diff options
Diffstat (limited to 'src/lib/libssl/d1_pkt.c')
| -rw-r--r-- | src/lib/libssl/d1_pkt.c | 120 |
1 files changed, 60 insertions, 60 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index 9ea7d5277a..c44f8f0f58 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_pkt.c,v 1.49 2016/11/04 18:00:12 guenther Exp $ */ | 1 | /* $OpenBSD: d1_pkt.c,v 1.50 2017/01/22 07:16:39 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -285,31 +285,31 @@ dtls1_retrieve_buffered_record(SSL *s, record_pqueue *queue) | |||
| 285 | * yet */ | 285 | * yet */ |
| 286 | #define dtls1_get_unprocessed_record(s) \ | 286 | #define dtls1_get_unprocessed_record(s) \ |
| 287 | dtls1_retrieve_buffered_record((s), \ | 287 | dtls1_retrieve_buffered_record((s), \ |
| 288 | &((s)->d1->unprocessed_rcds)) | 288 | &((D1I(s))->unprocessed_rcds)) |
| 289 | 289 | ||
| 290 | /* retrieve a buffered record that belongs to the current epoch, ie, processed */ | 290 | /* retrieve a buffered record that belongs to the current epoch, ie, processed */ |
| 291 | #define dtls1_get_processed_record(s) \ | 291 | #define dtls1_get_processed_record(s) \ |
| 292 | dtls1_retrieve_buffered_record((s), \ | 292 | dtls1_retrieve_buffered_record((s), \ |
| 293 | &((s)->d1->processed_rcds)) | 293 | &((D1I(s))->processed_rcds)) |
| 294 | 294 | ||
| 295 | static int | 295 | static int |
| 296 | dtls1_process_buffered_records(SSL *s) | 296 | dtls1_process_buffered_records(SSL *s) |
| 297 | { | 297 | { |
| 298 | pitem *item; | 298 | pitem *item; |
| 299 | 299 | ||
| 300 | item = pqueue_peek(s->d1->unprocessed_rcds.q); | 300 | item = pqueue_peek(D1I(s)->unprocessed_rcds.q); |
| 301 | if (item) { | 301 | if (item) { |
| 302 | /* Check if epoch is current. */ | 302 | /* Check if epoch is current. */ |
| 303 | if (s->d1->unprocessed_rcds.epoch != s->d1->r_epoch) | 303 | if (D1I(s)->unprocessed_rcds.epoch != D1I(s)->r_epoch) |
| 304 | return (1); | 304 | return (1); |
| 305 | /* Nothing to do. */ | 305 | /* Nothing to do. */ |
| 306 | 306 | ||
| 307 | /* Process all the records. */ | 307 | /* Process all the records. */ |
| 308 | while (pqueue_peek(s->d1->unprocessed_rcds.q)) { | 308 | while (pqueue_peek(D1I(s)->unprocessed_rcds.q)) { |
| 309 | dtls1_get_unprocessed_record(s); | 309 | dtls1_get_unprocessed_record(s); |
| 310 | if (! dtls1_process_record(s)) | 310 | if (! dtls1_process_record(s)) |
| 311 | return (0); | 311 | return (0); |
| 312 | if (dtls1_buffer_record(s, &(s->d1->processed_rcds), | 312 | if (dtls1_buffer_record(s, &(D1I(s)->processed_rcds), |
| 313 | s->s3->rrec.seq_num) < 0) | 313 | s->s3->rrec.seq_num) < 0) |
| 314 | return (-1); | 314 | return (-1); |
| 315 | } | 315 | } |
| @@ -317,8 +317,8 @@ dtls1_process_buffered_records(SSL *s) | |||
| 317 | 317 | ||
| 318 | /* sync epoch numbers once all the unprocessed records | 318 | /* sync epoch numbers once all the unprocessed records |
| 319 | * have been processed */ | 319 | * have been processed */ |
| 320 | s->d1->processed_rcds.epoch = s->d1->r_epoch; | 320 | D1I(s)->processed_rcds.epoch = D1I(s)->r_epoch; |
