send state and rstate from ssl_st into internal. There are accessors

so these should not be diddled with directly ok jsing@
author: beck <> 2017-01-23 08:48:45 +0000
committer: beck <> 2017-01-23 08:48:45 +0000
commit: 61af17199189570a4400f2757a9e8dab4bb76d2a (patch)
tree: e1f210556179334ded73129e6e0733758fe22365 /src/lib/libssl/s3_pkt.c
parent: c85967e4f9c3e1f3b3217545939f1d44ddf9f103 (diff)
download: openbsd-61af17199189570a4400f2757a9e8dab4bb76d2a.tar.gz
openbsd-61af17199189570a4400f2757a9e8dab4bb76d2a.tar.bz2
openbsd-61af17199189570a4400f2757a9e8dab4bb76d2a.zip
1 files changed, 19 insertions, 19 deletions
diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c
index 3fb5168d16..228c5f536c 100644
--- a/src/lib/libssl/s3_pkt.c
+++ b/src/lib/libssl/s3_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_pkt.c,v 1.65 2017/01/23 08:08:06 beck Exp $ */
+/* $OpenBSD: s3_pkt.c,v 1.66 2017/01/23 08:48:44 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -290,7 +290,7 @@ ssl3_get_record(SSL *s)
 again:
        /* check if we have the header */
-        if ((s->rstate != SSL_ST_READ_BODY) ||
+        if ((s->internal->rstate != SSL_ST_READ_BODY) ||
            (s->internal->packet_length < SSL3_RT_HEADER_LENGTH)) {
                CBS header;
                uint16_t len, ssl_version;
@@ -299,7 +299,7 @@ again:
                n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
                if (n <= 0)
                        return(n); /* error or non-blocking */
-                s->rstate = SSL_ST_READ_BODY;
+                s->internal->rstate = SSL_ST_READ_BODY;
                CBS_init(&header, s->internal->packet, n);
@@ -340,10 +340,10 @@ again:
                        goto f_err;
                }
-                /* now s->rstate == SSL_ST_READ_BODY */
+                /* now s->internal->rstate == SSL_ST_READ_BODY */
        }
-        /* s->rstate == SSL_ST_READ_BODY, get and decode the data */
+        /* s->internal->rstate == SSL_ST_READ_BODY, get and decode the data */
        if (rr->length > s->internal->packet_length - SSL3_RT_HEADER_LENGTH) {
                /* now s->internal->packet_length == SSL3_RT_HEADER_LENGTH */
@@ -355,7 +355,7 @@ again:
                 * and s->internal->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */
        }
-        s->rstate=SSL_ST_READ_HEADER; /* set state for later operations */
+        s->internal->rstate=SSL_ST_READ_HEADER; /* set state for later operations */
        /* At this point, s->internal->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
         * and we have that many bytes in s->internal->packet
@@ -666,7 +666,7 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf,
        /* Some servers hang if iniatial client hello is larger than 256
         * bytes and record version number > TLS 1.0
         */
-        if (s->state == SSL3_ST_CW_CLNT_HELLO_B && !s->internal->renegotiate &&
+        if (s->internal->state == SSL3_ST_CW_CLNT_HELLO_B && !s->internal->renegotiate &&
            TLS1_get_version(s) > TLS1_VERSION)
                *(p++) = 0x1;
        else
@@ -929,7 +929,7 @@ start:
        rr = &(S3I(s)->rrec);
        /* get new packet if necessary */
-        if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) {
+        if ((rr->length == 0) || (s->internal->rstate == SSL_ST_READ_BODY)) {
                ret = ssl3_get_record(s);
                if (ret <= 0)
                        return (ret);
