Move most of DTLS1_STATE to internal.

ok jsing@
author: beck <> 2017-01-22 07:16:39 +0000
committer: beck <> 2017-01-22 07:16:39 +0000
commit: 2204d5a39055900d89c6f7fbdcc3bb37ec8070db (patch)
tree: c03f505a3f0822dbc7a4d9523cfde19318c0d121 /src/lib/libssl/d1_both.c
parent: 334c9196a27db4244daba48e4ba2118985c535ed (diff)
download: openbsd-2204d5a39055900d89c6f7fbdcc3bb37ec8070db.tar.gz
openbsd-2204d5a39055900d89c6f7fbdcc3bb37ec8070db.tar.bz2
openbsd-2204d5a39055900d89c6f7fbdcc3bb37ec8070db.zip
1 files changed, 58 insertions, 58 deletions
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index 7f9d5af4ce..d83df1c9a0 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_both.c,v 1.40 2016/12/06 13:38:11 jsing Exp $ */
+/* $OpenBSD: d1_both.c,v 1.41 2017/01/22 07:16:38 beck Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -232,9 +232,9 @@ dtls1_do_write(SSL *s, int type)
        unsigned int len, frag_off, mac_size, blocksize;
        /* AHA!  Figure out the MTU, and stick to the right size */
-        if (s->d1->mtu < dtls1_min_mtu() &&
+        if (D1I(s)->mtu < dtls1_min_mtu() &&
            !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
-                s->d1->mtu = BIO_ctrl(SSL_get_wbio(s),
+                D1I(s)->mtu = BIO_ctrl(SSL_get_wbio(s),
                    BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
                /*
@@ -242,20 +242,20 @@ dtls1_do_write(SSL *s, int type)
                 * doesn't know the MTU (ie., the initial write), so just
                 * make sure we have a reasonable number
                 */
-                if (s->d1->mtu < dtls1_min_mtu()) {
+                if (D1I(s)->mtu < dtls1_min_mtu()) {
-                        s->d1->mtu = 0;
+                        D1I(s)->mtu = 0;
-                        s->d1->mtu = dtls1_guess_mtu(s->d1->mtu);
+                        D1I(s)->mtu = dtls1_guess_mtu(D1I(s)->mtu);
                        BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU,
-                            s->d1->mtu, NULL);
+                            D1I(s)->mtu, NULL);
                }
        }
-        OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu());
+        OPENSSL_assert(D1I(s)->mtu >= dtls1_min_mtu());
        /* should have something reasonable now */
        if (s->init_off == 0  && type == SSL3_RT_HANDSHAKE)
                OPENSSL_assert(s->init_num ==
-                    (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
+                    (int)D1I(s)->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
        if (s->write_hash)
                mac_size = EVP_MD_CTX_size(s->write_hash);
@@ -270,7 +270,7 @@ dtls1_do_write(SSL *s, int type)
        frag_off = 0;
        while (s->init_num) {
-                curr_mtu = s->d1->mtu - BIO_wpending(SSL_get_wbio(s)) -
+                curr_mtu = D1I(s)->mtu - BIO_wpending(SSL_get_wbio(s)) -
                    DTLS1_RT_HEADER_LENGTH - mac_size - blocksize;
                if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) {
@@ -278,7 +278,7 @@ dtls1_do_write(SSL *s, int type)
                        ret = BIO_flush(SSL_get_wbio(s));
                        if (ret <= 0)
                                return ret;
-                        curr_mtu = s->d1->mtu - DTLS1_RT_HEADER_LENGTH -
+                        curr_mtu = D1I(s)->mtu - DTLS1_RT_HEADER_LENGTH -
                            mac_size - blocksize;
                }
@@ -322,7 +322,7 @@ dtls1_do_write(SSL *s, int type)
                         */
                        if (BIO_ctrl(SSL_get_wbio(s),
                            BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0)
-                                s->d1->mtu = BIO_ctrl(SSL_get_wbio(s),
+                                D1I(s)->mtu = BIO_ctrl(SSL_get_wbio(s),
                                    BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
                        else
                                return (-1);
@@ -336,14 +336,14 @@ dtls1_do_write(SSL *s, int type)
                        OPENSSL_assert(len == (unsigned int)ret);
                        if (type == SSL3_RT_HANDSHAKE &&
-                            !s->d1->retransmitting) {
+                            !D1I(s)->retransmitting) {
                                /*
                                 * Should not be done for 'Hello Request's,
                                 * but in that case we'll ignore the result
                                 * anyway
                                 */
                                unsigned char *p = (unsigned char *)&s->init_buf->data[s->init_off];
-                                const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+                                const struct hm_header_st *msg_hdr = &D1I(s)->w_msg_hdr;
                                int xlen;
                                if (frag_off == 0) {
@@ -420,7 +420,7 @@ dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
                return s->init_num;
        }
-        msg_hdr = &s->d1->r_msg_hdr;
+        msg_hdr = &D1I(s)->r_msg_hdr;
        memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
 again:
@@ -452,8 +452,8 @@ again:
        memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
        /* Don't change sequence numbers while listening */
-        if (!s->d1->listen)
+        if (!D1I(s)->listen)
-                s->d1->handshake_read_seq++;
+                D1I(s)->handshake_read_seq++;
        s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
        return s->init_num;
@@ -487,7 +487,7 @@ dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr, int max)
                return SSL_AD_ILLEGAL_PARAMETER;
        }
-        if ( s->d1->r_msg_hdr.frag_off == 0) /* first fragment */
+        if ( D1I(s)->r_msg_hdr.frag_off == 0) /* first fragment */
        {
                /*
                 * msg_len is limited to 2^24, but is effectively checked
@@ -500,11 +500,11 @@ dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr, int max)
                }
                s->s3->tmp.message_size = msg_len;
-                s->d1->r_msg_hdr.msg_len = msg_len;
+                D1I(s)->r_msg_hdr.msg_len = msg_len;
                s->s3->tmp.message_type = msg_hdr->type;
-                s->d1->r_msg_hdr.type = msg_hdr->type;
+                D1I(s)->r_msg_hdr.type = msg_hdr->type;
-                s->d1->r_msg_hdr.seq = msg_hdr->seq;
+                D1I(s)->r_msg_hdr.seq = msg_hdr->seq;
-        } else if (msg_len != s->d1->r_msg_hdr.msg_len) {
+        } else if (msg_len != D1I(s)->r_msg_hdr.msg_len) {
                /*
                 * They must be playing with us! BTW, failure to enforce
                 * upper limit would open possibility for buffer overrun.
