1 files changed, 67 insertions, 67 deletions
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index fd7c07a4d5..4f7f8be6ce 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_both.c,v 1.81 2022/02/05 14:54:10 jsing Exp $ */
+/* $OpenBSD: d1_both.c,v 1.82 2022/10/02 16:36:41 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -206,7 +206,7 @@ dtls1_hm_fragment_free(hm_fragment *frag)
        free(frag);
 }
-/* send s->internal->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */
+/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */
 int
 dtls1_do_write(SSL *s, int type)
 {
@@ -237,15 +237,15 @@ dtls1_do_write(SSL *s, int type)
        OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu());
        /* should have something reasonable now */
-        if (s->internal->init_off == 0  && type == SSL3_RT_HANDSHAKE)
+        if (s->init_off == 0  && type == SSL3_RT_HANDSHAKE)
-                OPENSSL_assert(s->internal->init_num ==
+                OPENSSL_assert(s->init_num ==
                    (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
-        if (!tls12_record_layer_write_overhead(s->internal->rl, &overhead))
+        if (!tls12_record_layer_write_overhead(s->rl, &overhead))
                return -1;
        frag_off = 0;
-        while (s->internal->init_num) {
+        while (s->init_num) {
                curr_mtu = s->d1->mtu - BIO_wpending(SSL_get_wbio(s)) -
                    DTLS1_RT_HEADER_LENGTH - overhead;
@@ -258,22 +258,22 @@ dtls1_do_write(SSL *s, int type)
                            overhead;
                }
-                if (s->internal->init_num > curr_mtu)
+                if (s->init_num > curr_mtu)
                        len = curr_mtu;
                else
-                        len = s->internal->init_num;
+                        len = s->init_num;
                /* XDTLS: this function is too long.  split out the CCS part */
                if (type == SSL3_RT_HANDSHAKE) {
-                        if (s->internal->init_off != 0) {
+                        if (s->init_off != 0) {
-                                OPENSSL_assert(s->internal->init_off > DTLS1_HM_HEADER_LENGTH);
+                                OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH);
-                                s->internal->init_off -= DTLS1_HM_HEADER_LENGTH;
+                                s->init_off -= DTLS1_HM_HEADER_LENGTH;
-                                s->internal->init_num += DTLS1_HM_HEADER_LENGTH;
+                                s->init_num += DTLS1_HM_HEADER_LENGTH;
-                                if (s->internal->init_num > curr_mtu)
+                                if (s->init_num > curr_mtu)
                                        len = curr_mtu;
                                else
-                                        len = s->internal->init_num;
+                                        len = s->init_num;
                        }
                        dtls1_fix_message_header(s, frag_off,
@@ -281,14 +281,14 @@ dtls1_do_write(SSL *s, int type)
                        if (!dtls1_write_message_header(&s->d1->w_msg_hdr,
                            s->d1->w_msg_hdr.frag_off, s->d1->w_msg_hdr.frag_len,
-                            (unsigned char *)&s->internal->init_buf->data[s->internal->init_off]))
+                            (unsigned char *)&s->init_buf->data[s->init_off]))
                                return -1;
                        OPENSSL_assert(len >= DTLS1_HM_HEADER_LENGTH);
                }
                ret = dtls1_write_bytes(s, type,
-                    &s->internal->init_buf->data[s->internal->init_off], len);
+                    &s->init_buf->data[s->init_off], len);
                if (ret < 0) {
                        /*
                         * Might need to update MTU here, but we don't know
@@ -319,7 +319,7 @@ dtls1_do_write(SSL *s, int type)
                                 * but in that case we'll ignore the result
                                 * anyway
                                 */
-                                unsigned char *p = (unsigned char *)&s->internal->init_buf->data[s->internal->init_off];
+                                unsigned char *p = (unsigned char *)&s->init_buf->data[s->init_off];
                                const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
                                int xlen;
@@ -340,21 +340,21 @@ dtls1_do_write(SSL *s, int type)
                                tls1_transcript_record(s, p, xlen);
                        }
-                        if (ret == s->internal->init_num) {
+                        if (ret == s->init_num) {
-                                if (s->internal->msg_callback)
+                                if (s->msg_callback)
-                                        s->internal->msg_callback(1, s->version, type,
+                                        s->msg_callback(1, s->version, type,
-                                            s->internal->init_buf->data,
+                                            s->init_buf->data,
-                                            (size_t)(s->internal->init_off + s->internal->init_num),
+                                            (size_t)(s->init_off + s->init_num),
-                                            s, s->internal->msg_callback_arg);
+                                            s, s->msg_callback_arg);
-                                s->internal->init_off = 0;
+                                s->init_off = 0;
                                /* done writing this message */