@@ -981,7 +981,7 @@ start:
                        rr->length -= n;
                        rr->off += n;
                        if (rr->length == 0) {
-                                s->rstate = SSL_ST_READ_HEADER;
+                                s->internal->rstate = SSL_ST_READ_HEADER;
                                rr->off = 0;
                                if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
                                    s->s3->rbuf.left == 0)
@@ -1215,9 +1215,9 @@ start:
        /* Unexpected handshake message (Client Hello, or protocol violation) */
        if ((S3I(s)->handshake_fragment_len >= 4) && !s->internal->in_handshake) {
-                if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
+                if (((s->internal->state&SSL_ST_MASK) == SSL_ST_OK) &&
                    !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
-                        s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
+                        s->internal->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
                        s->internal->renegotiate = 1;
                        s->internal->new_session = 1;
                }
@@ -1280,12 +1280,12 @@ start:
                 */
                if (S3I(s)->in_read_app_data &&
                    (S3I(s)->total_renegotiations != 0) &&
-                    (((s->state & SSL_ST_CONNECT) &&
+                    (((s->internal->state & SSL_ST_CONNECT) &&
-                    (s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
+                    (s->internal->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
-                    (s->state <= SSL3_ST_CR_SRVR_HELLO_A)) ||
+                    (s->internal->state <= SSL3_ST_CR_SRVR_HELLO_A)) ||
-                    ((s->state & SSL_ST_ACCEPT) &&
+                    ((s->internal->state & SSL_ST_ACCEPT) &&
-                    (s->state <= SSL3_ST_SW_HELLO_REQ_A) &&
+                    (s->internal->state <= SSL3_ST_SW_HELLO_REQ_A) &&
-                    (s->state >= SSL3_ST_SR_CLNT_HELLO_A)))) {
+                    (s->internal->state >= SSL3_ST_SR_CLNT_HELLO_A)))) {
                        S3I(s)->in_read_app_data = 2;
                        return (-1);
                } else {
@@ -1309,7 +1309,7 @@ ssl3_do_change_cipher_spec(SSL *s)
        const char *sender;
        int slen;
-        if (s->state & SSL_ST_ACCEPT)
+        if (s->internal->state & SSL_ST_ACCEPT)
                i = SSL3_CHANGE_CIPHER_SERVER_READ;
        else
                i = SSL3_CHANGE_CIPHER_CLIENT_READ;
@@ -1333,7 +1333,7 @@ ssl3_do_change_cipher_spec(SSL *s)
        /* we have to record the message digest at
         * this point so we can get it before we read
         * the finished message */
-        if (s->state & SSL_ST_CONNECT) {
+        if (s->internal->state & SSL_ST_CONNECT) {
                sender = s->method->ssl3_enc->server_finished_label;
                slen = s->method->ssl3_enc->server_finished_label_len;
        } else {
author	beck <>	2017-01-23 08:48:45 +0000
committer	beck <>	2017-01-23 08:48:45 +0000
commit	61af17199189570a4400f2757a9e8dab4bb76d2a (patch)
tree	e1f210556179334ded73129e6e0733758fe22365 /src/lib/libssl/s3_pkt.c
parent	c85967e4f9c3e1f3b3217545939f1d44ddf9f103 (diff)
download	openbsd-61af17199189570a4400f2757a9e8dab4bb76d2a.tar.gz openbsd-61af17199189570a4400f2757a9e8dab4bb76d2a.tar.bz2 openbsd-61af17199189570a4400f2757a9e8dab4bb76d2a.zip

diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c index 3fb5168d16..228c5f536c 100644 --- a/src/lib/libssl/s3_pkt.c +++ b/src/lib/libssl/s3_pkt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_pkt.c,v 1.65 2017/01/23 08:08:06 beck Exp $ */	1	/* $OpenBSD: s3_pkt.c,v 1.66 2017/01/23 08:48:44 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -290,7 +290,7 @@ ssl3_get_record(SSL *s)
290		290
291	again:	291	again:
292	/* check if we have the header */	292	/* check if we have the header */
293	if ((s->rstate != SSL_ST_READ_BODY) \|\|	293	if ((s->internal->rstate != SSL_ST_READ_BODY) \|\|
294	(s->internal->packet_length < SSL3_RT_HEADER_LENGTH)) {	294	(s->internal->packet_length < SSL3_RT_HEADER_LENGTH)) {
295	CBS header;	295	CBS header;
296	uint16_t len, ssl_version;	296	uint16_t len, ssl_version;
@@ -299,7 +299,7 @@ again:
299	n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);	299	n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
300	if (n <= 0)	300	if (n <= 0)
301	return(n); /* error or non-blocking */	301	return(n); /* error or non-blocking */
302	s->rstate = SSL_ST_READ_BODY;	302	s->internal->rstate = SSL_ST_READ_BODY;
303		303
304	CBS_init(&header, s->internal->packet, n);	304	CBS_init(&header, s->internal->packet, n);
305		305
@@ -340,10 +340,10 @@ again:
340	goto f_err;	340	goto f_err;
341	}	341	}
342		342
343	/* now s->rstate == SSL_ST_READ_BODY */	343	/* now s->internal->rstate == SSL_ST_READ_BODY */
344	}	344	}
345		345
346	/* s->rstate == SSL_ST_READ_BODY, get and decode the data */	346	/* s->internal->rstate == SSL_ST_READ_BODY, get and decode the data */
347		347
348	if (rr->length > s->internal->packet_length - SSL3_RT_HEADER_LENGTH) {	348	if (rr->length > s->internal->packet_length - SSL3_RT_HEADER_LENGTH) {
349	/* now s->internal->packet_length == SSL3_RT_HEADER_LENGTH */	349	/* now s->internal->packet_length == SSL3_RT_HEADER_LENGTH */
@@ -355,7 +355,7 @@ again:
355	* and s->internal->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */	355	* and s->internal->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */
356	}	356	}
357		357
358	s->rstate=SSL_ST_READ_HEADER; /* set state for later operations */	358	s->internal->rstate=SSL_ST_READ_HEADER; /* set state for later operations */
359		359
360	/* At this point, s->internal->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,	360	/* At this point, s->internal->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
361	* and we have that many bytes in s->internal->packet	361	* and we have that many bytes in s->internal->packet
@@ -666,7 +666,7 @@ do_ssl3_write(SSL s, int type, const unsigned char buf,
666	/* Some servers hang if iniatial client hello is larger than 256	666	/* Some servers hang if iniatial client hello is larger than 256
667	* bytes and record version number > TLS 1.0	667	* bytes and record version number > TLS 1.0
668	*/	668	*/
669	if (s->state == SSL3_ST_CW_CLNT_HELLO_B && !s->internal->renegotiate &&	669	if (s->internal->state == SSL3_ST_CW_CLNT_HELLO_B && !s->internal->renegotiate &&
670	TLS1_get_version(s) > TLS1_VERSION)	670	TLS1_get_version(s) > TLS1_VERSION)
671	*(p++) = 0x1;	671	*(p++) = 0x1;
672	else	672	else
@@ -929,7 +929,7 @@ start:
929	rr = &(S3I(s)->rrec);	929	rr = &(S3I(s)->rrec);
930		930
931	/* get new packet if necessary */	931	/* get new packet if necessary */
932	if ((rr->length == 0) \|\| (s->rstate == SSL_ST_READ_BODY)) {	932	if ((rr->length == 0) \|\| (s->internal->rstate == SSL_ST_READ_BODY)) {
