summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_pkt.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_pkt.c')
-rw-r--r--src/lib/libssl/ssl_pkt.c204
1 files changed, 102 insertions, 102 deletions
diff --git a/src/lib/libssl/ssl_pkt.c b/src/lib/libssl/ssl_pkt.c
index e3101eefba..3374713644 100644
--- a/src/lib/libssl/ssl_pkt.c
+++ b/src/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_pkt.c,v 1.52 2021/10/25 10:14:48 jsing Exp $ */ 1/* $OpenBSD: ssl_pkt.c,v 1.53 2022/02/05 14:54:10 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -142,7 +142,7 @@ ssl_force_want_read(SSL *s)
142/* 142/*
143 * If extend == 0, obtain new n-byte packet; if extend == 1, increase 143 * If extend == 0, obtain new n-byte packet; if extend == 1, increase
144 * packet by another n bytes. 144 * packet by another n bytes.
145 * The packet will be in the sub-array of S3I(s)->rbuf.buf specified 145 * The packet will be in the sub-array of s->s3->rbuf.buf specified
146 * by s->internal->packet and s->internal->packet_length. 146 * by s->internal->packet and s->internal->packet_length.
147 * (If s->internal->read_ahead is set, 'max' bytes may be stored in rbuf 147 * (If s->internal->read_ahead is set, 'max' bytes may be stored in rbuf
148 * [plus s->internal->packet_length bytes if extend == 1].) 148 * [plus s->internal->packet_length bytes if extend == 1].)
@@ -150,7 +150,7 @@ ssl_force_want_read(SSL *s)
150static int 150static int
151ssl3_read_n(SSL *s, int n, int max, int extend) 151ssl3_read_n(SSL *s, int n, int max, int extend)
152{ 152{
153 SSL3_BUFFER_INTERNAL *rb = &(S3I(s)->rbuf); 153 SSL3_BUFFER_INTERNAL *rb = &(s->s3->rbuf);
154 int i, len, left; 154 int i, len, left;
155 size_t align; 155 size_t align;
156 unsigned char *pkt; 156 unsigned char *pkt;
@@ -239,7 +239,7 @@ ssl3_read_n(SSL *s, int n, int max, int extend)
239 } 239 }
240 240
241 while (left < n) { 241 while (left < n) {
242 /* Now we have len+left bytes at the front of S3I(s)->rbuf.buf 242 /* Now we have len+left bytes at the front of s->s3->rbuf.buf
243 * and need to read in more until we have len+n (up to 243 * and need to read in more until we have len+n (up to
244 * len+max if possible) */ 244 * len+max if possible) */
245 245
@@ -288,7 +288,7 @@ ssl3_packet_read(SSL *s, int plen)
288{ 288{
289 int n; 289 int n;
290 290
291 n = ssl3_read_n(s, plen, S3I(s)->rbuf.len, 0); 291 n = ssl3_read_n(s, plen, s->s3->rbuf.len, 0);
292 if (n <= 0) 292 if (n <= 0)
293 return n; 293 return n;
294 if (s->internal->packet_length < plen) 294 if (s->internal->packet_length < plen)
@@ -327,8 +327,8 @@ ssl3_packet_extend(SSL *s, int plen)
327static int 327static int
328ssl3_get_record(SSL *s) 328ssl3_get_record(SSL *s)
329{ 329{
330 SSL3_BUFFER_INTERNAL *rb = &(S3I(s)->rbuf); 330 SSL3_BUFFER_INTERNAL *rb = &(s->s3->rbuf);
331 SSL3_RECORD_INTERNAL *rr = &(S3I(s)->rrec); 331 SSL3_RECORD_INTERNAL *rr = &(s->s3->rrec);
332 uint8_t alert_desc; 332 uint8_t alert_desc;
333 uint8_t *out; 333 uint8_t *out;
334 size_t out_len; 334 size_t out_len;
@@ -483,8 +483,8 @@ ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
483 } 483 }
484 484
485 s->internal->rwstate = SSL_NOTHING; 485 s->internal->rwstate = SSL_NOTHING;
486 tot = S3I(s)->wnum; 486 tot = s->s3->wnum;
487 S3I(s)->wnum = 0; 487 s->s3->wnum = 0;
488 488
489 if (SSL_in_init(s) && !s->internal->in_handshake) { 489 if (SSL_in_init(s) && !s->internal->in_handshake) {
490 i = s->internal->handshake_func(s); 490 i = s->internal->handshake_func(s);
@@ -507,7 +507,7 @@ ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
507 507
508 i = do_ssl3_write(s, type, &(buf[tot]), nw); 508 i = do_ssl3_write(s, type, &(buf[tot]), nw);
509 if (i <= 0) { 509 if (i <= 0) {
510 S3I(s)->wnum = tot; 510 s->s3->wnum = tot;
511 return i; 511 return i;
512 } 512 }
513 513
@@ -518,7 +518,7 @@ ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
518 * empty fragment in ciphersuites with known-IV 518 * empty fragment in ciphersuites with known-IV
519 * weakness. 519 * weakness.
