summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/d1_both.c8
-rw-r--r--src/lib/libssl/d1_clnt.c72
-rw-r--r--src/lib/libssl/d1_pkt.c20
-rw-r--r--src/lib/libssl/d1_srvr.c92
-rw-r--r--src/lib/libssl/s3_lib.c6
-rw-r--r--src/lib/libssl/ssl.h14
-rw-r--r--src/lib/libssl/ssl_both.c16
-rw-r--r--src/lib/libssl/ssl_clnt.c106
-rw-r--r--src/lib/libssl/ssl_err.c11
-rw-r--r--src/lib/libssl/ssl_lib.c16
-rw-r--r--src/lib/libssl/ssl_locl.h10
-rw-r--r--src/lib/libssl/ssl_pkt.c24
-rw-r--r--src/lib/libssl/ssl_srvr.c118
-rw-r--r--src/lib/libssl/ssl_stat.c6
-rw-r--r--src/lib/libssl/t1_lib.c4
15 files changed, 267 insertions, 256 deletions
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index 0b8999b782..6b86cfc03e 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_both.c,v 1.50 2017/03/04 16:32:00 jsing Exp $ */ 1/* $OpenBSD: d1_both.c,v 1.51 2017/05/07 04:22:24 beck Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -850,7 +850,7 @@ again:
850 goto f_err; 850 goto f_err;
851 851
852 /* XDTLS: ressurect this when restart is in place */ 852 /* XDTLS: ressurect this when restart is in place */
853 s->internal->state = stn; 853 S3I(s)->hs.state = stn;
854 854
855 if (frag_len > 0) { 855 if (frag_len > 0) {
856 unsigned char *p = (unsigned char *)s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH; 856 unsigned char *p = (unsigned char *)s->internal->init_buf->data + DTLS1_HM_HEADER_LENGTH;
@@ -908,7 +908,7 @@ dtls1_send_change_cipher_spec(SSL *s, int a, int b)
908{ 908{
909 unsigned char *p; 909 unsigned char *p;
910 910
911 if (s->internal->state == a) { 911 if (S3I(s)->hs.state == a) {
912 p = (unsigned char *)s->internal->init_buf->data; 912 p = (unsigned char *)s->internal->init_buf->data;
913 *p++=SSL3_MT_CCS; 913 *p++=SSL3_MT_CCS;
914 D1I(s)->handshake_write_seq = D1I(s)->next_handshake_write_seq; 914 D1I(s)->handshake_write_seq = D1I(s)->next_handshake_write_seq;
@@ -922,7 +922,7 @@ dtls1_send_change_cipher_spec(SSL *s, int a, int b)
922 /* buffer the message to handle re-xmits */ 922 /* buffer the message to handle re-xmits */
923 dtls1_buffer_message(s, 1); 923 dtls1_buffer_message(s, 1);
924 924
925 s->internal->state = b; 925 S3I(s)->hs.state = b;
926 } 926 }
927 927
928 /* SSL3_ST_CW_CHANGE_B */ 928 /* SSL3_ST_CW_CHANGE_B */
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index 802aa5cde0..3eebf98417 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_clnt.c,v 1.75 2017/05/06 22:24:57 beck Exp $ */ 1/* $OpenBSD: d1_clnt.c,v 1.76 2017/05/07 04:22:24 beck Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -198,12 +198,12 @@ dtls1_connect(SSL *s)
198 198
199 199
200 for (;;) { 200 for (;;) {
201 state = s->internal->state; 201 state = S3I(s)->hs.state;
202 202
203 switch (s->internal->state) { 203 switch (S3I(s)->hs.state) {
204 case SSL_ST_RENEGOTIATE: 204 case SSL_ST_RENEGOTIATE:
205 s->internal->renegotiate = 1; 205 s->internal->renegotiate = 1;
206 s->internal->state = SSL_ST_CONNECT; 206 S3I(s)->hs.state = SSL_ST_CONNECT;
207 s->ctx->internal->stats.sess_connect_renegotiate++; 207 s->ctx->internal->stats.sess_connect_renegotiate++;
208 /* break */ 208 /* break */
209 case SSL_ST_BEFORE: 209 case SSL_ST_BEFORE:
@@ -239,7 +239,7 @@ dtls1_connect(SSL *s)
239 239
240 /* don't push the buffering BIO quite yet */ 240 /* don't push the buffering BIO quite yet */
241 241
242 s->internal->state = SSL3_ST_CW_CLNT_HELLO_A; 242 S3I(s)->hs.state = SSL3_ST_CW_CLNT_HELLO_A;
243 s->ctx->internal->stats.sess_connect++; 243 s->ctx->internal->stats.sess_connect++;
244 s->internal->init_num = 0; 244 s->internal->init_num = 0;
245 /* mark client_random uninitialized */ 245 /* mark client_random uninitialized */
@@ -267,10 +267,10 @@ dtls1_connect(SSL *s)
267 goto end; 267 goto end;
268 268
269 if (D1I(s)->send_cookie) { 269 if (D1I(s)->send_cookie) {
270 s->internal->state = SSL3_ST_CW_FLUSH; 270 S3I(s)->hs.state = SSL3_ST_CW_FLUSH;
271 S3I(s)->hs.next_state = SSL3_ST_CR_SRVR_HELLO_A; 271 S3I(s)->hs.next_state = SSL3_ST_CR_SRVR_HELLO_A;
272 } else 272 } else
273 s->internal->state = SSL3_ST_CR_SRVR_HELLO_A; 273 S3I(s)->hs.state = SSL3_ST_CR_SRVR_HELLO_A;
274 274
275 s->internal->init_num = 0; 275 s->internal->init_num = 0;
276 276
@@ -288,9 +288,9 @@ dtls1_connect(SSL *s)
288 else { 288 else {
289 if (s->internal->hit) { 289 if (s->internal->hit) {
290 290
291 s->internal->state = SSL3_ST_CR_FINISHED_A; 291 S3I(s)->hs.state = SSL3_ST_CR_FINISHED_A;
292 } else 292 } else
293 s->internal->state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A; 293 S3I(s)->hs.state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A;
294 } 294 }
295 s->internal->init_num = 0; 295 s->internal->init_num = 0;
296 break; 296 break;
@@ -303,9 +303,9 @@ dtls1_connect(SSL *s)
303 goto end; 303 goto end;
304 dtls1_stop_timer(s); 304 dtls1_stop_timer(s);
305 if ( D1I(s)->send_cookie) /* start again, with a cookie */ 305 if ( D1I(s)->send_cookie) /* start again, with a cookie */
306 s->internal->state = SSL3_ST_CW_CLNT_HELLO_A; 306 S3I(s)->hs.state = SSL3_ST_CW_CLNT_HELLO_A;
307 else 307 else
308 s->internal->state = SSL3_ST_CR_CERT_A; 308 S3I(s)->hs.state = SSL3_ST_CR_CERT_A;
309 s->internal->init_num = 0; 309 s->internal->init_num = 0;
310 break; 310 break;
311 311
@@ -317,9 +317,9 @@ dtls1_connect(SSL *s)
317 if (ret == 2) { 317 if (ret == 2) {
318 s->internal->hit = 1; 318 s->internal->hit = 1;
319 if (s->internal->tlsext_ticket_expected) 319 if (s->internal->tlsext_ticket_expected)
320 s->internal->state = SSL3_ST_CR_SESSION_TICKET_A; 320 S3I(s)->hs.state = SSL3_ST_CR_SESSION_TICKET_A;
321 else 321 else
322 s->internal->state = SSL3_ST_CR_FINISHED_A; 322 S3I(s)->hs.state = SSL3_ST_CR_FINISHED_A;
323 s->internal->init_num = 0; 323 s->internal->init_num = 0;
324 break; 324 break;
325 } 325 }
@@ -330,12 +330,12 @@ dtls1_connect(SSL *s)
330 if (ret <= 0) 330 if (ret <= 0)
331 goto end; 331 goto end;
332 if (s->internal->tlsext_status_expected) 332 if (s->internal->tlsext_status_expected)
333 s->internal->state = SSL3_ST_CR_CERT_STATUS_A; 333 S3I(s)->hs.state = SSL3_ST_CR_CERT_STATUS_A;
334 else 334 else
335 s->internal->state = SSL3_ST_CR_KEY_EXCH_A; 335 S3I(s)->hs.state = SSL3_ST_CR_KEY_EXCH_A;
336 } else { 336 } else {
337 skip = 1; 337 skip = 1;
338 s->internal->state = SSL3_ST_CR_KEY_EXCH_A; 338 S3I(s)->hs.state = SSL3_ST_CR_KEY_EXCH_A;
339 } 339 }
340 s->internal->init_num = 0; 340 s->internal->init_num = 0;
341 break; 341 break;
@@ -345,7 +345,7 @@ dtls1_connect(SSL *s)
345 ret = ssl3_get_server_key_exchange(s); 345 ret = ssl3_get_server_key_exchange(s);
346 if (ret <= 0) 346 if (ret <= 0)
347 goto end; 347 goto end;
348 s->internal->state = SSL3_ST_CR_CERT_REQ_A; 348 S3I(s)->hs.state = SSL3_ST_CR_CERT_REQ_A;
349 s->internal->init_num = 0; 349 s->internal->init_num = 0;
350 350
351 /* at this point we check that we have the 351 /* at this point we check that we have the
@@ -361,7 +361,7 @@ dtls1_connect(SSL *s)
361 ret = ssl3_get_certificate_request(s); 361 ret = ssl3_get_certificate_request(s);
362 if (ret <= 0) 362 if (ret <= 0)
363 goto end; 363 goto end;
364 s->internal->state = SSL3_ST_CR_SRVR_DONE_A; 364 S3I(s)->hs.state = SSL3_ST_CR_SRVR_DONE_A;
365 s->internal->init_num = 0; 365 s->internal->init_num = 0;
366 break; 366 break;
367 367
@@ -376,7 +376,7 @@ dtls1_connect(SSL *s)
376 else 376 else
377 S3I(s)->hs.next_state = SSL3_ST_CW_KEY_EXCH_A; 377 S3I(s)->hs.next_state = SSL3_ST_CW_KEY_EXCH_A;
378 s->internal->init_num = 0; 378 s->internal->init_num = 0;
379 s->internal->state = S3I(s)->hs.next_state; 379 S3I(s)->hs.state = S3I(s)->hs.next_state;
380 break; 380 break;
381 381
382 case SSL3_ST_CW_CERT_A: 382 case SSL3_ST_CW_CERT_A:
@@ -387,7 +387,7 @@ dtls1_connect(SSL *s)
387 ret = ssl3_send_client_certificate(s); 387 ret = ssl3_send_client_certificate(s);
388 if (ret <= 0) 388 if (ret <= 0)
389 goto end; 389 goto end;
390 s->internal->state = SSL3_ST_CW_KEY_EXCH_A; 390 S3I(s)->hs.state = SSL3_ST_CW_KEY_EXCH_A;
391 s->internal->init_num = 0; 391 s->internal->init_num = 0;
392 break; 392 break;
393 393
@@ -403,9 +403,9 @@ dtls1_connect(SSL *s)
403 /* For TLS, cert_req is set to 2, so a cert chain 403 /* For TLS, cert_req is set to 2, so a cert chain
404 * of nothing is sent, but no verify packet is sent */ 404 * of nothing is sent, but no verify packet is sent */
405 if (S3I(s)->tmp.cert_req == 1) { 405 if (S3I(s)->tmp.cert_req == 1) {
406 s->internal->state = SSL3_ST_CW_CERT_VRFY_A; 406 S3I(s)->hs.state = SSL3_ST_CW_CERT_VRFY_A;
407 } else { 407 } else {
408 s->internal->state = SSL3_ST_CW_CHANGE_A; 408 S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
409 S3I(s)->change_cipher_spec = 0; 409 S3I(s)->change_cipher_spec = 0;
410 } 410 }
411 411
@@ -418,7 +418,7 @@ dtls1_connect(SSL *s)
418 ret = ssl3_send_client_verify(s); 418 ret = ssl3_send_client_verify(s);
419 if (ret <= 0) 419 if (ret <= 0)
420 goto end; 420 goto end;
421 s->internal->state = SSL3_ST_CW_CHANGE_A; 421 S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
422 s->internal->init_num = 0; 422 s->internal->init_num = 0;
423 S3I(s)->change_cipher_spec = 0; 423 S3I(s)->change_cipher_spec = 0;
424 break; 424 break;
@@ -432,7 +432,7 @@ dtls1_connect(SSL *s)
432 if (ret <= 0) 432 if (ret <= 0)
433 goto end; 433 goto end;
434 434
435 s->internal->state = SSL3_ST_CW_FINISHED_A; 435 S3I(s)->hs.state = SSL3_ST_CW_FINISHED_A;
436 s->internal->init_num = 0; 436 s->internal->init_num = 0;
437 437
438 s->session->cipher = S3I(s)->hs.new_cipher; 438 s->session->cipher = S3I(s)->hs.new_cipher;
@@ -461,14 +461,14 @@ dtls1_connect(SSL *s)
461 TLS_MD_CLIENT_FINISH_CONST_SIZE); 461 TLS_MD_CLIENT_FINISH_CONST_SIZE);
462 if (ret <= 0) 462 if (ret <= 0)
463 goto end; 463 goto end;
464 s->internal->state = SSL3_ST_CW_FLUSH; 464 S3I(s)->hs.state = SSL3_ST_CW_FLUSH;
465 465
466 /* clear flags */ 466 /* clear flags */
467 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER; 467 s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
468 if (s->internal->hit) { 468 if (s->internal->hit) {
469 S3I(s)->hs.next_state = SSL_ST_OK; 469 S3I(s)->hs.next_state = SSL_ST_OK;
470 if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) { 470 if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
471 s->internal->state = SSL_ST_OK; 471 S3I(s)->hs.state = SSL_ST_OK;
472 s->s3->flags |= SSL3_FLAGS_POP_BUFFER; 472 s->s3->flags |= SSL3_FLAGS_POP_BUFFER;
473 S3I(s)->delay_buf_pop_ret = 0; 473 S3I(s)->delay_buf_pop_ret = 0;
474 } 474 }
@@ -490,7 +490,7 @@ dtls1_connect(SSL *s)
490 ret = ssl3_get_new_session_ticket(s); 490 ret = ssl3_get_new_session_ticket(s);
491 if (ret <= 0) 491 if (ret <= 0)
492 goto end; 492 goto end;
493 s->internal->state = SSL3_ST_CR_FINISHED_A; 493 S3I(s)->hs.state = SSL3_ST_CR_FINISHED_A;
494 s->internal->init_num = 0; 494 s->internal->init_num = 0;
495 break; 495 break;
496 496
@@ -499,7 +499,7 @@ dtls1_connect(SSL *s)
499 ret = ssl3_get_cert_status(s); 499 ret = ssl3_get_cert_status(s);
500 if (ret <= 0) 500 if (ret <= 0)
501 goto end; 501 goto end;
502 s->internal->state = SSL3_ST_CR_KEY_EXCH_A; 502 S3I(s)->hs.state = SSL3_ST_CR_KEY_EXCH_A;
503 s->internal->init_num = 0; 503 s->internal->init_num = 0;
504 break; 504 break;
505 505
@@ -513,9 +513,9 @@ dtls1_connect(SSL *s)
513 dtls1_stop_timer(s); 513 dtls1_stop_timer(s);
514 514
515 if (s->internal->hit) 515 if (s->internal->hit)
516 s->internal->state = SSL3_ST_CW_CHANGE_A; 516 S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
517 else 517 else
518 s->internal->state = SSL_ST_OK; 518 S3I(s)->hs.state = SSL_ST_OK;
519 519
520 520
521 s->internal->init_num = 0; 521 s->internal->init_num = 0;
@@ -527,14 +527,14 @@ dtls1_connect(SSL *s)
527 /* If the write error was fatal, stop trying */ 527 /* If the write error was fatal, stop trying */
528 if (!BIO_should_retry(s->wbio)) { 528 if (!BIO_should_retry(s->wbio)) {
529 s->internal->rwstate = SSL_NOTHING; 529 s->internal->rwstate = SSL_NOTHING;
530 s->internal->state = S3I(s)->hs.next_state; 530 S3I(s)->hs.state = S3I(s)->hs.next_state;
531 } 531 }
532 532
533 ret = -1; 533 ret = -1;
534 goto end; 534 goto end;
535 } 535 }
536 s->internal->rwstate = SSL_NOTHING; 536 s->internal->rwstate = SSL_NOTHING;
537 s->internal->state = S3I(s)->hs.next_state; 537 S3I(s)->hs.state = S3I(s)->hs.next_state;
538 break; 538 break;
539 539
540 case SSL_ST_OK: 540 case SSL_ST_OK:
@@ -583,11 +583,11 @@ dtls1_connect(SSL *s)
583 goto end; 583 goto end;
584 } 584 }
585 585
586 if ((cb != NULL) && (s->internal->state != state)) { 586 if ((cb != NULL) && (S3I(s)->hs.state != state)) {
587 new_state = s->internal->state; 587 new_state = S3I(s)->hs.state;
588 s->internal->state = state; 588 S3I(s)->hs.state = state;
589 cb(s, SSL_CB_CONNECT_LOOP, 1); 589 cb(s, SSL_CB_CONNECT_LOOP, 1);
590 s->internal->state = new_state; 590 S3I(s)->hs.state = new_state;
591 } 591 }
592 } 592 }
593 skip = 0; 593 skip = 0;
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 5fdd176800..9f670fadfd 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_pkt.c,v 1.62 2017/02/07 02:08:38 beck Exp $ */ 1/* $OpenBSD: d1_pkt.c,v 1.63 2017/05/07 04:22:24 beck Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -685,7 +685,7 @@ start:
685 * so process data buffered during the last handshake 685 * so process data buffered during the last handshake
686 * in advance, if any. 686 * in advance, if any.
