSL_ST_RENEGOTIATE: | 205 | case SSL_ST_RENEGOTIATE: |
| 206 | s->renegotiate = 1; | 206 | s->internal->renegotiate = 1; |
| 207 | s->state = SSL_ST_CONNECT; | 207 | s->state = SSL_ST_CONNECT; |
| 208 | s->ctx->internal->stats.sess_connect_renegotiate++; | 208 | s->ctx->internal->stats.sess_connect_renegotiate++; |
| 209 | /* break */ | 209 | /* break */ |
| @@ -224,7 +224,7 @@ dtls1_connect(SSL *s) | |||
| 224 | } | 224 | } |
| 225 | 225 | ||
| 226 | /* s->version=SSL3_VERSION; */ | 226 | /* s->version=SSL3_VERSION; */ |
| 227 | s->type = SSL_ST_CONNECT; | 227 | s->internal->type = SSL_ST_CONNECT; |
| 228 | 228 | ||
| 229 | if (!ssl3_setup_init_buffer(s)) { | 229 | if (!ssl3_setup_init_buffer(s)) { |
| 230 | ret = -1; | 230 | ret = -1; |
| @@ -243,19 +243,19 @@ dtls1_connect(SSL *s) | |||
| 243 | 243 | ||
| 244 | s->state = SSL3_ST_CW_CLNT_HELLO_A; | 244 | s->state = SSL3_ST_CW_CLNT_HELLO_A; |
| 245 | s->ctx->internal->stats.sess_connect++; | 245 | s->ctx->internal->stats.sess_connect++; |
| 246 | s->init_num = 0; | 246 | s->internal->init_num = 0; |
| 247 | /* mark client_random uninitialized */ | 247 | /* mark client_random uninitialized */ |
| 248 | memset(s->s3->client_random, 0, | 248 | memset(s->s3->client_random, 0, |
| 249 | sizeof(s->s3->client_random)); | 249 | sizeof(s->s3->client_random)); |
| 250 | D1I(s)->send_cookie = 0; | 250 | D1I(s)->send_cookie = 0; |
| 251 | s->hit = 0; | 251 | s->internal->hit = 0; |
| 252 | break; | 252 | break; |
| 253 | 253 | ||
| 254 | 254 | ||
| 255 | case SSL3_ST_CW_CLNT_HELLO_A: | 255 | case SSL3_ST_CW_CLNT_HELLO_A: |
| 256 | case SSL3_ST_CW_CLNT_HELLO_B: | 256 | case SSL3_ST_CW_CLNT_HELLO_B: |
| 257 | 257 | ||
| 258 | s->shutdown = 0; | 258 | s->internal->shutdown = 0; |
| 259 | 259 | ||
| 260 | /* every DTLS ClientHello resets Finished MAC */ | 260 | /* every DTLS ClientHello resets Finished MAC */ |
| 261 | if (!tls1_init_finished_mac(s)) { | 261 | if (!tls1_init_finished_mac(s)) { |
| @@ -274,7 +274,7 @@ dtls1_connect(SSL *s) | |||
| 274 | } else | 274 | } else |
| 275 | s->state = SSL3_ST_CR_SRVR_HELLO_A; | 275 | s->state = SSL3_ST_CR_SRVR_HELLO_A; |
| 276 | 276 | ||
| 277 | s->init_num = 0; | 277 | s->internal->init_num = 0; |
| 278 | 278 | ||
| 279 | /* turn on buffering for the next lot of output */ | 279 | /* turn on buffering for the next lot of output */ |
| 280 | if (s->bbio != s->wbio) | 280 | if (s->bbio != s->wbio) |
| @@ -288,13 +288,13 @@ dtls1_connect(SSL *s) | |||
| 288 | if (ret <= 0) | 288 | if (ret <= 0) |
| 289 | goto end; | 289 | goto end; |
| 290 | else { | 290 | else { |
| 291 | if (s->hit) { | 291 | if (s->internal->hit) { |
| 292 | 292 | ||
| 293 | s->state = SSL3_ST_CR_FINISHED_A; | 293 | s->state = SSL3_ST_CR_FINISHED_A; |
| 294 | } else | 294 | } else |
| 295 | s->state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A; | 295 | s->state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A; |
| 296 | } | 296 | } |
| 297 | s->init_num = 0; | 297 | s->internal->init_num = 0; |
| 298 | break; | 298 | break; |
| 299 | 299 | ||
| 300 | case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: | 300 | case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: |
| @@ -308,7 +308,7 @@ dtls1_connect(SSL *s) | |||
| 308 | s->state = SSL3_ST_CW_CLNT_HELLO_A; | 308 | s->state = SSL3_ST_CW_CLNT_HELLO_A; |
| 309 | else | 309 | else |
| 310 | s->state = SSL3_ST_CR_CERT_A; | 310 | s->state = SSL3_ST_CR_CERT_A; |
| 311 | s->init_num = 0; | 311 | s->internal->init_num = 0; |
| 312 | break; | 312 | break; |
| 313 | 313 | ||
| 314 | case SSL3_ST_CR_CERT_A: | 314 | case SSL3_ST_CR_CERT_A: |
| @@ -317,12 +317,12 @@ dtls1_connect(SSL *s) | |||
| 317 | if (ret <= 0) | 317 | if (ret <= 0) |
| 318 | goto end; | 318 | goto end; |
| 319 | if (ret == 2) { | 319 | if (ret == 2) { |
| 320 | s->hit = 1; | 320 | s->internal->hit = 1; |
| 321 | if (s->tlsext_ticket_expected) | 321 | if (s->internal->tlsext_ticket_expected) |
| 322 | s->state = SSL3_ST_CR_SESSION_TICKET_A; | 322 | s->state = SSL3_ST_CR_SESSION_TICKET_A; |
| 323 | else | 323 | else |
| 324 | s->state = SSL3_ST_CR_FINISHED_A; | 324 | s->state = SSL3_ST_CR_FINISHED_A; |
| 325 | s->init_num = 0; | 325 | s->internal->init_num = 0; |
| 326 | break; | 326 | break; |
| 327 | } | 327 | } |
| 328 | /* Check if it is anon DH. */ | 328 | /* Check if it is anon DH. */ |
| @@ -331,7 +331,7 @@ dtls1_connect(SSL *s) | |||
| 331 | ret = ssl3_get_server_certificate(s); | 331 | ret = ssl3_get_server_certificate(s); |
| 332 | if (ret <= 0) | 332 | if (ret <= 0) |
| 333 | goto end; | 333 | goto end; |
| 334 | if (s->tlsext_status_expected) | 334 | if (s->internal->tlsext_status_expected) |
| 335 | s->state = SSL3_ST_CR_CERT_STATUS_A; | 335 | s->state = SSL3_ST_CR_CERT_STATUS_A; |
| 336 | else | 336 | else |
| 337 | s->state = SSL3_ST_CR_KEY_EXCH_A; | 337 | s->state = SSL3_ST_CR_KEY_EXCH_A; |
| @@ -339,7 +339,7 @@ dtls1_connect(SSL *s) | |||
| 339 | skip = 1; | 339 | skip = 1; |
| 340 | s->state = SSL3_ST_CR_KEY_EXCH_A; | 340 | s->state = SSL3_ST_CR_KEY_EXCH_A; |
| 341 | } | 341 | } |
| 342 | s->init_num = 0; | 342 | s->internal->init_num = 0; |
| 343 | break; | 343 | break; |
| 344 | 344 | ||
| 345 | case SSL3_ST_CR_KEY_EXCH_A: | 345 | case SSL3_ST_CR_KEY_EXCH_A: |
| @@ -348,7 +348,7 @@ dtls1_connect(SSL *s) | |||
| 348 | if (ret <= 0) | 348 | if (ret <= 0) |
| 349 | goto end; | 349 | goto end; |
| 350 | s->state = SSL3_ST_CR_CERT_REQ_A; | 350 | s->state = SSL3_ST_CR_CERT_REQ_A; |
| 351 | s->init_num = 0; | 351 | s->internal->init_num = 0; |
| 352 | 352 | ||
| 353 | /* at this point we check that we have the | 353 | /* at this point we check that we have the |
| 354 | * required stuff from the server */ | 354 | * required stuff from the server */ |
| @@ -364,7 +364,7 @@ dtls1_connect(SSL *s) | |||
| 364 | if (ret <= 0) | 364 | if (ret <= 0) |
| 365 | goto end; | 365 | goto end; |
| 366 | s->state = SSL3_ST_CR_SRVR_DONE_A; | 366 | s->state = SSL3_ST_CR_SRVR_DONE_A; |
| 367 | s->init_num = 0; | 367 | s->internal->init_num = 0; |
| 368 | break; | 368 | break; |
| 369 | 369 | ||
| 370 | case SSL3_ST_CR_SRVR_DONE_A: | 370 | case SSL3_ST_CR_SRVR_DONE_A: |
| @@ -377,7 +377,7 @@ dtls1_connect(SSL *s) | |||
| 377 | S3I(s)->tmp.next_state = SSL3_ST_CW_CERT_A; | 377 | S3I(s)->tmp.next_state = SSL3_ST_CW_CERT_A; |
| 378 | else | 378 | else |
| 379 | S3I(s)->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A; | 379 | S3I(s)->tmp.next_state = SSL3_ST_CW_KEY_EXCH_A; |
| 380 | s->init_num = 0; | 380 | s->internal->init_num = 0; |
| 381 | s->state = S3I(s)->tmp.next_state; | 381 | s->state = S3I(s)->tmp.next_state; |
| 382 | break; | 382 | break; |
| 383 | 383 | ||
| @@ -390,7 +390,7 @@ dtls1_connect(SSL *s) | |||
| 390 | if (ret <= 0) | 390 | if (ret <= 0) |
| 391 | goto end; | 391 | goto end; |
| 392 | s->state = SSL3_ST_CW_KEY_EXCH_A; | 392 | s->state = SSL3_ST_CW_KEY_EXCH_A; |
| 393 | s->init_num = 0; | 393 | s->internal->init_num = 0; |
| 394 | break; | 394 | break; |
| 395 | 395 | ||
| 396 | case SSL3_ST_CW_KEY_EXCH_A: | 396 | case SSL3_ST_CW_KEY_EXCH_A: |
| @@ -411,7 +411,7 @@ dtls1_connect(SSL *s) | |||
| 411 | S3I(s)->change_cipher_spec = 0; | 411 | S3I(s)->change_cipher_spec = 0; |
| 412 | } | 412 | } |
| 413 | 413 | ||
| 414 | s->init_num = 0; | 414 | s->internal->init_num = 0; |
| 415 | break; | 415 | break; |
| 416 | 416 | ||
| 417 | case SSL3_ST_CW_CERT_VRFY_A: | 417 | case SSL3_ST_CW_CERT_VRFY_A: |
| @@ -421,13 +421,13 @@ dtls1_connect(SSL *s) | |||
| 421 | if (ret <= 0) | 421 | if (ret <= 0) |
| 422 | goto end; | 422 | goto end; |
| 423 | s->state = SSL3_ST_CW_CHANGE_A; | 423 | s->state = SSL3_ST_CW_CHANGE_A; |
| 424 | s->init_num = 0; | 424 | s->internal->init_num = 0; |
| 425 | S3I(s)->change_cipher_spec = 0; | 425 | S3I(s)->change_cipher_spec = 0; |
| 426 | break; | 426 | break; |
| 427 | 427 | ||
| 428 | case SSL3_ST_CW_CHANGE_A: | 428 | case SSL3_ST_CW_CHANGE_A: |
| 429 | case SSL3_ST_CW_CHANGE_B: | 429 | case SSL3_ST_CW_CHANGE_B: |
| 430 | if (!s->hit) | 430 | if (!s->internal->hit) |
| 431 | dtls1_start_timer(s); | 431 | dtls1_start_timer(s); |
| 432 | ret = dtls1_send_change_cipher_spec(s, | 432 | ret = dtls1_send_change_cipher_spec(s, |
| 433 | SSL3_ST_CW_CHANGE_A, SSL3_ST_CW_CHANGE_B); | 433 | SSL3_ST_CW_CHANGE_A, SSL3_ST_CW_CHANGE_B); |
| @@ -435,7 +435,7 @@ dtls1_connect(SSL *s) | |||
| 435 | goto end; | 435 | goto end; |
| 436 | 436 | ||
| 437 | s->state = SSL3_ST_CW_FINISHED_A; | 437 | s->state = SSL3_ST_CW_FINISHED_A; |
| 438 | s->init_num = 0; | 438 | s->internal->init_num = 0; |
| 439 | 439 | ||
| 440 | s->session->cipher = S3I(s)->tmp.new_cipher; | 440 | s->session->cipher = S3I(s)->tmp.new_cipher; |
| 441 | if (!s->method->ssl3_enc->setup_key_block(s)) { | 441 | if (!s->method->ssl3_enc->setup_key_block(s)) { |
| @@ -455,7 +455,7 @@ dtls1_connect(SSL *s) | |||
| 455 | 455 | ||
| 456 | case SSL3_ST_CW_FINISHED_A: | 456 | case SSL3_ST_CW_FINISHED_A: |
| 457 | case SSL3_ST_CW_FINISHED_B: | 457 | case SSL3_ST_CW_FINISHED_B: |
| 458 | if (!s->hit) | 458 | if (!s->internal->hit) |
| 459 | dtls1_start_timer(s); | 459 | dtls1_start_timer(s); |
| 460 | ret = ssl3_send_finished(s, | 460 | ret = ssl3_send_finished(s, |
| 461 | SSL3_ST_CW_FINISHED_A, SSL3_ST_CW_FINISHED_B, | 461 | SSL3_ST_CW_FINISHED_A, SSL3_ST_CW_FINISHED_B, |
| @@ -467,7 +467,7 @@ dtls1_connect(SSL *s) | |||
| 467 | 467 | ||
| 468 | /* clear flags */ | 468 | /* clear flags */ |
| 469 | s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER; | 469 | s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER; |
| 470 | if (s->hit) { | 470 | if (s->internal->hit) { |
| 471 | S3I(s)->tmp.next_state = SSL_ST_OK; | 471 | S3I(s)->tmp.next_state = SSL_ST_OK; |
| 472 | if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) { | 472 | if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) { |
| 473 | s->state = SSL_ST_OK; | 473 | s->state = SSL_ST_OK; |
| @@ -477,14 +477,14 @@ dtls1_connect(SSL *s) | |||
| 477 | } else { | 477 | } else { |
| 478 | 478 | ||
| 479 | /* Allow NewSessionTicket if ticket expected */ | 479 | /* Allow NewSessionTicket if ticket expected */ |
| 480 | if (s->tlsext_ticket_expected) | 480 | if (s->internal->tlsext_ticket_expected) |
| 481 | S3I(s)->tmp.next_state = | 481 | S3I(s)->tmp.next_state = |
| 482 | SSL3_ST_CR_SESSION_TICKET_A; | 482 | SSL3_ST_CR_SESSION_TICKET_A; |
| 483 | else | 483 | else |
| 484 | S3I(s)->tmp.next_state = | 484 | S3I(s)->tmp.next_state = |
| 485 | SSL3_ST_CR_FINISHED_A; | 485 | SSL3_ST_CR_FINISHED_A; |
| 486 | } | 486 | } |
| 487 | s->init_num = 0; | 487 | s->internal->init_num = 0; |
| 488 | break; | 488 | break; |
| 489 | 489 | ||
| 490 | case SSL3_ST_CR_SESSION_TICKET_A: | 490 | case SSL3_ST_CR_SESSION_TICKET_A: |
| @@ -493,7 +493,7 @@ dtls1_connect(SSL *s) | |||
| 493 | if (ret <= 0) | 493 | if (ret <= 0) |
| 494 | goto end; | 494 | goto end; |
| 495 | s->state = SSL3_ST_CR_FINISHED_A; | 495 | s->state = SSL3_ST_CR_FINISHED_A; |
| 496 | s->init_num = 0; | 496 | s->internal->init_num = 0; |
| 497 | break; | 497 | break; |
| 498 | 498 | ||
| 499 | case SSL3_ST_CR_CERT_STATUS_A: | 499 | case SSL3_ST_CR_CERT_STATUS_A: |
| @@ -502,7 +502,7 @@ dtls1_connect(SSL *s) | |||
| 502 | if (ret <= 0) | 502 | if (ret <= 0) |
| 503 | goto end; | 503 | goto end; |
| 504 | s->state = SSL3_ST_CR_KEY_EXCH_A; | 504 | s->state = SSL3_ST_CR_KEY_EXCH_A; |
| 505 | s->init_num = 0; | 505 | s->internal->init_num = 0; |
| 506 | break; | 506 | break; |
| 507 | 507 | ||
| 508 | case SSL3_ST_CR_FINISHED_A: | 508 | case SSL3_ST_CR_FINISHED_A: |
| @@ -514,28 +514,28 @@ dtls1_connect(SSL *s) | |||
| 514 | goto end; | 514 | goto end; |
| 515 | dtls1_stop_timer(s); | 515 | dtls1_stop_timer(s); |
| 516 | 516 | ||
| 517 | if (s->hit) | 517 | if (s->internal->hit) |
| 518 | s->state = SSL3_ST_CW_CHANGE_A; | 518 | s->state = SSL3_ST_CW_CHANGE_A; |
| 519 | else | 519 | else |
| 520 | s->state = SSL_ST_OK; | 520 | s->state = SSL_ST_OK; |
| 521 | 521 | ||
| 522 | 522 | ||
| 523 | s->init_num = 0; | 523 | s->internal->init_num = 0; |
| 524 | break; | 524 | break; |
| 525 | 525 | ||
| 526 | case SSL3_ST_CW_FLUSH: | 526 | case SSL3_ST_CW_FLUSH: |
| 527 | s->rwstate = SSL_WRITING; | 527 | s->internal->rwstate = SSL_WRITING; |
| 528 | if (BIO_flush(s->wbio) <= 0) { | 528 | if (BIO_flush(s->wbio) <= 0) { |
| 529 | /* If the write error was fatal, stop trying */ | 529 | /* If the write error was fatal, stop trying */ |
| 530 | if (!BIO_should_retry(s->wbio)) { | 530 | if (!BIO_should_retry(s->wbio)) { |
| 531 | s->rwstate = SSL_NOTHING; | 531 | s->internal->rwstate = SSL_NOTHING; |
| 532 | s->state = S3I(s)->tmp.next_state; | 532 | s->state = S3I(s)->tmp.next_state; |
| 533 | } | 533 | } |
| 534 | 534 | ||
| 535 | ret = -1; | 535 | ret = -1; |
| 536 | goto end; | 536 | goto end; |
| 537 | } | 537 | } |
| 538 | s->rwstate = SSL_NOTHING; | 538 | s->internal->rwstate = SSL_NOTHING; |
| 539 | s->state = S3I(s)->tmp.next_state; | 539 | s->state = S3I(s)->tmp.next_state; |
| 540 | break; | 540 | break; |
| 541 | 541 | ||
| @@ -549,12 +549,12 @@ dtls1_connect(SSL *s) | |||
| 549 | ssl_free_wbio_buffer(s); | 549 | ssl_free_wbio_buffer(s); |
| 550 | /* else do it later in ssl3_write */ | 550 | /* else do it later in ssl3_write */ |
| 551 | 551 | ||
| 552 | s->init_num = 0; | 552 | s->internal->init_num = 0; |
| 553 | s->renegotiate = 0; | 553 | s->internal->renegotiate = 0; |
| 554 | s->new_session = 0; | 554 | s->internal->new_session = 0; |
| 555 | 555 | ||
| 556 | ssl_update_cache(s, SSL_SESS_CACHE_CLIENT); | 556 | ssl_update_cache(s, SSL_SESS_CACHE_CLIENT); |
| 557 | if (s->hit) | 557 | if (s->internal->hit) |
| 558 | s->ctx->internal->stats.sess_hit++; | 558 | s->ctx->internal->stats.sess_hit++; |
| 559 | 559 | ||
| 560 | ret = 1; | 560 | ret = 1; |
| @@ -580,7 +580,7 @@ dtls1_connect(SSL *s) | |||
| 580 | 580 | ||
| 581 | /* did we do anything */ | 581 | /* did we do anything */ |
| 582 | if (!S3I(s)->tmp.reuse_message && !skip) { | 582 | if (!S3I(s)->tmp.reuse_message && !skip) { |
| 583 | if (s->debug) { | 583 | if (s->internal->debug) { |
| 584 | if ((ret = BIO_flush(s->wbio)) <= 0) | 584 | if ((ret = BIO_flush(s->wbio)) <= 0) |
| 585 | goto end; | 585 | goto end; |
| 586 | } | 586 | } |
| @@ -613,7 +613,7 @@ dtls1_get_hello_verify(SSL *s) | |||
| 613 | CBS hello_verify_request, cookie; | 613 | CBS hello_verify_request, cookie; |
| 614 | 614 | ||
| 615 | n = s->method->ssl_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A, | 615 | n = s->method->ssl_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A, |
| 616 | DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->max_cert_list, &ok); | 616 | DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->internal->max_cert_list, &ok); |
| 617 | 617 | ||
| 618 | if (!ok) | 618 | if (!ok) |
| 619 | return ((int)n); | 619 | return ((int)n); |
| @@ -627,7 +627,7 @@ dtls1_get_hello_verify(SSL *s) | |||
| 627 | if (n < 0) | 627 | if (n < 0) |
| 628 | goto truncated; | 628 | goto truncated; |
| 629 | 629 | ||
| 630 | CBS_init(&hello_verify_request, s->init_msg, n); | 630 | CBS_init(&hello_verify_request, s->internal->init_msg, n); |
| 631 | 631 | ||
| 632 | if (!CBS_get_u16(&hello_verify_request, &ssl_version)) | 632 | if (!CBS_get_u16(&hello_verify_request, &ssl_version)) |
| 633 | goto truncated; | 633 | goto truncated; |
diff --git a/src/lib/libssl/d1_enc.c b/src/lib/libssl/d1_enc.c index 4b13e094fe..0e49fb6df2 100644 --- a/src/lib/libssl/d1_enc.c +++ b/src/lib/libssl/d1_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_enc.c,v 1.12 2017/01/22 09:02:07 jsing Exp $ */ | 1 | /* $OpenBSD: d1_enc.c,v 1.13 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -139,17 +139,17 @@ dtls1_enc(SSL *s, int send) | |||
| 139 | const EVP_CIPHER *enc; | 139 | const EVP_CIPHER *enc; |
| 140 | 140 | ||
| 141 | if (send) { | 141 | if (send) { |
| 142 | if (EVP_MD_CTX_md(s->write_hash)) { | 142 | if (EVP_MD_CTX_md(s->internal->write_hash)) { |
| 143 | mac_size = EVP_MD_CTX_size(s->write_hash); | 143 | mac_size = EVP_MD_CTX_size(s->internal->write_hash); |
| 144 | if (mac_size < 0) | 144 | if (mac_size < 0) |
| 145 | return -1; | 145 | return -1; |
| 146 | } | 146 | } |
| 147 | ds = s->enc_write_ctx; | 147 | ds = s->internal->enc_write_ctx; |
| 148 | rec = &(S3I(s)->wrec); | 148 | rec = &(S3I(s)->wrec); |
| 149 | if (s->enc_write_ctx == NULL) | 149 | if (s->internal->enc_write_ctx == NULL) |
| 150 | enc = NULL; | 150 | enc = NULL; |
| 151 | else { | 151 | else { |
| 152 | enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx); | 152 | enc = EVP_CIPHER_CTX_cipher(s->internal->enc_write_ctx); |
| 153 | if (rec->data != rec->input) { | 153 | if (rec->data != rec->input) { |
| 154 | #ifdef DEBUG | 154 | #ifdef DEBUG |
| 155 | /* we can't write into the input stream */ | 155 | /* we can't write into the input stream */ |
| @@ -162,16 +162,16 @@ dtls1_enc(SSL *s, int send) | |||
| 162 | } | 162 | } |
| 163 | } | 163 | } |
| 164 | } else { | 164 | } else { |
| 165 | if (EVP_MD_CTX_md(s->read_hash)) { | 165 | if (EVP_MD_CTX_md(s->internal->read_hash)) { |
| 166 | mac_size = EVP_MD_CTX_size(s->read_hash); | 166 | mac_size = EVP_MD_CTX_size(s->internal->read_hash); |
| 167 | OPENSSL_assert(mac_size >= 0); | 167 | OPENSSL_assert(mac_size >= 0); |
| 168 | } | 168 | } |
| 169 | ds = s->enc_read_ctx; | 169 | ds = s->internal->enc_read_ctx; |
| 170 | rec = &(S3I(s)->rrec); | 170 | rec = &(S3I(s)->rrec); |
| 171 | if (s->enc_read_ctx == NULL) | 171 | if (s->internal->enc_read_ctx == NULL) |
| 172 | enc = NULL; | 172 | enc = NULL; |
| 173 | else | 173 | else |
| 174 | enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx); | 174 | enc = EVP_CIPHER_CTX_cipher(s->internal->enc_read_ctx); |
| 175 | } | 175 | } |
| 176 | 176 | ||
| 177 | 177 | ||
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index 88c2fa9adf..34e6d58c00 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_pkt.c,v 1.53 2017/01/23 04:55:26 beck Exp $ */ | 1 | /* $OpenBSD: d1_pkt.c,v 1.54 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -202,8 +202,8 @@ dtls1_copy_record(SSL *s, pitem *item) | |||
| 202 | 202 | ||
| 203 | free(s->s3->rbuf.buf); | 203 | free(s->s3->rbuf.buf); |
| 204 | 204 | ||
| 205 | s->packet = rdata->packet; | 205 | s->internal->packet = rdata->packet; |
| 206 | s->packet_length = rdata->packet_length; | 206 | s->internal->packet_length = rdata->packet_length; |
| 207 | memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER)); | 207 | memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER)); |
| 208 | memcpy(&(S3I(s)->rrec), &(rdata->rrec), sizeof(SSL3_RECORD)); | 208 | memcpy(&(S3I(s)->rrec), &(rdata->rrec), sizeof(SSL3_RECORD)); |
| 209 | 209 | ||
| @@ -229,16 +229,16 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) | |||
| 229 | if (rdata == NULL || item == NULL) | 229 | if (rdata == NULL || item == NULL) |
| 230 | goto init_err; | 230 | goto init_err; |
| 231 | 231 | ||
| 232 | rdata->packet = s->packet; | 232 | rdata->packet = s->internal->packet; |
| 233 | rdata->packet_length = s->packet_length; | 233 | rdata->packet_length = s->internal->packet_length; |
| 234 | memcpy(&(rdata->rbuf), &(s->s3->rbuf), sizeof(SSL3_BUFFER)); | 234 | memcpy(&(rdata->rbuf), &(s->s3->rbuf), sizeof(SSL3_BUFFER)); |
| 235 | memcpy(&(rdata->rrec), &(S3I(s)->rrec), sizeof(SSL3_RECORD)); | 235 | memcpy(&(rdata->rrec), &(S3I(s)->rrec), sizeof(SSL3_RECORD)); |
| 236 | 236 | ||
| 237 | item->data = rdata; | 237 | item->data = rdata; |
| 238 | 238 | ||
| 239 | 239 | ||
| 240 | s->packet = NULL; | 240 | s->internal->packet = NULL; |
| 241 | s->packet_length = 0; | 241 | s->internal->packet_length = 0; |
| 242 | memset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER)); | 242 | memset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER)); |
| 243 | memset(&(S3I(s)->rrec), 0, sizeof(SSL3_RECORD)); | 243 | memset(&(S3I(s)->rrec), 0, sizeof(SSL3_RECORD)); |
| 244 | 244 | ||
| @@ -336,12 +336,12 @@ dtls1_process_record(SSL *s) | |||
| 336 | rr = &(S3I(s)->rrec); | 336 | rr = &(S3I(s)->rrec); |
| 337 | sess = s->session; | 337 | sess = s->session; |
| 338 | 338 | ||
| 339 | /* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length, | 339 | /* At this point, s->internal->packet_length == SSL3_RT_HEADER_LNGTH + rr->length, |
| 340 | * and we have that many bytes in s->packet | 340 | * and we have that many bytes in s->internal->packet |
| 341 | */ | 341 | */ |
| 342 | rr->input = &(s->packet[DTLS1_RT_HEADER_LENGTH]); | 342 | rr->input = &(s->internal->packet[DTLS1_RT_HEADER_LENGTH]); |
| 343 | 343 | ||
| 344 | /* ok, we can now read from 's->packet' data into 'rr' | 344 | /* ok, we can now read from 's->internal->packet' data into 'rr' |
| 345 | * rr->input points at rr->length bytes, which | 345 | * rr->input points at rr->length bytes, which |
| 346 | * need to be copied into rr->data by either | 346 | * need to be copied into rr->data by either |
| 347 | * the decryption or by the decompression | 347 | * the decryption or by the decompression |
| @@ -369,18 +369,18 @@ dtls1_process_record(SSL *s) | |||
| 369 | if (enc_err == 0) { | 369 | if (enc_err == 0) { |
| 370 | /* For DTLS we simply ignore bad packets. */ | 370 | /* For DTLS we simply ignore bad packets. */ |
| 371 | rr->length = 0; | 371 | rr->length = 0; |
| 372 | s->packet_length = 0; | 372 | s->internal->packet_length = 0; |
| 373 | goto err; | 373 | goto err; |
| 374 | } | 374 | } |
| 375 | 375 | ||
| 376 | 376 | ||
| 377 | /* r->length is now the compressed data plus mac */ | 377 | /* r->length is now the compressed data plus mac */ |
| 378 | if ((sess != NULL) && (s->enc_read_ctx != NULL) && | 378 | if ((sess != NULL) && (s->internal->enc_read_ctx != NULL) && |
| 379 | (EVP_MD_CTX_md(s->read_hash) != NULL)) { | 379 | (EVP_MD_CTX_md(s->internal->read_hash) != NULL)) { |
| 380 | /* s->read_hash != NULL => mac_size != -1 */ | 380 | /* s->internal->read_hash != NULL => mac_size != -1 */ |
| 381 | unsigned char *mac = NULL; | 381 | unsigned char *mac = NULL; |
| 382 | unsigned char mac_tmp[EVP_MAX_MD_SIZE]; | 382 | unsigned char mac_tmp[EVP_MAX_MD_SIZE]; |
| 383 | mac_size = EVP_MD_CTX_size(s->read_hash); | 383 | mac_size = EVP_MD_CTX_size(s->internal->read_hash); |
| 384 | OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE); | 384 | OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE); |
| 385 | 385 | ||
| 386 | /* kludge: *_cbc_remove_padding passes padding length in rr->type */ | 386 | /* kludge: *_cbc_remove_padding passes padding length in rr->type */ |
| @@ -393,14 +393,14 @@ dtls1_process_record(SSL *s) | |||
| 393 | */ | 393 | */ |
| 394 | if (orig_len < mac_size || | 394 | if (orig_len < mac_size || |
| 395 | /* CBC records must have a padding length byte too. */ | 395 | /* CBC records must have a padding length byte too. */ |
| 396 | (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE && | 396 | (EVP_CIPHER_CTX_mode(s->internal->enc_read_ctx) == EVP_CIPH_CBC_MODE && |
| 397 | orig_len < mac_size + 1)) { | 397 | orig_len < mac_size + 1)) { |
| 398 | al = SSL_AD_DECODE_ERROR; | 398 | al = SSL_AD_DECODE_ERROR; |
| 399 | SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_LENGTH_TOO_SHORT); | 399 | SSLerr(SSL_F_DTLS1_PROCESS_RECORD, SSL_R_LENGTH_TOO_SHORT); |
| 400 | goto f_err; | 400 | goto f_err; |
| 401 | } | 401 | } |
| 402 | 402 | ||
| 403 | if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE) { | 403 | if (EVP_CIPHER_CTX_mode(s->internal->enc_read_ctx) == EVP_CIPH_CBC_MODE) { |
| 404 | /* We update the length so that the TLS header bytes | 404 | /* We update the length so that the TLS header bytes |
| 405 | * can be constructed correctly but we need to extract | 405 | * can be constructed correctly but we need to extract |
| 406 | * the MAC in constant time from within the record, | 406 | * the MAC in constant time from within the record, |
| @@ -427,7 +427,7 @@ dtls1_process_record(SSL *s) | |||
| 427 | if (enc_err < 0) { | 427 | if (enc_err < 0) { |
| 428 | /* decryption failed, silently discard message */ | 428 | /* decryption failed, silently discard message */ |
| 429 | rr->length = 0; | 429 | rr->length = 0; |
| 430 | s->packet_length = 0; | 430 | s->internal->packet_length = 0; |
| 431 | goto err; | 431 | goto err; |
| 432 | } | 432 | } |
| 433 | 433 | ||
| @@ -447,7 +447,7 @@ dtls1_process_record(SSL *s) | |||
| 447 | */ | 447 | */ |
| 448 | 448 | ||
| 449 | /* we have pulled in a full packet so zero things */ | 449 | /* we have pulled in a full packet so zero things */ |
| 450 | s->packet_length = 0; | 450 | s->internal->packet_length = 0; |
| 451 | return (1); | 451 | return (1); |
| 452 | 452 | ||
| 453 | f_err: | 453 | f_err: |
| @@ -491,12 +491,12 @@ dtls1_get_record(SSL *s) | |||
| 491 | again: | 491 | again: |
| 492 | /* dump this record on all retries */ | 492 | /* dump this record on all retries */ |
| 493 | rr->length = 0; | 493 | rr->length = 0; |
| 494 | s->packet_length = 0; | 494 | s->internal->packet_length = 0; |
| 495 | } | 495 | } |
| 496 | 496 | ||
| 497 | /* check if we have the header */ | 497 | /* check if we have the header */ |
| 498 | if ((s->rstate != SSL_ST_READ_BODY) || | 498 | if ((s->rstate != SSL_ST_READ_BODY) || |
| 499 | (s->packet_length < DTLS1_RT_HEADER_LENGTH)) { | 499 | (s->internal->packet_length < DTLS1_RT_HEADER_LENGTH)) { |
| 500 | CBS header, seq_no; | 500 | CBS header, seq_no; |
| 501 | uint16_t epoch, len, ssl_version; | 501 | uint16_t epoch, len, ssl_version; |
| 502 | uint8_t type; | 502 | uint8_t type; |
| @@ -507,12 +507,12 @@ again: | |||
| 507 | return(n); /* error or non-blocking */ | 507 | return(n); /* error or non-blocking */ |
| 508 | 508 | ||
| 509 | /* this packet contained a partial record, dump it */ | 509 | /* this packet contained a partial record, dump it */ |
| 510 | if (s->packet_length != DTLS1_RT_HEADER_LENGTH) | 510 | if (s->internal->packet_length != DTLS1_RT_HEADER_LENGTH) |
| 511 | goto again; | 511 | goto again; |
| 512 | 512 | ||
| 513 | s->rstate = SSL_ST_READ_BODY; | 513 | s->rstate = SSL_ST_READ_BODY; |
| 514 | 514 | ||
| 515 | CBS_init(&header, s->packet, s->packet_length); | 515 | CBS_init(&header, s->internal->packet, s->internal->packet_length); |
| 516 | 516 | ||
| 517 | /* Pull apart the header into the DTLS1_RECORD */ | 517 | /* Pull apart the header into the DTLS1_RECORD */ |
| 518 | if (!CBS_get_u8(&header, &type)) | 518 | if (!CBS_get_u8(&header, &type)) |
| @@ -536,7 +536,7 @@ again: | |||
| 536 | rr->length = len; | 536 | rr->length = len; |
| 537 | 537 | ||
| 538 | /* unexpected version, silently discard */ | 538 | /* unexpected version, silently discard */ |
| 539 | if (!s->first_packet && ssl_version != s->version) | 539 | if (!s->internal->first_packet && ssl_version != s->version) |
| 540 | goto again; | 540 | goto again; |
| 541 | 541 | ||
| 542 | /* wrong version, silently discard record */ | 542 | /* wrong version, silently discard record */ |
| @@ -553,8 +553,8 @@ again: | |||
| 553 | 553 | ||
| 554 | /* s->rstate == SSL_ST_READ_BODY, get and decode the data */ | 554 | /* s->rstate == SSL_ST_READ_BODY, get and decode the data */ |
| 555 | 555 | ||
| 556 | if (rr->length > s->packet_length - DTLS1_RT_HEADER_LENGTH) { | 556 | if (rr->length > s->internal->packet_length - DTLS1_RT_HEADER_LENGTH) { |
| 557 | /* now s->packet_length == DTLS1_RT_HEADER_LENGTH */ | 557 | /* now s->internal->packet_length == DTLS1_RT_HEADER_LENGTH */ |
| 558 | i = rr->length; | 558 | i = rr->length; |
| 559 | n = ssl3_read_n(s, i, i, 1); | 559 | n = ssl3_read_n(s, i, i, 1); |
| 560 | if (n <= 0) | 560 | if (n <= 0) |
| @@ -565,7 +565,7 @@ again: | |||
| 565 | goto again; | 565 | goto again; |
| 566 | 566 | ||
| 567 | /* now n == rr->length, | 567 | /* now n == rr->length, |
| 568 | * and s->packet_length == DTLS1_RT_HEADER_LENGTH + rr->length */ | 568 | * and s->internal->packet_length == DTLS1_RT_HEADER_LENGTH + rr->length */ |
| 569 | } | 569 | } |
| 570 | s->rstate = SSL_ST_READ_HEADER; /* set state for later operations */ | 570 | s->rstate = SSL_ST_READ_HEADER; /* set state for later operations */ |
| 571 | 571 | ||
| @@ -680,7 +680,7 @@ dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) | |||
| 680 | } | 680 | } |
| 681 | 681 | ||
| 682 | start: | 682 | start: |
| 683 | s->rwstate = SSL_NOTHING; | 683 | s->internal->rwstate = SSL_NOTHING; |
| 684 | 684 | ||
| 685 | /* S3I(s)->rrec.type - is the type of record | 685 | /* S3I(s)->rrec.type - is the type of record |
| 686 | * S3I(s)->rrec.data, - data | 686 | * S3I(s)->rrec.data, - data |
| @@ -747,9 +747,9 @@ start: | |||
| 747 | 747 | ||
| 748 | /* If the other end has shut down, throw anything we read away | 748 | /* If the other end has shut down, throw anything we read away |
| 749 | * (even in 'peek' mode) */ | 749 | * (even in 'peek' mode) */ |
| 750 | if (s->shutdown & SSL_RECEIVED_SHUTDOWN) { | 750 | if (s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) { |
| 751 | rr->length = 0; | 751 | rr->length = 0; |
| 752 | s->rwstate = SSL_NOTHING; | 752 | s->internal->rwstate = SSL_NOTHING; |
| 753 | return (0); | 753 | return (0); |
| 754 | } | 754 | } |
| 755 | 755 | ||
| @@ -759,7 +759,7 @@ start: | |||
| 759 | /* make sure that we are not getting application data when we | 759 | /* make sure that we are not getting application data when we |
| 760 | * are doing a handshake for the first time */ | 760 | * are doing a handshake for the first time */ |
| 761 | if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) && | 761 | if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) && |
| 762 | (s->enc_read_ctx == NULL)) { | 762 | (s->internal->enc_read_ctx == NULL)) { |
| 763 | al = SSL_AD_UNEXPECTED_MESSAGE; | 763 | al = SSL_AD_UNEXPECTED_MESSAGE; |
| 764 | SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_APP_DATA_IN_HANDSHAKE); | 764 | SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_APP_DATA_IN_HANDSHAKE); |
| 765 | goto f_err; | 765 | goto f_err; |
| @@ -816,7 +816,7 @@ start: | |||
| 816 | BIO *bio; | 816 | BIO *bio; |
| 817 | S3I(s)->in_read_app_data = 2; | 817 | S3I(s)->in_read_app_data = 2; |
| 818 | bio = SSL_get_rbio(s); | 818 | bio = SSL_get_rbio(s); |
| 819 | s->rwstate = SSL_READING; | 819 | s->internal->rwstate = SSL_READING; |
| 820 | BIO_clear_retry_flags(bio); | 820 | BIO_clear_retry_flags(bio); |
| 821 | BIO_set_retry_read(bio); | 821 | BIO_set_retry_read(bio); |
| 822 | return (-1); | 822 | return (-1); |
| @@ -883,7 +883,7 @@ start: | |||
| 883 | !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && | 883 | !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && |
| 884 | !S3I(s)->renegotiate) { | 884 | !S3I(s)->renegotiate) { |
| 885 | D1I(s)->handshake_read_seq++; | 885 | D1I(s)->handshake_read_seq++; |
| 886 | s->new_session = 1; | 886 | s->internal->new_session = 1; |
| 887 | ssl3_renegotiate(s); | 887 | ssl3_renegotiate(s); |
| 888 | if (ssl3_renegotiate_check(s)) { | 888 | if (ssl3_renegotiate_check(s)) { |
| 889 | i = s->internal->handshake_func(s); | 889 | i = s->internal->handshake_func(s); |
| @@ -902,7 +902,7 @@ start: | |||
| 902 | * but we trigger an SSL handshake, we return -1 with | 902 | * but we trigger an SSL handshake, we return -1 with |
| 903 | * the retry option set. Otherwise renegotiation may | 903 | * the retry option set. Otherwise renegotiation may |
| 904 | * cause nasty problems in the blocking world */ | 904 | * cause nasty problems in the blocking world */ |
| 905 | s->rwstate = SSL_READING; | 905 | s->internal->rwstate = SSL_READING; |
| 906 | bio = SSL_get_rbio(s); | 906 | bio = SSL_get_rbio(s); |
| 907 | BIO_clear_retry_flags(bio); | 907 | BIO_clear_retry_flags(bio); |
| 908 | BIO_set_retry_read(bio); | 908 | BIO_set_retry_read(bio); |
| @@ -940,17 +940,17 @@ start: | |||
| 940 | { | 940 | { |
| 941 | S3I(s)->warn_alert = alert_descr; | 941 | S3I(s)->warn_alert = alert_descr; |
| 942 | if (alert_descr == SSL_AD_CLOSE_NOTIFY) { | 942 | if (alert_descr == SSL_AD_CLOSE_NOTIFY) { |
| 943 | s->shutdown |= SSL_RECEIVED_SHUTDOWN; | 943 | s->internal->shutdown |= SSL_RECEIVED_SHUTDOWN; |