520 */ 520 */
521 S3I(s)->empty_fragment_done = 0; 521 s->s3->empty_fragment_done = 0;
522 522
523 return tot + i; 523 return tot + i;
524 } 524 }
@@ -531,7 +531,7 @@ ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
531static int 531static int
532do_ssl3_write(SSL *s, int type, const unsigned char *buf, unsigned int len) 532do_ssl3_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
533{ 533{
534 SSL3_BUFFER_INTERNAL *wb = &(S3I(s)->wbuf); 534 SSL3_BUFFER_INTERNAL *wb = &(s->s3->wbuf);
535 SSL_SESSION *sess = s->session; 535 SSL_SESSION *sess = s->session;
536 int need_empty_fragment = 0; 536 int need_empty_fragment = 0;
537 size_t align, out_len; 537 size_t align, out_len;
@@ -553,7 +553,7 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
553 return (ssl3_write_pending(s, type, buf, len)); 553 return (ssl3_write_pending(s, type, buf, len));
554 554
555 /* If we have an alert to send, let's send it. */ 555 /* If we have an alert to send, let's send it. */
556 if (S3I(s)->alert_dispatch) { 556 if (s->s3->alert_dispatch) {
557 if ((ret = ssl3_dispatch_alert(s)) <= 0) 557 if ((ret = ssl3_dispatch_alert(s)) <= 0)
558 return (ret); 558 return (ret);
559 /* If it went, fall through and send more stuff. */ 559 /* If it went, fall through and send more stuff. */
@@ -572,9 +572,9 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
572 * bytes and record version number > TLS 1.0. 572 * bytes and record version number > TLS 1.0.
573 */ 573 */
574 version = s->version; 574 version = s->version;
575 if (S3I(s)->hs.state == SSL3_ST_CW_CLNT_HELLO_B && 575 if (s->s3->hs.state == SSL3_ST_CW_CLNT_HELLO_B &&
576 !s->internal->renegotiate && 576 !s->internal->renegotiate &&
577 S3I(s)->hs.our_max_tls_version > TLS1_VERSION) 577 s->s3->hs.our_max_tls_version > TLS1_VERSION)
578 version = TLS1_VERSION; 578 version = TLS1_VERSION;
579 579
580 /* 580 /*
@@ -583,8 +583,8 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
583 * is unnecessary for AEAD. 583 * is unnecessary for AEAD.
584 */ 584 */
585 if (sess != NULL && tls12_record_layer_write_protected(s->internal->rl)) { 585 if (sess != NULL && tls12_record_layer_write_protected(s->internal->rl)) {
586 if (S3I(s)->need_empty_fragments && 586 if (s->s3->need_empty_fragments &&
587 !S3I(s)->empty_fragment_done && 587 !s->s3->empty_fragment_done &&
588 type == SSL3_RT_APPLICATION_DATA) 588 type == SSL3_RT_APPLICATION_DATA)
589 need_empty_fragment = 1; 589 need_empty_fragment = 1;
590 } 590 }
@@ -609,7 +609,7 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
609 if (!tls12_record_layer_seal_record(s->internal->rl, type, 609 if (!tls12_record_layer_seal_record(s->internal->rl, type,
610 buf, 0, &cbb)) 610 buf, 0, &cbb))
611 goto err; 611 goto err;
612 S3I(s)->empty_fragment_done = 1; 612 s->s3->empty_fragment_done = 1;
613 } 613 }
614 614
615 if (!tls12_record_layer_seal_record(s->internal->rl, type, buf, len, &cbb)) 615 if (!tls12_record_layer_seal_record(s->internal->rl, type, buf, len, &cbb))
@@ -624,10 +624,10 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
624 * Memorize arguments so that ssl3_write_pending can detect 624 * Memorize arguments so that ssl3_write_pending can detect
625 * bad write retries later. 625 * bad write retries later.