687 */ 687 */
688 if (s->internal->state == SSL_ST_OK && rr->length == 0) { 688 if (S3I(s)->hs.state == SSL_ST_OK && rr->length == 0) {
689 pitem *item; 689 pitem *item;
690 item = pqueue_pop(D1I(s)->buffered_app_data.q); 690 item = pqueue_pop(D1I(s)->buffered_app_data.q);
691 if (item) { 691 if (item) {
@@ -1028,9 +1028,9 @@ start:
1028 goto start; 1028 goto start;
1029 } 1029 }
1030 1030
1031 if (((s->internal->state&SSL_ST_MASK) == SSL_ST_OK) && 1031 if (((S3I(s)->hs.state&SSL_ST_MASK) == SSL_ST_OK) &&
1032 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) { 1032 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
1033 s->internal->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT; 1033 S3I(s)->hs.state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
1034 s->internal->renegotiate = 1; 1034 s->internal->renegotiate = 1;
1035 s->internal->new_session = 1; 1035 s->internal->new_session = 1;
1036 } 1036 }
@@ -1089,12 +1089,12 @@ start:
1089 */ 1089 */
1090 if (S3I(s)->in_read_app_data && 1090 if (S3I(s)->in_read_app_data &&
1091 (S3I(s)->total_renegotiations != 0) && 1091 (S3I(s)->total_renegotiations != 0) &&
1092 (((s->internal->state & SSL_ST_CONNECT) && 1092 (((S3I(s)->hs.state & SSL_ST_CONNECT) &&
1093 (s->internal->state >= SSL3_ST_CW_CLNT_HELLO_A) && 1093 (S3I(s)->hs.state >= SSL3_ST_CW_CLNT_HELLO_A) &&
1094 (s->internal->state <= SSL3_ST_CR_SRVR_HELLO_A)) || ( 1094 (S3I(s)->hs.state <= SSL3_ST_CR_SRVR_HELLO_A)) || (
1095 (s->internal->state & SSL_ST_ACCEPT) && 1095 (S3I(s)->hs.state & SSL_ST_ACCEPT) &&
1096 (s->internal->state <= SSL3_ST_SW_HELLO_REQ_A) && 1096 (S3I(s)->hs.state <= SSL3_ST_SW_HELLO_REQ_A) &&
1097 (s->internal->state >= SSL3_ST_SR_CLNT_HELLO_A)))) { 1097 (S3I(s)->hs.state >= SSL3_ST_SR_CLNT_HELLO_A)))) {
1098 S3I(s)->in_read_app_data = 2; 1098 S3I(s)->in_read_app_data = 2;
1099 return (-1); 1099 return (-1);
1100 } else { 1100 } else {
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index 1ef8bce56b..ae90ee2093 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_srvr.c,v 1.87 2017/05/06 22:24:57 beck Exp $ */ 1/* $OpenBSD: d1_srvr.c,v 1.88 2017/05/07 04:22:24 beck Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -208,12 +208,12 @@ dtls1_accept(SSL *s)
208 } 208 }
209 209
210 for (;;) { 210 for (;;) {
211 state = s->internal->state; 211 state = S3I(s)->hs.state;
212 212
213 switch (s->internal->state) { 213 switch (S3I(s)->hs.state) {
214 case SSL_ST_RENEGOTIATE: 214 case SSL_ST_RENEGOTIATE:
215 s->internal->renegotiate = 1; 215 s->internal->renegotiate = 1;
216 /* s->internal->state=SSL_ST_ACCEPT; */ 216 /* S3I(s)->hs.state=SSL_ST_ACCEPT; */
217 217
218 case SSL_ST_BEFORE: 218 case SSL_ST_BEFORE:
219 case SSL_ST_ACCEPT: 219 case SSL_ST_ACCEPT:
@@ -242,7 +242,7 @@ dtls1_accept(SSL *s)
242 242
243 s->internal->init_num = 0; 243 s->internal->init_num = 0;
244 244
245 if (s->internal->state != SSL_ST_RENEGOTIATE) { 245 if (S3I(s)->hs.state != SSL_ST_RENEGOTIATE) {
246 /* Ok, we now need to push on a buffering BIO so that 246 /* Ok, we now need to push on a buffering BIO so that
247 * the output is sent in a way that TCP likes :-) 247 * the output is sent in a way that TCP likes :-)
248 * ...but not with SCTP :-) 248 * ...but not with SCTP :-)
@@ -257,13 +257,13 @@ dtls1_accept(SSL *s)
257 goto end; 257 goto end;
258 } 258 }
259 259
260 s->internal->state = SSL3_ST_SR_CLNT_HELLO_A; 260 S3I(s)->hs.state = SSL3_ST_SR_CLNT_HELLO_A;
261 s->ctx->internal->stats.sess_accept++; 261 s->ctx->internal->stats.sess_accept++;
262 } else { 262 } else {
263 /* s->internal->state == SSL_ST_RENEGOTIATE, 263 /* S3I(s)->hs.state == SSL_ST_RENEGOTIATE,
264 * we will just send a HelloRequest */ 264 * we will just send a HelloRequest */
265 s->ctx->internal->stats.sess_accept_renegotiate++; 265 s->ctx->internal->stats.sess_accept_renegotiate++;
266 s->internal->state = SSL3_ST_SW_HELLO_REQ_A; 266 S3I(s)->hs.state = SSL3_ST_SW_HELLO_REQ_A;
267 } 267 }
268 268
269 break; 269 break;
@@ -278,7 +278,7 @@ dtls1_accept(SSL *s)
278 if (ret <= 0) 278 if (ret <= 0)
279 goto end; 279 goto end;
280 S3I(s)->hs.next_state = SSL3_ST_SR_CLNT_HELLO_A; 280 S3I(s)->hs.next_state = SSL3_ST_SR_CLNT_HELLO_A;
281 s->internal->state = SSL3_ST_SW_FLUSH; 281 S3I(s)->hs.state = SSL3_ST_SW_FLUSH;
282 s->internal->init_num = 0; 282 s->internal->init_num = 0;
283 283
284 if (!tls1_init_finished_mac(s)) { 284 if (!tls1_init_finished_mac(s)) {
@@ -288,7 +288,7 @@ dtls1_accept(SSL *s)
288 break; 288 break;
289 289
290 case SSL3_ST_SW_HELLO_REQ_C: 290 case SSL3_ST_SW_HELLO_REQ_C:
291 s->internal->state = SSL_ST_OK; 291 S3I(s)->hs.state = SSL_ST_OK;
292 break; 292 break;
293 293
294 case SSL3_ST_SR_CLNT_HELLO_A: 294 case SSL3_ST_SR_CLNT_HELLO_A:
@@ -302,9 +302,9 @@ dtls1_accept(SSL *s)
302 dtls1_stop_timer(s); 302 dtls1_stop_timer(s);
303 303
304 if (ret == 1 && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE)) 304 if (ret == 1 && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE))
305 s->internal->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A; 305 S3I(s)->hs.state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A;
306 else 306 else
307 s->internal->state = SSL3_ST_SW_SRVR_HELLO_A; 307 S3I(s)->hs.state = SSL3_ST_SW_SRVR_HELLO_A;
308 308
309 s->internal->init_num = 0; 309 s->internal->init_num = 0;
310 310
@@ -314,7 +314,7 @@ dtls1_accept(SSL *s)
314 } 314 }
315 315
316 /* If we're just listening, stop here */ 316 /* If we're just listening, stop here */
317 if (listen && s->internal->state == SSL3_ST_SW_SRVR_HELLO_A) { 317 if (listen && S3I(s)->hs.state == SSL3_ST_SW_SRVR_HELLO_A) {
318 ret = 2; 318 ret = 2;
319 D1I(s)->listen = 0; 319 D1I(s)->listen = 0;
320 /* Set expected sequence numbers 320 /* Set expected sequence numbers
@@ -334,7 +334,7 @@ dtls1_accept(SSL *s)
334 ret = dtls1_send_hello_verify_request(s); 334 ret = dtls1_send_hello_verify_request(s);
335 if (ret <= 0) 335 if (ret <= 0)
336 goto end; 336 goto end;
337 s->internal->state = SSL3_ST_SW_FLUSH; 337 S3I(s)->hs.state = SSL3_ST_SW_FLUSH;
338 S3I(s)->hs.next_state = SSL3_ST_SR_CLNT_HELLO_A; 338 S3I(s)->hs.next_state = SSL3_ST_SR_CLNT_HELLO_A;
339 339
340 /* HelloVerifyRequest resets Finished MAC */ 340 /* HelloVerifyRequest resets Finished MAC */
@@ -355,11 +355,11 @@ dtls1_accept(SSL *s)
355 355
356 if (s->internal->hit) { 356 if (s->internal->hit) {
357 if (s->internal->tlsext_ticket_expected) 357 if (s->internal->tlsext_ticket_expected)
358 s->internal->state = SSL3_ST_SW_SESSION_TICKET_A; 358 S3I(s)->hs.state = SSL3_ST_SW_SESSION_TICKET_A;
359 else 359 else
360 s->internal->state = SSL3_ST_SW_CHANGE_A; 360 S3I(s)->hs.state = SSL3_ST_SW_CHANGE_A;
361 } else 361 } else
362 s->internal->state = SSL3_ST_SW_CERT_A; 362 S3I(s)->hs.state = SSL3_ST_SW_CERT_A;
363 s->internal->init_num = 0; 363 s->internal->init_num = 0;
364 break; 364 break;
365 365
@@ -373,12 +373,12 @@ dtls1_accept(SSL *s)
373 if (ret <= 0) 373 if (ret <= 0)
374 goto end; 374 goto end;
375 if (s->internal->tlsext_status_expected) 375 if (s->internal->tlsext_status_expected)
376 s->internal->state = SSL3_ST_SW_CERT_STATUS_A; 376 S3I(s)->hs.state = SSL3_ST_SW_CERT_STATUS_A;
377 else 377 else
378 s->internal->state = SSL3_ST_SW_KEY_EXCH_A; 378 S3I(s)->hs.state = SSL3_ST_SW_KEY_EXCH_A;
379 } else { 379 } else {
380 skip = 1; 380 skip = 1;
381 s->internal->state = SSL3_ST_SW_KEY_EXCH_A; 381 S3I(s)->hs.state = SSL3_ST_SW_KEY_EXCH_A;
382 } 382 }
383 s->internal->init_num = 0; 383 s->internal->init_num = 0;
384 break; 384 break;
@@ -396,7 +396,7 @@ dtls1_accept(SSL *s)
396 } else 396 } else
397 skip = 1; 397 skip = 1;
398 398
399 s->internal->state = SSL3_ST_SW_CERT_REQ_A; 399 S3I(s)->hs.state = SSL3_ST_SW_CERT_REQ_A;
400 s->internal->init_num = 0; 400 s->internal->init_num = 0;
401 break; 401 break;
402 402
@@ -428,14 +428,14 @@ dtls1_accept(SSL *s)
428 /* no cert request */ 428 /* no cert request */
429 skip = 1; 429 skip = 1;
430 S3I(s)->tmp.cert_request = 0; 430 S3I(s)->tmp.cert_request = 0;
431 s->internal->state = SSL3_ST_SW_SRVR_DONE_A; 431 S3I(s)->hs.state = SSL3_ST_SW_SRVR_DONE_A;
432 } else { 432 } else {
433 S3I(s)->tmp.cert_request = 1; 433 S3I(s)->tmp.cert_request = 1;
434 dtls1_start_timer(s); 434 dtls1_start_timer(s);
435 ret = ssl3_send_certificate_request(s); 435 ret = ssl3_send_certificate_request(s);
