summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authortedu <>2014-04-24 19:38:22 +0000
committertedu <>2014-04-24 19:38:22 +0000
commitee0e4a89f7bc70ae2e13e3e9780c2ece13f4a328 (patch)
tree6c3759fc0a8c029436b31cd07a43eaacdd59cfe5 /src/lib
parent0c0f1104f3af352d3b8b2e6e95f6db5a741bbe89 (diff)
downloadopenbsd-ee0e4a89f7bc70ae2e13e3e9780c2ece13f4a328.tar.gz
openbsd-ee0e4a89f7bc70ae2e13e3e9780c2ece13f4a328.tar.bz2
openbsd-ee0e4a89f7bc70ae2e13e3e9780c2ece13f4a328.zip
rearrange a bit of code/comments
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libssl/s3_pkt.c156
-rw-r--r--src/lib/libssl/src/ssl/s3_pkt.c156
2 files changed, 178 insertions, 134 deletions
diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c
index 2a88b14852..68c3f1cb2b 100644
--- a/src/lib/libssl/s3_pkt.c
+++ b/src/lib/libssl/s3_pkt.c
@@ -120,16 +120,16 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
120 unsigned int len, int create_empty_fragment); 120 unsigned int len, int create_empty_fragment);
121static int ssl3_get_record(SSL *s); 121static int ssl3_get_record(SSL *s);
122 122
123/* If extend == 0, obtain new n-byte packet; if extend == 1, increase
124 * packet by another n bytes.
125 * The packet will be in the sub-array of s->s3->rbuf.buf specified
126 * by s->packet and s->packet_length.
127 * (If s->read_ahead is set, 'max' bytes may be stored in rbuf
128 * [plus s->packet_length bytes if extend == 1].)
129 */
123int 130int
124ssl3_read_n(SSL *s, int n, int max, int extend) 131ssl3_read_n(SSL *s, int n, int max, int extend)
125{ 132{
126 /* If extend == 0, obtain new n-byte packet; if extend == 1, increase
127 * packet by another n bytes.
128 * The packet will be in the sub-array of s->s3->rbuf.buf specified
129 * by s->packet and s->packet_length.
130 * (If s->read_ahead is set, 'max' bytes may be stored in rbuf
131 * [plus s->packet_length bytes if extend == 1].)
132 */
133 int i, len, left; 133 int i, len, left;
134 long align = 0; 134 long align = 0;
135 unsigned char *pkt; 135 unsigned char *pkt;
@@ -157,8 +157,8 @@ ssl3_read_n(SSL *s, int n, int max, int extend)
157 /* check if next packet length is large 157 /* check if next packet length is large
158 * enough to justify payload alignment... */ 158 * enough to justify payload alignment... */
159 pkt = rb->buf + rb->offset; 159 pkt = rb->buf + rb->offset;
160 if (pkt[0] == SSL3_RT_APPLICATION_DATA 160 if (pkt[0] == SSL3_RT_APPLICATION_DATA &&
161 && (pkt[3]<<8|pkt[4]) >= 128) { 161 (pkt[3]<<8|pkt[4]) >= 128) {
162 /* Note that even if packet is corrupted 162 /* Note that even if packet is corrupted
163 * and its length field is insane, we can 163 * and its length field is insane, we can
164 * only be led to wrong decision about 164 * only be led to wrong decision about
@@ -166,7 +166,7 @@ ssl3_read_n(SSL *s, int n, int max, int extend)
166 * Header values has no effect on memmove 166 * Header values has no effect on memmove
167 * arguments and therefore no buffer 167 * arguments and therefore no buffer
168 * overrun can be triggered. */ 168 * overrun can be triggered. */
169 memmove (rb->buf + align, pkt, left); 169 memmove(rb->buf + align, pkt, left);
170 rb->offset = align; 170 rb->offset = align;
171 } 171 }
172 } 172 }
@@ -198,23 +198,23 @@ ssl3_read_n(SSL *s, int n, int max, int extend)
198 /* Move any available bytes to front of buffer: 198 /* Move any available bytes to front of buffer:
199 * 'len' bytes already pointed to by 'packet', 199 * 'len' bytes already pointed to by 'packet',
200 * 'left' extra ones at the end */ 200 * 'left' extra ones at the end */
201 if (s->packet != pkt) /* len > 0 */ 201 if (s->packet != pkt) {
202 { 202 /* len > 0 */
203 memmove(pkt, s->packet, len + left); 203 memmove(pkt, s->packet, len + left);
204 s->packet = pkt; 204 s->packet = pkt;
205 rb->offset = len + align; 205 rb->offset = len + align;
206 } 206 }
207 207
208 if (n > (int)(rb->len - rb->offset)) /* does not happen */ 208 if (n > (int)(rb->len - rb->offset)) {
209 { 209 /* does not happen */
210 SSLerr(SSL_F_SSL3_READ_N, ERR_R_INTERNAL_ERROR); 210 SSLerr(SSL_F_SSL3_READ_N, ERR_R_INTERNAL_ERROR);
211 return -1; 211 return -1;
212 } 212 }
213 213
214 if (!s->read_ahead) 214 if (!s->read_ahead) {
215 /* ignore max parameter */ 215 /* ignore max parameter */
216 max = n; 216 max = n;
217 else { 217 } else {
218 if (max < n) 218 if (max < n)
219 max = n; 219 max = n;
220 if (max > (int)(rb->len - rb->offset)) 220 if (max > (int)(rb->len - rb->offset))
@@ -238,16 +238,18 @@ ssl3_read_n(SSL *s, int n, int max, int extend)
238 if (i <= 0) { 238 if (i <= 0) {
239 rb->left = left; 239 rb->left = left;
240 if (s->mode & SSL_MODE_RELEASE_BUFFERS && 240 if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
241 SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER) 241 SSL_version(s) != DTLS1_VERSION &&
242 if (len + left == 0) 242 SSL_version(s) != DTLS1_BAD_VER)