626 */ 626 */
627 S3I(s)->wpend_tot = len; 627 s->s3->wpend_tot = len;
628 S3I(s)->wpend_buf = buf; 628 s->s3->wpend_buf = buf;
629 S3I(s)->wpend_type = type; 629 s->s3->wpend_type = type;
630 S3I(s)->wpend_ret = len; 630 s->s3->wpend_ret = len;
631 631
632 /* We now just need to write the buffer. */ 632 /* We now just need to write the buffer. */
633 return ssl3_write_pending(s, type, buf, len); 633 return ssl3_write_pending(s, type, buf, len);
@@ -638,17 +638,17 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
638 return -1; 638 return -1;
639} 639}
640 640
641/* if S3I(s)->wbuf.left != 0, we need to call this */ 641/* if s->s3->wbuf.left != 0, we need to call this */
642int 642int
643ssl3_write_pending(SSL *s, int type, const unsigned char *buf, unsigned int len) 643ssl3_write_pending(SSL *s, int type, const unsigned char *buf, unsigned int len)
644{ 644{
645 int i; 645 int i;
646 SSL3_BUFFER_INTERNAL *wb = &(S3I(s)->wbuf); 646 SSL3_BUFFER_INTERNAL *wb = &(s->s3->wbuf);
647 647
648 /* XXXX */ 648 /* XXXX */
649 if ((S3I(s)->wpend_tot > (int)len) || ((S3I(s)->wpend_buf != buf) && 649 if ((s->s3->wpend_tot > (int)len) || ((s->s3->wpend_buf != buf) &&
650 !(s->internal->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) || 650 !(s->internal->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) ||
651 (S3I(s)->wpend_type != type)) { 651 (s->s3->wpend_type != type)) {
652 SSLerror(s, SSL_R_BAD_WRITE_RETRY); 652 SSLerror(s, SSL_R_BAD_WRITE_RETRY);
653 return (-1); 653 return (-1);
654 } 654 }
@@ -670,7 +670,7 @@ ssl3_write_pending(SSL *s, int type, const unsigned char *buf, unsigned int len)
670 !SSL_is_dtls(s)) 670 !SSL_is_dtls(s))
671 ssl3_release_write_buffer(s); 671 ssl3_release_write_buffer(s);
672 s->internal->rwstate = SSL_NOTHING; 672 s->internal->rwstate = SSL_NOTHING;
673 return (S3I(s)->wpend_ret); 673 return (s->s3->wpend_ret);
674 } else if (i <= 0) { 674 } else if (i <= 0) {
675 /* 675 /*
676 * For DTLS, just drop it. That's kind of the 676 * For DTLS, just drop it. That's kind of the
@@ -720,7 +720,7 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
720 unsigned int n; 720 unsigned int n;
721 SSL3_RECORD_INTERNAL *rr; 721 SSL3_RECORD_INTERNAL *rr;
722 722
723 if (S3I(s)->rbuf.buf == NULL) /* Not initialized yet */ 723 if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
724 if (!ssl3_setup_read_buffer(s)) 724 if (!ssl3_setup_read_buffer(s))
725 return (-1); 725 return (-1);
726 726
@@ -737,28 +737,28 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
737 } 737 }
738 738
739 if ((type == SSL3_RT_HANDSHAKE) && 739 if ((type == SSL3_RT_HANDSHAKE) &&
740 (S3I(s)->handshake_fragment_len > 0)) { 740 (s->s3->handshake_fragment_len > 0)) {
741 /* (partially) satisfy request from storage */ 741 /* (partially) satisfy request from storage */
742 unsigned char *src = S3I(s)->handshake_fragment; 742 unsigned char *src = s->s3->handshake_fragment;
743 unsigned char *dst = buf; 743 unsigned char *dst = buf;
744 unsigned int k; 744 unsigned int k;
745 745
746 /* peek == 0 */ 746 /* peek == 0 */
747 n = 0; 747 n = 0;
748 while ((len > 0) && (S3I(s)->handshake_fragment_len > 0)) { 748 while ((len > 0) && (s->s3->handshake_fragment_len > 0)) {
749 *dst++ = *src++; 749 *dst++ = *src++;
750 len--; 750 len--;
751 S3I(s)->handshake_fragment_len--; 751 s->s3->handshake_fragment_len--;
752 n++; 752 n++;
753 } 753 }
754 /* move any remaining fragment bytes: */ 754 /* move any remaining fragment bytes: */
755 for (k = 0; k < S3I(s)->handshake_fragment_len; k++) 755 for (k = 0; k < s->s3->handshake_fragment_len; k++)
756 S3I(s)->handshake_fragment[k] = *src++; 756 s->s3->handshake_fragment[k] = *src++;
757 return n; 757 return n;
758 } 758 }
759 759
760 /* 760 /*
761 * Now S3I(s)->handshake_fragment_len == 0 if 761 * Now s->s3->handshake_fragment_len == 0 if
762 * type == SSL3_RT_HANDSHAKE. 762 * type == SSL3_RT_HANDSHAKE.