436 if (ret <= 0) 436 if (ret <= 0)
437 goto end; 437 goto end;
438 s->internal->state = SSL3_ST_SW_SRVR_DONE_A; 438 S3I(s)->hs.state = SSL3_ST_SW_SRVR_DONE_A;
439 s->internal->init_num = 0; 439 s->internal->init_num = 0;
440 } 440 }
441 break; 441 break;
@@ -447,7 +447,7 @@ dtls1_accept(SSL *s)
447 if (ret <= 0) 447 if (ret <= 0)
448 goto end; 448 goto end;
449 S3I(s)->hs.next_state = SSL3_ST_SR_CERT_A; 449 S3I(s)->hs.next_state = SSL3_ST_SR_CERT_A;
450 s->internal->state = SSL3_ST_SW_FLUSH; 450 S3I(s)->hs.state = SSL3_ST_SW_FLUSH;
451 s->internal->init_num = 0; 451 s->internal->init_num = 0;
452 break; 452 break;
453 453
@@ -457,14 +457,14 @@ dtls1_accept(SSL *s)
457 /* If the write error was fatal, stop trying */ 457 /* If the write error was fatal, stop trying */
458 if (!BIO_should_retry(s->wbio)) { 458 if (!BIO_should_retry(s->wbio)) {
459 s->internal->rwstate = SSL_NOTHING; 459 s->internal->rwstate = SSL_NOTHING;
460 s->internal->state = S3I(s)->hs.next_state; 460 S3I(s)->hs.state = S3I(s)->hs.next_state;
461 } 461 }
462 462
463 ret = -1; 463 ret = -1;
464 goto end; 464 goto end;
465 } 465 }
466 s->internal->rwstate = SSL_NOTHING; 466 s->internal->rwstate = SSL_NOTHING;
467 s->internal->state = S3I(s)->hs.next_state; 467 S3I(s)->hs.state = S3I(s)->hs.next_state;
468 break; 468 break;
469 469
470 case SSL3_ST_SR_CERT_A: 470 case SSL3_ST_SR_CERT_A:
@@ -475,7 +475,7 @@ dtls1_accept(SSL *s)
475 goto end; 475 goto end;
476 } 476 }
477 s->internal->init_num = 0; 477 s->internal->init_num = 0;
478 s->internal->state = SSL3_ST_SR_KEY_EXCH_A; 478 S3I(s)->hs.state = SSL3_ST_SR_KEY_EXCH_A;
479 break; 479 break;
480 480
481 case SSL3_ST_SR_KEY_EXCH_A: 481 case SSL3_ST_SR_KEY_EXCH_A:
@@ -484,7 +484,7 @@ dtls1_accept(SSL *s)
484 if (ret <= 0) 484 if (ret <= 0)
485 goto end; 485 goto end;
486 486
487 s->internal->state = SSL3_ST_SR_CERT_VRFY_A; 487 S3I(s)->hs.state = SSL3_ST_SR_CERT_VRFY_A;
488 s->internal->init_num = 0; 488 s->internal->init_num = 0;
489 489
490 if (ret == 2) { 490 if (ret == 2) {
@@ -493,10 +493,10 @@ dtls1_accept(SSL *s)
493 * a certificate, the CertificateVerify 493 * a certificate, the CertificateVerify
494 * message is not sent. 494 * message is not sent.
495 */ 495 */
496 s->internal->state = SSL3_ST_SR_FINISHED_A; 496 S3I(s)->hs.state = SSL3_ST_SR_FINISHED_A;
497 s->internal->init_num = 0; 497 s->internal->init_num = 0;
498 } else if (SSL_USE_SIGALGS(s)) { 498 } else if (SSL_USE_SIGALGS(s)) {
499 s->internal->state = SSL3_ST_SR_CERT_VRFY_A; 499 S3I(s)->hs.state = SSL3_ST_SR_CERT_VRFY_A;
500 s->internal->init_num = 0; 500 s->internal->init_num = 0;
501 if (!s->session->peer) 501 if (!s->session->peer)
502 break; 502 break;
@@ -516,7 +516,7 @@ dtls1_accept(SSL *s)
516 goto end; 516 goto end;
517 } 517 }
518 } else { 518 } else {
519 s->internal->state = SSL3_ST_SR_CERT_VRFY_A; 519 S3I(s)->hs.state = SSL3_ST_SR_CERT_VRFY_A;
520 s->internal->init_num = 0; 520 s->internal->init_num = 0;
521 521
522 /* 522 /*
@@ -547,7 +547,7 @@ dtls1_accept(SSL *s)
547 ret = ssl3_get_cert_verify(s); 547 ret = ssl3_get_cert_verify(s);
548 if (ret <= 0) 548 if (ret <= 0)
549 goto end; 549 goto end;
550 s->internal->state = SSL3_ST_SR_FINISHED_A; 550 S3I(s)->hs.state = SSL3_ST_SR_FINISHED_A;
551 s->internal->init_num = 0; 551 s->internal->init_num = 0;
552 break; 552 break;
553 553
@@ -560,11 +560,11 @@ dtls1_accept(SSL *s)
560 goto end; 560 goto end;
561 dtls1_stop_timer(s); 561 dtls1_stop_timer(s);
562 if (s->internal->hit) 562 if (s->internal->hit)
563 s->internal->state = SSL_ST_OK; 563 S3I(s)->hs.state = SSL_ST_OK;
564 else if (s->internal->tlsext_ticket_expected) 564 else if (s->internal->tlsext_ticket_expected)
565 s->internal->state = SSL3_ST_SW_SESSION_TICKET_A; 565 S3I(s)->hs.state = SSL3_ST_SW_SESSION_TICKET_A;
566 else 566 else
567 s->internal->state = SSL3_ST_SW_CHANGE_A; 567 S3I(s)->hs.state = SSL3_ST_SW_CHANGE_A;
568 s->internal->init_num = 0; 568 s->internal->init_num = 0;
569 break; 569 break;
570 570
@@ -573,7 +573,7 @@ dtls1_accept(SSL *s)
573 ret = ssl3_send_newsession_ticket(s); 573 ret = ssl3_send_newsession_ticket(s);
574 if (ret <= 0) 574 if (ret <= 0)
575 goto end; 575 goto end;
576 s->internal->state = SSL3_ST_SW_CHANGE_A; 576 S3I(s)->hs.state = SSL3_ST_SW_CHANGE_A;
577 s->internal->init_num = 0; 577 s->internal->init_num = 0;
578 break; 578 break;
579 579
@@ -582,7 +582,7 @@ dtls1_accept(SSL *s)
582 ret = ssl3_send_cert_status(s); 582 ret = ssl3_send_cert_status(s);
583 if (ret <= 0) 583 if (ret <= 0)
584 goto end; 584 goto end;
585 s->internal->state = SSL3_ST_SW_KEY_EXCH_A; 585 S3I(s)->hs.state = SSL3_ST_SW_KEY_EXCH_A;
586 s->internal->init_num = 0; 586 s->internal->init_num = 0;
587 break; 587 break;
588 588
@@ -603,7 +603,7 @@ dtls1_accept(SSL *s)
603 goto end; 603 goto end;
604 604
605 605
606 s->internal->state = SSL3_ST_SW_FINISHED_A; 606 S3I(s)->hs.state = SSL3_ST_SW_FINISHED_A;
607 s->internal->init_num = 0; 607 s->internal->init_num = 0;
608 608
609 if (!tls1_change_cipher_state(s, 609 if (!tls1_change_cipher_state(s,
@@ -623,7 +623,7 @@ dtls1_accept(SSL *s)
623 TLS_MD_SERVER_FINISH_CONST_SIZE); 623 TLS_MD_SERVER_FINISH_CONST_SIZE);
624 if (ret <= 0) 624 if (ret <= 0)
625 goto end; 625 goto end;
626 s->internal->state = SSL3_ST_SW_FLUSH; 626 S3I(s)->hs.state = SSL3_ST_SW_FLUSH;
627 if (s->internal->hit) { 627 if (s->internal->hit) {
628 S3I(s)->hs.next_state = SSL3_ST_SR_FINISHED_A; 628 S3I(s)->hs.next_state = SSL3_ST_SR_FINISHED_A;
629 629
@@ -680,11 +680,11 @@ dtls1_accept(SSL *s)
680 goto end; 680 goto end;
681 } 681 }
682 682
683 if ((cb != NULL) && (s->internal->state != state)) { 683 if ((cb != NULL) && (S3I(s)->hs.state != state)) {
684 new_state = s->internal->state; 684 new_state = S3I(s)->hs.state;
685 s->internal->state = state; 685 S3I(s)->hs.state = state;
686 cb(s, SSL_CB_ACCEPT_LOOP, 1); 686 cb(s, SSL_CB_ACCEPT_LOOP, 1);
687 s->internal->state = new_state; 687 S3I(s)->hs.state = new_state;
688 } 688 }
689 } 689 }
690 skip = 0; 690 skip = 0;
@@ -707,7 +707,7 @@ dtls1_send_hello_verify_request(SSL *s)
707 707
708 memset(&cbb, 0, sizeof(cbb)); 708 memset(&cbb, 0, sizeof(cbb));
709 709
710 if (s->internal->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) { 710 if (S3I(s)->hs.state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {
711 if (s->ctx->internal->app_gen_cookie_cb == NULL || 711 if (s->ctx->internal->app_gen_cookie_cb == NULL ||
712 s->ctx->internal->app_gen_cookie_cb(s, D1I(s)->cookie, 712 s->ctx->internal->app_gen_cookie_cb(s, D1I(s)->cookie,
713 &(D1I(s)->cookie_len)) == 0) { 713 &(D1I(s)->cookie_len)) == 0) {
@@ -727,10 +727,10 @@ dtls1_send_hello_verify_request(SSL *s)
727 if (!ssl3_handshake_msg_finish_cbb(s, &cbb)) 727 if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
728 goto err; 728 goto err;
729 729
730 s->internal->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B; 730 S3I(s)->hs.state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;
731 } 731 }
732 732
733 /* s->internal->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */ 733 /* S3I(s)->hs.state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
734 return (ssl3_handshake_write(s)); 734 return (ssl3_handshake_write(s));
735 735
736 err: 736 err:
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index f728eb7648..697ac6c7c5 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_lib.c,v 1.142 2017/05/06 22:24:57 beck Exp $ */ 1/* $OpenBSD: s3_lib.c,v 1.143 2017/05/07 04:22:24 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -2540,7 +2540,7 @@ ssl3_shutdown(SSL *s)
2540 * Don't do anything much if we have not done the handshake or 2540 * Don't do anything much if we have not done the handshake or
2541 * we don't want to send messages :-) 2541 * we don't want to send messages :-)
2542 */ 2542 */
2543 if ((s->internal->quiet_shutdown) || (s->internal->state == SSL_ST_BEFORE)) { 2543 if ((s->internal->quiet_shutdown) || (S3I(s)->hs.state == SSL_ST_BEFORE)) {
2544 s->internal->shutdown = (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); 2544 s->internal->shutdown = (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
2545 return (1); 2545 return (1);
2546 } 2546 }
@@ -2704,7 +2704,7 @@ ssl3_renegotiate_check(SSL *s)
2704 * to SSL_ST_ACCEPT. 2704 * to SSL_ST_ACCEPT.
