diff options
Diffstat (limited to 'crypto/openssl/ssl/d1_pkt.c')
-rw-r--r-- | crypto/openssl/ssl/d1_pkt.c | 443 |
1 files changed, 252 insertions, 191 deletions
diff --git a/crypto/openssl/ssl/d1_pkt.c b/crypto/openssl/ssl/d1_pkt.c index 65b1ef2..987af60 100644 --- a/crypto/openssl/ssl/d1_pkt.c +++ b/crypto/openssl/ssl/d1_pkt.c @@ -122,10 +122,53 @@ #include <openssl/pqueue.h> #include <openssl/rand.h> +/* mod 128 saturating subtract of two 64-bit values in big-endian order */ +static int satsub64be(const unsigned char *v1,const unsigned char *v2) +{ int ret,sat,brw,i; + + if (sizeof(long) == 8) do + { const union { long one; char little; } is_endian = {1}; + long l; + + if (is_endian.little) break; + /* not reached on little-endians */ + /* following test is redundant, because input is + * always aligned, but I take no chances... */ + if (((size_t)v1|(size_t)v2)&0x7) break; + + l = *((long *)v1); + l -= *((long *)v2); + if (l>128) return 128; + else if (l<-128) return -128; + else return (int)l; + } while (0); + + ret = (int)v1[7]-(int)v2[7]; + sat = 0; + brw = ret>>8; /* brw is either 0 or -1 */ + if (ret & 0x80) + { for (i=6;i>=0;i--) + { brw += (int)v1[i]-(int)v2[i]; + sat |= ~brw; + brw >>= 8; + } + } + else + { for (i=6;i>=0;i--) + { brw += (int)v1[i]-(int)v2[i]; + sat |= brw; + brw >>= 8; + } + } + brw <<= 8; /* brw is either 0 or -256 */ + + if (sat&0xff) return brw | 0x80; + else return brw + (ret&0xFF); +} + static int have_handshake_fragment(SSL *s, int type, unsigned char *buf, int len, int peek); -static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap, - PQ_64BIT *seq_num); +static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap); static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap); static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch); @@ -134,11 +177,8 @@ static int dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr, unsigned short *priority, unsigned long *offset); #endif static int dtls1_buffer_record(SSL *s, record_pqueue *q, - PQ_64BIT *priority); + unsigned char *priority); static int dtls1_process_record(SSL *s); -#if PQ_64BIT_IS_INTEGER -static PQ_64BIT bytes_to_long_long(unsigned char *bytes, PQ_64BIT *num); -#endif /* copy buffered record into SSL structure */ static int @@ -164,9 +204,9 @@ dtls1_copy_record(SSL *s, pitem *item) static int -dtls1_buffer_record(SSL *s, record_pqueue *queue, PQ_64BIT *priority) -{ - DTLS1_RECORD_DATA *rdata; +dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) + { + DTLS1_RECORD_DATA *rdata; pitem *item; /* Limit the size of the queue to prevent DOS attacks */ @@ -174,7 +214,7 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, PQ_64BIT *priority) return 0; rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA)); - item = pitem_new(*priority, rdata); + item = pitem_new(priority, rdata); if (rdata == NULL || item == NULL) { if (rdata != NULL) OPENSSL_free(rdata); @@ -191,6 +231,14 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, PQ_64BIT *priority) item->data = rdata; +#ifndef OPENSSL_NO_SCTP + /* Store bio_dgram_sctp_rcvinfo struct */ + if (BIO_dgram_is_sctp(SSL_get_rbio(s)) && + (s->state == SSL3_ST_SR_FINISHED_A || s->state == SSL3_ST_CR_FINISHED_A)) { + BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_GET_RCVINFO, sizeof(rdata->recordinfo), &rdata->recordinfo); + } +#endif + /* insert should