| 321 | s->d1->unprocessed_rcds.epoch = s->d1->r_epoch + 1; | 321 | D1I(s)->unprocessed_rcds.epoch = D1I(s)->r_epoch + 1; |
| 322 | 322 | ||
| 323 | return (1); | 323 | return (1); |
| 324 | } | 324 | } |
| @@ -581,7 +581,7 @@ again: | |||
| 581 | * since they arrive from different connections and | 581 | * since they arrive from different connections and |
| 582 | * would be dropped unnecessarily. | 582 | * would be dropped unnecessarily. |
| 583 | */ | 583 | */ |
| 584 | if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE && | 584 | if (!(D1I(s)->listen && rr->type == SSL3_RT_HANDSHAKE && |
| 585 | p != NULL && *p == SSL3_MT_CLIENT_HELLO) && | 585 | p != NULL && *p == SSL3_MT_CLIENT_HELLO) && |
| 586 | !dtls1_record_replay_check(s, bitmap)) | 586 | !dtls1_record_replay_check(s, bitmap)) |
| 587 | goto again; | 587 | goto again; |
| @@ -596,8 +596,8 @@ again: | |||
| 596 | * anything while listening. | 596 | * anything while listening. |
| 597 | */ | 597 | */ |
| 598 | if (is_next_epoch) { | 598 | if (is_next_epoch) { |
| 599 | if ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen) { | 599 | if ((SSL_in_init(s) || s->in_handshake) && !D1I(s)->listen) { |
| 600 | if (dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), | 600 | if (dtls1_buffer_record(s, &(D1I(s)->unprocessed_rcds), |
| 601 | rr->seq_num) < 0) | 601 | rr->seq_num) < 0) |
| 602 | return (-1); | 602 | return (-1); |
| 603 | /* Mark receipt of record. */ | 603 | /* Mark receipt of record. */ |
| @@ -665,7 +665,7 @@ dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) | |||
| 665 | if ((ret = have_handshake_fragment(s, type, buf, len, peek))) | 665 | if ((ret = have_handshake_fragment(s, type, buf, len, peek))) |
| 666 | return ret; | 666 | return ret; |
| 667 | 667 | ||
| 668 | /* Now s->d1->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE. */ | 668 | /* Now D1I(s)->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE. */ |
| 669 | 669 | ||
| 670 | if (!s->in_handshake && SSL_in_init(s)) | 670 | if (!s->in_handshake && SSL_in_init(s)) |
| 671 | { | 671 | { |
| @@ -694,7 +694,7 @@ start: | |||
| 694 | */ | 694 | */ |
| 695 | if (s->state == SSL_ST_OK && rr->length == 0) { | 695 | if (s->state == SSL_ST_OK && rr->length == 0) { |
| 696 | pitem *item; | 696 | pitem *item; |
| 697 | item = pqueue_pop(s->d1->buffered_app_data.q); | 697 | item = pqueue_pop(D1I(s)->buffered_app_data.q); |
| 698 | if (item) { | 698 | if (item) { |
| 699 | 699 | ||
| 700 | dtls1_copy_record(s, item); | 700 | dtls1_copy_record(s, item); |
| @@ -721,7 +721,7 @@ start: | |||
| 721 | } | 721 | } |
| 722 | } | 722 | } |
| 723 | 723 | ||
| 724 | if (s->d1->listen && rr->type != SSL3_RT_HANDSHAKE) { | 724 | if (D1I(s)->listen && rr->type != SSL3_RT_HANDSHAKE) { |
| 725 | rr->length = 0; | 725 | rr->length = 0; |
| 726 | goto start; | 726 | goto start; |
| 727 | } | 727 | } |
| @@ -736,7 +736,7 @@ start: | |||
| 736 | * buffer the application data for later processing rather | 736 | * buffer the application data for later processing rather |
| 737 | * than dropping the connection. | 737 | * than dropping the connection. |