243 ssl3_release_read_buffer(s); 243 if (len + left == 0)
244 ssl3_release_read_buffer(s);
244 return (i); 245 return (i);
245 } 246 }
246 left += i; 247 left += i;
247 /* reads should *never* span multiple packets for DTLS because 248 /* reads should *never* span multiple packets for DTLS because
248 * the underlying transport protocol is message oriented as opposed 249 * the underlying transport protocol is message oriented as opposed
249 * to byte oriented as in the TLS case. */ 250 * to byte oriented as in the TLS case. */
250 if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER) { 251 if (SSL_version(s) == DTLS1_VERSION ||
252 SSL_version(s) == DTLS1_BAD_VER) {
251 if (n > left) 253 if (n > left)
252 n = left; /* makes the while condition false */ 254 n = left; /* makes the while condition false */
253 } 255 }
@@ -290,6 +292,7 @@ ssl3_get_record(SSL *s)
290 extra = SSL3_RT_MAX_EXTRA; 292 extra = SSL3_RT_MAX_EXTRA;
291 else 293 else
292 extra = 0; 294 extra = 0;
295
293 if (extra && !s->s3->init_extra) { 296 if (extra && !s->s3->init_extra) {
294 /* An application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER 297 /* An application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER
295 * set after ssl3_setup_buffers() was done */ 298 * set after ssl3_setup_buffers() was done */
@@ -302,8 +305,9 @@ again:
302 if ((s->rstate != SSL_ST_READ_BODY) || 305 if ((s->rstate != SSL_ST_READ_BODY) ||
303 (s->packet_length < SSL3_RT_HEADER_LENGTH)) { 306 (s->packet_length < SSL3_RT_HEADER_LENGTH)) {
304 n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0); 307 n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
305 if (n <= 0) return(n); /* error or non-blocking */ 308 if (n <= 0)
306 s->rstate = SSL_ST_READ_BODY; 309 return(n); /* error or non-blocking */
310 s->rstate = SSL_ST_READ_BODY;
307 311
308 p = s->packet; 312 p = s->packet;
309 313
@@ -317,10 +321,12 @@ again:
317 /* Lets check version */ 321 /* Lets check version */
318 if (!s->first_packet) { 322 if (!s->first_packet) {
319 if (version != s->version) { 323 if (version != s->version) {
320 SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER); 324 SSLerr(SSL_F_SSL3_GET_RECORD,
321 if ((s->version & 0xFF00) == (version & 0xFF00) && !s->enc_write_ctx && !s->write_hash) 325 SSL_R_WRONG_VERSION_NUMBER);
326 if ((s->version & 0xFF00) == (version & 0xFF00) &&
327 !s->enc_write_ctx && !s->write_hash)
322 /* Send back error using their minor version number :-) */ 328 /* Send back error using their minor version number :-) */
323 s->version = (unsigned short)version; 329 s->version = (unsigned short)version;
324 al = SSL_AD_PROTOCOL_VERSION; 330 al = SSL_AD_PROTOCOL_VERSION;
325 goto f_err; 331 goto f_err;
326 } 332 }
@@ -346,7 +352,8 @@ again:
346 /* now s->packet_length == SSL3_RT_HEADER_LENGTH */ 352 /* now s->packet_length == SSL3_RT_HEADER_LENGTH */
347 i = rr->length; 353 i = rr->length;
348 n = ssl3_read_n(s, i, i, 1); 354 n = ssl3_read_n(s, i, i, 1);
349 if (n <= 0) return(n); /* error or non-blocking io */ 355 if (n <= 0)
356 return(n); /* error or non-blocking io */
350 /* now n == rr->length, 357 /* now n == rr->length,
351 * and s->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */ 358 * and s->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */
352 } 359 }
@@ -401,6 +408,7 @@ again:
401 /* s->read_hash != NULL => mac_size != -1 */ 408 /* s->read_hash != NULL => mac_size != -1 */
402 unsigned char *mac = NULL; 409 unsigned char *mac = NULL;
403 unsigned char mac_tmp[EVP_MAX_MD_SIZE]; 410 unsigned char mac_tmp[EVP_MAX_MD_SIZE];
411
404 mac_size = EVP_MD_CTX_size(s->read_hash); 412 mac_size = EVP_MD_CTX_size(s->read_hash);
405 OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE); 413 OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
406 414
@@ -438,8 +446,9 @@ again:
438 mac = &rr->data[rr->length]; 446 mac = &rr->data[rr->length];
439 } 447 }
440 448
441 i=s->method->ssl3_enc->mac(s,md,0 /* not send */); 449 i = s->method->ssl3_enc->mac(s,md,0 /* not send */);
442 if (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0) 450 if (i < 0 || mac == NULL ||
451 CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)
443 enc_err = -1; 452 enc_err = -1;
444 if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + extra + mac_size) 453 if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + extra + mac_size)
445 enc_err = -1; 454 enc_err = -1;
@@ -477,7 +486,9 @@ again:
477 } 486 }
478 487
479 rr->off = 0; 488 rr->off = 0;
480 /* So at this point the following is true 489 /*
490 * So at this point the following is true
491 *
481 * ssl->s3->rrec.type is the type of record 492 * ssl->s3->rrec.type is the type of record
482 * ssl->s3->rrec.length == number of bytes in record 493 * ssl->s3->rrec.length == number of bytes in record
483 * ssl->s3->rrec.off == offset to first valid byte 494 * ssl->s3->rrec.off == offset to first valid byte