| 944 | return (0); | 944 | return (0); |
| 945 | } | 945 | } |
| 946 | } else if (alert_level == 2) /* fatal */ | 946 | } else if (alert_level == 2) /* fatal */ |
| 947 | { | 947 | { |
| 948 | s->rwstate = SSL_NOTHING; | 948 | s->internal->rwstate = SSL_NOTHING; |
| 949 | S3I(s)->fatal_alert = alert_descr; | 949 | S3I(s)->fatal_alert = alert_descr; |
| 950 | SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr); | 950 | SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr); |
| 951 | ERR_asprintf_error_data("SSL alert number %d", | 951 | ERR_asprintf_error_data("SSL alert number %d", |
| 952 | alert_descr); | 952 | alert_descr); |
| 953 | s->shutdown|=SSL_RECEIVED_SHUTDOWN; | 953 | s->internal->shutdown|=SSL_RECEIVED_SHUTDOWN; |
| 954 | SSL_CTX_remove_session(s->ctx, s->session); | 954 | SSL_CTX_remove_session(s->ctx, s->session); |
| 955 | return (0); | 955 | return (0); |
| 956 | } else { | 956 | } else { |
| @@ -962,9 +962,9 @@ start: | |||
| 962 | goto start; | 962 | goto start; |
| 963 | } | 963 | } |
| 964 | 964 | ||
| 965 | if (s->shutdown & SSL_SENT_SHUTDOWN) /* but we have not received a shutdown */ | 965 | if (s->internal->shutdown & SSL_SENT_SHUTDOWN) /* but we have not received a shutdown */ |
| 966 | { | 966 | { |
| 967 | s->rwstate = SSL_NOTHING; | 967 | s->internal->rwstate = SSL_NOTHING; |
| 968 | rr->length = 0; | 968 | rr->length = 0; |
| 969 | return (0); | 969 | return (0); |
| 970 | } | 970 | } |
| @@ -1038,8 +1038,8 @@ start: | |||
| 1038 | if (((s->state&SSL_ST_MASK) == SSL_ST_OK) && | 1038 | if (((s->state&SSL_ST_MASK) == SSL_ST_OK) && |
| 1039 | !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) { | 1039 | !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) { |
| 1040 | s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT; | 1040 | s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT; |
| 1041 | s->renegotiate = 1; | 1041 | s->internal->renegotiate = 1; |
| 1042 | s->new_session = 1; | 1042 | s->internal->new_session = 1; |
| 1043 | } | 1043 | } |
| 1044 | i = s->internal->handshake_func(s); | 1044 | i = s->internal->handshake_func(s); |
| 1045 | if (i < 0) | 1045 | if (i < 0) |
| @@ -1057,7 +1057,7 @@ start: | |||
| 1057 | * but we trigger an SSL handshake, we return -1 with | 1057 | * but we trigger an SSL handshake, we return -1 with |
| 1058 | * the retry option set. Otherwise renegotiation may | 1058 | * the retry option set. Otherwise renegotiation may |
| 1059 | * cause nasty problems in the blocking world */ | 1059 | * cause nasty problems in the blocking world */ |
| 1060 | s->rwstate = SSL_READING; | 1060 | s->internal->rwstate = SSL_READING; |
| 1061 | bio = SSL_get_rbio(s); | 1061 | bio = SSL_get_rbio(s); |
| 1062 | BIO_clear_retry_flags(bio); | 1062 | BIO_clear_retry_flags(bio); |
| 1063 | BIO_set_retry_read(bio); | 1063 | BIO_set_retry_read(bio); |
| @@ -1185,7 +1185,7 @@ dtls1_write_bytes(SSL *s, int type, const void *buf, int len) | |||
| 1185 | int i; | 1185 | int i; |
| 1186 | 1186 | ||
| 1187 | OPENSSL_assert(len <= SSL3_RT_MAX_PLAIN_LENGTH); | 1187 | OPENSSL_assert(len <= SSL3_RT_MAX_PLAIN_LENGTH); |
| 1188 | s->rwstate = SSL_NOTHING; | 1188 | s->internal->rwstate = SSL_NOTHING; |
| 1189 | i = do_dtls1_write(s, type, buf, len); | 1189 | i = do_dtls1_write(s, type, buf, len); |
| 1190 | return i; | 1190 | return i; |
| 1191 | } | 1191 | } |
| @@ -1223,14 +1223,14 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len) | |||
| 1223 | wb = &(s->s3->wbuf); | 1223 | wb = &(s->s3->wbuf); |
| 1224 | sess = s->session; | 1224 | sess = s->session; |
| 1225 | 1225 | ||
| 1226 | if ((sess == NULL) || (s->enc_write_ctx == NULL) || | 1226 | if ((sess == NULL) || (s->internal->enc_write_ctx == NULL) || |
| 1227 | (EVP_MD_CTX_md(s->write_hash) == NULL)) | 1227 | (EVP_MD_CTX_md(s->internal->write_hash) == NULL)) |
| 1228 | clear = 1; | 1228 | clear = 1; |
| 1229 | 1229 | ||
| 1230 | if (clear) | 1230 | if (clear) |
| 1231 | mac_size = 0; | 1231 | mac_size = 0; |
| 1232 | else { | 1232 | else { |
| 1233 | mac_size = EVP_MD_CTX_size(s->write_hash); | 1233 | mac_size = EVP_MD_CTX_size(s->internal->write_hash); |
| 1234 | if (mac_size < 0) | 1234 | if (mac_size < 0) |
| 1235 | goto err; | 1235 | goto err; |
| 1236 | } | 1236 | } |
| @@ -1257,9 +1257,9 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len) | |||
| 1257 | /* Make space for the explicit IV in case of CBC. | 1257 | /* Make space for the explicit IV in case of CBC. |
| 1258 | * (this is a bit of a boundary violation, but what the heck). | 1258 | * (this is a bit of a boundary violation, but what the heck). |
| 1259 | */ | 1259 | */ |
| 1260 | if (s->enc_write_ctx && | 1260 | if (s->internal->enc_write_ctx && |
| 1261 | (EVP_CIPHER_mode( s->enc_write_ctx->cipher ) & EVP_CIPH_CBC_MODE)) | 1261 | (EVP_CIPHER_mode( s->internal->enc_write_ctx->cipher ) & EVP_CIPH_CBC_MODE)) |
| 1262 | bs = EVP_CIPHER_block_size(s->enc_write_ctx->cipher); | 1262 | bs = EVP_CIPHER_block_size(s->internal->enc_write_ctx->cipher); |
| 1263 | else | 1263 | else |
| 1264 | bs = 0; | 1264 | bs = 0; |
| 1265 | 1265 | ||
diff --git a/src/lib/libssl/d1_srtp.c b/src/lib/libssl/d1_srtp.c index 7b80d73d14..98bb24b4fe 100644 --- a/src/lib/libssl/d1_srtp.c +++ b/src/lib/libssl/d1_srtp.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_srtp.c,v 1.16 2017/01/23 05:13:02 jsing Exp $ */ | 1 | /* $OpenBSD: d1_srtp.c,v 1.17 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -223,7 +223,7 @@ SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles) | |||
| 223 | int | 223 | int |
| 224 | SSL_set_tlsext_use_srtp(SSL *s, const char *profiles) | 224 | SSL_set_tlsext_use_srtp(SSL *s, const char *profiles) |
| 225 | { | 225 | { |
| 226 | return ssl_ctx_make_profiles(profiles, &s->srtp_profiles); | 226 | return ssl_ctx_make_profiles(profiles, &s->internal->srtp_profiles); |
| 227 | } | 227 | } |
| 228 | 228 | ||
| 229 | 229 | ||
| @@ -231,8 +231,8 @@ STACK_OF(SRTP_PROTECTION_PROFILE) * | |||
| 231 | SSL_get_srtp_profiles(SSL *s) | 231 | SSL_get_srtp_profiles(SSL *s) |
| 232 | { | 232 | { |
| 233 | if (s != NULL) { | 233 | if (s != NULL) { |
| 234 | if (s->srtp_profiles != NULL) { | 234 | if (s->internal->srtp_profiles != NULL) { |
| 235 | return s->srtp_profiles; | 235 | return s->internal->srtp_profiles; |
| 236 | } else if ((s->ctx != NULL) && | 236 | } else if ((s->ctx != NULL) && |
| 237 | (s->ctx->internal->srtp_profiles != NULL)) { | 237 | (s->ctx->internal->srtp_profiles != NULL)) { |
| 238 | return s->ctx->internal->srtp_profiles; | 238 | return s->ctx->internal->srtp_profiles; |
| @@ -245,7 +245,7 @@ SSL_get_srtp_profiles(SSL *s) | |||
| 245 | SRTP_PROTECTION_PROFILE * | 245 | SRTP_PROTECTION_PROFILE * |
| 246 | SSL_get_selected_srtp_profile(SSL *s) | 246 | SSL_get_selected_srtp_profile(SSL *s) |
| 247 | { | 247 | { |
| 248 | return s->srtp_profile; | 248 | return s->internal->srtp_profile; |
| 249 | } | 249 | } |
| 250 | 250 | ||
| 251 | /* Note: this function returns 0 length if there are no | 251 | /* Note: this function returns 0 length if there are no |
| @@ -360,7 +360,7 @@ ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len, | |||
| 360 | cprof = sk_SRTP_PROTECTION_PROFILE_value(clnt, j); | 360 | cprof = sk_SRTP_PROTECTION_PROFILE_value(clnt, j); |
| 361 | 361 | ||
| 362 | if (cprof->id == sprof->id) { | 362 | if (cprof->id == sprof->id) { |
| 363 | s->srtp_profile = sprof; | 363 | s->internal->srtp_profile = sprof; |
| 364 | *al = 0; | 364 | *al = 0; |
| 365 | ret = 0; | 365 | ret = 0; |
| 366 | goto done; | 366 | goto done; |
| @@ -387,13 +387,13 @@ ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen) | |||
| 387 | return 1; | 387 | return 1; |
| 388 | } | 388 | } |
| 389 | 389 | ||
| 390 | if (s->srtp_profile == 0) { | 390 | if (s->internal->srtp_profile == 0) { |
| 391 | SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT, | 391 | SSLerr(SSL_F_SSL_ADD_SERVERHELLO_USE_SRTP_EXT, |
| 392 | SSL_R_USE_SRTP_NOT_NEGOTIATED); | 392 | SSL_R_USE_SRTP_NOT_NEGOTIATED); |
| 393 | return 1; | 393 | return 1; |
| 394 | } | 394 | } |
| 395 | s2n(2, p); | 395 | s2n(2, p); |
| 396 | s2n(s->srtp_profile->id, p); | 396 | s2n(s->internal->srtp_profile->id, p); |
| 397 | *p++ = 0; | 397 | *p++ = 0; |
| 398 | } | 398 | } |
| 399 | *len = 5; | 399 | *len = 5; |
| @@ -458,7 +458,7 @@ ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int | |||
| 458 | prof = sk_SRTP_PROTECTION_PROFILE_value(clnt, i); | 458 | prof = sk_SRTP_PROTECTION_PROFILE_value(clnt, i); |
| 459 | 459 | ||
| 460 | if (prof->id == id) { | 460 | if (prof->id == id) { |
| 461 | s->srtp_profile = prof; | 461 | s->internal->srtp_profile = prof; |
| 462 | *al = 0; | 462 | *al = 0; |
| 463 | return 0; | 463 | return 0; |
| 464 | } | 464 | } |
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c index 80af8eb930..78816cda46 100644 --- a/src/lib/libssl/d1_srvr.c +++ b/src/lib/libssl/d1_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_srvr.c,v 1.75 2017/01/23 04:55:26 beck Exp $ */ | 1 | /* $OpenBSD: d1_srvr.c,v 1.76 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -213,7 +213,7 @@ dtls1_accept(SSL *s) | |||
| 213 | 213 | ||
| 214 | switch (s->state) { | 214 | switch (s->state) { |
| 215 | case SSL_ST_RENEGOTIATE: | 215 | case SSL_ST_RENEGOTIATE: |
| 216 | s->renegotiate = 1; | 216 | s->internal->renegotiate = 1; |
| 217 | /* s->state=SSL_ST_ACCEPT; */ | 217 | /* s->state=SSL_ST_ACCEPT; */ |
| 218 | 218 | ||
| 219 | case SSL_ST_BEFORE: | 219 | case SSL_ST_BEFORE: |
| @@ -230,7 +230,7 @@ dtls1_accept(SSL *s) | |||
| 230 | ret = -1; | 230 | ret = -1; |
| 231 | goto end; | 231 | goto end; |
| 232 | } | 232 | } |
| 233 | s->type = SSL_ST_ACCEPT; | 233 | s->internal->type = SSL_ST_ACCEPT; |
| 234 | 234 | ||
| 235 | if (!ssl3_setup_init_buffer(s)) { | 235 | if (!ssl3_setup_init_buffer(s)) { |
| 236 | ret = -1; | 236 | ret = -1; |
| @@ -241,7 +241,7 @@ dtls1_accept(SSL *s) | |||
| 241 | goto end; | 241 | goto end; |
| 242 | } | 242 | } |
| 243 | 243 | ||
| 244 | s->init_num = 0; | 244 | s->internal->init_num = 0; |
| 245 | 245 | ||
| 246 | if (s->state != SSL_ST_RENEGOTIATE) { | 246 | if (s->state != SSL_ST_RENEGOTIATE) { |
| 247 | /* Ok, we now need to push on a buffering BIO so that | 247 | /* Ok, we now need to push on a buffering BIO so that |
| @@ -272,7 +272,7 @@ dtls1_accept(SSL *s) | |||
| 272 | case SSL3_ST_SW_HELLO_REQ_A: | 272 | case SSL3_ST_SW_HELLO_REQ_A: |
| 273 | case SSL3_ST_SW_HELLO_REQ_B: | 273 | case SSL3_ST_SW_HELLO_REQ_B: |
| 274 | 274 | ||
| 275 | s->shutdown = 0; | 275 | s->internal->shutdown = 0; |
| 276 | dtls1_clear_record_buffer(s); | 276 | dtls1_clear_record_buffer(s); |
| 277 | dtls1_start_timer(s); | 277 | dtls1_start_timer(s); |
| 278 | ret = ssl3_send_hello_request(s); | 278 | ret = ssl3_send_hello_request(s); |
| @@ -280,7 +280,7 @@ dtls1_accept(SSL *s) | |||
| 280 | goto end; | 280 | goto end; |
| 281 | S3I(s)->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A; | 281 | S3I(s)->tmp.next_state = SSL3_ST_SR_CLNT_HELLO_A; |
| 282 | s->state = SSL3_ST_SW_FLUSH; | 282 | s->state = SSL3_ST_SW_FLUSH; |
| 283 | s->init_num = 0; | 283 | s->internal->init_num = 0; |
| 284 | 284 | ||
| 285 | if (!tls1_init_finished_mac(s)) { | 285 | if (!tls1_init_finished_mac(s)) { |
| 286 | ret = -1; | 286 | ret = -1; |
| @@ -296,7 +296,7 @@ dtls1_accept(SSL *s) | |||
| 296 | case SSL3_ST_SR_CLNT_HELLO_B: | 296 | case SSL3_ST_SR_CLNT_HELLO_B: |
| 297 | case SSL3_ST_SR_CLNT_HELLO_C: | 297 | case SSL3_ST_SR_CLNT_HELLO_C: |
| 298 | 298 | ||
| 299 | s->shutdown = 0; | 299 | s->internal->shutdown = 0; |
| 300 | ret = ssl3_get_client_hello(s); | 300 | ret = ssl3_get_client_hello(s); |
| 301 | if (ret <= 0) | 301 | if (ret <= 0) |
| 302 | goto end; | 302 | goto end; |
| @@ -307,7 +307,7 @@ dtls1_accept(SSL *s) | |||
| 307 | else | 307 | else |
| 308 | s->state = SSL3_ST_SW_SRVR_HELLO_A; | 308 | s->state = SSL3_ST_SW_SRVR_HELLO_A; |
| 309 | 309 | ||
| 310 | s->init_num = 0; | 310 | s->internal->init_num = 0; |
| 311 | 311 | ||
| 312 | /* Reflect ClientHello sequence to remain stateless while listening */ | 312 | /* Reflect ClientHello sequence to remain stateless while listening */ |
| 313 | if (listen) { | 313 | if (listen) { |
| @@ -348,20 +348,20 @@ dtls1_accept(SSL *s) | |||
| 348 | 348 | ||
| 349 | case SSL3_ST_SW_SRVR_HELLO_A: | 349 | case SSL3_ST_SW_SRVR_HELLO_A: |
| 350 | case SSL3_ST_SW_SRVR_HELLO_B: | 350 | case SSL3_ST_SW_SRVR_HELLO_B: |
| 351 | s->renegotiate = 2; | 351 | s->internal->renegotiate = 2; |
| 352 | dtls1_start_timer(s); | 352 | dtls1_start_timer(s); |
| 353 | ret = ssl3_send_server_hello(s); | 353 | ret = ssl3_send_server_hello(s); |
| 354 | if (ret <= 0) | 354 | if (ret <= 0) |
| 355 | goto end; | 355 | goto end; |
| 356 | 356 | ||
| 357 | if (s->hit) { | 357 | if (s->internal->hit) { |
| 358 | if (s->tlsext_ticket_expected) | 358 | if (s->internal->tlsext_ticket_expected) |
| 359 | s->state = SSL3_ST_SW_SESSION_TICKET_A; | 359 | s->state = SSL3_ST_SW_SESSION_TICKET_A; |
| 360 | else | 360 | else |
| 361 | s->state = SSL3_ST_SW_CHANGE_A; | 361 | s->state = SSL3_ST_SW_CHANGE_A; |
| 362 | } else | 362 | } else |
| 363 | s->state = SSL3_ST_SW_CERT_A; | 363 | s->state = SSL3_ST_SW_CERT_A; |
| 364 | s->init_num = 0; | 364 | s->internal->init_num = 0; |
| 365 | break; | 365 | break; |
| 366 | 366 | ||
| 367 | case SSL3_ST_SW_CERT_A: | 367 | case SSL3_ST_SW_CERT_A: |
| @@ -373,7 +373,7 @@ dtls1_accept(SSL *s) | |||
| 373 | ret = ssl3_send_server_certificate(s); | 373 | ret = ssl3_send_server_certificate(s); |
| 374 | if (ret <= 0) | 374 | if (ret <= 0) |
| 375 | goto end; | 375 | goto end; |
| 376 | if (s->tlsext_status_expected) | 376 | if (s->internal->tlsext_status_expected) |
| 377 | s->state = SSL3_ST_SW_CERT_STATUS_A; | 377 | s->state = SSL3_ST_SW_CERT_STATUS_A; |
| 378 | else | 378 | else |
| 379 | s->state = SSL3_ST_SW_KEY_EXCH_A; | 379 | s->state = SSL3_ST_SW_KEY_EXCH_A; |
| @@ -381,7 +381,7 @@ dtls1_accept(SSL *s) | |||
| 381 | skip = 1; | 381 | skip = 1; |
| 382 | s->state = SSL3_ST_SW_KEY_EXCH_A; | 382 | s->state = SSL3_ST_SW_KEY_EXCH_A; |
| 383 | } | 383 | } |
| 384 | s->init_num = 0; | 384 | s->internal->init_num = 0; |
| 385 | break; | 385 | break; |
| 386 | 386 | ||
| 387 | case SSL3_ST_SW_KEY_EXCH_A: | 387 | case SSL3_ST_SW_KEY_EXCH_A: |
| @@ -398,7 +398,7 @@ dtls1_accept(SSL *s) | |||
| 398 | skip = 1; | 398 | skip = 1; |
| 399 | 399 | ||
| 400 | s->state = SSL3_ST_SW_CERT_REQ_A; | 400 | s->state = SSL3_ST_SW_CERT_REQ_A; |
| 401 | s->init_num = 0; | 401 | s->internal->init_num = 0; |
| 402 | break; | 402 | break; |
| 403 | 403 | ||
| 404 | case SSL3_ST_SW_CERT_REQ_A: | 404 | case SSL3_ST_SW_CERT_REQ_A: |
| @@ -437,7 +437,7 @@ dtls1_accept(SSL *s) | |||
| 437 | if (ret <= 0) | 437 | if (ret <= 0) |
| 438 | goto end; | 438 | goto end; |
| 439 | s->state = SSL3_ST_SW_SRVR_DONE_A; | 439 | s->state = SSL3_ST_SW_SRVR_DONE_A; |
| 440 | s->init_num = 0; | 440 | s->internal->init_num = 0; |
| 441 | } | 441 | } |
| 442 | break; | 442 | break; |
| 443 | 443 | ||
| @@ -449,22 +449,22 @@ dtls1_accept(SSL *s) | |||
| 449 | goto end; | 449 | goto end; |
| 450 | S3I(s)->tmp.next_state = SSL3_ST_SR_CERT_A; | 450 | S3I(s)->tmp.next_state = SSL3_ST_SR_CERT_A; |
| 451 | s->state = SSL3_ST_SW_FLUSH; | 451 | s->state = SSL3_ST_SW_FLUSH; |
| 452 | s->init_num = 0; | 452 | s->internal->init_num = 0; |
| 453 | break; | 453 | break; |
| 454 | 454 | ||
| 455 | case SSL3_ST_SW_FLUSH: | 455 | case SSL3_ST_SW_FLUSH: |
| 456 | s->rwstate = SSL_WRITING; | 456 | s->internal->rwstate = SSL_WRITING; |
| 457 | if (BIO_flush(s->wbio) <= 0) { | 457 | if (BIO_flush(s->wbio) <= 0) { |
| 458 | /* If the write error was fatal, stop trying */ | 458 | /* If the write error was fatal, stop trying */ |
| 459 | if (!BIO_should_retry(s->wbio)) { | 459 | if (!BIO_should_retry(s->wbio)) { |
| 460 | s->rwstate = SSL_NOTHING; | 460 | s->internal->rwstate = SSL_NOTHING; |
| 461 | s->state = S3I(s)->tmp.next_state; | 461 | s->state = S3I(s)->tmp.next_state; |
| 462 | } | 462 | } |
| 463 | 463 | ||
| 464 | ret = -1; | 464 | ret = -1; |
| 465 | goto end; | 465 | goto end; |
| 466 | } | 466 | } |
| 467 | s->rwstate = SSL_NOTHING; | 467 | s->internal->rwstate = SSL_NOTHING; |
| 468 | s->state = S3I(s)->tmp.next_state; | 468 | s->state = S3I(s)->tmp.next_state; |
| 469 | break; | 469 | break; |
| 470 | 470 | ||
| @@ -475,7 +475,7 @@ dtls1_accept(SSL *s) | |||
| 475 | if (ret <= 0) | 475 | if (ret <= 0) |
| 476 | goto end; | 476 | goto end; |
| 477 | } | 477 | } |
| 478 | s->init_num = 0; | 478 | s->internal->init_num = 0; |
| 479 | s->state = SSL3_ST_SR_KEY_EXCH_A; | 479 | s->state = SSL3_ST_SR_KEY_EXCH_A; |
| 480 | break; | 480 | break; |
| 481 | 481 | ||
| @@ -486,7 +486,7 @@ dtls1_accept(SSL *s) | |||
| 486 | goto end; | 486 | goto end; |
| 487 | 487 | ||
| 488 | s->state = SSL3_ST_SR_CERT_VRFY_A; | 488 | s->state = SSL3_ST_SR_CERT_VRFY_A; |
| 489 | s->init_num = 0; | 489 | s->internal->init_num = 0; |
| 490 | 490 | ||
| 491 | if (ret == 2) { | 491 | if (ret == 2) { |
| 492 | /* For the ECDH ciphersuites when | 492 | /* For the ECDH ciphersuites when |
| @@ -495,10 +495,10 @@ dtls1_accept(SSL *s) | |||
| 495 | * message is not sent. | 495 | * message is not sent. |
| 496 | */ | 496 | */ |
| 497 | s->state = SSL3_ST_SR_FINISHED_A; | 497 | s->state = SSL3_ST_SR_FINISHED_A; |
| 498 | s->init_num = 0; | 498 | s->internal->init_num = 0; |
| 499 | } else if (SSL_USE_SIGALGS(s)) { | 499 | } else if (SSL_USE_SIGALGS(s)) { |
| 500 | s->state = SSL3_ST_SR_CERT_VRFY_A; | 500 | s->state = SSL3_ST_SR_CERT_VRFY_A; |
| 501 | s->init_num = 0; | 501 | s->internal->init_num = 0; |
| 502 | if (!s->session->peer) | 502 | if (!s->session->peer) |
| 503 | break; | 503 | break; |
| 504 | 504 | ||
| @@ -519,7 +519,7 @@ dtls1_accept(SSL *s) | |||
| 519 | } | 519 | } |
| 520 | } else { | 520 | } else { |
| 521 | s->state = SSL3_ST_SR_CERT_VRFY_A; | 521 | s->state = SSL3_ST_SR_CERT_VRFY_A; |
| 522 | s->init_num = 0; | 522 | s->internal->init_num = 0; |
| 523 | 523 | ||
| 524 | /* We need to get hashes here so if there is | 524 | /* We need to get hashes here so if there is |
| 525 | * a client cert, it can be verified */ | 525 | * a client cert, it can be verified */ |
| @@ -540,7 +540,7 @@ dtls1_accept(SSL *s) | |||
| 540 | if (ret <= 0) | 540 | if (ret <= 0) |
| 541 | goto end; | 541 | goto end; |
| 542 | s->state = SSL3_ST_SR_FINISHED_A; | 542 | s->state = SSL3_ST_SR_FINISHED_A; |
| 543 | s->init_num = 0; | 543 | s->internal->init_num = 0; |
| 544 | break; | 544 | break; |
| 545 | 545 | ||
| 546 | case SSL3_ST_SR_FINISHED_A: | 546 | case SSL3_ST_SR_FINISHED_A: |
| @@ -551,13 +551,13 @@ dtls1_accept(SSL *s) | |||
| 551 | if (ret <= 0) | 551 | if (ret <= 0) |
| 552 | goto end; | 552 | goto end; |
| 553 | dtls1_stop_timer(s); | 553 | dtls1_stop_timer(s); |
| 554 | if (s->hit) | 554 | if (s->internal->hit) |
| 555 | s->state = SSL_ST_OK; | 555 | s->state = SSL_ST_OK; |
| 556 | else if (s->tlsext_ticket_expected) | 556 | else if (s->internal->tlsext_ticket_expected) |
| 557 | s->state = SSL3_ST_SW_SESSION_TICKET_A; | 557 | s->state = SSL3_ST_SW_SESSION_TICKET_A; |
| 558 | else | 558 | else |
| 559 | s->state = SSL3_ST_SW_CHANGE_A; | 559 | s->state = SSL3_ST_SW_CHANGE_A; |
| 560 | s->init_num = 0; | 560 | s->internal->init_num = 0; |
| 561 | break; | 561 | break; |
| 562 | 562 | ||
| 563 | case SSL3_ST_SW_SESSION_TICKET_A: | 563 | case SSL3_ST_SW_SESSION_TICKET_A: |
| @@ -566,7 +566,7 @@ dtls1_accept(SSL *s) | |||
| 566 | if (ret <= 0) | 566 | if (ret <= 0) |
| 567 | goto end; | 567 | goto end; |
| 568 | s->state = SSL3_ST_SW_CHANGE_A; | 568 | s->state = SSL3_ST_SW_CHANGE_A; |
| 569 | s->init_num = 0; | 569 | s->internal->init_num = 0; |
| 570 | break; | 570 | break; |
| 571 | 571 | ||
| 572 | case SSL3_ST_SW_CERT_STATUS_A: | 572 | case SSL3_ST_SW_CERT_STATUS_A: |
| @@ -575,7 +575,7 @@ dtls1_accept(SSL *s) | |||
| 575 | if (ret <= 0) | 575 | if (ret <= 0) |
| 576 | goto end; | 576 | goto end; |
| 577 | s->state = SSL3_ST_SW_KEY_EXCH_A; | 577 | s->state = SSL3_ST_SW_KEY_EXCH_A; |
| 578 | s->init_num = 0; | 578 | s->internal->init_num = 0; |
| 579 | break; | 579 | break; |
| 580 | 580 | ||
| 581 | 581 | ||
| @@ -596,7 +596,7 @@ dtls1_accept(SSL *s) | |||
| 596 | 596 | ||
| 597 | 597 | ||
| 598 | s->state = SSL3_ST_SW_FINISHED_A; | 598 | s->state = SSL3_ST_SW_FINISHED_A; |
| 599 | s->init_num = 0; | 599 | s->internal->init_num = 0; |
| 600 | 600 | ||
| 601 | if (!s->method->ssl3_enc->change_cipher_state(s, | 601 | if (!s->method->ssl3_enc->change_cipher_state(s, |
| 602 | SSL3_CHANGE_CIPHER_SERVER_WRITE)) { | 602 | SSL3_CHANGE_CIPHER_SERVER_WRITE)) { |
| @@ -616,13 +616,13 @@ dtls1_accept(SSL *s) | |||
| 616 | if (ret <= 0) | 616 | if (ret <= 0) |
| 617 | goto end; | 617 | goto end; |
| 618 | s->state = SSL3_ST_SW_FLUSH; | 618 | s->state = SSL3_ST_SW_FLUSH; |
| 619 | if (s->hit) { | 619 | if (s->internal->hit) { |
| 620 | S3I(s)->tmp.next_state = SSL3_ST_SR_FINISHED_A; | 620 | S3I(s)->tmp.next_state = SSL3_ST_SR_FINISHED_A; |
| 621 | 621 | ||
| 622 | } else { | 622 | } else { |
| 623 | S3I(s)->tmp.next_state = SSL_ST_OK; | 623 | S3I(s)->tmp.next_state = SSL_ST_OK; |
| 624 | } | 624 | } |
| 625 | s->init_num = 0; | 625 | s->internal->init_num = 0; |
| 626 | break; | 626 | break; |
| 627 | 627 | ||
| 628 | case SSL_ST_OK: | 628 | case SSL_ST_OK: |
| @@ -632,12 +632,12 @@ dtls1_accept(SSL *s) | |||
| 632 | /* remove buffering on output */ | 632 | /* remove buffering on output */ |
| 633 | ssl_free_wbio_buffer(s); | 633 | ssl_free_wbio_buffer(s); |
| 634 | 634 | ||
| 635 | s->init_num = 0; | 635 | s->internal->init_num = 0; |
| 636 | 636 | ||
| 637 | if (s->renegotiate == 2) /* skipped if we just sent a HelloRequest */ | 637 | if (s->internal->renegotiate == 2) /* skipped if we just sent a HelloRequest */ |
| 638 | { | 638 | { |
| 639 | s->renegotiate = 0; | 639 | s->internal->renegotiate = 0; |
| 640 | s->new_session = 0; | 640 | s->internal->new_session = 0; |
| 641 | 641 | ||
| 642 | ssl_update_cache(s, SSL_SESS_CACHE_SERVER); | 642 | ssl_update_cache(s, SSL_SESS_CACHE_SERVER); |
| 643 | 643 | ||
| @@ -667,7 +667,7 @@ dtls1_accept(SSL *s) | |||
| 667 | } | 667 | } |
| 668 | 668 | ||
| 669 | if (!S3I(s)->tmp.reuse_message && !skip) { | 669 | if (!S3I(s)->tmp.reuse_message && !skip) { |
| 670 | if (s->debug) { | 670 | if (s->internal->debug) { |
| 671 | if ((ret = BIO_flush(s->wbio)) <= 0) | 671 | if ((ret = BIO_flush(s->wbio)) <= 0) |
| 672 | goto end; | 672 | goto end; |
| 673 | } | 673 | } |
diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c index aec215d29a..e95006bcca 100644 --- a/src/lib/libssl/s23_clnt.c +++ b/src/lib/libssl/s23_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s23_clnt.c,v 1.52 2017/01/23 04:55:26 beck Exp $ */ | 1 | /* $OpenBSD: s23_clnt.c,v 1.53 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -158,7 +158,7 @@ ssl23_connect(SSL *s) | |||
| 158 | cb(s, SSL_CB_HANDSHAKE_START, 1); | 158 | cb(s, SSL_CB_HANDSHAKE_START, 1); |
| 159 | 159 | ||
| 160 | /* s->version=TLS1_VERSION; */ | 160 | /* s->version=TLS1_VERSION; */ |
| 161 | s->type = SSL_ST_CONNECT; | 161 | s->internal->type = SSL_ST_CONNECT; |
| 162 | 162 | ||
| 163 | if (!ssl3_setup_init_buffer(s)) { | 163 | if (!ssl3_setup_init_buffer(s)) { |
| 164 | ret = -1; | 164 | ret = -1; |
| @@ -175,18 +175,18 @@ ssl23_connect(SSL *s) | |||
| 175 | 175 | ||
| 176 | s->state = SSL23_ST_CW_CLNT_HELLO_A; | 176 | s->state = SSL23_ST_CW_CLNT_HELLO_A; |
| 177 | s->ctx->internal->stats.sess_connect++; | 177 | s->ctx->internal->stats.sess_connect++; |
| 178 | s->init_num = 0; | 178 | s->internal->init_num = 0; |
| 179 | break; | 179 | break; |
| 180 | 180 | ||
| 181 | case SSL23_ST_CW_CLNT_HELLO_A: | 181 | case SSL23_ST_CW_CLNT_HELLO_A: |
| 182 | case SSL23_ST_CW_CLNT_HELLO_B: | 182 | case SSL23_ST_CW_CLNT_HELLO_B: |
| 183 | 183 | ||
| 184 | s->shutdown = 0; | 184 | s->internal->shutdown = 0; |
| 185 | ret = ssl23_client_hello(s); | 185 | ret = ssl23_client_hello(s); |
| 186 | if (ret <= 0) | 186 | if (ret <= 0) |
| 187 | goto end; | 187 | goto end; |
| 188 | s->state = SSL23_ST_CR_SRVR_HELLO_A; | 188 | s->state = SSL23_ST_CR_SRVR_HELLO_A; |
| 189 | s->init_num = 0; | 189 | s->internal->init_num = 0; |
| 190 | 190 | ||
| 191 | break; | 191 | break; |
| 192 | 192 | ||
| @@ -205,7 +205,7 @@ ssl23_connect(SSL *s) | |||
| 205 | /* break; */ | 205 | /* break; */ |
| 206 | } | 206 | } |
| 207 | 207 | ||
| 208 | if (s->debug) { | 208 | if (s->internal->debug) { |
| 209 | (void)BIO_flush(s->wbio); | 209 | (void)BIO_flush(s->wbio); |
| 210 | } | 210 | } |
| 211 | 211 | ||
| @@ -235,7 +235,7 @@ ssl23_client_hello(SSL *s) | |||
| 235 | size_t outlen; | 235 | size_t outlen; |
| 236 | int ret; | 236 | int ret; |
| 237 | 237 | ||
| 238 | buf = (unsigned char *)s->init_buf->data; | 238 | buf = (unsigned char *)s->internal->init_buf->data; |
| 239 | if (s->state == SSL23_ST_CW_CLNT_HELLO_A) { | 239 | if (s->state == SSL23_ST_CW_CLNT_HELLO_A) { |
| 240 | arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE); | 240 | arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE); |
| 241 | 241 | ||
| @@ -319,14 +319,14 @@ ssl23_client_hello(SSL *s) | |||
| 319 | s2n((int)l, d); | 319 | s2n((int)l, d); |
| 320 | 320 | ||
| 321 | /* number of bytes to write */ | 321 | /* number of bytes to write */ |
| 322 | s->init_num = p - buf; | 322 | s->internal->init_num = p - buf; |
| 323 | s->init_off = 0; | 323 | s->internal->init_off = 0; |
| 324 | 324 | ||
| 325 | tls1_finish_mac(s, &(buf[SSL3_RT_HEADER_LENGTH]), | 325 | tls1_finish_mac(s, &(buf[SSL3_RT_HEADER_LENGTH]), |
| 326 | s->init_num - SSL3_RT_HEADER_LENGTH); | 326 | s->internal->init_num - SSL3_RT_HEADER_LENGTH); |
| 327 | 327 | ||
| 328 | s->state = SSL23_ST_CW_CLNT_HELLO_B; | 328 | s->state = SSL23_ST_CW_CLNT_HELLO_B; |
| 329 | s->init_off = 0; | 329 | s->internal->init_off = 0; |
| 330 | } | 330 | } |
| 331 | 331 | ||
| 332 | /* SSL3_ST_CW_CLNT_HELLO_B */ | 332 | /* SSL3_ST_CW_CLNT_HELLO_B */ |
| @@ -335,7 +335,7 @@ ssl23_client_hello(SSL *s) | |||
| 335 | if ((ret >= 2) && s->internal->msg_callback) { | 335 | if ((ret >= 2) && s->internal->msg_callback) { |
| 336 | /* Client Hello has been sent; tell msg_callback */ | 336 | /* Client Hello has been sent; tell msg_callback */ |
| 337 | s->internal->msg_callback(1, s->client_version, SSL3_RT_HANDSHAKE, | 337 | s->internal->msg_callback(1, s->client_version, SSL3_RT_HANDSHAKE, |
| 338 | s->init_buf->data + 5, ret - 5, s, s->internal->msg_callback_arg); | 338 | s->internal->init_buf->data + 5, ret - 5, s, s->internal->msg_callback_arg); |
| 339 | } | 339 | } |
| 340 | 340 | ||
| 341 | return ret; | 341 | return ret; |
| @@ -353,7 +353,7 @@ ssl23_get_server_hello(SSL *s) | |||
| 353 | 353 | ||
| 354 | if (n != 7) | 354 | if (n != 7) |
| 355 | return (n); | 355 | return (n); |
| 356 | p = s->packet; | 356 | p = s->internal->packet; |
| 357 | 357 | ||
| 358 | memcpy(buf, p, n); | 358 | memcpy(buf, p, n); |
| 359 | 359 | ||
| @@ -409,7 +409,7 @@ ssl23_get_server_hello(SSL *s) | |||
| 409 | s->internal->msg_callback(0, s->version, SSL3_RT_ALERT, | 409 | s->internal->msg_callback(0, s->version, SSL3_RT_ALERT, |
| 410 | p + 5, 2, s, s->internal->msg_callback_arg); | 410 | p + 5, 2, s, s->internal->msg_callback_arg); |
| 411 | 411 | ||
| 412 | s->rwstate = SSL_NOTHING; | 412 | s->internal->rwstate = SSL_NOTHING; |
| 413 | SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, | 413 | SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, |
| 414 | SSL_AD_REASON_OFFSET + p[6]); | 414 | SSL_AD_REASON_OFFSET + p[6]); |
| 415 | goto err; | 415 | goto err; |
| @@ -424,12 +424,12 @@ ssl23_get_server_hello(SSL *s) | |||
| 424 | /* put the 7 bytes we have read into the input buffer | 424 | /* put the 7 bytes we have read into the input buffer |
| 425 | * for SSLv3 */ | 425 | * for SSLv3 */ |
| 426 | s->rstate = SSL_ST_READ_HEADER; | 426 | s->rstate = SSL_ST_READ_HEADER; |
| 427 | s->packet_length = n; | 427 | s->internal->packet_length = n; |
| 428 | if (s->s3->rbuf.buf == NULL) | 428 | if (s->s3->rbuf.buf == NULL) |
| 429 | if (!ssl3_setup_read_buffer(s)) | 429 | if (!ssl3_setup_read_buffer(s)) |
| 430 | goto err; | 430 | goto err; |
| 431 | s->packet = &(s->s3->rbuf.buf[0]); | 431 | s->internal->packet = &(s->s3->rbuf.buf[0]); |
| 432 | memcpy(s->packet, buf, n); | 432 | memcpy(s->internal->packet, buf, n); |
| 433 | s->s3->rbuf.left = n; | 433 | s->s3->rbuf.left = n; |
| 434 | s->s3->rbuf.offset = 0; | 434 | s->s3->rbuf.offset = 0; |
| 435 | 435 | ||
| @@ -438,7 +438,7 @@ ssl23_get_server_hello(SSL *s) | |||
| 438 | SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNKNOWN_PROTOCOL); | 438 | SSLerr(SSL_F_SSL23_GET_SERVER_HELLO, SSL_R_UNKNOWN_PROTOCOL); |
| 439 | goto err; | 439 | goto err; |
| 440 | } | 440 | } |
| 441 | s->init_num = 0; | 441 | s->internal->init_num = 0; |
| 442 | 442 | ||
| 443 | /* | 443 | /* |
| 444 | * Since, if we are sending a ssl23 client hello, we are not | 444 | * Since, if we are sending a ssl23 client hello, we are not |
diff --git a/src/lib/libssl/s23_pkt.c b/src/lib/libssl/s23_pkt.c index 2081f48f08..da1ee900ab 100644 --- a/src/lib/libssl/s23_pkt.c +++ b/src/lib/libssl/s23_pkt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s23_pkt.c,v 1.9 2014/11/16 14:12:47 jsing Exp $ */ | 1 | /* $OpenBSD: s23_pkt.c,v 1.10 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -70,18 +70,18 @@ ssl23_write_bytes(SSL *s) | |||
| 70 | int i, num, tot; | 70 | int i, num, tot; |
| 71 | char *buf; | 71 | char *buf; |
| 72 | 72 | ||
| 73 | buf = s->init_buf->data; | 73 | buf = s->internal->init_buf->data; |
| 74 | tot = s->init_off; | 74 | tot = s->internal->init_off; |
| 75 | num = s->init_num; | 75 | num = s->internal->init_num; |
| 76 | for (;;) { | 76 | for (;;) { |
| 77 | s->rwstate = SSL_WRITING; | 77 | s->internal->rwstate = SSL_WRITING; |
| 78 | i = BIO_write(s->wbio, &(buf[tot]), num); | 78 | i = BIO_write(s->wbio, &(buf[tot]), num); |
| 79 | if (i <= 0) { | 79 | if (i <= 0) { |
| 80 | s->init_off = tot; | 80 | s->internal->init_off = tot; |
| 81 | s->init_num = num; | 81 | s->internal->init_num = num; |
| 82 | return (i); | 82 | return (i); |
| 83 | } | 83 | } |
| 84 | s->rwstate = SSL_NOTHING; | 84 | s->internal->rwstate = SSL_NOTHING; |
| 85 | if (i == num) | 85 | if (i == num) |
| 86 | return (tot + i); | 86 | return (tot + i); |
| 87 | 87 | ||
| @@ -97,19 +97,19 @@ ssl23_read_bytes(SSL *s, int n) | |||
| 97 | unsigned char *p; | 97 | unsigned char *p; |
| 98 | int j; | 98 | int j; |
| 99 | 99 | ||
| 100 | if (s->packet_length < (unsigned int)n) { | 100 | if (s->internal->packet_length < (unsigned int)n) { |
| 101 | p = s->packet; | 101 | p = s->internal->packet; |
| 102 | 102 | ||
| 103 | for (;;) { | 103 | for (;;) { |
| 104 | s->rwstate = SSL_READING; | 104 | s->internal->rwstate = SSL_READING; |
| 105 | j = BIO_read(s->rbio, (char *)&(p[s->packet_length]), | 105 | j = BIO_read(s->rbio, (char *)&(p[s->internal->packet_length]), |
| 106 | n - s->packet_length); | 106 | n - s->internal->packet_length); |
| 107 | if (j <= 0) | 107 | if (j <= 0) |
| 108 | return (j); | 108 | return (j); |
| 109 | s->rwstate = SSL_NOTHING; | 109 | s->internal->rwstate = SSL_NOTHING; |
| 110 | s->packet_length += j; | 110 | s->internal->packet_length += j; |
| 111 | if (s->packet_length >= (unsigned int)n) | 111 | if (s->internal->packet_length >= (unsigned int)n) |
| 112 | return (s->packet_length); | 112 | return (s->internal->packet_length); |
| 113 | } | 113 | } |
| 114 | } | 114 | } |
| 115 | return (n); | 115 | return (n); |
diff --git a/src/lib/libssl/s23_srvr.c b/src/lib/libssl/s23_srvr.c index 79c2eee521..6b5ac0cc63 100644 --- a/src/lib/libssl/s23_srvr.c +++ b/src/lib/libssl/s23_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s23_srvr.c,v 1.53 2017/01/23 04:55:26 beck Exp $ */ | 1 | /* $OpenBSD: s23_srvr.c,v 1.54 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -152,7 +152,7 @@ ssl23_accept(SSL *s) | |||
| 152 | cb(s, SSL_CB_HANDSHAKE_START, 1); | 152 | cb(s, SSL_CB_HANDSHAKE_START, 1); |