| 738 | */ | 738 | */ |
| 739 | if (dtls1_buffer_record(s, &(s->d1->buffered_app_data), | 739 | if (dtls1_buffer_record(s, &(D1I(s)->buffered_app_data), |
| 740 | rr->seq_num) < 0) { | 740 | rr->seq_num) < 0) { |
| 741 | SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR); | 741 | SSLerr(SSL_F_DTLS1_READ_BYTES, ERR_R_INTERNAL_ERROR); |
| 742 | return (-1); | 742 | return (-1); |
| @@ -799,13 +799,13 @@ start: | |||
| 799 | unsigned int *dest_len = NULL; | 799 | unsigned int *dest_len = NULL; |
| 800 | 800 | ||
| 801 | if (rr->type == SSL3_RT_HANDSHAKE) { | 801 | if (rr->type == SSL3_RT_HANDSHAKE) { |
| 802 | dest_maxlen = sizeof s->d1->handshake_fragment; | 802 | dest_maxlen = sizeof D1I(s)->handshake_fragment; |
| 803 | dest = s->d1->handshake_fragment; | 803 | dest = D1I(s)->handshake_fragment; |
| 804 | dest_len = &s->d1->handshake_fragment_len; | 804 | dest_len = &D1I(s)->handshake_fragment_len; |
| 805 | } else if (rr->type == SSL3_RT_ALERT) { | 805 | } else if (rr->type == SSL3_RT_ALERT) { |
| 806 | dest_maxlen = sizeof(s->d1->alert_fragment); | 806 | dest_maxlen = sizeof(D1I(s)->alert_fragment); |
| 807 | dest = s->d1->alert_fragment; | 807 | dest = D1I(s)->alert_fragment; |
| 808 | dest_len = &s->d1->alert_fragment_len; | 808 | dest_len = &D1I(s)->alert_fragment_len; |
| 809 | } | 809 | } |
| 810 | /* else it's a CCS message, or application data or wrong */ | 810 | /* else it's a CCS message, or application data or wrong */ |
| 811 | else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC) { | 811 | else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC) { |
| @@ -854,20 +854,20 @@ start: | |||
| 854 | } | 854 | } |
| 855 | } | 855 | } |
| 856 | 856 | ||
| 857 | /* s->d1->handshake_fragment_len == 12 iff rr->type == SSL3_RT_HANDSHAKE; | 857 | /* D1I(s)->handshake_fragment_len == 12 iff rr->type == SSL3_RT_HANDSHAKE; |
| 858 | * s->d1->alert_fragment_len == 7 iff rr->type == SSL3_RT_ALERT. | 858 | * D1I(s)->alert_fragment_len == 7 iff rr->type == SSL3_RT_ALERT. |
| 859 | * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */ | 859 | * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */ |
| 860 | 860 | ||
| 861 | /* If we are a client, check for an incoming 'Hello Request': */ | 861 | /* If we are a client, check for an incoming 'Hello Request': */ |
| 862 | if ((!s->server) && | 862 | if ((!s->server) && |
| 863 | (s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) && | 863 | (D1I(s)->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) && |
| 864 | (s->d1->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) && | 864 | (D1I(s)->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) && |
| 865 | (s->session != NULL) && (s->session->cipher != NULL)) { | 865 | (s->session != NULL) && (s->session->cipher != NULL)) { |
| 866 | s->d1->handshake_fragment_len = 0; | 866 | D1I(s)->handshake_fragment_len = 0; |
| 867 | 867 | ||
| 868 | if ((s->d1->handshake_fragment[1] != 0) || | 868 | if ((D1I(s)->handshake_fragment[1] != 0) || |
| 869 | (s->d1->handshake_fragment[2] != 0) || | 869 | (D1I(s)->handshake_fragment[2] != 0) || |
