1 files changed, 0 insertions, 146 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index d2f63b890b..87916eb763 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -181,10 +181,6 @@ static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap);
 static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap);
 static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
    unsigned int *is_next_epoch);
-#if 0
-static int dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr,
-    unsigned short *priority, unsigned long *offset);
-#endif
 static int dtls1_buffer_record(SSL *s, record_pqueue *q,
    unsigned char *priority);
 static int dtls1_process_record(SSL *s);
@@ -323,50 +319,6 @@ dtls1_process_buffered_records(SSL *s)
        return (1);
 }
-#if 0
-static int
-dtls1_get_buffered_record(SSL *s)
-{
-        pitem *item;
-        PQ_64BIT priority =
-            (((PQ_64BIT)s->d1->handshake_read_seq) << 32) |
-            ((PQ_64BIT)s->d1->r_msg_hdr.frag_off);
-        if (!SSL_in_init(s))  /* if we're not (re)negotiating,
-                                   nothing buffered */
-                return 0;
-        item = pqueue_peek(s->d1->rcvd_records);
-        if (item && item->priority == priority) {
-                /* Check if we've received the record of interest.  It must be
-                 * a handshake record, since data records as passed up without
-                 * buffering */
-                DTLS1_RECORD_DATA *rdata;
-                item = pqueue_pop(s->d1->rcvd_records);
-                rdata = (DTLS1_RECORD_DATA *)item->data;
-                free(s->s3->rbuf.buf);
-                s->packet = rdata->packet;
-                s->packet_length = rdata->packet_length;
-                memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER));
-                memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD));
-                free(item->data);
-                pitem_free(item);
-                /* s->d1->next_expected_seq_num++; */
-                return (1);
-        }
-        return 0;
-}
-#endif
 static int
 dtls1_process_record(SSL *s)
 {
@@ -1069,29 +1021,6 @@ start:
                                s->shutdown |= SSL_RECEIVED_SHUTDOWN;
                                return (0);
                        }
-#if 0
-                        /* XXX: this is a possible improvement in the future */
-                        /* now check if it's a missing record */
-                        if (alert_descr == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {
-                                unsigned short seq;
-                                unsigned int frag_off;
-                                unsigned char *p = &(s->d1->alert_fragment[2]);
-                                n2s(p, seq);
-                                n2l3(p, frag_off);
-                                dtls1_retransmit_message(s,
-                                dtls1_get_queue_priority(frag->msg_header.seq, 0),
-                                frag_off, &found);
-                                if (!found  && SSL_in_init(s)) {
-                                        /* fprintf( stderr,"in init = %d\n", SSL_in_init(s)); */
-                                        /* requested a message not yet sent, 
-                                           send an alert ourselves */
-                                        ssl3_send_alert(s, SSL3_AL_WARNING,
-                                        DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
-                                }
-                        }
-#endif
                } else if (alert_level == 2) /* fatal */
                {
                        s->rwstate = SSL_NOTHING;
@@ -1506,13 +1435,6 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
        wr->type=type; /* not needed but helps for debugging */
        wr->length += DTLS1_RT_HEADER_LENGTH;
-#if 0  /* this is now done at the message layer */
-        /* buffer the record, making it easy to handle retransmits */
-        if (type == SSL3_RT_HANDSHAKE || type == SSL3_RT_CHANGE_CIPHER_SPEC)
-                dtls1_buffer_record(s, wr->data, wr->length,
-        *((PQ_64BIT *)&(s->s3->write_sequence[0])));
-#endif
        ssl3_record_sequence_update(&(s->s3->write_sequence[0]));
        /* now let's set up wb */
@@ -1596,16 +1518,6 @@ dtls1_dispatch_alert(SSL *s)
 #ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
        if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {
                s2n(s->d1->handshake_read_seq, ptr);
-#if 0
-                if ( s->d1->r_msg_hdr.frag_off == 0)  /* waiting for a new msg */
-                else
-                        s2n(s->d1->r_msg_hdr.seq, ptr); /* partial msg read */
-#endif
-#if 0
-                fprintf(stderr, "s->d1->handshake_read_seq = %d, s->d1->r_msg_hdr.seq = %d\n", s->d1->handshake_read_seq, s->d1->r_msg_hdr.seq);
-#endif
                l2n3(s->d1->r_msg_hdr.frag_off, ptr);
        }
 #endif
@@ -1660,64 +1572,6 @@ dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch)
        return NULL;
 }
-#if 0
-static int
-dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr, unsigned short *priority,
-    unsigned long *offset)
-{
-        /* alerts are passed up immediately */
-        if (rr->type == SSL3_RT_APPLICATION_DATA || rr->type == SSL3_RT_ALERT)
-                return 0;
-        /* Only need to buffer if a handshake is underway.