763 */ 763 */
764 if (!s->internal->in_handshake && SSL_in_init(s)) { 764 if (!s->internal->in_handshake && SSL_in_init(s)) {
@@ -789,12 +789,12 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
789 s->internal->rwstate = SSL_NOTHING; 789 s->internal->rwstate = SSL_NOTHING;
790 790
791 /* 791 /*
792 * S3I(s)->rrec.type - is the type of record 792 * s->s3->rrec.type - is the type of record
793 * S3I(s)->rrec.data, - data 793 * s->s3->rrec.data, - data
794 * S3I(s)->rrec.off, - offset into 'data' for next read 794 * s->s3->rrec.off, - offset into 'data' for next read
795 * S3I(s)->rrec.length, - number of bytes. 795 * s->s3->rrec.length, - number of bytes.
796 */ 796 */
797 rr = &(S3I(s)->rrec); 797 rr = &(s->s3->rrec);
798 798
799 /* get new packet if necessary */ 799 /* get new packet if necessary */
800 if ((rr->length == 0) || (s->internal->rstate == SSL_ST_READ_BODY)) { 800 if ((rr->length == 0) || (s->internal->rstate == SSL_ST_READ_BODY)) {
@@ -805,7 +805,7 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
805 805
806 /* we now have a packet which can be read and processed */ 806 /* we now have a packet which can be read and processed */
807 807
808 if (S3I(s)->change_cipher_spec /* set when we receive ChangeCipherSpec, 808 if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
809 * reset by ssl3_get_finished */ 809 * reset by ssl3_get_finished */
810 && (rr->type != SSL3_RT_HANDSHAKE)) { 810 && (rr->type != SSL3_RT_HANDSHAKE)) {
811 al = SSL_AD_UNEXPECTED_MESSAGE; 811 al = SSL_AD_UNEXPECTED_MESSAGE;
@@ -850,7 +850,7 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
850 s->internal->rstate = SSL_ST_READ_HEADER; 850 s->internal->rstate = SSL_ST_READ_HEADER;
851 rr->off = 0; 851 rr->off = 0;
852 if (s->internal->mode & SSL_MODE_RELEASE_BUFFERS && 852 if (s->internal->mode & SSL_MODE_RELEASE_BUFFERS &&
853 S3I(s)->rbuf.left == 0) 853 s->s3->rbuf.left == 0)
854 ssl3_release_read_buffer(s); 854 ssl3_release_read_buffer(s);
855 } 855 }
856 } 856 }
@@ -872,13 +872,13 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
872 unsigned int *dest_len = NULL; 872 unsigned int *dest_len = NULL;
873 873
874 if (rr->type == SSL3_RT_HANDSHAKE) { 874 if (rr->type == SSL3_RT_HANDSHAKE) {
875 dest_maxlen = sizeof S3I(s)->handshake_fragment; 875 dest_maxlen = sizeof s->s3->handshake_fragment;
876 dest = S3I(s)->handshake_fragment; 876 dest = s->s3->handshake_fragment;
877 dest_len = &S3I(s)->handshake_fragment_len; 877 dest_len = &s->s3->handshake_fragment_len;
878 } else if (rr->type == SSL3_RT_ALERT) { 878 } else if (rr->type == SSL3_RT_ALERT) {
879 dest_maxlen = sizeof S3I(s)->alert_fragment; 879 dest_maxlen = sizeof s->s3->alert_fragment;
880 dest = S3I(s)->alert_fragment; 880 dest = s->s3->alert_fragment;
881 dest_len = &S3I(s)->alert_fragment_len; 881 dest_len = &s->s3->alert_fragment_len;
882 } 882 }
883 if (dest_maxlen > 0) { 883 if (dest_maxlen > 0) {
884 /* available space in 'dest' */ 884 /* available space in 'dest' */
@@ -897,30 +897,30 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
897 } 897 }
898 } 898 }
899 899
900 /* S3I(s)->handshake_fragment_len == 4 iff rr->type == SSL3_RT_HANDSHAKE; 900 /* s->s3->handshake_fragment_len == 4 iff rr->type == SSL3_RT_HANDSHAKE;
901 * S3I(s)->alert_fragment_len == 2 iff rr->type == SSL3_RT_ALERT. 901 * s->s3->alert_fragment_len == 2 iff rr->type == SSL3_RT_ALERT.