@@ -509,7 +520,7 @@ ssl3_do_uncompress(SSL *ssl)
509 520
510 rr = &(ssl->s3->rrec); 521 rr = &(ssl->s3->rrec);
511 i = COMP_expand_block(ssl->expand, rr->comp, 522 i = COMP_expand_block(ssl->expand, rr->comp,
512 SSL3_RT_MAX_PLAIN_LENGTH, rr->data,(int)rr->length); 523 SSL3_RT_MAX_PLAIN_LENGTH, rr->data, (int)rr->length);
513 if (i < 0) 524 if (i < 0)
514 return (0); 525 return (0);
515 else 526 else
@@ -528,8 +539,8 @@ ssl3_do_compress(SSL *ssl)
528 539
529 wr = &(ssl->s3->wrec); 540 wr = &(ssl->s3->wrec);
530 i = COMP_compress_block(ssl->compress, wr->data, 541 i = COMP_compress_block(ssl->compress, wr->data,
531 SSL3_RT_MAX_COMPRESSED_LENGTH, 542 SSL3_RT_MAX_COMPRESSED_LENGTH,
532 wr->input,(int)wr->length); 543 wr->input, (int)wr->length);
533 if (i < 0) 544 if (i < 0)
534 return (0); 545 return (0);
535 else 546 else
@@ -734,8 +745,7 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf,
734 wr->length = (int)len; 745 wr->length = (int)len;
735 wr->input = (unsigned char *)buf; 746 wr->input = (unsigned char *)buf;
736 747
737 /* we now 'read' from wr->input, wr->length bytes into 748 /* we now 'read' from wr->input, wr->length bytes into wr->data */
738 * wr->data */
739 749
740 /* first we compress */ 750 /* first we compress */
741 if (s->compress != NULL) { 751 if (s->compress != NULL) {
@@ -790,7 +800,8 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf,
790 /* now let's set up wb */ 800 /* now let's set up wb */
791 wb->left = prefix_len + wr->length; 801 wb->left = prefix_len + wr->length;
792 802
793 /* memorize arguments so that ssl3_write_pending can detect bad write retries later */ 803 /* memorize arguments so that ssl3_write_pending can detect
804 * bad write retries later */
794 s->s3->wpend_tot = len; 805 s->s3->wpend_tot = len;
795 s->s3->wpend_buf = buf; 806 s->s3->wpend_buf = buf;
796 s->s3->wpend_type = type; 807 s->s3->wpend_type = type;
@@ -810,7 +821,7 @@ ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
810 int i; 821 int i;
811 SSL3_BUFFER *wb = &(s->s3->wbuf); 822 SSL3_BUFFER *wb = &(s->s3->wbuf);
812 823
813/* XXXX */ 824 /* XXXX */
814 if ((s->s3->wpend_tot > (int)len) || ((s->s3->wpend_buf != buf) && 825 if ((s->s3->wpend_tot > (int)len) || ((s->s3->wpend_buf != buf) &&
815 !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) || 826 !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) ||
816 (s->s3->wpend_type != type)) { 827 (s->s3->wpend_type != type)) {
@@ -898,9 +909,8 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
898 return -1; 909 return -1;
899 } 910 }
900 911
901 if ((type == SSL3_RT_HANDSHAKE) && (s->s3->handshake_fragment_len > 0)) 912 if ((type == SSL3_RT_HANDSHAKE) && (s->s3->handshake_fragment_len > 0)) {
902 /* (partially) satisfy request from storage */ 913 /* (partially) satisfy request from storage */
903 {
904 unsigned char *src = s->s3->handshake_fragment; 914 unsigned char *src = s->s3->handshake_fragment;
905 unsigned char *dst = buf; 915 unsigned char *dst = buf;
906 unsigned int k; 916 unsigned int k;
@@ -934,10 +944,12 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
934start: 944start:
935 s->rwstate = SSL_NOTHING; 945 s->rwstate = SSL_NOTHING;
936 946
937 /* s->s3->rrec.type - is the type of record 947 /*
948 * s->s3->rrec.type - is the type of record
938 * s->s3->rrec.data, - data 949 * s->s3->rrec.data, - data
939 * s->s3->rrec.off, - offset into 'data' for next read 950 * s->s3->rrec.off, - offset into 'data' for next read
940 * s->s3->rrec.length, - number of bytes. */ 951 * s->s3->rrec.length, - number of bytes.
952 */
941 rr = &(s->s3->rrec); 953 rr = &(s->s3->rrec);
942 954
943 /* get new packet if necessary */ 955 /* get new packet if necessary */
@@ -966,8 +978,7 @@ start:
966 } 978 }
967 979
968 980
969 if (type == rr->type) /* SSL3_RT_APPLICATION_DATA or SSL3_RT_HANDSHAKE */ 981 if (type == rr->type) { /* SSL3_RT_APPLICATION_DATA or SSL3_RT_HANDSHAKE */
970 {
971 /* make sure that we are not getting application data when we 982 /* make sure that we are not getting application data when we
972 * are doing a handshake for the first time */ 983 * are doing a handshake for the first time */
973 if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) && 984 if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
@@ -1004,10 +1015,12 @@ start:
1004 /* If we get here, then type != rr->type; if we have a handshake 1015 /* If we get here, then type != rr->type; if we have a handshake
1005 * message, then it was unexpected (Hello Request or Client Hello). */ 1016 * message, then it was unexpected (Hello Request or Client Hello). */
1006 1017
1007 /* In case of record types for which we have 'fragment' storage,
1008 * fill that so that we can process the data at a fixed place.
1009 */
1010 { 1018 {
1019 /*
1020 * In case of record types for which we have 'fragment'
1021 * storage, * fill that so that we can process the data
1022 * at a fixed place.