-         * (this implies that Hello Request and Client Hello are passed up
-         * immediately) */
-        if (SSL_in_init(s)) {
-                unsigned char *data = rr->data;
-                /* need to extract the HM/CCS sequence number here */
-                if (rr->type == SSL3_RT_HANDSHAKE ||
-                    rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
-                        unsigned short seq_num;
-                        struct hm_header_st msg_hdr;
-                        struct ccs_header_st ccs_hdr;
-                        if (rr->type == SSL3_RT_HANDSHAKE) {
-                                dtls1_get_message_header(data, &msg_hdr);
-                                seq_num = msg_hdr.seq;
-                                *offset = msg_hdr.frag_off;
-                        } else {
-                                dtls1_get_ccs_header(data, &ccs_hdr);
-                                seq_num = ccs_hdr.seq;
-                                *offset = 0;
-                        }
-                        /* this is either a record we're waiting for, or a
-                         * retransmit of something we happened to previously 
-                         * receive (higher layers will drop the repeat silently */
-                        if (seq_num < s->d1->handshake_read_seq)
-                                return 0;
-                        if (rr->type == SSL3_RT_HANDSHAKE &&
-                            seq_num == s->d1->handshake_read_seq &&
-                            msg_hdr.frag_off < s->d1->r_msg_hdr.frag_off)
-                                return 0;
-                        else if (seq_num == s->d1->handshake_read_seq &&
-                            (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC ||
-                            msg_hdr.frag_off == s->d1->r_msg_hdr.frag_off))
-                                return 0;
-                        else {
-                                *priority = seq_num;
-                                return 1;
-                        }
-                }
-                else /* unknown record type */
-                        return 0;
-        }
-        return 0;
-}
-#endif
 void
 dtls1_reset_seq_numbers(SSL *s, int rw)
 {

diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index d2f63b890b..87916eb763 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c
@@ -181,10 +181,6 @@ static int dtls1_record_replay_check(SSL s, DTLS1_BITMAP bitmap);
181	static void dtls1_record_bitmap_update(SSL s, DTLS1_BITMAP bitmap);	181	static void dtls1_record_bitmap_update(SSL s, DTLS1_BITMAP bitmap);
182	static DTLS1_BITMAP dtls1_get_bitmap(SSL s, SSL3_RECORD *rr,	182	static DTLS1_BITMAP dtls1_get_bitmap(SSL s, SSL3_RECORD *rr,
183	unsigned int *is_next_epoch);	183	unsigned int *is_next_epoch);
184	#if 0
185	static int dtls1_record_needs_buffering(SSL s, SSL3_RECORD rr,
186	unsigned short priority, unsigned long offset);
187	#endif
188	static int dtls1_buffer_record(SSL s, record_pqueue q,	184	static int dtls1_buffer_record(SSL s, record_pqueue q,
189	unsigned char *priority);	185	unsigned char *priority);