902 * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */ 902 * (Possibly rr is 'empty' now, i.e. rr->length may be 0.) */
903 903
904 /* If we are a client, check for an incoming 'Hello Request': */ 904 /* If we are a client, check for an incoming 'Hello Request': */
905 if ((!s->server) && (S3I(s)->handshake_fragment_len >= 4) && 905 if ((!s->server) && (s->s3->handshake_fragment_len >= 4) &&
906 (S3I(s)->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) && 906 (s->s3->handshake_fragment[0] == SSL3_MT_HELLO_REQUEST) &&
907 (s->session != NULL) && (s->session->cipher != NULL)) { 907 (s->session != NULL) && (s->session->cipher != NULL)) {
908 S3I(s)->handshake_fragment_len = 0; 908 s->s3->handshake_fragment_len = 0;
909 909
910 if ((S3I(s)->handshake_fragment[1] != 0) || 910 if ((s->s3->handshake_fragment[1] != 0) ||
911 (S3I(s)->handshake_fragment[2] != 0) || 911 (s->s3->handshake_fragment[2] != 0) ||
912 (S3I(s)->handshake_fragment[3] != 0)) { 912 (s->s3->handshake_fragment[3] != 0)) {
913 al = SSL_AD_DECODE_ERROR; 913 al = SSL_AD_DECODE_ERROR;
914 SSLerror(s, SSL_R_BAD_HELLO_REQUEST); 914 SSLerror(s, SSL_R_BAD_HELLO_REQUEST);
915 goto fatal_err; 915 goto fatal_err;
916 } 916 }
917 917
918 ssl_msg_callback(s, 0, SSL3_RT_HANDSHAKE, 918 ssl_msg_callback(s, 0, SSL3_RT_HANDSHAKE,
919 S3I(s)->handshake_fragment, 4); 919 s->s3->handshake_fragment, 4);
920 920
921 if (SSL_is_init_finished(s) && 921 if (SSL_is_init_finished(s) &&
922 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && 922 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) &&
923 !S3I(s)->renegotiate) { 923 !s->s3->renegotiate) {
924 ssl3_renegotiate(s); 924 ssl3_renegotiate(s);
925 if (ssl3_renegotiate_check(s)) { 925 if (ssl3_renegotiate_check(s)) {
926 i = s->internal->handshake_func(s); 926 i = s->internal->handshake_func(s);
@@ -932,7 +932,7 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
932 } 932 }
933 933
934 if (!(s->internal->mode & SSL_MODE_AUTO_RETRY)) { 934 if (!(s->internal->mode & SSL_MODE_AUTO_RETRY)) {
935 if (S3I(s)->rbuf.left == 0) { 935 if (s->s3->rbuf.left == 0) {
936 ssl_force_want_read(s); 936 ssl_force_want_read(s);
937 return (-1); 937 return (-1);
938 } 938 }
@@ -945,8 +945,8 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
945 } 945 }
946 /* Disallow client initiated renegotiation if configured. */ 946 /* Disallow client initiated renegotiation if configured. */
947 if (s->server && SSL_is_init_finished(s) && 947 if (s->server && SSL_is_init_finished(s) &&
948 S3I(s)->handshake_fragment_len >= 4 && 948 s->s3->handshake_fragment_len >= 4 &&
949 S3I(s)->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO && 949 s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO &&
950 (s->internal->options & SSL_OP_NO_CLIENT_RENEGOTIATION)) { 950 (s->internal->options & SSL_OP_NO_CLIENT_RENEGOTIATION)) {
951 al = SSL_AD_NO_RENEGOTIATION; 951 al = SSL_AD_NO_RENEGOTIATION;
952 goto fatal_err; 952 goto fatal_err;
@@ -957,29 +957,29 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
957 */ 957 */
958 if (s->server && 958 if (s->server &&
959 SSL_is_init_finished(s) && 959 SSL_is_init_finished(s) &&