1023 */
1011 unsigned int dest_maxlen = 0; 1024 unsigned int dest_maxlen = 0;
1012 unsigned char *dest = NULL; 1025 unsigned char *dest = NULL;
1013 unsigned int *dest_len = NULL; 1026 unsigned int *dest_len = NULL;
@@ -1056,7 +1069,8 @@ start:
1056 } 1069 }
1057 1070
1058 if (s->msg_callback) 1071 if (s->msg_callback)
1059 s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg); 1072 s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
1073 s->s3->handshake_fragment, 4, s, s->msg_callback_arg);
1060 1074
1061 if (SSL_is_init_finished(s) && 1075 if (SSL_is_init_finished(s) &&
1062 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && 1076 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
@@ -1072,13 +1086,13 @@ start:
1072 } 1086 }
1073 1087
1074 if (!(s->mode & SSL_MODE_AUTO_RETRY)) { 1088 if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
1075 if (s->s3->rbuf.left == 0) /* no read-ahead left? */ 1089 if (s->s3->rbuf.left == 0) {
1076 { 1090 /* no read-ahead left? */
1077 BIO *bio; 1091 BIO *bio;
1078 /* In the case where we try to read application data, 1092 /* In the case where we try to read application data,
1079 * but we trigger an SSL handshake, we return -1 with 1093 * but we trigger an SSL handshake, we return -1 with
1080 * the retry option set. Otherwise renegotiation may 1094 * the retry option set. Otherwise renegotiation may
1081 * cause nasty problems in the blocking world */ 1095 * cause nasty problems in the blocking world */
1082 s->rwstate = SSL_READING; 1096 s->rwstate = SSL_READING;
1083 bio = SSL_get_rbio(s); 1097 bio = SSL_get_rbio(s);
1084 BIO_clear_retry_flags(bio); 1098 BIO_clear_retry_flags(bio);
@@ -1115,7 +1129,8 @@ start:
1115 s->s3->alert_fragment_len = 0; 1129 s->s3->alert_fragment_len = 0;
1116 1130
1117 if (s->msg_callback) 1131 if (s->msg_callback)
1118 s->msg_callback(0, s->version, SSL3_RT_ALERT, s->s3->alert_fragment, 2, s, s->msg_callback_arg); 1132 s->msg_callback(0, s->version, SSL3_RT_ALERT,
1133 s->s3->alert_fragment, 2, s, s->msg_callback_arg);
1119 1134
1120 if (s->info_callback != NULL) 1135 if (s->info_callback != NULL)
1121 cb = s->info_callback; 1136 cb = s->info_callback;
@@ -1127,8 +1142,8 @@ start:
1127 cb(s, SSL_CB_READ_ALERT, j); 1142 cb(s, SSL_CB_READ_ALERT, j);
1128 } 1143 }
1129 1144
1130 if (alert_level == 1) /* warning */ 1145 if (alert_level == 1) {
1131 { 1146 /* warning */
1132 s->s3->warn_alert = alert_descr; 1147 s->s3->warn_alert = alert_descr;
1133 if (alert_descr == SSL_AD_CLOSE_NOTIFY) { 1148 if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
1134 s->shutdown |= SSL_RECEIVED_SHUTDOWN; 1149 s->shutdown |= SSL_RECEIVED_SHUTDOWN;
@@ -1152,8 +1167,8 @@ start:
1152 else if (alert_descr == SSL_AD_MISSING_SRP_USERNAME) 1167 else if (alert_descr == SSL_AD_MISSING_SRP_USERNAME)
1153 return (0); 1168 return (0);
1154#endif 1169#endif
1155 } else if (alert_level == 2) /* fatal */ 1170 } else if (alert_level == 2) {
1156 { 1171 /* fatal */
1157 char tmp[16]; 1172 char tmp[16];
1158 1173
1159 s->rwstate = SSL_NOTHING; 1174 s->rwstate = SSL_NOTHING;
@@ -1173,8 +1188,8 @@ start:
1173 goto start; 1188 goto start;
1174 } 1189 }
1175 1190
1176 if (s->shutdown & SSL_SENT_SHUTDOWN) /* but we have not received a shutdown */ 1191 if (s->shutdown & SSL_SENT_SHUTDOWN) {
1177 { 1192 /* but we have not received a shutdown */
1178 s->rwstate = SSL_NOTHING; 1193 s->rwstate = SSL_NOTHING;
1179 rr->length = 0; 1194 rr->length = 0;
1180 return (0); 1195 return (0);
@@ -1199,8 +1214,11 @@ start:
1199 1214
1200 rr->length = 0; 1215 rr->length = 0;
1201 1216
1202 if (s->msg_callback) 1217 if (s->msg_callback) {
1203 s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1, s, s->msg_callback_arg); 1218 s->msg_callback(0, s->version,
1219 SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1, s,
1220 s->msg_callback_arg);
1221 }
1204 1222
1205 s->s3->change_cipher_spec = 1; 1223 s->s3->change_cipher_spec = 1;
1206 if (!ssl3_do_change_cipher_spec(s)) 1224 if (!ssl3_do_change_cipher_spec(s))
@@ -1226,8 +1244,7 @@ start:
1226 } 1244 }
1227 1245
1228 if (!(s->mode & SSL_MODE_AUTO_RETRY)) { 1246 if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
1229 if (s->s3->rbuf.left == 0) /* no read-ahead left? */ 1247 if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
1230 {
1231 BIO *bio; 1248 BIO *bio;
1232 /* In the case where we try to read application data, 1249 /* In the case where we try to read application data,
1233 * but we trigger an SSL handshake, we return -1 with 1250 * but we trigger an SSL handshake, we return -1 with
@@ -1317,7 +1334,8 @@ ssl3_do_change_cipher_spec(SSL *s)
1317 if (s->s3->tmp.key_block == NULL) { 1334 if (s->s3->tmp.key_block == NULL) {
1318 if (s->session == NULL) { 1335 if (s->session == NULL) {
1319 /* might happen if dtls1_read_bytes() calls this */ 1336 /* might happen if dtls1_read_bytes() calls this */
1320 SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, SSL_R_CCS_RECEIVED_EARLY); 1337 SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,
1338 SSL_R_CCS_RECEIVED_EARLY);
1321 return (0); 1339 return (0);
1322 } 1340 }
1323 1341
@@ -1356,8 +1374,10 @@ ssl3_send_alert(SSL *s, int level, int desc)
1356{ 1374{
1357 /* Map tls/ssl alert value to correct one */ 1375 /* Map tls/ssl alert value to correct one */
1358 desc = s->method->ssl3_enc->alert_value(desc); 1376 desc = s->method->ssl3_enc->alert_value(desc);
1359 if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION) 1377 if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION) {
1360 desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have protocol_version alerts */ 1378 /* SSL 3.0 does not have protocol_version alerts */
1379 desc = SSL_AD_HANDSHAKE_FAILURE;
1380 }
1361 if (desc < 0) 1381 if (desc < 0)
1362 return -1; 1382 return -1;
1363 /* If a fatal one, remove from cache */ 1383 /* If a fatal one, remove from cache */
@@ -1369,6 +1389,7 @@ ssl3_send_alert(SSL *s, int level, int desc)
1369 s->s3->send_alert[1] = desc; 1389 s->s3->send_alert[1] = desc;
1370 if (s->s3->wbuf.left == 0) /* data still being written out? */ 1390 if (s->s3->wbuf.left == 0) /* data still being written out? */
1371 return s->method->ssl_dispatch_alert(s); 1391 return s->method->ssl_dispatch_alert(s);
1392
1372 /* else data is still being written out, we will get written 1393 /* else data is still being written out, we will get written
1373 * some time in the future */ 1394 * some time in the future */
1374 return -1; 1395 return -1;
@@ -1392,7 +1413,8 @@ ssl3_dispatch_alert(SSL *s)
1392 (void)BIO_flush(s->wbio); 1413 (void)BIO_flush(s->wbio);
1393 1414
1394 if (s->msg_callback) 1415 if (s->msg_callback)
1395 s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert, 2, s, s->msg_callback_arg); 1416 s->msg_callback(1, s->version, SSL3_RT_ALERT,
1417 s->s3->send_alert, 2, s, s->msg_callback_arg);
1396 1418
1397 if (s->info_callback != NULL) 1419 if (s->info_callback != NULL)
1398 cb = s->info_callback; 1420 cb = s->info_callback;
diff --git a/src/lib/libssl/src/ssl/s3_pkt.c b/src/lib/libssl/src/ssl/s3_pkt.c
index 2a88b14852..68c3f1cb2b 100644
--- a/src/lib/libssl/src/ssl/s3_pkt.c
+++ b/src/lib/libssl/src/ssl/s3_pkt.c
@@ -120,16 +120,16 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
120 unsigned int len, int create_empty_fragment); 120 unsigned int len, int create_empty_fragment);
121static int ssl3_get_record(SSL *s); 121static int ssl3_get_record(SSL *s);
122 122
123/* If extend == 0, obtain new n-byte packet; if extend == 1, increase
124 * packet by another n bytes.