190	static int dtls1_process_record(SSL *s);	186	static int dtls1_process_record(SSL *s);
@@ -323,50 +319,6 @@ dtls1_process_buffered_records(SSL *s)
323	return (1);	319	return (1);
324	}	320	}
325		321
326
327	#if 0
328
329	static int
330	dtls1_get_buffered_record(SSL *s)
331	{
332	pitem *item;
333	PQ_64BIT priority =
334	(((PQ_64BIT)s->d1->handshake_read_seq) << 32) \|
335	((PQ_64BIT)s->d1->r_msg_hdr.frag_off);
336
337	if (!SSL_in_init(s)) /* if we're not (re)negotiating,
338	nothing buffered */
339	return 0;
340
341
342	item = pqueue_peek(s->d1->rcvd_records);
343	if (item && item->priority == priority) {
344	/* Check if we've received the record of interest. It must be
345	* a handshake record, since data records as passed up without
346	* buffering */
347	DTLS1_RECORD_DATA *rdata;
348	item = pqueue_pop(s->d1->rcvd_records);
349	rdata = (DTLS1_RECORD_DATA *)item->data;
350
351	free(s->s3->rbuf.buf);
352
353	s->packet = rdata->packet;
354	s->packet_length = rdata->packet_length;
355	memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER));
356	memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD));
357
358	free(item->data);
359	pitem_free(item);
360
361	/* s->d1->next_expected_seq_num++; */
362	return (1);
363	}
364
365	return 0;
366	}
367
368	#endif
369
370	static int	322	static int
371	dtls1_process_record(SSL *s)	323	dtls1_process_record(SSL *s)
372	{	324	{
@@ -1069,29 +1021,6 @@ start:
1069	s->shutdown \|= SSL_RECEIVED_SHUTDOWN;	1021	s->shutdown \|= SSL_RECEIVED_SHUTDOWN;
1070	return (0);	1022	return (0);
1071	}	1023	}
1072	#if 0
1073	/* XXX: this is a possible improvement in the future */
1074	/* now check if it's a missing record */
1075	if (alert_descr == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {
1076	unsigned short seq;
1077	unsigned int frag_off;
1078	unsigned char *p = &(s->d1->alert_fragment[2]);
1079
1080	n2s(p, seq);
1081	n2l3(p, frag_off);
1082
1083	dtls1_retransmit_message(s,
1084	dtls1_get_queue_priority(frag->msg_header.seq, 0),
1085	frag_off, &found);
1086	if (!found && SSL_in_init(s)) {
1087	/* fprintf( stderr,"in init = %d\n", SSL_in_init(s)); */
1088	/* requested a message not yet sent,
1089	send an alert ourselves */
1090	ssl3_send_alert(s, SSL3_AL_WARNING,
1091	DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
1092	}
1093	}
1094	#endif
1095	} else if (alert_level == 2) /* fatal */	1024	} else if (alert_level == 2) /* fatal */
1096	{	1025	{
1097	s->rwstate = SSL_NOTHING;	1026	s->rwstate = SSL_NOTHING;
@@ -1506,13 +1435,6 @@ do_dtls1_write(SSL s, int type, const unsigned char buf, unsigned int len)
1506	wr->type=type; /* not needed but helps for debugging */	1435	wr->type=type; /* not needed but helps for debugging */
1507	wr->length += DTLS1_RT_HEADER_LENGTH;	1436	wr->length += DTLS1_RT_HEADER_LENGTH;
1508		1437
1509	#if 0 /* this is now done at the message layer */
1510	/* buffer the record, making it easy to handle retransmits */
1511	if (type == SSL3_RT_HANDSHAKE \|\| type == SSL3_RT_CHANGE_CIPHER_SPEC)
1512	dtls1_buffer_record(s, wr->data, wr->length,
1513	((PQ_64BIT )&(s->s3->write_sequence[0])));