@@ -531,7 +531,7 @@ dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
        int al;
        *ok = 0;
-        item = pqueue_peek(s->d1->buffered_messages);
+        item = pqueue_peek(D1I(s)->buffered_messages);
        if (item == NULL)
                return 0;
@@ -541,9 +541,9 @@ dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
        if (frag->reassembly != NULL)
                return 0;
-        if (s->d1->handshake_read_seq == frag->msg_header.seq) {
+        if (D1I(s)->handshake_read_seq == frag->msg_header.seq) {
                unsigned long frag_len = frag->msg_header.frag_len;
-                pqueue_pop(s->d1->buffered_messages);
+                pqueue_pop(D1I(s)->buffered_messages);
                al = dtls1_preprocess_fragment(s, &frag->msg_header, max);
@@ -608,7 +608,7 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)
        memset(seq64be, 0, sizeof(seq64be));
        seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
        seq64be[7] = (unsigned char)msg_hdr->seq;
-        item = pqueue_find(s->d1->buffered_messages, seq64be);
+        item = pqueue_find(D1I(s)->buffered_messages, seq64be);
        if (item == NULL) {
                frag = dtls1_hm_fragment_new(msg_hdr->msg_len, 1);
@@ -673,7 +673,7 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)
                        goto err;
                }
-                pqueue_insert(s->d1->buffered_messages, item);
+                pqueue_insert(D1I(s)->buffered_messages, item);
        }
        return DTLS1_HM_FRAGMENT_RETRY;
@@ -702,7 +702,7 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
        memset(seq64be, 0, sizeof(seq64be));
        seq64be[6] = (unsigned char) (msg_hdr->seq >> 8);
        seq64be[7] = (unsigned char) msg_hdr->seq;
-        item = pqueue_find(s->d1->buffered_messages, seq64be);
+        item = pqueue_find(D1I(s)->buffered_messages, seq64be);
        /*
         * If we already have an entry and this one is a fragment,
@@ -717,9 +717,9 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
         * a FINISHED before the SERVER_HELLO, which then must be a stale
         * retransmit.
         */
-        if (msg_hdr->seq <= s->d1->handshake_read_seq ||
+        if (msg_hdr->seq <= D1I(s)->handshake_read_seq ||
-            msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL ||
+            msg_hdr->seq > D1I(s)->handshake_read_seq + 10 || item != NULL ||
-            (s->d1->handshake_read_seq == 0 &&
+            (D1I(s)->handshake_read_seq == 0 &&
            msg_hdr->type == SSL3_MT_FINISHED)) {
                unsigned char devnull [256];
@@ -760,7 +760,7 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
                if (item == NULL)
                        goto err;
-                pqueue_insert(s->d1->buffered_messages, item);
+                pqueue_insert(D1I(s)->buffered_messages, item);
        }
        return DTLS1_HM_FRAGMENT_RETRY;
@@ -814,8 +814,8 @@ again:
         * While listening, we accept seq 1 (ClientHello with cookie)
         * although we're still expecting seq 0 (ClientHello)
         */
-        if (msg_hdr.seq != s->d1->handshake_read_seq &&
+        if (msg_hdr.seq != D1I(s)->handshake_read_seq &&
-            !(s->d1->listen && msg_hdr.seq == 1))
+            !(D1I(s)->listen && msg_hdr.seq == 1))
                return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);
        len = msg_hdr.msg_len;
@@ -825,7 +825,7 @@ again:
        if (frag_len && frag_len < len)
                return dtls1_reassemble_fragment(s, &msg_hdr, ok);
-        if (!s->server && s->d1->r_msg_hdr.frag_off == 0 &&
+        if (!s->server && D1I(s)->r_msg_hdr.frag_off == 0 &&
            wire[0] == SSL3_MT_HELLO_REQUEST) {
                /*
                 * The server may always send 'Hello Request' messages --
@@ -918,13 +918,13 @@ dtls1_send_change_cipher_spec(SSL *s, int a, int b)
        if (s->state == a) {
                p = (unsigned char *)s->init_buf->data;
                *p++=SSL3_MT_CCS;
-                s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
+                D1I(s)->handshake_write_seq = D1I(s)->next_handshake_write_seq;
                s->init_num = DTLS1_CCS_HEADER_LENGTH;
                s->init_off = 0;
                dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
-                    s->d1->handshake_write_seq, 0, 0);
+                    D1I(s)->handshake_write_seq, 0, 0);
                /* buffer the message to handle re-xmits */
                dtls1_buffer_message(s, 1);
@@ -1031,26 +1031,26 @@ dtls1_buffer_message(SSL *s, int is_ccs)
        memcpy(frag->fragment, s->init_buf->data, s->init_num);
        if (is_ccs) {
-                OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
+                OPENSSL_assert(D1I(s)->w_msg_hdr.msg_len +
                    ((s->version == DTLS1_VERSION) ?