-                                s->internal->init_num = 0;
+                                s->init_num = 0;
                                return (1);
                        }
-                        s->internal->init_off += ret;
+                        s->init_off += ret;
-                        s->internal->init_num -= ret;
+                        s->init_num -= ret;
                        frag_off += (ret -= DTLS1_HM_HEADER_LENGTH);
                }
        }
@@ -377,7 +377,7 @@ dtls1_get_message(SSL *s, int st1, int stn, int mt, long max)
        int i, al, ok;
        /*
-         * s3->internal->tmp is used to store messages that are unexpected, caused
+         * s3->tmp is used to store messages that are unexpected, caused
         * by the absence of an optional handshake message
         */
        if (s->s3->hs.tls12.reuse_message) {
@@ -387,8 +387,8 @@ dtls1_get_message(SSL *s, int st1, int stn, int mt, long max)
                        SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
                        goto fatal_err;
                }
-                s->internal->init_msg = s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+                s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
-                s->internal->init_num = (int)s->s3->hs.tls12.message_size;
+                s->init_num = (int)s->s3->hs.tls12.message_size;
                return 1;
        }
@@ -403,7 +403,7 @@ dtls1_get_message(SSL *s, int st1, int stn, int mt, long max)
        else if (i <= 0 && !ok)
                return i;
-        p = (unsigned char *)s->internal->init_buf->data;
+        p = (unsigned char *)s->init_buf->data;
        msg_len = msg_hdr->msg_len;
        /* reconstruct message header */
@@ -413,9 +413,9 @@ dtls1_get_message(SSL *s, int st1, int stn, int mt, long max)
        msg_len += DTLS1_HM_HEADER_LENGTH;
        tls1_transcript_record(s, p, msg_len);
-        if (s->internal->msg_callback)
+        if (s->msg_callback)
-                s->internal->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, msg_len,
+                s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, msg_len,
-                    s, s->internal->msg_callback_arg);
+                    s, s->msg_callback_arg);
        memset(msg_hdr, 0, sizeof(struct hm_header_st));
@@ -423,7 +423,7 @@ dtls1_get_message(SSL *s, int st1, int stn, int mt, long max)
        if (!s->d1->listen)
                s->d1->handshake_read_seq++;
-        s->internal->init_msg = s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+        s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
        return 1;
 fatal_err:
@@ -457,7 +457,7 @@ dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr, int max)
                 * msg_len is limited to 2^24, but is effectively checked
                 * against max above
                 */
-                if (!BUF_MEM_grow_clean(s->internal->init_buf,
+                if (!BUF_MEM_grow_clean(s->init_buf,
                    msg_len + DTLS1_HM_HEADER_LENGTH)) {
                        SSLerror(s, ERR_R_BUF_LIB);
                        return SSL_AD_INTERNAL_ERROR;
@@ -486,8 +486,8 @@ dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
        /*
         * (0) check whether the desired fragment is available
         * if so:
-         * (1) copy over the fragment to s->internal->init_buf->data[]
+         * (1) copy over the fragment to s->init_buf->data[]
-         * (2) update s->internal->init_num
+         * (2) update s->init_num
         */
        pitem *item;
        hm_fragment *frag;
@@ -512,7 +512,7 @@ dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
                if (al == 0) /* no alert */
                {
-                        unsigned char *p = (unsigned char *)s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+                        unsigned char *p = (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
                        memcpy(&p[frag->msg_header.frag_off],
                            frag->fragment, frag->msg_header.frag_len);
                }
@@ -526,7 +526,7 @@ dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
                }
                ssl3_send_alert(s, SSL3_AL_FATAL, al);
-                s->internal->init_num = 0;
+                s->init_num = 0;
                *ok = 0;
                return -1;
        } else
@@ -544,8 +544,8 @@ dtls1_max_handshake_message_len(const SSL *s)
        unsigned long max_len;
        max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
-        if (max_len < (unsigned long)s->internal->max_cert_list)
+        if (max_len < (unsigned long)s->max_cert_list)
-                return s->internal->max_cert_list;
+                return s->max_cert_list;
        return max_len;
 }
@@ -749,7 +749,7 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
        /* see if we have the required fragment already */
        if ((frag_len = dtls1_retrieve_buffered_fragment(s, max, ok)) || *ok) {
                if (*ok)
-                        s->internal->init_num = frag_len;
+                        s->init_num = frag_len;
                return frag_len;
        }
@@ -758,7 +758,7 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
            DTLS1_HM_HEADER_LENGTH, 0);
        if (i <= 0) {
                /* nbio, or an error */
-                s->internal->rwstate = SSL_READING;
+                s->rwstate = SSL_READING;
                *ok = 0;
                return i;
        }
@@ -797,13 +797,13 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
                 * 'Finished' MAC.