125 * The packet will be in the sub-array of s->s3->rbuf.buf specified
126 * by s->packet and s->packet_length.
127 * (If s->read_ahead is set, 'max' bytes may be stored in rbuf
128 * [plus s->packet_length bytes if extend == 1].)
129 */
123int 130int
124ssl3_read_n(SSL *s, int n, int max, int extend) 131ssl3_read_n(SSL *s, int n, int max, int extend)
125{ 132{
126 /* If extend == 0, obtain new n-byte packet; if extend == 1, increase
127 * packet by another n bytes.
128 * The packet will be in the sub-array of s->s3->rbuf.buf specified
129 * by s->packet and s->packet_length.
130 * (If s->read_ahead is set, 'max' bytes may be stored in rbuf
131 * [plus s->packet_length bytes if extend == 1].)
132 */
133 int i, len, left; 133 int i, len, left;
134 long align = 0; 134 long align = 0;
135 unsigned char *pkt; 135 unsigned char *pkt;
@@ -157,8 +157,8 @@ ssl3_read_n(SSL *s, int n, int max, int extend)
157 /* check if next packet length is large 157 /* check if next packet length is large
158 * enough to justify payload alignment... */ 158 * enough to justify payload alignment... */
159 pkt = rb->buf + rb->offset; 159 pkt = rb->buf + rb->offset;
160 if (pkt[0] == SSL3_RT_APPLICATION_DATA 160 if (pkt[0] == SSL3_RT_APPLICATION_DATA &&
161 && (pkt[3]<<8|pkt[4]) >= 128) { 161 (pkt[3]<<8|pkt[4]) >= 128) {
162 /* Note that even if packet is corrupted 162 /* Note that even if packet is corrupted
163 * and its length field is insane, we can 163 * and its length field is insane, we can
164 * only be led to wrong decision about 164 * only be led to wrong decision about
@@ -166,7 +166,7 @@ ssl3_read_n(SSL *s, int n, int max, int extend)
166 * Header values has no effect on memmove 166 * Header values has no effect on memmove
167 * arguments and therefore no buffer 167 * arguments and therefore no buffer
168 * overrun can be triggered. */ 168 * overrun can be triggered. */
169 memmove (rb->buf + align, pkt, left); 169 memmove(rb->buf + align, pkt, left);
170 rb->offset = align; 170 rb->offset = align;
171 } 171 }
172 } 172 }
@@ -198,23 +198,23 @@ ssl3_read_n(SSL *s, int n, int max, int extend)
198 /* Move any available bytes to front of buffer: 198 /* Move any available bytes to front of buffer:
199 * 'len' bytes already pointed to by 'packet', 199 * 'len' bytes already pointed to by 'packet',
200 * 'left' extra ones at the end */ 200 * 'left' extra ones at the end */
201 if (s->packet != pkt) /* len > 0 */ 201 if (s->packet != pkt) {
202 { 202 /* len > 0 */
203 memmove(pkt, s->packet, len + left); 203 memmove(pkt, s->packet, len + left);
204 s->packet = pkt; 204 s->packet = pkt;
205 rb->offset = len + align; 205 rb->offset = len + align;
206 } 206 }
207 207
208 if (n > (int)(rb->len - rb->offset)) /* does not happen */ 208 if (n > (int)(rb->len - rb->offset)) {
209 { 209 /* does not happen */
210 SSLerr(SSL_F_SSL3_READ_N, ERR_R_INTERNAL_ERROR); 210 SSLerr(SSL_F_SSL3_READ_N, ERR_R_INTERNAL_ERROR);
211 return -1; 211 return -1;
212 } 212 }
213 213
214 if (!s->read_ahead) 214 if (!s->read_ahead) {
215 /* ignore max parameter */ 215 /* ignore max parameter */
216 max = n; 216 max = n;
217 else { 217 } else {
218 if (max < n) 218 if (max < n)
219 max = n; 219 max = n;
220 if (max > (int)(rb->len - rb->offset)) 220 if (max > (int)(rb->len - rb->offset))
@@ -238,16 +238,18 @@ ssl3_read_n(SSL *s, int n, int max, int extend)
238 if (i <= 0) { 238 if (i <= 0) {
239 rb->left = left; 239 rb->left = left;
240 if (s->mode & SSL_MODE_RELEASE_BUFFERS && 240 if (s->mode & SSL_MODE_RELEASE_BUFFERS &&
241 SSL_version(s) != DTLS1_VERSION && SSL_version(s) != DTLS1_BAD_VER) 241 SSL_version(s) != DTLS1_VERSION &&
242 if (len + left == 0) 242 SSL_version(s) != DTLS1_BAD_VER)
243 ssl3_release_read_buffer(s); 243 if (len + left == 0)
244 ssl3_release_read_buffer(s);
244 return (i); 245 return (i);
245 } 246 }
246 left += i; 247 left += i;
247 /* reads should *never* span multiple packets for DTLS because 248 /* reads should *never* span multiple packets for DTLS because
248 * the underlying transport protocol is message oriented as opposed 249 * the underlying transport protocol is message oriented as opposed
249 * to byte oriented as in the TLS case. */ 250 * to byte oriented as in the TLS case. */
250 if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER) { 251 if (SSL_version(s) == DTLS1_VERSION ||
252 SSL_version(s) == DTLS1_BAD_VER) {
251 if (n > left) 253 if (n > left)
252 n = left; /* makes the while condition false */ 254 n = left; /* makes the while condition false */
253 } 255 }
@@ -290,6 +292,7 @@ ssl3_get_record(SSL *s)
290 extra = SSL3_RT_MAX_EXTRA; 292 extra = SSL3_RT_MAX_EXTRA;
291 else 293 else
292 extra = 0; 294 extra = 0;
295
293 if (extra && !s->s3->init_extra) { 296 if (extra && !s->s3->init_extra) {
294 /* An application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER 297 /* An application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER
295 * set after ssl3_setup_buffers() was done */ 298 * set after ssl3_setup_buffers() was done */
@@ -302,8 +305,9 @@ again:
302 if ((s->rstate != SSL_ST_READ_BODY) || 305 if ((s->rstate != SSL_ST_READ_BODY) ||