960 !S3I(s)->send_connection_binding && 960 !s->s3->send_connection_binding &&
961 (S3I(s)->handshake_fragment_len >= 4) && 961 (s->s3->handshake_fragment_len >= 4) &&
962 (S3I(s)->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) && 962 (s->s3->handshake_fragment[0] == SSL3_MT_CLIENT_HELLO) &&
963 (s->session != NULL) && (s->session->cipher != NULL)) { 963 (s->session != NULL) && (s->session->cipher != NULL)) {
964 /*S3I(s)->handshake_fragment_len = 0;*/ 964 /*s->s3->handshake_fragment_len = 0;*/
965 rr->length = 0; 965 rr->length = 0;
966 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION); 966 ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_NO_RENEGOTIATION);
967 goto start; 967 goto start;
968 } 968 }
969 if (S3I(s)->alert_fragment_len >= 2) { 969 if (s->s3->alert_fragment_len >= 2) {
970 int alert_level = S3I(s)->alert_fragment[0]; 970 int alert_level = s->s3->alert_fragment[0];
971 int alert_descr = S3I(s)->alert_fragment[1]; 971 int alert_descr = s->s3->alert_fragment[1];
972 972
973 S3I(s)->alert_fragment_len = 0; 973 s->s3->alert_fragment_len = 0;
974 974
975 ssl_msg_callback(s, 0, SSL3_RT_ALERT, 975 ssl_msg_callback(s, 0, SSL3_RT_ALERT,
976 S3I(s)->alert_fragment, 2); 976 s->s3->alert_fragment, 2);
977 977
978 ssl_info_callback(s, SSL_CB_READ_ALERT, 978 ssl_info_callback(s, SSL_CB_READ_ALERT,
979 (alert_level << 8) | alert_descr); 979 (alert_level << 8) | alert_descr);
980 980
981 if (alert_level == SSL3_AL_WARNING) { 981 if (alert_level == SSL3_AL_WARNING) {
982 S3I(s)->warn_alert = alert_descr; 982 s->s3->warn_alert = alert_descr;
983 if (alert_descr == SSL_AD_CLOSE_NOTIFY) { 983 if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
984 s->internal->shutdown |= SSL_RECEIVED_SHUTDOWN; 984 s->internal->shutdown |= SSL_RECEIVED_SHUTDOWN;
985 return (0); 985 return (0);
@@ -1000,7 +1000,7 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
1000 } 1000 }
1001 } else if (alert_level == SSL3_AL_FATAL) { 1001 } else if (alert_level == SSL3_AL_FATAL) {
1002 s->internal->rwstate = SSL_NOTHING; 1002 s->internal->rwstate = SSL_NOTHING;
1003 S3I(s)->fatal_alert = alert_descr; 1003 s->s3->fatal_alert = alert_descr;
1004 SSLerror(s, SSL_AD_REASON_OFFSET + alert_descr); 1004 SSLerror(s, SSL_AD_REASON_OFFSET + alert_descr);
1005 ERR_asprintf_error_data("SSL alert number %d", 1005 ERR_asprintf_error_data("SSL alert number %d",
1006 alert_descr); 1006 alert_descr);
@@ -1034,7 +1034,7 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
1034 } 1034 }
1035 1035
1036 /* Check we have a cipher to change to */ 1036 /* Check we have a cipher to change to */
1037 if (S3I(s)->hs.cipher == NULL) { 1037 if (s->s3->hs.cipher == NULL) {
1038 al = SSL_AD_UNEXPECTED_MESSAGE; 1038 al = SSL_AD_UNEXPECTED_MESSAGE;
1039 SSLerror(s, SSL_R_CCS_RECEIVED_EARLY); 1039 SSLerror(s, SSL_R_CCS_RECEIVED_EARLY);
1040 goto fatal_err; 1040 goto fatal_err;
@@ -1052,7 +1052,7 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
1052 1052
1053 ssl_msg_callback(s, 0, SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1); 1053 ssl_msg_callback(s, 0, SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1);
1054 1054
1055 S3I(s)->change_cipher_spec = 1; 1055 s->s3->change_cipher_spec = 1;