                 */
                if (wire[1] == 0 && wire[2] == 0 && wire[3] == 0) {
-                        if (s->internal->msg_callback)
+                        if (s->msg_callback)
-                                s->internal->msg_callback(0, s->version,
+                                s->msg_callback(0, s->version,
                                    SSL3_RT_HANDSHAKE, wire,
                                    DTLS1_HM_HEADER_LENGTH, s,
-                                    s->internal->msg_callback_arg);
+                                    s->msg_callback_arg);
-                        s->internal->init_num = 0;
+                        s->init_num = 0;
                        goto again;
                }
                else /* Incorrectly formated Hello request */
@@ -821,13 +821,13 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
        s->s3->hs.state = stn;
        if (frag_len > 0) {
-                unsigned char *p = (unsigned char *)s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH;
+                unsigned char *p = (unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
                i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
                    &p[frag_off], frag_len, 0);
                /* XDTLS:  fix this--message fragments cannot span multiple packets */
                if (i <= 0) {
-                        s->internal->rwstate = SSL_READING;
+                        s->rwstate = SSL_READING;
                        *ok = 0;
                        return i;
                }
@@ -845,18 +845,18 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
        }
        /*
-         * Note that s->internal->init_num is *not* used as current offset in
+         * Note that s->init_num is *not* used as current offset in
-         * s->internal->init_buf->data, but as a counter summing up fragments'
+         * s->init_buf->data, but as a counter summing up fragments'
         * lengths: as soon as they sum up to handshake packet
         * length, we assume we have got all the fragments.
         */
-        s->internal->init_num = frag_len;
+        s->init_num = frag_len;
        *ok = 1;
        return frag_len;
 fatal_err:
        ssl3_send_alert(s, SSL3_AL_FATAL, al);
-        s->internal->init_num = 0;
+        s->init_num = 0;
        *ok = 0;
        return (-1);
@@ -948,17 +948,17 @@ dtls1_buffer_message(SSL *s, int is_ccs)
         * This function is called immediately after a message has
         * been serialized
         */
-        OPENSSL_assert(s->internal->init_off == 0);
+        OPENSSL_assert(s->init_off == 0);
-        frag = dtls1_hm_fragment_new(s->internal->init_num, 0);
+        frag = dtls1_hm_fragment_new(s->init_num, 0);
        if (frag == NULL)
                return 0;
-        memcpy(frag->fragment, s->internal->init_buf->data, s->internal->init_num);
+        memcpy(frag->fragment, s->init_buf->data, s->init_num);
        OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
            (is_ccs ? DTLS1_CCS_HEADER_LENGTH : DTLS1_HM_HEADER_LENGTH) ==
-            (unsigned int)s->internal->init_num);
+            (unsigned int)s->init_num);
        frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;
        frag->msg_header.seq = s->d1->w_msg_hdr.seq;
@@ -970,7 +970,7 @@ dtls1_buffer_message(SSL *s, int is_ccs)
        /* save current state*/
        frag->msg_header.saved_retransmit_state.session = s->session;
        frag->msg_header.saved_retransmit_state.epoch =
-            tls12_record_layer_write_epoch(s->internal->rl);
+            tls12_record_layer_write_epoch(s->rl);
        memset(seq64be, 0, sizeof(seq64be));
        seq64be[6] = (unsigned char)(dtls1_get_queue_priority(
@@ -1001,8 +1001,8 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
        struct dtls1_retransmit_state saved_state;
        /*
-          OPENSSL_assert(s->internal->init_num == 0);
+          OPENSSL_assert(s->init_num == 0);
-          OPENSSL_assert(s->internal->init_off == 0);
+          OPENSSL_assert(s->init_off == 0);
         */
        /* XDTLS:  the requested message ought to be found, otherwise error */
@@ -1027,9 +1027,9 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
        else
                header_length = DTLS1_HM_HEADER_LENGTH;
-        memcpy(s->internal->init_buf->data, frag->fragment,
+        memcpy(s->init_buf->data, frag->fragment,