303 (s->packet_length < SSL3_RT_HEADER_LENGTH)) { 306 (s->packet_length < SSL3_RT_HEADER_LENGTH)) {
304 n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0); 307 n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
305 if (n <= 0) return(n); /* error or non-blocking */ 308 if (n <= 0)
306 s->rstate = SSL_ST_READ_BODY; 309 return(n); /* error or non-blocking */
310 s->rstate = SSL_ST_READ_BODY;
307 311
308 p = s->packet; 312 p = s->packet;
309 313
@@ -317,10 +321,12 @@ again:
317 /* Lets check version */ 321 /* Lets check version */
318 if (!s->first_packet) { 322 if (!s->first_packet) {
319 if (version != s->version) { 323 if (version != s->version) {
320 SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_WRONG_VERSION_NUMBER); 324 SSLerr(SSL_F_SSL3_GET_RECORD,
321 if ((s->version & 0xFF00) == (version & 0xFF00) && !s->enc_write_ctx && !s->write_hash) 325 SSL_R_WRONG_VERSION_NUMBER);
326 if ((s->version & 0xFF00) == (version & 0xFF00) &&
327 !s->enc_write_ctx && !s->write_hash)
322 /* Send back error using their minor version number :-) */ 328 /* Send back error using their minor version number :-) */
323 s->version = (unsigned short)version; 329 s->version = (unsigned short)version;
324 al = SSL_AD_PROTOCOL_VERSION; 330 al = SSL_AD_PROTOCOL_VERSION;
325 goto f_err; 331 goto f_err;
326 } 332 }
@@ -346,7 +352,8 @@ again:
346 /* now s->packet_length == SSL3_RT_HEADER_LENGTH */ 352 /* now s->packet_length == SSL3_RT_HEADER_LENGTH */
347 i = rr->length; 353 i = rr->length;
348 n = ssl3_read_n(s, i, i, 1); 354 n = ssl3_read_n(s, i, i, 1);
349 if (n <= 0) return(n); /* error or non-blocking io */ 355 if (n <= 0)
356 return(n); /* error or non-blocking io */
350 /* now n == rr->length, 357 /* now n == rr->length,
351 * and s->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */ 358 * and s->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */
352 } 359 }
@@ -401,6 +408,7 @@ again:
401 /* s->read_hash != NULL => mac_size != -1 */ 408 /* s->read_hash != NULL => mac_size != -1 */
402 unsigned char *mac = NULL; 409 unsigned char *mac = NULL;
403 unsigned char mac_tmp[EVP_MAX_MD_SIZE]; 410 unsigned char mac_tmp[EVP_MAX_MD_SIZE];
411
404 mac_size = EVP_MD_CTX_size(s->read_hash); 412 mac_size = EVP_MD_CTX_size(s->read_hash);
405 OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE); 413 OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
406 414
@@ -438,8 +446,9 @@ again:
438 mac = &rr->data[rr->length]; 446 mac = &rr->data[rr->length];
439 } 447 }
440 448
441 i=s->method->ssl3_enc->mac(s,md,0 /* not send */); 449 i = s->method->ssl3_enc->mac(s,md,0 /* not send */);
442 if (i < 0 || mac == NULL || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0) 450 if (i < 0 || mac == NULL ||
451 CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)
443 enc_err = -1; 452 enc_err = -1;
444 if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + extra + mac_size) 453 if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + extra + mac_size)
445 enc_err = -1; 454 enc_err = -1;
@@ -477,7 +486,9 @@ again:
477 } 486 }
478 487
479 rr->off = 0; 488 rr->off = 0;
480 /* So at this point the following is true 489 /*
490 * So at this point the following is true
491 *
481 * ssl->s3->rrec.type is the type of record 492 * ssl->s3->rrec.type is the type of record
482 * ssl->s3->rrec.length == number of bytes in record 493 * ssl->s3->rrec.length == number of bytes in record
483 * ssl->s3->rrec.off == offset to first valid byte 494 * ssl->s3->rrec.off == offset to first valid byte
@@ -509,7 +520,7 @@ ssl3_do_uncompress(SSL *ssl)
509 520
510 rr = &(ssl->s3->rrec); 521 rr = &(ssl->s3->rrec);
511 i = COMP_expand_block(ssl->expand, rr->comp, 522 i = COMP_expand_block(ssl->expand, rr->comp,
512 SSL3_RT_MAX_PLAIN_LENGTH, rr->data,(int)rr->length); 523 SSL3_RT_MAX_PLAIN_LENGTH, rr->data, (int)rr->length);
513 if (i < 0) 524 if (i < 0)
514 return (0); 525 return (0);
515 else 526 else
@@ -528,8 +539,8 @@ ssl3_do_compress(SSL *ssl)
528 539
529 wr = &(ssl->s3->wrec); 540 wr = &(ssl->s3->wrec);
530 i = COMP_compress_block(ssl->compress, wr->data, 541 i = COMP_compress_block(ssl->compress, wr->data,
531 SSL3_RT_MAX_COMPRESSED_LENGTH, 542 SSL3_RT_MAX_COMPRESSED_LENGTH,
532 wr->input,(int)wr->length); 543 wr->input, (int)wr->length);
533 if (i < 0) 544 if (i < 0)
534 return (0); 545 return (0);
535 else 546 else
@@ -734,8 +745,7 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf,
734 wr->length = (int)len; 745 wr->length = (int)len;
735 wr->input = (unsigned char *)buf; 746 wr->input = (unsigned char *)buf;
736 747
737 /* we now 'read' from wr->input, wr->length bytes into 748 /* we now 'read' from wr->input, wr->length bytes into wr->data */
738 * wr->data */
739 749
740 /* first we compress */ 750 /* first we compress */
741 if (s->compress != NULL) { 751 if (s->compress != NULL) {
@@ -790,7 +800,8 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf,
790 /* now let's set up wb */ 800 /* now let's set up wb */
791 wb->left = prefix_len + wr->length; 801 wb->left = prefix_len + wr->length;
792 802
793 /* memorize arguments so that ssl3_write_pending can detect bad write retries later */ 803 /* memorize arguments so that ssl3_write_pending can detect