                    DTLS1_CCS_HEADER_LENGTH : 3) == (unsigned int)s->init_num);
        } else {
-                OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
+                OPENSSL_assert(D1I(s)->w_msg_hdr.msg_len +
                    DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
        }
-        frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;
+        frag->msg_header.msg_len = D1I(s)->w_msg_hdr.msg_len;
-        frag->msg_header.seq = s->d1->w_msg_hdr.seq;
+        frag->msg_header.seq = D1I(s)->w_msg_hdr.seq;
-        frag->msg_header.type = s->d1->w_msg_hdr.type;
+        frag->msg_header.type = D1I(s)->w_msg_hdr.type;
        frag->msg_header.frag_off = 0;
-        frag->msg_header.frag_len = s->d1->w_msg_hdr.msg_len;
+        frag->msg_header.frag_len = D1I(s)->w_msg_hdr.msg_len;
        frag->msg_header.is_ccs = is_ccs;
        /* save current state*/
        frag->msg_header.saved_retransmit_state.enc_write_ctx = s->enc_write_ctx;
        frag->msg_header.saved_retransmit_state.write_hash = s->write_hash;
        frag->msg_header.saved_retransmit_state.session = s->session;
-        frag->msg_header.saved_retransmit_state.epoch = s->d1->w_epoch;
+        frag->msg_header.saved_retransmit_state.epoch = D1I(s)->w_epoch;
        memset(seq64be, 0, sizeof(seq64be));
        seq64be[6] = (unsigned char)(dtls1_get_queue_priority(
@@ -1120,21 +1120,21 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
        saved_state.enc_write_ctx = s->enc_write_ctx;
        saved_state.write_hash = s->write_hash;
        saved_state.session = s->session;
-        saved_state.epoch = s->d1->w_epoch;
+        saved_state.epoch = D1I(s)->w_epoch;
-        s->d1->retransmitting = 1;
+        D1I(s)->retransmitting = 1;
        /* restore state in which the message was originally sent */
        s->enc_write_ctx = frag->msg_header.saved_retransmit_state.enc_write_ctx;
        s->write_hash = frag->msg_header.saved_retransmit_state.write_hash;
        s->session = frag->msg_header.saved_retransmit_state.session;
-        s->d1->w_epoch = frag->msg_header.saved_retransmit_state.epoch;
+        D1I(s)->w_epoch = frag->msg_header.saved_retransmit_state.epoch;
        if (frag->msg_header.saved_retransmit_state.epoch ==
            saved_state.epoch - 1) {
                memcpy(save_write_sequence, s->s3->write_sequence,
                    sizeof(s->s3->write_sequence));
-                memcpy(s->s3->write_sequence, s->d1->last_write_sequence,
+                memcpy(s->s3->write_sequence, D1I(s)->last_write_sequence,
                    sizeof(s->s3->write_sequence));
        }
@@ -1145,17 +1145,17 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
        s->enc_write_ctx = saved_state.enc_write_ctx;
        s->write_hash = saved_state.write_hash;
        s->session = saved_state.session;
-        s->d1->w_epoch = saved_state.epoch;
+        D1I(s)->w_epoch = saved_state.epoch;
        if (frag->msg_header.saved_retransmit_state.epoch ==
            saved_state.epoch - 1) {
-                memcpy(s->d1->last_write_sequence, s->s3->write_sequence,
+                memcpy(D1I(s)->last_write_sequence, s->s3->write_sequence,
                    sizeof(s->s3->write_sequence));
                memcpy(s->s3->write_sequence, save_write_sequence,
                    sizeof(s->s3->write_sequence));
        }
-        s->d1->retransmitting = 0;
+        D1I(s)->retransmitting = 0;
        (void)BIO_flush(SSL_get_wbio(s));
        return ret;
@@ -1179,12 +1179,12 @@ dtls1_set_message_header(SSL *s, unsigned char *p, unsigned char mt,
    unsigned long len, unsigned long frag_off, unsigned long frag_len)
 {
        /* Don't change sequence numbers while listening */
-        if (frag_off == 0 && !s->d1->listen) {
+        if (frag_off == 0 && !D1I(s)->listen) {
-                s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
+                D1I(s)->handshake_write_seq = D1I(s)->next_handshake_write_seq;
-                s->d1->next_handshake_write_seq++;
+                D1I(s)->next_handshake_write_seq++;
        }
-        dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq,
+        dtls1_set_message_header_int(s, mt, len, D1I(s)->handshake_write_seq,
            frag_off, frag_len);
        return p += DTLS1_HM_HEADER_LENGTH;