1056 if (!ssl3_do_change_cipher_spec(s)) 1056 if (!ssl3_do_change_cipher_spec(s))
1057 goto err; 1057 goto err;
1058 else 1058 else
@@ -1060,10 +1060,10 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
1060 } 1060 }
1061 1061
1062 /* Unexpected handshake message (Client Hello, or protocol violation) */ 1062 /* Unexpected handshake message (Client Hello, or protocol violation) */
1063 if ((S3I(s)->handshake_fragment_len >= 4) && !s->internal->in_handshake) { 1063 if ((s->s3->handshake_fragment_len >= 4) && !s->internal->in_handshake) {
1064 if (((S3I(s)->hs.state&SSL_ST_MASK) == SSL_ST_OK) && 1064 if (((s->s3->hs.state&SSL_ST_MASK) == SSL_ST_OK) &&
1065 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) { 1065 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
1066 S3I(s)->hs.state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT; 1066 s->s3->hs.state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
1067 s->internal->renegotiate = 1; 1067 s->internal->renegotiate = 1;
1068 s->internal->new_session = 1; 1068 s->internal->new_session = 1;
1069 } 1069 }
@@ -1076,7 +1076,7 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
1076 } 1076 }
1077 1077
1078 if (!(s->internal->mode & SSL_MODE_AUTO_RETRY)) { 1078 if (!(s->internal->mode & SSL_MODE_AUTO_RETRY)) {
1079 if (S3I(s)->rbuf.left == 0) { 1079 if (s->s3->rbuf.left == 0) {
1080 ssl_force_want_read(s); 1080 ssl_force_want_read(s);
1081 return (-1); 1081 return (-1);
1082 } 1082 }
@@ -1115,15 +1115,15 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
1115 * at this point (session renegotiation not yet started), 1115 * at this point (session renegotiation not yet started),
1116 * we will indulge it. 1116 * we will indulge it.
1117 */ 1117 */
1118 if (S3I(s)->in_read_app_data && 1118 if (s->s3->in_read_app_data &&
1119 (S3I(s)->total_renegotiations != 0) && 1119 (s->s3->total_renegotiations != 0) &&
1120 (((S3I(s)->hs.state & SSL_ST_CONNECT) && 1120 (((s->s3->hs.state & SSL_ST_CONNECT) &&
1121 (S3I(s)->hs.state >= SSL3_ST_CW_CLNT_HELLO_A) && 1121 (s->s3->hs.state >= SSL3_ST_CW_CLNT_HELLO_A) &&
1122 (S3I(s)->hs.state <= SSL3_ST_CR_SRVR_HELLO_A)) || 1122 (s->s3->hs.state <= SSL3_ST_CR_SRVR_HELLO_A)) ||
1123 ((S3I(s)->hs.state & SSL_ST_ACCEPT) && 1123 ((s->s3->hs.state & SSL_ST_ACCEPT) &&
1124 (S3I(s)->hs.state <= SSL3_ST_SW_HELLO_REQ_A) && 1124 (s->s3->hs.state <= SSL3_ST_SW_HELLO_REQ_A) &&
1125 (S3I(s)->hs.state >= SSL3_ST_SR_CLNT_HELLO_A)))) { 1125 (s->s3->hs.state >= SSL3_ST_SR_CLNT_HELLO_A)))) {
1126 S3I(s)->in_read_app_data = 2; 1126 s->s3->in_read_app_data = 2;
1127 return (-1); 1127 return (-1);
1128 } else { 1128 } else {
1129 al = SSL_AD_UNEXPECTED_MESSAGE; 1129 al = SSL_AD_UNEXPECTED_MESSAGE;
@@ -1142,14 +1142,14 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
1142int 1142int
1143ssl3_do_change_cipher_spec(SSL *s) 1143ssl3_do_change_cipher_spec(SSL *s)
1144{ 1144{
1145 if (S3I(s)->hs.tls12.key_block == NULL) { 1145 if (s->s3->hs.tls12.key_block == NULL) {
1146 if (s->session == NULL || s->session->master_key_length == 0) { 1146 if (s->session == NULL || s->session->master_key_length == 0) {