2705 */ 2705 */
2706 /* SSL_ST_ACCEPT */ 2706 /* SSL_ST_ACCEPT */
2707 s->internal->state = SSL_ST_RENEGOTIATE; 2707 S3I(s)->hs.state = SSL_ST_RENEGOTIATE;
2708 S3I(s)->renegotiate = 0; 2708 S3I(s)->renegotiate = 0;
2709 S3I(s)->num_renegotiations++; 2709 S3I(s)->num_renegotiations++;
2710 S3I(s)->total_renegotiations++; 2710 S3I(s)->total_renegotiations++;
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 05d0660c49..dda5192c10 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl.h,v 1.128 2017/05/06 20:37:25 jsing Exp $ */ 1/* $OpenBSD: ssl.h,v 1.129 2017/05/07 04:22:24 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -932,12 +932,12 @@ extern "C" {
932#define SSL_CB_HANDSHAKE_DONE 0x20 932#define SSL_CB_HANDSHAKE_DONE 0x20
933 933
934/* Is the SSL_connection established? */ 934/* Is the SSL_connection established? */
935#define SSL_get_state(a) SSL_state(a) 935#define SSL_get_state(a) (SSL_state((a)))
936#define SSL_is_init_finished(a) (SSL_state(a) == SSL_ST_OK) 936#define SSL_is_init_finished(a) (SSL_state((a)) == SSL_ST_OK)
937#define SSL_in_init(a) (SSL_state(a)&SSL_ST_INIT) 937#define SSL_in_init(a) (SSL_state((a))&SSL_ST_INIT)
938#define SSL_in_before(a) (SSL_state(a)&SSL_ST_BEFORE) 938#define SSL_in_before(a) (SSL_state((a))&SSL_ST_BEFORE)
939#define SSL_in_connect_init(a) (SSL_state(a)&SSL_ST_CONNECT) 939#define SSL_in_connect_init(a) (SSL_state((a))&SSL_ST_CONNECT)
940#define SSL_in_accept_init(a) (SSL_state(a)&SSL_ST_ACCEPT) 940#define SSL_in_accept_init(a) (SSL_state((a))&SSL_ST_ACCEPT)
941 941
942/* The following 2 states are kept in ssl->rstate when reads fail, 942/* The following 2 states are kept in ssl->rstate when reads fail,
943 * you should not need these */ 943 * you should not need these */
diff --git a/src/lib/libssl/ssl_both.c b/src/lib/libssl/ssl_both.c
index 13c39e85b2..4a724560f2 100644
--- a/src/lib/libssl/ssl_both.c
+++ b/src/lib/libssl/ssl_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_both.c,v 1.8 2017/05/06 22:24:57 beck Exp $ */ 1/* $OpenBSD: ssl_both.c,v 1.9 2017/05/07 04:22:24 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -171,7 +171,7 @@ ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
171 171
172 memset(&cbb, 0, sizeof(cbb)); 172 memset(&cbb, 0, sizeof(cbb));
173 173
174 if (s->internal->state == a) { 174 if (S3I(s)->hs.state == a) {
175 md_len = TLS1_FINISH_MAC_LENGTH; 175 md_len = TLS1_FINISH_MAC_LENGTH;
176 OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE); 176 OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);
177 177
@@ -199,7 +199,7 @@ ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
199 if (!ssl3_handshake_msg_finish_cbb(s, &cbb)) 199 if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
200 goto err; 200 goto err;
201 201
202 s->internal->state = b; 202 S3I(s)->hs.state = b;
203 } 203 }
204 204
205 return (ssl3_handshake_write(s)); 205 return (ssl3_handshake_write(s));
@@ -227,7 +227,7 @@ ssl3_take_mac(SSL *s)
227 if (S3I(s)->hs.new_cipher == NULL) 227 if (S3I(s)->hs.new_cipher == NULL)
228 return; 228 return;
229 229
230 if (s->internal->state & SSL_ST_CONNECT) { 230 if (S3I(s)->hs.state & SSL_ST_CONNECT) {
231 sender = TLS_MD_SERVER_FINISH_CONST; 231 sender = TLS_MD_SERVER_FINISH_CONST;
232 slen = TLS_MD_SERVER_FINISH_CONST_SIZE; 232 slen = TLS_MD_SERVER_FINISH_CONST_SIZE;
233 } else { 233 } else {
@@ -313,13 +313,13 @@ ssl3_send_change_cipher_spec(SSL *s, int a, int b)
313{ 313{
314 unsigned char *p; 314 unsigned char *p;
315 315
316 if (s->internal->state == a) { 316 if (S3I(s)->hs.state == a) {
317 p = (unsigned char *)s->internal->init_buf->data; 317 p = (unsigned char *)s->internal->init_buf->data;
318 *p = SSL3_MT_CCS; 318 *p = SSL3_MT_CCS;
319 s->internal->init_num = 1; 319 s->internal->init_num = 1;
320 s->internal->init_off = 0; 320 s->internal->init_off = 0;
321 321
322 s->internal->state = b; 322 S3I(s)->hs.state = b;
323 } 323 }
324 324
325 /* SSL3_ST_CW_CHANGE_B */ 325 /* SSL3_ST_CW_CHANGE_B */
@@ -442,7 +442,7 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
442 p = (unsigned char *)s->internal->init_buf->data; 442 p = (unsigned char *)s->internal->init_buf->data;
443 443
444 /* s->internal->init_num < 4 */ 444 /* s->internal->init_num < 4 */
445 if (s->internal->state == st1) { 445 if (S3I(s)->hs.state == st1) {
446 int skip_message; 446 int skip_message;
447 447
448 do { 448 do {
@@ -504,7 +504,7 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
504 goto err; 504 goto err;
505 } 505 }
506 S3I(s)->tmp.message_size = l; 506 S3I(s)->tmp.message_size = l;
507 s->internal->state = stn; 507 S3I(s)->hs.state = stn;
508 508
509 s->internal->init_msg = s->internal->init_buf->data + 4; 509 s->internal->init_msg = s->internal->init_buf->data + 4;
510 s->internal->init_num = 0; 510 s->internal->init_num = 0;
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index f6ca3e7f3c..a1745143f0 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_clnt.c,v 1.13 2017/05/06 22:24:57 beck Exp $ */ 1/* $OpenBSD: ssl_clnt.c,v 1.14 2017/05/07 04:22:24 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -193,12 +193,12 @@ ssl3_connect(SSL *s)
193 SSL_clear(s); 193 SSL_clear(s);
194 194
195 for (;;) { 195 for (;;) {
196 state = s->internal->state; 196 state = S3I(s)->hs.state;
197 197
198 switch (s->internal->state) { 198 switch (S3I(s)->hs.state) {
199 case SSL_ST_RENEGOTIATE: 199 case SSL_ST_RENEGOTIATE:
200 s->internal->renegotiate = 1; 200 s->internal->renegotiate = 1;
201 s->internal->state = SSL_ST_CONNECT; 201 S3I(s)->hs.state = SSL_ST_CONNECT;
202 s->ctx->internal->stats.sess_connect_renegotiate++; 202 s->ctx->internal->stats.sess_connect_renegotiate++;
203 /* break */ 203 /* break */
204 case SSL_ST_BEFORE: 204 case SSL_ST_BEFORE:
@@ -239,7 +239,7 @@ ssl3_connect(SSL *s)
239 goto end; 239 goto end;
240 } 240 }
241 241
242 s->internal->state = SSL3_ST_CW_CLNT_HELLO_A; 242 S3I(s)->hs.state = SSL3_ST_CW_CLNT_HELLO_A;
243 s->ctx->internal->stats.sess_connect++; 243 s->ctx->internal->stats.sess_connect++;
244 s->internal->init_num = 0; 244 s->internal->init_num = 0;
245 break; 245 break;
@@ -251,7 +251,7 @@ ssl3_connect(SSL *s)
251 ret = ssl3_client_hello(s); 251 ret = ssl3_client_hello(s);
252 if (ret <= 0) 252 if (ret <= 0)
253 goto end; 253 goto end;
254 s->internal->state = SSL3_ST_CR_SRVR_HELLO_A; 254 S3I(s)->hs.state = SSL3_ST_CR_SRVR_HELLO_A;
255 s->internal->init_num = 0; 255 s->internal->init_num = 0;
256 256
257 /* turn on buffering for the next lot of output */ 257 /* turn on buffering for the next lot of output */
@@ -267,13 +267,13 @@ ssl3_connect(SSL *s)
267 goto end; 267 goto end;
268 268
269 if (s->internal->hit) { 269 if (s->internal->hit) {
270 s->internal->state = SSL3_ST_CR_FINISHED_A; 270 S3I(s)->hs.state = SSL3_ST_CR_FINISHED_A;
271 if (s->internal->tlsext_ticket_expected) { 271 if (s->internal->tlsext_ticket_expected) {
272 /* receive renewed session ticket */ 272 /* receive renewed session ticket */
273 s->internal->state = SSL3_ST_CR_SESSION_TICKET_A; 273 S3I(s)->hs.state = SSL3_ST_CR_SESSION_TICKET_A;
274 } 274 }
275 } else 275 } else
276 s->internal->state = SSL3_ST_CR_CERT_A; 276 S3I(s)->hs.state = SSL3_ST_CR_CERT_A;
277 s->internal->init_num = 0; 277 s->internal->init_num = 0;
278 break; 278 break;
279 279
@@ -285,9 +285,9 @@ ssl3_connect(SSL *s)
285 if (ret == 2) { 285 if (ret == 2) {
286 s->internal->hit = 1; 286 s->internal->hit = 1;
287 if (s->internal->tlsext_ticket_expected) 287 if (s->internal->tlsext_ticket_expected)
288 s->internal->state = SSL3_ST_CR_SESSION_TICKET_A; 288 S3I(s)->hs.state = SSL3_ST_CR_SESSION_TICKET_A;
289 else 289 else
290 s->internal->state = SSL3_ST_CR_FINISHED_A; 290 S3I(s)->hs.state = SSL3_ST_CR_FINISHED_A;
291 s->internal->init_num = 0; 291 s->internal->init_num = 0;
292 break; 292 break;
293 } 293 }
@@ -298,12 +298,12 @@ ssl3_connect(SSL *s)
298 if (ret <= 0) 298 if (ret <= 0)
299 goto end; 299 goto end;
300 if (s->internal->tlsext_status_expected) 300 if (s->internal->tlsext_status_expected)
301 s->internal->state = SSL3_ST_CR_CERT_STATUS_A; 301 S3I(s)->hs.state = SSL3_ST_CR_CERT_STATUS_A;
302 else 302 else
303 s->internal->state = SSL3_ST_CR_KEY_EXCH_A; 303 S3I(s)->hs.state = SSL3_ST_CR_KEY_EXCH_A;
304 } else { 304 } else {
305 skip = 1; 305 skip = 1;
306 s->internal->state = SSL3_ST_CR_KEY_EXCH_A; 306 S3I(s)->hs.state = SSL3_ST_CR_KEY_EXCH_A;
307 } 307 }
308 s->internal->init_num = 0; 308 s->internal->init_num = 0;
309 break; 309 break;
@@ -313,7 +313,7 @@ ssl3_connect(SSL *s)
313 ret = ssl3_get_server_key_exchange(s); 313 ret = ssl3_get_server_key_exchange(s);
314 if (ret <= 0) 314 if (ret <= 0)
315 goto end; 315 goto end;
316 s->internal->state = SSL3_ST_CR_CERT_REQ_A; 316 S3I(s)->hs.state = SSL3_ST_CR_CERT_REQ_A;
317 s->internal->init_num = 0; 317 s->internal->init_num = 0;
318 318
319 /* 319 /*
@@ -331,7 +331,7 @@ ssl3_connect(SSL *s)
331 ret = ssl3_get_certificate_request(s); 331 ret = ssl3_get_certificate_request(s);
332 if (ret <= 0) 332 if (ret <= 0)
333 goto end; 333 goto end;
334 s->internal->state = SSL3_ST_CR_SRVR_DONE_A; 334 S3I(s)->hs.state = SSL3_ST_CR_SRVR_DONE_A;
335 s->internal->init_num = 0; 335 s->internal->init_num = 0;
336 break; 336 break;
337 337
@@ -341,9 +341,9 @@ ssl3_connect(SSL *s)
341 if (ret <= 0) 341 if (ret <= 0)
342 goto end; 342 goto end;
343 if (S3I(s)->tmp.cert_req) 343 if (S3I(s)->tmp.cert_req)
344 s->internal->state = SSL3_ST_CW_CERT_A; 344 S3I(s)->hs.state = SSL3_ST_CW_CERT_A;
345 else 345 else
346 s->internal->state = SSL3_ST_CW_KEY_EXCH_A; 346 S3I(s)->hs.state = SSL3_ST_CW_KEY_EXCH_A;
347 s->internal->init_num = 0; 347 s->internal->init_num = 0;
348 348
349 break; 349 break;
@@ -355,7 +355,7 @@ ssl3_connect(SSL *s)
355 ret = ssl3_send_client_certificate(s); 355 ret = ssl3_send_client_certificate(s);
356 if (ret <= 0) 356 if (ret <= 0)
357 goto end; 357 goto end;
358 s->internal->state = SSL3_ST_CW_KEY_EXCH_A; 358 S3I(s)->hs.state = SSL3_ST_CW_KEY_EXCH_A;
359 s->internal->init_num = 0; 359 s->internal->init_num = 0;
360 break; 360 break;
361 361
@@ -381,13 +381,13 @@ ssl3_connect(SSL *s)
381 * inside the client certificate. 381 * inside the client certificate.