@@ -1195,7 +1195,7 @@ static void
 dtls1_set_message_header_int(SSL *s, unsigned char mt, unsigned long len,
    unsigned short seq_num, unsigned long frag_off, unsigned long frag_len)
 {
-        struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+        struct hm_header_st *msg_hdr = &D1I(s)->w_msg_hdr;
        msg_hdr->type = mt;
        msg_hdr->msg_len = len;
@@ -1207,7 +1207,7 @@ dtls1_set_message_header_int(SSL *s, unsigned char mt, unsigned long len,
 static void
 dtls1_fix_message_header(SSL *s, unsigned long frag_off, unsigned long frag_len)
 {
-        struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+        struct hm_header_st *msg_hdr = &D1I(s)->w_msg_hdr;
        msg_hdr->frag_off = frag_off;
        msg_hdr->frag_len = frag_len;
@@ -1216,7 +1216,7 @@ dtls1_fix_message_header(SSL *s, unsigned long frag_off, unsigned long frag_len)
 static unsigned char *
 dtls1_write_message_header(SSL *s, unsigned char *p)
 {
-        struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
+        struct hm_header_st *msg_hdr = &D1I(s)->w_msg_hdr;
        *p++ = msg_hdr->type;
        l2n3(msg_hdr->msg_len, p);
author	beck <>	2017-01-22 07:16:39 +0000
committer	beck <>	2017-01-22 07:16:39 +0000
commit	2204d5a39055900d89c6f7fbdcc3bb37ec8070db (patch)
tree	c03f505a3f0822dbc7a4d9523cfde19318c0d121 /src/lib/libssl/d1_both.c
parent	334c9196a27db4244daba48e4ba2118985c535ed (diff)
download	openbsd-2204d5a39055900d89c6f7fbdcc3bb37ec8070db.tar.gz openbsd-2204d5a39055900d89c6f7fbdcc3bb37ec8070db.tar.bz2 openbsd-2204d5a39055900d89c6f7fbdcc3bb37ec8070db.zip

diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c index 7f9d5af4ce..d83df1c9a0 100644 --- a/src/lib/libssl/d1_both.c +++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_both.c,v 1.40 2016/12/06 13:38:11 jsing Exp $ */	1	/* $OpenBSD: d1_both.c,v 1.41 2017/01/22 07:16:38 beck Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -232,9 +232,9 @@ dtls1_do_write(SSL *s, int type)
232	unsigned int len, frag_off, mac_size, blocksize;	232	unsigned int len, frag_off, mac_size, blocksize;
233		233
234	/* AHA! Figure out the MTU, and stick to the right size */	234	/* AHA! Figure out the MTU, and stick to the right size */
235	if (s->d1->mtu < dtls1_min_mtu() &&	235	if (D1I(s)->mtu < dtls1_min_mtu() &&
236	!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {	236	!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {
237	s->d1->mtu = BIO_ctrl(SSL_get_wbio(s),	237	D1I(s)->mtu = BIO_ctrl(SSL_get_wbio(s),
238	BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);	238	BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
239		239
240	/*	240	/*
@@ -242,20 +242,20 @@ dtls1_do_write(SSL *s, int type)
242	* doesn't know the MTU (ie., the initial write), so just	242	* doesn't know the MTU (ie., the initial write), so just
243	* make sure we have a reasonable number	243	* make sure we have a reasonable number
244	*/	244	*/
245	if (s->d1->mtu < dtls1_min_mtu()) {	245	if (D1I(s)->mtu < dtls1_min_mtu()) {
246	s->d1->mtu = 0;	246	D1I(s)->mtu = 0;
247	s->d1->mtu = dtls1_guess_mtu(s->d1->mtu);	247	D1I(s)->mtu = dtls1_guess_mtu(D1I(s)->mtu);
248	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU,	248	BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU,
249	s->d1->mtu, NULL);	249	D1I(s)->mtu, NULL);
250	}	250	}
251	}	251	}
252		252
253	OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu());	253	OPENSSL_assert(D1I(s)->mtu >= dtls1_min_mtu());
254	/* should have something reasonable now */	254	/* should have something reasonable now */
255		255
256	if (s->init_off == 0 && type == SSL3_RT_HANDSHAKE)	256	if (s->init_off == 0 && type == SSL3_RT_HANDSHAKE)
257	OPENSSL_assert(s->init_num ==	257	OPENSSL_assert(s->init_num ==
258	(int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);	258	(int)D1I(s)->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
259		259
260	if (s->write_hash)	260	if (s->write_hash)
261	mac_size = EVP_MD_CTX_size(s->write_hash);	261	mac_size = EVP_MD_CTX_size(s->write_hash);
@@ -270,7 +270,7 @@ dtls1_do_write(SSL *s, int type)
270		270
271	frag_off = 0;	271	frag_off = 0;
272	while (s->init_num) {	272	while (s->init_num) {
273	curr_mtu = s->d1->mtu - BIO_wpending(SSL_get_wbio(s)) -	273	curr_mtu = D1I(s)->mtu - BIO_wpending(SSL_get_wbio(s)) -
