From d7e0aa4b59fc46f038370bf8dc64821eb4a7d804 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Wed, 24 Oct 2018 18:04:50 +0000 Subject: Make more of libssl's record layer state internal. In January 2017, we changed large amounts of libssl's data structures to be non-visible/internal, however intentionally left things that the software ecosystem was needing to use. The four or so applications that reached into libssl for record layer related state now implement alternative code. As such, make these data structures internal. ok tb@ --- src/lib/libssl/d1_pkt.c | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) (limited to 'src/lib/libssl/d1_pkt.c') diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index b3104d21e7..825c1838a1 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_pkt.c,v 1.64 2018/08/24 19:35:05 jsing Exp $ */ +/* $OpenBSD: d1_pkt.c,v 1.65 2018/10/24 18:04:50 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -200,11 +200,11 @@ dtls1_copy_record(SSL *s, pitem *item) rdata = (DTLS1_RECORD_DATA *)item->data; - free(s->s3->rbuf.buf); + free(S3I(s)->rbuf.buf); s->internal->packet = rdata->packet; s->internal->packet_length = rdata->packet_length; - memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER)); + memcpy(&(S3I(s)->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER)); memcpy(&(S3I(s)->rrec), &(rdata->rrec), sizeof(SSL3_RECORD)); /* Set proper sequence number for mac calculation */ @@ -231,7 +231,7 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) rdata->packet = s->internal->packet; rdata->packet_length = s->internal->packet_length; - memcpy(&(rdata->rbuf), &(s->s3->rbuf), sizeof(SSL3_BUFFER)); + memcpy(&(rdata->rbuf), &(S3I(s)->rbuf), sizeof(SSL3_BUFFER)); memcpy(&(rdata->rrec), &(S3I(s)->rrec), sizeof(SSL3_RECORD)); item->data = rdata; @@ -239,7 +239,7 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) s->internal->packet = NULL; s->internal->packet_length = 0; - memset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER)); + memset(&(S3I(s)->rbuf), 0, sizeof(SSL3_BUFFER)); memset(&(S3I(s)->rrec), 0, sizeof(SSL3_RECORD)); if (!ssl3_setup_buffers(s)) @@ -643,7 +643,7 @@ dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) SSL3_RECORD *rr; void (*cb)(const SSL *ssl, int type2, int val) = NULL; - if (s->s3->rbuf.buf == NULL) /* Not initialized yet */ + if (S3I(s)->rbuf.buf == NULL) /* Not initialized yet */ if (!ssl3_setup_buffers(s)) return (-1); @@ -880,7 +880,7 @@ start: } if (!(s->internal->mode & SSL_MODE_AUTO_RETRY)) { - if (s->s3->rbuf.left == 0) /* no read-ahead left? */ + if (S3I(s)->rbuf.left == 0) /* no read-ahead left? */ { BIO *bio; /* In the case where we try to read application data, @@ -1035,7 +1035,7 @@ start: } if (!(s->internal->mode & SSL_MODE_AUTO_RETRY)) { - if (s->s3->rbuf.left == 0) /* no read-ahead left? */ + if (S3I(s)->rbuf.left == 0) /* no read-ahead left? */ { BIO *bio; /* In the case where we try to read application data, @@ -1188,13 +1188,13 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len) /* first check if there is a SSL3_BUFFER still being written * out. This will happen with non blocking IO */ - if (s->s3->wbuf.left != 0) { + if (S3I(s)->wbuf.left != 0) { OPENSSL_assert(0); /* XDTLS: want to see if we ever get here */ return (ssl3_write_pending(s, type, buf, len)); } /* If we have an alert to send, lets send it */ - if (s->s3->alert_dispatch) { + if (S3I(s)->alert_dispatch) { i = s->method->ssl_dispatch_alert(s); if (i <= 0) return (i); @@ -1205,7 +1205,7 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len) return 0; wr = &(S3I(s)->wrec); - wb = &(s->s3->wbuf); + wb = &(S3I(s)->wbuf); sess = s->session; if ((sess == NULL) || (s->internal->enc_write_ctx == NULL) || @@ -1382,23 +1382,23 @@ dtls1_dispatch_alert(SSL *s) unsigned char buf[DTLS1_AL_HEADER_LENGTH]; unsigned char *ptr = &buf[0]; - s->s3->alert_dispatch = 0; + S3I(s)->alert_dispatch = 0; memset(buf, 0x00, sizeof(buf)); - *ptr++ = s->s3->send_alert[0]; - *ptr++ = s->s3->send_alert[1]; + *ptr++ = S3I(s)->send_alert[0]; + *ptr++ = S3I(s)->send_alert[1]; i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf)); if (i <= 0) { - s->s3->alert_dispatch = 1; + S3I(s)->alert_dispatch = 1; /* fprintf( stderr, "not done with alert\n" ); */ } else { - if (s->s3->send_alert[0] == SSL3_AL_FATAL) + if (S3I(s)->send_alert[0] == SSL3_AL_FATAL) (void)BIO_flush(s->wbio); if (s->internal->msg_callback) s->internal->msg_callback(1, s->version, SSL3_RT_ALERT, - s->s3->send_alert, 2, s, s->internal->msg_callback_arg); + S3I(s)->send_alert, 2, s, s->internal->msg_callback_arg); if (s->internal->info_callback != NULL) cb = s->internal->info_callback; @@ -1406,7 +1406,7 @@ dtls1_dispatch_alert(SSL *s) cb = s->ctx->internal->info_callback; if (cb != NULL) { - j = (s->s3->send_alert[0]<<8)|s->s3->send_alert[1]; + j = (S3I(s)->send_alert[0]<<8)|S3I(s)->send_alert[1]; cb(s, SSL_CB_WRITE_ALERT, j); } } -- cgit v1.2.3-55-g6feb