| 153 | 153 | ||
| 154 | /* s->version=SSL3_VERSION; */ | 154 | /* s->version=SSL3_VERSION; */ |
| 155 | s->type = SSL_ST_ACCEPT; | 155 | s->internal->type = SSL_ST_ACCEPT; |
| 156 | 156 | ||
| 157 | if (!ssl3_setup_init_buffer(s)) { | 157 | if (!ssl3_setup_init_buffer(s)) { |
| 158 | ret = -1; | 158 | ret = -1; |
| @@ -165,13 +165,13 @@ ssl23_accept(SSL *s) | |||
| 165 | 165 | ||
| 166 | s->state = SSL23_ST_SR_CLNT_HELLO_A; | 166 | s->state = SSL23_ST_SR_CLNT_HELLO_A; |
| 167 | s->ctx->internal->stats.sess_accept++; | 167 | s->ctx->internal->stats.sess_accept++; |
| 168 | s->init_num = 0; | 168 | s->internal->init_num = 0; |
| 169 | break; | 169 | break; |
| 170 | 170 | ||
| 171 | case SSL23_ST_SR_CLNT_HELLO_A: | 171 | case SSL23_ST_SR_CLNT_HELLO_A: |
| 172 | case SSL23_ST_SR_CLNT_HELLO_B: | 172 | case SSL23_ST_SR_CLNT_HELLO_B: |
| 173 | 173 | ||
| 174 | s->shutdown = 0; | 174 | s->internal->shutdown = 0; |
| 175 | ret = ssl23_get_client_hello(s); | 175 | ret = ssl23_get_client_hello(s); |
| 176 | if (ret >= 0) | 176 | if (ret >= 0) |
| 177 | cb = NULL; | 177 | cb = NULL; |
| @@ -237,7 +237,7 @@ ssl23_get_client_hello(SSL *s) | |||
| 237 | if (n != sizeof buf) | 237 | if (n != sizeof buf) |
| 238 | return(n); | 238 | return(n); |
| 239 | 239 | ||
| 240 | p = s->packet; | 240 | p = s->internal->packet; |
| 241 | 241 | ||
| 242 | memcpy(buf, p, n); | 242 | memcpy(buf, p, n); |
| 243 | 243 | ||
| @@ -314,7 +314,7 @@ ssl23_get_client_hello(SSL *s) | |||
| 314 | goto unsupported; | 314 | goto unsupported; |
| 315 | 315 | ||
| 316 | type = 2; | 316 | type = 2; |
| 317 | p = s->packet; | 317 | p = s->internal->packet; |
| 318 | client_version = p[3] << 8 | p[4]; | 318 | client_version = p[3] << 8 | p[4]; |
| 319 | 319 | ||
| 320 | /* An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2 | 320 | /* An SSLv3/TLSv1 backwards-compatible CLIENT-HELLO in an SSLv2 |
| @@ -344,18 +344,18 @@ ssl23_get_client_hello(SSL *s) | |||
| 344 | if (j != n + 2) | 344 | if (j != n + 2) |
| 345 | return -1; | 345 | return -1; |
| 346 | 346 | ||
| 347 | tls1_finish_mac(s, s->packet + 2, s->packet_length - 2); | 347 | tls1_finish_mac(s, s->internal->packet + 2, s->internal->packet_length - 2); |
| 348 | if (s->internal->msg_callback) | 348 | if (s->internal->msg_callback) |
| 349 | s->internal->msg_callback(0, SSL2_VERSION, 0, s->packet + 2, | 349 | s->internal->msg_callback(0, SSL2_VERSION, 0, s->internal->packet + 2, |
| 350 | s->packet_length - 2, s, s->internal->msg_callback_arg); | 350 | s->internal->packet_length - 2, s, s->internal->msg_callback_arg); |
| 351 | 351 | ||
| 352 | p = s->packet; | 352 | p = s->internal->packet; |
| 353 | p += 5; | 353 | p += 5; |
| 354 | n2s(p, csl); | 354 | n2s(p, csl); |
| 355 | n2s(p, sil); | 355 | n2s(p, sil); |
| 356 | n2s(p, cl); | 356 | n2s(p, cl); |
| 357 | d = (unsigned char *)s->init_buf->data; | 357 | d = (unsigned char *)s->internal->init_buf->data; |
| 358 | if ((csl + sil + cl + 11) != s->packet_length) { | 358 | if ((csl + sil + cl + 11) != s->internal->packet_length) { |
| 359 | /* | 359 | /* |
| 360 | * We can't have TLS extensions in SSL 2.0 format | 360 | * We can't have TLS extensions in SSL 2.0 format |
| 361 | * Client Hello, can we ? Error condition should be | 361 | * Client Hello, can we ? Error condition should be |
| @@ -403,7 +403,7 @@ ssl23_get_client_hello(SSL *s) | |||
| 403 | *(d++) = 1; | 403 | *(d++) = 1; |
| 404 | *(d++) = 0; | 404 | *(d++) = 0; |
| 405 | 405 | ||
| 406 | i = (d - (unsigned char *)s->init_buf->data) - 4; | 406 | i = (d - (unsigned char *)s->internal->init_buf->data) - 4; |
| 407 | l2n3((long)i, d_len); | 407 | l2n3((long)i, d_len); |
| 408 | 408 | ||
| 409 | /* get the data reused from the init_buf */ | 409 | /* get the data reused from the init_buf */ |
| @@ -428,17 +428,17 @@ ssl23_get_client_hello(SSL *s) | |||
| 428 | /* put the 'n' bytes we have read into the input buffer | 428 | /* put the 'n' bytes we have read into the input buffer |
| 429 | * for SSLv3 */ | 429 | * for SSLv3 */ |
| 430 | s->rstate = SSL_ST_READ_HEADER; | 430 | s->rstate = SSL_ST_READ_HEADER; |
| 431 | s->packet_length = n; | 431 | s->internal->packet_length = n; |
| 432 | if (s->s3->rbuf.buf == NULL) | 432 | if (s->s3->rbuf.buf == NULL) |
| 433 | if (!ssl3_setup_read_buffer(s)) | 433 | if (!ssl3_setup_read_buffer(s)) |
| 434 | return -1; | 434 | return -1; |
| 435 | 435 | ||
| 436 | s->packet = &(s->s3->rbuf.buf[0]); | 436 | s->internal->packet = &(s->s3->rbuf.buf[0]); |
| 437 | memcpy(s->packet, buf, n); | 437 | memcpy(s->internal->packet, buf, n); |
| 438 | s->s3->rbuf.left = n; | 438 | s->s3->rbuf.left = n; |
| 439 | s->s3->rbuf.offset = 0; | 439 | s->s3->rbuf.offset = 0; |
| 440 | } else { | 440 | } else { |
| 441 | s->packet_length = 0; | 441 | s->internal->packet_length = 0; |
| 442 | s->s3->rbuf.left = 0; | 442 | s->s3->rbuf.left = 0; |
| 443 | s->s3->rbuf.offset = 0; | 443 | s->s3->rbuf.offset = 0; |
| 444 | } | 444 | } |
| @@ -456,7 +456,7 @@ ssl23_get_client_hello(SSL *s) | |||
| 456 | SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNKNOWN_PROTOCOL); | 456 | SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO, SSL_R_UNKNOWN_PROTOCOL); |
| 457 | return -1; | 457 | return -1; |
| 458 | } | 458 | } |
| 459 | s->init_num = 0; | 459 | s->internal->init_num = 0; |
| 460 | 460 | ||
| 461 | return (SSL_accept(s)); | 461 | return (SSL_accept(s)); |
| 462 | 462 | ||
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c index 4dddcd232a..12559ab710 100644 --- a/src/lib/libssl/s3_both.c +++ b/src/lib/libssl/s3_both.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_both.c,v 1.52 2017/01/23 04:55:26 beck Exp $ */ | 1 | /* $OpenBSD: s3_both.c,v 1.53 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -128,7 +128,7 @@ | |||
| 128 | #include "bytestring.h" | 128 | #include "bytestring.h" |
| 129 | 129 | ||
| 130 | /* | 130 | /* |
| 131 | * Send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or | 131 | * Send s->internal->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or |
| 132 | * SSL3_RT_CHANGE_CIPHER_SPEC). | 132 | * SSL3_RT_CHANGE_CIPHER_SPEC). |
| 133 | */ | 133 | */ |
| 134 | int | 134 | int |
| @@ -136,8 +136,8 @@ ssl3_do_write(SSL *s, int type) | |||
| 136 | { | 136 | { |
| 137 | int ret; | 137 | int ret; |
| 138 | 138 | ||
| 139 | ret = ssl3_write_bytes(s, type, &s->init_buf->data[s->init_off], | 139 | ret = ssl3_write_bytes(s, type, &s->internal->init_buf->data[s->internal->init_off], |
| 140 | s->init_num); | 140 | s->internal->init_num); |
| 141 | if (ret < 0) | 141 | if (ret < 0) |
| 142 | return (-1); | 142 | return (-1); |
| 143 | 143 | ||
| @@ -147,18 +147,18 @@ ssl3_do_write(SSL *s, int type) | |||
| 147 | * we'll ignore the result anyway. | 147 | * we'll ignore the result anyway. |
| 148 | */ | 148 | */ |
| 149 | tls1_finish_mac(s, | 149 | tls1_finish_mac(s, |
| 150 | (unsigned char *)&s->init_buf->data[s->init_off], ret); | 150 | (unsigned char *)&s->internal->init_buf->data[s->internal->init_off], ret); |
| 151 | 151 | ||
| 152 | if (ret == s->init_num) { | 152 | if (ret == s->internal->init_num) { |
| 153 | if (s->internal->msg_callback) | 153 | if (s->internal->msg_callback) |
| 154 | s->internal->msg_callback(1, s->version, type, s->init_buf->data, | 154 | s->internal->msg_callback(1, s->version, type, s->internal->init_buf->data, |
| 155 | (size_t)(s->init_off + s->init_num), s, | 155 | (size_t)(s->internal->init_off + s->internal->init_num), s, |
| 156 | s->internal->msg_callback_arg); | 156 | s->internal->msg_callback_arg); |
| 157 | return (1); | 157 | return (1); |
| 158 | } | 158 | } |
| 159 | 159 | ||
| 160 | s->init_off += ret; | 160 | s->internal->init_off += ret; |
| 161 | s->init_num -= ret; | 161 | s->internal->init_num -= ret; |
| 162 | 162 | ||
| 163 | return (0); | 163 | return (0); |
| 164 | } | 164 | } |
| @@ -179,7 +179,7 @@ ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) | |||
| 179 | S3I(s)->tmp.finish_md_len = md_len; | 179 | S3I(s)->tmp.finish_md_len = md_len; |
| 180 | 180 | ||
| 181 | /* Copy finished so we can use it for renegotiation checks. */ | 181 | /* Copy finished so we can use it for renegotiation checks. */ |
| 182 | if (s->type == SSL_ST_CONNECT) { | 182 | if (s->internal->type == SSL_ST_CONNECT) { |
| 183 | memcpy(S3I(s)->previous_client_finished, | 183 | memcpy(S3I(s)->previous_client_finished, |
| 184 | S3I(s)->tmp.finish_md, md_len); | 184 | S3I(s)->tmp.finish_md, md_len); |
| 185 | S3I(s)->previous_client_finished_len = md_len; | 185 | S3I(s)->previous_client_finished_len = md_len; |
| @@ -257,7 +257,7 @@ ssl3_get_finished(SSL *s, int a, int b) | |||
| 257 | goto f_err; | 257 | goto f_err; |
| 258 | } | 258 | } |
| 259 | 259 | ||
| 260 | CBS_init(&cbs, s->init_msg, n); | 260 | CBS_init(&cbs, s->internal->init_msg, n); |
| 261 | 261 | ||
| 262 | if (S3I(s)->tmp.peer_finish_md_len != md_len || | 262 | if (S3I(s)->tmp.peer_finish_md_len != md_len || |
| 263 | CBS_len(&cbs) != md_len) { | 263 | CBS_len(&cbs) != md_len) { |
| @@ -274,7 +274,7 @@ ssl3_get_finished(SSL *s, int a, int b) | |||
| 274 | 274 | ||
| 275 | /* Copy finished so we can use it for renegotiation checks. */ | 275 | /* Copy finished so we can use it for renegotiation checks. */ |
| 276 | OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE); | 276 | OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE); |
| 277 | if (s->type == SSL_ST_ACCEPT) { | 277 | if (s->internal->type == SSL_ST_ACCEPT) { |
| 278 | memcpy(S3I(s)->previous_client_finished, | 278 | memcpy(S3I(s)->previous_client_finished, |
| 279 | S3I(s)->tmp.peer_finish_md, md_len); | 279 | S3I(s)->tmp.peer_finish_md, md_len); |
| 280 | S3I(s)->previous_client_finished_len = md_len; | 280 | S3I(s)->previous_client_finished_len = md_len; |
| @@ -303,10 +303,10 @@ ssl3_send_change_cipher_spec(SSL *s, int a, int b) | |||
| 303 | unsigned char *p; | 303 | unsigned char *p; |
| 304 | 304 | ||
| 305 | if (s->state == a) { | 305 | if (s->state == a) { |
| 306 | p = (unsigned char *)s->init_buf->data; | 306 | p = (unsigned char *)s->internal->init_buf->data; |
| 307 | *p = SSL3_MT_CCS; | 307 | *p = SSL3_MT_CCS; |
| 308 | s->init_num = 1; | 308 | s->internal->init_num = 1; |
| 309 | s->init_off = 0; | 309 | s->internal->init_off = 0; |
| 310 | 310 | ||
| 311 | s->state = b; | 311 | s->state = b; |
| 312 | } | 312 | } |
| @@ -425,28 +425,28 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) | |||
| 425 | goto f_err; | 425 | goto f_err; |
| 426 | } | 426 | } |
| 427 | *ok = 1; | 427 | *ok = 1; |
| 428 | s->init_msg = s->init_buf->data + 4; | 428 | s->internal->init_msg = s->internal->init_buf->data + 4; |
| 429 | s->init_num = (int)S3I(s)->tmp.message_size; | 429 | s->internal->init_num = (int)S3I(s)->tmp.message_size; |
| 430 | return s->init_num; | 430 | return s->internal->init_num; |
| 431 | } | 431 | } |
| 432 | 432 | ||
| 433 | p = (unsigned char *)s->init_buf->data; | 433 | p = (unsigned char *)s->internal->init_buf->data; |
| 434 | 434 | ||
| 435 | /* s->init_num < 4 */ | 435 | /* s->internal->init_num < 4 */ |
| 436 | if (s->state == st1) { | 436 | if (s->state == st1) { |
| 437 | int skip_message; | 437 | int skip_message; |
| 438 | 438 | ||
| 439 | do { | 439 | do { |
| 440 | while (s->init_num < 4) { | 440 | while (s->internal->init_num < 4) { |
| 441 | i = s->method->ssl_read_bytes(s, | 441 | i = s->method->ssl_read_bytes(s, |
| 442 | SSL3_RT_HANDSHAKE, &p[s->init_num], | 442 | SSL3_RT_HANDSHAKE, &p[s->internal->init_num], |
| 443 | 4 - s->init_num, 0); | 443 | 4 - s->internal->init_num, 0); |
| 444 | if (i <= 0) { | 444 | if (i <= 0) { |
| 445 | s->rwstate = SSL_READING; | 445 | s->internal->rwstate = SSL_READING; |
| 446 | *ok = 0; | 446 | *ok = 0; |
| 447 | return i; | 447 | return i; |
| 448 | } | 448 | } |
| 449 | s->init_num += i; | 449 | s->internal->init_num += i; |
| 450 | } | 450 | } |
| 451 | 451 | ||
| 452 | skip_message = 0; | 452 | skip_message = 0; |
| @@ -458,7 +458,7 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) | |||
| 458 | * correct. Does not count for 'Finished' MAC. | 458 | * correct. Does not count for 'Finished' MAC. |
| 459 | */ | 459 | */ |
| 460 | if (p[1] == 0 && p[2] == 0 &&p[3] == 0) { | 460 | if (p[1] == 0 && p[2] == 0 &&p[3] == 0) { |
| 461 | s->init_num = 0; | 461 | s->internal->init_num = 0; |
| 462 | skip_message = 1; | 462 | skip_message = 1; |
| 463 | 463 | ||
| 464 | if (s->internal->msg_callback) | 464 | if (s->internal->msg_callback) |
| @@ -469,7 +469,7 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) | |||
| 469 | } | 469 | } |
| 470 | } while (skip_message); | 470 | } while (skip_message); |
| 471 | 471 | ||
| 472 | /* s->init_num == 4 */ | 472 | /* s->internal->init_num == 4 */ |
| 473 | 473 | ||
| 474 | if ((mt >= 0) && (*p != mt)) { | 474 | if ((mt >= 0) && (*p != mt)) { |
| 475 | al = SSL_AD_UNEXPECTED_MESSAGE; | 475 | al = SSL_AD_UNEXPECTED_MESSAGE; |
| @@ -492,46 +492,46 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) | |||
| 492 | SSL_R_EXCESSIVE_MESSAGE_SIZE); | 492 | SSL_R_EXCESSIVE_MESSAGE_SIZE); |
| 493 | goto f_err; | 493 | goto f_err; |
| 494 | } | 494 | } |
| 495 | if (l && !BUF_MEM_grow_clean(s->init_buf, l + 4)) { | 495 | if (l && !BUF_MEM_grow_clean(s->internal->init_buf, l + 4)) { |
| 496 | SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB); | 496 | SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB); |
| 497 | goto err; | 497 | goto err; |
| 498 | } | 498 | } |
| 499 | S3I(s)->tmp.message_size = l; | 499 | S3I(s)->tmp.message_size = l; |
| 500 | s->state = stn; | 500 | s->state = stn; |
| 501 | 501 | ||
| 502 | s->init_msg = s->init_buf->data + 4; | 502 | s->internal->init_msg = s->internal->init_buf->data + 4; |
| 503 | s->init_num = 0; | 503 | s->internal->init_num = 0; |
| 504 | } | 504 | } |
| 505 | 505 | ||
| 506 | /* next state (stn) */ | 506 | /* next state (stn) */ |
| 507 | p = s->init_msg; | 507 | p = s->internal->init_msg; |
| 508 | n = S3I(s)->tmp.message_size - s->init_num; | 508 | n = S3I(s)->tmp.message_size - s->internal->init_num; |
| 509 | while (n > 0) { | 509 | while (n > 0) { |
| 510 | i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, | 510 | i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, |
| 511 | &p[s->init_num], n, 0); | 511 | &p[s->internal->init_num], n, 0); |
| 512 | if (i <= 0) { | 512 | if (i <= 0) { |
| 513 | s->rwstate = SSL_READING; | 513 | s->internal->rwstate = SSL_READING; |
| 514 | *ok = 0; | 514 | *ok = 0; |
| 515 | return i; | 515 | return i; |
| 516 | } | 516 | } |
| 517 | s->init_num += i; | 517 | s->internal->init_num += i; |
| 518 | n -= i; | 518 | n -= i; |
| 519 | } | 519 | } |
| 520 | 520 | ||
| 521 | /* If receiving Finished, record MAC of prior handshake messages for | 521 | /* If receiving Finished, record MAC of prior handshake messages for |
| 522 | * Finished verification. */ | 522 | * Finished verification. */ |
| 523 | if (*s->init_buf->data == SSL3_MT_FINISHED) | 523 | if (*s->internal->init_buf->data == SSL3_MT_FINISHED) |
| 524 | ssl3_take_mac(s); | 524 | ssl3_take_mac(s); |
| 525 | 525 | ||
| 526 | /* Feed this message into MAC computation. */ | 526 | /* Feed this message into MAC computation. */ |
| 527 | tls1_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4); | 527 | tls1_finish_mac(s, (unsigned char *)s->internal->init_buf->data, s->internal->init_num + 4); |
| 528 | if (s->internal->msg_callback) | 528 | if (s->internal->msg_callback) |
| 529 | s->internal->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, | 529 | s->internal->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, |
| 530 | s->init_buf->data, (size_t)s->init_num + 4, s, | 530 | s->internal->init_buf->data, (size_t)s->internal->init_num + 4, s, |
| 531 | s->internal->msg_callback_arg); | 531 | s->internal->msg_callback_arg); |
| 532 | 532 | ||
| 533 | *ok = 1; | 533 | *ok = 1; |
| 534 | return (s->init_num); | 534 | return (s->internal->init_num); |
| 535 | 535 | ||
| 536 | f_err: | 536 | f_err: |
| 537 | ssl3_send_alert(s, SSL3_AL_FATAL, al); | 537 | ssl3_send_alert(s, SSL3_AL_FATAL, al); |
| @@ -636,7 +636,7 @@ ssl3_setup_init_buffer(SSL *s) | |||
| 636 | { | 636 | { |
| 637 | BUF_MEM *buf = NULL; | 637 | BUF_MEM *buf = NULL; |
| 638 | 638 | ||
| 639 | if (s->init_buf != NULL) | 639 | if (s->internal->init_buf != NULL) |
| 640 | return (1); | 640 | return (1); |
| 641 | 641 | ||
| 642 | if ((buf = BUF_MEM_new()) == NULL) | 642 | if ((buf = BUF_MEM_new()) == NULL) |
| @@ -644,7 +644,7 @@ ssl3_setup_init_buffer(SSL *s) | |||
| 644 | if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) | 644 | if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) |
| 645 | goto err; | 645 | goto err; |
| 646 | 646 | ||
| 647 | s->init_buf = buf; | 647 | s->internal->init_buf = buf; |
| 648 | return (1); | 648 | return (1); |
| 649 | 649 | ||
| 650 | err: | 650 | err: |
| @@ -674,7 +674,7 @@ ssl3_setup_read_buffer(SSL *s) | |||
| 674 | s->s3->rbuf.len = len; | 674 | s->s3->rbuf.len = len; |
| 675 | } | 675 | } |
| 676 | 676 | ||
| 677 | s->packet = &(s->s3->rbuf.buf[0]); | 677 | s->internal->packet = &(s->s3->rbuf.buf[0]); |
| 678 | return 1; | 678 | return 1; |
| 679 | 679 | ||
| 680 | err: | 680 | err: |
diff --git a/src/lib/libssl/s3_cbc.c b/src/lib/libssl/s3_cbc.c index f0bf5bc38b..10b6ddde0f 100644 --- a/src/lib/libssl/s3_cbc.c +++ b/src/lib/libssl/s3_cbc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_cbc.c,v 1.14 2016/11/08 21:25:01 miod Exp $ */ | 1 | /* $OpenBSD: s3_cbc.c,v 1.15 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 2012 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 2012 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| @@ -135,7 +135,7 @@ tls1_cbc_remove_padding(const SSL* s, SSL3_RECORD *rec, unsigned block_size, | |||
| 135 | 135 | ||
| 136 | padding_length = rec->data[rec->length - 1]; | 136 | padding_length = rec->data[rec->length - 1]; |
| 137 | 137 | ||
| 138 | if (EVP_CIPHER_flags(s->enc_read_ctx->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) { | 138 | if (EVP_CIPHER_flags(s->internal->enc_read_ctx->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) { |
| 139 | /* padding is already verified */ | 139 | /* padding is already verified */ |
| 140 | rec->length -= padding_length + 1; | 140 | rec->length -= padding_length + 1; |
| 141 | return 1; | 141 | return 1; |
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 8c1a87f38e..0893682e75 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_clnt.c,v 1.167 2017/01/23 05:13:02 jsing Exp $ */ | 1 | /* $OpenBSD: s3_clnt.c,v 1.168 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -197,7 +197,7 @@ ssl3_connect(SSL *s) | |||
| 197 | 197 | ||
| 198 | switch (s->state) { | 198 | switch (s->state) { |
| 199 | case SSL_ST_RENEGOTIATE: | 199 | case SSL_ST_RENEGOTIATE: |
| 200 | s->renegotiate = 1; | 200 | s->internal->renegotiate = 1; |
| 201 | s->state = SSL_ST_CONNECT; | 201 | s->state = SSL_ST_CONNECT; |
| 202 | s->ctx->internal->stats.sess_connect_renegotiate++; | 202 | s->ctx->internal->stats.sess_connect_renegotiate++; |
| 203 | /* break */ | 203 | /* break */ |
| @@ -218,7 +218,7 @@ ssl3_connect(SSL *s) | |||
| 218 | } | 218 | } |
| 219 | 219 | ||
| 220 | /* s->version=SSL3_VERSION; */ | 220 | /* s->version=SSL3_VERSION; */ |
| 221 | s->type = SSL_ST_CONNECT; | 221 | s->internal->type = SSL_ST_CONNECT; |
| 222 | 222 | ||
| 223 | if (!ssl3_setup_init_buffer(s)) { | 223 | if (!ssl3_setup_init_buffer(s)) { |
| 224 | ret = -1; | 224 | ret = -1; |
| @@ -242,18 +242,18 @@ ssl3_connect(SSL *s) | |||
| 242 | 242 | ||
| 243 | s->state = SSL3_ST_CW_CLNT_HELLO_A; | 243 | s->state = SSL3_ST_CW_CLNT_HELLO_A; |
| 244 | s->ctx->internal->stats.sess_connect++; | 244 | s->ctx->internal->stats.sess_connect++; |
| 245 | s->init_num = 0; | 245 | s->internal->init_num = 0; |
| 246 | break; | 246 | break; |
| 247 | 247 | ||
| 248 | case SSL3_ST_CW_CLNT_HELLO_A: | 248 | case SSL3_ST_CW_CLNT_HELLO_A: |
| 249 | case SSL3_ST_CW_CLNT_HELLO_B: | 249 | case SSL3_ST_CW_CLNT_HELLO_B: |
| 250 | 250 | ||
| 251 | s->shutdown = 0; | 251 | s->internal->shutdown = 0; |
| 252 | ret = ssl3_client_hello(s); | 252 | ret = ssl3_client_hello(s); |
| 253 | if (ret <= 0) | 253 | if (ret <= 0) |
| 254 | goto end; | 254 | goto end; |
| 255 | s->state = SSL3_ST_CR_SRVR_HELLO_A; | 255 | s->state = SSL3_ST_CR_SRVR_HELLO_A; |
| 256 | s->init_num = 0; | 256 | s->internal->init_num = 0; |
| 257 | 257 | ||
| 258 | /* turn on buffering for the next lot of output */ | 258 | /* turn on buffering for the next lot of output */ |
| 259 | if (s->bbio != s->wbio) | 259 | if (s->bbio != s->wbio) |
| @@ -267,15 +267,15 @@ ssl3_connect(SSL *s) | |||
| 267 | if (ret <= 0) | 267 | if (ret <= 0) |
| 268 | goto end; | 268 | goto end; |
| 269 | 269 | ||
| 270 | if (s->hit) { | 270 | if (s->internal->hit) { |
| 271 | s->state = SSL3_ST_CR_FINISHED_A; | 271 | s->state = SSL3_ST_CR_FINISHED_A; |
| 272 | if (s->tlsext_ticket_expected) { | 272 | if (s->internal->tlsext_ticket_expected) { |
| 273 | /* receive renewed session ticket */ | 273 | /* receive renewed session ticket */ |
| 274 | s->state = SSL3_ST_CR_SESSION_TICKET_A; | 274 | s->state = SSL3_ST_CR_SESSION_TICKET_A; |
| 275 | } | 275 | } |
| 276 | } else | 276 | } else |
| 277 | s->state = SSL3_ST_CR_CERT_A; | 277 | s->state = SSL3_ST_CR_CERT_A; |
| 278 | s->init_num = 0; | 278 | s->internal->init_num = 0; |
| 279 | break; | 279 | break; |
| 280 | 280 | ||
| 281 | case SSL3_ST_CR_CERT_A: | 281 | case SSL3_ST_CR_CERT_A: |
| @@ -284,12 +284,12 @@ ssl3_connect(SSL *s) | |||
| 284 | if (ret <= 0) | 284 | if (ret <= 0) |
| 285 | goto end; | 285 | goto end; |
| 286 | if (ret == 2) { | 286 | if (ret == 2) { |
| 287 | s->hit = 1; | 287 | s->internal->hit = 1; |
| 288 | if (s->tlsext_ticket_expected) | 288 | if (s->internal->tlsext_ticket_expected) |
| 289 | s->state = SSL3_ST_CR_SESSION_TICKET_A; | 289 | s->state = SSL3_ST_CR_SESSION_TICKET_A; |
| 290 | else | 290 | else |
| 291 | s->state = SSL3_ST_CR_FINISHED_A; | 291 | s->state = SSL3_ST_CR_FINISHED_A; |
| 292 | s->init_num = 0; | 292 | s->internal->init_num = 0; |
| 293 | break; | 293 | break; |
| 294 | } | 294 | } |
| 295 | /* Check if it is anon DH/ECDH. */ | 295 | /* Check if it is anon DH/ECDH. */ |
| @@ -298,7 +298,7 @@ ssl3_connect(SSL *s) | |||
| 298 | ret = ssl3_get_server_certificate(s); | 298 | ret = ssl3_get_server_certificate(s); |
| 299 | if (ret <= 0) | 299 | if (ret <= 0) |
| 300 | goto end; | 300 | goto end; |
| 301 | if (s->tlsext_status_expected) | 301 | if (s->internal->tlsext_status_expected) |
| 302 | s->state = SSL3_ST_CR_CERT_STATUS_A; | 302 | s->state = SSL3_ST_CR_CERT_STATUS_A; |
| 303 | else | 303 | else |
| 304 | s->state = SSL3_ST_CR_KEY_EXCH_A; | 304 | s->state = SSL3_ST_CR_KEY_EXCH_A; |
| @@ -306,7 +306,7 @@ ssl3_connect(SSL *s) | |||
| 306 | skip = 1; | 306 | skip = 1; |
| 307 | s->state = SSL3_ST_CR_KEY_EXCH_A; | 307 | s->state = SSL3_ST_CR_KEY_EXCH_A; |
| 308 | } | 308 | } |
| 309 | s->init_num = 0; | 309 | s->internal->init_num = 0; |
| 310 | break; | 310 | break; |
| 311 | 311 | ||
| 312 | case SSL3_ST_CR_KEY_EXCH_A: | 312 | case SSL3_ST_CR_KEY_EXCH_A: |
| @@ -315,7 +315,7 @@ ssl3_connect(SSL *s) | |||
| 315 | if (ret <= 0) | 315 | if (ret <= 0) |
| 316 | goto end; | 316 | goto end; |
| 317 | s->state = SSL3_ST_CR_CERT_REQ_A; | 317 | s->state = SSL3_ST_CR_CERT_REQ_A; |
| 318 | s->init_num = 0; | 318 | s->internal->init_num = 0; |
| 319 | 319 | ||
| 320 | /* | 320 | /* |
| 321 | * At this point we check that we have the | 321 | * At this point we check that we have the |
| @@ -333,7 +333,7 @@ ssl3_connect(SSL *s) | |||
| 333 | if (ret <= 0) | 333 | if (ret <= 0) |
| 334 | goto end; | 334 | goto end; |
| 335 | s->state = SSL3_ST_CR_SRVR_DONE_A; | 335 | s->state = SSL3_ST_CR_SRVR_DONE_A; |
| 336 | s->init_num = 0; | 336 | s->internal->init_num = 0; |
| 337 | break; | 337 | break; |
| 338 | 338 | ||
| 339 | case SSL3_ST_CR_SRVR_DONE_A: | 339 | case SSL3_ST_CR_SRVR_DONE_A: |
| @@ -345,7 +345,7 @@ ssl3_connect(SSL *s) | |||
| 345 | s->state = SSL3_ST_CW_CERT_A; | 345 | s->state = SSL3_ST_CW_CERT_A; |
| 346 | else | 346 | else |
| 347 | s->state = SSL3_ST_CW_KEY_EXCH_A; | 347 | s->state = SSL3_ST_CW_KEY_EXCH_A; |
| 348 | s->init_num = 0; | 348 | s->internal->init_num = 0; |
| 349 | 349 | ||
| 350 | break; | 350 | break; |
| 351 | 351 | ||
| @@ -357,7 +357,7 @@ ssl3_connect(SSL *s) | |||
| 357 | if (ret <= 0) | 357 | if (ret <= 0) |
| 358 | goto end; | 358 | goto end; |
| 359 | s->state = SSL3_ST_CW_KEY_EXCH_A; | 359 | s->state = SSL3_ST_CW_KEY_EXCH_A; |
| 360 | s->init_num = 0; | 360 | s->internal->init_num = 0; |
| 361 | break; | 361 | break; |
| 362 | 362 | ||
| 363 | case SSL3_ST_CW_KEY_EXCH_A: | 363 | case SSL3_ST_CW_KEY_EXCH_A: |
| @@ -392,7 +392,7 @@ ssl3_connect(SSL *s) | |||
| 392 | S3I(s)->change_cipher_spec = 0; | 392 | S3I(s)->change_cipher_spec = 0; |
| 393 | } | 393 | } |
| 394 | 394 | ||
| 395 | s->init_num = 0; | 395 | s->internal->init_num = 0; |
| 396 | break; | 396 | break; |
| 397 | 397 | ||
| 398 | case SSL3_ST_CW_CERT_VRFY_A: | 398 | case SSL3_ST_CW_CERT_VRFY_A: |
| @@ -401,7 +401,7 @@ ssl3_connect(SSL *s) | |||
| 401 | if (ret <= 0) | 401 | if (ret <= 0) |
| 402 | goto end; | 402 | goto end; |
| 403 | s->state = SSL3_ST_CW_CHANGE_A; | 403 | s->state = SSL3_ST_CW_CHANGE_A; |
| 404 | s->init_num = 0; | 404 | s->internal->init_num = 0; |
| 405 | S3I(s)->change_cipher_spec = 0; | 405 | S3I(s)->change_cipher_spec = 0; |
| 406 | break; | 406 | break; |
| 407 | 407 | ||
| @@ -416,7 +416,7 @@ ssl3_connect(SSL *s) | |||
| 416 | s->state = SSL3_ST_CW_NEXT_PROTO_A; | 416 | s->state = SSL3_ST_CW_NEXT_PROTO_A; |
| 417 | else | 417 | else |
| 418 | s->state = SSL3_ST_CW_FINISHED_A; | 418 | s->state = SSL3_ST_CW_FINISHED_A; |
| 419 | s->init_num = 0; | 419 | s->internal->init_num = 0; |
| 420 | 420 | ||
| 421 | s->session->cipher = S3I(s)->tmp.new_cipher; | 421 | s->session->cipher = S3I(s)->tmp.new_cipher; |
| 422 | if (!s->method->ssl3_enc->setup_key_block(s)) { | 422 | if (!s->method->ssl3_enc->setup_key_block(s)) { |
| @@ -453,7 +453,7 @@ ssl3_connect(SSL *s) | |||
| 453 | 453 | ||
| 454 | /* clear flags */ | 454 | /* clear flags */ |
| 455 | s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER; | 455 | s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER; |
| 456 | if (s->hit) { | 456 | if (s->internal->hit) { |
| 457 | S3I(s)->tmp.next_state = SSL_ST_OK; | 457 | S3I(s)->tmp.next_state = SSL_ST_OK; |
| 458 | if (s->s3->flags & | 458 | if (s->s3->flags & |
| 459 | SSL3_FLAGS_DELAY_CLIENT_FINISHED) { | 459 | SSL3_FLAGS_DELAY_CLIENT_FINISHED) { |
| @@ -463,14 +463,14 @@ ssl3_connect(SSL *s) | |||
| 463 | } | 463 | } |
| 464 | } else { | 464 | } else { |
| 465 | /* Allow NewSessionTicket if ticket expected */ | 465 | /* Allow NewSessionTicket if ticket expected */ |
| 466 | if (s->tlsext_ticket_expected) | 466 | if (s->internal->tlsext_ticket_expected) |
| 467 | S3I(s)->tmp.next_state = | 467 | S3I(s)->tmp.next_state = |
| 468 | SSL3_ST_CR_SESSION_TICKET_A; | 468 | SSL3_ST_CR_SESSION_TICKET_A; |
| 469 | else | 469 | else |
| 470 | 470 | ||
| 471 | S3I(s)->tmp.next_state = SSL3_ST_CR_FINISHED_A; | 471 | S3I(s)->tmp.next_state = SSL3_ST_CR_FINISHED_A; |
| 472 | } | 472 | } |
| 473 | s->init_num = 0; | 473 | s->internal->init_num = 0; |
| 474 | break; | 474 | break; |
| 475 | 475 | ||
| 476 | case SSL3_ST_CR_SESSION_TICKET_A: | 476 | case SSL3_ST_CR_SESSION_TICKET_A: |
| @@ -479,7 +479,7 @@ ssl3_connect(SSL *s) | |||
| 479 | if (ret <= 0) | 479 | if (ret <= 0) |
| 480 | goto end; | 480 | goto end; |
| 481 | s->state = SSL3_ST_CR_FINISHED_A; | 481 | s->state = SSL3_ST_CR_FINISHED_A; |
| 482 | s->init_num = 0; | 482 | s->internal->init_num = 0; |
| 483 | break; | 483 | break; |
| 484 | 484 | ||
| 485 | case SSL3_ST_CR_CERT_STATUS_A: | 485 | case SSL3_ST_CR_CERT_STATUS_A: |
| @@ -488,7 +488,7 @@ ssl3_connect(SSL *s) | |||
| 488 | if (ret <= 0) | 488 | if (ret <= 0) |
| 489 | goto end; | 489 | goto end; |
| 490 | s->state = SSL3_ST_CR_KEY_EXCH_A; | 490 | s->state = SSL3_ST_CR_KEY_EXCH_A; |
| 491 | s->init_num = 0; | 491 | s->internal->init_num = 0; |
| 492 | break; | 492 | break; |
| 493 | 493 | ||
| 494 | case SSL3_ST_CR_FINISHED_A: | 494 | case SSL3_ST_CR_FINISHED_A: |
| @@ -499,20 +499,20 @@ ssl3_connect(SSL *s) | |||
| 499 | if (ret <= 0) | 499 | if (ret <= 0) |
| 500 | goto end; | 500 | goto end; |
| 501 | 501 | ||
| 502 | if (s->hit) | 502 | if (s->internal->hit) |
| 503 | s->state = SSL3_ST_CW_CHANGE_A; | 503 | s->state = SSL3_ST_CW_CHANGE_A; |
| 504 | else | 504 | else |
| 505 | s->state = SSL_ST_OK; | 505 | s->state = SSL_ST_OK; |
| 506 | s->init_num = 0; | 506 | s->internal->init_num = 0; |
| 507 | break; | 507 | break; |
| 508 | 508 | ||
| 509 | case SSL3_ST_CW_FLUSH: | 509 | case SSL3_ST_CW_FLUSH: |
| 510 | s->rwstate = SSL_WRITING; | 510 | s->internal->rwstate = SSL_WRITING; |
| 511 | if (BIO_flush(s->wbio) <= 0) { | 511 | if (BIO_flush(s->wbio) <= 0) { |
| 512 | ret = -1; | 512 | ret = -1; |
| 513 | goto end; | 513 | goto end; |
| 514 | } | 514 | } |
| 515 | s->rwstate = SSL_NOTHING; | 515 | s->internal->rwstate = SSL_NOTHING; |
| 516 | s->state = S3I(s)->tmp.next_state; | 516 | s->state = S3I(s)->tmp.next_state; |
| 517 | break; | 517 | break; |
| 518 | 518 | ||
| @@ -520,9 +520,9 @@ ssl3_connect(SSL *s) | |||
| 520 | /* clean a few things up */ | 520 | /* clean a few things up */ |
| 521 | tls1_cleanup_key_block(s); | 521 | tls1_cleanup_key_block(s); |
| 522 | 522 | ||
| 523 | if (s->init_buf != NULL) { | 523 | if (s->internal->init_buf != NULL) { |
| 524 | BUF_MEM_free(s->init_buf); | 524 | BUF_MEM_free(s->internal->init_buf); |
| 525 | s->init_buf = NULL; | 525 | s->internal->init_buf = NULL; |
| 526 | } | 526 | } |
| 527 | 527 | ||
| 528 | /* | 528 | /* |
| @@ -533,12 +533,12 @@ ssl3_connect(SSL *s) | |||
| 533 | ssl_free_wbio_buffer(s); | 533 | ssl_free_wbio_buffer(s); |
| 534 | /* else do it later in ssl3_write */ | 534 | /* else do it later in ssl3_write */ |
| 535 | 535 | ||
| 536 | s->init_num = 0; | 536 | s->internal->init_num = 0; |
| 537 | s->renegotiate = 0; | 537 | s->internal->renegotiate = 0; |
| 538 | s->new_session = 0; | 538 | s->internal->new_session = 0; |
| 539 | 539 | ||
| 540 | ssl_update_cache(s, SSL_SESS_CACHE_CLIENT); | 540 | ssl_update_cache(s, SSL_SESS_CACHE_CLIENT); |
| 541 | if (s->hit) | 541 | if (s->internal->hit) |
| 542 | s->ctx->internal->stats.sess_hit++; | 542 | s->ctx->internal->stats.sess_hit++; |
| 543 | 543 | ||
| 544 | ret = 1; | 544 | ret = 1; |
| @@ -562,7 +562,7 @@ ssl3_connect(SSL *s) | |||
| 562 | 562 | ||
| 563 | /* did we do anything */ | 563 | /* did we do anything */ |
| 564 | if (!S3I(s)->tmp.reuse_message && !skip) { | 564 | if (!S3I(s)->tmp.reuse_message && !skip) { |
| 565 | if (s->debug) { | 565 | if (s->internal->debug) { |
| 566 | if ((ret = BIO_flush(s->wbio)) <= 0) | 566 | if ((ret = BIO_flush(s->wbio)) <= 0) |
| 567 | goto end; | 567 | goto end; |
| 568 | } | 568 | } |
| @@ -592,7 +592,7 @@ ssl3_client_hello(SSL *s) | |||
| 592 | size_t outlen; | 592 | size_t outlen; |
| 593 | int i; | 593 | int i; |
| 594 | 594 | ||
| 595 | bufend = (unsigned char *)s->init_buf->data + SSL3_RT_MAX_PLAIN_LENGTH; | 595 | bufend = (unsigned char *)s->internal->init_buf->data + SSL3_RT_MAX_PLAIN_LENGTH; |
| 596 | 596 | ||
| 597 | if (s->state == SSL3_ST_CW_CLNT_HELLO_A) { | 597 | if (s->state == SSL3_ST_CW_CLNT_HELLO_A) { |
| 598 | SSL_SESSION *sess = s->session; | 598 | SSL_SESSION *sess = s->session; |
| @@ -654,7 +654,7 @@ ssl3_client_hello(SSL *s) | |||
| 654 | p += SSL3_RANDOM_SIZE; | 654 | p += SSL3_RANDOM_SIZE; |
| 655 | 655 | ||
| 656 | /* Session ID */ | 656 | /* Session ID */ |
| 657 | if (s->new_session) | 657 | if (s->internal->new_session) |
| 658 | i = 0; | 658 | i = 0; |
| 659 | else | 659 | else |
| 660 | i = s->session->session_id_length; | 660 | i = s->session->session_id_length; |
| @@ -739,7 +739,7 @@ ssl3_get_server_hello(SSL *s) | |||
| 739 | if (n < 0) | 739 | if (n < 0) |
| 740 | goto truncated; | 740 | goto truncated; |