382 */ 382 */
383 if (S3I(s)->tmp.cert_req == 1) { 383 if (S3I(s)->tmp.cert_req == 1) {
384 s->internal->state = SSL3_ST_CW_CERT_VRFY_A; 384 S3I(s)->hs.state = SSL3_ST_CW_CERT_VRFY_A;
385 } else { 385 } else {
386 s->internal->state = SSL3_ST_CW_CHANGE_A; 386 S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
387 S3I(s)->change_cipher_spec = 0; 387 S3I(s)->change_cipher_spec = 0;
388 } 388 }
389 if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) { 389 if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) {
390 s->internal->state = SSL3_ST_CW_CHANGE_A; 390 S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
391 S3I(s)->change_cipher_spec = 0; 391 S3I(s)->change_cipher_spec = 0;
392 } 392 }
393 393
@@ -399,7 +399,7 @@ ssl3_connect(SSL *s)
399 ret = ssl3_send_client_verify(s); 399 ret = ssl3_send_client_verify(s);
400 if (ret <= 0) 400 if (ret <= 0)
401 goto end; 401 goto end;
402 s->internal->state = SSL3_ST_CW_CHANGE_A; 402 S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
403 s->internal->init_num = 0; 403 s->internal->init_num = 0;
404 S3I(s)->change_cipher_spec = 0; 404 S3I(s)->change_cipher_spec = 0;
405 break; 405 break;
@@ -412,9 +412,9 @@ ssl3_connect(SSL *s)
412 goto end; 412 goto end;
413 413
414 if (S3I(s)->next_proto_neg_seen) 414 if (S3I(s)->next_proto_neg_seen)
415 s->internal->state = SSL3_ST_CW_NEXT_PROTO_A; 415 S3I(s)->hs.state = SSL3_ST_CW_NEXT_PROTO_A;
416 else 416 else
417 s->internal->state = SSL3_ST_CW_FINISHED_A; 417 S3I(s)->hs.state = SSL3_ST_CW_FINISHED_A;
418 s->internal->init_num = 0; 418 s->internal->init_num = 0;
419 419
420 s->session->cipher = S3I(s)->hs.new_cipher; 420 s->session->cipher = S3I(s)->hs.new_cipher;
@@ -436,7 +436,7 @@ ssl3_connect(SSL *s)
436 ret = ssl3_send_next_proto(s); 436 ret = ssl3_send_next_proto(s);
437 if (ret <= 0) 437 if (ret <= 0)
438 goto end; 438 goto end;
439 s->internal->state = SSL3_ST_CW_FINISHED_A; 439 S3I(s)->hs.state = SSL3_ST_CW_FINISHED_A;
440 break; 440 break;
441 441
442 case SSL3_ST_CW_FINISHED_A: 442 case SSL3_ST_CW_FINISHED_A:
@@ -448,7 +448,7 @@ ssl3_connect(SSL *s)
448 if (ret <= 0) 448 if (ret <= 0)
449 goto end; 449 goto end;
450 s->s3->flags |= SSL3_FLAGS_CCS_OK; 450 s->s3->flags |= SSL3_FLAGS_CCS_OK;
451 s->internal->state = SSL3_ST_CW_FLUSH; 451 S3I(s)->hs.state = SSL3_ST_CW_FLUSH;
452 452
453 /* clear flags */ 453 /* clear flags */
454 s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER; 454 s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
@@ -456,7 +456,7 @@ ssl3_connect(SSL *s)
456 S3I(s)->hs.next_state = SSL_ST_OK; 456 S3I(s)->hs.next_state = SSL_ST_OK;
457 if (s->s3->flags & 457 if (s->s3->flags &
458 SSL3_FLAGS_DELAY_CLIENT_FINISHED) { 458 SSL3_FLAGS_DELAY_CLIENT_FINISHED) {
459 s->internal->state = SSL_ST_OK; 459 S3I(s)->hs.state = SSL_ST_OK;
460 s->s3->flags|=SSL3_FLAGS_POP_BUFFER; 460 s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
461 S3I(s)->delay_buf_pop_ret = 0; 461 S3I(s)->delay_buf_pop_ret = 0;
462 } 462 }
@@ -477,7 +477,7 @@ ssl3_connect(SSL *s)
477 ret = ssl3_get_new_session_ticket(s); 477 ret = ssl3_get_new_session_ticket(s);
478 if (ret <= 0) 478 if (ret <= 0)
479 goto end; 479 goto end;
480 s->internal->state = SSL3_ST_CR_FINISHED_A; 480 S3I(s)->hs.state = SSL3_ST_CR_FINISHED_A;
481 s->internal->init_num = 0; 481 s->internal->init_num = 0;
482 break; 482 break;
483 483
@@ -486,7 +486,7 @@ ssl3_connect(SSL *s)
486 ret = ssl3_get_cert_status(s); 486 ret = ssl3_get_cert_status(s);
487 if (ret <= 0) 487 if (ret <= 0)
488 goto end; 488 goto end;
489 s->internal->state = SSL3_ST_CR_KEY_EXCH_A; 489 S3I(s)->hs.state = SSL3_ST_CR_KEY_EXCH_A;
490 s->internal->init_num = 0; 490 s->internal->init_num = 0;
491 break; 491 break;
492 492
@@ -499,9 +499,9 @@ ssl3_connect(SSL *s)
499 goto end; 499 goto end;
500 500
501 if (s->internal->hit) 501 if (s->internal->hit)
502 s->internal->state = SSL3_ST_CW_CHANGE_A; 502 S3I(s)->hs.state = SSL3_ST_CW_CHANGE_A;
503 else 503 else
504 s->internal->state = SSL_ST_OK; 504 S3I(s)->hs.state = SSL_ST_OK;
505 s->internal->init_num = 0; 505 s->internal->init_num = 0;
506 break; 506 break;
507 507
@@ -512,7 +512,7 @@ ssl3_connect(SSL *s)
512 goto end; 512 goto end;
513 } 513 }
514 s->internal->rwstate = SSL_NOTHING; 514 s->internal->rwstate = SSL_NOTHING;
515 s->internal->state = S3I(s)->hs.next_state; 515 S3I(s)->hs.state = S3I(s)->hs.next_state;
516 break; 516 break;
517 517
518 case SSL_ST_OK: 518 case SSL_ST_OK:
@@ -563,11 +563,11 @@ ssl3_connect(SSL *s)
563 goto end; 563 goto end;
564 } 564 }
565 565
566 if ((cb != NULL) && (s->internal->state != state)) { 566 if ((cb != NULL) && (S3I(s)->hs.state != state)) {
567 new_state = s->internal->state; 567 new_state = S3I(s)->hs.state;
568 s->internal->state = state; 568 S3I(s)->hs.state = state;
569 cb(s, SSL_CB_CONNECT_LOOP, 1); 569 cb(s, SSL_CB_CONNECT_LOOP, 1);
570 s->internal->state = new_state; 570 S3I(s)->hs.state = new_state;
571 } 571 }
572 } 572 }
573 skip = 0; 573 skip = 0;
@@ -591,7 +591,7 @@ ssl3_client_hello(SSL *s)
591 591
592 bufend = (unsigned char *)s->internal->init_buf->data + SSL3_RT_MAX_PLAIN_LENGTH; 592 bufend = (unsigned char *)s->internal->init_buf->data + SSL3_RT_MAX_PLAIN_LENGTH;
593 593
594 if (s->internal->state == SSL3_ST_CW_CLNT_HELLO_A) { 594 if (S3I(s)->hs.state == SSL3_ST_CW_CLNT_HELLO_A) {
595 SSL_SESSION *sess = s->session; 595 SSL_SESSION *sess = s->session;
596 596
597 if (ssl_supported_version_range(s, NULL, &max_version) != 1) { 597 if (ssl_supported_version_range(s, NULL, &max_version) != 1) {
@@ -706,7 +706,7 @@ ssl3_client_hello(SSL *s)
706 706
707 ssl3_handshake_msg_finish(s, p - d); 707 ssl3_handshake_msg_finish(s, p - d);
708 708
709 s->internal->state = SSL3_ST_CW_CLNT_HELLO_B; 709 S3I(s)->hs.state = SSL3_ST_CW_CLNT_HELLO_B;
710 } 710 }
711 711
712 /* SSL3_ST_CW_CLNT_HELLO_B */ 712 /* SSL3_ST_CW_CLNT_HELLO_B */
@@ -2273,7 +2273,7 @@ ssl3_send_client_key_exchange(SSL *s)
2273 2273
2274 memset(&cbb, 0, sizeof(cbb)); 2274 memset(&cbb, 0, sizeof(cbb));
2275 2275
2276 if (s->internal->state == SSL3_ST_CW_KEY_EXCH_A) { 2276 if (S3I(s)->hs.state == SSL3_ST_CW_KEY_EXCH_A) {
2277 alg_k = S3I(s)->hs.new_cipher->algorithm_mkey; 2277 alg_k = S3I(s)->hs.new_cipher->algorithm_mkey;
2278 2278
2279 if ((sess_cert = SSI(s)->sess_cert) == NULL) { 2279 if ((sess_cert = SSI(s)->sess_cert) == NULL) {
@@ -2309,7 +2309,7 @@ ssl3_send_client_key_exchange(SSL *s)
2309 if (!ssl3_handshake_msg_finish_cbb(s, &cbb)) 2309 if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
2310 goto err; 2310 goto err;
2311 2311
2312 s->internal->state = SSL3_ST_CW_KEY_EXCH_B; 2312 S3I(s)->hs.state = SSL3_ST_CW_KEY_EXCH_B;
2313 } 2313 }
2314 2314
2315 /* SSL3_ST_CW_KEY_EXCH_B */ 2315 /* SSL3_ST_CW_KEY_EXCH_B */
@@ -2335,7 +2335,7 @@ ssl3_send_client_verify(SSL *s)
2335 2335
2336 EVP_MD_CTX_init(&mctx); 2336 EVP_MD_CTX_init(&mctx);
2337 2337
2338 if (s->internal->state == SSL3_ST_CW_CERT_VRFY_A) { 2338 if (S3I(s)->hs.state == SSL3_ST_CW_CERT_VRFY_A) {
2339 p = ssl3_handshake_msg_start(s, SSL3_MT_CERTIFICATE_VERIFY); 2339 p = ssl3_handshake_msg_start(s, SSL3_MT_CERTIFICATE_VERIFY);
2340 2340
2341 /* 2341 /*
@@ -2459,7 +2459,7 @@ ssl3_send_client_verify(SSL *s)
2459 goto err; 2459 goto err;
2460 } 2460 }
2461 2461
2462 s->internal->state = SSL3_ST_CW_CERT_VRFY_B; 2462 S3I(s)->hs.state = SSL3_ST_CW_CERT_VRFY_B;
2463 2463
2464 ssl3_handshake_msg_finish(s, n); 2464 ssl3_handshake_msg_finish(s, n);
2465 } 2465 }
@@ -2485,16 +2485,16 @@ ssl3_send_client_certificate(SSL *s)
2485 2485
2486 memset(&cbb, 0, sizeof(cbb)); 2486 memset(&cbb, 0, sizeof(cbb));
2487 2487
2488 if (s->internal->state == SSL3_ST_CW_CERT_A) { 2488 if (S3I(s)->hs.state == SSL3_ST_CW_CERT_A) {
2489 if ((s->cert == NULL) || (s->cert->key->x509 == NULL) || 2489 if ((s->cert == NULL) || (s->cert->key->x509 == NULL) ||
2490 (s->cert->key->privatekey == NULL)) 2490 (s->cert->key->privatekey == NULL))
2491 s->internal->state = SSL3_ST_CW_CERT_B; 2491 S3I(s)->hs.state = SSL3_ST_CW_CERT_B;
2492 else 2492 else
2493 s->internal->state = SSL3_ST_CW_CERT_C; 2493 S3I(s)->hs.state = SSL3_ST_CW_CERT_C;
2494 } 2494 }
2495 2495
2496 /* We need to get a client cert */ 2496 /* We need to get a client cert */
2497 if (s->internal->state == SSL3_ST_CW_CERT_B) { 2497 if (S3I(s)->hs.state == SSL3_ST_CW_CERT_B) {
2498 /* 2498 /*
2499 * If we get an error, we need to 2499 * If we get an error, we need to
2500 * ssl->rwstate=SSL_X509_LOOKUP; return(-1); 2500 * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
@@ -2507,7 +2507,7 @@ ssl3_send_client_certificate(SSL *s)
2507 } 2507 }
2508 s->internal->rwstate = SSL_NOTHING; 2508 s->internal->rwstate = SSL_NOTHING;
2509 if ((i == 1) && (pkey != NULL) && (x509 != NULL)) { 2509 if ((i == 1) && (pkey != NULL) && (x509 != NULL)) {
2510 s->internal->state = SSL3_ST_CW_CERT_B; 2510 S3I(s)->hs.state = SSL3_ST_CW_CERT_B;
2511 if (!SSL_use_certificate(s, x509) || 2511 if (!SSL_use_certificate(s, x509) ||
2512 !SSL_use_PrivateKey(s, pkey)) 2512 !SSL_use_PrivateKey(s, pkey))
2513 i = 0; 2513 i = 0;
@@ -2522,10 +2522,10 @@ ssl3_send_client_certificate(SSL *s)
2522 S3I(s)->tmp.cert_req = 2; 2522 S3I(s)->tmp.cert_req = 2;
2523 2523
2524 /* Ok, we have a cert */ 2524 /* Ok, we have a cert */
2525 s->internal->state = SSL3_ST_CW_CERT_C; 2525 S3I(s)->hs.state = SSL3_ST_CW_CERT_C;
2526 } 2526 }
2527 2527
2528 if (s->internal->state == SSL3_ST_CW_CERT_C) { 2528 if (S3I(s)->hs.state == SSL3_ST_CW_CERT_C) {
2529 if (!ssl3_handshake_msg_start_cbb(s, &cbb, &client_cert, 2529 if (!ssl3_handshake_msg_start_cbb(s, &cbb, &client_cert,
2530 SSL3_MT_CERTIFICATE)) 2530 SSL3_MT_CERTIFICATE))
2531 goto err; 2531 goto err;
@@ -2535,7 +2535,7 @@ ssl3_send_client_certificate(SSL *s)
2535 if (!ssl3_handshake_msg_finish_cbb(s, &cbb)) 2535 if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
2536 goto err; 2536 goto err;
2537 2537
2538 s->internal->state = SSL3_ST_CW_CERT_D; 2538 S3I(s)->hs.state = SSL3_ST_CW_CERT_D;
2539 } 2539 }
2540 2540
2541 /* SSL3_ST_CW_CERT_D */ 2541 /* SSL3_ST_CW_CERT_D */
@@ -2625,7 +2625,7 @@ ssl3_send_next_proto(SSL *s)
2625 2625
2626 memset(&cbb, 0, sizeof(cbb)); 2626 memset(&cbb, 0, sizeof(cbb));
2627 2627
2628 if (s->internal->state == SSL3_ST_CW_NEXT_PROTO_A) { 2628 if (S3I(s)->hs.state == SSL3_ST_CW_NEXT_PROTO_A) {
2629 pad_len = 32 - ((s->internal->next_proto_negotiated_len + 2) % 32); 2629 pad_len = 32 - ((s->internal->next_proto_negotiated_len + 2) % 32);
2630 2630
2631 if (!ssl3_handshake_msg_start_cbb(s, &cbb, &nextproto, 2631 if (!ssl3_handshake_msg_start_cbb(s, &cbb, &nextproto,
@@ -2644,7 +2644,7 @@ ssl3_send_next_proto(SSL *s)
2644 if (!ssl3_handshake_msg_finish_cbb(s, &cbb)) 2644 if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
2645 goto err; 2645 goto err;
2646 2646
2647 s->internal->state = SSL3_ST_CW_NEXT_PROTO_B; 2647 S3I(s)->hs.state = SSL3_ST_CW_NEXT_PROTO_B;
2648 } 2648 }
2649 2649
2650 return (ssl3_handshake_write(s)); 2650 return (ssl3_handshake_write(s));
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c
index f9e450125b..d61660c934 100644