            frag->msg_header.msg_len + header_length);
-        s->internal->init_num = frag->msg_header.msg_len + header_length;
+        s->init_num = frag->msg_header.msg_len + header_length;
        dtls1_set_message_header_int(s, frag->msg_header.type,
            frag->msg_header.msg_len, frag->msg_header.seq, 0,
@@ -1037,13 +1037,13 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
        /* save current state */
        saved_state.session = s->session;
-        saved_state.epoch = tls12_record_layer_write_epoch(s->internal->rl);
+        saved_state.epoch = tls12_record_layer_write_epoch(s->rl);
        s->d1->retransmitting = 1;
        /* restore state in which the message was originally sent */
        s->session = frag->msg_header.saved_retransmit_state.session;
-        if (!tls12_record_layer_use_write_epoch(s->internal->rl,
+        if (!tls12_record_layer_use_write_epoch(s->rl,
            frag->msg_header.saved_retransmit_state.epoch))
                return 0;
@@ -1052,7 +1052,7 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
        /* restore current state */
        s->session = saved_state.session;
-        if (!tls12_record_layer_use_write_epoch(s->internal->rl,
+        if (!tls12_record_layer_use_write_epoch(s->rl,
            saved_state.epoch))
                return 0;
@@ -1073,7 +1073,7 @@ dtls1_clear_record_buffer(SSL *s)
            item = pqueue_pop(s->d1->sent_messages)) {
                frag = item->data;
                if (frag->msg_header.is_ccs)
-                        tls12_record_layer_write_epoch_done(s->internal->rl,
+                        tls12_record_layer_write_epoch_done(s->rl,
                            frag->msg_header.saved_retransmit_state.epoch);
                dtls1_hm_fragment_free(frag);
                pitem_free(item);

diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c index fd7c07a4d5..4f7f8be6ce 100644 --- a/src/lib/libssl/d1_both.c +++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_both.c,v 1.81 2022/02/05 14:54:10 jsing Exp $ */	1	/* $OpenBSD: d1_both.c,v 1.82 2022/10/02 16:36:41 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -206,7 +206,7 @@ dtls1_hm_fragment_free(hm_fragment *frag)
206	free(frag);	206	free(frag);
207	}	207	}
208		208
209	/* send s->internal->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */	209	/* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */
210	int	210	int
211	dtls1_do_write(SSL *s, int type)	211	dtls1_do_write(SSL *s, int type)
212	{	212	{
@@ -237,15 +237,15 @@ dtls1_do_write(SSL *s, int type)
237	OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu());	237	OPENSSL_assert(s->d1->mtu >= dtls1_min_mtu());
238	/* should have something reasonable now */	238	/* should have something reasonable now */
239		239
240	if (s->internal->init_off == 0 && type == SSL3_RT_HANDSHAKE)	240	if (s->init_off == 0 && type == SSL3_RT_HANDSHAKE)
241	OPENSSL_assert(s->internal->init_num ==	241	OPENSSL_assert(s->init_num ==
242	(int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);	242	(int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
243		243
244	if (!tls12_record_layer_write_overhead(s->internal->rl, &overhead))	244	if (!tls12_record_layer_write_overhead(s->rl, &overhead))
245	return -1;	245	return -1;
246		246
247	frag_off = 0;	247	frag_off = 0;
248	while (s->internal->init_num) {	248	while (s->init_num) {
249	curr_mtu = s->d1->mtu - BIO_wpending(SSL_get_wbio(s)) -	249	curr_mtu = s->d1->mtu - BIO_wpending(SSL_get_wbio(s)) -
250	DTLS1_RT_HEADER_LENGTH - overhead;	250	DTLS1_RT_HEADER_LENGTH - overhead;
251		251
@@ -258,22 +258,22 @@ dtls1_do_write(SSL *s, int type)
258	overhead;	258	overhead;
259	}	259	}
260		260
261	if (s->internal->init_num > curr_mtu)	261	if (s->init_num > curr_mtu)
262	len = curr_mtu;	262	len = curr_mtu;
263	else	263	else
264	len = s->internal->init_num;	264	len = s->init_num;
265		265
266	/* XDTLS: this function is too long. split out the CCS part */	266	/* XDTLS: this function is too long. split out the CCS part */
267	if (type == SSL3_RT_HANDSHAKE) {	267	if (type == SSL3_RT_HANDSHAKE) {
268	if (s->internal->init_off != 0) {	268	if (s->init_off != 0) {
269	OPENSSL_assert(s->internal->init_off > DTLS1_HM_HEADER_LENGTH);	269	OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH);
270	s->internal->init_off -= DTLS1_HM_HEADER_LENGTH;	270	s->init_off -= DTLS1_HM_HEADER_LENGTH;
271	s->internal->init_num += DTLS1_HM_HEADER_LENGTH;	271	s->init_num += DTLS1_HM_HEADER_LENGTH;