804 * bad write retries later */
794 s->s3->wpend_tot = len; 805 s->s3->wpend_tot = len;
795 s->s3->wpend_buf = buf; 806 s->s3->wpend_buf = buf;
796 s->s3->wpend_type = type; 807 s->s3->wpend_type = type;
@@ -810,7 +821,7 @@ ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
810 int i; 821 int i;
811 SSL3_BUFFER *wb = &(s->s3->wbuf); 822 SSL3_BUFFER *wb = &(s->s3->wbuf);
812 823
813/* XXXX */ 824 /* XXXX */
814 if ((s->s3->wpend_tot > (int)len) || ((s->s3->wpend_buf != buf) && 825 if ((s->s3->wpend_tot > (int)len) || ((s->s3->wpend_buf != buf) &&
815 !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) || 826 !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) ||
816 (s->s3->wpend_type != type)) { 827 (s->s3->wpend_type != type)) {
@@ -898,9 +909,8 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
898 return -1; 909 return -1;
899 } 910 }
900 911
901 if ((type == SSL3_RT_HANDSHAKE) && (s->s3->handshake_fragment_len > 0)) 912 if ((type == SSL3_RT_HANDSHAKE) && (s->s3->handshake_fragment_len > 0)) {
902 /* (partially) satisfy request from storage */ 913 /* (partially) satisfy request from storage */
903 {
904 unsigned char *src = s->s3->handshake_fragment; 914 unsigned char *src = s->s3->handshake_fragment;
905 unsigned char *dst = buf; 915 unsigned char *dst = buf;
906 unsigned int k; 916 unsigned int k;
@@ -934,10 +944,12 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
934start: 944start:
935 s->rwstate = SSL_NOTHING; 945 s->rwstate = SSL_NOTHING;
936 946
937 /* s->s3->rrec.type - is the type of record 947 /*
948 * s->s3->rrec.type - is the type of record
938 * s->s3->rrec.data, - data 949 * s->s3->rrec.data, - data
939 * s->s3->rrec.off, - offset into 'data' for next read 950 * s->s3->rrec.off, - offset into 'data' for next read
940 * s->s3->rrec.length, - number of bytes. */ 951 * s->s3->rrec.length, - number of bytes.
952 */
941 rr = &(s->s3->rrec); 953 rr = &(s->s3->rrec);
942 954
943 /* get new packet if necessary */ 955 /* get new packet if necessary */
@@ -966,8 +978,7 @@ start:
966 } 978 }
967 979
968 980
969 if (type == rr->type) /* SSL3_RT_APPLICATION_DATA or SSL3_RT_HANDSHAKE */ 981 if (type == rr->type) { /* SSL3_RT_APPLICATION_DATA or SSL3_RT_HANDSHAKE */
970 {
971 /* make sure that we are not getting application data when we 982 /* make sure that we are not getting application data when we
972 * are doing a handshake for the first time */ 983 * are doing a handshake for the first time */
973 if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) && 984 if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
@@ -1004,10 +1015,12 @@ start:
1004 /* If we get here, then type != rr->type; if we have a handshake 1015 /* If we get here, then type != rr->type; if we have a handshake
1005 * message, then it was unexpected (Hello Request or Client Hello). */ 1016 * message, then it was unexpected (Hello Request or Client Hello). */
1006 1017
1007 /* In case of record types for which we have 'fragment' storage,
1008 * fill that so that we can process the data at a fixed place.
1009 */
1010 { 1018 {
1019 /*
1020 * In case of record types for which we have 'fragment'
1021 * storage, * fill that so that we can process the data
1022 * at a fixed place.
1023 */
1011 unsigned int dest_maxlen = 0; 1024 unsigned int dest_maxlen = 0;
1012 unsigned char *dest = NULL; 1025 unsigned char *dest = NULL;
1013 unsigned int *dest_len = NULL; 1026 unsigned int *dest_len = NULL;
@@ -1056,7 +1069,8 @@ start:
1056 } 1069 }
1057 1070
1058 if (s->msg_callback) 1071 if (s->msg_callback)
1059 s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->s3->handshake_fragment, 4, s, s->msg_callback_arg); 1072 s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
1073 s->s3->handshake_fragment, 4, s, s->msg_callback_arg);
1060 1074
1061 if (SSL_is_init_finished(s) && 1075 if (SSL_is_init_finished(s) &&
1062 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && 1076 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
@@ -1072,13 +1086,13 @@ start:
1072 } 1086 }
1073 1087
1074 if (!(s->mode & SSL_MODE_AUTO_RETRY)) { 1088 if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
1075 if (s->s3->rbuf.left == 0) /* no read-ahead left? */ 1089 if (s->s3->rbuf.left == 0) {
1076 { 1090 /* no read-ahead left? */
1077 BIO *bio; 1091 BIO *bio;
1078 /* In the case where we try to read application data, 1092 /* In the case where we try to read application data,
1079 * but we trigger an SSL handshake, we return -1 with 1093 * but we trigger an SSL handshake, we return -1 with
1080 * the retry option set. Otherwise renegotiation may 1094 * the retry option set. Otherwise renegotiation may
1081 * cause nasty problems in the blocking world */ 1095 * cause nasty problems in the blocking world */
1082 s->rwstate = SSL_READING; 1096 s->rwstate = SSL_READING;
1083 bio = SSL_get_rbio(s); 1097 bio = SSL_get_rbio(s);
1084 BIO_clear_retry_flags(bio); 1098 BIO_clear_retry_flags(bio);
@@ -1115,7 +1129,8 @@ start:
1115 s->s3->alert_fragment_len = 0; 1129 s->s3->alert_fragment_len = 0;
1116 1130
1117 if (s->msg_callback) 1131 if (s->msg_callback)