933	ret = ssl3_get_record(s);	933	ret = ssl3_get_record(s);
934	if (ret <= 0)	934	if (ret <= 0)
935	return (ret);	935	return (ret);
@@ -981,7 +981,7 @@ start:
981	rr->length -= n;	981	rr->length -= n;
982	rr->off += n;	982	rr->off += n;
983	if (rr->length == 0) {	983	if (rr->length == 0) {
984	s->rstate = SSL_ST_READ_HEADER;	984	s->internal->rstate = SSL_ST_READ_HEADER;
985	rr->off = 0;	985	rr->off = 0;
986	if (s->mode & SSL_MODE_RELEASE_BUFFERS &&	986	if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
987	s->s3->rbuf.left == 0)	987	s->s3->rbuf.left == 0)
@@ -1215,9 +1215,9 @@ start:
1215		1215
1216	/* Unexpected handshake message (Client Hello, or protocol violation) */	1216	/* Unexpected handshake message (Client Hello, or protocol violation) */
1217	if ((S3I(s)->handshake_fragment_len >= 4) && !s->internal->in_handshake) {	1217	if ((S3I(s)->handshake_fragment_len >= 4) && !s->internal->in_handshake) {
1218	if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&	1218	if (((s->internal->state&SSL_ST_MASK) == SSL_ST_OK) &&
1219	!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {	1219	!(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
1220	s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;	1220	s->internal->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
1221	s->internal->renegotiate = 1;	1221	s->internal->renegotiate = 1;
1222	s->internal->new_session = 1;	1222	s->internal->new_session = 1;
1223	}	1223	}
@@ -1280,12 +1280,12 @@ start:
1280	*/	1280	*/
1281	if (S3I(s)->in_read_app_data &&	1281	if (S3I(s)->in_read_app_data &&
1282	(S3I(s)->total_renegotiations != 0) &&	1282	(S3I(s)->total_renegotiations != 0) &&
1283	(((s->state & SSL_ST_CONNECT) &&	1283	(((s->internal->state & SSL_ST_CONNECT) &&
1284	(s->state >= SSL3_ST_CW_CLNT_HELLO_A) &&	1284	(s->internal->state >= SSL3_ST_CW_CLNT_HELLO_A) &&
1285	(s->state <= SSL3_ST_CR_SRVR_HELLO_A)) \|\|	1285	(s->internal->state <= SSL3_ST_CR_SRVR_HELLO_A)) \|\|
1286	((s->state & SSL_ST_ACCEPT) &&	1286	((s->internal->state & SSL_ST_ACCEPT) &&
1287	(s->state <= SSL3_ST_SW_HELLO_REQ_A) &&	1287	(s->internal->state <= SSL3_ST_SW_HELLO_REQ_A) &&
1288	(s->state >= SSL3_ST_SR_CLNT_HELLO_A)))) {	1288	(s->internal->state >= SSL3_ST_SR_CLNT_HELLO_A)))) {
1289	S3I(s)->in_read_app_data = 2;	1289	S3I(s)->in_read_app_data = 2;
1290	return (-1);	1290	return (-1);
1291	} else {	1291	} else {
@@ -1309,7 +1309,7 @@ ssl3_do_change_cipher_spec(SSL *s)
1309	const char *sender;	1309	const char *sender;
1310	int slen;	1310	int slen;
1311		1311
1312	if (s->state & SSL_ST_ACCEPT)	1312	if (s->internal->state & SSL_ST_ACCEPT)
1313	i = SSL3_CHANGE_CIPHER_SERVER_READ;	1313	i = SSL3_CHANGE_CIPHER_SERVER_READ;
1314	else	1314	else
1315	i = SSL3_CHANGE_CIPHER_CLIENT_READ;	1315	i = SSL3_CHANGE_CIPHER_CLIENT_READ;
@@ -1333,7 +1333,7 @@ ssl3_do_change_cipher_spec(SSL *s)
1333	/* we have to record the message digest at	1333	/* we have to record the message digest at
1334	* this point so we can get it before we read	1334	* this point so we can get it before we read
1335	* the finished message */	1335	* the finished message */
1336	if (s->state & SSL_ST_CONNECT) {	1336	if (s->internal->state & SSL_ST_CONNECT) {
1337	sender = s->method->ssl3_enc->server_finished_label;	1337	sender = s->method->ssl3_enc->server_finished_label;
1338	slen = s->method->ssl3_enc->server_finished_label_len;	1338	slen = s->method->ssl3_enc->server_finished_label_len;
1339	} else {	1339	} else {