272		272
273	if (s->internal->init_num > curr_mtu)	273	if (s->init_num > curr_mtu)
274	len = curr_mtu;	274	len = curr_mtu;
275	else	275	else
276	len = s->internal->init_num;	276	len = s->init_num;
277	}	277	}
278		278
279	dtls1_fix_message_header(s, frag_off,	279	dtls1_fix_message_header(s, frag_off,
@@ -281,14 +281,14 @@ dtls1_do_write(SSL *s, int type)
281		281
282	if (!dtls1_write_message_header(&s->d1->w_msg_hdr,	282	if (!dtls1_write_message_header(&s->d1->w_msg_hdr,
283	s->d1->w_msg_hdr.frag_off, s->d1->w_msg_hdr.frag_len,	283	s->d1->w_msg_hdr.frag_off, s->d1->w_msg_hdr.frag_len,
284	(unsigned char *)&s->internal->init_buf->data[s->internal->init_off]))	284	(unsigned char *)&s->init_buf->data[s->init_off]))
285	return -1;	285	return -1;
286		286
287	OPENSSL_assert(len >= DTLS1_HM_HEADER_LENGTH);	287	OPENSSL_assert(len >= DTLS1_HM_HEADER_LENGTH);
288	}	288	}
289		289
290	ret = dtls1_write_bytes(s, type,	290	ret = dtls1_write_bytes(s, type,
291	&s->internal->init_buf->data[s->internal->init_off], len);	291	&s->init_buf->data[s->init_off], len);
292	if (ret < 0) {	292	if (ret < 0) {
293	/*	293	/*
294	* Might need to update MTU here, but we don't know	294	* Might need to update MTU here, but we don't know
@@ -319,7 +319,7 @@ dtls1_do_write(SSL *s, int type)
319	* but in that case we'll ignore the result	319	* but in that case we'll ignore the result
320	* anyway	320	* anyway
321	*/	321	*/
322	unsigned char p = (unsigned char )&s->internal->init_buf->data[s->internal->init_off];	322	unsigned char p = (unsigned char )&s->init_buf->data[s->init_off];
323	const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;	323	const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
324	int xlen;	324	int xlen;
325		325
@@ -340,21 +340,21 @@ dtls1_do_write(SSL *s, int type)
340	tls1_transcript_record(s, p, xlen);	340	tls1_transcript_record(s, p, xlen);
341	}	341	}
342		342
343	if (ret == s->internal->init_num) {	343	if (ret == s->init_num) {
344	if (s->internal->msg_callback)	344	if (s->msg_callback)
345	s->internal->msg_callback(1, s->version, type,	345	s->msg_callback(1, s->version, type,
346	s->internal->init_buf->data,	346	s->init_buf->data,
347	(size_t)(s->internal->init_off + s->internal->init_num),	347	(size_t)(s->init_off + s->init_num),
348	s, s->internal->msg_callback_arg);	348	s, s->msg_callback_arg);
349		349
350	s->internal->init_off = 0;	350	s->init_off = 0;
351	/* done writing this message */	351	/* done writing this message */
352	s->internal->init_num = 0;	352	s->init_num = 0;
353		353
354	return (1);	354	return (1);
355	}	355	}
356	s->internal->init_off += ret;	356	s->init_off += ret;
357	s->internal->init_num -= ret;	357	s->init_num -= ret;
358	frag_off += (ret -= DTLS1_HM_HEADER_LENGTH);	358	frag_off += (ret -= DTLS1_HM_HEADER_LENGTH);
359	}	359	}
360	}	360	}
@@ -377,7 +377,7 @@ dtls1_get_message(SSL *s, int st1, int stn, int mt, long max)
377	int i, al, ok;	377	int i, al, ok;
378		378
379	/*	379	/*
380	* s3->internal->tmp is used to store messages that are unexpected, caused	380	* s3->tmp is used to store messages that are unexpected, caused
381	* by the absence of an optional handshake message	381	* by the absence of an optional handshake message
382	*/	382	*/
383	if (s->s3->hs.tls12.reuse_message) {	383	if (s->s3->hs.tls12.reuse_message) {
@@ -387,8 +387,8 @@ dtls1_get_message(SSL *s, int st1, int stn, int mt, long max)
387	SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);	387	SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
388	goto fatal_err;	388	goto fatal_err;
389	}	389	}
390	s->internal->init_msg = s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH;	390	s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
391	s->internal->init_num = (int)s->s3->hs.tls12.message_size;	391	s->init_num = (int)s->s3->hs.tls12.message_size;
392	return 1;	392	return 1;
393	}	393	}
394		394
@@ -403,7 +403,7 @@ dtls1_get_message(SSL *s, int st1, int stn, int mt, long max)
403	else if (i <= 0 && !ok)	403	else if (i <= 0 && !ok)
404	return i;	404	return i;
405		405
406	p = (unsigned char *)s->internal->init_buf->data;	406	p = (unsigned char *)s->init_buf->data;
407	msg_len = msg_hdr->msg_len;	407	msg_len = msg_hdr->msg_len;
408		408
409	/* reconstruct message header */	409	/* reconstruct message header */
@@ -413,9 +413,9 @@ dtls1_get_message(SSL *s, int st1, int stn, int mt, long max)