1147 /* might happen if dtls1_read_bytes() calls this */ 1147 /* might happen if dtls1_read_bytes() calls this */
1148 SSLerror(s, SSL_R_CCS_RECEIVED_EARLY); 1148 SSLerror(s, SSL_R_CCS_RECEIVED_EARLY);
1149 return (0); 1149 return (0);
1150 } 1150 }
1151 1151
1152 s->session->cipher = S3I(s)->hs.cipher; 1152 s->session->cipher = s->s3->hs.cipher;
1153 if (!tls1_setup_key_block(s)) 1153 if (!tls1_setup_key_block(s))
1154 return (0); 1154 return (0);
1155 } 1155 }
@@ -1171,11 +1171,11 @@ static int
1171ssl3_write_alert(SSL *s) 1171ssl3_write_alert(SSL *s)
1172{ 1172{
1173 if (SSL_is_dtls(s)) 1173 if (SSL_is_dtls(s))
1174 return do_dtls1_write(s, SSL3_RT_ALERT, S3I(s)->send_alert, 1174 return do_dtls1_write(s, SSL3_RT_ALERT, s->s3->send_alert,
1175 sizeof(S3I(s)->send_alert)); 1175 sizeof(s->s3->send_alert));
1176 1176
1177 return do_ssl3_write(s, SSL3_RT_ALERT, S3I(s)->send_alert, 1177 return do_ssl3_write(s, SSL3_RT_ALERT, s->s3->send_alert,
1178 sizeof(S3I(s)->send_alert)); 1178 sizeof(s->s3->send_alert));
1179} 1179}
1180 1180
1181int 1181int
@@ -1185,15 +1185,15 @@ ssl3_send_alert(SSL *s, int level, int desc)
1185 if (level == SSL3_AL_FATAL) 1185 if (level == SSL3_AL_FATAL)
1186 SSL_CTX_remove_session(s->ctx, s->session); 1186 SSL_CTX_remove_session(s->ctx, s->session);
1187 1187
1188 S3I(s)->alert_dispatch = 1; 1188 s->s3->alert_dispatch = 1;
1189 S3I(s)->send_alert[0] = level; 1189 s->s3->send_alert[0] = level;
1190 S3I(s)->send_alert[1] = desc; 1190 s->s3->send_alert[1] = desc;
1191 1191
1192 /* 1192 /*
1193 * If data is still being written out, the alert will be dispatched at 1193 * If data is still being written out, the alert will be dispatched at
1194 * some point in the future. 1194 * some point in the future.
1195 */ 1195 */
1196 if (S3I(s)->wbuf.left != 0) 1196 if (s->s3->wbuf.left != 0)
1197 return -1; 1197 return -1;
1198 1198
1199 return ssl3_dispatch_alert(s); 1199 return ssl3_dispatch_alert(s);
@@ -1204,9 +1204,9 @@ ssl3_dispatch_alert(SSL *s)
1204{ 1204{
1205 int ret; 1205 int ret;
1206 1206
1207 S3I(s)->alert_dispatch = 0; 1207 s->s3->alert_dispatch = 0;
1208 if ((ret = ssl3_write_alert(s)) <= 0) { 1208 if ((ret = ssl3_write_alert(s)) <= 0) {
1209 S3I(s)->alert_dispatch = 1; 1209 s->s3->alert_dispatch = 1;
1210 return ret; 1210 return ret;
1211 } 1211 }
1212 1212
@@ -1215,13 +1215,13 @@ ssl3_dispatch_alert(SSL *s)
1215 * If the message does not get sent due to non-blocking IO, 1215 * If the message does not get sent due to non-blocking IO,
1216 * we will not worry too much. 1216 * we will not worry too much.
1217 */ 1217 */
1218 if (S3I(s)->send_alert[0] == SSL3_AL_FATAL) 1218 if (s->s3->send_alert[0] == SSL3_AL_FATAL)
1219 (void)BIO_flush(s->wbio); 1219 (void)BIO_flush(s->wbio);
1220 1220
1221 ssl_msg_callback(s, 1, SSL3_RT_ALERT, S3I(s)->send_alert, 2); 1221 ssl_msg_callback(s, 1, SSL3_RT_ALERT, s->s3->send_alert, 2);
1222 1222
1223 ssl_info_callback(s, SSL_CB_WRITE_ALERT, 1223 ssl_info_callback(s, SSL_CB_WRITE_ALERT,
1224 (S3I(s)->send_alert[0] << 8) | S3I(s)->send_alert[1]); 1224 (s->s3->send_alert[0] << 8) | s->s3->send_alert[1]);
1225 1225
1226 return ret; 1226 return ret;
1227} 1227}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 10:06:09 +0000