1118 s->msg_callback(0, s->version, SSL3_RT_ALERT, s->s3->alert_fragment, 2, s, s->msg_callback_arg); 1132 s->msg_callback(0, s->version, SSL3_RT_ALERT,
1133 s->s3->alert_fragment, 2, s, s->msg_callback_arg);
1119 1134
1120 if (s->info_callback != NULL) 1135 if (s->info_callback != NULL)
1121 cb = s->info_callback; 1136 cb = s->info_callback;
@@ -1127,8 +1142,8 @@ start:
1127 cb(s, SSL_CB_READ_ALERT, j); 1142 cb(s, SSL_CB_READ_ALERT, j);
1128 } 1143 }
1129 1144
1130 if (alert_level == 1) /* warning */ 1145 if (alert_level == 1) {
1131 { 1146 /* warning */
1132 s->s3->warn_alert = alert_descr; 1147 s->s3->warn_alert = alert_descr;
1133 if (alert_descr == SSL_AD_CLOSE_NOTIFY) { 1148 if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
1134 s->shutdown |= SSL_RECEIVED_SHUTDOWN; 1149 s->shutdown |= SSL_RECEIVED_SHUTDOWN;
@@ -1152,8 +1167,8 @@ start:
1152 else if (alert_descr == SSL_AD_MISSING_SRP_USERNAME) 1167 else if (alert_descr == SSL_AD_MISSING_SRP_USERNAME)
1153 return (0); 1168 return (0);
1154#endif 1169#endif
1155 } else if (alert_level == 2) /* fatal */ 1170 } else if (alert_level == 2) {
1156 { 1171 /* fatal */
1157 char tmp[16]; 1172 char tmp[16];
1158 1173
1159 s->rwstate = SSL_NOTHING; 1174 s->rwstate = SSL_NOTHING;
@@ -1173,8 +1188,8 @@ start:
1173 goto start; 1188 goto start;
1174 } 1189 }
1175 1190
1176 if (s->shutdown & SSL_SENT_SHUTDOWN) /* but we have not received a shutdown */ 1191 if (s->shutdown & SSL_SENT_SHUTDOWN) {
1177 { 1192 /* but we have not received a shutdown */
1178 s->rwstate = SSL_NOTHING; 1193 s->rwstate = SSL_NOTHING;
1179 rr->length = 0; 1194 rr->length = 0;
1180 return (0); 1195 return (0);
@@ -1199,8 +1214,11 @@ start:
1199 1214
1200 rr->length = 0; 1215 rr->length = 0;
1201 1216
1202 if (s->msg_callback) 1217 if (s->msg_callback) {
1203 s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1, s, s->msg_callback_arg); 1218 s->msg_callback(0, s->version,
1219 SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1, s,
1220 s->msg_callback_arg);
1221 }
1204 1222
1205 s->s3->change_cipher_spec = 1; 1223 s->s3->change_cipher_spec = 1;
1206 if (!ssl3_do_change_cipher_spec(s)) 1224 if (!ssl3_do_change_cipher_spec(s))
@@ -1226,8 +1244,7 @@ start:
1226 } 1244 }
1227 1245
1228 if (!(s->mode & SSL_MODE_AUTO_RETRY)) { 1246 if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
1229 if (s->s3->rbuf.left == 0) /* no read-ahead left? */ 1247 if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
1230 {
1231 BIO *bio; 1248 BIO *bio;
1232 /* In the case where we try to read application data, 1249 /* In the case where we try to read application data,
1233 * but we trigger an SSL handshake, we return -1 with 1250 * but we trigger an SSL handshake, we return -1 with
@@ -1317,7 +1334,8 @@ ssl3_do_change_cipher_spec(SSL *s)
1317 if (s->s3->tmp.key_block == NULL) { 1334 if (s->s3->tmp.key_block == NULL) {
1318 if (s->session == NULL) { 1335 if (s->session == NULL) {
1319 /* might happen if dtls1_read_bytes() calls this */ 1336 /* might happen if dtls1_read_bytes() calls this */
1320 SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, SSL_R_CCS_RECEIVED_EARLY); 1337 SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,
1338 SSL_R_CCS_RECEIVED_EARLY);
1321 return (0); 1339 return (0);
1322 } 1340 }
1323 1341
@@ -1356,8 +1374,10 @@ ssl3_send_alert(SSL *s, int level, int desc)
1356{ 1374{
1357 /* Map tls/ssl alert value to correct one */ 1375 /* Map tls/ssl alert value to correct one */
1358 desc = s->method->ssl3_enc->alert_value(desc); 1376 desc = s->method->ssl3_enc->alert_value(desc);
1359 if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION) 1377 if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION) {
1360 desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have protocol_version alerts */ 1378 /* SSL 3.0 does not have protocol_version alerts */
1379 desc = SSL_AD_HANDSHAKE_FAILURE;
1380 }
1361 if (desc < 0) 1381 if (desc < 0)
1362 return -1; 1382 return -1;
1363 /* If a fatal one, remove from cache */ 1383 /* If a fatal one, remove from cache */
@@ -1369,6 +1389,7 @@ ssl3_send_alert(SSL *s, int level, int desc)
1369 s->s3->send_alert[1] = desc; 1389 s->s3->send_alert[1] = desc;
1370 if (s->s3->wbuf.left == 0) /* data still being written out? */ 1390 if (s->s3->wbuf.left == 0) /* data still being written out? */
1371 return s->method->ssl_dispatch_alert(s); 1391 return s->method->ssl_dispatch_alert(s);
1392
1372 /* else data is still being written out, we will get written 1393 /* else data is still being written out, we will get written
1373 * some time in the future */ 1394 * some time in the future */
1374 return -1; 1395 return -1;
@@ -1392,7 +1413,8 @@ ssl3_dispatch_alert(SSL *s)
1392 (void)BIO_flush(s->wbio); 1413 (void)BIO_flush(s->wbio);
1393 1414
1394 if (s->msg_callback) 1415 if (s->msg_callback)
1395 s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert, 2, s, s->msg_callback_arg); 1416 s->msg_callback(1, s->version, SSL3_RT_ALERT,
1417 s->s3->send_alert, 2, s, s->msg_callback_arg);
1396 1418
1397 if (s->info_callback != NULL) 1419 if (s->info_callback != NULL)
1398 cb = s->info_callback; 1420 cb = s->info_callback;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-02 19:15:14 +0000