| 870 | (s->d1->handshake_fragment[3] != 0)) { | 870 | (D1I(s)->handshake_fragment[3] != 0)) { |
| 871 | al = SSL_AD_DECODE_ERROR; | 871 | al = SSL_AD_DECODE_ERROR; |
| 872 | SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_HELLO_REQUEST); | 872 | SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_BAD_HELLO_REQUEST); |
| 873 | goto err; | 873 | goto err; |
| @@ -877,12 +877,12 @@ start: | |||
| 877 | 877 | ||
| 878 | if (s->msg_callback) | 878 | if (s->msg_callback) |
| 879 | s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, | 879 | s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, |
| 880 | s->d1->handshake_fragment, 4, s, s->msg_callback_arg); | 880 | D1I(s)->handshake_fragment, 4, s, s->msg_callback_arg); |
| 881 | 881 | ||
| 882 | if (SSL_is_init_finished(s) && | 882 | if (SSL_is_init_finished(s) && |
| 883 | !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && | 883 | !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && |
| 884 | !s->s3->renegotiate) { | 884 | !s->s3->renegotiate) { |
| 885 | s->d1->handshake_read_seq++; | 885 | D1I(s)->handshake_read_seq++; |
| 886 | s->new_session = 1; | 886 | s->new_session = 1; |
| 887 | ssl3_renegotiate(s); | 887 | ssl3_renegotiate(s); |
| 888 | if (ssl3_renegotiate_check(s)) { | 888 | if (ssl3_renegotiate_check(s)) { |
| @@ -916,15 +916,15 @@ start: | |||
| 916 | goto start; | 916 | goto start; |
| 917 | } | 917 | } |
| 918 | 918 | ||
| 919 | if (s->d1->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH) { | 919 | if (D1I(s)->alert_fragment_len >= DTLS1_AL_HEADER_LENGTH) { |
| 920 | int alert_level = s->d1->alert_fragment[0]; | 920 | int alert_level = D1I(s)->alert_fragment[0]; |
| 921 | int alert_descr = s->d1->alert_fragment[1]; | 921 | int alert_descr = D1I(s)->alert_fragment[1]; |
| 922 | 922 | ||
| 923 | s->d1->alert_fragment_len = 0; | 923 | D1I(s)->alert_fragment_len = 0; |
| 924 | 924 | ||
| 925 | if (s->msg_callback) | 925 | if (s->msg_callback) |
| 926 | s->msg_callback(0, s->version, SSL3_RT_ALERT, | 926 | s->msg_callback(0, s->version, SSL3_RT_ALERT, |
| 927 | s->d1->alert_fragment, 2, s, s->msg_callback_arg); | 927 | D1I(s)->alert_fragment, 2, s, s->msg_callback_arg); |
| 928 | 928 | ||
| 929 | if (s->info_callback != NULL) | 929 | if (s->info_callback != NULL) |
| 930 | cb = s->info_callback; | 930 | cb = s->info_callback; |
| @@ -994,11 +994,11 @@ start: | |||
| 994 | /* We can't process a CCS now, because previous handshake | 994 | /* We can't process a CCS now, because previous handshake |
| 995 | * messages are still missing, so just drop it. | 995 | * messages are still missing, so just drop it. |
| 996 | */ | 996 | */ |
| 997 | if (!s->d1->change_cipher_spec_ok) { | 997 | if (!D1I(s)->change_cipher_spec_ok) { |
| 998 | goto start; | 998 | goto start; |
| 999 | } | 999 | } |
| 1000 | 1000 | ||
| 1001 | s->d1->change_cipher_spec_ok = 0; | 1001 | D1I(s)->change_cipher_spec_ok = 0; |
| 1002 | 1002 | ||
| 1003 | s->s3->change_cipher_spec = 1; | 1003 | s->s3->change_cipher_spec = 1; |
| 1004 | if (!ssl3_do_change_cipher_spec(s)) | 1004 | if (!ssl3_do_change_cipher_spec(s)) |