274	DTLS1_RT_HEADER_LENGTH - mac_size - blocksize;	274	DTLS1_RT_HEADER_LENGTH - mac_size - blocksize;
275		275
276	if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) {	276	if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) {
@@ -278,7 +278,7 @@ dtls1_do_write(SSL *s, int type)
278	ret = BIO_flush(SSL_get_wbio(s));	278	ret = BIO_flush(SSL_get_wbio(s));
279	if (ret <= 0)	279	if (ret <= 0)
280	return ret;	280	return ret;
281	curr_mtu = s->d1->mtu - DTLS1_RT_HEADER_LENGTH -	281	curr_mtu = D1I(s)->mtu - DTLS1_RT_HEADER_LENGTH -
282	mac_size - blocksize;	282	mac_size - blocksize;
283	}	283	}
284		284
@@ -322,7 +322,7 @@ dtls1_do_write(SSL *s, int type)
322	*/	322	*/
323	if (BIO_ctrl(SSL_get_wbio(s),	323	if (BIO_ctrl(SSL_get_wbio(s),
324	BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0)	324	BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0)
325	s->d1->mtu = BIO_ctrl(SSL_get_wbio(s),	325	D1I(s)->mtu = BIO_ctrl(SSL_get_wbio(s),
326	BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);	326	BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
327	else	327	else
328	return (-1);	328	return (-1);
@@ -336,14 +336,14 @@ dtls1_do_write(SSL *s, int type)
336	OPENSSL_assert(len == (unsigned int)ret);	336	OPENSSL_assert(len == (unsigned int)ret);
337		337
338	if (type == SSL3_RT_HANDSHAKE &&	338	if (type == SSL3_RT_HANDSHAKE &&
339	!s->d1->retransmitting) {	339	!D1I(s)->retransmitting) {
340	/*	340	/*
341	* Should not be done for 'Hello Request's,	341	* Should not be done for 'Hello Request's,
342	* but in that case we'll ignore the result	342	* but in that case we'll ignore the result
343	* anyway	343	* anyway
344	*/	344	*/
345	unsigned char p = (unsigned char )&s->init_buf->data[s->init_off];	345	unsigned char p = (unsigned char )&s->init_buf->data[s->init_off];
346	const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;	346	const struct hm_header_st *msg_hdr = &D1I(s)->w_msg_hdr;
347	int xlen;	347	int xlen;
348		348
349	if (frag_off == 0) {	349	if (frag_off == 0) {
@@ -420,7 +420,7 @@ dtls1_get_message(SSL s, int st1, int stn, int mt, long max, int ok)
420	return s->init_num;	420	return s->init_num;
421	}	421	}
422		422
423	msg_hdr = &s->d1->r_msg_hdr;	423	msg_hdr = &D1I(s)->r_msg_hdr;
424	memset(msg_hdr, 0x00, sizeof(struct hm_header_st));	424	memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
425		425
426	again:	426	again:
@@ -452,8 +452,8 @@ again:
452	memset(msg_hdr, 0x00, sizeof(struct hm_header_st));	452	memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
453		453
454	/* Don't change sequence numbers while listening */	454	/* Don't change sequence numbers while listening */
455	if (!s->d1->listen)	455	if (!D1I(s)->listen)
456	s->d1->handshake_read_seq++;	456	D1I(s)->handshake_read_seq++;
457		457
458	s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;	458	s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
459	return s->init_num;	459	return s->init_num;
@@ -487,7 +487,7 @@ dtls1_preprocess_fragment(SSL s, struct hm_header_st msg_hdr, int max)
487	return SSL_AD_ILLEGAL_PARAMETER;	487	return SSL_AD_ILLEGAL_PARAMETER;
488	}	488	}
489		489
490	if ( s->d1->r_msg_hdr.frag_off == 0) /* first fragment */	490	if ( D1I(s)->r_msg_hdr.frag_off == 0) /* first fragment */
491	{	491	{
492	/*	492	/*
493	* msg_len is limited to 2^24, but is effectively checked	493	* msg_len is limited to 2^24, but is effectively checked
@@ -500,11 +500,11 @@ dtls1_preprocess_fragment(SSL s, struct hm_header_st msg_hdr, int max)
500	}	500	}
501		501
502	s->s3->tmp.message_size = msg_len;	502	s->s3->tmp.message_size = msg_len;
503	s->d1->r_msg_hdr.msg_len = msg_len;	503	D1I(s)->r_msg_hdr.msg_len = msg_len;
504	s->s3->tmp.message_type = msg_hdr->type;	504	s->s3->tmp.message_type = msg_hdr->type;
505	s->d1->r_msg_hdr.type = msg_hdr->type;	505	D1I(s)->r_msg_hdr.type = msg_hdr->type;
506	s->d1->r_msg_hdr.seq = msg_hdr->seq;	506	D1I(s)->r_msg_hdr.seq = msg_hdr->seq;
507	} else if (msg_len != s->d1->r_msg_hdr.msg_len) {	507	} else if (msg_len != D1I(s)->r_msg_hdr.msg_len) {
508	/*	508	/*
509	* They must be playing with us! BTW, failure to enforce	509	* They must be playing with us! BTW, failure to enforce
510	* upper limit would open possibility for buffer overrun.	510	* upper limit would open possibility for buffer overrun.