413	msg_len += DTLS1_HM_HEADER_LENGTH;	413	msg_len += DTLS1_HM_HEADER_LENGTH;
414		414
415	tls1_transcript_record(s, p, msg_len);	415	tls1_transcript_record(s, p, msg_len);
416	if (s->internal->msg_callback)	416	if (s->msg_callback)
417	s->internal->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, msg_len,	417	s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, p, msg_len,
418	s, s->internal->msg_callback_arg);	418	s, s->msg_callback_arg);
419		419
420	memset(msg_hdr, 0, sizeof(struct hm_header_st));	420	memset(msg_hdr, 0, sizeof(struct hm_header_st));
421		421
@@ -423,7 +423,7 @@ dtls1_get_message(SSL *s, int st1, int stn, int mt, long max)
423	if (!s->d1->listen)	423	if (!s->d1->listen)
424	s->d1->handshake_read_seq++;	424	s->d1->handshake_read_seq++;
425		425
426	s->internal->init_msg = s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH;	426	s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
427	return 1;	427	return 1;
428		428
429	fatal_err:	429	fatal_err:
@@ -457,7 +457,7 @@ dtls1_preprocess_fragment(SSL s, struct hm_header_st msg_hdr, int max)
457	* msg_len is limited to 2^24, but is effectively checked	457	* msg_len is limited to 2^24, but is effectively checked
458	* against max above	458	* against max above
459	*/	459	*/
460	if (!BUF_MEM_grow_clean(s->internal->init_buf,	460	if (!BUF_MEM_grow_clean(s->init_buf,
461	msg_len + DTLS1_HM_HEADER_LENGTH)) {	461	msg_len + DTLS1_HM_HEADER_LENGTH)) {
462	SSLerror(s, ERR_R_BUF_LIB);	462	SSLerror(s, ERR_R_BUF_LIB);
463	return SSL_AD_INTERNAL_ERROR;	463	return SSL_AD_INTERNAL_ERROR;
@@ -486,8 +486,8 @@ dtls1_retrieve_buffered_fragment(SSL s, long max, int ok)
486	/*	486	/*
487	* (0) check whether the desired fragment is available	487	* (0) check whether the desired fragment is available
488	* if so:	488	* if so:
489	* (1) copy over the fragment to s->internal->init_buf->data[]	489	* (1) copy over the fragment to s->init_buf->data[]
490	* (2) update s->internal->init_num	490	* (2) update s->init_num
491	*/	491	*/
492	pitem *item;	492	pitem *item;
493	hm_fragment *frag;	493	hm_fragment *frag;
@@ -512,7 +512,7 @@ dtls1_retrieve_buffered_fragment(SSL s, long max, int ok)
512		512
513	if (al == 0) /* no alert */	513	if (al == 0) /* no alert */
514	{	514	{
515	unsigned char p = (unsigned char )s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH;	515	unsigned char p = (unsigned char )s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
516	memcpy(&p[frag->msg_header.frag_off],	516	memcpy(&p[frag->msg_header.frag_off],
517	frag->fragment, frag->msg_header.frag_len);	517	frag->fragment, frag->msg_header.frag_len);
518	}	518	}
@@ -526,7 +526,7 @@ dtls1_retrieve_buffered_fragment(SSL s, long max, int ok)
526	}	526	}
527		527
528	ssl3_send_alert(s, SSL3_AL_FATAL, al);	528	ssl3_send_alert(s, SSL3_AL_FATAL, al);
529	s->internal->init_num = 0;	529	s->init_num = 0;
530	*ok = 0;	530	*ok = 0;
531	return -1;	531	return -1;
532	} else	532	} else
@@ -544,8 +544,8 @@ dtls1_max_handshake_message_len(const SSL *s)
544	unsigned long max_len;	544	unsigned long max_len;
545		545
546	max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;	546	max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
547	if (max_len < (unsigned long)s->internal->max_cert_list)	547	if (max_len < (unsigned long)s->max_cert_list)
548	return s->internal->max_cert_list;	548	return s->max_cert_list;
549	return max_len;	549	return max_len;
550	}	550	}
551		551
@@ -749,7 +749,7 @@ dtls1_get_message_fragment(SSL s, int st1, int stn, long max, int ok)
749	/* see if we have the required fragment already */	749	/* see if we have the required fragment already */
750	if ((frag_len = dtls1_retrieve_buffered_fragment(s, max, ok)) \|\| *ok) {	750	if ((frag_len = dtls1_retrieve_buffered_fragment(s, max, ok)) \|\| *ok) {
751	if (*ok)	751	if (*ok)
752	s->internal->init_num = frag_len;	752	s->init_num = frag_len;
753	return frag_len;	753	return frag_len;
754	}	754	}
755		755
@@ -758,7 +758,7 @@ dtls1_get_message_fragment(SSL s, int st1, int stn, long max, int ok)
758	DTLS1_HM_HEADER_LENGTH, 0);	758	DTLS1_HM_HEADER_LENGTH, 0);
759	if (i <= 0) {	759	if (i <= 0) {
760	/* nbio, or an error */	760	/* nbio, or an error */
761	s->internal->rwstate = SSL_READING;	761	s->rwstate = SSL_READING;
762	*ok = 0;	762	*ok = 0;
763	return i;	763	return i;
764	}	764	}
@@ -797,13 +797,13 @@ dtls1_get_message_fragment(SSL s, int st1, int stn, long max, int ok)
797	* 'Finished' MAC.	797	* 'Finished' MAC.