1514	#endif
1515
1516	ssl3_record_sequence_update(&(s->s3->write_sequence[0]));	1438	ssl3_record_sequence_update(&(s->s3->write_sequence[0]));
1517		1439
1518	/* now let's set up wb */	1440	/* now let's set up wb */
@@ -1596,16 +1518,6 @@ dtls1_dispatch_alert(SSL *s)
1596	#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE	1518	#ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE
1597	if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {	1519	if (s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE) {
1598	s2n(s->d1->handshake_read_seq, ptr);	1520	s2n(s->d1->handshake_read_seq, ptr);
1599	#if 0
1600	if ( s->d1->r_msg_hdr.frag_off == 0) /* waiting for a new msg */
1601
1602	else
1603	s2n(s->d1->r_msg_hdr.seq, ptr); /* partial msg read */
1604	#endif
1605
1606	#if 0
1607	fprintf(stderr, "s->d1->handshake_read_seq = %d, s->d1->r_msg_hdr.seq = %d\n", s->d1->handshake_read_seq, s->d1->r_msg_hdr.seq);
1608	#endif
1609	l2n3(s->d1->r_msg_hdr.frag_off, ptr);	1521	l2n3(s->d1->r_msg_hdr.frag_off, ptr);
1610	}	1522	}
1611	#endif	1523	#endif
@@ -1660,64 +1572,6 @@ dtls1_get_bitmap(SSL s, SSL3_RECORD rr, unsigned int *is_next_epoch)
1660	return NULL;	1572	return NULL;
1661	}	1573	}
1662		1574
1663	#if 0
1664	static int
1665	dtls1_record_needs_buffering(SSL s, SSL3_RECORD rr, unsigned short *priority,
1666	unsigned long *offset)
1667	{
1668
1669	/* alerts are passed up immediately */
1670	if (rr->type == SSL3_RT_APPLICATION_DATA \|\| rr->type == SSL3_RT_ALERT)
1671	return 0;
1672
1673	/* Only need to buffer if a handshake is underway.
1674	* (this implies that Hello Request and Client Hello are passed up
1675	* immediately) */
1676	if (SSL_in_init(s)) {
1677	unsigned char *data = rr->data;
1678	/* need to extract the HM/CCS sequence number here */
1679	if (rr->type == SSL3_RT_HANDSHAKE \|\|
1680	rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
1681	unsigned short seq_num;
1682	struct hm_header_st msg_hdr;
1683	struct ccs_header_st ccs_hdr;
1684
1685	if (rr->type == SSL3_RT_HANDSHAKE) {
1686	dtls1_get_message_header(data, &msg_hdr);
1687	seq_num = msg_hdr.seq;
1688	*offset = msg_hdr.frag_off;
1689	} else {
1690	dtls1_get_ccs_header(data, &ccs_hdr);
1691	seq_num = ccs_hdr.seq;
1692	*offset = 0;
1693	}
1694
1695	/* this is either a record we're waiting for, or a
1696	* retransmit of something we happened to previously
1697	* receive (higher layers will drop the repeat silently */
1698	if (seq_num < s->d1->handshake_read_seq)
1699	return 0;
1700	if (rr->type == SSL3_RT_HANDSHAKE &&
1701	seq_num == s->d1->handshake_read_seq &&
1702	msg_hdr.frag_off < s->d1->r_msg_hdr.frag_off)
1703	return 0;
1704	else if (seq_num == s->d1->handshake_read_seq &&
1705	(rr->type == SSL3_RT_CHANGE_CIPHER_SPEC \|\|
1706	msg_hdr.frag_off == s->d1->r_msg_hdr.frag_off))
1707	return 0;
1708	else {
1709	*priority = seq_num;
1710	return 1;
1711	}
1712	}
1713	else /* unknown record type */
1714	return 0;
1715	}
1716
1717	return 0;
1718	}
1719	#endif
1720
1721	void	1575	void
1722	dtls1_reset_seq_numbers(SSL *s, int rw)	1576	dtls1_reset_seq_numbers(SSL *s, int rw)
1723	{	1577	{