@@ -531,7 +531,7 @@ dtls1_retrieve_buffered_fragment(SSL s, long max, int ok)
531	int al;	531	int al;
532		532
533	*ok = 0;	533	*ok = 0;
534	item = pqueue_peek(s->d1->buffered_messages);	534	item = pqueue_peek(D1I(s)->buffered_messages);
535	if (item == NULL)	535	if (item == NULL)
536	return 0;	536	return 0;
537		537
@@ -541,9 +541,9 @@ dtls1_retrieve_buffered_fragment(SSL s, long max, int ok)
541	if (frag->reassembly != NULL)	541	if (frag->reassembly != NULL)
542	return 0;	542	return 0;
543		543
544	if (s->d1->handshake_read_seq == frag->msg_header.seq) {	544	if (D1I(s)->handshake_read_seq == frag->msg_header.seq) {
545	unsigned long frag_len = frag->msg_header.frag_len;	545	unsigned long frag_len = frag->msg_header.frag_len;
546	pqueue_pop(s->d1->buffered_messages);	546	pqueue_pop(D1I(s)->buffered_messages);
547		547
548	al = dtls1_preprocess_fragment(s, &frag->msg_header, max);	548	al = dtls1_preprocess_fragment(s, &frag->msg_header, max);
549		549
@@ -608,7 +608,7 @@ dtls1_reassemble_fragment(SSL s, struct hm_header_st msg_hdr, int *ok)
608	memset(seq64be, 0, sizeof(seq64be));	608	memset(seq64be, 0, sizeof(seq64be));
609	seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);	609	seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);
610	seq64be[7] = (unsigned char)msg_hdr->seq;	610	seq64be[7] = (unsigned char)msg_hdr->seq;
611	item = pqueue_find(s->d1->buffered_messages, seq64be);	611	item = pqueue_find(D1I(s)->buffered_messages, seq64be);
612		612
613	if (item == NULL) {	613	if (item == NULL) {
614	frag = dtls1_hm_fragment_new(msg_hdr->msg_len, 1);	614	frag = dtls1_hm_fragment_new(msg_hdr->msg_len, 1);
@@ -673,7 +673,7 @@ dtls1_reassemble_fragment(SSL s, struct hm_header_st msg_hdr, int *ok)
673	goto err;	673	goto err;
674	}	674	}
675		675
676	pqueue_insert(s->d1->buffered_messages, item);	676	pqueue_insert(D1I(s)->buffered_messages, item);
677	}	677	}
678		678
679	return DTLS1_HM_FRAGMENT_RETRY;	679	return DTLS1_HM_FRAGMENT_RETRY;
@@ -702,7 +702,7 @@ dtls1_process_out_of_seq_message(SSL s, struct hm_header_st msg_hdr, int *ok)
702	memset(seq64be, 0, sizeof(seq64be));	702	memset(seq64be, 0, sizeof(seq64be));
703	seq64be[6] = (unsigned char) (msg_hdr->seq >> 8);	703	seq64be[6] = (unsigned char) (msg_hdr->seq >> 8);
704	seq64be[7] = (unsigned char) msg_hdr->seq;	704	seq64be[7] = (unsigned char) msg_hdr->seq;
705	item = pqueue_find(s->d1->buffered_messages, seq64be);	705	item = pqueue_find(D1I(s)->buffered_messages, seq64be);
706		706
707	/*	707	/*
708	* If we already have an entry and this one is a fragment,	708	* If we already have an entry and this one is a fragment,
@@ -717,9 +717,9 @@ dtls1_process_out_of_seq_message(SSL s, struct hm_header_st msg_hdr, int *ok)
717	* a FINISHED before the SERVER_HELLO, which then must be a stale	717	* a FINISHED before the SERVER_HELLO, which then must be a stale
718	* retransmit.	718	* retransmit.
719	*/	719	*/
720	if (msg_hdr->seq <= s->d1->handshake_read_seq \|\|	720	if (msg_hdr->seq <= D1I(s)->handshake_read_seq \|\|
721	msg_hdr->seq > s->d1->handshake_read_seq + 10 \|\| item != NULL \|\|	721	msg_hdr->seq > D1I(s)->handshake_read_seq + 10 \|\| item != NULL \|\|
722	(s->d1->handshake_read_seq == 0 &&	722	(D1I(s)->handshake_read_seq == 0 &&
723	msg_hdr->type == SSL3_MT_FINISHED)) {	723	msg_hdr->type == SSL3_MT_FINISHED)) {
724	unsigned char devnull [256];	724	unsigned char devnull [256];
725		725
@@ -760,7 +760,7 @@ dtls1_process_out_of_seq_message(SSL s, struct hm_header_st msg_hdr, int *ok)
760	if (item == NULL)	760	if (item == NULL)
761	goto err;	761	goto err;
762		762
763	pqueue_insert(s->d1->buffered_messages, item);	763	pqueue_insert(D1I(s)->buffered_messages, item);
764	}	764	}
765		765
766	return DTLS1_HM_FRAGMENT_RETRY;	766	return DTLS1_HM_FRAGMENT_RETRY;
@@ -814,8 +814,8 @@ again:
814	* While listening, we accept seq 1 (ClientHello with cookie)	814	* While listening, we accept seq 1 (ClientHello with cookie)
815	* although we're still expecting seq 0 (ClientHello)	815	* although we're still expecting seq 0 (ClientHello)
816	*/	816	*/
817	if (msg_hdr.seq != s->d1->handshake_read_seq &&	817	if (msg_hdr.seq != D1I(s)->handshake_read_seq &&
818	!(s->d1->listen && msg_hdr.seq == 1))	818	!(D1I(s)->listen && msg_hdr.seq == 1))
819	return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);	819	return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);
820		820
821	len = msg_hdr.msg_len;	821	len = msg_hdr.msg_len;
@@ -825,7 +825,7 @@ again:
825	if (frag_len && frag_len < len)	825	if (frag_len && frag_len < len)
826	return dtls1_reassemble_fragment(s, &msg_hdr, ok);	826	return dtls1_reassemble_fragment(s, &msg_hdr, ok);
827		827
828	if (!s->server && s->d1->r_msg_hdr.frag_off == 0 &&	828	if (!s->server && D1I(s)->r_msg_hdr.frag_off == 0 &&
829	wire[0] == SSL3_MT_HELLO_REQUEST) {	829	wire[0] == SSL3_MT_HELLO_REQUEST) {
830	/*	830	/*
831	* The server may always send 'Hello Request' messages --	831	* The server may always send 'Hello Request' messages --
@@ -918,13 +918,13 @@ dtls1_send_change_cipher_spec(SSL *s, int a, int b)
918	if (s->state == a) {	918	if (s->state == a) {
919	p = (unsigned char *)s->init_buf->data;	919	p = (unsigned char *)s->init_buf->data;
920	*p++=SSL3_MT_CCS;	920	*p++=SSL3_MT_CCS;
921	s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;	921	D1I(s)->handshake_write_seq = D1I(s)->next_handshake_write_seq;
922	s->init_num = DTLS1_CCS_HEADER_LENGTH;	922	s->init_num = DTLS1_CCS_HEADER_LENGTH;
923		923
924	s->init_off = 0;	924	s->init_off = 0;
925		925
926	dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,	926	dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
927	s->d1->handshake_write_seq, 0, 0);	927	D1I(s)->handshake_write_seq, 0, 0);
928		928
929	/* buffer the message to handle re-xmits */	929	/* buffer the message to handle re-xmits */
930	dtls1_buffer_message(s, 1);	930	dtls1_buffer_message(s, 1);
@@ -1031,26 +1031,26 @@ dtls1_buffer_message(SSL *s, int is_ccs)
1031	memcpy(frag->fragment, s->init_buf->data, s->init_num);	1031	memcpy(frag->fragment, s->init_buf->data, s->init_num);
1032		1032
1033	if (is_ccs) {	1033	if (is_ccs) {
1034	OPENSSL_assert(s->d1->w_msg_hdr.msg_len +	1034	OPENSSL_assert(D1I(s)->w_msg_hdr.msg_len +
1035	((s->version == DTLS1_VERSION) ?	1035	((s->version == DTLS1_VERSION) ?