798	*/	798	*/
799	if (wire[1] == 0 && wire[2] == 0 && wire[3] == 0) {	799	if (wire[1] == 0 && wire[2] == 0 && wire[3] == 0) {
800	if (s->internal->msg_callback)	800	if (s->msg_callback)
801	s->internal->msg_callback(0, s->version,	801	s->msg_callback(0, s->version,
802	SSL3_RT_HANDSHAKE, wire,	802	SSL3_RT_HANDSHAKE, wire,
803	DTLS1_HM_HEADER_LENGTH, s,	803	DTLS1_HM_HEADER_LENGTH, s,
804	s->internal->msg_callback_arg);	804	s->msg_callback_arg);
805		805
806	s->internal->init_num = 0;	806	s->init_num = 0;
807	goto again;	807	goto again;
808	}	808	}
809	else /* Incorrectly formated Hello request */	809	else /* Incorrectly formated Hello request */
@@ -821,13 +821,13 @@ dtls1_get_message_fragment(SSL s, int st1, int stn, long max, int ok)
821	s->s3->hs.state = stn;	821	s->s3->hs.state = stn;
822		822
823	if (frag_len > 0) {	823	if (frag_len > 0) {
824	unsigned char p = (unsigned char )s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH;	824	unsigned char p = (unsigned char )s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
825		825
826	i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,	826	i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE,
827	&p[frag_off], frag_len, 0);	827	&p[frag_off], frag_len, 0);
828	/* XDTLS: fix this--message fragments cannot span multiple packets */	828	/* XDTLS: fix this--message fragments cannot span multiple packets */
829	if (i <= 0) {	829	if (i <= 0) {
830	s->internal->rwstate = SSL_READING;	830	s->rwstate = SSL_READING;
831	*ok = 0;	831	*ok = 0;
832	return i;	832	return i;
833	}	833	}
@@ -845,18 +845,18 @@ dtls1_get_message_fragment(SSL s, int st1, int stn, long max, int ok)
845	}	845	}
846		846
847	/*	847	/*
848	* Note that s->internal->init_num is not used as current offset in	848	* Note that s->init_num is not used as current offset in
849	* s->internal->init_buf->data, but as a counter summing up fragments'	849	* s->init_buf->data, but as a counter summing up fragments'
850	* lengths: as soon as they sum up to handshake packet	850	* lengths: as soon as they sum up to handshake packet
851	* length, we assume we have got all the fragments.	851	* length, we assume we have got all the fragments.
852	*/	852	*/
853	s->internal->init_num = frag_len;	853	s->init_num = frag_len;
854	*ok = 1;	854	*ok = 1;
855	return frag_len;	855	return frag_len;
856		856
857	fatal_err:	857	fatal_err:
858	ssl3_send_alert(s, SSL3_AL_FATAL, al);	858	ssl3_send_alert(s, SSL3_AL_FATAL, al);
859	s->internal->init_num = 0;	859	s->init_num = 0;
860		860
861	*ok = 0;	861	*ok = 0;
862	return (-1);	862	return (-1);
@@ -948,17 +948,17 @@ dtls1_buffer_message(SSL *s, int is_ccs)
948	* This function is called immediately after a message has	948	* This function is called immediately after a message has
949	* been serialized	949	* been serialized
950	*/	950	*/
951	OPENSSL_assert(s->internal->init_off == 0);	951	OPENSSL_assert(s->init_off == 0);
952		952
953	frag = dtls1_hm_fragment_new(s->internal->init_num, 0);	953	frag = dtls1_hm_fragment_new(s->init_num, 0);
954	if (frag == NULL)	954	if (frag == NULL)
955	return 0;	955	return 0;
956		956
957	memcpy(frag->fragment, s->internal->init_buf->data, s->internal->init_num);	957	memcpy(frag->fragment, s->init_buf->data, s->init_num);
958		958
959	OPENSSL_assert(s->d1->w_msg_hdr.msg_len +	959	OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
960	(is_ccs ? DTLS1_CCS_HEADER_LENGTH : DTLS1_HM_HEADER_LENGTH) ==	960	(is_ccs ? DTLS1_CCS_HEADER_LENGTH : DTLS1_HM_HEADER_LENGTH) ==
961	(unsigned int)s->internal->init_num);	961	(unsigned int)s->init_num);
962		962
963	frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;	963	frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;
964	frag->msg_header.seq = s->d1->w_msg_hdr.seq;	964	frag->msg_header.seq = s->d1->w_msg_hdr.seq;
@@ -970,7 +970,7 @@ dtls1_buffer_message(SSL *s, int is_ccs)
970	/* save current state*/	970	/* save current state*/