--- a/src/lib/libssl/ssl_err.c
+++ b/src/lib/libssl/ssl_err.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_err.c,v 1.33 2017/02/07 02:08:38 beck Exp $ */ 1/* $OpenBSD: ssl_err.c,v 1.34 2017/05/07 04:22:24 beck Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -63,6 +63,8 @@
63#include <openssl/err.h> 63#include <openssl/err.h>
64#include <openssl/ssl.h> 64#include <openssl/ssl.h>
65 65
66#include "ssl_locl.h"
67
66/* BEGIN ERROR CODES */ 68/* BEGIN ERROR CODES */
67#ifndef OPENSSL_NO_ERR 69#ifndef OPENSSL_NO_ERR
68 70
@@ -667,3 +669,10 @@ SSL_state_func_code(int state) {
667 } 669 }
668 return 0xfff; 670 return 0xfff;
669} 671}
672
673void
674SSL_error_internal(const SSL *s, int r, char *f, int l)
675{
676 ERR_PUT_error(ERR_LIB_SSL,
677 (SSL_state_func_code(S3I(s)->hs.state)), r, f, l);
678}
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 76b2f8a8c4..c593e7b42b 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.160 2017/05/06 22:24:57 beck Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.161 2017/05/07 04:22:24 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -183,8 +183,6 @@ SSL_clear(SSL *s)
183 183
184 s->internal->type = 0; 184 s->internal->type = 0;
185 185
186 s->internal->state = SSL_ST_BEFORE|((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);
187
188 s->version = s->method->internal->version; 186 s->version = s->method->internal->version;
189 s->client_version = s->version; 187 s->client_version = s->version;
190 s->internal->rwstate = SSL_NOTHING; 188 s->internal->rwstate = SSL_NOTHING;
@@ -212,6 +210,8 @@ SSL_clear(SSL *s)
212 } else 210 } else
213 s->method->internal->ssl_clear(s); 211 s->method->internal->ssl_clear(s);
214 212
213 S3I(s)->hs.state = SSL_ST_BEFORE|((s->server) ? SSL_ST_ACCEPT : SSL_ST_CONNECT);
214
215 return (1); 215 return (1);
216} 216}
217 217
@@ -2397,7 +2397,7 @@ SSL_set_accept_state(SSL *s)
2397{ 2397{
2398 s->server = 1; 2398 s->server = 1;
2399 s->internal->shutdown = 0; 2399 s->internal->shutdown = 0;
2400 s->internal->state = SSL_ST_ACCEPT|SSL_ST_BEFORE; 2400 S3I(s)->hs.state = SSL_ST_ACCEPT|SSL_ST_BEFORE;
2401 s->internal->handshake_func = s->method->internal->ssl_accept; 2401 s->internal->handshake_func = s->method->internal->ssl_accept;
2402 /* clear the current cipher */ 2402 /* clear the current cipher */
2403 ssl_clear_cipher_ctx(s); 2403 ssl_clear_cipher_ctx(s);
@@ -2410,7 +2410,7 @@ SSL_set_connect_state(SSL *s)
2410{ 2410{
2411 s->server = 0; 2411 s->server = 0;
2412 s->internal->shutdown = 0; 2412 s->internal->shutdown = 0;
2413 s->internal->state = SSL_ST_CONNECT|SSL_ST_BEFORE; 2413 S3I(s)->hs.state = SSL_ST_CONNECT|SSL_ST_BEFORE;
2414 s->internal->handshake_func = s->method->internal->ssl_connect; 2414 s->internal->handshake_func = s->method->internal->ssl_connect;
2415 /* clear the current cipher */ 2415 /* clear the current cipher */
2416 ssl_clear_cipher_ctx(s); 2416 ssl_clear_cipher_ctx(s);
@@ -2544,7 +2544,7 @@ SSL_dup(SSL *s)
2544 ret->internal->quiet_shutdown = s->internal->quiet_shutdown; 2544 ret->internal->quiet_shutdown = s->internal->quiet_shutdown;
2545 ret->internal->shutdown = s->internal->shutdown; 2545 ret->internal->shutdown = s->internal->shutdown;
2546 /* SSL_dup does not really work at any state, though */ 2546 /* SSL_dup does not really work at any state, though */
2547 ret->internal->state = s->internal->state; 2547 S3I(ret)->hs.state = S3I(s)->hs.state;
2548 ret->internal->rstate = s->internal->rstate; 2548 ret->internal->rstate = s->internal->rstate;
2549 2549
2550 /* 2550 /*
@@ -2804,13 +2804,13 @@ void (*SSL_get_info_callback(const SSL *ssl))(const SSL *ssl, int type, int val)
2804int 2804int
2805SSL_state(const SSL *ssl) 2805SSL_state(const SSL *ssl)
2806{ 2806{
2807 return (ssl->internal->state); 2807 return (S3I(ssl)->hs.state);
2808} 2808}
2809 2809
2810void 2810void
2811SSL_set_state(SSL *ssl, int state) 2811SSL_set_state(SSL *ssl, int state)
2812{ 2812{
2813 ssl->internal->state = state; 2813 S3I(ssl)->hs.state = state;
2814} 2814}
2815 2815
2816void 2816void
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 410fc04688..8f1721ce5a 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.180 2017/05/06 22:24:58 beck Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.181 2017/05/07 04:22:24 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -432,6 +432,9 @@ typedef struct ssl_session_internal_st {
432#define SSI(s) (s->session->internal) 432#define SSI(s) (s->session->internal)
433 433
434typedef struct ssl_handshake_st { 434typedef struct ssl_handshake_st {
435 /* state contains one of the SSL3_ST_* values. */
436 int state;
437
435 /* used when SSL_ST_FLUSH_DATA is entered */ 438 /* used when SSL_ST_FLUSH_DATA is entered */
436 int next_state; 439 int next_state;
437 440
@@ -776,7 +779,6 @@ typedef struct ssl_internal_st {
776 * 2 if we are a server and are inside a handshake 779 * 2 if we are a server and are inside a handshake
777 * (i.e. not just sending a HelloRequest) */ 780 * (i.e. not just sending a HelloRequest) */
778 781
779 int state; /* where we are */
780 int rstate; /* where we are when reading */ 782 int rstate; /* where we are when reading */
781 783
782 int mac_packet; 784 int mac_packet;
@@ -1379,9 +1381,9 @@ int ssl3_cbc_digest_record(const EVP_MD_CTX *ctx, unsigned char *md_out,
1379 unsigned mac_secret_length); 1381 unsigned mac_secret_length);
1380int SSL_state_func_code(int _state); 1382int SSL_state_func_code(int _state);
1381 1383
1382#define SSLerror(s, r) ERR_PUT_error(ERR_LIB_SSL, \ 1384#define SSLerror(s, r) SSL_error_internal(s, r, __FILE__, __LINE__)
1383 (SSL_state_func_code(s->internal->state)),(r),__FILE__,__LINE__)
1384#define SSLerrorx(r) ERR_PUT_error(ERR_LIB_SSL,(0xfff),(r),__FILE__,__LINE__) 1385#define SSLerrorx(r) ERR_PUT_error(ERR_LIB_SSL,(0xfff),(r),__FILE__,__LINE__)
1386void SSL_error_internal(const SSL *s, int r, char *f, int l);
1385 1387
1386__END_HIDDEN_DECLS 1388__END_HIDDEN_DECLS
1387 1389
diff --git a/src/lib/libssl/ssl_pkt.c b/src/lib/libssl/ssl_pkt.c
index 953f3c118f..163b0292af 100644
--- a/src/lib/libssl/ssl_pkt.c
+++ b/src/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_pkt.c,v 1.11 2017/05/06 22:24:58 beck Exp $ */ 1/* $OpenBSD: ssl_pkt.c,v 1.12 2017/05/07 04:22:24 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -728,7 +728,7 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf,
728 /* Some servers hang if iniatial client hello is larger than 256 728 /* Some servers hang if iniatial client hello is larger than 256
729 * bytes and record version number > TLS 1.0 729 * bytes and record version number > TLS 1.0
730 */ 730 */
731 if (s->internal->state == SSL3_ST_CW_CLNT_HELLO_B && !s->internal->renegotiate && 731 if (S3I(s)->hs.state == SSL3_ST_CW_CLNT_HELLO_B && !s->internal->renegotiate &&
732 TLS1_get_version(s) > TLS1_VERSION) 732 TLS1_get_version(s) > TLS1_VERSION)
733 *(p++) = 0x1; 733 *(p++) = 0x1;
734 else 734 else
@@ -1266,9 +1266,9 @@ start:
1266 1266
1267 /* Unexpected handshake message (Client Hello, or protocol violation) */ 1267 /* Unexpected handshake message (Client Hello, or protocol violation) */
1268 if ((S3I(s)->handshake_fragment_len >= 4) && !s->internal->in_handshake) { 1268 if ((S3I(s)->handshake_fragment_len >= 4) && !s->internal->in_handshake) {
1269 if (((s->internal->state&SSL_ST_MASK) == SSL_ST_OK) && 1269 if (((S3I(s)->hs.state&SSL_ST_MASK) == SSL_ST_OK) &&
1270 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) { 1270 !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) {
1271 s->internal->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT; 1271 S3I(s)->hs.state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT;
1272 s->internal->renegotiate = 1; 1272 s->internal->renegotiate = 1;
1273 s->internal->new_session = 1; 1273 s->internal->new_session = 1;
1274 } 1274 }
@@ -1326,12 +1326,12 @@ start:
1326 */ 1326 */
1327 if (S3I(s)->in_read_app_data && 1327 if (S3I(s)->in_read_app_data &&
1328 (S3I(s)->total_renegotiations != 0) && 1328 (S3I(s)->total_renegotiations != 0) &&
1329 (((s->internal->state & SSL_ST_CONNECT) && 1329 (((S3I(s)->hs.state & SSL_ST_CONNECT) &&
1330 (s->internal->state >= SSL3_ST_CW_CLNT_HELLO_A) && 1330 (S3I(s)->hs.state >= SSL3_ST_CW_CLNT_HELLO_A) &&
1331 (s->internal->state <= SSL3_ST_CR_SRVR_HELLO_A)) || 1331 (S3I(s)->hs.state <= SSL3_ST_CR_SRVR_HELLO_A)) ||
1332 ((s->internal->state & SSL_ST_ACCEPT) && 1332 ((S3I(s)->hs.state & SSL_ST_ACCEPT) &&
1333 (s->internal->state <= SSL3_ST_SW_HELLO_REQ_A) && 1333 (S3I(s)->hs.state <= SSL3_ST_SW_HELLO_REQ_A) &&
1334 (s->internal->state >= SSL3_ST_SR_CLNT_HELLO_A)))) { 1334 (S3I(s)->hs.state >= SSL3_ST_SR_CLNT_HELLO_A)))) {
1335 S3I(s)->in_read_app_data = 2; 1335 S3I(s)->in_read_app_data = 2;
1336 return (-1); 1336 return (-1);
1337 } else { 1337 } else {
@@ -1355,7 +1355,7 @@ ssl3_do_change_cipher_spec(SSL *s)
1355 const char *sender; 1355 const char *sender;
1356 int slen; 1356 int slen;
1357 1357
1358 if (s->internal->state & SSL_ST_ACCEPT) 1358 if (S3I(s)->hs.state & SSL_ST_ACCEPT)
1359 i = SSL3_CHANGE_CIPHER_SERVER_READ; 1359 i = SSL3_CHANGE_CIPHER_SERVER_READ;
1360 else 1360 else
1361 i = SSL3_CHANGE_CIPHER_CLIENT_READ; 1361 i = SSL3_CHANGE_CIPHER_CLIENT_READ;
@@ -1378,7 +1378,7 @@ ssl3_do_change_cipher_spec(SSL *s)
1378 /* we have to record the message digest at 1378 /* we have to record the message digest at
1379 * this point so we can get it before we read 1379 * this point so we can get it before we read
1380 * the finished message */ 1380 * the finished message */
1381 if (s->internal->state & SSL_ST_CONNECT) { 1381 if (S3I(s)->hs.state & SSL_ST_CONNECT) {
1382 sender = TLS_MD_SERVER_FINISH_CONST; 1382 sender = TLS_MD_SERVER_FINISH_CONST;
1383 slen = TLS_MD_SERVER_FINISH_CONST_SIZE; 1383 slen = TLS_MD_SERVER_FINISH_CONST_SIZE;
1384 } else { 1384 } else {
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 35a9ace527..730d4ed1ad 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_srvr.c,v 1.16 2017/05/06 22:24:58 beck Exp $ */ 1/* $OpenBSD: ssl_srvr.c,v 1.17 2017/05/07 04:22:24 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -195,12 +195,12 @@ ssl3_accept(SSL *s)
195 } 195 }
196 196
197 for (;;) { 197 for (;;) {
198 state = s->internal->state; 198 state = S3I(s)->hs.state;
199 199
200 switch (s->internal->state) { 200 switch (S3I(s)->hs.state) {
201 case SSL_ST_RENEGOTIATE: 201 case SSL_ST_RENEGOTIATE:
202 s->internal->renegotiate = 1; 202 s->internal->renegotiate = 1;
203 /* s->internal->state=SSL_ST_ACCEPT; */ 203 /* S3I(s)->hs.state=SSL_ST_ACCEPT; */
204 204
205 case SSL_ST_BEFORE: 205 case SSL_ST_BEFORE:
206 case SSL_ST_ACCEPT: 206 case SSL_ST_ACCEPT:
@@ -229,7 +229,7 @@ ssl3_accept(SSL *s)
229 229
230 s->internal->init_num = 0; 230 s->internal->init_num = 0;
231 231
232 if (s->internal->state != SSL_ST_RENEGOTIATE) { 232 if (S3I(s)->hs.state != SSL_ST_RENEGOTIATE) {
233 /* 233 /*
234 * Ok, we now need to push on a buffering BIO 234 * Ok, we now need to push on a buffering BIO
235 * so that the output is sent in a way that 235 * so that the output is sent in a way that