1036	DTLS1_CCS_HEADER_LENGTH : 3) == (unsigned int)s->init_num);	1036	DTLS1_CCS_HEADER_LENGTH : 3) == (unsigned int)s->init_num);
1037	} else {	1037	} else {
1038	OPENSSL_assert(s->d1->w_msg_hdr.msg_len +	1038	OPENSSL_assert(D1I(s)->w_msg_hdr.msg_len +
1039	DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);	1039	DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
1040	}	1040	}
1041		1041
1042	frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;	1042	frag->msg_header.msg_len = D1I(s)->w_msg_hdr.msg_len;
1043	frag->msg_header.seq = s->d1->w_msg_hdr.seq;	1043	frag->msg_header.seq = D1I(s)->w_msg_hdr.seq;
1044	frag->msg_header.type = s->d1->w_msg_hdr.type;	1044	frag->msg_header.type = D1I(s)->w_msg_hdr.type;
1045	frag->msg_header.frag_off = 0;	1045	frag->msg_header.frag_off = 0;
1046	frag->msg_header.frag_len = s->d1->w_msg_hdr.msg_len;	1046	frag->msg_header.frag_len = D1I(s)->w_msg_hdr.msg_len;
1047	frag->msg_header.is_ccs = is_ccs;	1047	frag->msg_header.is_ccs = is_ccs;
1048		1048
1049	/* save current state*/	1049	/* save current state*/
1050	frag->msg_header.saved_retransmit_state.enc_write_ctx = s->enc_write_ctx;	1050	frag->msg_header.saved_retransmit_state.enc_write_ctx = s->enc_write_ctx;
1051	frag->msg_header.saved_retransmit_state.write_hash = s->write_hash;	1051	frag->msg_header.saved_retransmit_state.write_hash = s->write_hash;
1052	frag->msg_header.saved_retransmit_state.session = s->session;	1052	frag->msg_header.saved_retransmit_state.session = s->session;
1053	frag->msg_header.saved_retransmit_state.epoch = s->d1->w_epoch;	1053	frag->msg_header.saved_retransmit_state.epoch = D1I(s)->w_epoch;
1054		1054
1055	memset(seq64be, 0, sizeof(seq64be));	1055	memset(seq64be, 0, sizeof(seq64be));
1056	seq64be[6] = (unsigned char)(dtls1_get_queue_priority(	1056	seq64be[6] = (unsigned char)(dtls1_get_queue_priority(
@@ -1120,21 +1120,21 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
1120	saved_state.enc_write_ctx = s->enc_write_ctx;	1120	saved_state.enc_write_ctx = s->enc_write_ctx;
1121	saved_state.write_hash = s->write_hash;	1121	saved_state.write_hash = s->write_hash;
1122	saved_state.session = s->session;	1122	saved_state.session = s->session;
1123	saved_state.epoch = s->d1->w_epoch;	1123	saved_state.epoch = D1I(s)->w_epoch;
1124		1124
1125	s->d1->retransmitting = 1;	1125	D1I(s)->retransmitting = 1;
1126		1126
1127	/* restore state in which the message was originally sent */	1127	/* restore state in which the message was originally sent */
1128	s->enc_write_ctx = frag->msg_header.saved_retransmit_state.enc_write_ctx;	1128	s->enc_write_ctx = frag->msg_header.saved_retransmit_state.enc_write_ctx;
1129	s->write_hash = frag->msg_header.saved_retransmit_state.write_hash;	1129	s->write_hash = frag->msg_header.saved_retransmit_state.write_hash;
1130	s->session = frag->msg_header.saved_retransmit_state.session;	1130	s->session = frag->msg_header.saved_retransmit_state.session;
1131	s->d1->w_epoch = frag->msg_header.saved_retransmit_state.epoch;	1131	D1I(s)->w_epoch = frag->msg_header.saved_retransmit_state.epoch;
1132		1132
1133	if (frag->msg_header.saved_retransmit_state.epoch ==	1133	if (frag->msg_header.saved_retransmit_state.epoch ==
1134	saved_state.epoch - 1) {	1134	saved_state.epoch - 1) {
1135	memcpy(save_write_sequence, s->s3->write_sequence,	1135	memcpy(save_write_sequence, s->s3->write_sequence,
1136	sizeof(s->s3->write_sequence));	1136	sizeof(s->s3->write_sequence));
1137	memcpy(s->s3->write_sequence, s->d1->last_write_sequence,	1137	memcpy(s->s3->write_sequence, D1I(s)->last_write_sequence,
1138	sizeof(s->s3->write_sequence));	1138	sizeof(s->s3->write_sequence));
1139	}	1139	}
1140		1140
@@ -1145,17 +1145,17 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