| 741 | 741 | ||
| 742 | CBS_init(&cbs, s->init_msg, n); | 742 | CBS_init(&cbs, s->internal->init_msg, n); |
| 743 | 743 | ||
| 744 | if (SSL_IS_DTLS(s)) { | 744 | if (SSL_IS_DTLS(s)) { |
| 745 | if (S3I(s)->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) { | 745 | if (S3I(s)->tmp.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) { |
| @@ -825,13 +825,13 @@ ssl3_get_server_hello(SSL *s) | |||
| 825 | goto f_err; | 825 | goto f_err; |
| 826 | } | 826 | } |
| 827 | s->s3->flags |= SSL3_FLAGS_CCS_OK; | 827 | s->s3->flags |= SSL3_FLAGS_CCS_OK; |
| 828 | s->hit = 1; | 828 | s->internal->hit = 1; |
| 829 | } else { | 829 | } else { |
| 830 | /* a miss or crap from the other end */ | 830 | /* a miss or crap from the other end */ |
| 831 | 831 | ||
| 832 | /* If we were trying for session-id reuse, make a new | 832 | /* If we were trying for session-id reuse, make a new |
| 833 | * SSL_SESSION so we don't stuff up other people */ | 833 | * SSL_SESSION so we don't stuff up other people */ |
| 834 | s->hit = 0; | 834 | s->internal->hit = 0; |
| 835 | if (s->session->session_id_length > 0) { | 835 | if (s->session->session_id_length > 0) { |
| 836 | if (!ssl_get_new_session(s, 0)) { | 836 | if (!ssl_get_new_session(s, 0)) { |
| 837 | al = SSL_AD_INTERNAL_ERROR; | 837 | al = SSL_AD_INTERNAL_ERROR; |
| @@ -881,7 +881,7 @@ ssl3_get_server_hello(SSL *s) | |||
| 881 | */ | 881 | */ |
| 882 | if (s->session->cipher) | 882 | if (s->session->cipher) |
| 883 | s->session->cipher_id = s->session->cipher->id; | 883 | s->session->cipher_id = s->session->cipher->id; |
| 884 | if (s->hit && (s->session->cipher_id != cipher->id)) { | 884 | if (s->internal->hit && (s->session->cipher_id != cipher->id)) { |
| 885 | al = SSL_AD_ILLEGAL_PARAMETER; | 885 | al = SSL_AD_ILLEGAL_PARAMETER; |
| 886 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, | 886 | SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, |
| 887 | SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); | 887 | SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED); |
| @@ -951,7 +951,7 @@ ssl3_get_server_certificate(SSL *s) | |||
| 951 | EVP_PKEY *pkey = NULL; | 951 | EVP_PKEY *pkey = NULL; |
| 952 | 952 | ||
| 953 | n = s->method->ssl_get_message(s, SSL3_ST_CR_CERT_A, | 953 | n = s->method->ssl_get_message(s, SSL3_ST_CR_CERT_A, |
| 954 | SSL3_ST_CR_CERT_B, -1, s->max_cert_list, &ok); | 954 | SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok); |
| 955 | 955 | ||
| 956 | if (!ok) | 956 | if (!ok) |
| 957 | return ((int)n); | 957 | return ((int)n); |
| @@ -978,7 +978,7 @@ ssl3_get_server_certificate(SSL *s) | |||
| 978 | if (n < 0) | 978 | if (n < 0) |
| 979 | goto truncated; | 979 | goto truncated; |
| 980 | 980 | ||
| 981 | CBS_init(&cbs, s->init_msg, n); | 981 | CBS_init(&cbs, s->internal->init_msg, n); |
| 982 | if (CBS_len(&cbs) < 3) | 982 | if (CBS_len(&cbs) < 3) |
| 983 | goto truncated; | 983 | goto truncated; |
| 984 | 984 | ||
| @@ -1374,7 +1374,7 @@ ssl3_get_server_key_exchange(SSL *s) | |||
| 1374 | * as ServerKeyExchange message may be skipped. | 1374 | * as ServerKeyExchange message may be skipped. |
| 1375 | */ | 1375 | */ |
| 1376 | n = s->method->ssl_get_message(s, SSL3_ST_CR_KEY_EXCH_A, | 1376 | n = s->method->ssl_get_message(s, SSL3_ST_CR_KEY_EXCH_A, |
| 1377 | SSL3_ST_CR_KEY_EXCH_B, -1, s->max_cert_list, &ok); | 1377 | SSL3_ST_CR_KEY_EXCH_B, -1, s->internal->max_cert_list, &ok); |
| 1378 | if (!ok) | 1378 | if (!ok) |
| 1379 | return ((int)n); | 1379 | return ((int)n); |
| 1380 | 1380 | ||
| @@ -1412,7 +1412,7 @@ ssl3_get_server_key_exchange(SSL *s) | |||
| 1412 | goto err; | 1412 | goto err; |
| 1413 | } | 1413 | } |
| 1414 | 1414 | ||
| 1415 | param = p = (unsigned char *)s->init_msg; | 1415 | param = p = (unsigned char *)s->internal->init_msg; |
| 1416 | param_len = n; | 1416 | param_len = n; |
| 1417 | 1417 | ||
| 1418 | if (alg_k & SSL_kDHE) { | 1418 | if (alg_k & SSL_kDHE) { |
| @@ -1580,7 +1580,7 @@ ssl3_get_certificate_request(SSL *s) | |||
| 1580 | STACK_OF(X509_NAME) *ca_sk = NULL; | 1580 | STACK_OF(X509_NAME) *ca_sk = NULL; |
| 1581 | 1581 | ||
| 1582 | n = s->method->ssl_get_message(s, SSL3_ST_CR_CERT_REQ_A, | 1582 | n = s->method->ssl_get_message(s, SSL3_ST_CR_CERT_REQ_A, |
| 1583 | SSL3_ST_CR_CERT_REQ_B, -1, s->max_cert_list, &ok); | 1583 | SSL3_ST_CR_CERT_REQ_B, -1, s->internal->max_cert_list, &ok); |
| 1584 | 1584 | ||
| 1585 | if (!ok) | 1585 | if (!ok) |
| 1586 | return ((int)n); | 1586 | return ((int)n); |
| @@ -1617,7 +1617,7 @@ ssl3_get_certificate_request(SSL *s) | |||
| 1617 | 1617 | ||
| 1618 | if (n < 0) | 1618 | if (n < 0) |
| 1619 | goto truncated; | 1619 | goto truncated; |
| 1620 | CBS_init(&cert_request, s->init_msg, n); | 1620 | CBS_init(&cert_request, s->internal->init_msg, n); |
| 1621 | 1621 | ||
| 1622 | if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) { | 1622 | if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) { |
| 1623 | SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, | 1623 | SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, |
| @@ -1779,7 +1779,7 @@ ssl3_get_new_session_ticket(SSL *s) | |||
| 1779 | goto f_err; | 1779 | goto f_err; |
| 1780 | } | 1780 | } |
| 1781 | 1781 | ||
| 1782 | CBS_init(&cbs, s->init_msg, n); | 1782 | CBS_init(&cbs, s->internal->init_msg, n); |
| 1783 | if (!CBS_get_u32(&cbs, &lifetime_hint) || | 1783 | if (!CBS_get_u32(&cbs, &lifetime_hint) || |
| 1784 | #if UINT32_MAX > LONG_MAX | 1784 | #if UINT32_MAX > LONG_MAX |
| 1785 | lifetime_hint > LONG_MAX || | 1785 | lifetime_hint > LONG_MAX || |
| @@ -1851,7 +1851,7 @@ ssl3_get_cert_status(SSL *s) | |||
| 1851 | goto f_err; | 1851 | goto f_err; |
| 1852 | } | 1852 | } |
| 1853 | 1853 | ||
| 1854 | CBS_init(&cert_status, s->init_msg, n); | 1854 | CBS_init(&cert_status, s->internal->init_msg, n); |
| 1855 | if (!CBS_get_u8(&cert_status, &status_type) || | 1855 | if (!CBS_get_u8(&cert_status, &status_type) || |
| 1856 | CBS_len(&cert_status) < 3) { | 1856 | CBS_len(&cert_status) < 3) { |
| 1857 | /* need at least status type + length */ | 1857 | /* need at least status type + length */ |
| @@ -1876,15 +1876,15 @@ ssl3_get_cert_status(SSL *s) | |||
| 1876 | goto f_err; | 1876 | goto f_err; |
| 1877 | } | 1877 | } |
| 1878 | 1878 | ||
| 1879 | if (!CBS_stow(&response, &s->tlsext_ocsp_resp, | 1879 | if (!CBS_stow(&response, &s->internal->tlsext_ocsp_resp, |
| 1880 | &stow_len) || stow_len > INT_MAX) { | 1880 | &stow_len) || stow_len > INT_MAX) { |
| 1881 | s->tlsext_ocsp_resplen = 0; | 1881 | s->internal->tlsext_ocsp_resplen = 0; |
| 1882 | al = SSL_AD_INTERNAL_ERROR; | 1882 | al = SSL_AD_INTERNAL_ERROR; |
| 1883 | SSLerr(SSL_F_SSL3_GET_CERT_STATUS, | 1883 | SSLerr(SSL_F_SSL3_GET_CERT_STATUS, |
| 1884 | ERR_R_MALLOC_FAILURE); | 1884 | ERR_R_MALLOC_FAILURE); |
| 1885 | goto f_err; | 1885 | goto f_err; |
| 1886 | } | 1886 | } |
| 1887 | s->tlsext_ocsp_resplen = (int)stow_len; | 1887 | s->internal->tlsext_ocsp_resplen = (int)stow_len; |
| 1888 | 1888 | ||
| 1889 | if (s->ctx->internal->tlsext_status_cb) { | 1889 | if (s->ctx->internal->tlsext_status_cb) { |
| 1890 | int ret; | 1890 | int ret; |
| @@ -2573,10 +2573,10 @@ ssl3_send_client_certificate(SSL *s) | |||
| 2573 | */ | 2573 | */ |
| 2574 | i = ssl_do_client_cert_cb(s, &x509, &pkey); | 2574 | i = ssl_do_client_cert_cb(s, &x509, &pkey); |
| 2575 | if (i < 0) { | 2575 | if (i < 0) { |
| 2576 | s->rwstate = SSL_X509_LOOKUP; | 2576 | s->internal->rwstate = SSL_X509_LOOKUP; |
| 2577 | return (-1); | 2577 | return (-1); |
| 2578 | } | 2578 | } |
| 2579 | s->rwstate = SSL_NOTHING; | 2579 | s->internal->rwstate = SSL_NOTHING; |
| 2580 | if ((i == 1) && (pkey != NULL) && (x509 != NULL)) { | 2580 | if ((i == 1) && (pkey != NULL) && (x509 != NULL)) { |
| 2581 | s->state = SSL3_ST_CW_CERT_B; | 2581 | s->state = SSL3_ST_CW_CERT_B; |
| 2582 | if (!SSL_use_certificate(s, x509) || | 2582 | if (!SSL_use_certificate(s, x509) || |
| @@ -2738,7 +2738,7 @@ ssl3_check_finished(SSL *s) | |||
| 2738 | /* this function is called when we really expect a Certificate | 2738 | /* this function is called when we really expect a Certificate |
| 2739 | * message, so permit appropriate message length */ | 2739 | * message, so permit appropriate message length */ |
| 2740 | n = s->method->ssl_get_message(s, SSL3_ST_CR_CERT_A, | 2740 | n = s->method->ssl_get_message(s, SSL3_ST_CR_CERT_A, |
| 2741 | SSL3_ST_CR_CERT_B, -1, s->max_cert_list, &ok); | 2741 | SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok); |
| 2742 | if (!ok) | 2742 | if (!ok) |
| 2743 | return ((int)n); | 2743 | return ((int)n); |
| 2744 | S3I(s)->tmp.reuse_message = 1; | 2744 | S3I(s)->tmp.reuse_message = 1; |
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index 3e44d5e4c1..6774557756 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_lib.c,v 1.124 2017/01/23 05:13:02 jsing Exp $ */ | 1 | /* $OpenBSD: s3_lib.c,v 1.125 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1697,7 +1697,7 @@ ssl3_handshake_msg_start(SSL *s, uint8_t msg_type) | |||
| 1697 | { | 1697 | { |
| 1698 | unsigned char *d, *p; | 1698 | unsigned char *d, *p; |
| 1699 | 1699 | ||
| 1700 | d = p = (unsigned char *)s->init_buf->data; | 1700 | d = p = (unsigned char *)s->internal->init_buf->data; |
| 1701 | 1701 | ||
| 1702 | /* Handshake message type and length. */ | 1702 | /* Handshake message type and length. */ |
| 1703 | *(p++) = msg_type; | 1703 | *(p++) = msg_type; |
| @@ -1712,14 +1712,14 @@ ssl3_handshake_msg_finish(SSL *s, unsigned int len) | |||
| 1712 | unsigned char *d, *p; | 1712 | unsigned char *d, *p; |
| 1713 | uint8_t msg_type; | 1713 | uint8_t msg_type; |
| 1714 | 1714 | ||
| 1715 | d = p = (unsigned char *)s->init_buf->data; | 1715 | d = p = (unsigned char *)s->internal->init_buf->data; |
| 1716 | 1716 | ||
| 1717 | /* Handshake message length. */ | 1717 | /* Handshake message length. */ |
| 1718 | msg_type = *(p++); | 1718 | msg_type = *(p++); |
| 1719 | l2n3(len, p); | 1719 | l2n3(len, p); |
| 1720 | 1720 | ||
| 1721 | s->init_num = ssl3_handshake_msg_hdr_len(s) + (int)len; | 1721 | s->internal->init_num = ssl3_handshake_msg_hdr_len(s) + (int)len; |
| 1722 | s->init_off = 0; | 1722 | s->internal->init_off = 0; |
| 1723 | 1723 | ||
| 1724 | if (SSL_IS_DTLS(s)) { | 1724 | if (SSL_IS_DTLS(s)) { |
| 1725 | dtls1_set_message_header(s, d, msg_type, len, 0, len); | 1725 | dtls1_set_message_header(s, d, msg_type, len, 0, len); |
| @@ -1766,13 +1766,13 @@ ssl3_handshake_msg_finish_cbb(SSL *s, CBB *handshake) | |||
| 1766 | if (outlen > INT_MAX) | 1766 | if (outlen > INT_MAX) |
| 1767 | goto err; | 1767 | goto err; |
| 1768 | 1768 | ||
| 1769 | if (!BUF_MEM_grow_clean(s->init_buf, outlen)) | 1769 | if (!BUF_MEM_grow_clean(s->internal->init_buf, outlen)) |
| 1770 | goto err; | 1770 | goto err; |
| 1771 | 1771 | ||
| 1772 | memcpy(s->init_buf->data, data, outlen); | 1772 | memcpy(s->internal->init_buf->data, data, outlen); |
| 1773 | 1773 | ||
| 1774 | s->init_num = (int)outlen; | 1774 | s->internal->init_num = (int)outlen; |
| 1775 | s->init_off = 0; | 1775 | s->internal->init_off = 0; |
| 1776 | 1776 | ||
| 1777 | if (SSL_IS_DTLS(s)) { | 1777 | if (SSL_IS_DTLS(s)) { |
| 1778 | unsigned long len; | 1778 | unsigned long len; |
| @@ -1905,7 +1905,7 @@ ssl3_clear(SSL *s) | |||
| 1905 | S3I(s)->num_renegotiations = 0; | 1905 | S3I(s)->num_renegotiations = 0; |
| 1906 | S3I(s)->in_read_app_data = 0; | 1906 | S3I(s)->in_read_app_data = 0; |
| 1907 | 1907 | ||
| 1908 | s->packet_length = 0; | 1908 | s->internal->packet_length = 0; |
| 1909 | s->version = TLS1_VERSION; | 1909 | s->version = TLS1_VERSION; |
| 1910 | 1910 | ||
| 1911 | free(s->internal->next_proto_negotiated); | 1911 | free(s->internal->next_proto_negotiated); |
| @@ -1990,7 +1990,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 1990 | 1990 | ||
| 1991 | switch (cmd) { | 1991 | switch (cmd) { |
| 1992 | case SSL_CTRL_GET_SESSION_REUSED: | 1992 | case SSL_CTRL_GET_SESSION_REUSED: |
| 1993 | ret = s->hit; | 1993 | ret = s->internal->hit; |
| 1994 | break; | 1994 | break; |
| 1995 | case SSL_CTRL_GET_CLIENT_CERT_REQUEST: | 1995 | case SSL_CTRL_GET_CLIENT_CERT_REQUEST: |
| 1996 | break; | 1996 | break; |
| @@ -2112,33 +2112,33 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 2112 | break; | 2112 | break; |
| 2113 | 2113 | ||
| 2114 | case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS: | 2114 | case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS: |
| 2115 | *(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts; | 2115 | *(STACK_OF(X509_EXTENSION) **)parg = s->internal->tlsext_ocsp_exts; |
| 2116 | ret = 1; | 2116 | ret = 1; |
| 2117 | break; | 2117 | break; |
| 2118 | 2118 | ||
| 2119 | case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS: | 2119 | case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS: |
| 2120 | s->tlsext_ocsp_exts = parg; | 2120 | s->internal->tlsext_ocsp_exts = parg; |
| 2121 | ret = 1; | 2121 | ret = 1; |
| 2122 | break; | 2122 | break; |
| 2123 | 2123 | ||
| 2124 | case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS: | 2124 | case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS: |
| 2125 | *(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids; | 2125 | *(STACK_OF(OCSP_RESPID) **)parg = s->internal->tlsext_ocsp_ids; |
| 2126 | ret = 1; | 2126 | ret = 1; |
| 2127 | break; | 2127 | break; |
| 2128 | 2128 | ||
| 2129 | case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS: | 2129 | case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS: |
| 2130 | s->tlsext_ocsp_ids = parg; | 2130 | s->internal->tlsext_ocsp_ids = parg; |
| 2131 | ret = 1; | 2131 | ret = 1; |
| 2132 | break; | 2132 | break; |
| 2133 | 2133 | ||
| 2134 | case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: | 2134 | case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP: |
| 2135 | *(unsigned char **)parg = s->tlsext_ocsp_resp; | 2135 | *(unsigned char **)parg = s->internal->tlsext_ocsp_resp; |
| 2136 | return s->tlsext_ocsp_resplen; | 2136 | return s->internal->tlsext_ocsp_resplen; |
| 2137 | 2137 | ||
| 2138 | case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: | 2138 | case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP: |
| 2139 | free(s->tlsext_ocsp_resp); | 2139 | free(s->internal->tlsext_ocsp_resp); |
| 2140 | s->tlsext_ocsp_resp = parg; | 2140 | s->internal->tlsext_ocsp_resp = parg; |
| 2141 | s->tlsext_ocsp_resplen = larg; | 2141 | s->internal->tlsext_ocsp_resplen = larg; |
| 2142 | ret = 1; | 2142 | ret = 1; |
| 2143 | break; | 2143 | break; |
| 2144 | 2144 | ||
| @@ -2505,13 +2505,13 @@ ssl3_shutdown(SSL *s) | |||
| 2505 | * Don't do anything much if we have not done the handshake or | 2505 | * Don't do anything much if we have not done the handshake or |
| 2506 | * we don't want to send messages :-) | 2506 | * we don't want to send messages :-) |
| 2507 | */ | 2507 | */ |
| 2508 | if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) { | 2508 | if ((s->internal->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) { |
| 2509 | s->shutdown = (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); | 2509 | s->internal->shutdown = (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); |
| 2510 | return (1); | 2510 | return (1); |
| 2511 | } | 2511 | } |
| 2512 | 2512 | ||
| 2513 | if (!(s->shutdown & SSL_SENT_SHUTDOWN)) { | 2513 | if (!(s->internal->shutdown & SSL_SENT_SHUTDOWN)) { |
| 2514 | s->shutdown|=SSL_SENT_SHUTDOWN; | 2514 | s->internal->shutdown|=SSL_SENT_SHUTDOWN; |
| 2515 | ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY); | 2515 | ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY); |
| 2516 | /* | 2516 | /* |
| 2517 | * Our shutdown alert has been sent now, and if it still needs | 2517 | * Our shutdown alert has been sent now, and if it still needs |
| @@ -2531,15 +2531,15 @@ ssl3_shutdown(SSL *s) | |||
| 2531 | */ | 2531 | */ |
| 2532 | return (ret); | 2532 | return (ret); |
| 2533 | } | 2533 | } |
| 2534 | } else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { | 2534 | } else if (!(s->internal->shutdown & SSL_RECEIVED_SHUTDOWN)) { |
| 2535 | /* If we are waiting for a close from our peer, we are closed */ | 2535 | /* If we are waiting for a close from our peer, we are closed */ |
| 2536 | s->method->ssl_read_bytes(s, 0, NULL, 0, 0); | 2536 | s->method->ssl_read_bytes(s, 0, NULL, 0, 0); |
| 2537 | if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) { | 2537 | if (!(s->internal->shutdown & SSL_RECEIVED_SHUTDOWN)) { |
| 2538 | return(-1); /* return WANT_READ */ | 2538 | return(-1); /* return WANT_READ */ |
| 2539 | } | 2539 | } |
| 2540 | } | 2540 | } |
| 2541 | 2541 | ||
| 2542 | if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) && | 2542 | if ((s->internal->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) && |
| 2543 | !s->s3->alert_dispatch) | 2543 | !s->s3->alert_dispatch) |
| 2544 | return (1); | 2544 | return (1); |
| 2545 | else | 2545 | else |
| @@ -2552,8 +2552,8 @@ ssl3_write(SSL *s, const void *buf, int len) | |||
| 2552 | int ret, n; | 2552 | int ret, n; |
| 2553 | 2553 | ||
| 2554 | #if 0 | 2554 | #if 0 |
| 2555 | if (s->shutdown & SSL_SEND_SHUTDOWN) { | 2555 | if (s->internal->shutdown & SSL_SEND_SHUTDOWN) { |
| 2556 | s->rwstate = SSL_NOTHING; | 2556 | s->internal->rwstate = SSL_NOTHING; |
| 2557 | return (0); | 2557 | return (0); |
| 2558 | } | 2558 | } |
| 2559 | #endif | 2559 | #endif |
| @@ -2579,11 +2579,11 @@ ssl3_write(SSL *s, const void *buf, int len) | |||
| 2579 | S3I(s)->delay_buf_pop_ret = ret; | 2579 | S3I(s)->delay_buf_pop_ret = ret; |
| 2580 | } | 2580 | } |
| 2581 | 2581 | ||
| 2582 | s->rwstate = SSL_WRITING; | 2582 | s->internal->rwstate = SSL_WRITING; |
| 2583 | n = BIO_flush(s->wbio); | 2583 | n = BIO_flush(s->wbio); |
| 2584 | if (n <= 0) | 2584 | if (n <= 0) |
| 2585 | return (n); | 2585 | return (n); |
| 2586 | s->rwstate = SSL_NOTHING; | 2586 | s->internal->rwstate = SSL_NOTHING; |
| 2587 | 2587 | ||
| 2588 | /* We have flushed the buffer, so remove it */ | 2588 | /* We have flushed the buffer, so remove it */ |
| 2589 | ssl_free_wbio_buffer(s); | 2589 | ssl_free_wbio_buffer(s); |
diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c index 004ede2ef0..458a355692 100644 --- a/src/lib/libssl/s3_pkt.c +++ b/src/lib/libssl/s3_pkt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_pkt.c,v 1.63 2017/01/23 04:55:26 beck Exp $ */ | 1 | /* $OpenBSD: s3_pkt.c,v 1.64 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -126,9 +126,9 @@ static int ssl3_get_record(SSL *s); | |||
| 126 | /* If extend == 0, obtain new n-byte packet; if extend == 1, increase | 126 | /* If extend == 0, obtain new n-byte packet; if extend == 1, increase |
| 127 | * packet by another n bytes. | 127 | * packet by another n bytes. |
| 128 | * The packet will be in the sub-array of s->s3->rbuf.buf specified | 128 | * The packet will be in the sub-array of s->s3->rbuf.buf specified |
| 129 | * by s->packet and s->packet_length. | 129 | * by s->internal->packet and s->internal->packet_length. |
| 130 | * (If s->read_ahead is set, 'max' bytes may be stored in rbuf | 130 | * (If s->internal->read_ahead is set, 'max' bytes may be stored in rbuf |
| 131 | * [plus s->packet_length bytes if extend == 1].) | 131 | * [plus s->internal->packet_length bytes if extend == 1].) |
| 132 | */ | 132 | */ |
| 133 | int | 133 | int |
| 134 | ssl3_read_n(SSL *s, int n, int max, int extend) | 134 | ssl3_read_n(SSL *s, int n, int max, int extend) |
| @@ -171,8 +171,8 @@ ssl3_read_n(SSL *s, int n, int max, int extend) | |||
| 171 | rb->offset = align; | 171 | rb->offset = align; |
| 172 | } | 172 | } |
| 173 | } | 173 | } |
| 174 | s->packet = rb->buf + rb->offset; | 174 | s->internal->packet = rb->buf + rb->offset; |
| 175 | s->packet_length = 0; | 175 | s->internal->packet_length = 0; |
| 176 | /* ... now we can act as if 'extend' was set */ | 176 | /* ... now we can act as if 'extend' was set */ |
| 177 | } | 177 | } |
| 178 | 178 | ||
| @@ -186,7 +186,7 @@ ssl3_read_n(SSL *s, int n, int max, int extend) | |||
| 186 | 186 | ||
| 187 | /* if there is enough in the buffer from a previous read, take some */ | 187 | /* if there is enough in the buffer from a previous read, take some */ |
| 188 | if (left >= n) { | 188 | if (left >= n) { |
| 189 | s->packet_length += n; | 189 | s->internal->packet_length += n; |
| 190 | rb->left = left - n; | 190 | rb->left = left - n; |
| 191 | rb->offset += n; | 191 | rb->offset += n; |
| 192 | return (n); | 192 | return (n); |
| @@ -194,15 +194,15 @@ ssl3_read_n(SSL *s, int n, int max, int extend) | |||
| 194 | 194 | ||
| 195 | /* else we need to read more data */ | 195 | /* else we need to read more data */ |
| 196 | 196 | ||
| 197 | len = s->packet_length; | 197 | len = s->internal->packet_length; |
| 198 | pkt = rb->buf + align; | 198 | pkt = rb->buf + align; |
| 199 | /* Move any available bytes to front of buffer: | 199 | /* Move any available bytes to front of buffer: |
| 200 | * 'len' bytes already pointed to by 'packet', | 200 | * 'len' bytes already pointed to by 'packet', |
| 201 | * 'left' extra ones at the end */ | 201 | * 'left' extra ones at the end */ |
| 202 | if (s->packet != pkt) { | 202 | if (s->internal->packet != pkt) { |
| 203 | /* len > 0 */ | 203 | /* len > 0 */ |
| 204 | memmove(pkt, s->packet, len + left); | 204 | memmove(pkt, s->internal->packet, len + left); |
| 205 | s->packet = pkt; | 205 | s->internal->packet = pkt; |
| 206 | rb->offset = len + align; | 206 | rb->offset = len + align; |
| 207 | } | 207 | } |
| 208 | 208 | ||
| @@ -212,7 +212,7 @@ ssl3_read_n(SSL *s, int n, int max, int extend) | |||
| 212 | return -1; | 212 | return -1; |
| 213 | } | 213 | } |
| 214 | 214 | ||
| 215 | if (!s->read_ahead) { | 215 | if (!s->internal->read_ahead) { |
| 216 | /* ignore max parameter */ | 216 | /* ignore max parameter */ |
| 217 | max = n; | 217 | max = n; |
| 218 | } else { | 218 | } else { |
| @@ -229,7 +229,7 @@ ssl3_read_n(SSL *s, int n, int max, int extend) | |||
| 229 | 229 | ||
| 230 | errno = 0; | 230 | errno = 0; |
| 231 | if (s->rbio != NULL) { | 231 | if (s->rbio != NULL) { |
| 232 | s->rwstate = SSL_READING; | 232 | s->internal->rwstate = SSL_READING; |
| 233 | i = BIO_read(s->rbio, pkt + len + left, max - left); | 233 | i = BIO_read(s->rbio, pkt + len + left, max - left); |
| 234 | } else { | 234 | } else { |
| 235 | SSLerr(SSL_F_SSL3_READ_N, SSL_R_READ_BIO_NOT_SET); | 235 | SSLerr(SSL_F_SSL3_READ_N, SSL_R_READ_BIO_NOT_SET); |
| @@ -261,8 +261,8 @@ ssl3_read_n(SSL *s, int n, int max, int extend) | |||
| 261 | /* done reading, now the book-keeping */ | 261 | /* done reading, now the book-keeping */ |
| 262 | rb->offset += n; | 262 | rb->offset += n; |
| 263 | rb->left = left - n; | 263 | rb->left = left - n; |
| 264 | s->packet_length += n; | 264 | s->internal->packet_length += n; |
| 265 | s->rwstate = SSL_NOTHING; | 265 | s->internal->rwstate = SSL_NOTHING; |
| 266 | return (n); | 266 | return (n); |
| 267 | } | 267 | } |
| 268 | 268 | ||
| @@ -291,7 +291,7 @@ ssl3_get_record(SSL *s) | |||
| 291 | again: | 291 | again: |
| 292 | /* check if we have the header */ | 292 | /* check if we have the header */ |
| 293 | if ((s->rstate != SSL_ST_READ_BODY) || | 293 | if ((s->rstate != SSL_ST_READ_BODY) || |
| 294 | (s->packet_length < SSL3_RT_HEADER_LENGTH)) { | 294 | (s->internal->packet_length < SSL3_RT_HEADER_LENGTH)) { |
| 295 | CBS header; | 295 | CBS header; |
| 296 | uint16_t len, ssl_version; | 296 | uint16_t len, ssl_version; |
| 297 | uint8_t type; | 297 | uint8_t type; |
| @@ -301,7 +301,7 @@ again: | |||
| 301 | return(n); /* error or non-blocking */ | 301 | return(n); /* error or non-blocking */ |
| 302 | s->rstate = SSL_ST_READ_BODY; | 302 | s->rstate = SSL_ST_READ_BODY; |
| 303 | 303 | ||
| 304 | CBS_init(&header, s->packet, n); | 304 | CBS_init(&header, s->internal->packet, n); |
| 305 | 305 | ||
| 306 | /* Pull apart the header into the SSL3_RECORD */ | 306 | /* Pull apart the header into the SSL3_RECORD */ |
| 307 | if (!CBS_get_u8(&header, &type) || | 307 | if (!CBS_get_u8(&header, &type) || |
| @@ -316,11 +316,11 @@ again: | |||
| 316 | rr->length = len; | 316 | rr->length = len; |
| 317 | 317 | ||
| 318 | /* Lets check version */ | 318 | /* Lets check version */ |
| 319 | if (!s->first_packet && ssl_version != s->version) { | 319 | if (!s->internal->first_packet && ssl_version != s->version) { |
| 320 | SSLerr(SSL_F_SSL3_GET_RECORD, | 320 | SSLerr(SSL_F_SSL3_GET_RECORD, |
| 321 | SSL_R_WRONG_VERSION_NUMBER); | 321 | SSL_R_WRONG_VERSION_NUMBER); |
| 322 | if ((s->version & 0xFF00) == (ssl_version & 0xFF00) && | 322 | if ((s->version & 0xFF00) == (ssl_version & 0xFF00) && |
| 323 | !s->enc_write_ctx && !s->write_hash) | 323 | !s->internal->enc_write_ctx && !s->internal->write_hash) |
| 324 | /* Send back error using their minor version number :-) */ | 324 | /* Send back error using their minor version number :-) */ |
| 325 | s->version = ssl_version; | 325 | s->version = ssl_version; |
| 326 | al = SSL_AD_PROTOCOL_VERSION; | 326 | al = SSL_AD_PROTOCOL_VERSION; |
| @@ -345,24 +345,24 @@ again: | |||
| 345 | 345 | ||
| 346 | /* s->rstate == SSL_ST_READ_BODY, get and decode the data */ | 346 | /* s->rstate == SSL_ST_READ_BODY, get and decode the data */ |
| 347 | 347 | ||
| 348 | if (rr->length > s->packet_length - SSL3_RT_HEADER_LENGTH) { | 348 | if (rr->length > s->internal->packet_length - SSL3_RT_HEADER_LENGTH) { |
| 349 | /* now s->packet_length == SSL3_RT_HEADER_LENGTH */ | 349 | /* now s->internal->packet_length == SSL3_RT_HEADER_LENGTH */ |
| 350 | i = rr->length; | 350 | i = rr->length; |
| 351 | n = ssl3_read_n(s, i, i, 1); | 351 | n = ssl3_read_n(s, i, i, 1); |
| 352 | if (n <= 0) | 352 | if (n <= 0) |
| 353 | return(n); /* error or non-blocking io */ | 353 | return(n); /* error or non-blocking io */ |
| 354 | /* now n == rr->length, | 354 | /* now n == rr->length, |
| 355 | * and s->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */ | 355 | * and s->internal->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */ |
| 356 | } | 356 | } |
| 357 | 357 | ||
| 358 | s->rstate=SSL_ST_READ_HEADER; /* set state for later operations */ | 358 | s->rstate=SSL_ST_READ_HEADER; /* set state for later operations */ |
| 359 | 359 | ||
| 360 | /* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length, | 360 | /* At this point, s->internal->packet_length == SSL3_RT_HEADER_LNGTH + rr->length, |
| 361 | * and we have that many bytes in s->packet | 361 | * and we have that many bytes in s->internal->packet |
| 362 | */ | 362 | */ |
| 363 | rr->input = &(s->packet[SSL3_RT_HEADER_LENGTH]); | 363 | rr->input = &(s->internal->packet[SSL3_RT_HEADER_LENGTH]); |
| 364 | 364 | ||
| 365 | /* ok, we can now read from 's->packet' data into 'rr' | 365 | /* ok, we can now read from 's->internal->packet' data into 'rr' |
| 366 | * rr->input points at rr->length bytes, which | 366 | * rr->input points at rr->length bytes, which |
| 367 | * need to be copied into rr->data by either | 367 | * need to be copied into rr->data by either |
| 368 | * the decryption or by the decompression | 368 | * the decryption or by the decompression |
| @@ -395,13 +395,13 @@ again: | |||
| 395 | 395 | ||
| 396 | 396 | ||
| 397 | /* r->length is now the compressed data plus mac */ | 397 | /* r->length is now the compressed data plus mac */ |
| 398 | if ((sess != NULL) && (s->enc_read_ctx != NULL) && | 398 | if ((sess != NULL) && (s->internal->enc_read_ctx != NULL) && |
| 399 | (EVP_MD_CTX_md(s->read_hash) != NULL)) { | 399 | (EVP_MD_CTX_md(s->internal->read_hash) != NULL)) { |
| 400 | /* s->read_hash != NULL => mac_size != -1 */ | 400 | /* s->internal->read_hash != NULL => mac_size != -1 */ |
| 401 | unsigned char *mac = NULL; | 401 | unsigned char *mac = NULL; |
| 402 | unsigned char mac_tmp[EVP_MAX_MD_SIZE]; | 402 | unsigned char mac_tmp[EVP_MAX_MD_SIZE]; |
| 403 | 403 | ||
| 404 | mac_size = EVP_MD_CTX_size(s->read_hash); | 404 | mac_size = EVP_MD_CTX_size(s->internal->read_hash); |
| 405 | OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE); | 405 | OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE); |
| 406 | 406 | ||
| 407 | /* kludge: *_cbc_remove_padding passes padding length in rr->type */ | 407 | /* kludge: *_cbc_remove_padding passes padding length in rr->type */ |
| @@ -414,14 +414,14 @@ again: | |||
| 414 | */ | 414 | */ |
| 415 | if (orig_len < mac_size || | 415 | if (orig_len < mac_size || |
| 416 | /* CBC records must have a padding length byte too. */ | 416 | /* CBC records must have a padding length byte too. */ |
| 417 | (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE && | 417 | (EVP_CIPHER_CTX_mode(s->internal->enc_read_ctx) == EVP_CIPH_CBC_MODE && |
| 418 | orig_len < mac_size + 1)) { | 418 | orig_len < mac_size + 1)) { |
| 419 | al = SSL_AD_DECODE_ERROR; | 419 | al = SSL_AD_DECODE_ERROR; |
| 420 | SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_LENGTH_TOO_SHORT); | 420 | SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_LENGTH_TOO_SHORT); |
| 421 | goto f_err; | 421 | goto f_err; |
| 422 | } | 422 | } |
| 423 | 423 | ||
| 424 | if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE) { | 424 | if (EVP_CIPHER_CTX_mode(s->internal->enc_read_ctx) == EVP_CIPH_CBC_MODE) { |
| 425 | /* We update the length so that the TLS header bytes | 425 | /* We update the length so that the TLS header bytes |
| 426 | * can be constructed correctly but we need to extract | 426 | * can be constructed correctly but we need to extract |
| 427 | * the MAC in constant time from within the record, | 427 | * the MAC in constant time from within the record, |
| @@ -480,7 +480,7 @@ again: | |||
| 480 | */ | 480 | */ |
| 481 | 481 | ||
| 482 | /* we have pulled in a full packet so zero things */ | 482 | /* we have pulled in a full packet so zero things */ |
| 483 | s->packet_length = 0; | 483 | s->internal->packet_length = 0; |
| 484 | 484 | ||
| 485 | /* just read a 0 length packet */ | 485 | /* just read a 0 length packet */ |
| 486 | if (rr->length == 0) | 486 | if (rr->length == 0) |
| @@ -509,7 +509,7 @@ ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) | |||
| 509 | return -1; | 509 | return -1; |
| 510 | } | 510 | } |
| 511 | 511 | ||
| 512 | s->rwstate = SSL_NOTHING; | 512 | s->internal->rwstate = SSL_NOTHING; |
| 513 | tot = S3I(s)->wnum; | 513 | tot = S3I(s)->wnum; |
| 514 | S3I(s)->wnum = 0; | 514 | S3I(s)->wnum = 0; |
| 515 | 515 | ||
| @@ -596,12 +596,12 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf, | |||
| 596 | wr = &(S3I(s)->wrec); | 596 | wr = &(S3I(s)->wrec); |
| 597 | sess = s->session; | 597 | sess = s->session; |
| 598 | 598 | ||
| 599 | if ((sess == NULL) || (s->enc_write_ctx == NULL) || | 599 | if ((sess == NULL) || (s->internal->enc_write_ctx == NULL) || |
| 600 | (EVP_MD_CTX_md(s->write_hash) == NULL)) { | 600 | (EVP_MD_CTX_md(s->internal->write_hash) == NULL)) { |
| 601 | clear = s->enc_write_ctx ? 0 : 1; /* must be AEAD cipher */ | 601 | clear = s->internal->enc_write_ctx ? 0 : 1; /* must be AEAD cipher */ |
| 602 | mac_size = 0; | 602 | mac_size = 0; |
| 603 | } else { | 603 | } else { |
| 604 | mac_size = EVP_MD_CTX_size(s->write_hash); | 604 | mac_size = EVP_MD_CTX_size(s->internal->write_hash); |
| 605 | if (mac_size < 0) | 605 | if (mac_size < 0) |
| 606 | goto err; | 606 | goto err; |
| 607 | } | 607 | } |
| @@ -666,7 +666,7 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf, | |||
| 666 | /* Some servers hang if iniatial client hello is larger than 256 | 666 | /* Some servers hang if iniatial client hello is larger than 256 |
| 667 | * bytes and record version number > TLS 1.0 | 667 | * bytes and record version number > TLS 1.0 |
| 668 | */ | 668 | */ |
| 669 | if (s->state == SSL3_ST_CW_CLNT_HELLO_B && !s->renegotiate && | 669 | if (s->state == SSL3_ST_CW_CLNT_HELLO_B && !s->internal->renegotiate && |
| 670 | TLS1_get_version(s) > TLS1_VERSION) | 670 | TLS1_get_version(s) > TLS1_VERSION) |
| 671 | *(p++) = 0x1; | 671 | *(p++) = 0x1; |
| 672 | else | 672 | else |