@@ -245,7 +245,7 @@ ssl3_accept(SSL *s)
245 goto end; 245 goto end;
246 } 246 }
247 247
248 s->internal->state = SSL3_ST_SR_CLNT_HELLO_A; 248 S3I(s)->hs.state = SSL3_ST_SR_CLNT_HELLO_A;
249 s->ctx->internal->stats.sess_accept++; 249 s->ctx->internal->stats.sess_accept++;
250 } else if (!S3I(s)->send_connection_binding) { 250 } else if (!S3I(s)->send_connection_binding) {
251 /* 251 /*
@@ -260,11 +260,11 @@ ssl3_accept(SSL *s)
260 goto end; 260 goto end;
261 } else { 261 } else {
262 /* 262 /*
263 * s->internal->state == SSL_ST_RENEGOTIATE, 263 * S3I(s)->hs.state == SSL_ST_RENEGOTIATE,
264 * we will just send a HelloRequest 264 * we will just send a HelloRequest
265 */ 265 */
266 s->ctx->internal->stats.sess_accept_renegotiate++; 266 s->ctx->internal->stats.sess_accept_renegotiate++;
267 s->internal->state = SSL3_ST_SW_HELLO_REQ_A; 267 S3I(s)->hs.state = SSL3_ST_SW_HELLO_REQ_A;
268 } 268 }
269 break; 269 break;
270 270
@@ -276,7 +276,7 @@ ssl3_accept(SSL *s)
276 if (ret <= 0) 276 if (ret <= 0)
277 goto end; 277 goto end;
278 S3I(s)->hs.next_state = SSL3_ST_SW_HELLO_REQ_C; 278 S3I(s)->hs.next_state = SSL3_ST_SW_HELLO_REQ_C;
279 s->internal->state = SSL3_ST_SW_FLUSH; 279 S3I(s)->hs.state = SSL3_ST_SW_FLUSH;
280 s->internal->init_num = 0; 280 s->internal->init_num = 0;
281 281
282 if (!tls1_init_finished_mac(s)) { 282 if (!tls1_init_finished_mac(s)) {
@@ -286,7 +286,7 @@ ssl3_accept(SSL *s)
286 break; 286 break;
287 287
288 case SSL3_ST_SW_HELLO_REQ_C: 288 case SSL3_ST_SW_HELLO_REQ_C:
289 s->internal->state = SSL_ST_OK; 289 S3I(s)->hs.state = SSL_ST_OK;
290 break; 290 break;
291 291
292 case SSL3_ST_SR_CLNT_HELLO_A: 292 case SSL3_ST_SR_CLNT_HELLO_A:
@@ -301,7 +301,7 @@ ssl3_accept(SSL *s)
301 } 301 }
302 302
303 s->internal->renegotiate = 2; 303 s->internal->renegotiate = 2;
304 s->internal->state = SSL3_ST_SW_SRVR_HELLO_A; 304 S3I(s)->hs.state = SSL3_ST_SW_SRVR_HELLO_A;
305 s->internal->init_num = 0; 305 s->internal->init_num = 0;
306 break; 306 break;
307 307
@@ -312,12 +312,12 @@ ssl3_accept(SSL *s)
312 goto end; 312 goto end;
313 if (s->internal->hit) { 313 if (s->internal->hit) {
314 if (s->internal->tlsext_ticket_expected) 314 if (s->internal->tlsext_ticket_expected)
315 s->internal->state = SSL3_ST_SW_SESSION_TICKET_A; 315 S3I(s)->hs.state = SSL3_ST_SW_SESSION_TICKET_A;
316 else 316 else
317 s->internal->state = SSL3_ST_SW_CHANGE_A; 317 S3I(s)->hs.state = SSL3_ST_SW_CHANGE_A;
318 } 318 }
319 else 319 else
320 s->internal->state = SSL3_ST_SW_CERT_A; 320 S3I(s)->hs.state = SSL3_ST_SW_CERT_A;
321 s->internal->init_num = 0; 321 s->internal->init_num = 0;
322 break; 322 break;
323 323
@@ -330,12 +330,12 @@ ssl3_accept(SSL *s)
330 if (ret <= 0) 330 if (ret <= 0)
331 goto end; 331 goto end;
332 if (s->internal->tlsext_status_expected) 332 if (s->internal->tlsext_status_expected)
333 s->internal->state = SSL3_ST_SW_CERT_STATUS_A; 333 S3I(s)->hs.state = SSL3_ST_SW_CERT_STATUS_A;
334 else 334 else
335 s->internal->state = SSL3_ST_SW_KEY_EXCH_A; 335 S3I(s)->hs.state = SSL3_ST_SW_KEY_EXCH_A;
336 } else { 336 } else {
337 skip = 1; 337 skip = 1;
338 s->internal->state = SSL3_ST_SW_KEY_EXCH_A; 338 S3I(s)->hs.state = SSL3_ST_SW_KEY_EXCH_A;
339 } 339 }
340 s->internal->init_num = 0; 340 s->internal->init_num = 0;
341 break; 341 break;
@@ -359,7 +359,7 @@ ssl3_accept(SSL *s)
359 } else 359 } else
360 skip = 1; 360 skip = 1;
361 361
362 s->internal->state = SSL3_ST_SW_CERT_REQ_A; 362 S3I(s)->hs.state = SSL3_ST_SW_CERT_REQ_A;
363 s->internal->init_num = 0; 363 s->internal->init_num = 0;
364 break; 364 break;
365 365
@@ -391,7 +391,7 @@ ssl3_accept(SSL *s)
391 /* No cert request */ 391 /* No cert request */
392 skip = 1; 392 skip = 1;
393 S3I(s)->tmp.cert_request = 0; 393 S3I(s)->tmp.cert_request = 0;
394 s->internal->state = SSL3_ST_SW_SRVR_DONE_A; 394 S3I(s)->hs.state = SSL3_ST_SW_SRVR_DONE_A;
395 if (S3I(s)->handshake_buffer) { 395 if (S3I(s)->handshake_buffer) {
396 if (!tls1_digest_cached_records(s)) { 396 if (!tls1_digest_cached_records(s)) {
397 ret = -1; 397 ret = -1;
@@ -403,7 +403,7 @@ ssl3_accept(SSL *s)
403 ret = ssl3_send_certificate_request(s); 403 ret = ssl3_send_certificate_request(s);
404 if (ret <= 0) 404 if (ret <= 0)
405 goto end; 405 goto end;
406 s->internal->state = SSL3_ST_SW_SRVR_DONE_A; 406 S3I(s)->hs.state = SSL3_ST_SW_SRVR_DONE_A;
407 s->internal->init_num = 0; 407 s->internal->init_num = 0;
408 } 408 }
409 break; 409 break;
@@ -414,7 +414,7 @@ ssl3_accept(SSL *s)
414 if (ret <= 0) 414 if (ret <= 0)
415 goto end; 415 goto end;
416 S3I(s)->hs.next_state = SSL3_ST_SR_CERT_A; 416 S3I(s)->hs.next_state = SSL3_ST_SR_CERT_A;
417 s->internal->state = SSL3_ST_SW_FLUSH; 417 S3I(s)->hs.state = SSL3_ST_SW_FLUSH;
418 s->internal->init_num = 0; 418 s->internal->init_num = 0;
419 break; 419 break;
420 420
@@ -438,7 +438,7 @@ ssl3_accept(SSL *s)
438 } 438 }
439 s->internal->rwstate = SSL_NOTHING; 439 s->internal->rwstate = SSL_NOTHING;
440 440
441 s->internal->state = S3I(s)->hs.next_state; 441 S3I(s)->hs.state = S3I(s)->hs.next_state;
442 break; 442 break;
443 443
444 case SSL3_ST_SR_CERT_A: 444 case SSL3_ST_SR_CERT_A:
@@ -449,7 +449,7 @@ ssl3_accept(SSL *s)
449 goto end; 449 goto end;
450 } 450 }
451 s->internal->init_num = 0; 451 s->internal->init_num = 0;
452 s->internal->state = SSL3_ST_SR_KEY_EXCH_A; 452 S3I(s)->hs.state = SSL3_ST_SR_KEY_EXCH_A;
453 break; 453 break;
454 454
455 case SSL3_ST_SR_KEY_EXCH_A: 455 case SSL3_ST_SR_KEY_EXCH_A:
@@ -469,12 +469,12 @@ ssl3_accept(SSL *s)
469 * for key exchange. 469 * for key exchange.
470 */ 470 */
471 if (S3I(s)->next_proto_neg_seen) 471 if (S3I(s)->next_proto_neg_seen)
472 s->internal->state = SSL3_ST_SR_NEXT_PROTO_A; 472 S3I(s)->hs.state = SSL3_ST_SR_NEXT_PROTO_A;
473 else 473 else
474 s->internal->state = SSL3_ST_SR_FINISHED_A; 474 S3I(s)->hs.state = SSL3_ST_SR_FINISHED_A;
475 s->internal->init_num = 0; 475 s->internal->init_num = 0;
476 } else if (SSL_USE_SIGALGS(s) || (alg_k & SSL_kGOST)) { 476 } else if (SSL_USE_SIGALGS(s) || (alg_k & SSL_kGOST)) {
477 s->internal->state = SSL3_ST_SR_CERT_VRFY_A; 477 S3I(s)->hs.state = SSL3_ST_SR_CERT_VRFY_A;
478 s->internal->init_num = 0; 478 s->internal->init_num = 0;
479 if (!s->session->peer) 479 if (!s->session->peer)
480 break; 480 break;
@@ -493,7 +493,7 @@ ssl3_accept(SSL *s)
493 goto end; 493 goto end;
494 } 494 }
495 } else { 495 } else {
496 s->internal->state = SSL3_ST_SR_CERT_VRFY_A; 496 S3I(s)->hs.state = SSL3_ST_SR_CERT_VRFY_A;
497 s->internal->init_num = 0; 497 s->internal->init_num = 0;
498 498
499 /* 499 /*
@@ -526,9 +526,9 @@ ssl3_accept(SSL *s)
526 goto end; 526 goto end;
527 527
528 if (S3I(s)->next_proto_neg_seen) 528 if (S3I(s)->next_proto_neg_seen)
529 s->internal->state = SSL3_ST_SR_NEXT_PROTO_A; 529 S3I(s)->hs.state = SSL3_ST_SR_NEXT_PROTO_A;
530 else 530 else
531 s->internal->state = SSL3_ST_SR_FINISHED_A; 531 S3I(s)->hs.state = SSL3_ST_SR_FINISHED_A;
532 s->internal->init_num = 0; 532 s->internal->init_num = 0;
533 break; 533 break;
534 534
@@ -538,7 +538,7 @@ ssl3_accept(SSL *s)
538 if (ret <= 0) 538 if (ret <= 0)
539 goto end; 539 goto end;
540 s->internal->init_num = 0; 540 s->internal->init_num = 0;
541 s->internal->state = SSL3_ST_SR_FINISHED_A; 541 S3I(s)->hs.state = SSL3_ST_SR_FINISHED_A;
542 break; 542 break;
543 543
544 case SSL3_ST_SR_FINISHED_A: 544 case SSL3_ST_SR_FINISHED_A:
@@ -549,11 +549,11 @@ ssl3_accept(SSL *s)
549 if (ret <= 0) 549 if (ret <= 0)
550 goto end; 550 goto end;
551 if (s->internal->hit) 551 if (s->internal->hit)
552 s->internal->state = SSL_ST_OK; 552 S3I(s)->hs.state = SSL_ST_OK;
553 else if (s->internal->tlsext_ticket_expected) 553 else if (s->internal->tlsext_ticket_expected)
554 s->internal->state = SSL3_ST_SW_SESSION_TICKET_A; 554 S3I(s)->hs.state = SSL3_ST_SW_SESSION_TICKET_A;
555 else 555 else
556 s->internal->state = SSL3_ST_SW_CHANGE_A; 556 S3I(s)->hs.state = SSL3_ST_SW_CHANGE_A;
557 s->internal->init_num = 0; 557 s->internal->init_num = 0;
558 break; 558 break;
559 559
@@ -562,7 +562,7 @@ ssl3_accept(SSL *s)
562 ret = ssl3_send_newsession_ticket(s); 562 ret = ssl3_send_newsession_ticket(s);
563 if (ret <= 0) 563 if (ret <= 0)
564 goto end; 564 goto end;
565 s->internal->state = SSL3_ST_SW_CHANGE_A; 565 S3I(s)->hs.state = SSL3_ST_SW_CHANGE_A;
566 s->internal->init_num = 0; 566 s->internal->init_num = 0;
567 break; 567 break;
568 568
@@ -571,7 +571,7 @@ ssl3_accept(SSL *s)
571 ret = ssl3_send_cert_status(s); 571 ret = ssl3_send_cert_status(s);
572 if (ret <= 0) 572 if (ret <= 0)
573 goto end; 573 goto end;
574 s->internal->state = SSL3_ST_SW_KEY_EXCH_A; 574 S3I(s)->hs.state = SSL3_ST_SW_KEY_EXCH_A;
575 s->internal->init_num = 0; 575 s->internal->init_num = 0;
576 break; 576 break;
577 577
@@ -590,7 +590,7 @@ ssl3_accept(SSL *s)
590 590
591 if (ret <= 0) 591 if (ret <= 0)
592 goto end; 592 goto end;
593 s->internal->state = SSL3_ST_SW_FINISHED_A; 593 S3I(s)->hs.state = SSL3_ST_SW_FINISHED_A;
594 s->internal->init_num = 0; 594 s->internal->init_num = 0;
595 595
596 if (!tls1_change_cipher_state( 596 if (!tls1_change_cipher_state(
@@ -609,7 +609,7 @@ ssl3_accept(SSL *s)
609 TLS_MD_SERVER_FINISH_CONST_SIZE); 609 TLS_MD_SERVER_FINISH_CONST_SIZE);
610 if (ret <= 0) 610 if (ret <= 0)
611 goto end; 611 goto end;
612 s->internal->state = SSL3_ST_SW_FLUSH; 612 S3I(s)->hs.state = SSL3_ST_SW_FLUSH;
613 if (s->internal->hit) { 613 if (s->internal->hit) {
614 if (S3I(s)->next_proto_neg_seen) { 614 if (S3I(s)->next_proto_neg_seen) {
615 s->s3->flags |= SSL3_FLAGS_CCS_OK; 615 s->s3->flags |= SSL3_FLAGS_CCS_OK;
@@ -668,11 +668,11 @@ ssl3_accept(SSL *s)
668 } 668 }
669 669
670 670
671 if ((cb != NULL) && (s->internal->state != state)) { 671 if ((cb != NULL) && (S3I(s)->hs.state != state)) {
672 new_state = s->internal->state; 672 new_state = S3I(s)->hs.state;
673 s->internal->state = state; 673 S3I(s)->hs.state = state;
674 cb(s, SSL_CB_ACCEPT_LOOP, 1); 674 cb(s, SSL_CB_ACCEPT_LOOP, 1);
675 s->internal->state = new_state; 675 S3I(s)->hs.state = new_state;
676 } 676 }
677 } 677 }
678 skip = 0; 678 skip = 0;
@@ -693,14 +693,14 @@ ssl3_send_hello_request(SSL *s)
693 693
694 memset(&cbb, 0, sizeof(cbb)); 694 memset(&cbb, 0, sizeof(cbb));
695 695
696 if (s->internal->state == SSL3_ST_SW_HELLO_REQ_A) { 696 if (S3I(s)->hs.state == SSL3_ST_SW_HELLO_REQ_A) {
697 if (!ssl3_handshake_msg_start_cbb(s, &cbb, &hello, 697 if (!ssl3_handshake_msg_start_cbb(s, &cbb, &hello,
698 SSL3_MT_HELLO_REQUEST)) 698 SSL3_MT_HELLO_REQUEST))
699 goto err; 699 goto err;
700 if (!ssl3_handshake_msg_finish_cbb(s, &cbb)) 700 if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
701 goto err; 701 goto err;
702 702
703 s->internal->state = SSL3_ST_SW_HELLO_REQ_B; 703 S3I(s)->hs.state = SSL3_ST_SW_HELLO_REQ_B;
704 } 704 }
705 705
706 /* SSL3_ST_SW_HELLO_REQ_B */ 706 /* SSL3_ST_SW_HELLO_REQ_B */
@@ -738,8 +738,8 @@ ssl3_get_client_hello(SSL *s)
738 * If we are SSLv3, we will respond with SSLv3, even if prompted with 738 * If we are SSLv3, we will respond with SSLv3, even if prompted with
739 * TLSv1. 739 * TLSv1.