| @@ -1011,14 +1011,14 @@ start: | |||
| 1011 | } | 1011 | } |
| 1012 | 1012 | ||
| 1013 | /* Unexpected handshake message (Client Hello, or protocol violation) */ | 1013 | /* Unexpected handshake message (Client Hello, or protocol violation) */ |
| 1014 | if ((s->d1->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) && | 1014 | if ((D1I(s)->handshake_fragment_len >= DTLS1_HM_HEADER_LENGTH) && |
| 1015 | !s->in_handshake) { | 1015 | !s->in_handshake) { |
| 1016 | struct hm_header_st msg_hdr; | 1016 | struct hm_header_st msg_hdr; |
| 1017 | 1017 | ||
| 1018 | /* this may just be a stale retransmit */ | 1018 | /* this may just be a stale retransmit */ |
| 1019 | if (!dtls1_get_message_header(rr->data, &msg_hdr)) | 1019 | if (!dtls1_get_message_header(rr->data, &msg_hdr)) |
| 1020 | return -1; | 1020 | return -1; |
| 1021 | if (rr->epoch != s->d1->r_epoch) { | 1021 | if (rr->epoch != D1I(s)->r_epoch) { |
| 1022 | rr->length = 0; | 1022 | rr->length = 0; |
| 1023 | goto start; | 1023 | goto start; |
| 1024 | } | 1024 | } |
| @@ -1151,24 +1151,24 @@ have_handshake_fragment(SSL *s, int type, unsigned char *buf, | |||
| 1151 | int len, int peek) | 1151 | int len, int peek) |
| 1152 | { | 1152 | { |
| 1153 | 1153 | ||
| 1154 | if ((type == SSL3_RT_HANDSHAKE) && (s->d1->handshake_fragment_len > 0)) | 1154 | if ((type == SSL3_RT_HANDSHAKE) && (D1I(s)->handshake_fragment_len > 0)) |
| 1155 | /* (partially) satisfy request from storage */ | 1155 | /* (partially) satisfy request from storage */ |
| 1156 | { | 1156 | { |
| 1157 | unsigned char *src = s->d1->handshake_fragment; | 1157 | unsigned char *src = D1I(s)->handshake_fragment; |
| 1158 | unsigned char *dst = buf; | 1158 | unsigned char *dst = buf; |
| 1159 | unsigned int k, n; | 1159 | unsigned int k, n; |
| 1160 | 1160 | ||
| 1161 | /* peek == 0 */ | 1161 | /* peek == 0 */ |
| 1162 | n = 0; | 1162 | n = 0; |
| 1163 | while ((len > 0) && (s->d1->handshake_fragment_len > 0)) { | 1163 | while ((len > 0) && (D1I(s)->handshake_fragment_len > 0)) { |
| 1164 | *dst++ = *src++; | 1164 | *dst++ = *src++; |
| 1165 | len--; | 1165 | len--; |
| 1166 | s->d1->handshake_fragment_len--; | 1166 | D1I(s)->handshake_fragment_len--; |
| 1167 | n++; | 1167 | n++; |
| 1168 | } | 1168 | } |
| 1169 | /* move any remaining fragment bytes: */ | 1169 | /* move any remaining fragment bytes: */ |
| 1170 | for (k = 0; k < s->d1->handshake_fragment_len; k++) | 1170 | for (k = 0; k < D1I(s)->handshake_fragment_len; k++) |
| 1171 | s->d1->handshake_fragment[k] = *src++; | 1171 | D1I(s)->handshake_fragment[k] = *src++; |
| 1172 | return n; | 1172 | return n; |
| 1173 | } | 1173 | } |
| 1174 | 1174 | ||
| @@ -1306,11 +1306,11 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len) | |||
| 1306 | 1306 | ||
| 1307 | /* there's only one epoch between handshake and app data */ | 1307 | /* there's only one epoch between handshake and app data */ |
| 1308 | 1308 | ||
| 1309 | s2n(s->d1->w_epoch, pseq); | 1309 | s2n(D1I(s)->w_epoch, pseq); |
| 1310 | 1310 | ||
| 1311 | /* XDTLS: ?? */ | 1311 | /* XDTLS: ?? */ |