| @@ -677,10 +677,10 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf, | |||
| 677 | p += 2; | 677 | p += 2; |
| 678 | 678 | ||
| 679 | /* Explicit IV length. */ | 679 | /* Explicit IV length. */ |
| 680 | if (s->enc_write_ctx && SSL_USE_EXPLICIT_IV(s)) { | 680 | if (s->internal->enc_write_ctx && SSL_USE_EXPLICIT_IV(s)) { |
| 681 | int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx); | 681 | int mode = EVP_CIPHER_CTX_mode(s->internal->enc_write_ctx); |
| 682 | if (mode == EVP_CIPH_CBC_MODE) { | 682 | if (mode == EVP_CIPH_CBC_MODE) { |
| 683 | eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx); | 683 | eivlen = EVP_CIPHER_CTX_iv_length(s->internal->enc_write_ctx); |
| 684 | if (eivlen <= 1) | 684 | if (eivlen <= 1) |
| 685 | eivlen = 0; | 685 | eivlen = 0; |
| 686 | } | 686 | } |
| @@ -689,9 +689,9 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf, | |||
| 689 | eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN; | 689 | eivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN; |
| 690 | else | 690 | else |
| 691 | eivlen = 0; | 691 | eivlen = 0; |
| 692 | } else if (s->aead_write_ctx != NULL && | 692 | } else if (s->internal->aead_write_ctx != NULL && |
| 693 | s->aead_write_ctx->variable_nonce_in_record) { | 693 | s->internal->aead_write_ctx->variable_nonce_in_record) { |
| 694 | eivlen = s->aead_write_ctx->variable_nonce_len; | 694 | eivlen = s->internal->aead_write_ctx->variable_nonce_len; |
| 695 | } else | 695 | } else |
| 696 | eivlen = 0; | 696 | eivlen = 0; |
| 697 | 697 | ||
| @@ -779,7 +779,7 @@ ssl3_write_pending(SSL *s, int type, const unsigned char *buf, unsigned int len) | |||
| 779 | for (;;) { | 779 | for (;;) { |
| 780 | errno = 0; | 780 | errno = 0; |
| 781 | if (s->wbio != NULL) { | 781 | if (s->wbio != NULL) { |
| 782 | s->rwstate = SSL_WRITING; | 782 | s->internal->rwstate = SSL_WRITING; |
| 783 | i = BIO_write(s->wbio, | 783 | i = BIO_write(s->wbio, |
| 784 | (char *)&(wb->buf[wb->offset]), | 784 | (char *)&(wb->buf[wb->offset]), |
| 785 | (unsigned int)wb->left); | 785 | (unsigned int)wb->left); |
| @@ -793,7 +793,7 @@ ssl3_write_pending(SSL *s, int type, const unsigned char *buf, unsigned int len) | |||
| 793 | if (s->mode & SSL_MODE_RELEASE_BUFFERS && | 793 | if (s->mode & SSL_MODE_RELEASE_BUFFERS && |
| 794 | !SSL_IS_DTLS(s)) | 794 | !SSL_IS_DTLS(s)) |
| 795 | ssl3_release_write_buffer(s); | 795 | ssl3_release_write_buffer(s); |
| 796 | s->rwstate = SSL_NOTHING; | 796 | s->internal->rwstate = SSL_NOTHING; |
| 797 | return (S3I(s)->wpend_ret); | 797 | return (S3I(s)->wpend_ret); |
| 798 | } else if (i <= 0) { | 798 | } else if (i <= 0) { |
| 799 | /* | 799 | /* |
| @@ -914,11 +914,11 @@ start: | |||
| 914 | } | 914 | } |
| 915 | BIO_clear_retry_flags(bio); | 915 | BIO_clear_retry_flags(bio); |
| 916 | BIO_set_retry_read(bio); | 916 | BIO_set_retry_read(bio); |
| 917 | s->rwstate = SSL_READING; | 917 | s->internal->rwstate = SSL_READING; |
| 918 | return -1; | 918 | return -1; |
| 919 | } | 919 | } |
| 920 | 920 | ||
| 921 | s->rwstate = SSL_NOTHING; | 921 | s->internal->rwstate = SSL_NOTHING; |
| 922 | 922 | ||
| 923 | /* | 923 | /* |
| 924 | * S3I(s)->rrec.type - is the type of record | 924 | * S3I(s)->rrec.type - is the type of record |
| @@ -948,9 +948,9 @@ start: | |||
| 948 | 948 | ||
| 949 | /* If the other end has shut down, throw anything we read away | 949 | /* If the other end has shut down, throw anything we read away |
| 950 | * (even in 'peek' mode) */ | 950 | * (even in 'peek' mode) */ |
| 951 | if (s->shutdown & SSL_RECEIVED_SHUTDOWN) { | 951 | if (s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) { |
| 952 | rr->length = 0; | 952 | rr->length = 0; |
| 953 | s->rwstate = SSL_NOTHING; | 953 | s->internal->rwstate = SSL_NOTHING; |
| 954 | return (0); | 954 | return (0); |
| 955 | } | 955 | } |
| 956 | 956 | ||
| @@ -960,7 +960,7 @@ start: | |||
| 960 | /* make sure that we are not getting application data when we | 960 | /* make sure that we are not getting application data when we |
| 961 | * are doing a handshake for the first time */ | 961 | * are doing a handshake for the first time */ |
| 962 | if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) && | 962 | if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) && |
| 963 | (s->enc_read_ctx == NULL)) { | 963 | (s->internal->enc_read_ctx == NULL)) { |
| 964 | al = SSL_AD_UNEXPECTED_MESSAGE; | 964 | al = SSL_AD_UNEXPECTED_MESSAGE; |
| 965 | SSLerr(SSL_F_SSL3_READ_BYTES, | 965 | SSLerr(SSL_F_SSL3_READ_BYTES, |
| 966 | SSL_R_APP_DATA_IN_HANDSHAKE); | 966 | SSL_R_APP_DATA_IN_HANDSHAKE); |
| @@ -1075,7 +1075,7 @@ start: | |||
| 1075 | * but we trigger an SSL handshake, we return -1 with | 1075 | * but we trigger an SSL handshake, we return -1 with |
| 1076 | * the retry option set. Otherwise renegotiation may | 1076 | * the retry option set. Otherwise renegotiation may |
| 1077 | * cause nasty problems in the blocking world */ | 1077 | * cause nasty problems in the blocking world */ |
| 1078 | s->rwstate = SSL_READING; | 1078 | s->internal->rwstate = SSL_READING; |
| 1079 | bio = SSL_get_rbio(s); | 1079 | bio = SSL_get_rbio(s); |
| 1080 | BIO_clear_retry_flags(bio); | 1080 | BIO_clear_retry_flags(bio); |
| 1081 | BIO_set_retry_read(bio); | 1081 | BIO_set_retry_read(bio); |
| @@ -1126,7 +1126,7 @@ start: | |||
| 1126 | if (alert_level == SSL3_AL_WARNING) { | 1126 | if (alert_level == SSL3_AL_WARNING) { |
| 1127 | S3I(s)->warn_alert = alert_descr; | 1127 | S3I(s)->warn_alert = alert_descr; |
| 1128 | if (alert_descr == SSL_AD_CLOSE_NOTIFY) { | 1128 | if (alert_descr == SSL_AD_CLOSE_NOTIFY) { |
| 1129 | s->shutdown |= SSL_RECEIVED_SHUTDOWN; | 1129 | s->internal->shutdown |= SSL_RECEIVED_SHUTDOWN; |
| 1130 | return (0); | 1130 | return (0); |
| 1131 | } | 1131 | } |
| 1132 | /* This is a warning but we receive it if we requested | 1132 | /* This is a warning but we receive it if we requested |
| @@ -1145,13 +1145,13 @@ start: | |||
| 1145 | goto f_err; | 1145 | goto f_err; |
| 1146 | } | 1146 | } |
| 1147 | } else if (alert_level == SSL3_AL_FATAL) { | 1147 | } else if (alert_level == SSL3_AL_FATAL) { |
| 1148 | s->rwstate = SSL_NOTHING; | 1148 | s->internal->rwstate = SSL_NOTHING; |
| 1149 | S3I(s)->fatal_alert = alert_descr; | 1149 | S3I(s)->fatal_alert = alert_descr; |
| 1150 | SSLerr(SSL_F_SSL3_READ_BYTES, | 1150 | SSLerr(SSL_F_SSL3_READ_BYTES, |
| 1151 | SSL_AD_REASON_OFFSET + alert_descr); | 1151 | SSL_AD_REASON_OFFSET + alert_descr); |
| 1152 | ERR_asprintf_error_data("SSL alert number %d", | 1152 | ERR_asprintf_error_data("SSL alert number %d", |
| 1153 | alert_descr); | 1153 | alert_descr); |
| 1154 | s->shutdown |= SSL_RECEIVED_SHUTDOWN; | 1154 | s->internal->shutdown |= SSL_RECEIVED_SHUTDOWN; |
| 1155 | SSL_CTX_remove_session(s->ctx, s->session); | 1155 | SSL_CTX_remove_session(s->ctx, s->session); |
| 1156 | return (0); | 1156 | return (0); |
| 1157 | } else { | 1157 | } else { |
| @@ -1163,9 +1163,9 @@ start: | |||
| 1163 | goto start; | 1163 | goto start; |
| 1164 | } | 1164 | } |
| 1165 | 1165 | ||
| 1166 | if (s->shutdown & SSL_SENT_SHUTDOWN) { | 1166 | if (s->internal->shutdown & SSL_SENT_SHUTDOWN) { |
| 1167 | /* but we have not received a shutdown */ | 1167 | /* but we have not received a shutdown */ |
| 1168 | s->rwstate = SSL_NOTHING; | 1168 | s->internal->rwstate = SSL_NOTHING; |
| 1169 | rr->length = 0; | 1169 | rr->length = 0; |
| 1170 | return (0); | 1170 | return (0); |
| 1171 | } | 1171 | } |
| @@ -1218,8 +1218,8 @@ start: | |||
| 1218 | if (((s->state&SSL_ST_MASK) == SSL_ST_OK) && | 1218 | if (((s->state&SSL_ST_MASK) == SSL_ST_OK) && |
| 1219 | !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) { | 1219 | !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) { |
| 1220 | s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT; | 1220 | s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT; |
| 1221 | s->renegotiate = 1; | 1221 | s->internal->renegotiate = 1; |
| 1222 | s->new_session = 1; | 1222 | s->internal->new_session = 1; |
| 1223 | } | 1223 | } |
| 1224 | i = s->internal->handshake_func(s); | 1224 | i = s->internal->handshake_func(s); |
| 1225 | if (i < 0) | 1225 | if (i < 0) |
| @@ -1237,7 +1237,7 @@ start: | |||
| 1237 | * but we trigger an SSL handshake, we return -1 with | 1237 | * but we trigger an SSL handshake, we return -1 with |
| 1238 | * the retry option set. Otherwise renegotiation may | 1238 | * the retry option set. Otherwise renegotiation may |
| 1239 | * cause nasty problems in the blocking world */ | 1239 | * cause nasty problems in the blocking world */ |
| 1240 | s->rwstate = SSL_READING; | 1240 | s->internal->rwstate = SSL_READING; |
| 1241 | bio = SSL_get_rbio(s); | 1241 | bio = SSL_get_rbio(s); |
| 1242 | BIO_clear_retry_flags(bio); | 1242 | BIO_clear_retry_flags(bio); |
| 1243 | BIO_set_retry_read(bio); | 1243 | BIO_set_retry_read(bio); |
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index 5717d5edda..31860eb049 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_srvr.c,v 1.146 2017/01/23 05:13:02 jsing Exp $ */ | 1 | /* $OpenBSD: s3_srvr.c,v 1.147 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -199,7 +199,7 @@ ssl3_accept(SSL *s) | |||
| 199 | 199 | ||
| 200 | switch (s->state) { | 200 | switch (s->state) { |
| 201 | case SSL_ST_RENEGOTIATE: | 201 | case SSL_ST_RENEGOTIATE: |
| 202 | s->renegotiate = 1; | 202 | s->internal->renegotiate = 1; |
| 203 | /* s->state=SSL_ST_ACCEPT; */ | 203 | /* s->state=SSL_ST_ACCEPT; */ |
| 204 | 204 | ||
| 205 | case SSL_ST_BEFORE: | 205 | case SSL_ST_BEFORE: |
| @@ -216,7 +216,7 @@ ssl3_accept(SSL *s) | |||
| 216 | ret = -1; | 216 | ret = -1; |
| 217 | goto end; | 217 | goto end; |
| 218 | } | 218 | } |
| 219 | s->type = SSL_ST_ACCEPT; | 219 | s->internal->type = SSL_ST_ACCEPT; |
| 220 | 220 | ||
| 221 | if (!ssl3_setup_init_buffer(s)) { | 221 | if (!ssl3_setup_init_buffer(s)) { |
| 222 | ret = -1; | 222 | ret = -1; |
| @@ -227,7 +227,7 @@ ssl3_accept(SSL *s) | |||
| 227 | goto end; | 227 | goto end; |
| 228 | } | 228 | } |
| 229 | 229 | ||
| 230 | s->init_num = 0; | 230 | s->internal->init_num = 0; |
| 231 | 231 | ||
| 232 | if (s->state != SSL_ST_RENEGOTIATE) { | 232 | if (s->state != SSL_ST_RENEGOTIATE) { |
| 233 | /* | 233 | /* |
| @@ -272,13 +272,13 @@ ssl3_accept(SSL *s) | |||
| 272 | case SSL3_ST_SW_HELLO_REQ_A: | 272 | case SSL3_ST_SW_HELLO_REQ_A: |
| 273 | case SSL3_ST_SW_HELLO_REQ_B: | 273 | case SSL3_ST_SW_HELLO_REQ_B: |
| 274 | 274 | ||
| 275 | s->shutdown = 0; | 275 | s->internal->shutdown = 0; |
| 276 | ret = ssl3_send_hello_request(s); | 276 | ret = ssl3_send_hello_request(s); |
| 277 | if (ret <= 0) | 277 | if (ret <= 0) |
| 278 | goto end; | 278 | goto end; |
| 279 | S3I(s)->tmp.next_state = SSL3_ST_SW_HELLO_REQ_C; | 279 | S3I(s)->tmp.next_state = SSL3_ST_SW_HELLO_REQ_C; |
| 280 | s->state = SSL3_ST_SW_FLUSH; | 280 | s->state = SSL3_ST_SW_FLUSH; |
| 281 | s->init_num = 0; | 281 | s->internal->init_num = 0; |
| 282 | 282 | ||
| 283 | if (!tls1_init_finished_mac(s)) { | 283 | if (!tls1_init_finished_mac(s)) { |
| 284 | ret = -1; | 284 | ret = -1; |
| @@ -294,16 +294,16 @@ ssl3_accept(SSL *s) | |||
| 294 | case SSL3_ST_SR_CLNT_HELLO_B: | 294 | case SSL3_ST_SR_CLNT_HELLO_B: |
| 295 | case SSL3_ST_SR_CLNT_HELLO_C: | 295 | case SSL3_ST_SR_CLNT_HELLO_C: |
| 296 | 296 | ||
| 297 | s->shutdown = 0; | 297 | s->internal->shutdown = 0; |
| 298 | if (s->rwstate != SSL_X509_LOOKUP) { | 298 | if (s->internal->rwstate != SSL_X509_LOOKUP) { |
| 299 | ret = ssl3_get_client_hello(s); | 299 | ret = ssl3_get_client_hello(s); |
| 300 | if (ret <= 0) | 300 | if (ret <= 0) |
| 301 | goto end; | 301 | goto end; |
| 302 | } | 302 | } |
| 303 | 303 | ||
| 304 | s->renegotiate = 2; | 304 | s->internal->renegotiate = 2; |
| 305 | s->state = SSL3_ST_SW_SRVR_HELLO_A; | 305 | s->state = SSL3_ST_SW_SRVR_HELLO_A; |
| 306 | s->init_num = 0; | 306 | s->internal->init_num = 0; |
| 307 | break; | 307 | break; |
| 308 | 308 | ||
| 309 | case SSL3_ST_SW_SRVR_HELLO_A: | 309 | case SSL3_ST_SW_SRVR_HELLO_A: |
| @@ -311,15 +311,15 @@ ssl3_accept(SSL *s) | |||
| 311 | ret = ssl3_send_server_hello(s); | 311 | ret = ssl3_send_server_hello(s); |
| 312 | if (ret <= 0) | 312 | if (ret <= 0) |
| 313 | goto end; | 313 | goto end; |
| 314 | if (s->hit) { | 314 | if (s->internal->hit) { |
| 315 | if (s->tlsext_ticket_expected) | 315 | if (s->internal->tlsext_ticket_expected) |
| 316 | s->state = SSL3_ST_SW_SESSION_TICKET_A; | 316 | s->state = SSL3_ST_SW_SESSION_TICKET_A; |
| 317 | else | 317 | else |
| 318 | s->state = SSL3_ST_SW_CHANGE_A; | 318 | s->state = SSL3_ST_SW_CHANGE_A; |
| 319 | } | 319 | } |
| 320 | else | 320 | else |
| 321 | s->state = SSL3_ST_SW_CERT_A; | 321 | s->state = SSL3_ST_SW_CERT_A; |
| 322 | s->init_num = 0; | 322 | s->internal->init_num = 0; |
| 323 | break; | 323 | break; |
| 324 | 324 | ||
| 325 | case SSL3_ST_SW_CERT_A: | 325 | case SSL3_ST_SW_CERT_A: |
| @@ -330,7 +330,7 @@ ssl3_accept(SSL *s) | |||
| 330 | ret = ssl3_send_server_certificate(s); | 330 | ret = ssl3_send_server_certificate(s); |
| 331 | if (ret <= 0) | 331 | if (ret <= 0) |
| 332 | goto end; | 332 | goto end; |
| 333 | if (s->tlsext_status_expected) | 333 | if (s->internal->tlsext_status_expected) |
| 334 | s->state = SSL3_ST_SW_CERT_STATUS_A; | 334 | s->state = SSL3_ST_SW_CERT_STATUS_A; |
| 335 | else | 335 | else |
| 336 | s->state = SSL3_ST_SW_KEY_EXCH_A; | 336 | s->state = SSL3_ST_SW_KEY_EXCH_A; |
| @@ -338,7 +338,7 @@ ssl3_accept(SSL *s) | |||
| 338 | skip = 1; | 338 | skip = 1; |
| 339 | s->state = SSL3_ST_SW_KEY_EXCH_A; | 339 | s->state = SSL3_ST_SW_KEY_EXCH_A; |
| 340 | } | 340 | } |
| 341 | s->init_num = 0; | 341 | s->internal->init_num = 0; |
| 342 | break; | 342 | break; |
| 343 | 343 | ||
| 344 | case SSL3_ST_SW_KEY_EXCH_A: | 344 | case SSL3_ST_SW_KEY_EXCH_A: |
| @@ -361,7 +361,7 @@ ssl3_accept(SSL *s) | |||
| 361 | skip = 1; | 361 | skip = 1; |
| 362 | 362 | ||
| 363 | s->state = SSL3_ST_SW_CERT_REQ_A; | 363 | s->state = SSL3_ST_SW_CERT_REQ_A; |
| 364 | s->init_num = 0; | 364 | s->internal->init_num = 0; |
| 365 | break; | 365 | break; |
| 366 | 366 | ||
| 367 | case SSL3_ST_SW_CERT_REQ_A: | 367 | case SSL3_ST_SW_CERT_REQ_A: |
| @@ -405,7 +405,7 @@ ssl3_accept(SSL *s) | |||
| 405 | if (ret <= 0) | 405 | if (ret <= 0) |
| 406 | goto end; | 406 | goto end; |
| 407 | s->state = SSL3_ST_SW_SRVR_DONE_A; | 407 | s->state = SSL3_ST_SW_SRVR_DONE_A; |
| 408 | s->init_num = 0; | 408 | s->internal->init_num = 0; |
| 409 | } | 409 | } |
| 410 | break; | 410 | break; |
| 411 | 411 | ||
| @@ -416,7 +416,7 @@ ssl3_accept(SSL *s) | |||
| 416 | goto end; | 416 | goto end; |
| 417 | S3I(s)->tmp.next_state = SSL3_ST_SR_CERT_A; | 417 | S3I(s)->tmp.next_state = SSL3_ST_SR_CERT_A; |
| 418 | s->state = SSL3_ST_SW_FLUSH; | 418 | s->state = SSL3_ST_SW_FLUSH; |
| 419 | s->init_num = 0; | 419 | s->internal->init_num = 0; |
| 420 | break; | 420 | break; |
| 421 | 421 | ||
| 422 | case SSL3_ST_SW_FLUSH: | 422 | case SSL3_ST_SW_FLUSH: |
| @@ -432,12 +432,12 @@ ssl3_accept(SSL *s) | |||
| 432 | * unconditionally. | 432 | * unconditionally. |
| 433 | */ | 433 | */ |
| 434 | 434 | ||
| 435 | s->rwstate = SSL_WRITING; | 435 | s->internal->rwstate = SSL_WRITING; |
| 436 | if (BIO_flush(s->wbio) <= 0) { | 436 | if (BIO_flush(s->wbio) <= 0) { |
| 437 | ret = -1; | 437 | ret = -1; |
| 438 | goto end; | 438 | goto end; |
| 439 | } | 439 | } |
| 440 | s->rwstate = SSL_NOTHING; | 440 | s->internal->rwstate = SSL_NOTHING; |
| 441 | 441 | ||
| 442 | s->state = S3I(s)->tmp.next_state; | 442 | s->state = S3I(s)->tmp.next_state; |
| 443 | break; | 443 | break; |
| @@ -449,7 +449,7 @@ ssl3_accept(SSL *s) | |||
| 449 | if (ret <= 0) | 449 | if (ret <= 0) |
| 450 | goto end; | 450 | goto end; |
| 451 | } | 451 | } |
| 452 | s->init_num = 0; | 452 | s->internal->init_num = 0; |
| 453 | s->state = SSL3_ST_SR_KEY_EXCH_A; | 453 | s->state = SSL3_ST_SR_KEY_EXCH_A; |
| 454 | break; | 454 | break; |
| 455 | 455 | ||
| @@ -473,10 +473,10 @@ ssl3_accept(SSL *s) | |||
| 473 | s->state = SSL3_ST_SR_NEXT_PROTO_A; | 473 | s->state = SSL3_ST_SR_NEXT_PROTO_A; |
| 474 | else | 474 | else |
| 475 | s->state = SSL3_ST_SR_FINISHED_A; | 475 | s->state = SSL3_ST_SR_FINISHED_A; |
| 476 | s->init_num = 0; | 476 | s->internal->init_num = 0; |
| 477 | } else if (SSL_USE_SIGALGS(s) || (alg_k & SSL_kGOST)) { | 477 | } else if (SSL_USE_SIGALGS(s) || (alg_k & SSL_kGOST)) { |
| 478 | s->state = SSL3_ST_SR_CERT_VRFY_A; | 478 | s->state = SSL3_ST_SR_CERT_VRFY_A; |
| 479 | s->init_num = 0; | 479 | s->internal->init_num = 0; |
| 480 | if (!s->session->peer) | 480 | if (!s->session->peer) |
| 481 | break; | 481 | break; |
| 482 | /* | 482 | /* |
| @@ -499,7 +499,7 @@ ssl3_accept(SSL *s) | |||
| 499 | int dgst_num; | 499 | int dgst_num; |
| 500 | 500 | ||
| 501 | s->state = SSL3_ST_SR_CERT_VRFY_A; | 501 | s->state = SSL3_ST_SR_CERT_VRFY_A; |
| 502 | s->init_num = 0; | 502 | s->internal->init_num = 0; |
| 503 | 503 | ||
| 504 | /* | 504 | /* |
| 505 | * We need to get hashes here so if there is | 505 | * We need to get hashes here so if there is |
| @@ -547,7 +547,7 @@ ssl3_accept(SSL *s) | |||
| 547 | s->state = SSL3_ST_SR_NEXT_PROTO_A; | 547 | s->state = SSL3_ST_SR_NEXT_PROTO_A; |
| 548 | else | 548 | else |
| 549 | s->state = SSL3_ST_SR_FINISHED_A; | 549 | s->state = SSL3_ST_SR_FINISHED_A; |
| 550 | s->init_num = 0; | 550 | s->internal->init_num = 0; |
| 551 | break; | 551 | break; |
| 552 | 552 | ||
| 553 | case SSL3_ST_SR_NEXT_PROTO_A: | 553 | case SSL3_ST_SR_NEXT_PROTO_A: |
| @@ -555,7 +555,7 @@ ssl3_accept(SSL *s) | |||
| 555 | ret = ssl3_get_next_proto(s); | 555 | ret = ssl3_get_next_proto(s); |
| 556 | if (ret <= 0) | 556 | if (ret <= 0) |
| 557 | goto end; | 557 | goto end; |
| 558 | s->init_num = 0; | 558 | s->internal->init_num = 0; |
| 559 | s->state = SSL3_ST_SR_FINISHED_A; | 559 | s->state = SSL3_ST_SR_FINISHED_A; |
| 560 | break; | 560 | break; |
| 561 | 561 | ||
| @@ -566,13 +566,13 @@ ssl3_accept(SSL *s) | |||
| 566 | SSL3_ST_SR_FINISHED_B); | 566 | SSL3_ST_SR_FINISHED_B); |
| 567 | if (ret <= 0) | 567 | if (ret <= 0) |
| 568 | goto end; | 568 | goto end; |
| 569 | if (s->hit) | 569 | if (s->internal->hit) |
| 570 | s->state = SSL_ST_OK; | 570 | s->state = SSL_ST_OK; |
| 571 | else if (s->tlsext_ticket_expected) | 571 | else if (s->internal->tlsext_ticket_expected) |
| 572 | s->state = SSL3_ST_SW_SESSION_TICKET_A; | 572 | s->state = SSL3_ST_SW_SESSION_TICKET_A; |
| 573 | else | 573 | else |
| 574 | s->state = SSL3_ST_SW_CHANGE_A; | 574 | s->state = SSL3_ST_SW_CHANGE_A; |
| 575 | s->init_num = 0; | 575 | s->internal->init_num = 0; |
| 576 | break; | 576 | break; |
| 577 | 577 | ||
| 578 | case SSL3_ST_SW_SESSION_TICKET_A: | 578 | case SSL3_ST_SW_SESSION_TICKET_A: |
| @@ -581,7 +581,7 @@ ssl3_accept(SSL *s) | |||
| 581 | if (ret <= 0) | 581 | if (ret <= 0) |
| 582 | goto end; | 582 | goto end; |
| 583 | s->state = SSL3_ST_SW_CHANGE_A; | 583 | s->state = SSL3_ST_SW_CHANGE_A; |
| 584 | s->init_num = 0; | 584 | s->internal->init_num = 0; |
| 585 | break; | 585 | break; |
| 586 | 586 | ||
| 587 | case SSL3_ST_SW_CERT_STATUS_A: | 587 | case SSL3_ST_SW_CERT_STATUS_A: |
| @@ -590,7 +590,7 @@ ssl3_accept(SSL *s) | |||
| 590 | if (ret <= 0) | 590 | if (ret <= 0) |
| 591 | goto end; | 591 | goto end; |
| 592 | s->state = SSL3_ST_SW_KEY_EXCH_A; | 592 | s->state = SSL3_ST_SW_KEY_EXCH_A; |
| 593 | s->init_num = 0; | 593 | s->internal->init_num = 0; |
| 594 | break; | 594 | break; |
| 595 | 595 | ||
| 596 | 596 | ||
| @@ -609,7 +609,7 @@ ssl3_accept(SSL *s) | |||
| 609 | if (ret <= 0) | 609 | if (ret <= 0) |
| 610 | goto end; | 610 | goto end; |
| 611 | s->state = SSL3_ST_SW_FINISHED_A; | 611 | s->state = SSL3_ST_SW_FINISHED_A; |
| 612 | s->init_num = 0; | 612 | s->internal->init_num = 0; |
| 613 | 613 | ||
| 614 | if (!s->method->ssl3_enc->change_cipher_state( | 614 | if (!s->method->ssl3_enc->change_cipher_state( |
| 615 | s, SSL3_CHANGE_CIPHER_SERVER_WRITE)) { | 615 | s, SSL3_CHANGE_CIPHER_SERVER_WRITE)) { |
| @@ -628,7 +628,7 @@ ssl3_accept(SSL *s) | |||
| 628 | if (ret <= 0) | 628 | if (ret <= 0) |
| 629 | goto end; | 629 | goto end; |
| 630 | s->state = SSL3_ST_SW_FLUSH; | 630 | s->state = SSL3_ST_SW_FLUSH; |
| 631 | if (s->hit) { | 631 | if (s->internal->hit) { |
| 632 | if (S3I(s)->next_proto_neg_seen) { | 632 | if (S3I(s)->next_proto_neg_seen) { |
| 633 | s->s3->flags |= SSL3_FLAGS_CCS_OK; | 633 | s->s3->flags |= SSL3_FLAGS_CCS_OK; |
| 634 | S3I(s)->tmp.next_state = | 634 | S3I(s)->tmp.next_state = |
| @@ -638,25 +638,25 @@ ssl3_accept(SSL *s) | |||
| 638 | SSL3_ST_SR_FINISHED_A; | 638 | SSL3_ST_SR_FINISHED_A; |
| 639 | } else | 639 | } else |
| 640 | S3I(s)->tmp.next_state = SSL_ST_OK; | 640 | S3I(s)->tmp.next_state = SSL_ST_OK; |
| 641 | s->init_num = 0; | 641 | s->internal->init_num = 0; |
| 642 | break; | 642 | break; |
| 643 | 643 | ||
| 644 | case SSL_ST_OK: | 644 | case SSL_ST_OK: |
| 645 | /* clean a few things up */ | 645 | /* clean a few things up */ |
| 646 | tls1_cleanup_key_block(s); | 646 | tls1_cleanup_key_block(s); |
| 647 | 647 | ||
| 648 | BUF_MEM_free(s->init_buf); | 648 | BUF_MEM_free(s->internal->init_buf); |
| 649 | s->init_buf = NULL; | 649 | s->internal->init_buf = NULL; |
| 650 | 650 | ||
| 651 | /* remove buffering on output */ | 651 | /* remove buffering on output */ |
| 652 | ssl_free_wbio_buffer(s); | 652 | ssl_free_wbio_buffer(s); |
| 653 | 653 | ||
| 654 | s->init_num = 0; | 654 | s->internal->init_num = 0; |
| 655 | 655 | ||
| 656 | /* skipped if we just sent a HelloRequest */ | 656 | /* skipped if we just sent a HelloRequest */ |
| 657 | if (s->renegotiate == 2) { | 657 | if (s->internal->renegotiate == 2) { |
| 658 | s->renegotiate = 0; | 658 | s->internal->renegotiate = 0; |
| 659 | s->new_session = 0; | 659 | s->internal->new_session = 0; |
| 660 | 660 | ||
| 661 | ssl_update_cache(s, SSL_SESS_CACHE_SERVER); | 661 | ssl_update_cache(s, SSL_SESS_CACHE_SERVER); |
| 662 | 662 | ||
| @@ -681,7 +681,7 @@ ssl3_accept(SSL *s) | |||
| 681 | } | 681 | } |
| 682 | 682 | ||
| 683 | if (!S3I(s)->tmp.reuse_message && !skip) { | 683 | if (!S3I(s)->tmp.reuse_message && !skip) { |
| 684 | if (s->debug) { | 684 | if (s->internal->debug) { |
| 685 | if ((ret = BIO_flush(s->wbio)) <= 0) | 685 | if ((ret = BIO_flush(s->wbio)) <= 0) |
| 686 | goto end; | 686 | goto end; |
| 687 | } | 687 | } |
| @@ -741,15 +741,15 @@ ssl3_get_client_hello(SSL *s) | |||
| 741 | if (s->state == SSL3_ST_SR_CLNT_HELLO_A) { | 741 | if (s->state == SSL3_ST_SR_CLNT_HELLO_A) { |
| 742 | s->state = SSL3_ST_SR_CLNT_HELLO_B; | 742 | s->state = SSL3_ST_SR_CLNT_HELLO_B; |
| 743 | } | 743 | } |
| 744 | s->first_packet = 1; | 744 | s->internal->first_packet = 1; |
| 745 | n = s->method->ssl_get_message(s, SSL3_ST_SR_CLNT_HELLO_B, | 745 | n = s->method->ssl_get_message(s, SSL3_ST_SR_CLNT_HELLO_B, |
| 746 | SSL3_ST_SR_CLNT_HELLO_C, SSL3_MT_CLIENT_HELLO, | 746 | SSL3_ST_SR_CLNT_HELLO_C, SSL3_MT_CLIENT_HELLO, |
| 747 | SSL3_RT_MAX_PLAIN_LENGTH, &ok); | 747 | SSL3_RT_MAX_PLAIN_LENGTH, &ok); |
| 748 | 748 | ||
| 749 | if (!ok) | 749 | if (!ok) |
| 750 | return ((int)n); | 750 | return ((int)n); |
| 751 | s->first_packet = 0; | 751 | s->internal->first_packet = 0; |
| 752 | d = p = (unsigned char *)s->init_msg; | 752 | d = p = (unsigned char *)s->internal->init_msg; |
| 753 | 753 | ||
| 754 | if (2 > n) | 754 | if (2 > n) |
| 755 | goto truncated; | 755 | goto truncated; |
| @@ -765,7 +765,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 765 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, | 765 | SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, |
| 766 | SSL_R_WRONG_VERSION_NUMBER); | 766 | SSL_R_WRONG_VERSION_NUMBER); |
| 767 | if ((s->client_version >> 8) == SSL3_VERSION_MAJOR && | 767 | if ((s->client_version >> 8) == SSL3_VERSION_MAJOR && |
| 768 | !s->enc_write_ctx && !s->write_hash) { | 768 | !s->internal->enc_write_ctx && !s->internal->write_hash) { |
| 769 | /* | 769 | /* |
| 770 | * Similar to ssl3_get_record, send alert using remote | 770 | * Similar to ssl3_get_record, send alert using remote |
| 771 | * version number | 771 | * version number |
| @@ -808,7 +808,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 808 | if (p - d + j > n) | 808 | if (p - d + j > n) |
| 809 | goto truncated; | 809 | goto truncated; |
| 810 | 810 | ||
| 811 | s->hit = 0; | 811 | s->internal->hit = 0; |
| 812 | /* | 812 | /* |
| 813 | * Versions before 0.9.7 always allow clients to resume sessions in | 813 | * Versions before 0.9.7 always allow clients to resume sessions in |
| 814 | * renegotiation. 0.9.7 and later allow this by default, but optionally | 814 | * renegotiation. 0.9.7 and later allow this by default, but optionally |
| @@ -819,19 +819,19 @@ ssl3_get_client_hello(SSL *s) | |||
| 819 | * library versions). | 819 | * library versions). |
| 820 | * | 820 | * |
| 821 | * 1.0.1 and later also have a function SSL_renegotiate_abbreviated() | 821 | * 1.0.1 and later also have a function SSL_renegotiate_abbreviated() |
| 822 | * to request renegotiation but not a new session (s->new_session | 822 | * to request renegotiation but not a new session (s->internal->new_session |
| 823 | * remains unset): for servers, this essentially just means that the | 823 | * remains unset): for servers, this essentially just means that the |
| 824 | * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION setting will be | 824 | * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION setting will be |
| 825 | * ignored. | 825 | * ignored. |
| 826 | */ | 826 | */ |
| 827 | if ((s->new_session && (s->options & | 827 | if ((s->internal->new_session && (s->options & |
| 828 | SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION))) { | 828 | SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION))) { |
| 829 | if (!ssl_get_new_session(s, 1)) | 829 | if (!ssl_get_new_session(s, 1)) |
| 830 | goto err; | 830 | goto err; |
| 831 | } else { | 831 | } else { |
| 832 | i = ssl_get_prev_session(s, p, j, d + n); | 832 | i = ssl_get_prev_session(s, p, j, d + n); |
| 833 | if (i == 1) { /* previous session */ | 833 | if (i == 1) { /* previous session */ |
| 834 | s->hit = 1; | 834 | s->internal->hit = 1; |
| 835 | } else if (i == -1) | 835 | } else if (i == -1) |
| 836 | goto err; | 836 | goto err; |
| 837 | else { | 837 | else { |
| @@ -913,7 +913,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 913 | p += i; | 913 | p += i; |
| 914 | 914 | ||
| 915 | /* If it is a hit, check that the cipher is in the list */ | 915 | /* If it is a hit, check that the cipher is in the list */ |
| 916 | if ((s->hit) && (i > 0)) { | 916 | if ((s->internal->hit) && (i > 0)) { |
| 917 | j = 0; | 917 | j = 0; |
| 918 | id = s->session->cipher->id; | 918 | id = s->session->cipher->id; |
| 919 | 919 | ||
| @@ -976,14 +976,14 @@ ssl3_get_client_hello(SSL *s) | |||
| 976 | */ | 976 | */ |
| 977 | arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE); | 977 | arc4random_buf(s->s3->server_random, SSL3_RANDOM_SIZE); |
| 978 | 978 | ||
| 979 | if (!s->hit && s->internal->tls_session_secret_cb) { | 979 | if (!s->internal->hit && s->internal->tls_session_secret_cb) { |
| 980 | SSL_CIPHER *pref_cipher = NULL; | 980 | SSL_CIPHER *pref_cipher = NULL; |
| 981 | 981 | ||
| 982 | s->session->master_key_length = sizeof(s->session->master_key); | 982 | s->session->master_key_length = sizeof(s->session->master_key); |
| 983 | if (s->internal->tls_session_secret_cb(s, s->session->master_key, | 983 | if (s->internal->tls_session_secret_cb(s, s->session->master_key, |
| 984 | &s->session->master_key_length, ciphers, &pref_cipher, | 984 | &s->session->master_key_length, ciphers, &pref_cipher, |
| 985 | s->internal->tls_session_secret_cb_arg)) { | 985 | s->internal->tls_session_secret_cb_arg)) { |
| 986 | s->hit = 1; | 986 | s->internal->hit = 1; |
| 987 | s->session->ciphers = ciphers; | 987 | s->session->ciphers = ciphers; |
| 988 | s->session->verify_result = X509_V_OK; | 988 | s->session->verify_result = X509_V_OK; |
| 989 | 989 | ||
| @@ -1005,11 +1005,11 @@ ssl3_get_client_hello(SSL *s) | |||
| 1005 | if (s->cipher_list) | 1005 | if (s->cipher_list) |
| 1006 | sk_SSL_CIPHER_free(s->cipher_list); | 1006 | sk_SSL_CIPHER_free(s->cipher_list); |
| 1007 | 1007 | ||
| 1008 | if (s->cipher_list_by_id) | 1008 | if (s->internal->cipher_list_by_id) |
| 1009 | sk_SSL_CIPHER_free(s->cipher_list_by_id); | 1009 | sk_SSL_CIPHER_free(s->internal->cipher_list_by_id); |
| 1010 | 1010 | ||
| 1011 | s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers); | 1011 | s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers); |
| 1012 | s->cipher_list_by_id = | 1012 | s->internal->cipher_list_by_id = |
| 1013 | sk_SSL_CIPHER_dup(s->session->ciphers); | 1013 | sk_SSL_CIPHER_dup(s->session->ciphers); |
| 1014 | } | 1014 | } |
| 1015 | } | 1015 | } |
| @@ -1019,7 +1019,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 1019 | * pick a cipher | 1019 | * pick a cipher |
| 1020 | */ | 1020 | */ |
| 1021 | 1021 | ||
| 1022 | if (!s->hit) { | 1022 | if (!s->internal->hit) { |
| 1023 | if (s->session->ciphers != NULL) | 1023 | if (s->session->ciphers != NULL) |
| 1024 | sk_SSL_CIPHER_free(s->session->ciphers); | 1024 | sk_SSL_CIPHER_free(s->session->ciphers); |
| 1025 | s->session->ciphers = ciphers; | 1025 | s->session->ciphers = ciphers; |
| @@ -1061,7 +1061,7 @@ ssl3_get_client_hello(SSL *s) | |||
| 1061 | * compression - basically ignored right now | 1061 | * compression - basically ignored right now |
| 1062 | * ssl version is set - sslv3 | 1062 | * ssl version is set - sslv3 |
| 1063 | * s->session - The ssl session has been setup. | 1063 | * s->session - The ssl session has been setup. |
| 1064 | * s->hit - session reuse flag | 1064 | * s->internal->hit - session reuse flag |
| 1065 | * s->tmp.new_cipher - the new cipher to use. | 1065 | * s->tmp.new_cipher - the new cipher to use. |
| 1066 | */ | 1066 | */ |
| 1067 | 1067 | ||
| @@ -1097,7 +1097,7 @@ ssl3_send_server_hello(SSL *s) | |||
| 1097 | 1097 | ||
| 1098 | memset(&cbb, 0, sizeof(cbb)); | 1098 | memset(&cbb, 0, sizeof(cbb)); |
| 1099 | 1099 | ||
| 1100 | bufend = (unsigned char *)s->init_buf->data + SSL3_RT_MAX_PLAIN_LENGTH; | 1100 | bufend = (unsigned char *)s->internal->init_buf->data + SSL3_RT_MAX_PLAIN_LENGTH; |
| 1101 | 1101 | ||
| 1102 | if (s->state == SSL3_ST_SW_SRVR_HELLO_A) { | 1102 | if (s->state == SSL3_ST_SW_SRVR_HELLO_A) { |
| 1103 | d = p = ssl3_handshake_msg_start(s, SSL3_MT_SERVER_HELLO); | 1103 | d = p = ssl3_handshake_msg_start(s, SSL3_MT_SERVER_HELLO); |
| @@ -1125,12 +1125,12 @@ ssl3_send_server_hello(SSL *s) | |||
| 1125 | * - However, if we want the new session to be single-use, | 1125 | * - However, if we want the new session to be single-use, |
| 1126 | * we send back a 0-length session ID. | 1126 | * we send back a 0-length session ID. |
| 1127 | * | 1127 | * |
| 1128 | * s->hit is non-zero in either case of session reuse, | 1128 | * s->internal->hit is non-zero in either case of session reuse, |
| 1129 | * so the following won't overwrite an ID that we're supposed | 1129 | * so the following won't overwrite an ID that we're supposed |
| 1130 | * to send back. | 1130 | * to send back. |
| 1131 | */ | 1131 | */ |
| 1132 | if (!(s->ctx->internal->session_cache_mode & SSL_SESS_CACHE_SERVER) | 1132 | if (!(s->ctx->internal->session_cache_mode & SSL_SESS_CACHE_SERVER) |
| 1133 | && !s->hit) | 1133 | && !s->internal->hit) |
| 1134 | s->session->session_id_length = 0; | 1134 | s->session->session_id_length = 0; |
| 1135 | 1135 | ||
| 1136 | sl = s->session->session_id_length; | 1136 | sl = s->session->session_id_length; |
| @@ -1491,7 +1491,7 @@ ssl3_send_server_key_exchange(SSL *s) | |||
| 1491 | type = S3I(s)->tmp.new_cipher->algorithm_mkey; | 1491 | type = S3I(s)->tmp.new_cipher->algorithm_mkey; |
| 1492 | cert = s->cert; | 1492 | cert = s->cert; |
| 1493 | 1493 | ||
| 1494 | buf = s->init_buf; | 1494 | buf = s->internal->init_buf; |
| 1495 | 1495 | ||
| 1496 | if (!CBB_init(&cbb, 0)) | 1496 | if (!CBB_init(&cbb, 0)) |