not fail, since duplicates are dropped */ if (pqueue_insert(queue->q, item) == NULL) { @@ -213,7 +261,7 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, PQ_64BIT *priority) } return(1); - } + } static int @@ -266,7 +314,7 @@ dtls1_process_buffered_records(SSL *s) if ( ! dtls1_process_record(s)) return(0); dtls1_buffer_record(s, &(s->d1->processed_rcds), - &s->s3->rrec.seq_num); + s->s3->rrec.seq_num); } } @@ -327,11 +375,11 @@ dtls1_get_buffered_record(SSL *s) static int dtls1_process_record(SSL *s) { - int al; + int i,al; int clear=0; - int enc_err; + int enc_err; SSL_SESSION *sess; - SSL3_RECORD *rr; + SSL3_RECORD *rr; unsigned int mac_size; unsigned char md[EVP_MAX_MD_SIZE]; int decryption_failed_or_bad_record_mac = 0; @@ -339,7 +387,7 @@ dtls1_process_record(SSL *s) rr= &(s->s3->rrec); - sess = s->session; + sess = s->session; /* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length, * and we have that many bytes in s->packet @@ -383,14 +431,18 @@ printf("\n"); #endif /* r->length is now the compressed data plus mac */ -if ( (sess == NULL) || + if ( (sess == NULL) || (s->enc_read_ctx == NULL) || (s->read_hash == NULL)) - clear=1; + clear=1; if (!clear) { - mac_size=EVP_MD_size(s->read_hash); + /* !clear => s->read_hash != NULL => mac_size != -1 */ + int t; + t=EVP_MD_CTX_size(s->read_hash); + OPENSSL_assert(t >= 0); + mac_size=t; if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+mac_size) { @@ -410,8 +462,8 @@ if ( (sess == NULL) || } else rr->length = 0; - s->method->ssl3_enc->mac(s,md,0); - if (mac == NULL || memcmp(md, mac, mac_size) != 0) + i=s->method->ssl3_enc->mac(s,md,0); + if (i < 0 || mac == NULL || memcmp(md, mac, mac_size) != 0) { decryption_failed_or_bad_record_mac = 1; } @@ -460,8 +512,8 @@ if ( (sess == NULL) || /* we have pulled in a full packet so zero things */ s->packet_length=0; - dtls1_record_bitmap_update(s, &(s->d1->bitmap));/* Mark receipt of record. */ - return(1); + dtls1_record_bitmap_update(s, &(s->d1->bitmap));/* Mark receipt of record. */ + return(1); f_err: ssl3_send_alert(s,SSL3_AL_FATAL,al); @@ -491,9 +543,9 @@ int dtls1_get_record(SSL *s) rr= &(s->s3->rrec); - /* The epoch may have changed. If so, process all the - * pending records. This is a non-blocking operation. */ - dtls1_process_buffered_records(s); + /* The epoch may have changed. If so, process all the + * pending records. This is a non-blocking operation. */ + dtls1_process_buffered_records(s); /* if we're renegotiating, then there may be buffered records */ if (dtls1_get_processed_record(s)) @@ -537,7 +589,7 @@ again: /* Lets check version */ if (!s->first_packet) { - if (version != s->version && version != DTLS1_BAD_VER) + if (version != s->version) { /* unexpected version, silently discard */ rr->length = 0; @@ -546,8 +598,7 @@ again: } } - if ((version & 0xff00) != (DTLS1_VERSION & 0xff00) && - (version & 0xff00) != (DTLS1_BAD_VER & 0xff00)) + if ((version & 0xff00) != (s->version & 0xff00)) { /* wrong version, silently discard record */ rr->length = 0; @@ -563,7 +614,6 @@ again: goto again; } - s->client_version = version; /* now s->rstate == SSL_ST_READ_BODY */ } @@ -592,27 +642,35 @@ again: /* match epochs. NULL means the packet is dropped on the floor */ bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch); if ( bitmap == NULL) - { - rr->length = 0; - s->packet_length = 0; /* dump