| 1312 | /* else | 1312 | /* else |
| 1313 | s2n(s->d1->handshake_epoch, pseq); | 1313 | s2n(D1I(s)->handshake_epoch, pseq); |
| 1314 | */ | 1314 | */ |
| 1315 | 1315 | ||
| 1316 | memcpy(pseq, &(s->s3->write_sequence[2]), 6); | 1316 | memcpy(pseq, &(s->s3->write_sequence[2]), 6); |
| @@ -1405,8 +1405,8 @@ dtls1_dispatch_alert(SSL *s) | |||
| 1405 | 1405 | ||
| 1406 | #ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE | 1406 | #ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE |
| 1407 | if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) { | 1407 | if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) { |
| 1408 | s2n(s->d1->handshake_read_seq, ptr); | 1408 | s2n(D1I(s)->handshake_read_seq, ptr); |
| 1409 | l2n3(s->d1->r_msg_hdr.frag_off, ptr); | 1409 | l2n3(D1I(s)->r_msg_hdr.frag_off, ptr); |
| 1410 | } | 1410 | } |
| 1411 | #endif | 1411 | #endif |
| 1412 | 1412 | ||
| @@ -1447,14 +1447,14 @@ dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch) | |||
| 1447 | *is_next_epoch = 0; | 1447 | *is_next_epoch = 0; |
| 1448 | 1448 | ||
| 1449 | /* In current epoch, accept HM, CCS, DATA, & ALERT */ | 1449 | /* In current epoch, accept HM, CCS, DATA, & ALERT */ |
| 1450 | if (rr->epoch == s->d1->r_epoch) | 1450 | if (rr->epoch == D1I(s)->r_epoch) |
| 1451 | return &s->d1->bitmap; | 1451 | return &D1I(s)->bitmap; |
| 1452 | 1452 | ||
| 1453 | /* Only HM and ALERT messages can be from the next epoch */ | 1453 | /* Only HM and ALERT messages can be from the next epoch */ |
| 1454 | else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) && | 1454 | else if (rr->epoch == (unsigned long)(D1I(s)->r_epoch + 1) && |
| 1455 | (rr->type == SSL3_RT_HANDSHAKE || rr->type == SSL3_RT_ALERT)) { | 1455 | (rr->type == SSL3_RT_HANDSHAKE || rr->type == SSL3_RT_ALERT)) { |
| 1456 | *is_next_epoch = 1; | 1456 | *is_next_epoch = 1; |
| 1457 | return &s->d1->next_bitmap; | 1457 | return &D1I(s)->next_bitmap; |
| 1458 | } | 1458 | } |
| 1459 | 1459 | ||
| 1460 | return NULL; | 1460 | return NULL; |
| @@ -1468,13 +1468,13 @@ dtls1_reset_seq_numbers(SSL *s, int rw) | |||
| 1468 | 1468 | ||
| 1469 | if (rw & SSL3_CC_READ) { | 1469 | if (rw & SSL3_CC_READ) { |
| 1470 | seq = s->s3->read_sequence; | 1470 | seq = s->s3->read_sequence; |
| 1471 | s->d1->r_epoch++; | 1471 | D1I(s)->r_epoch++; |
| 1472 | memcpy(&(s->d1->bitmap), &(s->d1->next_bitmap), sizeof(DTLS1_BITMAP)); | 1472 | memcpy(&(D1I(s)->bitmap), &(D1I(s)->next_bitmap), sizeof(DTLS1_BITMAP)); |
| 1473 | memset(&(s->d1->next_bitmap), 0x00, sizeof(DTLS1_BITMAP)); | 1473 | memset(&(D1I(s)->next_bitmap), 0x00, sizeof(DTLS1_BITMAP)); |
| 1474 | } else { | 1474 | } else { |
| 1475 | seq = s->s3->write_sequence; | 1475 | seq = s->s3->write_sequence; |
| 1476 | memcpy(s->d1->last_write_sequence, seq, sizeof(s->s3->write_sequence)); | 1476 | memcpy(D1I(s)->last_write_sequence, seq, sizeof(s->s3->write_sequence)); |
| 1477 | s->d1->w_epoch++; | 1477 | D1I(s)->w_epoch++; |
| 1478 | } | 1478 | } |
| 1479 | 1479 | ||
| 1480 | memset(seq, 0x00, seq_bytes); | 1480 | memset(seq, 0x00, seq_bytes); |