| 1497 | goto err; | 1497 | goto err; |
| @@ -1647,7 +1647,7 @@ ssl3_send_certificate_request(SSL *s) | |||
| 1647 | BUF_MEM *buf; | 1647 | BUF_MEM *buf; |
| 1648 | 1648 | ||
| 1649 | if (s->state == SSL3_ST_SW_CERT_REQ_A) { | 1649 | if (s->state == SSL3_ST_SW_CERT_REQ_A) { |
| 1650 | buf = s->init_buf; | 1650 | buf = s->internal->init_buf; |
| 1651 | 1651 | ||
| 1652 | d = p = ssl3_handshake_msg_start(s, | 1652 | d = p = ssl3_handshake_msg_start(s, |
| 1653 | SSL3_MT_CERTIFICATE_REQUEST); | 1653 | SSL3_MT_CERTIFICATE_REQUEST); |
| @@ -1986,7 +1986,7 @@ ssl3_get_client_kex_ecdhe_ecp(SSL *s, unsigned char *p, long n) | |||
| 1986 | * p is pointing to somewhere in the buffer | 1986 | * p is pointing to somewhere in the buffer |
| 1987 | * currently, so set it to the start. | 1987 | * currently, so set it to the start. |
| 1988 | */ | 1988 | */ |
| 1989 | p = (unsigned char *)s->init_buf->data; | 1989 | p = (unsigned char *)s->internal->init_buf->data; |
| 1990 | } | 1990 | } |
| 1991 | 1991 | ||
| 1992 | /* Compute the shared pre-master secret */ | 1992 | /* Compute the shared pre-master secret */ |
| @@ -2169,7 +2169,7 @@ ssl3_get_client_key_exchange(SSL *s) | |||
| 2169 | if (!ok) | 2169 | if (!ok) |
| 2170 | return ((int)n); | 2170 | return ((int)n); |
| 2171 | 2171 | ||
| 2172 | p = (unsigned char *)s->init_msg; | 2172 | p = (unsigned char *)s->internal->init_msg; |
| 2173 | 2173 | ||
| 2174 | alg_k = S3I(s)->tmp.new_cipher->algorithm_mkey; | 2174 | alg_k = S3I(s)->tmp.new_cipher->algorithm_mkey; |
| 2175 | 2175 | ||
| @@ -2261,7 +2261,7 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2261 | } | 2261 | } |
| 2262 | 2262 | ||
| 2263 | /* we now have a signature that we need to verify */ | 2263 | /* we now have a signature that we need to verify */ |
| 2264 | p = (unsigned char *)s->init_msg; | 2264 | p = (unsigned char *)s->internal->init_msg; |
| 2265 | /* | 2265 | /* |
| 2266 | * Check for broken implementations of GOST ciphersuites. | 2266 | * Check for broken implementations of GOST ciphersuites. |
| 2267 | * | 2267 | * |
| @@ -2477,7 +2477,7 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2477 | STACK_OF(X509) *sk = NULL; | 2477 | STACK_OF(X509) *sk = NULL; |
| 2478 | 2478 | ||
| 2479 | n = s->method->ssl_get_message(s, SSL3_ST_SR_CERT_A, SSL3_ST_SR_CERT_B, | 2479 | n = s->method->ssl_get_message(s, SSL3_ST_SR_CERT_A, SSL3_ST_SR_CERT_B, |
| 2480 | -1, s->max_cert_list, &ok); | 2480 | -1, s->internal->max_cert_list, &ok); |
| 2481 | 2481 | ||
| 2482 | if (!ok) | 2482 | if (!ok) |
| 2483 | return ((int)n); | 2483 | return ((int)n); |
| @@ -2515,7 +2515,7 @@ ssl3_get_client_certificate(SSL *s) | |||
| 2515 | if (n < 0) | 2515 | if (n < 0) |
| 2516 | goto truncated; | 2516 | goto truncated; |
| 2517 | 2517 | ||
| 2518 | CBS_init(&cbs, s->init_msg, n); | 2518 | CBS_init(&cbs, s->internal->init_msg, n); |
| 2519 | 2519 | ||
| 2520 | if ((sk = sk_X509_new_null()) == NULL) { | 2520 | if ((sk = sk_X509_new_null()) == NULL) { |
| 2521 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, | 2521 | SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE, |
| @@ -2727,7 +2727,7 @@ ssl3_send_newsession_ticket(SSL *s) | |||
| 2727 | * session_length + max_enc_block_size (max encrypted session | 2727 | * session_length + max_enc_block_size (max encrypted session |
| 2728 | * length) + max_md_size (HMAC). | 2728 | * length) + max_md_size (HMAC). |
| 2729 | */ | 2729 | */ |
| 2730 | if (!BUF_MEM_grow(s->init_buf, ssl3_handshake_msg_hdr_len(s) + | 2730 | if (!BUF_MEM_grow(s->internal->init_buf, ssl3_handshake_msg_hdr_len(s) + |
| 2731 | 22 + EVP_MAX_IV_LENGTH + EVP_MAX_BLOCK_LENGTH + | 2731 | 22 + EVP_MAX_IV_LENGTH + EVP_MAX_BLOCK_LENGTH + |
| 2732 | EVP_MAX_MD_SIZE + slen)) | 2732 | EVP_MAX_MD_SIZE + slen)) |
| 2733 | goto err; | 2733 | goto err; |
| @@ -2763,7 +2763,7 @@ ssl3_send_newsession_ticket(SSL *s) | |||
| 2763 | * (for simplicity), and guess that tickets for new | 2763 | * (for simplicity), and guess that tickets for new |
| 2764 | * sessions will live as long as their sessions. | 2764 | * sessions will live as long as their sessions. |
| 2765 | */ | 2765 | */ |
| 2766 | l2n(s->hit ? 0 : s->session->timeout, p); | 2766 | l2n(s->internal->hit ? 0 : s->session->timeout, p); |
| 2767 | 2767 | ||
| 2768 | /* Skip ticket length for now */ | 2768 | /* Skip ticket length for now */ |
| 2769 | p += 2; | 2769 | p += 2; |
| @@ -2825,17 +2825,17 @@ ssl3_send_cert_status(SSL *s) | |||
| 2825 | * 1 (ocsp response type) + 3 (ocsp response length) | 2825 | * 1 (ocsp response type) + 3 (ocsp response length) |
| 2826 | * + (ocsp response) | 2826 | * + (ocsp response) |
| 2827 | */ | 2827 | */ |
| 2828 | if (!BUF_MEM_grow(s->init_buf, SSL3_HM_HEADER_LENGTH + 4 + | 2828 | if (!BUF_MEM_grow(s->internal->init_buf, SSL3_HM_HEADER_LENGTH + 4 + |
| 2829 | s->tlsext_ocsp_resplen)) | 2829 | s->internal->tlsext_ocsp_resplen)) |
| 2830 | return (-1); | 2830 | return (-1); |
| 2831 | 2831 | ||
| 2832 | p = ssl3_handshake_msg_start(s, SSL3_MT_CERTIFICATE_STATUS); | 2832 | p = ssl3_handshake_msg_start(s, SSL3_MT_CERTIFICATE_STATUS); |
| 2833 | 2833 | ||
| 2834 | *(p++) = s->tlsext_status_type; | 2834 | *(p++) = s->tlsext_status_type; |
| 2835 | l2n3(s->tlsext_ocsp_resplen, p); | 2835 | l2n3(s->internal->tlsext_ocsp_resplen, p); |
| 2836 | memcpy(p, s->tlsext_ocsp_resp, s->tlsext_ocsp_resplen); | 2836 | memcpy(p, s->internal->tlsext_ocsp_resp, s->internal->tlsext_ocsp_resplen); |
| 2837 | 2837 | ||
| 2838 | ssl3_handshake_msg_finish(s, s->tlsext_ocsp_resplen + 4); | 2838 | ssl3_handshake_msg_finish(s, s->internal->tlsext_ocsp_resplen + 4); |
| 2839 | 2839 | ||
| 2840 | s->state = SSL3_ST_SW_CERT_STATUS_B; | 2840 | s->state = SSL3_ST_SW_CERT_STATUS_B; |
| 2841 | } | 2841 | } |
| @@ -2887,7 +2887,7 @@ ssl3_get_next_proto(SSL *s) | |||
| 2887 | return (0); | 2887 | return (0); |
| 2888 | /* The body must be > 1 bytes long */ | 2888 | /* The body must be > 1 bytes long */ |
| 2889 | 2889 | ||
| 2890 | CBS_init(&cbs, s->init_msg, s->init_num); | 2890 | CBS_init(&cbs, s->internal->init_msg, s->internal->init_num); |
| 2891 | 2891 | ||
| 2892 | /* | 2892 | /* |
| 2893 | * The payload looks like: | 2893 | * The payload looks like: |
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h index 99ac44d769..4069fcd024 100644 --- a/src/lib/libssl/ssl.h +++ b/src/lib/libssl/ssl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl.h,v 1.113 2017/01/23 05:27:22 jsing Exp $ */ | 1 | /* $OpenBSD: ssl.h,v 1.114 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -828,8 +828,6 @@ struct ssl_st { | |||
| 828 | */ | 828 | */ |
| 829 | int version; | 829 | int version; |
| 830 | 830 | ||
| 831 | int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */ | ||
| 832 | |||
| 833 | const SSL_METHOD *method; /* SSLv3 */ | 831 | const SSL_METHOD *method; /* SSLv3 */ |
| 834 | 832 | ||
| 835 | /* There are 2 BIO's even though they are normally both the | 833 | /* There are 2 BIO's even though they are normally both the |
| @@ -846,76 +844,19 @@ struct ssl_st { | |||
| 846 | char *wbio; /* used by SSL_write */ | 844 | char *wbio; /* used by SSL_write */ |
| 847 | char *bbio; | 845 | char *bbio; |
| 848 | #endif | 846 | #endif |
| 849 | /* This holds a variable that indicates what we were doing | ||
| 850 | * when a 0 or -1 is returned. This is needed for | ||
| 851 | * non-blocking IO so we know what request needs re-doing when | ||
| 852 | * in SSL_accept or SSL_connect */ | ||
| 853 | int rwstate; | ||
| 854 | |||
| 855 | /* Imagine that here's a boolean member "init" that is | ||
| 856 | * switched as soon as SSL_set_{accept/connect}_state | ||
| 857 | * is called for the first time, so that "state" and | ||
| 858 | * "handshake_func" are properly initialized. But as | ||
| 859 | * handshake_func is == 0 until then, we use this | ||
| 860 | * test instead of an "init" member. | ||
| 861 | */ | ||
| 862 | |||
| 863 | int server; /* are we the server side? - mostly used by SSL_clear*/ | 847 | int server; /* are we the server side? - mostly used by SSL_clear*/ |
| 864 | 848 | ||
| 865 | int new_session;/* Generate a new session or reuse an old one. | ||
| 866 | * NB: For servers, the 'new' session may actually be a previously | ||
| 867 | * cached session or even the previous session unless | ||
| 868 | * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */ | ||
| 869 | int quiet_shutdown;/* don't send shutdown packets */ | ||
| 870 | int shutdown; /* we have shut things down, 0x01 sent, 0x02 | ||
| 871 | * for received */ | ||
| 872 | int state; /* where we are */ | 849 | int state; /* where we are */ |
| 873 | int rstate; /* where we are when reading */ | 850 | int rstate; /* where we are when reading */ |
| 874 | 851 | ||
| 875 | BUF_MEM *init_buf; /* buffer used during init */ | ||
| 876 | void *init_msg; /* pointer to handshake message body, set by ssl3_get_message() */ | ||
| 877 | int init_num; /* amount read/written */ | ||
| 878 | int init_off; /* amount read/written */ | ||
| 879 | |||
| 880 | /* used internally to point at a raw packet */ | ||
| 881 | unsigned char *packet; | ||
| 882 | unsigned int packet_length; | ||
| 883 | |||
| 884 | struct ssl3_state_st *s3; /* SSLv3 variables */ | 852 | struct ssl3_state_st *s3; /* SSLv3 variables */ |
| 885 | struct dtls1_state_st *d1; /* DTLSv1 variables */ | 853 | struct dtls1_state_st *d1; /* DTLSv1 variables */ |
| 886 | 854 | ||
| 887 | int read_ahead; /* Read as many input bytes as possible | ||
| 888 | * (for non-blocking reads) */ | ||
| 889 | |||
| 890 | int hit; /* reusing a previous session */ | ||
| 891 | |||
| 892 | X509_VERIFY_PARAM *param; | 855 | X509_VERIFY_PARAM *param; |
| 893 | 856 | ||
| 894 | /* crypto */ | 857 | /* crypto */ |
| 895 | STACK_OF(SSL_CIPHER) *cipher_list; | 858 | STACK_OF(SSL_CIPHER) *cipher_list; |
| 896 | STACK_OF(SSL_CIPHER) *cipher_list_by_id; | ||
| 897 | |||
| 898 | /* These are the ones being used, the ones in SSL_SESSION are | ||
| 899 | * the ones to be 'copied' into these ones */ | ||
| 900 | int mac_flags; | ||
| 901 | |||
| 902 | SSL_AEAD_CTX *aead_read_ctx; /* AEAD context. If non-NULL, then | ||
| 903 | enc_read_ctx and read_hash are | ||
| 904 | ignored. */ | ||
| 905 | |||
| 906 | EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ | ||
| 907 | EVP_MD_CTX *read_hash; /* used for mac generation */ | ||
| 908 | 859 | ||
| 909 | SSL_AEAD_CTX *aead_write_ctx; /* AEAD context. If non-NULL, then | ||
| 910 | enc_write_ctx and write_hash are | ||
| 911 | ignored. */ | ||
| 912 | |||
| 913 | EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */ | ||
| 914 | EVP_MD_CTX *write_hash; /* used for mac generation */ | ||
| 915 | |||
| 916 | /* session info */ | ||
| 917 | |||
| 918 | /* client cert? */ | ||
| 919 | /* This is used to hold the server certificate used */ | 860 | /* This is used to hold the server certificate used */ |
| 920 | struct cert_st /* CERT */ *cert; | 861 | struct cert_st /* CERT */ *cert; |
| 921 | 862 | ||
| @@ -933,69 +874,26 @@ struct ssl_st { | |||
| 933 | int error; /* error bytes to be written */ | 874 | int error; /* error bytes to be written */ |
| 934 | int error_code; /* actual code */ | 875 | int error_code; /* actual code */ |
| 935 | 876 | ||
| 936 | |||
| 937 | |||
| 938 | SSL_CTX *ctx; | 877 | SSL_CTX *ctx; |
| 939 | /* set this flag to 1 and a sleep(1) is put into all SSL_read() | ||
| 940 | * and SSL_write() calls, good for nbio debuging :-) */ | ||
| 941 | int debug; | ||
| 942 | 878 | ||
| 943 | |||
| 944 | /* extra application data */ | ||
| 945 | long verify_result; | 879 | long verify_result; |
| 946 | CRYPTO_EX_DATA ex_data; | ||
| 947 | |||
| 948 | /* for server side, keep the list of CA_dn we can use */ | ||
| 949 | STACK_OF(X509_NAME) *client_CA; | ||
| 950 | 880 | ||
| 951 | int references; | 881 | int references; |
| 952 | unsigned long options; /* protocol behaviour */ | 882 | unsigned long options; /* protocol behaviour */ |
| 953 | unsigned long mode; /* API behaviour */ | 883 | unsigned long mode; /* API behaviour */ |
| 954 | long max_cert_list; | ||
| 955 | int first_packet; | ||
| 956 | int client_version; /* what was passed, used for | 884 | int client_version; /* what was passed, used for |
| 957 | * SSLv3/TLS rollback check */ | 885 | * SSLv3/TLS rollback check */ |
| 958 | unsigned int max_send_fragment; | 886 | unsigned int max_send_fragment; |
| 959 | 887 | ||
| 960 | char *tlsext_hostname; | 888 | char *tlsext_hostname; |
| 961 | 889 | ||
| 962 | int servername_done; /* no further mod of servername | ||
| 963 | 0 : call the servername extension callback. | ||
| 964 | 1 : prepare 2, allow last ack just after in server callback. | ||
| 965 | 2 : don't call servername callback, no ack in server hello | ||
| 966 | */ | ||
| 967 | /* certificate status request info */ | 890 | /* certificate status request info */ |
| 968 | /* Status type or -1 if no status type */ | 891 | /* Status type or -1 if no status type */ |
| 969 | int tlsext_status_type; | 892 | int tlsext_status_type; |
| 970 | /* Expect OCSP CertificateStatus message */ | ||
| 971 | int tlsext_status_expected; | ||
| 972 | /* OCSP status request only */ | ||
| 973 | STACK_OF(OCSP_RESPID) *tlsext_ocsp_ids; | ||
| 974 | X509_EXTENSIONS *tlsext_ocsp_exts; | ||
| 975 | /* OCSP response received or to be sent */ | ||
| 976 | unsigned char *tlsext_ocsp_resp; | ||
| 977 | int tlsext_ocsp_resplen; | ||
| 978 | |||
| 979 | /* RFC4507 session ticket expected to be received or sent */ | ||
| 980 | int tlsext_ticket_expected; | ||
| 981 | size_t tlsext_ecpointformatlist_length; | ||
| 982 | uint8_t *tlsext_ecpointformatlist; /* our list */ | ||
| 983 | size_t tlsext_ellipticcurvelist_length; | ||
| 984 | uint16_t *tlsext_ellipticcurvelist; /* our list */ | ||
| 985 | |||
| 986 | /* TLS Session Ticket extension override */ | ||
| 987 | TLS_SESSION_TICKET_EXT *tlsext_session_ticket; | ||
| 988 | 893 | ||
| 989 | SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ | 894 | SSL_CTX * initial_ctx; /* initial ctx, used to store sessions */ |
| 990 | #define session_ctx initial_ctx | 895 | #define session_ctx initial_ctx |
| 991 | 896 | ||
| 992 | STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* What we'll do */ | ||
| 993 | SRTP_PROTECTION_PROFILE *srtp_profile; /* What's been chosen */ | ||
| 994 | |||
| 995 | int renegotiate;/* 1 if we are renegotiating. | ||
| 996 | * 2 if we are a server and are inside a handshake | ||
| 997 | * (i.e. not just sending a HelloRequest) */ | ||
| 998 | |||
| 999 | struct ssl_internal_st *internal; | 897 | struct ssl_internal_st *internal; |
| 1000 | }; | 898 | }; |
| 1001 | 899 | ||
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c index 496fcf85bc..c23e789bf8 100644 --- a/src/lib/libssl/ssl_cert.c +++ b/src/lib/libssl/ssl_cert.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_cert.c,v 1.57 2017/01/23 05:13:02 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_cert.c,v 1.58 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -486,7 +486,7 @@ SSL_dup_CA_list(STACK_OF(X509_NAME) *sk) | |||
| 486 | void | 486 | void |
| 487 | SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list) | 487 | SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *name_list) |
| 488 | { | 488 | { |
| 489 | set_client_CA_list(&(s->client_CA), name_list); | 489 | set_client_CA_list(&(s->internal->client_CA), name_list); |
| 490 | } | 490 | } |
| 491 | 491 | ||
| 492 | void | 492 | void |
| @@ -504,7 +504,7 @@ SSL_CTX_get_client_CA_list(const SSL_CTX *ctx) | |||
| 504 | STACK_OF(X509_NAME) * | 504 | STACK_OF(X509_NAME) * |
| 505 | SSL_get_client_CA_list(const SSL *s) | 505 | SSL_get_client_CA_list(const SSL *s) |
| 506 | { | 506 | { |
| 507 | if (s->type == SSL_ST_CONNECT) { | 507 | if (s->internal->type == SSL_ST_CONNECT) { |
| 508 | /* We are in the client. */ | 508 | /* We are in the client. */ |
| 509 | if (((s->version >> 8) == SSL3_VERSION_MAJOR) && | 509 | if (((s->version >> 8) == SSL3_VERSION_MAJOR) && |
| 510 | (s->s3 != NULL)) | 510 | (s->s3 != NULL)) |
| @@ -512,8 +512,8 @@ SSL_get_client_CA_list(const SSL *s) | |||
| 512 | else | 512 | else |
| 513 | return (NULL); | 513 | return (NULL); |
| 514 | } else { | 514 | } else { |
| 515 | if (s->client_CA != NULL) | 515 | if (s->internal->client_CA != NULL) |
| 516 | return (s->client_CA); | 516 | return (s->internal->client_CA); |
| 517 | else | 517 | else |
| 518 | return (s->ctx->internal->client_CA); | 518 | return (s->ctx->internal->client_CA); |
| 519 | } | 519 | } |
| @@ -542,7 +542,7 @@ add_client_CA(STACK_OF(X509_NAME) **sk, X509 *x) | |||
| 542 | int | 542 | int |
| 543 | SSL_add_client_CA(SSL *ssl, X509 *x) | 543 | SSL_add_client_CA(SSL *ssl, X509 *x) |
| 544 | { | 544 | { |
| 545 | return (add_client_CA(&(ssl->client_CA), x)); | 545 | return (add_client_CA(&(ssl->internal->client_CA), x)); |
| 546 | } | 546 | } |
| 547 | 547 | ||
| 548 | int | 548 | int |
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index 036a13b36a..c29d6225df 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_lib.c,v 1.134 2017/01/23 05:13:02 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_lib.c,v 1.135 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -200,31 +200,31 @@ SSL_clear(SSL *s) | |||
| 200 | } | 200 | } |
| 201 | 201 | ||
| 202 | s->error = 0; | 202 | s->error = 0; |
| 203 | s->hit = 0; | 203 | s->internal->hit = 0; |
| 204 | s->shutdown = 0; | 204 | s->internal->shutdown = 0; |
| 205 | 205 | ||
| 206 | if (s->renegotiate) { | 206 | if (s->internal->renegotiate) { |
| 207 | SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR); | 207 | SSLerr(SSL_F_SSL_CLEAR, ERR_R_INTERNAL_ERROR); |
| 208 | return (0); | 208 | return (0); |
| 209 | } | 209 | } |
| 210 | 210 | ||
| 211 | s->type = 0; | 211 | s->internal->type = 0; |
| 212 | 212 | ||
| 213 | s->state = SSL_ST_BEFORE|((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT); | 213 | s->state = SSL_ST_BEFORE|((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT); |
| 214 | 214 | ||
| 215 | s->version = s->method->version; | 215 | s->version = s->method->version; |
| 216 | s->client_version = s->version; | 216 | s->client_version = s->version; |
| 217 | s->rwstate = SSL_NOTHING; | 217 | s->internal->rwstate = SSL_NOTHING; |
| 218 | s->rstate = SSL_ST_READ_HEADER; | 218 | s->rstate = SSL_ST_READ_HEADER; |
| 219 | 219 | ||
| 220 | BUF_MEM_free(s->init_buf); | 220 | BUF_MEM_free(s->internal->init_buf); |
| 221 | s->init_buf = NULL; | 221 | s->internal->init_buf = NULL; |
| 222 | 222 | ||
| 223 | ssl_clear_cipher_ctx(s); | 223 | ssl_clear_cipher_ctx(s); |
| 224 | ssl_clear_hash_ctx(&s->read_hash); | 224 | ssl_clear_hash_ctx(&s->internal->read_hash); |
| 225 | ssl_clear_hash_ctx(&s->write_hash); | 225 | ssl_clear_hash_ctx(&s->internal->write_hash); |
| 226 | 226 | ||
| 227 | s->first_packet = 0; | 227 | s->internal->first_packet = 0; |
| 228 | 228 | ||
| 229 | /* | 229 | /* |
| 230 | * Check to see if we were changed into a different method, if | 230 | * Check to see if we were changed into a different method, if |
| @@ -286,7 +286,7 @@ SSL_new(SSL_CTX *ctx) | |||
| 286 | 286 | ||
| 287 | s->options = ctx->options; | 287 | s->options = ctx->options; |
| 288 | s->mode = ctx->mode; | 288 | s->mode = ctx->mode; |
| 289 | s->max_cert_list = ctx->internal->max_cert_list; | 289 | s->internal->max_cert_list = ctx->internal->max_cert_list; |
| 290 | 290 | ||
| 291 | if (ctx->internal->cert != NULL) { | 291 | if (ctx->internal->cert != NULL) { |
| 292 | /* | 292 | /* |
| @@ -306,7 +306,7 @@ SSL_new(SSL_CTX *ctx) | |||
| 306 | } else | 306 | } else |
| 307 | s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */ | 307 | s->cert=NULL; /* Cannot really happen (see SSL_CTX_new) */ |
| 308 | 308 | ||
| 309 | s->read_ahead = ctx->internal->read_ahead; | 309 | s->internal->read_ahead = ctx->internal->read_ahead; |
| 310 | s->internal->msg_callback = ctx->internal->msg_callback; | 310 | s->internal->msg_callback = ctx->internal->msg_callback; |
| 311 | s->internal->msg_callback_arg = ctx->internal->msg_callback_arg; | 311 | s->internal->msg_callback_arg = ctx->internal->msg_callback_arg; |
| 312 | s->verify_mode = ctx->verify_mode; | 312 | s->verify_mode = ctx->verify_mode; |
| @@ -320,20 +320,20 @@ SSL_new(SSL_CTX *ctx) | |||
| 320 | if (!s->param) | 320 | if (!s->param) |
| 321 | goto err; | 321 | goto err; |
| 322 | X509_VERIFY_PARAM_inherit(s->param, ctx->param); | 322 | X509_VERIFY_PARAM_inherit(s->param, ctx->param); |
| 323 | s->quiet_shutdown = ctx->internal->quiet_shutdown; | 323 | s->internal->quiet_shutdown = ctx->internal->quiet_shutdown; |
| 324 | s->max_send_fragment = ctx->internal->max_send_fragment; | 324 | s->max_send_fragment = ctx->internal->max_send_fragment; |
| 325 | 325 | ||
| 326 | CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); | 326 | CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); |
| 327 | s->ctx = ctx; | 327 | s->ctx = ctx; |
| 328 | s->internal->tlsext_debug_cb = 0; | 328 | s->internal->tlsext_debug_cb = 0; |
| 329 | s->internal->tlsext_debug_arg = NULL; | 329 | s->internal->tlsext_debug_arg = NULL; |
| 330 | s->tlsext_ticket_expected = 0; | 330 | s->internal->tlsext_ticket_expected = 0; |
| 331 | s->tlsext_status_type = -1; | 331 | s->tlsext_status_type = -1; |
| 332 | s->tlsext_status_expected = 0; | 332 | s->internal->tlsext_status_expected = 0; |
| 333 | s->tlsext_ocsp_ids = NULL; | 333 | s->internal->tlsext_ocsp_ids = NULL; |
| 334 | s->tlsext_ocsp_exts = NULL; | 334 | s->internal->tlsext_ocsp_exts = NULL; |
| 335 | s->tlsext_ocsp_resp = NULL; | 335 | s->internal->tlsext_ocsp_resp = NULL; |
| 336 | s->tlsext_ocsp_resplen = -1; | 336 | s->internal->tlsext_ocsp_resplen = -1; |
| 337 | CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); | 337 | CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX); |
| 338 | s->initial_ctx = ctx; | 338 | s->initial_ctx = ctx; |
| 339 | s->internal->next_proto_negotiated = NULL; | 339 | s->internal->next_proto_negotiated = NULL; |
| @@ -362,7 +362,7 @@ SSL_new(SSL_CTX *ctx) | |||
| 362 | 362 | ||
| 363 | SSL_clear(s); | 363 | SSL_clear(s); |
| 364 | 364 | ||
| 365 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data); | 365 | CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->internal->ex_data); |
| 366 | 366 | ||
| 367 | return (s); | 367 | return (s); |
| 368 | 368 | ||
| @@ -497,7 +497,7 @@ SSL_free(SSL *s) | |||
| 497 | if (s->param) | 497 | if (s->param) |
| 498 | X509_VERIFY_PARAM_free(s->param); | 498 | X509_VERIFY_PARAM_free(s->param); |
| 499 | 499 | ||
| 500 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data); | 500 | CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->internal->ex_data); |
| 501 | 501 | ||
| 502 | if (s->bbio != NULL) { | 502 | if (s->bbio != NULL) { |
| 503 | /* If the buffering BIO is in place, pop it off */ | 503 | /* If the buffering BIO is in place, pop it off */ |
| @@ -512,14 +512,14 @@ SSL_free(SSL *s) | |||
| 512 | BIO_free_all(s->rbio); | 512 | BIO_free_all(s->rbio); |
| 513 | BIO_free_all(s->wbio); | 513 | BIO_free_all(s->wbio); |
| 514 | 514 | ||
| 515 | if (s->init_buf != NULL) | 515 | if (s->internal->init_buf != NULL) |
| 516 | BUF_MEM_free(s->init_buf); | 516 | BUF_MEM_free(s->internal->init_buf); |
| 517 | 517 | ||
| 518 | /* add extra stuff */ | 518 | /* add extra stuff */ |
| 519 | if (s->cipher_list != NULL) | 519 | if (s->cipher_list != NULL) |
| 520 | sk_SSL_CIPHER_free(s->cipher_list); | 520 | sk_SSL_CIPHER_free(s->cipher_list); |
| 521 | if (s->cipher_list_by_id != NULL) | 521 | if (s->internal->cipher_list_by_id != NULL) |
| 522 | sk_SSL_CIPHER_free(s->cipher_list_by_id); | 522 | sk_SSL_CIPHER_free(s->internal->cipher_list_by_id); |
| 523 | 523 | ||
| 524 | /* Make the next call work :-) */ | 524 | /* Make the next call work :-) */ |
| 525 | if (s->session != NULL) { | 525 | if (s->session != NULL) { |
| @@ -528,8 +528,8 @@ SSL_free(SSL *s) | |||
| 528 | } | 528 | } |
| 529 | 529 | ||
| 530 | ssl_clear_cipher_ctx(s); | 530 | ssl_clear_cipher_ctx(s); |
| 531 | ssl_clear_hash_ctx(&s->read_hash); | 531 | ssl_clear_hash_ctx(&s->internal->read_hash); |
| 532 | ssl_clear_hash_ctx(&s->write_hash); | 532 | ssl_clear_hash_ctx(&s->internal->write_hash); |
| 533 | 533 | ||
| 534 | if (s->cert != NULL) | 534 | if (s->cert != NULL) |
| 535 | ssl_cert_free(s->cert); | 535 | ssl_cert_free(s->cert); |
| @@ -537,17 +537,17 @@ SSL_free(SSL *s) | |||
| 537 | 537 | ||
| 538 | free(s->tlsext_hostname); | 538 | free(s->tlsext_hostname); |
| 539 | SSL_CTX_free(s->initial_ctx); | 539 | SSL_CTX_free(s->initial_ctx); |
| 540 | free(s->tlsext_ecpointformatlist); | 540 | free(s->internal->tlsext_ecpointformatlist); |
| 541 | free(s->tlsext_ellipticcurvelist); | 541 | free(s->internal->tlsext_ellipticcurvelist); |
| 542 | if (s->tlsext_ocsp_exts) | 542 | if (s->internal->tlsext_ocsp_exts) |
| 543 | sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, | 543 | sk_X509_EXTENSION_pop_free(s->internal->tlsext_ocsp_exts, |
| 544 | X509_EXTENSION_free); | 544 | X509_EXTENSION_free); |
| 545 | if (s->tlsext_ocsp_ids) | 545 | if (s->internal->tlsext_ocsp_ids) |
| 546 | sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free); | 546 | sk_OCSP_RESPID_pop_free(s->internal->tlsext_ocsp_ids, OCSP_RESPID_free); |
| 547 | free(s->tlsext_ocsp_resp); | 547 | free(s->internal->tlsext_ocsp_resp); |
| 548 | 548 | ||
| 549 | if (s->client_CA != NULL) | 549 | if (s->internal->client_CA != NULL) |
| 550 | sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free); | 550 | sk_X509_NAME_pop_free(s->internal->client_CA, X509_NAME_free); |
| 551 | 551 | ||
| 552 | if (s->method != NULL) | 552 | if (s->method != NULL) |
| 553 | s->method->ssl_free(s); | 553 | s->method->ssl_free(s); |
| @@ -558,8 +558,8 @@ SSL_free(SSL *s) | |||
| 558 | free(s->internal->alpn_client_proto_list); | 558 | free(s->internal->alpn_client_proto_list); |
| 559 | 559 | ||
| 560 | #ifndef OPENSSL_NO_SRTP | 560 | #ifndef OPENSSL_NO_SRTP |
| 561 | if (s->srtp_profiles) | 561 | if (s->internal->srtp_profiles) |
| 562 | sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles); | 562 | sk_SRTP_PROTECTION_PROFILE_free(s->internal->srtp_profiles); |
| 563 | #endif | 563 | #endif |
| 564 | 564 | ||
| 565 | free(s->internal); | 565 | free(s->internal); |
| @@ -779,13 +779,13 @@ SSL_set_verify_depth(SSL *s, int depth) | |||
| 779 | void | 779 | void |
| 780 | SSL_set_read_ahead(SSL *s, int yes) | 780 | SSL_set_read_ahead(SSL *s, int yes) |
| 781 | { | 781 | { |
| 782 | s->read_ahead = yes; | 782 | s->internal->read_ahead = yes; |
| 783 | } | 783 | } |
| 784 | 784 | ||
| 785 | int | 785 | int |
| 786 | SSL_get_read_ahead(const SSL *s) | 786 | SSL_get_read_ahead(const SSL *s) |
| 787 | { | 787 | { |
| 788 | return (s->read_ahead); | 788 | return (s->internal->read_ahead); |
| 789 | } | 789 | } |
| 790 | 790 | ||
| 791 | int | 791 | int |
| @@ -951,8 +951,8 @@ SSL_read(SSL *s, void *buf, int num) | |||
| 951 | return (-1); | 951 | return (-1); |
| 952 | } | 952 | } |
| 953 | 953 | ||
| 954 | if (s->shutdown & SSL_RECEIVED_SHUTDOWN) { | 954 | if (s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) { |
| 955 | s->rwstate = SSL_NOTHING; | 955 | s->internal->rwstate = SSL_NOTHING; |
| 956 | return (0); | 956 | return (0); |
| 957 | } | 957 | } |
| 958 | return (s->method->ssl_read(s, buf, num)); | 958 | return (s->method->ssl_read(s, buf, num)); |
| @@ -966,7 +966,7 @@ SSL_peek(SSL *s, void *buf, int num) | |||
| 966 | return (-1); | 966 | return (-1); |
| 967 | } | 967 | } |
| 968 | 968 | ||
| 969 | if (s->shutdown & SSL_RECEIVED_SHUTDOWN) { | 969 | if (s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) { |
| 970 | return (0); | 970 | return (0); |
| 971 | } | 971 | } |
| 972 | return (s->method->ssl_peek(s, buf, num)); | 972 | return (s->method->ssl_peek(s, buf, num)); |
| @@ -980,8 +980,8 @@ SSL_write(SSL *s, const void *buf, int num) | |||
| 980 | return (-1); | 980 | return (-1); |
| 981 | } | 981 | } |
| 982 | 982 | ||
| 983 | if (s->shutdown & SSL_SENT_SHUTDOWN) { | 983 | if (s->internal->shutdown & SSL_SENT_SHUTDOWN) { |
| 984 | s->rwstate = SSL_NOTHING; | 984 | s->internal->rwstate = SSL_NOTHING; |
| 985 | SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN); | 985 | SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN); |
| 986 | return (-1); | 986 | return (-1); |
| 987 | } | 987 | } |
| @@ -1012,10 +1012,10 @@ SSL_shutdown(SSL *s) | |||
| 1012 | int | 1012 | int |
| 1013 | SSL_renegotiate(SSL *s) | 1013 | SSL_renegotiate(SSL *s) |
| 1014 | { | 1014 | { |
| 1015 | if (s->renegotiate == 0) | 1015 | if (s->internal->renegotiate == 0) |
| 1016 | s->renegotiate = 1; | 1016 | s->internal->renegotiate = 1; |
| 1017 | 1017 | ||
| 1018 | s->new_session = 1; | 1018 | s->internal->new_session = 1; |
| 1019 | 1019 | ||
| 1020 | return (s->method->ssl_renegotiate(s)); | 1020 | return (s->method->ssl_renegotiate(s)); |
| 1021 | } | 1021 | } |
| @@ -1023,10 +1023,10 @@ SSL_renegotiate(SSL *s) | |||
| 1023 | int | 1023 | int |
| 1024 | SSL_renegotiate_abbreviated(SSL *s) | 1024 | SSL_renegotiate_abbreviated(SSL *s) |
| 1025 | { | 1025 | { |
| 1026 | if (s->renegotiate == 0) | 1026 | if (s->internal->renegotiate == 0) |
| 1027 | s->renegotiate = 1; | 1027 | s->internal->renegotiate = 1; |
| 1028 | 1028 | ||
| 1029 | s->new_session = 0; | 1029 | s->internal->new_session = 0; |
| 1030 | 1030 | ||
| 1031 | return (s->method->ssl_renegotiate(s)); | 1031 | return (s->method->ssl_renegotiate(s)); |
| 1032 | } | 1032 | } |
| @@ -1038,7 +1038,7 @@ SSL_renegotiate_pending(SSL *s) | |||
| 1038 | * Becomes true when negotiation is requested; | 1038 | * Becomes true when negotiation is requested; |
| 1039 | * false again once a handshake has finished. | 1039 | * false again once a handshake has finished. |
| 1040 | */ | 1040 | */ |
| 1041 | return (s->renegotiate != 0); | 1041 | return (s->internal->renegotiate != 0); |
| 1042 | } | 1042 | } |
| 1043 | 1043 | ||
| 1044 | long | 1044 | long |
| @@ -1048,10 +1048,10 @@ SSL_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 1048 | 1048 | ||
| 1049 | switch (cmd) { | 1049 | switch (cmd) { |
| 1050 | case SSL_CTRL_GET_READ_AHEAD: | 1050 | case SSL_CTRL_GET_READ_AHEAD: |
| 1051 | return (s->read_ahead); | 1051 | return (s->internal->read_ahead); |
| 1052 | case SSL_CTRL_SET_READ_AHEAD: | 1052 | case SSL_CTRL_SET_READ_AHEAD: |
| 1053 | l = s->read_ahead; | 1053 | l = s->internal->read_ahead; |
| 1054 | s->read_ahead = larg; | 1054 | s->internal->read_ahead = larg; |
| 1055 | return (l); | 1055 | return (l); |
| 1056 | 1056 | ||
| 1057 | case SSL_CTRL_SET_MSG_CALLBACK_ARG: | 1057 | case SSL_CTRL_SET_MSG_CALLBACK_ARG: |
| @@ -1067,10 +1067,10 @@ SSL_ctrl(SSL *s, int cmd, long larg, void *parg) | |||
| 1067 | case SSL_CTRL_CLEAR_MODE: | 1067 | case SSL_CTRL_CLEAR_MODE: |
| 1068 | return (s->mode &=~larg); | 1068 | return (s->mode &=~larg); |
| 1069 | case SSL_CTRL_GET_MAX_CERT_LIST: | 1069 | case SSL_CTRL_GET_MAX_CERT_LIST: |
| 1070 | return (s->max_cert_list); | 1070 | return (s->internal->max_cert_list); |
| 1071 | case SSL_CTRL_SET_MAX_CERT_LIST: | 1071 | case SSL_CTRL_SET_MAX_CERT_LIST: |
| 1072 | l = s->max_cert_list; | 1072 | l = s->internal->max_cert_list; |
| 1073 | s->max_cert_list = larg; | 1073 | s->internal->max_cert_list = larg; |
| 1074 | return (l); | 1074 | return (l); |
| 1075 | case SSL_CTRL_SET_MTU: | 1075 | case SSL_CTRL_SET_MTU: |
| 1076 | #ifndef OPENSSL_NO_DTLS1 | 1076 | #ifndef OPENSSL_NO_DTLS1 |
| @@ -1261,8 +1261,8 @@ STACK_OF(SSL_CIPHER) * | |||
| 1261 | ssl_get_ciphers_by_id(SSL *s) | 1261 | ssl_get_ciphers_by_id(SSL *s) |
| 1262 | { | 1262 | { |
| 1263 | if (s != NULL) { | 1263 | if (s != NULL) { |
| 1264 | if (s->cipher_list_by_id != NULL) { | 1264 | if (s->internal->cipher_list_by_id != NULL) { |
| 1265 | return (s->cipher_list_by_id); | 1265 | return (s->internal->cipher_list_by_id); |
| 1266 | } else if ((s->ctx != NULL) && | 1266 | } else if ((s->ctx != NULL) && |