740 */ 740 */
741 if (s->internal->state == SSL3_ST_SR_CLNT_HELLO_A) { 741 if (S3I(s)->hs.state == SSL3_ST_SR_CLNT_HELLO_A) {
742 s->internal->state = SSL3_ST_SR_CLNT_HELLO_B; 742 S3I(s)->hs.state = SSL3_ST_SR_CLNT_HELLO_B;
743 } 743 }
744 744
745 s->internal->first_packet = 1; 745 s->internal->first_packet = 1;
@@ -1087,7 +1087,7 @@ ssl3_send_server_hello(SSL *s)
1087 1087
1088 bufend = (unsigned char *)s->internal->init_buf->data + SSL3_RT_MAX_PLAIN_LENGTH; 1088 bufend = (unsigned char *)s->internal->init_buf->data + SSL3_RT_MAX_PLAIN_LENGTH;
1089 1089
1090 if (s->internal->state == SSL3_ST_SW_SRVR_HELLO_A) { 1090 if (S3I(s)->hs.state == SSL3_ST_SW_SRVR_HELLO_A) {
1091 d = p = ssl3_handshake_msg_start(s, SSL3_MT_SERVER_HELLO); 1091 d = p = ssl3_handshake_msg_start(s, SSL3_MT_SERVER_HELLO);
1092 1092
1093 if (!CBB_init_fixed(&cbb, p, bufend - p)) 1093 if (!CBB_init_fixed(&cbb, p, bufend - p))
@@ -1169,14 +1169,14 @@ ssl3_send_server_done(SSL *s)
1169 1169
1170 memset(&cbb, 0, sizeof(cbb)); 1170 memset(&cbb, 0, sizeof(cbb));
1171 1171
1172 if (s->internal->state == SSL3_ST_SW_SRVR_DONE_A) { 1172 if (S3I(s)->hs.state == SSL3_ST_SW_SRVR_DONE_A) {
1173 if (!ssl3_handshake_msg_start_cbb(s, &cbb, &done, 1173 if (!ssl3_handshake_msg_start_cbb(s, &cbb, &done,
1174 SSL3_MT_SERVER_DONE)) 1174 SSL3_MT_SERVER_DONE))
1175 goto err; 1175 goto err;
1176 if (!ssl3_handshake_msg_finish_cbb(s, &cbb)) 1176 if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
1177 goto err; 1177 goto err;
1178 1178
1179 s->internal->state = SSL3_ST_SW_SRVR_DONE_B; 1179 S3I(s)->hs.state = SSL3_ST_SW_SRVR_DONE_B;
1180 } 1180 }
1181 1181
1182 /* SSL3_ST_SW_SRVR_DONE_B */ 1182 /* SSL3_ST_SW_SRVR_DONE_B */
@@ -1457,7 +1457,7 @@ ssl3_send_server_key_exchange(SSL *s)
1457 memset(&cbb, 0, sizeof(cbb)); 1457 memset(&cbb, 0, sizeof(cbb));
1458 1458
1459 EVP_MD_CTX_init(&md_ctx); 1459 EVP_MD_CTX_init(&md_ctx);
1460 if (s->internal->state == SSL3_ST_SW_KEY_EXCH_A) { 1460 if (S3I(s)->hs.state == SSL3_ST_SW_KEY_EXCH_A) {
1461 type = S3I(s)->hs.new_cipher->algorithm_mkey; 1461 type = S3I(s)->hs.new_cipher->algorithm_mkey;
1462 1462
1463 buf = s->internal->init_buf; 1463 buf = s->internal->init_buf;
@@ -1576,7 +1576,7 @@ ssl3_send_server_key_exchange(SSL *s)
1576 ssl3_handshake_msg_finish(s, n); 1576 ssl3_handshake_msg_finish(s, n);
1577 } 1577 }
1578 1578
1579 s->internal->state = SSL3_ST_SW_KEY_EXCH_B; 1579 S3I(s)->hs.state = SSL3_ST_SW_KEY_EXCH_B;
1580 1580
1581 EVP_MD_CTX_cleanup(&md_ctx); 1581 EVP_MD_CTX_cleanup(&md_ctx);
1582 1582
@@ -1601,7 +1601,7 @@ ssl3_send_certificate_request(SSL *s)
1601 X509_NAME *name; 1601 X509_NAME *name;
1602 BUF_MEM *buf; 1602 BUF_MEM *buf;
1603 1603
1604 if (s->internal->state == SSL3_ST_SW_CERT_REQ_A) { 1604 if (S3I(s)->hs.state == SSL3_ST_SW_CERT_REQ_A) {
1605 buf = s->internal->init_buf; 1605 buf = s->internal->init_buf;
1606 1606
1607 d = p = ssl3_handshake_msg_start(s, 1607 d = p = ssl3_handshake_msg_start(s,
@@ -1652,7 +1652,7 @@ ssl3_send_certificate_request(SSL *s)
1652 1652
1653 ssl3_handshake_msg_finish(s, n); 1653 ssl3_handshake_msg_finish(s, n);
1654 1654
1655 s->internal->state = SSL3_ST_SW_CERT_REQ_B; 1655 S3I(s)->hs.state = SSL3_ST_SW_CERT_REQ_B;
1656 } 1656 }
1657 1657
1658 /* SSL3_ST_SW_CERT_REQ_B */ 1658 /* SSL3_ST_SW_CERT_REQ_B */
@@ -2539,7 +2539,7 @@ ssl3_send_server_certificate(SSL *s)
2539 2539
2540 memset(&cbb, 0, sizeof(cbb)); 2540 memset(&cbb, 0, sizeof(cbb));
2541 2541
2542 if (s->internal->state == SSL3_ST_SW_CERT_A) { 2542 if (S3I(s)->hs.state == SSL3_ST_SW_CERT_A) {
2543 if ((x = ssl_get_server_send_cert(s)) == NULL) { 2543 if ((x = ssl_get_server_send_cert(s)) == NULL) {
2544 SSLerror(s, ERR_R_INTERNAL_ERROR); 2544 SSLerror(s, ERR_R_INTERNAL_ERROR);
2545 return (0); 2545 return (0);
@@ -2553,7 +2553,7 @@ ssl3_send_server_certificate(SSL *s)
2553 if (!ssl3_handshake_msg_finish_cbb(s, &cbb)) 2553 if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
2554 goto err; 2554 goto err;
2555 2555
2556 s->internal->state = SSL3_ST_SW_CERT_B; 2556 S3I(s)->hs.state = SSL3_ST_SW_CERT_B;
2557 } 2557 }
2558 2558
2559 /* SSL3_ST_SW_CERT_B */ 2559 /* SSL3_ST_SW_CERT_B */
@@ -2581,7 +2581,7 @@ ssl3_send_newsession_ticket(SSL *s)
2581 unsigned char iv[EVP_MAX_IV_LENGTH]; 2581 unsigned char iv[EVP_MAX_IV_LENGTH];
2582 unsigned char key_name[16]; 2582 unsigned char key_name[16];
2583 2583
2584 if (s->internal->state == SSL3_ST_SW_SESSION_TICKET_A) { 2584 if (S3I(s)->hs.state == SSL3_ST_SW_SESSION_TICKET_A) {
2585 /* get session encoding length */ 2585 /* get session encoding length */
2586 slen_full = i2d_SSL_SESSION(s->session, NULL); 2586 slen_full = i2d_SSL_SESSION(s->session, NULL);
2587 /* 2587 /*
@@ -2694,7 +2694,7 @@ ssl3_send_newsession_ticket(SSL *s)
2694 2694
2695 ssl3_handshake_msg_finish(s, len); 2695 ssl3_handshake_msg_finish(s, len);
2696 2696
2697 s->internal->state = SSL3_ST_SW_SESSION_TICKET_B; 2697 S3I(s)->hs.state = SSL3_ST_SW_SESSION_TICKET_B;
2698 2698
2699 freezero(senc, slen_full); 2699 freezero(senc, slen_full);
2700 } 2700 }
@@ -2715,7 +2715,7 @@ ssl3_send_cert_status(SSL *s)
2715 2715
2716 memset(&cbb, 0, sizeof(cbb)); 2716 memset(&cbb, 0, sizeof(cbb));
2717 2717
2718 if (s->internal->state == SSL3_ST_SW_CERT_STATUS_A) { 2718 if (S3I(s)->hs.state == SSL3_ST_SW_CERT_STATUS_A) {
2719 if (!ssl3_handshake_msg_start_cbb(s, &cbb, &certstatus, 2719 if (!ssl3_handshake_msg_start_cbb(s, &cbb, &certstatus,
2720 SSL3_MT_CERTIFICATE_STATUS)) 2720 SSL3_MT_CERTIFICATE_STATUS))
2721 goto err; 2721 goto err;
@@ -2729,7 +2729,7 @@ ssl3_send_cert_status(SSL *s)
2729 if (!ssl3_handshake_msg_finish_cbb(s, &cbb)) 2729 if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
2730 goto err; 2730 goto err;
2731 2731
2732 s->internal->state = SSL3_ST_SW_CERT_STATUS_B; 2732 S3I(s)->hs.state = SSL3_ST_SW_CERT_STATUS_B;
2733 } 2733 }
2734 2734
2735 /* SSL3_ST_SW_CERT_STATUS_B */ 2735 /* SSL3_ST_SW_CERT_STATUS_B */
@@ -2769,7 +2769,7 @@ ssl3_get_next_proto(SSL *s)
2769 return ((int)n); 2769 return ((int)n);
2770 2770
2771 /* 2771 /*
2772 * s->internal->state doesn't reflect whether ChangeCipherSpec has been received 2772 * S3I(s)->hs.state doesn't reflect whether ChangeCipherSpec has been received
2773 * in this handshake, but S3I(s)->change_cipher_spec does (will be reset 2773 * in this handshake, but S3I(s)->change_cipher_spec does (will be reset
2774 * by ssl3_get_finished). 2774 * by ssl3_get_finished).
2775 */ 2775 */
diff --git a/src/lib/libssl/ssl_stat.c b/src/lib/libssl/ssl_stat.c
index 4f93781f72..6b26d4c915 100644
--- a/src/lib/libssl/ssl_stat.c
+++ b/src/lib/libssl/ssl_stat.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_stat.c,v 1.13 2017/01/23 08:48:45 beck Exp $ */ 1/* $OpenBSD: ssl_stat.c,v 1.14 2017/05/07 04:22:24 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -91,7 +91,7 @@ SSL_state_string_long(const SSL *s)
91{ 91{
92 const char *str; 92 const char *str;
93 93
94 switch (s->internal->state) { 94 switch (S3I(s)->hs.state) {
95 case SSL_ST_BEFORE: 95 case SSL_ST_BEFORE:
96 str = "before SSL initialization"; 96 str = "before SSL initialization";
97 break; 97 break;
@@ -347,7 +347,7 @@ SSL_state_string(const SSL *s)
347{ 347{
348 const char *str; 348 const char *str;
349 349
350 switch (s->internal->state) { 350 switch (S3I(s)->hs.state) {
351 case SSL_ST_BEFORE: 351 case SSL_ST_BEFORE:
352 str = "PINIT "; 352 str = "PINIT ";
353 break; 353 break;
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 2cb47a215c..eb2314ac26 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_lib.c,v 1.116 2017/05/06 22:24:58 beck Exp $ */ 1/* $OpenBSD: t1_lib.c,v 1.117 2017/05/07 04:22:24 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -967,7 +967,7 @@ skip_ext:
967 * includes the 5-byte record header in the buffer, while the 967 * includes the 5-byte record header in the buffer, while the
968 * code in s3_clnt.c does not. 968 * code in s3_clnt.c does not.
969 */ 969 */
970 if (s->internal->state == SSL23_ST_CW_CLNT_HELLO_A) 970 if (S3I(s)->hs.state == SSL23_ST_CW_CLNT_HELLO_A)
971 hlen -= 5; 971 hlen -= 5;
972 if (hlen > 0xff && hlen < 0x200) { 972 if (hlen > 0xff && hlen < 0x200) {
973 hlen = 0x200 - hlen; 973 hlen = 0x200 - hlen;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-20 20:54:24 +0000