971	frag->msg_header.saved_retransmit_state.session = s->session;	971	frag->msg_header.saved_retransmit_state.session = s->session;
972	frag->msg_header.saved_retransmit_state.epoch =	972	frag->msg_header.saved_retransmit_state.epoch =
973	tls12_record_layer_write_epoch(s->internal->rl);	973	tls12_record_layer_write_epoch(s->rl);
974		974
975	memset(seq64be, 0, sizeof(seq64be));	975	memset(seq64be, 0, sizeof(seq64be));
976	seq64be[6] = (unsigned char)(dtls1_get_queue_priority(	976	seq64be[6] = (unsigned char)(dtls1_get_queue_priority(
@@ -1001,8 +1001,8 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
1001	struct dtls1_retransmit_state saved_state;	1001	struct dtls1_retransmit_state saved_state;
1002		1002
1003	/*	1003	/*
1004	OPENSSL_assert(s->internal->init_num == 0);	1004	OPENSSL_assert(s->init_num == 0);
1005	OPENSSL_assert(s->internal->init_off == 0);	1005	OPENSSL_assert(s->init_off == 0);
1006	*/	1006	*/
1007		1007
1008	/* XDTLS: the requested message ought to be found, otherwise error */	1008	/* XDTLS: the requested message ought to be found, otherwise error */
@@ -1027,9 +1027,9 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
1027	else	1027	else
1028	header_length = DTLS1_HM_HEADER_LENGTH;	1028	header_length = DTLS1_HM_HEADER_LENGTH;
1029		1029
1030	memcpy(s->internal->init_buf->data, frag->fragment,	1030	memcpy(s->init_buf->data, frag->fragment,
1031	frag->msg_header.msg_len + header_length);	1031	frag->msg_header.msg_len + header_length);
1032	s->internal->init_num = frag->msg_header.msg_len + header_length;	1032	s->init_num = frag->msg_header.msg_len + header_length;
1033		1033
1034	dtls1_set_message_header_int(s, frag->msg_header.type,	1034	dtls1_set_message_header_int(s, frag->msg_header.type,
1035	frag->msg_header.msg_len, frag->msg_header.seq, 0,	1035	frag->msg_header.msg_len, frag->msg_header.seq, 0,
@@ -1037,13 +1037,13 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
1037		1037
1038	/* save current state */	1038	/* save current state */
1039	saved_state.session = s->session;	1039	saved_state.session = s->session;
1040	saved_state.epoch = tls12_record_layer_write_epoch(s->internal->rl);	1040	saved_state.epoch = tls12_record_layer_write_epoch(s->rl);
1041		1041
1042	s->d1->retransmitting = 1;	1042	s->d1->retransmitting = 1;
1043		1043
1044	/* restore state in which the message was originally sent */	1044	/* restore state in which the message was originally sent */
1045	s->session = frag->msg_header.saved_retransmit_state.session;	1045	s->session = frag->msg_header.saved_retransmit_state.session;
1046	if (!tls12_record_layer_use_write_epoch(s->internal->rl,	1046	if (!tls12_record_layer_use_write_epoch(s->rl,
1047	frag->msg_header.saved_retransmit_state.epoch))	1047	frag->msg_header.saved_retransmit_state.epoch))
1048	return 0;	1048	return 0;
1049		1049
@@ -1052,7 +1052,7 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
1052		1052
1053	/* restore current state */	1053	/* restore current state */
1054	s->session = saved_state.session;	1054	s->session = saved_state.session;
1055	if (!tls12_record_layer_use_write_epoch(s->internal->rl,	1055	if (!tls12_record_layer_use_write_epoch(s->rl,
1056	saved_state.epoch))	1056	saved_state.epoch))
1057	return 0;	1057	return 0;
1058		1058
@@ -1073,7 +1073,7 @@ dtls1_clear_record_buffer(SSL *s)
1073	item = pqueue_pop(s->d1->sent_messages)) {	1073	item = pqueue_pop(s->d1->sent_messages)) {
1074	frag = item->data;	1074	frag = item->data;
1075	if (frag->msg_header.is_ccs)	1075	if (frag->msg_header.is_ccs)
1076	tls12_record_layer_write_epoch_done(s->internal->rl,	1076	tls12_record_layer_write_epoch_done(s->rl,
1077	frag->msg_header.saved_retransmit_state.epoch);	1077	frag->msg_header.saved_retransmit_state.epoch);
1078	dtls1_hm_fragment_free(frag);	1078	dtls1_hm_fragment_free(frag);
1079	pitem_free(item);	1079	pitem_free(item);