| 1267 | (s->ctx->internal->cipher_list_by_id != NULL)) { | 1267 | (s->ctx->internal->cipher_list_by_id != NULL)) { |
| 1268 | return (s->ctx->internal->cipher_list_by_id); | 1268 | return (s->ctx->internal->cipher_list_by_id); |
| @@ -1322,7 +1322,7 @@ SSL_set_cipher_list(SSL *s, const char *str) | |||
| 1322 | STACK_OF(SSL_CIPHER) *sk; | 1322 | STACK_OF(SSL_CIPHER) *sk; |
| 1323 | 1323 | ||
| 1324 | sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list, | 1324 | sk = ssl_create_cipher_list(s->ctx->method, &s->cipher_list, |
| 1325 | &s->cipher_list_by_id, str); | 1325 | &s->internal->cipher_list_by_id, str); |
| 1326 | /* see comment in SSL_CTX_set_cipher_list */ | 1326 | /* see comment in SSL_CTX_set_cipher_list */ |
| 1327 | if (sk == NULL) | 1327 | if (sk == NULL) |
| 1328 | return (0); | 1328 | return (0); |
| @@ -1399,7 +1399,7 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p, | |||
| 1399 | } | 1399 | } |
| 1400 | 1400 | ||
| 1401 | /* Add SCSV if there are other ciphers and we're not renegotiating. */ | 1401 | /* Add SCSV if there are other ciphers and we're not renegotiating. */ |
| 1402 | if (ciphers > 0 && !s->renegotiate) { | 1402 | if (ciphers > 0 && !s->internal->renegotiate) { |
| 1403 | if (!CBB_add_u16(&cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK)) | 1403 | if (!CBB_add_u16(&cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK)) |
| 1404 | goto err; | 1404 | goto err; |
| 1405 | } | 1405 | } |
| @@ -1456,7 +1456,7 @@ ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num) | |||
| 1456 | * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is fatal if | 1456 | * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is fatal if |
| 1457 | * renegotiating. | 1457 | * renegotiating. |
| 1458 | */ | 1458 | */ |
| 1459 | if (s->renegotiate) { | 1459 | if (s->internal->renegotiate) { |
| 1460 | SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, | 1460 | SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, |
| 1461 | SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING); | 1461 | SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING); |
| 1462 | ssl3_send_alert(s, SSL3_AL_FATAL, | 1462 | ssl3_send_alert(s, SSL3_AL_FATAL, |
| @@ -2274,7 +2274,7 @@ ssl_update_cache(SSL *s, int mode) | |||
| 2274 | return; | 2274 | return; |
| 2275 | 2275 | ||
| 2276 | i = s->session_ctx->internal->session_cache_mode; | 2276 | i = s->session_ctx->internal->session_cache_mode; |
| 2277 | if ((i & mode) && (!s->hit) && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE) | 2277 | if ((i & mode) && (!s->internal->hit) && ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE) |
| 2278 | || SSL_CTX_add_session(s->session_ctx, s->session)) | 2278 | || SSL_CTX_add_session(s->session_ctx, s->session)) |
| 2279 | && (s->session_ctx->internal->new_session_cb != NULL)) { | 2279 | && (s->session_ctx->internal->new_session_cb != NULL)) { |
| 2280 | CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION); | 2280 | CRYPTO_add(&s->session->references, 1, CRYPTO_LOCK_SSL_SESSION); |
| @@ -2354,7 +2354,7 @@ SSL_get_error(const SSL *s, int i) | |||
| 2354 | * try to write to the rbio, and an application | 2354 | * try to write to the rbio, and an application |
| 2355 | * program where rbio and wbio are separate couldn't | 2355 | * program where rbio and wbio are separate couldn't |
| 2356 | * even know what it should wait for. However if we | 2356 | * even know what it should wait for. However if we |
| 2357 | * ever set s->rwstate incorrectly (so that we have | 2357 | * ever set s->internal->rwstate incorrectly (so that we have |
| 2358 | * SSL_want_read(s) instead of SSL_want_write(s)) | 2358 | * SSL_want_read(s) instead of SSL_want_write(s)) |
| 2359 | * and rbio and wbio *are* the same, this test works | 2359 | * and rbio and wbio *are* the same, this test works |
| 2360 | * around that bug; so it might be safer to keep it. | 2360 | * around that bug; so it might be safer to keep it. |
| @@ -2396,7 +2396,7 @@ SSL_get_error(const SSL *s, int i) | |||
| 2396 | } | 2396 | } |
| 2397 | 2397 | ||
| 2398 | if (i == 0) { | 2398 | if (i == 0) { |
| 2399 | if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) && | 2399 | if ((s->internal->shutdown & SSL_RECEIVED_SHUTDOWN) && |
| 2400 | (S3I(s)->warn_alert == SSL_AD_CLOSE_NOTIFY)) | 2400 | (S3I(s)->warn_alert == SSL_AD_CLOSE_NOTIFY)) |
| 2401 | return (SSL_ERROR_ZERO_RETURN); | 2401 | return (SSL_ERROR_ZERO_RETURN); |
| 2402 | } | 2402 | } |
| @@ -2429,26 +2429,26 @@ void | |||
| 2429 | SSL_set_accept_state(SSL *s) | 2429 | SSL_set_accept_state(SSL *s) |
| 2430 | { | 2430 | { |
| 2431 | s->server = 1; | 2431 | s->server = 1; |
| 2432 | s->shutdown = 0; | 2432 | s->internal->shutdown = 0; |
| 2433 | s->state = SSL_ST_ACCEPT|SSL_ST_BEFORE; | 2433 | s->state = SSL_ST_ACCEPT|SSL_ST_BEFORE; |
| 2434 | s->internal->handshake_func = s->method->ssl_accept; | 2434 | s->internal->handshake_func = s->method->ssl_accept; |
| 2435 | /* clear the current cipher */ | 2435 | /* clear the current cipher */ |
| 2436 | ssl_clear_cipher_ctx(s); | 2436 | ssl_clear_cipher_ctx(s); |
| 2437 | ssl_clear_hash_ctx(&s->read_hash); | 2437 | ssl_clear_hash_ctx(&s->internal->read_hash); |
| 2438 | ssl_clear_hash_ctx(&s->write_hash); | 2438 | ssl_clear_hash_ctx(&s->internal->write_hash); |
| 2439 | } | 2439 | } |
| 2440 | 2440 | ||
| 2441 | void | 2441 | void |
| 2442 | SSL_set_connect_state(SSL *s) | 2442 | SSL_set_connect_state(SSL *s) |
| 2443 | { | 2443 | { |
| 2444 | s->server = 0; | 2444 | s->server = 0; |
| 2445 | s->shutdown = 0; | 2445 | s->internal->shutdown = 0; |
| 2446 | s->state = SSL_ST_CONNECT|SSL_ST_BEFORE; | 2446 | s->state = SSL_ST_CONNECT|SSL_ST_BEFORE; |
| 2447 | s->internal->handshake_func = s->method->ssl_connect; | 2447 | s->internal->handshake_func = s->method->ssl_connect; |
| 2448 | /* clear the current cipher */ | 2448 | /* clear the current cipher */ |
| 2449 | ssl_clear_cipher_ctx(s); | 2449 | ssl_clear_cipher_ctx(s); |
| 2450 | ssl_clear_hash_ctx(&s->read_hash); | 2450 | ssl_clear_hash_ctx(&s->internal->read_hash); |
| 2451 | ssl_clear_hash_ctx(&s->write_hash); | 2451 | ssl_clear_hash_ctx(&s->internal->write_hash); |
| 2452 | } | 2452 | } |
| 2453 | 2453 | ||
| 2454 | int | 2454 | int |
| @@ -2609,7 +2609,7 @@ SSL_dup(SSL *s) | |||
| 2609 | return (NULL); | 2609 | return (NULL); |
| 2610 | 2610 | ||
| 2611 | ret->version = s->version; | 2611 | ret->version = s->version; |
| 2612 | ret->type = s->type; | 2612 | ret->internal->type = s->internal->type; |
| 2613 | ret->method = s->method; | 2613 | ret->method = s->method; |
| 2614 | 2614 | ||
| 2615 | if (s->session != NULL) { | 2615 | if (s->session != NULL) { |
| @@ -2653,11 +2653,11 @@ SSL_dup(SSL *s) | |||
| 2653 | 2653 | ||
| 2654 | SSL_set_info_callback(ret, SSL_get_info_callback(s)); | 2654 | SSL_set_info_callback(ret, SSL_get_info_callback(s)); |
| 2655 | 2655 | ||
| 2656 | ret->debug = s->debug; | 2656 | ret->internal->debug = s->internal->debug; |
| 2657 | 2657 | ||
| 2658 | /* copy app data, a little dangerous perhaps */ | 2658 | /* copy app data, a little dangerous perhaps */ |
| 2659 | if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, | 2659 | if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, |
| 2660 | &ret->ex_data, &s->ex_data)) | 2660 | &ret->internal->ex_data, &s->internal->ex_data)) |
| 2661 | goto err; | 2661 | goto err; |
| 2662 | 2662 | ||
| 2663 | /* setup rbio, and wbio */ | 2663 | /* setup rbio, and wbio */ |
| @@ -2672,14 +2672,14 @@ SSL_dup(SSL *s) | |||
| 2672 | } else | 2672 | } else |
| 2673 | ret->wbio = ret->rbio; | 2673 | ret->wbio = ret->rbio; |
| 2674 | } | 2674 | } |
| 2675 | ret->rwstate = s->rwstate; | 2675 | ret->internal->rwstate = s->internal->rwstate; |
| 2676 | ret->internal->in_handshake = s->internal->in_handshake; | 2676 | ret->internal->in_handshake = s->internal->in_handshake; |
| 2677 | ret->internal->handshake_func = s->internal->handshake_func; | 2677 | ret->internal->handshake_func = s->internal->handshake_func; |
| 2678 | ret->server = s->server; | 2678 | ret->server = s->server; |
| 2679 | ret->renegotiate = s->renegotiate; | 2679 | ret->internal->renegotiate = s->internal->renegotiate; |
| 2680 | ret->new_session = s->new_session; | 2680 | ret->internal->new_session = s->internal->new_session; |
| 2681 | ret->quiet_shutdown = s->quiet_shutdown; | 2681 | ret->internal->quiet_shutdown = s->internal->quiet_shutdown; |
| 2682 | ret->shutdown = s->shutdown; | 2682 | ret->internal->shutdown = s->internal->shutdown; |
| 2683 | /* SSL_dup does not really work at any state, though */ | 2683 | /* SSL_dup does not really work at any state, though */ |
| 2684 | ret->state=s->state; | 2684 | ret->state=s->state; |
| 2685 | ret->rstate = s->rstate; | 2685 | ret->rstate = s->rstate; |
| @@ -2688,9 +2688,9 @@ SSL_dup(SSL *s) | |||
| 2688 | * Would have to copy ret->init_buf, ret->init_msg, ret->init_num, | 2688 | * Would have to copy ret->init_buf, ret->init_msg, ret->init_num, |
| 2689 | * ret->init_off | 2689 | * ret->init_off |
| 2690 | */ | 2690 | */ |
| 2691 | ret->init_num = 0; | 2691 | ret->internal->init_num = 0; |
| 2692 | 2692 | ||
| 2693 | ret->hit = s->hit; | 2693 | ret->internal->hit = s->internal->hit; |
| 2694 | 2694 | ||
| 2695 | X509_VERIFY_PARAM_inherit(ret->param, s->param); | 2695 | X509_VERIFY_PARAM_inherit(ret->param, s->param); |
| 2696 | 2696 | ||
| @@ -2700,16 +2700,16 @@ SSL_dup(SSL *s) | |||
| 2700 | sk_SSL_CIPHER_dup(s->cipher_list)) == NULL) | 2700 | sk_SSL_CIPHER_dup(s->cipher_list)) == NULL) |
| 2701 | goto err; | 2701 | goto err; |
| 2702 | } | 2702 | } |
| 2703 | if (s->cipher_list_by_id != NULL) { | 2703 | if (s->internal->cipher_list_by_id != NULL) { |
| 2704 | if ((ret->cipher_list_by_id = | 2704 | if ((ret->internal->cipher_list_by_id = |
| 2705 | sk_SSL_CIPHER_dup(s->cipher_list_by_id)) == NULL) | 2705 | sk_SSL_CIPHER_dup(s->internal->cipher_list_by_id)) == NULL) |
| 2706 | goto err; | 2706 | goto err; |
| 2707 | } | 2707 | } |
| 2708 | 2708 | ||
| 2709 | /* Dup the client_CA list */ | 2709 | /* Dup the client_CA list */ |
| 2710 | if (s->client_CA != NULL) { | 2710 | if (s->internal->client_CA != NULL) { |
| 2711 | if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL) goto err; | 2711 | if ((sk = sk_X509_NAME_dup(s->internal->client_CA)) == NULL) goto err; |
| 2712 | ret->client_CA = sk; | 2712 | ret->internal->client_CA = sk; |
| 2713 | for (i = 0; i < sk_X509_NAME_num(sk); i++) { | 2713 | for (i = 0; i < sk_X509_NAME_num(sk); i++) { |
| 2714 | xn = sk_X509_NAME_value(sk, i); | 2714 | xn = sk_X509_NAME_value(sk, i); |
| 2715 | if (sk_X509_NAME_set(sk, i, | 2715 | if (sk_X509_NAME_set(sk, i, |
| @@ -2732,20 +2732,20 @@ err: | |||
| 2732 | void | 2732 | void |
| 2733 | ssl_clear_cipher_ctx(SSL *s) | 2733 | ssl_clear_cipher_ctx(SSL *s) |
| 2734 | { | 2734 | { |
| 2735 | EVP_CIPHER_CTX_free(s->enc_read_ctx); | 2735 | EVP_CIPHER_CTX_free(s->internal->enc_read_ctx); |
| 2736 | s->enc_read_ctx = NULL; | 2736 | s->internal->enc_read_ctx = NULL; |
| 2737 | EVP_CIPHER_CTX_free(s->enc_write_ctx); | 2737 | EVP_CIPHER_CTX_free(s->internal->enc_write_ctx); |
| 2738 | s->enc_write_ctx = NULL; | 2738 | s->internal->enc_write_ctx = NULL; |
| 2739 | 2739 | ||
| 2740 | if (s->aead_read_ctx != NULL) { | 2740 | if (s->internal->aead_read_ctx != NULL) { |
| 2741 | EVP_AEAD_CTX_cleanup(&s->aead_read_ctx->ctx); | 2741 | EVP_AEAD_CTX_cleanup(&s->internal->aead_read_ctx->ctx); |
| 2742 | free(s->aead_read_ctx); | 2742 | free(s->internal->aead_read_ctx); |
| 2743 | s->aead_read_ctx = NULL; | 2743 | s->internal->aead_read_ctx = NULL; |
| 2744 | } | 2744 | } |
| 2745 | if (s->aead_write_ctx != NULL) { | 2745 | if (s->internal->aead_write_ctx != NULL) { |
| 2746 | EVP_AEAD_CTX_cleanup(&s->aead_write_ctx->ctx); | 2746 | EVP_AEAD_CTX_cleanup(&s->internal->aead_write_ctx->ctx); |
| 2747 | free(s->aead_write_ctx); | 2747 | free(s->internal->aead_write_ctx); |
| 2748 | s->aead_write_ctx = NULL; | 2748 | s->internal->aead_write_ctx = NULL; |
| 2749 | } | 2749 | } |
| 2750 | 2750 | ||
| 2751 | } | 2751 | } |
| @@ -2852,25 +2852,25 @@ SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx) | |||
| 2852 | void | 2852 | void |
| 2853 | SSL_set_quiet_shutdown(SSL *s, int mode) | 2853 | SSL_set_quiet_shutdown(SSL *s, int mode) |
| 2854 | { | 2854 | { |
| 2855 | s->quiet_shutdown = mode; | 2855 | s->internal->quiet_shutdown = mode; |
| 2856 | } | 2856 | } |
| 2857 | 2857 | ||
| 2858 | int | 2858 | int |
| 2859 | SSL_get_quiet_shutdown(const SSL *s) | 2859 | SSL_get_quiet_shutdown(const SSL *s) |
| 2860 | { | 2860 | { |
| 2861 | return (s->quiet_shutdown); | 2861 | return (s->internal->quiet_shutdown); |
| 2862 | } | 2862 | } |
| 2863 | 2863 | ||
| 2864 | void | 2864 | void |
| 2865 | SSL_set_shutdown(SSL *s, int mode) | 2865 | SSL_set_shutdown(SSL *s, int mode) |
| 2866 | { | 2866 | { |
| 2867 | s->shutdown = mode; | 2867 | s->internal->shutdown = mode; |
| 2868 | } | 2868 | } |
| 2869 | 2869 | ||
| 2870 | int | 2870 | int |
| 2871 | SSL_get_shutdown(const SSL *s) | 2871 | SSL_get_shutdown(const SSL *s) |
| 2872 | { | 2872 | { |
| 2873 | return (s->shutdown); | 2873 | return (s->internal->shutdown); |
| 2874 | } | 2874 | } |
| 2875 | 2875 | ||
| 2876 | int | 2876 | int |
| @@ -2973,13 +2973,13 @@ SSL_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, | |||
| 2973 | int | 2973 | int |
| 2974 | SSL_set_ex_data(SSL *s, int idx, void *arg) | 2974 | SSL_set_ex_data(SSL *s, int idx, void *arg) |
| 2975 | { | 2975 | { |
| 2976 | return (CRYPTO_set_ex_data(&s->ex_data, idx, arg)); | 2976 | return (CRYPTO_set_ex_data(&s->internal->ex_data, idx, arg)); |
| 2977 | } | 2977 | } |
| 2978 | 2978 | ||
| 2979 | void * | 2979 | void * |
| 2980 | SSL_get_ex_data(const SSL *s, int idx) | 2980 | SSL_get_ex_data(const SSL *s, int idx) |
| 2981 | { | 2981 | { |
| 2982 | return (CRYPTO_get_ex_data(&s->ex_data, idx)); | 2982 | return (CRYPTO_get_ex_data(&s->internal->ex_data, idx)); |
| 2983 | } | 2983 | } |
| 2984 | 2984 | ||
| 2985 | int | 2985 | int |
| @@ -3025,7 +3025,7 @@ SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store) | |||
| 3025 | int | 3025 | int |
| 3026 | SSL_want(const SSL *s) | 3026 | SSL_want(const SSL *s) |
| 3027 | { | 3027 | { |
| 3028 | return (s->rwstate); | 3028 | return (s->internal->rwstate); |
| 3029 | } | 3029 | } |
| 3030 | 3030 | ||
| 3031 | void | 3031 | void |
| @@ -3098,13 +3098,13 @@ ssl_clear_hash_ctx(EVP_MD_CTX **hash) | |||
| 3098 | void | 3098 | void |
| 3099 | SSL_set_debug(SSL *s, int debug) | 3099 | SSL_set_debug(SSL *s, int debug) |
| 3100 | { | 3100 | { |
| 3101 | s->debug = debug; | 3101 | s->internal->debug = debug; |
| 3102 | } | 3102 | } |
| 3103 | 3103 | ||
| 3104 | int | 3104 | int |
| 3105 | SSL_cache_hit(SSL *s) | 3105 | SSL_cache_hit(SSL *s) |
| 3106 | { | 3106 | { |
| 3107 | return (s->hit); | 3107 | return (s->internal->hit); |
| 3108 | } | 3108 | } |
| 3109 | 3109 | ||
| 3110 | 3110 | ||
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 9ea22bac05..d8818e1850 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.157 2017/01/23 05:27:22 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.158 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -620,6 +620,112 @@ typedef struct ssl_internal_st { | |||
| 620 | tls_session_secret_cb_fn tls_session_secret_cb; | 620 | tls_session_secret_cb_fn tls_session_secret_cb; |
| 621 | void *tls_session_secret_cb_arg; | 621 | void *tls_session_secret_cb_arg; |
| 622 | 622 | ||
| 623 | /* XXX non-callback */ | ||
| 624 | |||
| 625 | int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */ | ||
| 626 | |||
| 627 | /* This holds a variable that indicates what we were doing | ||
| 628 | * when a 0 or -1 is returned. This is needed for | ||
| 629 | * non-blocking IO so we know what request needs re-doing when | ||
| 630 | * in SSL_accept or SSL_connect */ | ||
| 631 | int rwstate; | ||
| 632 | |||
| 633 | /* Imagine that here's a boolean member "init" that is | ||
| 634 | * switched as soon as SSL_set_{accept/connect}_state | ||
| 635 | * is called for the first time, so that "state" and | ||
| 636 | * "handshake_func" are properly initialized. But as | ||
| 637 | * handshake_func is == 0 until then, we use this | ||
| 638 | * test instead of an "init" member. | ||
| 639 | */ | ||
| 640 | |||
| 641 | int new_session;/* Generate a new session or reuse an old one. | ||
| 642 | * NB: For servers, the 'new' session may actually be a previously | ||
| 643 | * cached session or even the previous session unless | ||
| 644 | * SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION is set */ | ||
| 645 | int quiet_shutdown;/* don't send shutdown packets */ | ||
| 646 | int shutdown; /* we have shut things down, 0x01 sent, 0x02 | ||
| 647 | * for received */ | ||
| 648 | BUF_MEM *init_buf; /* buffer used during init */ | ||
| 649 | void *init_msg; /* pointer to handshake message body, set by ssl3_get_message() */ | ||
| 650 | int init_num; /* amount read/written */ | ||
| 651 | int init_off; /* amount read/written */ | ||
| 652 | |||
| 653 | /* used internally to point at a raw packet */ | ||
| 654 | unsigned char *packet; | ||
| 655 | unsigned int packet_length; | ||
| 656 | |||
| 657 | int read_ahead; /* Read as many input bytes as possible | ||
| 658 | * (for non-blocking reads) */ | ||
| 659 | |||
| 660 | int hit; /* reusing a previous session */ | ||
| 661 | |||
| 662 | /* crypto */ | ||
| 663 | STACK_OF(SSL_CIPHER) *cipher_list_by_id; | ||
| 664 | |||
| 665 | /* These are the ones being used, the ones in SSL_SESSION are | ||
| 666 | * the ones to be 'copied' into these ones */ | ||
| 667 | int mac_flags; | ||
| 668 | |||
| 669 | SSL_AEAD_CTX *aead_read_ctx; /* AEAD context. If non-NULL, then | ||
| 670 | enc_read_ctx and read_hash are | ||
| 671 | ignored. */ | ||
| 672 | |||
| 673 | EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */ | ||
| 674 | EVP_MD_CTX *read_hash; /* used for mac generation */ | ||
| 675 | |||
| 676 | SSL_AEAD_CTX *aead_write_ctx; /* AEAD context. If non-NULL, then | ||
| 677 | enc_write_ctx and write_hash are | ||
| 678 | ignored. */ | ||
| 679 | |||
| 680 | EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */ | ||
| 681 | EVP_MD_CTX *write_hash; /* used for mac generation */ | ||
| 682 | |||
| 683 | /* session info */ | ||
| 684 | |||
| 685 | /* extra application data */ | ||
| 686 | CRYPTO_EX_DATA ex_data; | ||
| 687 | |||
| 688 | /* client cert? */ | ||
| 689 | /* for server side, keep the list of CA_dn we can use */ | ||
| 690 | STACK_OF(X509_NAME) *client_CA; | ||
| 691 | |||
| 692 | /* set this flag to 1 and a sleep(1) is put into all SSL_read() | ||
| 693 | * and SSL_write() calls, good for nbio debuging :-) */ | ||
| 694 | int debug; | ||
| 695 | long max_cert_list; | ||
| 696 | int first_packet; | ||
| 697 | |||
| 698 | int servername_done; /* no further mod of servername | ||
| 699 | 0 : call the servername extension callback. | ||
| 700 | 1 : prepare 2, allow last ack just after in server callback. | ||
| 701 | 2 : don't call servername callback, no ack in server hello | ||
| 702 | */ | ||
| 703 | |||
| 704 | /* Expect OCSP CertificateStatus message */ | ||
| 705 | int tlsext_status_expected; | ||
| 706 | /* OCSP status request only */ | ||
| 707 | STACK_OF(OCSP_RESPID) *tlsext_ocsp_ids; | ||
| 708 | X509_EXTENSIONS *tlsext_ocsp_exts; | ||
| 709 | /* OCSP response received or to be sent */ | ||
| 710 | unsigned char *tlsext_ocsp_resp; | ||
| 711 | int tlsext_ocsp_resplen; | ||
| 712 | |||
| 713 | /* RFC4507 session ticket expected to be received or sent */ | ||
| 714 | int tlsext_ticket_expected; | ||
| 715 | size_t tlsext_ecpointformatlist_length; | ||
| 716 | uint8_t *tlsext_ecpointformatlist; /* our list */ | ||
| 717 | size_t tlsext_ellipticcurvelist_length; | ||
| 718 | uint16_t *tlsext_ellipticcurvelist; /* our list */ | ||
| 719 | |||
| 720 | /* TLS Session Ticket extension override */ | ||
| 721 | TLS_SESSION_TICKET_EXT *tlsext_session_ticket; | ||
| 722 | |||
| 723 | STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* What we'll do */ | ||
| 724 | SRTP_PROTECTION_PROFILE *srtp_profile; /* What's been chosen */ | ||
| 725 | |||
| 726 | int renegotiate;/* 1 if we are renegotiating. | ||
| 727 | * 2 if we are a server and are inside a handshake | ||
| 728 | * (i.e. not just sending a HelloRequest) */ | ||
| 623 | } SSL_INTERNAL; | 729 | } SSL_INTERNAL; |
| 624 | 730 | ||
| 625 | typedef struct ssl3_state_internal_st { | 731 | typedef struct ssl3_state_internal_st { |
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index 4a7650fd9d..52a04d3094 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_sess.c,v 1.61 2017/01/23 05:27:22 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_sess.c,v 1.62 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -319,7 +319,7 @@ ssl_get_new_session(SSL *s, int session) | |||
| 319 | } | 319 | } |
| 320 | 320 | ||
| 321 | /* If RFC4507 ticket use empty session ID. */ | 321 | /* If RFC4507 ticket use empty session ID. */ |
| 322 | if (s->tlsext_ticket_expected) { | 322 | if (s->internal->tlsext_ticket_expected) { |
| 323 | ss->session_id_length = 0; | 323 | ss->session_id_length = 0; |
| 324 | goto sess_id_done; | 324 | goto sess_id_done; |
| 325 | } | 325 | } |
| @@ -411,7 +411,7 @@ sess_id_done: | |||
| 411 | * - If a session is found then s->session is pointed at it (after freeing | 411 | * - If a session is found then s->session is pointed at it (after freeing |
| 412 | * an existing session if need be) and s->verify_result is set from the | 412 | * an existing session if need be) and s->verify_result is set from the |
| 413 | * session. | 413 | * session. |
| 414 | * - Both for new and resumed sessions, s->tlsext_ticket_expected is set | 414 | * - Both for new and resumed sessions, s->internal->tlsext_ticket_expected is set |
| 415 | * to 1 if the server should issue a new session ticket (to 0 otherwise). | 415 | * to 1 if the server should issue a new session ticket (to 0 otherwise). |
| 416 | */ | 416 | */ |
| 417 | int | 417 | int |
| @@ -431,7 +431,7 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, | |||
| 431 | if (len == 0) | 431 | if (len == 0) |
| 432 | try_session_cache = 0; | 432 | try_session_cache = 0; |
| 433 | 433 | ||
| 434 | /* Sets s->tlsext_ticket_expected. */ | 434 | /* Sets s->internal->tlsext_ticket_expected. */ |
| 435 | r = tls1_process_ticket(s, session_id, len, limit, &ret); | 435 | r = tls1_process_ticket(s, session_id, len, limit, &ret); |
| 436 | switch (r) { | 436 | switch (r) { |
| 437 | case -1: /* Error during processing */ | 437 | case -1: /* Error during processing */ |
| @@ -566,7 +566,7 @@ err: | |||
| 566 | * The session was from a ticket, so we should | 566 | * The session was from a ticket, so we should |
| 567 | * issue a ticket for the new session. | 567 | * issue a ticket for the new session. |
| 568 | */ | 568 | */ |
| 569 | s->tlsext_ticket_expected = 1; | 569 | s->internal->tlsext_ticket_expected = 1; |
| 570 | } | 570 | } |
| 571 | } | 571 | } |
| 572 | if (fatal) | 572 | if (fatal) |
| @@ -869,24 +869,24 @@ int | |||
| 869 | SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len) | 869 | SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len) |
| 870 | { | 870 | { |
| 871 | if (s->version >= TLS1_VERSION) { | 871 | if (s->version >= TLS1_VERSION) { |
| 872 | free(s->tlsext_session_ticket); | 872 | free(s->internal->tlsext_session_ticket); |
| 873 | s->tlsext_session_ticket = | 873 | s->internal->tlsext_session_ticket = |
| 874 | malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len); | 874 | malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len); |
| 875 | if (!s->tlsext_session_ticket) { | 875 | if (!s->internal->tlsext_session_ticket) { |
| 876 | SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, | 876 | SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT, |
| 877 | ERR_R_MALLOC_FAILURE); | 877 | ERR_R_MALLOC_FAILURE); |
| 878 | return 0; | 878 | return 0; |
| 879 | } | 879 | } |
| 880 | 880 | ||
| 881 | if (ext_data) { | 881 | if (ext_data) { |
| 882 | s->tlsext_session_ticket->length = ext_len; | 882 | s->internal->tlsext_session_ticket->length = ext_len; |
| 883 | s->tlsext_session_ticket->data = | 883 | s->internal->tlsext_session_ticket->data = |
| 884 | s->tlsext_session_ticket + 1; | 884 | s->internal->tlsext_session_ticket + 1; |
| 885 | memcpy(s->tlsext_session_ticket->data, | 885 | memcpy(s->internal->tlsext_session_ticket->data, |
| 886 | ext_data, ext_len); | 886 | ext_data, ext_len); |
| 887 | } else { | 887 | } else { |
| 888 | s->tlsext_session_ticket->length = 0; | 888 | s->internal->tlsext_session_ticket->length = 0; |
| 889 | s->tlsext_session_ticket->data = NULL; | 889 | s->internal->tlsext_session_ticket->data = NULL; |
| 890 | } | 890 | } |
| 891 | 891 | ||
| 892 | return 1; | 892 | return 1; |
| @@ -950,7 +950,7 @@ SSL_CTX_flush_sessions(SSL_CTX *s, long t) | |||
| 950 | int | 950 | int |
| 951 | ssl_clear_bad_session(SSL *s) | 951 | ssl_clear_bad_session(SSL *s) |
| 952 | { | 952 | { |
| 953 | if ((s->session != NULL) && !(s->shutdown & SSL_SENT_SHUTDOWN) && | 953 | if ((s->session != NULL) && !(s->internal->shutdown & SSL_SENT_SHUTDOWN) && |
| 954 | !(SSL_in_init(s) || SSL_in_before(s))) { | 954 | !(SSL_in_init(s) || SSL_in_before(s))) { |
| 955 | SSL_CTX_remove_session(s->ctx, s->session); | 955 | SSL_CTX_remove_session(s->ctx, s->session); |
| 956 | return (1); | 956 | return (1); |
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index a8998b4dec..4b337a4706 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_enc.c,v 1.89 2017/01/22 09:02:07 jsing Exp $ */ | 1 | /* $OpenBSD: t1_enc.c,v 1.90 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -461,13 +461,13 @@ tls1_change_cipher_state_aead(SSL *s, char is_read, const unsigned char *key, | |||
| 461 | SSL_AEAD_CTX *aead_ctx; | 461 | SSL_AEAD_CTX *aead_ctx; |
| 462 | 462 | ||
| 463 | if (is_read) { | 463 | if (is_read) { |
| 464 | if (!tls1_aead_ctx_init(&s->aead_read_ctx)) | 464 | if (!tls1_aead_ctx_init(&s->internal->aead_read_ctx)) |
| 465 | return 0; | 465 | return 0; |
| 466 | aead_ctx = s->aead_read_ctx; | 466 | aead_ctx = s->internal->aead_read_ctx; |
| 467 | } else { | 467 | } else { |
| 468 | if (!tls1_aead_ctx_init(&s->aead_write_ctx)) | 468 | if (!tls1_aead_ctx_init(&s->internal->aead_write_ctx)) |
| 469 | return 0; | 469 | return 0; |
| 470 | aead_ctx = s->aead_write_ctx; | 470 | aead_ctx = s->internal->aead_write_ctx; |
| 471 | } | 471 | } |
| 472 | 472 | ||
| 473 | if (!EVP_AEAD_CTX_init(&aead_ctx->ctx, aead, key, key_len, | 473 | if (!EVP_AEAD_CTX_init(&aead_ctx->ctx, aead, key, key_len, |
| @@ -532,26 +532,26 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys, | |||
| 532 | 532 | ||
| 533 | if (is_read) { | 533 | if (is_read) { |
| 534 | if (S3I(s)->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC) | 534 | if (S3I(s)->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC) |
| 535 | s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM; | 535 | s->internal->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM; |
| 536 | else | 536 | else |
| 537 | s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM; | 537 | s->internal->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM; |
| 538 | 538 | ||
| 539 | EVP_CIPHER_CTX_free(s->enc_read_ctx); | 539 | EVP_CIPHER_CTX_free(s->internal->enc_read_ctx); |
| 540 | s->enc_read_ctx = NULL; | 540 | s->internal->enc_read_ctx = NULL; |
| 541 | EVP_MD_CTX_destroy(s->read_hash); | 541 | EVP_MD_CTX_destroy(s->internal->read_hash); |
| 542 | s->read_hash = NULL; | 542 | s->internal->read_hash = NULL; |
| 543 | 543 | ||
| 544 | if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL) | 544 | if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL) |
| 545 | goto err; | 545 | goto err; |
| 546 | s->enc_read_ctx = cipher_ctx; | 546 | s->internal->enc_read_ctx = cipher_ctx; |
| 547 | if ((mac_ctx = EVP_MD_CTX_create()) == NULL) | 547 | if ((mac_ctx = EVP_MD_CTX_create()) == NULL) |
| 548 | goto err; | 548 | goto err; |
| 549 | s->read_hash = mac_ctx; | 549 | s->internal->read_hash = mac_ctx; |
| 550 | } else { | 550 | } else { |
| 551 | if (S3I(s)->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC) | 551 | if (S3I(s)->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC) |
| 552 | s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM; | 552 | s->internal->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM; |
| 553 | else | 553 | else |
| 554 | s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM; | 554 | s->internal->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM; |
| 555 | 555 | ||
| 556 | /* | 556 | /* |
| 557 | * DTLS fragments retain a pointer to the compression, cipher | 557 | * DTLS fragments retain a pointer to the compression, cipher |
| @@ -561,17 +561,17 @@ tls1_change_cipher_state_cipher(SSL *s, char is_read, char use_client_keys, | |||
| 561 | * by DTLS when its frees a ChangeCipherSpec fragment. | 561 | * by DTLS when its frees a ChangeCipherSpec fragment. |
| 562 | */ | 562 | */ |
| 563 | if (!SSL_IS_DTLS(s)) { | 563 | if (!SSL_IS_DTLS(s)) { |
| 564 | EVP_CIPHER_CTX_free(s->enc_write_ctx); | 564 | EVP_CIPHER_CTX_free(s->internal->enc_write_ctx); |
| 565 | s->enc_write_ctx = NULL; | 565 | s->internal->enc_write_ctx = NULL; |
| 566 | EVP_MD_CTX_destroy(s->write_hash); | 566 | EVP_MD_CTX_destroy(s->internal->write_hash); |
| 567 | s->write_hash = NULL; | 567 | s->internal->write_hash = NULL; |
| 568 | } | 568 | } |
| 569 | if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL) | 569 | if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL) |
| 570 | goto err; | 570 | goto err; |
| 571 | s->enc_write_ctx = cipher_ctx; | 571 | s->internal->enc_write_ctx = cipher_ctx; |
| 572 | if ((mac_ctx = EVP_MD_CTX_create()) == NULL) | 572 | if ((mac_ctx = EVP_MD_CTX_create()) == NULL) |
| 573 | goto err; | 573 | goto err; |
| 574 | s->write_hash = mac_ctx; | 574 | s->internal->write_hash = mac_ctx; |
| 575 | } | 575 | } |
| 576 | 576 | ||
| 577 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) { | 577 | if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE) { |
| @@ -833,11 +833,11 @@ tls1_enc(SSL *s, int send) | |||
| 833 | int bs, i, j, k, pad = 0, ret, mac_size = 0; | 833 | int bs, i, j, k, pad = 0, ret, mac_size = 0; |
| 834 | 834 | ||
| 835 | if (send) { | 835 | if (send) { |
| 836 | aead = s->aead_write_ctx; | 836 | aead = s->internal->aead_write_ctx; |
| 837 | rec = &S3I(s)->wrec; | 837 | rec = &S3I(s)->wrec; |
| 838 | seq = S3I(s)->write_sequence; | 838 | seq = S3I(s)->write_sequence; |
| 839 | } else { | 839 | } else { |
| 840 | aead = s->aead_read_ctx; | 840 | aead = s->internal->aead_read_ctx; |
| 841 | rec = &S3I(s)->rrec; | 841 | rec = &S3I(s)->rrec; |
| 842 | seq = S3I(s)->read_sequence; | 842 | seq = S3I(s)->read_sequence; |
| 843 | } | 843 | } |
| @@ -988,16 +988,16 @@ tls1_enc(SSL *s, int send) | |||
| 988 | } | 988 | } |
| 989 | 989 | ||
| 990 | if (send) { | 990 | if (send) { |
| 991 | if (EVP_MD_CTX_md(s->write_hash)) { | 991 | if (EVP_MD_CTX_md(s->internal->write_hash)) { |
| 992 | int n = EVP_MD_CTX_size(s->write_hash); | 992 | int n = EVP_MD_CTX_size(s->internal->write_hash); |
| 993 | OPENSSL_assert(n >= 0); | 993 | OPENSSL_assert(n >= 0); |
| 994 | } | 994 | } |
| 995 | ds = s->enc_write_ctx; | 995 | ds = s->internal->enc_write_ctx; |
| 996 | if (s->enc_write_ctx == NULL) | 996 | if (s->internal->enc_write_ctx == NULL) |
| 997 | enc = NULL; | 997 | enc = NULL; |
| 998 | else { | 998 | else { |
| 999 | int ivlen = 0; | 999 | int ivlen = 0; |
| 1000 | enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx); | 1000 | enc = EVP_CIPHER_CTX_cipher(s->internal->enc_write_ctx); |
| 1001 | if (SSL_USE_EXPLICIT_IV(s) && | 1001 | if (SSL_USE_EXPLICIT_IV(s) && |
| 1002 | EVP_CIPHER_mode(enc) == EVP_CIPH_CBC_MODE) | 1002 | EVP_CIPHER_mode(enc) == EVP_CIPH_CBC_MODE) |
| 1003 | ivlen = EVP_CIPHER_iv_length(enc); | 1003 | ivlen = EVP_CIPHER_iv_length(enc); |
| @@ -1016,15 +1016,15 @@ tls1_enc(SSL *s, int send) | |||