this record */ - goto again; /* get another record */ - } - - /* Check whether this is a repeat, or aged record. - * Don't check if we're listening and this message is - * a ClientHello. They can look as if they're replayed, - * since they arrive from different connections and - * would be dropped unnecessarily. - */ - if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE && - *p == SSL3_MT_CLIENT_HELLO) && - ! dtls1_record_replay_check(s, bitmap, &(rr->seq_num))) { rr->length = 0; - s->packet_length=0; /* dump this record */ - goto again; /* get another record */ + s->packet_length = 0; /* dump this record */ + goto again; /* get another record */ } +#ifndef OPENSSL_NO_SCTP + /* Only do replay check if no SCTP bio */ + if (!BIO_dgram_is_sctp(SSL_get_rbio(s))) + { +#endif + /* Check whether this is a repeat, or aged record. + * Don't check if we're listening and this message is + * a ClientHello. They can look as if they're replayed, + * since they arrive from different connections and + * would be dropped unnecessarily. + */ + if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE && + *p == SSL3_MT_CLIENT_HELLO) && + !dtls1_record_replay_check(s, bitmap)) + { + rr->length = 0; + s->packet_length=0; /* dump this record */ + goto again; /* get another record */ + } +#ifndef OPENSSL_NO_SCTP + } +#endif + /* just read a 0 length packet */ if (rr->length == 0) goto again; @@ -625,18 +683,18 @@ again: { if ((SSL_in_init(s) || s->in_handshake) && !s->d1->listen) { - dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), &rr->seq_num); + dtls1_buffer_record(s, &(s->d1->unprocessed_rcds), rr->seq_num); } rr->length = 0; - s->packet_length = 0; - goto again; - } + s->packet_length = 0; + goto again; + } - if (!dtls1_process_record(s)) + if (!dtls1_process_record(s)) { rr->length = 0; - s->packet_length=0; /* dump this record */ - goto again; /* get another record */ + s->packet_length = 0; /* dump this record */ + goto again; /* get another record */ } return(1); @@ -696,7 +754,17 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) /* Now s->d1->handshake_fragment_len == 0 if type == SSL3_RT_HANDSHAKE. */ +#ifndef OPENSSL_NO_SCTP + /* Continue handshake if it had to be interrupted to read + * app data with SCTP. + */ + if ((!s->in_handshake && SSL_in_init(s)) || + (BIO_dgram_is_sctp(SSL_get_rbio(s)) && + (s->state == DTLS1_SCTP_ST_SR_READ_SOCK || s->state == DTLS1_SCTP_ST_CR_READ_SOCK) && + s->s3->in_read_app_data != 2)) +#else if (!s->in_handshake && SSL_in_init(s)) +#endif { /* type == SSL3_RT_APPLICATION_DATA */ i=s->handshake_func(s); @@ -727,6 +795,15 @@ start: item = pqueue_pop(s->d1->buffered_app_data.q); if (item) { +#ifndef OPENSSL_NO_SCTP + /* Restore bio_dgram_sctp_rcvinfo struct */ + if (BIO_dgram_is_sctp(SSL_get_rbio(s))) + { + DTLS1_RECORD_DATA *rdata = (DTLS1_RECORD_DATA *) item->data; + BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_SET_RCVINFO, sizeof(rdata->recordinfo), &rdata->recordinfo); + } +#endif + dtls1_copy_record(s, item); OPENSSL_free(item->data); @@ -764,7 +841,7 @@ start: * buffer the application data for later processing rather * than dropping the connection. */ - dtls1_buffer_record(s, &(s->d1->buffered_app_data), &rr->seq_num); + dtls1_buffer_record(s, &(s->d1->buffered_app_data), rr->seq_num); rr->length = 0; goto start; } @@ -809,6 +886,31 @@ start: rr->off=0; } } + +#ifndef OPENSSL_NO_SCTP + /* We were about to renegotiate but had to read + * belated application data first, so retry. + */ + if (BIO_dgram_is_sctp(SSL_get_rbio(s)) && + rr->type == SSL3_RT_APPLICATION_DATA && + (s->state == DTLS1_SCTP_ST_SR_READ_SOCK || s->state == DTLS1_SCTP_ST_CR_READ_SOCK)) + { + s->rwstate=SSL_READING; + BIO_clear_retry_flags(SSL_get_rbio(s)); + BIO_set_retry_read(SSL_get_rbio(s)); + } + + /* We might had to delay a close_notify alert because + * of reordered app data. If there was an alert and there + * is no message to read anymore, finally set shutdown. + */ + if (BIO_dgram_is_sctp(SSL_get_rbio(s)) && + s->d1->shutdown_received && !BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) + { + s->shutdown |= SSL_RECEIVED_SHUTDOWN; + return(0); + } +#endif return(n); } @@ -836,6 +938,19 @@ start: dest = s->d1->alert_fragment; dest_len = &s->d1->alert_fragment_len; } +#ifndef OPENSSL_NO_HEARTBEATS + else if (rr->type == TLS1_RT_HEARTBEAT) + { + dtls1_process_heartbeat(s); + + /* Exit and notify application to read again */ + rr->length = 0; + s->rwstate=SSL_READING; + BIO_clear_retry_flags(SSL_get_rbio(s)); + BIO_set_retry_read(SSL_get_rbio(s)); + return(-1); + } +#endif /* else it's a CCS message, or application data or wrong */ else if (rr->type != SSL3_RT_CHANGE_CIPHER_SPEC) { @@ -919,6 +1034,7 @@ start: !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && !s->s3->renegotiate) { + s->new_session = 1; ssl3_renegotiate(s); if (ssl3_renegotiate_check(s)) { @@ -980,6 +1096,21 @@ start: s->s3->warn_alert = alert_descr; if (alert_descr == SSL_AD_CLOSE_NOTIFY) { +#ifndef OPENSSL_NO_SCTP + /* With SCTP and streams the socket may deliver app data + * after a close_notify alert. We have to check this + * first so that nothing gets discarded. + */ + if (BIO_dgram_is_sctp(SSL_get_rbio(s)) && + BIO_dgram_sctp_msg_waiting(SSL_get_rbio(s))) + { + s->d1->shutdown_received = 1; + s->rwstate=SSL_READING; + BIO_clear_retry_flags(SSL_get_rbio(s)); + BIO_set_retry_read(SSL_get_rbio(s)); + return -1; + } +#endif s->shutdown |= SSL_RECEIVED_SHUTDOWN; return(0); } @@ -1046,13 +1177,14 @@ start: dtls1_get_ccs_header(rr->data, &ccs_hdr); + if (s->version == DTLS1_BAD_VER) + ccs_hdr_len = 3; + /* 'Change Cipher Spec' is just a single byte, so we know * exactly what the record payload has to look like */ /* XDTLS: check that epoch is consistent */ - if (s->client_version == DTLS1_BAD_VER || s->version == DTLS1_BAD_VER) - ccs_hdr_len = 3; - - if ((rr->length != ccs_hdr_len) || (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) + if ( (rr->length != ccs_hdr_len) || + (rr->off != 0) || (rr->data[0] != SSL3_MT_CCS)) { i=SSL_AD_ILLEGAL_PARAMETER; SSLerr(SSL_F_DTLS1_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC); @@ -1082,9 +1214,18 @@ start: /* do this whenever CCS is processed */ dtls1_reset_seq_numbers(s, SSL3_CC_READ); - if (s->client_version == DTLS1_BAD_VER) + if (s->version == DTLS1_BAD_VER) s->d1->handshake_read_seq++; +#ifndef OPENSSL_NO_SCTP + /* Remember that a CCS has been received, + * so that an old key of SCTP-Auth can be + * deleted when a CCS is sent. Will be ignored + * if no SCTP is used + */ + BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_AUTH_CCS_RCVD, 1, NULL); +#endif + goto start; } @@ -1127,6 +1268,7 @@ start: #else s->state = s->server ? SSL_ST_ACCEPT : SSL_ST_CONNECT; #endif + s->renegotiate=1; s->new_session=1; } i=s->handshake_func(s); @@ -1223,7 +1365,16 @@ dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len) { int i; - if (SSL_in_init(s) && !s->in_handshake) +#ifndef OPENSSL_NO_SCTP + /* Check if we have to continue an interrupted handshake + * for reading belated app data with SCTP. + */ + if ((SSL_in_init(s) && !s->in_handshake) || + (BIO_dgram_is_sctp(SSL_get_wbio(s)) && + (s->state == DTLS1_SCTP_ST_SR_READ_SOCK || s->state == DTLS1_SCTP_ST_CR_READ_SOCK))) +#else + if (SSL_in_init(s) && !s->in_handshake) +#endif { i=s->handshake_func(s); if (i < 0) return(i); @@ -1328,13 +1479,17 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, if ( (sess == NULL) || (s->enc_write_ctx == NULL) || - (s->write_hash == NULL)) + (EVP_MD_CTX_md(s->write_hash) == NULL)) clear=1; if (clear) mac_size=0; else - mac_size=EVP_MD_size(s->write_hash); + { + mac_size=EVP_MD_CTX_size(s->write_hash); + if (mac_size < 0) + goto err; + } /* DTLS implements explicit IV, so no need for empty fragments */ #if 0 @@ -1367,7 +1522,6 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, s->s3->empty_fragment_done = 1; } #endif - p = wb->buf + prefix_len; /* write the header */ @@ -1375,12 +1529,8 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, *(p++)=type&0xff; wr->type=type; - if (s->client_version == DTLS1_BAD_VER) - *(p++) = DTLS1_BAD_VER>>8, - *(p++) = DTLS1_BAD_VER&0xff; - else - *(p++)=(s->version>>8), - *(p++)=s->version&0xff; + *(p++)=(s->version>>8); + *(p++)=s->version&0xff; /* field where we are to write out packet epoch, seq num and len */ pseq=p; @@ -1425,7 +1575,8 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, if (mac_size != 0) { - s->method->ssl3_enc->mac(s,&(p[wr->length + bs]),1); + if(s->method->ssl3_enc->mac(s,&(p[wr->length + bs]),1) < 0) + goto err; wr->length+=mac_size; } @@ -1502,111 +1653,50 @@ err: -static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap, - PQ_64BIT *seq_num) +static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap) { -#if PQ_64BIT_IS_INTEGER - PQ_64BIT mask = 0x0000000000000001L; -#endif - PQ_64BIT rcd_num, tmp; - - pq_64bit_init(&rcd_num); - pq_64bit_init(&tmp); - - /* this is the sequence number for the record just read */ - pq_64bit_bin2num(&rcd_num, s->s3->read_sequence, 8); - - - if (pq_64bit_gt(&rcd_num, &(bitmap->max_seq_num)) || - pq_64bit_eq(&rcd_num, &(bitmap->max_seq_num))) - { - pq_64bit_assign(seq_num, &rcd_num); - pq_64bit_free(&rcd_num); - pq_64bit_free(&tmp); - return 1; /* this record is new */ - } - - pq_64bit_sub(&tmp, &(bitmap->max_seq_num), &rcd_num); - - if ( pq_64bit_get_word(&tmp) > bitmap->length) - { - pq_64bit_free(&rcd_num); - pq_64bit_free(&tmp); - return 0; /* stale, outside the window */ - } + int cmp; + unsigned int shift; + const unsigned char *seq = s->s3->read_sequence; -#if PQ_64BIT_IS_BIGNUM - { - int offset; - pq_64bit_sub(&tmp, &(bitmap->max_seq_num), &rcd_num); - pq_64bit_sub_word(&tmp, 1); - offset = pq_64bit_get_word(&tmp); - if ( pq_64bit_is_bit_set(&(bitmap->map), offset)) + cmp = satsub64be(seq,bitmap->max_seq_num); + if (cmp > 0) { - pq_64bit_free(&rcd_num); - pq_64bit_free(&tmp); - return 0; + memcpy (s->s3->rrec.seq_num,seq,8); + return 1; /* this record in new */ } - } -#else - mask <<= (bitmap->max_seq_num - rcd_num - 1); - if (bitmap->map & mask) + shift = -cmp; + if (shift >= sizeof(bitmap->map)*8) + return 0; /* stale, outside the window */ + else if (bitmap->map & (1UL<<shift)) return 0; /* record previously received */ -#endif - - pq_64bit_assign(seq_num, &rcd_num); - pq_64bit_free(&rcd_num); - pq_64bit_free(&tmp); + + memcpy (s->s3->rrec.seq_num,seq,8); return 1; } static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap) { + int cmp; unsigned int shift; - PQ_64BIT rcd_num; - PQ_64BIT tmp; - PQ_64BIT_CTX *ctx; - - pq_64bit_init(&rcd_num); - pq_64bit_init(&tmp); + const unsigned char *seq = s->s3->read_sequence; - pq_64bit_bin2num(&rcd_num, s->s3->read_sequence, 8); - - /* unfortunate code complexity due to 64-bit manipulation support - * on 32-bit machines */ - if ( pq_64bit_gt(&rcd_num, &(bitmap->max_seq_num)) || - pq_64bit_eq(&rcd_num, &(bitmap->max_seq_num))) + cmp = satsub64be(seq,bitmap->max_seq_num); + if (cmp > 0) { - pq_64bit_sub(&tmp, &rcd_num, &(bitmap->max_seq_num)); - pq_64bit_add_word(&tmp, 1); - - shift = (unsigned int)pq_64bit_get_word(&tmp); - - pq_64bit_lshift(&(tmp), &(bitmap->map), shift); - pq_64bit_assign(&(bitmap->map), &tmp); - - pq_64bit_set_bit(&(bitmap->map), 0); - pq_64bit_add_word(&rcd_num, 1); - pq_64bit_assign(&(bitmap->max_seq_num), &rcd_num); - - pq_64bit_assign_word(&tmp, 1); - pq_64bit_lshift(&tmp, &tmp, bitmap->length); - ctx = pq_64bit_ctx_new(&ctx); - pq_64bit_mod(&(bitmap->map), &(bitmap->map), &tmp, ctx); - pq_64bit_ctx_free(ctx); + shift = cmp; + if (shift < sizeof(bitmap->map)*8) + bitmap->map <<= shift, bitmap->map |= 1UL; + else + bitmap->map = 1UL; + memcpy(bitmap->max_seq_num,seq,8); } - else - { - pq_64bit_sub(&tmp, &(bitmap->max_seq_num), &rcd_num); - pq_64bit_sub_word(&tmp, 1); - shift = (unsigned int)pq_64bit_get_word(&tmp); - - pq_64bit_set_bit(&(bitmap->map), shift); + else { + shift = -cmp; + if (shift < sizeof(bitmap->map)*8) + bitmap->map |= 1UL<<shift; } - - pq_64bit_free(&rcd_num); - pq_64bit_free(&tmp); } @@ -1653,7 +1743,7 @@ int dtls1_dispatch_alert(SSL *s) #ifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE || s->s3->send_alert[1] == DTLS1_AD_MISSING_HANDSHAKE_MESSAGE #endif - ) + ) (void)BIO_flush(s->wbio); if (s->msg_callback) @@ -1772,17 +1862,8 @@ dtls1_reset_seq_numbers(SSL *s, int rw) { seq = s->s3->read_sequence; s->d1->r_epoch++; - - pq_64bit_assign(&(s->d1->bitmap.map), &(s->d1->next_bitmap.map)); - s->d1->bitmap.length = s->d1->next_bitmap.length; - pq_64bit_assign(&(s->d1->bitmap.max_seq_num), - &(s->d1->next_bitmap.max_seq_num)); - - pq_64bit_free(&(s->d1->next_bitmap.map)); - pq_64bit_free(&(s->d1->next_bitmap.max_seq_num)); + memcpy(&(s->d1->bitmap), &(s->d1->next_bitmap), sizeof(DTLS1_BITMAP)); memset(&(s->d1->next_bitmap), 0x00, sizeof(DTLS1_BITMAP)); - pq_64bit_init(&(s->d1->next_bitmap.map)); - pq_64bit_init(&(s->d1->next_bitmap.max_seq_num)); } else { @@ -1793,23 +1874,3 @@ dtls1_reset_seq_numbers(SSL *s, int rw) memset(seq, 0x00, seq_bytes); } - -#if PQ_64BIT_IS_INTEGER -static PQ_64BIT -bytes_to_long_long(unsigned char *bytes, PQ_64BIT *num) - { - PQ_64BIT _num; - - _num = (((PQ_64BIT)bytes[0]) << 56) | - (((PQ_64BIT)bytes[1]) << 48) | - (((PQ_64BIT)bytes[2]) << 40) | - (((PQ_64BIT)bytes[3]) << 32) | - (((PQ_64BIT)bytes[4]) << 24) | - (((PQ_64BIT)bytes[5]) << 16) | - (((PQ_64BIT)bytes[6]) << 8) | - (((PQ_64BIT)bytes[7]) ); - - *num = _num ; - return _num; - } -#endif |