summaryrefslogtreecommitdiff
path: root/src/lib/libssl/d1_pkt.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/d1_pkt.c22
1 files changed, 18 insertions, 4 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 377696deac..eb56cf987b 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -597,6 +597,7 @@ again:
597 /* check whether this is a repeat, or aged record */ 597 /* check whether this is a repeat, or aged record */
598 if ( ! dtls1_record_replay_check(s, bitmap, &(rr->seq_num))) 598 if ( ! dtls1_record_replay_check(s, bitmap, &(rr->seq_num)))
599 { 599 {
600 rr->length = 0;
600 s->packet_length=0; /* dump this record */ 601 s->packet_length=0; /* dump this record */
601 goto again; /* get another record */ 602 goto again; /* get another record */
602 } 603 }
@@ -811,6 +812,14 @@ start:
811 * may be fragmented--don't always expect dest_maxlen bytes */ 812 * may be fragmented--don't always expect dest_maxlen bytes */
812 if ( rr->length < dest_maxlen) 813 if ( rr->length < dest_maxlen)
813 { 814 {
815#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
816 /*
817 * for normal alerts rr->length is 2, while
818 * dest_maxlen is 7 if we were to handle this
819 * non-existing alert...
820 */
821 FIX ME
822#endif
814 s->rstate=SSL_ST_READ_HEADER; 823 s->rstate=SSL_ST_READ_HEADER;
815 rr->length = 0; 824 rr->length = 0;
816 goto start; 825 goto start;
@@ -1251,7 +1260,7 @@ int dtls1_write_bytes(SSL *s, int type, const void *buf_, int len)
1251 else 1260 else
1252 s->s3->wnum += i; 1261 s->s3->wnum += i;
1253 1262
1254 return tot + i; 1263 return i;
1255 } 1264 }
1256 1265
1257int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment) 1266int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment)
@@ -1576,7 +1585,7 @@ int dtls1_dispatch_alert(SSL *s)
1576 { 1585 {
1577 int i,j; 1586 int i,j;
1578 void (*cb)(const SSL *ssl,int type,int val)=NULL; 1587 void (*cb)(const SSL *ssl,int type,int val)=NULL;
1579 unsigned char buf[2 + 2 + 3]; /* alert level + alert desc + message seq +frag_off */ 1588 unsigned char buf[DTLS1_AL_HEADER_LENGTH];
1580 unsigned char *ptr = &buf[0]; 1589 unsigned char *ptr = &buf[0];
1581 1590
1582 s->s3->alert_dispatch=0; 1591 s->s3->alert_dispatch=0;
@@ -1585,6 +1594,7 @@ int dtls1_dispatch_alert(SSL *s)
1585 *ptr++ = s->s3->send_alert[0]; 1594 *ptr++ = s->s3->send_alert[0];
1586 *ptr++ = s->s3->send_alert[1]; 1595 *ptr++ = s->s3->send_alert[1];
1587 1596
1597#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
1588 if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) 1598 if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE)
1589 { 1599 {
1590 s2n(s->d1->handshake_read_seq, ptr); 1600 s2n(s->d1->handshake_read_seq, ptr);
@@ -1600,6 +1610,7 @@ int dtls1_dispatch_alert(SSL *s)
1600#endif 1610#endif
1601 l2n3(s->d1->r_msg_hdr.frag_off, ptr); 1611 l2n3(s->d1->r_msg_hdr.frag_off, ptr);
1602 } 1612 }
1613#endif
1603 1614
1604 i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0); 1615 i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0);
1605 if (i <= 0) 1616 if (i <= 0)
@@ -1609,8 +1620,11 @@ int dtls1_dispatch_alert(SSL *s)
1609 } 1620 }
1610 else 1621 else
1611 { 1622 {
1612 if ( s->s3->send_alert[0] == SSL3_AL_FATAL || 1623 if (s->s3->send_alert[0] == SSL3_AL_FATAL
1613 s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) 1624#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
1625 || s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
1626#endif
1627 )
1614 (void)BIO_flush(s->wbio); 1628 (void)BIO_flush(s->wbio);
1615 1629
1616 if (s->msg_callback) 1630 if (s->msg_callback)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-26 19:40:46 +0000