| 1016 | } | 1016 | } |
| 1017 | } | 1017 | } |
| 1018 | } else { | 1018 | } else { |
| 1019 | if (EVP_MD_CTX_md(s->read_hash)) { | 1019 | if (EVP_MD_CTX_md(s->internal->read_hash)) { |
| 1020 | int n = EVP_MD_CTX_size(s->read_hash); | 1020 | int n = EVP_MD_CTX_size(s->internal->read_hash); |
| 1021 | OPENSSL_assert(n >= 0); | 1021 | OPENSSL_assert(n >= 0); |
| 1022 | } | 1022 | } |
| 1023 | ds = s->enc_read_ctx; | 1023 | ds = s->internal->enc_read_ctx; |
| 1024 | if (s->enc_read_ctx == NULL) | 1024 | if (s->internal->enc_read_ctx == NULL) |
| 1025 | enc = NULL; | 1025 | enc = NULL; |
| 1026 | else | 1026 | else |
| 1027 | enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx); | 1027 | enc = EVP_CIPHER_CTX_cipher(s->internal->enc_read_ctx); |
| 1028 | } | 1028 | } |
| 1029 | 1029 | ||
| 1030 | if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) { | 1030 | if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) { |
| @@ -1085,8 +1085,8 @@ tls1_enc(SSL *s, int send) | |||
| 1085 | } | 1085 | } |
| 1086 | 1086 | ||
| 1087 | ret = 1; | 1087 | ret = 1; |
| 1088 | if (EVP_MD_CTX_md(s->read_hash) != NULL) | 1088 | if (EVP_MD_CTX_md(s->internal->read_hash) != NULL) |
| 1089 | mac_size = EVP_MD_CTX_size(s->read_hash); | 1089 | mac_size = EVP_MD_CTX_size(s->internal->read_hash); |
| 1090 | if ((bs != 1) && !send) | 1090 | if ((bs != 1) && !send) |
| 1091 | ret = tls1_cbc_remove_padding(s, rec, bs, mac_size); | 1091 | ret = tls1_cbc_remove_padding(s, rec, bs, mac_size); |
| 1092 | if (pad && !send) | 1092 | if (pad && !send) |
| @@ -1188,18 +1188,18 @@ tls1_mac(SSL *ssl, unsigned char *md, int send) | |||
| 1188 | EVP_MD_CTX hmac, *mac_ctx; | 1188 | EVP_MD_CTX hmac, *mac_ctx; |
| 1189 | unsigned char header[13]; | 1189 | unsigned char header[13]; |
| 1190 | int stream_mac = (send ? | 1190 | int stream_mac = (send ? |
| 1191 | (ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM) : | 1191 | (ssl->internal->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM) : |
| 1192 | (ssl->mac_flags & SSL_MAC_FLAG_READ_MAC_STREAM)); | 1192 | (ssl->internal->mac_flags & SSL_MAC_FLAG_READ_MAC_STREAM)); |
| 1193 | int t; | 1193 | int t; |
| 1194 | 1194 | ||
| 1195 | if (send) { | 1195 | if (send) { |
| 1196 | rec = &(ssl->s3->internal->wrec); | 1196 | rec = &(ssl->s3->internal->wrec); |
| 1197 | seq = &(ssl->s3->internal->write_sequence[0]); | 1197 | seq = &(ssl->s3->internal->write_sequence[0]); |
| 1198 | hash = ssl->write_hash; | 1198 | hash = ssl->internal->write_hash; |
| 1199 | } else { | 1199 | } else { |
| 1200 | rec = &(ssl->s3->internal->rrec); | 1200 | rec = &(ssl->s3->internal->rrec); |
| 1201 | seq = &(ssl->s3->internal->read_sequence[0]); | 1201 | seq = &(ssl->s3->internal->read_sequence[0]); |
| 1202 | hash = ssl->read_hash; | 1202 | hash = ssl->internal->read_hash; |
| 1203 | } | 1203 | } |
| 1204 | 1204 | ||
| 1205 | t = EVP_MD_CTX_size(hash); | 1205 | t = EVP_MD_CTX_size(hash); |
| @@ -1232,7 +1232,7 @@ tls1_mac(SSL *ssl, unsigned char *md, int send) | |||
| 1232 | header[12] = (rec->length) & 0xff; | 1232 | header[12] = (rec->length) & 0xff; |
| 1233 | 1233 | ||
| 1234 | if (!send && | 1234 | if (!send && |
| 1235 | EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE && | 1235 | EVP_CIPHER_CTX_mode(ssl->internal->enc_read_ctx) == EVP_CIPH_CBC_MODE && |
| 1236 | ssl3_cbc_record_digest_supported(mac_ctx)) { | 1236 | ssl3_cbc_record_digest_supported(mac_ctx)) { |
| 1237 | /* This is a CBC-encrypted record. We must avoid leaking any | 1237 | /* This is a CBC-encrypted record. We must avoid leaking any |
| 1238 | * timing-side channel information about how many blocks of | 1238 | * timing-side channel information about how many blocks of |
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 0dbd83fecf..f0a9ed5dc1 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.102 2017/01/23 05:13:02 jsing Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.103 2017/01/23 06:45:30 beck Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -201,7 +201,7 @@ tls1_free(SSL *s) | |||
| 201 | if (s == NULL) | 201 | if (s == NULL) |
| 202 | return; | 202 | return; |
| 203 | 203 | ||
| 204 | free(s->tlsext_session_ticket); | 204 | free(s->internal->tlsext_session_ticket); |
| 205 | ssl3_free(s); | 205 | ssl3_free(s); |
| 206 | } | 206 | } |
| 207 | 207 | ||
| @@ -376,8 +376,8 @@ tls1_get_formatlist(SSL *s, int client_formats, const uint8_t **pformats, | |||
| 376 | return; | 376 | return; |
| 377 | } | 377 | } |
| 378 | 378 | ||
| 379 | *pformats = s->tlsext_ecpointformatlist; | 379 | *pformats = s->internal->tlsext_ecpointformatlist; |
| 380 | *pformatslen = s->tlsext_ecpointformatlist_length; | 380 | *pformatslen = s->internal->tlsext_ecpointformatlist_length; |
| 381 | if (*pformats == NULL) { | 381 | if (*pformats == NULL) { |
| 382 | *pformats = ecformats_default; | 382 | *pformats = ecformats_default; |
| 383 | *pformatslen = sizeof(ecformats_default); | 383 | *pformatslen = sizeof(ecformats_default); |
| @@ -399,8 +399,8 @@ tls1_get_curvelist(SSL *s, int client_curves, const uint16_t **pcurves, | |||
| 399 | return; | 399 | return; |
| 400 | } | 400 | } |
| 401 | 401 | ||
| 402 | *pcurves = s->tlsext_ellipticcurvelist; | 402 | *pcurves = s->internal->tlsext_ellipticcurvelist; |
| 403 | *pcurveslen = s->tlsext_ellipticcurvelist_length; | 403 | *pcurveslen = s->internal->tlsext_ellipticcurvelist_length; |
| 404 | if (*pcurves == NULL) { | 404 | if (*pcurves == NULL) { |
| 405 | *pcurves = eccurves_default; | 405 | *pcurves = eccurves_default; |
| 406 | *pcurveslen = sizeof(eccurves_default) / 2; | 406 | *pcurveslen = sizeof(eccurves_default) / 2; |
| @@ -690,7 +690,7 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 690 | } | 690 | } |
| 691 | 691 | ||
| 692 | /* Add RI if renegotiating */ | 692 | /* Add RI if renegotiating */ |
| 693 | if (s->renegotiate) { | 693 | if (s->internal->renegotiate) { |
| 694 | int el; | 694 | int el; |
| 695 | 695 | ||
| 696 | if (!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0)) { | 696 | if (!ssl_add_clienthello_renegotiate_ext(s, 0, &el, 0)) { |
| @@ -775,21 +775,21 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 775 | 775 | ||
| 776 | if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) { | 776 | if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) { |
| 777 | int ticklen; | 777 | int ticklen; |
| 778 | if (!s->new_session && s->session && s->session->tlsext_tick) | 778 | if (!s->internal->new_session && s->session && s->session->tlsext_tick) |
| 779 | ticklen = s->session->tlsext_ticklen; | 779 | ticklen = s->session->tlsext_ticklen; |
| 780 | else if (s->session && s->tlsext_session_ticket && | 780 | else if (s->session && s->internal->tlsext_session_ticket && |
| 781 | s->tlsext_session_ticket->data) { | 781 | s->internal->tlsext_session_ticket->data) { |
| 782 | ticklen = s->tlsext_session_ticket->length; | 782 | ticklen = s->internal->tlsext_session_ticket->length; |
| 783 | s->session->tlsext_tick = malloc(ticklen); | 783 | s->session->tlsext_tick = malloc(ticklen); |
| 784 | if (!s->session->tlsext_tick) | 784 | if (!s->session->tlsext_tick) |
| 785 | return NULL; | 785 | return NULL; |
| 786 | memcpy(s->session->tlsext_tick, | 786 | memcpy(s->session->tlsext_tick, |
| 787 | s->tlsext_session_ticket->data, ticklen); | 787 | s->internal->tlsext_session_ticket->data, ticklen); |
| 788 | s->session->tlsext_ticklen = ticklen; | 788 | s->session->tlsext_ticklen = ticklen; |
| 789 | } else | 789 | } else |
| 790 | ticklen = 0; | 790 | ticklen = 0; |
| 791 | if (ticklen == 0 && s->tlsext_session_ticket && | 791 | if (ticklen == 0 && s->internal->tlsext_session_ticket && |
| 792 | s->tlsext_session_ticket->data == NULL) | 792 | s->internal->tlsext_session_ticket->data == NULL) |
| 793 | goto skip_ext; | 793 | goto skip_ext; |
| 794 | /* Check for enough room 2 for extension type, 2 for len | 794 | /* Check for enough room 2 for extension type, 2 for len |
| 795 | * rest for ticket | 795 | * rest for ticket |
| @@ -824,16 +824,16 @@ skip_ext: | |||
| 824 | OCSP_RESPID *id; | 824 | OCSP_RESPID *id; |
| 825 | 825 | ||
| 826 | idlen = 0; | 826 | idlen = 0; |
| 827 | for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) { | 827 | for (i = 0; i < sk_OCSP_RESPID_num(s->internal->tlsext_ocsp_ids); i++) { |
| 828 | id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i); | 828 | id = sk_OCSP_RESPID_value(s->internal->tlsext_ocsp_ids, i); |
| 829 | itmp = i2d_OCSP_RESPID(id, NULL); | 829 | itmp = i2d_OCSP_RESPID(id, NULL); |
| 830 | if (itmp <= 0) | 830 | if (itmp <= 0) |
| 831 | return NULL; | 831 | return NULL; |
| 832 | idlen += itmp + 2; | 832 | idlen += itmp + 2; |
| 833 | } | 833 | } |
| 834 | 834 | ||
| 835 | if (s->tlsext_ocsp_exts) { | 835 | if (s->internal->tlsext_ocsp_exts) { |
| 836 | extlen = i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, NULL); | 836 | extlen = i2d_X509_EXTENSIONS(s->internal->tlsext_ocsp_exts, NULL); |
| 837 | if (extlen < 0) | 837 | if (extlen < 0) |
| 838 | return NULL; | 838 | return NULL; |
| 839 | } else | 839 | } else |
| @@ -847,10 +847,10 @@ skip_ext: | |||
| 847 | s2n(extlen + idlen + 5, ret); | 847 | s2n(extlen + idlen + 5, ret); |
| 848 | *(ret++) = TLSEXT_STATUSTYPE_ocsp; | 848 | *(ret++) = TLSEXT_STATUSTYPE_ocsp; |
| 849 | s2n(idlen, ret); | 849 | s2n(idlen, ret); |
| 850 | for (i = 0; i < sk_OCSP_RESPID_num(s->tlsext_ocsp_ids); i++) { | 850 | for (i = 0; i < sk_OCSP_RESPID_num(s->internal->tlsext_ocsp_ids); i++) { |
| 851 | /* save position of id len */ | 851 | /* save position of id len */ |
| 852 | unsigned char *q = ret; | 852 | unsigned char *q = ret; |
| 853 | id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i); | 853 | id = sk_OCSP_RESPID_value(s->internal->tlsext_ocsp_ids, i); |
| 854 | /* skip over id len */ | 854 | /* skip over id len */ |
| 855 | ret += 2; | 855 | ret += 2; |
| 856 | itmp = i2d_OCSP_RESPID(id, &ret); | 856 | itmp = i2d_OCSP_RESPID(id, &ret); |
| @@ -859,7 +859,7 @@ skip_ext: | |||
| 859 | } | 859 | } |
| 860 | s2n(extlen, ret); | 860 | s2n(extlen, ret); |
| 861 | if (extlen > 0) | 861 | if (extlen > 0) |
| 862 | i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &ret); | 862 | i2d_X509_EXTENSIONS(s->internal->tlsext_ocsp_exts, &ret); |
| 863 | } | 863 | } |
| 864 | 864 | ||
| 865 | if (s->ctx->internal->next_proto_select_cb && | 865 | if (s->ctx->internal->next_proto_select_cb && |
| @@ -917,7 +917,7 @@ skip_ext: | |||
| 917 | * extensions it MUST always appear last. | 917 | * extensions it MUST always appear last. |
| 918 | */ | 918 | */ |
| 919 | if (s->options & SSL_OP_TLSEXT_PADDING) { | 919 | if (s->options & SSL_OP_TLSEXT_PADDING) { |
| 920 | int hlen = ret - (unsigned char *)s->init_buf->data; | 920 | int hlen = ret - (unsigned char *)s->internal->init_buf->data; |
| 921 | 921 | ||
| 922 | /* | 922 | /* |
| 923 | * The code in s23_clnt.c to build ClientHello messages | 923 | * The code in s23_clnt.c to build ClientHello messages |
| @@ -964,7 +964,7 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 964 | if (ret >= limit) | 964 | if (ret >= limit) |
| 965 | return NULL; /* this really never occurs, but ... */ | 965 | return NULL; /* this really never occurs, but ... */ |
| 966 | 966 | ||
| 967 | if (!s->hit && s->servername_done == 1 && | 967 | if (!s->internal->hit && s->internal->servername_done == 1 && |
| 968 | s->session->tlsext_hostname != NULL) { | 968 | s->session->tlsext_hostname != NULL) { |
| 969 | if ((size_t)(limit - ret) < 4) | 969 | if ((size_t)(limit - ret) < 4) |
| 970 | return NULL; | 970 | return NULL; |
| @@ -1030,7 +1030,7 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 1030 | * extension. | 1030 | * extension. |
| 1031 | */ | 1031 | */ |
| 1032 | 1032 | ||
| 1033 | if (s->tlsext_ticket_expected && | 1033 | if (s->internal->tlsext_ticket_expected && |
| 1034 | !(SSL_get_options(s) & SSL_OP_NO_TICKET)) { | 1034 | !(SSL_get_options(s) & SSL_OP_NO_TICKET)) { |
| 1035 | if ((size_t)(limit - ret) < 4) | 1035 | if ((size_t)(limit - ret) < 4) |
| 1036 | return NULL; | 1036 | return NULL; |
| @@ -1039,7 +1039,7 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 1039 | s2n(0, ret); | 1039 | s2n(0, ret); |
| 1040 | } | 1040 | } |
| 1041 | 1041 | ||
| 1042 | if (s->tlsext_status_expected) { | 1042 | if (s->internal->tlsext_status_expected) { |
| 1043 | if ((size_t)(limit - ret) < 4) | 1043 | if ((size_t)(limit - ret) < 4) |
| 1044 | return NULL; | 1044 | return NULL; |
| 1045 | 1045 | ||
| @@ -1048,7 +1048,7 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 1048 | } | 1048 | } |
| 1049 | 1049 | ||
| 1050 | #ifndef OPENSSL_NO_SRTP | 1050 | #ifndef OPENSSL_NO_SRTP |
| 1051 | if (SSL_IS_DTLS(s) && s->srtp_profile) { | 1051 | if (SSL_IS_DTLS(s) && s->internal->srtp_profile) { |
| 1052 | int el; | 1052 | int el; |
| 1053 | 1053 | ||
| 1054 | ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0); | 1054 | ssl_add_serverhello_use_srtp_ext(s, 0, &el, 0); |
| @@ -1203,12 +1203,12 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1203 | int renegotiate_seen = 0; | 1203 | int renegotiate_seen = 0; |
| 1204 | int sigalg_seen = 0; | 1204 | int sigalg_seen = 0; |
| 1205 | 1205 | ||
| 1206 | s->servername_done = 0; | 1206 | s->internal->servername_done = 0; |
| 1207 | s->tlsext_status_type = -1; | 1207 | s->tlsext_status_type = -1; |
| 1208 | S3I(s)->next_proto_neg_seen = 0; | 1208 | S3I(s)->next_proto_neg_seen = 0; |
| 1209 | free(S3I(s)->alpn_selected); | 1209 | free(S3I(s)->alpn_selected); |
| 1210 | S3I(s)->alpn_selected = NULL; | 1210 | S3I(s)->alpn_selected = NULL; |
| 1211 | s->srtp_profile = NULL; | 1211 | s->internal->srtp_profile = NULL; |
| 1212 | 1212 | ||
| 1213 | if (data == end) | 1213 | if (data == end) |
| 1214 | goto ri_check; | 1214 | goto ri_check; |
| @@ -1281,10 +1281,10 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1281 | *al = SSL_AD_DECODE_ERROR; | 1281 | *al = SSL_AD_DECODE_ERROR; |
| 1282 | return 0; | 1282 | return 0; |
| 1283 | } | 1283 | } |
| 1284 | if (s->servername_done == 0) | 1284 | if (s->internal->servername_done == 0) |
| 1285 | switch (servname_type) { | 1285 | switch (servname_type) { |
| 1286 | case TLSEXT_NAMETYPE_host_name: | 1286 | case TLSEXT_NAMETYPE_host_name: |
| 1287 | if (!s->hit) { | 1287 | if (!s->internal->hit) { |
| 1288 | if (s->session->tlsext_hostname) { | 1288 | if (s->session->tlsext_hostname) { |
| 1289 | *al = SSL_AD_DECODE_ERROR; | 1289 | *al = SSL_AD_DECODE_ERROR; |
| 1290 | return 0; | 1290 | return 0; |
| @@ -1306,11 +1306,11 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1306 | *al = TLS1_AD_UNRECOGNIZED_NAME; | 1306 | *al = TLS1_AD_UNRECOGNIZED_NAME; |
| 1307 | return 0; | 1307 | return 0; |
| 1308 | } | 1308 | } |
| 1309 | s->servername_done = 1; | 1309 | s->internal->servername_done = 1; |
| 1310 | 1310 | ||
| 1311 | 1311 | ||
| 1312 | } else { | 1312 | } else { |
| 1313 | s->servername_done = s->session->tlsext_hostname && | 1313 | s->internal->servername_done = s->session->tlsext_hostname && |
| 1314 | strlen(s->session->tlsext_hostname) == len && | 1314 | strlen(s->session->tlsext_hostname) == len && |
| 1315 | strncmp(s->session->tlsext_hostname, (char *)sdata, len) == 0; | 1315 | strncmp(s->session->tlsext_hostname, (char *)sdata, len) == 0; |
| 1316 | } | 1316 | } |
| @@ -1345,7 +1345,7 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1345 | return 0; | 1345 | return 0; |
| 1346 | } | 1346 | } |
| 1347 | 1347 | ||
| 1348 | if (!s->hit) { | 1348 | if (!s->internal->hit) { |
| 1349 | free(SSI(s)->tlsext_ecpointformatlist); | 1349 | free(SSI(s)->tlsext_ecpointformatlist); |
| 1350 | SSI(s)->tlsext_ecpointformatlist = NULL; | 1350 | SSI(s)->tlsext_ecpointformatlist = NULL; |
| 1351 | SSI(s)->tlsext_ecpointformatlist_length = 0; | 1351 | SSI(s)->tlsext_ecpointformatlist_length = 0; |
| @@ -1377,7 +1377,7 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1377 | } | 1377 | } |
| 1378 | curveslen /= 2; | 1378 | curveslen /= 2; |
| 1379 | 1379 | ||
| 1380 | if (!s->hit) { | 1380 | if (!s->internal->hit) { |
| 1381 | if (SSI(s)->tlsext_ellipticcurvelist) { | 1381 | if (SSI(s)->tlsext_ellipticcurvelist) { |
| 1382 | *al = TLS1_AD_DECODE_ERROR; | 1382 | *al = TLS1_AD_DECODE_ERROR; |
| 1383 | return 0; | 1383 | return 0; |
| @@ -1447,13 +1447,13 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1447 | * previous handshake to prevent | 1447 | * previous handshake to prevent |
| 1448 | * unbounded memory growth. | 1448 | * unbounded memory growth. |
| 1449 | */ | 1449 | */ |
| 1450 | sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, | 1450 | sk_OCSP_RESPID_pop_free(s->internal->tlsext_ocsp_ids, |
| 1451 | OCSP_RESPID_free); | 1451 | OCSP_RESPID_free); |
| 1452 | s->tlsext_ocsp_ids = NULL; | 1452 | s->internal->tlsext_ocsp_ids = NULL; |
| 1453 | if (dsize > 0) { | 1453 | if (dsize > 0) { |
| 1454 | s->tlsext_ocsp_ids = | 1454 | s->internal->tlsext_ocsp_ids = |
| 1455 | sk_OCSP_RESPID_new_null(); | 1455 | sk_OCSP_RESPID_new_null(); |
| 1456 | if (s->tlsext_ocsp_ids == NULL) { | 1456 | if (s->internal->tlsext_ocsp_ids == NULL) { |
| 1457 | *al = SSL_AD_INTERNAL_ERROR; | 1457 | *al = SSL_AD_INTERNAL_ERROR; |
| 1458 | return 0; | 1458 | return 0; |
| 1459 | } | 1459 | } |
| @@ -1487,7 +1487,7 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1487 | return 0; | 1487 | return 0; |
| 1488 | } | 1488 | } |
| 1489 | if (!sk_OCSP_RESPID_push( | 1489 | if (!sk_OCSP_RESPID_push( |
| 1490 | s->tlsext_ocsp_ids, id)) { | 1490 | s->internal->tlsext_ocsp_ids, id)) { |
| 1491 | OCSP_RESPID_free(id); | 1491 | OCSP_RESPID_free(id); |
| 1492 | *al = SSL_AD_INTERNAL_ERROR; | 1492 | *al = SSL_AD_INTERNAL_ERROR; |
| 1493 | return 0; | 1493 | return 0; |
| @@ -1507,15 +1507,15 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1507 | } | 1507 | } |
| 1508 | sdata = data; | 1508 | sdata = data; |
| 1509 | if (dsize > 0) { | 1509 | if (dsize > 0) { |
| 1510 | if (s->tlsext_ocsp_exts) { | 1510 | if (s->internal->tlsext_ocsp_exts) { |
| 1511 | sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, | 1511 | sk_X509_EXTENSION_pop_free(s->internal->tlsext_ocsp_exts, |
| 1512 | X509_EXTENSION_free); | 1512 | X509_EXTENSION_free); |
| 1513 | } | 1513 | } |
| 1514 | 1514 | ||
| 1515 | s->tlsext_ocsp_exts = | 1515 | s->internal->tlsext_ocsp_exts = |
| 1516 | d2i_X509_EXTENSIONS(NULL, | 1516 | d2i_X509_EXTENSIONS(NULL, |
| 1517 | &sdata, dsize); | 1517 | &sdata, dsize); |
| 1518 | if (!s->tlsext_ocsp_exts || | 1518 | if (!s->internal->tlsext_ocsp_exts || |
| 1519 | (data + dsize != sdata)) { | 1519 | (data + dsize != sdata)) { |
| 1520 | *al = SSL_AD_DECODE_ERROR; | 1520 | *al = SSL_AD_DECODE_ERROR; |
| 1521 | return 0; | 1521 | return 0; |
| @@ -1534,7 +1534,7 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, | |||
| 1534 | /* We shouldn't accept this extension on a | 1534 | /* We shouldn't accept this extension on a |
| 1535 | * renegotiation. | 1535 | * renegotiation. |
| 1536 | * | 1536 | * |
| 1537 | * s->new_session will be set on renegotiation, but we | 1537 | * s->internal->new_session will be set on renegotiation, but we |
| 1538 | * probably shouldn't rely that it couldn't be set on | 1538 | * probably shouldn't rely that it couldn't be set on |
| 1539 | * the initial renegotation too in certain cases (when | 1539 | * the initial renegotation too in certain cases (when |
| 1540 | * there's some other reason to disallow resuming an | 1540 | * there's some other reason to disallow resuming an |
| @@ -1580,7 +1580,7 @@ ri_check: | |||
| 1580 | 1580 | ||
| 1581 | /* Need RI if renegotiating */ | 1581 | /* Need RI if renegotiating */ |
| 1582 | 1582 | ||
| 1583 | if (!renegotiate_seen && s->renegotiate) { | 1583 | if (!renegotiate_seen && s->internal->renegotiate) { |
| 1584 | *al = SSL_AD_HANDSHAKE_FAILURE; | 1584 | *al = SSL_AD_HANDSHAKE_FAILURE; |
| 1585 | SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT, | 1585 | SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_TLSEXT, |
| 1586 | SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); | 1586 | SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED); |
| @@ -1673,7 +1673,7 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al) | |||
| 1673 | return 0; | 1673 | return 0; |
| 1674 | } | 1674 | } |
| 1675 | 1675 | ||
| 1676 | if (!s->hit) { | 1676 | if (!s->internal->hit) { |
| 1677 | free(SSI(s)->tlsext_ecpointformatlist); | 1677 | free(SSI(s)->tlsext_ecpointformatlist); |
| 1678 | SSI(s)->tlsext_ecpointformatlist = NULL; | 1678 | SSI(s)->tlsext_ecpointformatlist = NULL; |
| 1679 | SSI(s)->tlsext_ecpointformatlist_length = 0; | 1679 | SSI(s)->tlsext_ecpointformatlist_length = 0; |
| @@ -1699,7 +1699,7 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al) | |||
| 1699 | *al = TLS1_AD_UNSUPPORTED_EXTENSION; | 1699 | *al = TLS1_AD_UNSUPPORTED_EXTENSION; |
| 1700 | return 0; | 1700 | return 0; |
| 1701 | } | 1701 | } |
| 1702 | s->tlsext_ticket_expected = 1; | 1702 | s->internal->tlsext_ticket_expected = 1; |
| 1703 | } | 1703 | } |
| 1704 | else if (type == TLSEXT_TYPE_status_request && | 1704 | else if (type == TLSEXT_TYPE_status_request && |
| 1705 | s->version != DTLS1_VERSION) { | 1705 | s->version != DTLS1_VERSION) { |
| @@ -1711,7 +1711,7 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al) | |||
| 1711 | return 0; | 1711 | return 0; |
| 1712 | } | 1712 | } |
| 1713 | /* Set flag to expect CertificateStatus message */ | 1713 | /* Set flag to expect CertificateStatus message */ |
| 1714 | s->tlsext_status_expected = 1; | 1714 | s->internal->tlsext_status_expected = 1; |
| 1715 | } | 1715 | } |
| 1716 | else if (type == TLSEXT_TYPE_next_proto_neg && | 1716 | else if (type == TLSEXT_TYPE_next_proto_neg && |
| 1717 | S3I(s)->tmp.finish_md_len == 0) { | 1717 | S3I(s)->tmp.finish_md_len == 0) { |
| @@ -1804,7 +1804,7 @@ ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al) | |||
| 1804 | return 0; | 1804 | return 0; |
| 1805 | } | 1805 | } |
| 1806 | 1806 | ||
| 1807 | if (!s->hit && tlsext_servername == 1) { | 1807 | if (!s->internal->hit && tlsext_servername == 1) { |
| 1808 | if (s->tlsext_hostname) { | 1808 | if (s->tlsext_hostname) { |
| 1809 | if (s->session->tlsext_hostname == NULL) { | 1809 | if (s->session->tlsext_hostname == NULL) { |
| 1810 | s->session->tlsext_hostname = | 1810 | s->session->tlsext_hostname = |
| @@ -1874,7 +1874,7 @@ ssl_check_clienthello_tlsext_early(SSL *s) | |||
| 1874 | ssl3_send_alert(s, SSL3_AL_WARNING, al); | 1874 | ssl3_send_alert(s, SSL3_AL_WARNING, al); |
| 1875 | return 1; | 1875 | return 1; |
| 1876 | case SSL_TLSEXT_ERR_NOACK: | 1876 | case SSL_TLSEXT_ERR_NOACK: |
| 1877 | s->servername_done = 0; | 1877 | s->internal->servername_done = 0; |
| 1878 | default: | 1878 | default: |
| 1879 | return 1; | 1879 | return 1; |
| 1880 | } | 1880 | } |
| @@ -1898,7 +1898,7 @@ ssl_check_clienthello_tlsext_late(SSL *s) | |||
| 1898 | certpkey = ssl_get_server_send_pkey(s); | 1898 | certpkey = ssl_get_server_send_pkey(s); |
| 1899 | /* If no certificate can't return certificate status */ | 1899 | /* If no certificate can't return certificate status */ |
| 1900 | if (certpkey == NULL) { | 1900 | if (certpkey == NULL) { |
| 1901 | s->tlsext_status_expected = 0; | 1901 | s->internal->tlsext_status_expected = 0; |
| 1902 | return 1; | 1902 | return 1; |
| 1903 | } | 1903 | } |
| 1904 | /* Set current certificate to one we will use so | 1904 | /* Set current certificate to one we will use so |
| @@ -1910,14 +1910,14 @@ ssl_check_clienthello_tlsext_late(SSL *s) | |||
| 1910 | switch (r) { | 1910 | switch (r) { |
| 1911 | /* We don't want to send a status request response */ | 1911 | /* We don't want to send a status request response */ |
| 1912 | case SSL_TLSEXT_ERR_NOACK: | 1912 | case SSL_TLSEXT_ERR_NOACK: |
| 1913 | s->tlsext_status_expected = 0; | 1913 | s->internal->tlsext_status_expected = 0; |
| 1914 | break; | 1914 | break; |
| 1915 | /* status request response should be sent */ | 1915 | /* status request response should be sent */ |
| 1916 | case SSL_TLSEXT_ERR_OK: | 1916 | case SSL_TLSEXT_ERR_OK: |
| 1917 | if (s->tlsext_ocsp_resp) | 1917 | if (s->internal->tlsext_ocsp_resp) |
| 1918 | s->tlsext_status_expected = 1; | 1918 | s->internal->tlsext_status_expected = 1; |
| 1919 | else | 1919 | else |
| 1920 | s->tlsext_status_expected = 0; | 1920 | s->internal->tlsext_status_expected = 0; |
| 1921 | break; | 1921 | break; |
| 1922 | /* something bad happened */ | 1922 | /* something bad happened */ |
| 1923 | case SSL_TLSEXT_ERR_ALERT_FATAL: | 1923 | case SSL_TLSEXT_ERR_ALERT_FATAL: |
| @@ -1926,7 +1926,7 @@ ssl_check_clienthello_tlsext_late(SSL *s) | |||
| 1926 | goto err; | 1926 | goto err; |
| 1927 | } | 1927 | } |
| 1928 | } else | 1928 | } else |
| 1929 | s->tlsext_status_expected = 0; | 1929 | s->internal->tlsext_status_expected = 0; |
| 1930 | 1930 | ||
| 1931 | err: | 1931 | err: |
| 1932 | switch (ret) { | 1932 | switch (ret) { |
| @@ -1953,8 +1953,8 @@ ssl_check_serverhello_tlsext(SSL *s) | |||
| 1953 | */ | 1953 | */ |
| 1954 | unsigned long alg_k = S3I(s)->tmp.new_cipher->algorithm_mkey; | 1954 | unsigned long alg_k = S3I(s)->tmp.new_cipher->algorithm_mkey; |
| 1955 | unsigned long alg_a = S3I(s)->tmp.new_cipher->algorithm_auth; | 1955 | unsigned long alg_a = S3I(s)->tmp.new_cipher->algorithm_auth; |
| 1956 | if ((s->tlsext_ecpointformatlist != NULL) && | 1956 | if ((s->internal->tlsext_ecpointformatlist != NULL) && |
| 1957 | (s->tlsext_ecpointformatlist_length > 0) && | 1957 | (s->internal->tlsext_ecpointformatlist_length > 0) && |
| 1958 | (SSI(s)->tlsext_ecpointformatlist != NULL) && | 1958 | (SSI(s)->tlsext_ecpointformatlist != NULL) && |
| 1959 | (SSI(s)->tlsext_ecpointformatlist_length > 0) && | 1959 | (SSI(s)->tlsext_ecpointformatlist_length > 0) && |
| 1960 | ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA))) { | 1960 | ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA))) { |
| @@ -1986,15 +1986,15 @@ ssl_check_serverhello_tlsext(SSL *s) | |||
| 1986 | /* If we've requested certificate status and we wont get one | 1986 | /* If we've requested certificate status and we wont get one |
| 1987 | * tell the callback | 1987 | * tell the callback |
| 1988 | */ | 1988 | */ |
| 1989 | if ((s->tlsext_status_type != -1) && !(s->tlsext_status_expected) && | 1989 | if ((s->tlsext_status_type != -1) && !(s->internal->tlsext_status_expected) && |
| 1990 | s->ctx && s->ctx->internal->tlsext_status_cb) { | 1990 | s->ctx && s->ctx->internal->tlsext_status_cb) { |
| 1991 | int r; | 1991 | int r; |
| 1992 | /* Set resp to NULL, resplen to -1 so callback knows | 1992 | /* Set resp to NULL, resplen to -1 so callback knows |
| 1993 | * there is no response. | 1993 | * there is no response. |
| 1994 | */ | 1994 | */ |
| 1995 | free(s->tlsext_ocsp_resp); | 1995 | free(s->internal->tlsext_ocsp_resp); |
| 1996 | s->tlsext_ocsp_resp = NULL; | 1996 | s->internal->tlsext_ocsp_resp = NULL; |
| 1997 | s->tlsext_ocsp_resplen = -1; | 1997 | s->internal->tlsext_ocsp_resplen = -1; |
| 1998 | r = s->ctx->internal->tlsext_status_cb(s, | 1998 | r = s->ctx->internal->tlsext_status_cb(s, |
| 1999 | s->ctx->internal->tlsext_status_arg); | 1999 | s->ctx->internal->tlsext_status_arg); |
| 2000 | if (r == 0) { | 2000 | if (r == 0) { |
| @@ -2017,7 +2017,7 @@ ssl_check_serverhello_tlsext(SSL *s) | |||
| 2017 | 2017 | ||
| 2018 | return 1; | 2018 | return 1; |
| 2019 | case SSL_TLSEXT_ERR_NOACK: | 2019 | case SSL_TLSEXT_ERR_NOACK: |
| 2020 | s->servername_done = 0; | 2020 | s->internal->servername_done = 0; |
| 2021 | default: | 2021 | default: |
| 2022 | return 1; | 2022 | return 1; |
| 2023 | } | 2023 | } |
| @@ -2037,7 +2037,7 @@ ssl_check_serverhello_tlsext(SSL *s) | |||
| 2037 | * | 2037 | * |
| 2038 | * If s->internal->tls_session_secret_cb is set then we are expecting a pre-shared key | 2038 | * If s->internal->tls_session_secret_cb is set then we are expecting a pre-shared key |
| 2039 | * ciphersuite, in which case we have no use for session tickets and one will | 2039 | * ciphersuite, in which case we have no use for session tickets and one will |
| 2040 | * never be decrypted, nor will s->tlsext_ticket_expected be set to 1. | 2040 | * never be decrypted, nor will s->internal->tlsext_ticket_expected be set to 1. |
| 2041 | * | 2041 | * |
| 2042 | * Returns: | 2042 | * Returns: |
| 2043 | * -1: fatal error, either from parsing or decrypting the ticket. | 2043 | * -1: fatal error, either from parsing or decrypting the ticket. |
| @@ -2049,12 +2049,12 @@ ssl_check_serverhello_tlsext(SSL *s) | |||
| 2049 | * 3: a ticket was successfully decrypted and *ret was set. | 2049 | * 3: a ticket was successfully decrypted and *ret was set. |
| 2050 | * | 2050 | * |
| 2051 | * Side effects: | 2051 | * Side effects: |
| 2052 | * Sets s->tlsext_ticket_expected to 1 if the server will have to issue | 2052 | * Sets s->internal->tlsext_ticket_expected to 1 if the server will have to issue |
| 2053 | * a new session ticket to the client because the client indicated support | 2053 | * a new session ticket to the client because the client indicated support |
| 2054 | * (and s->internal->tls_session_secret_cb is NULL) but the client either doesn't have | 2054 | * (and s->internal->tls_session_secret_cb is NULL) but the client either doesn't have |
| 2055 | * a session ticket or we couldn't use the one it gave us, or if | 2055 | * a session ticket or we couldn't use the one it gave us, or if |
| 2056 | * s->ctx->tlsext_ticket_key_cb asked to renew the client's ticket. | 2056 | * s->ctx->tlsext_ticket_key_cb asked to renew the client's ticket. |
| 2057 | * Otherwise, s->tlsext_ticket_expected is set to 0. | 2057 | * Otherwise, s->internal->tlsext_ticket_expected is set to 0. |
| 2058 | */ | 2058 | */ |
| 2059 | int | 2059 | int |
| 2060 | tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, | 2060 | tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, |
| @@ -2064,7 +2064,7 @@ tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, | |||
| 2064 | CBS session_id, cookie, cipher_list, compress_algo, extensions; | 2064 | CBS session_id, cookie, cipher_list, compress_algo, extensions; |
| 2065 | 2065 | ||
| 2066 | *ret = NULL; | 2066 | *ret = NULL; |
| 2067 | s->tlsext_ticket_expected = 0; | 2067 | s->internal->tlsext_ticket_expected = 0; |
| 2068 | 2068 | ||
| 2069 | /* If tickets disabled behave as if no ticket present | 2069 | /* If tickets disabled behave as if no ticket present |
| 2070 | * to permit stateful resumption. | 2070 | * to permit stateful resumption. |
| @@ -2116,7 +2116,7 @@ tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, | |||
| 2116 | if (CBS_len(&ext_data) == 0) { | 2116 | if (CBS_len(&ext_data) == 0) { |
| 2117 | /* The client will accept a ticket but doesn't | 2117 | /* The client will accept a ticket but doesn't |
| 2118 | * currently have one. */ | 2118 | * currently have one. */ |
| 2119 | s->tlsext_ticket_expected = 1; | 2119 | s->internal->tlsext_ticket_expected = 1; |
| 2120 | return 1; | 2120 | return 1; |
| 2121 | } | 2121 | } |
| 2122 | if (s->internal->tls_session_secret_cb) { | 2122 | if (s->internal->tls_session_secret_cb) { |
| @@ -2133,12 +2133,12 @@ tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, | |||
| 2133 | 2133 | ||
| 2134 | switch (r) { | 2134 | switch (r) { |
| 2135 | case 2: /* ticket couldn't be decrypted */ | 2135 | case 2: /* ticket couldn't be decrypted */ |
| 2136 | s->tlsext_ticket_expected = 1; | 2136 | s->internal->tlsext_ticket_expected = 1; |
| 2137 | return 2; | 2137 | return 2; |
| 2138 | case 3: /* ticket was decrypted */ | 2138 | case 3: /* ticket was decrypted */ |
| 2139 | return r; | 2139 | return r; |
| 2140 | case 4: /* ticket decrypted but need to renew */ | 2140 | case 4: /* ticket decrypted but need to renew */ |
| 2141 | s->tlsext_ticket_expected = 1; | 2141 | s->internal->tlsext_ticket_expected = 1; |
| 2142 | return 3; | 2142 | return 3; |
| 2143 | default: /* fatal error */ | 2143 | default: /* fatal error */ |
| 2144 | return -1; | 2144 | return -1; |