1145	s->enc_write_ctx = saved_state.enc_write_ctx;	1145	s->enc_write_ctx = saved_state.enc_write_ctx;
1146	s->write_hash = saved_state.write_hash;	1146	s->write_hash = saved_state.write_hash;
1147	s->session = saved_state.session;	1147	s->session = saved_state.session;
1148	s->d1->w_epoch = saved_state.epoch;	1148	D1I(s)->w_epoch = saved_state.epoch;
1149		1149
1150	if (frag->msg_header.saved_retransmit_state.epoch ==	1150	if (frag->msg_header.saved_retransmit_state.epoch ==
1151	saved_state.epoch - 1) {	1151	saved_state.epoch - 1) {
1152	memcpy(s->d1->last_write_sequence, s->s3->write_sequence,	1152	memcpy(D1I(s)->last_write_sequence, s->s3->write_sequence,
1153	sizeof(s->s3->write_sequence));	1153	sizeof(s->s3->write_sequence));
1154	memcpy(s->s3->write_sequence, save_write_sequence,	1154	memcpy(s->s3->write_sequence, save_write_sequence,
1155	sizeof(s->s3->write_sequence));	1155	sizeof(s->s3->write_sequence));
1156	}	1156	}
1157		1157
1158	s->d1->retransmitting = 0;	1158	D1I(s)->retransmitting = 0;
1159		1159
1160	(void)BIO_flush(SSL_get_wbio(s));	1160	(void)BIO_flush(SSL_get_wbio(s));
1161	return ret;	1161	return ret;
@@ -1179,12 +1179,12 @@ dtls1_set_message_header(SSL s, unsigned char p, unsigned char mt,
1179	unsigned long len, unsigned long frag_off, unsigned long frag_len)	1179	unsigned long len, unsigned long frag_off, unsigned long frag_len)
1180	{	1180	{
1181	/* Don't change sequence numbers while listening */	1181	/* Don't change sequence numbers while listening */
1182	if (frag_off == 0 && !s->d1->listen) {	1182	if (frag_off == 0 && !D1I(s)->listen) {
1183	s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;	1183	D1I(s)->handshake_write_seq = D1I(s)->next_handshake_write_seq;
1184	s->d1->next_handshake_write_seq++;	1184	D1I(s)->next_handshake_write_seq++;
1185	}	1185	}
1186		1186
1187	dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq,	1187	dtls1_set_message_header_int(s, mt, len, D1I(s)->handshake_write_seq,
1188	frag_off, frag_len);	1188	frag_off, frag_len);
1189		1189
1190	return p += DTLS1_HM_HEADER_LENGTH;	1190	return p += DTLS1_HM_HEADER_LENGTH;
@@ -1195,7 +1195,7 @@ static void
1195	dtls1_set_message_header_int(SSL *s, unsigned char mt, unsigned long len,	1195	dtls1_set_message_header_int(SSL *s, unsigned char mt, unsigned long len,
1196	unsigned short seq_num, unsigned long frag_off, unsigned long frag_len)	1196	unsigned short seq_num, unsigned long frag_off, unsigned long frag_len)
1197	{	1197	{
1198	struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;	1198	struct hm_header_st *msg_hdr = &D1I(s)->w_msg_hdr;
1199		1199
1200	msg_hdr->type = mt;	1200	msg_hdr->type = mt;
1201	msg_hdr->msg_len = len;	1201	msg_hdr->msg_len = len;
@@ -1207,7 +1207,7 @@ dtls1_set_message_header_int(SSL *s, unsigned char mt, unsigned long len,
1207	static void	1207	static void
1208	dtls1_fix_message_header(SSL *s, unsigned long frag_off, unsigned long frag_len)	1208	dtls1_fix_message_header(SSL *s, unsigned long frag_off, unsigned long frag_len)
1209	{	1209	{
1210	struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;	1210	struct hm_header_st *msg_hdr = &D1I(s)->w_msg_hdr;
1211		1211
1212	msg_hdr->frag_off = frag_off;	1212	msg_hdr->frag_off = frag_off;
1213	msg_hdr->frag_len = frag_len;	1213	msg_hdr->frag_len = frag_len;
@@ -1216,7 +1216,7 @@ dtls1_fix_message_header(SSL *s, unsigned long frag_off, unsigned long frag_len)
1216	static unsigned char *	1216	static unsigned char *
1217	dtls1_write_message_header(SSL s, unsigned char p)	1217	dtls1_write_message_header(SSL s, unsigned char p)
1218	{	1218	{
1219	struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;	1219	struct hm_header_st *msg_hdr = &D1I(s)->w_msg_hdr;
1220		1220
1221	*p++ = msg_hdr->type;	1221	*p++ = msg_hdr->type;
1222	l2n3(msg_hdr->msg_len, p);	1222	l2n3(msg_hdr->msg_len, p);