]>
Commit | Line | Data |
---|---|---|
d02b48c6 | 1 | /* ssl/s3_pkt.c */ |
58964a49 | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
d02b48c6 RE |
3 | * All rights reserved. |
4 | * | |
5 | * This package is an SSL implementation written | |
6 | * by Eric Young (eay@cryptsoft.com). | |
7 | * The implementation was written so as to conform with Netscapes SSL. | |
8 | * | |
9 | * This library is free for commercial and non-commercial use as long as | |
10 | * the following conditions are aheared to. The following conditions | |
11 | * apply to all code found in this distribution, be it the RC4, RSA, | |
12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
13 | * included with this distribution is covered by the same copyright terms | |
14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
15 | * | |
16 | * Copyright remains Eric Young's, and as such any Copyright notices in | |
17 | * the code are not to be removed. | |
18 | * If this package is used in a product, Eric Young should be given attribution | |
19 | * as the author of the parts of the library used. | |
20 | * This can be in the form of a textual message at program startup or | |
21 | * in documentation (online or textual) provided with the package. | |
22 | * | |
23 | * Redistribution and use in source and binary forms, with or without | |
24 | * modification, are permitted provided that the following conditions | |
25 | * are met: | |
26 | * 1. Redistributions of source code must retain the copyright | |
27 | * notice, this list of conditions and the following disclaimer. | |
28 | * 2. Redistributions in binary form must reproduce the above copyright | |
29 | * notice, this list of conditions and the following disclaimer in the | |
30 | * documentation and/or other materials provided with the distribution. | |
31 | * 3. All advertising materials mentioning features or use of this software | |
32 | * must display the following acknowledgement: | |
33 | * "This product includes cryptographic software written by | |
34 | * Eric Young (eay@cryptsoft.com)" | |
35 | * The word 'cryptographic' can be left out if the rouines from the library | |
36 | * being used are not cryptographic related :-). | |
37 | * 4. If you include any Windows specific code (or a derivative thereof) from | |
38 | * the apps directory (application code) you must include an acknowledgement: | |
39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
40 | * | |
41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | |
42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
51 | * SUCH DAMAGE. | |
52 | * | |
53 | * The licence and distribution terms for any publically available version or | |
54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
55 | * copied and put under another distribution licence | |
56 | * [including the GNU Public Licence.] | |
57 | */ | |
c51ae173 BM |
58 | /* ==================================================================== |
59 | * Copyright (c) 1998-1999 The OpenSSL Project. All rights reserved. | |
60 | * | |
61 | * Redistribution and use in source and binary forms, with or without | |
62 | * modification, are permitted provided that the following conditions | |
63 | * are met: | |
64 | * | |
65 | * 1. Redistributions of source code must retain the above copyright | |
66 | * notice, this list of conditions and the following disclaimer. | |
67 | * | |
68 | * 2. Redistributions in binary form must reproduce the above copyright | |
69 | * notice, this list of conditions and the following disclaimer in | |
70 | * the documentation and/or other materials provided with the | |
71 | * distribution. | |
72 | * | |
73 | * 3. All advertising materials mentioning features or use of this | |
74 | * software must display the following acknowledgment: | |
75 | * "This product includes software developed by the OpenSSL Project | |
76 | * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" | |
77 | * | |
78 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
79 | * endorse or promote products derived from this software without | |
80 | * prior written permission. For written permission, please contact | |
81 | * openssl-core@openssl.org. | |
82 | * | |
83 | * 5. Products derived from this software may not be called "OpenSSL" | |
84 | * nor may "OpenSSL" appear in their names without prior written | |
85 | * permission of the OpenSSL Project. | |
86 | * | |
87 | * 6. Redistributions of any form whatsoever must retain the following | |
88 | * acknowledgment: | |
89 | * "This product includes software developed by the OpenSSL Project | |
90 | * for use in the OpenSSL Toolkit (http://www.openssl.org/)" | |
91 | * | |
92 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
93 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
94 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
95 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
96 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
97 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
98 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
99 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
100 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
101 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
102 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
103 | * OF THE POSSIBILITY OF SUCH DAMAGE. | |
104 | * ==================================================================== | |
105 | * | |
106 | * This product includes cryptographic software written by Eric Young | |
107 | * (eay@cryptsoft.com). This product includes software written by Tim | |
108 | * Hudson (tjh@cryptsoft.com). | |
109 | * | |
110 | */ | |
d02b48c6 RE |
111 | |
112 | #include <stdio.h> | |
113 | #include <errno.h> | |
114 | #define USE_SOCKETS | |
ec577822 BM |
115 | #include <openssl/evp.h> |
116 | #include <openssl/buffer.h> | |
d02b48c6 RE |
117 | #include "ssl_locl.h" |
118 | ||
61f5b6f3 BL |
119 | static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, |
120 | unsigned int len); | |
121 | static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, | |
e778802f | 122 | unsigned int len); |
d02b48c6 RE |
123 | static int ssl3_get_record(SSL *s); |
124 | static int do_compress(SSL *ssl); | |
125 | static int do_uncompress(SSL *ssl); | |
58964a49 | 126 | static int do_change_cipher_spec(SSL *ssl); |
c51ae173 | 127 | |
6b691a5c | 128 | static int ssl3_read_n(SSL *s, int n, int max, int extend) |
d02b48c6 | 129 | { |
c51ae173 BM |
130 | /* If extend == 0, obtain new n-byte packet; if extend == 1, increase |
131 | * packet by another n bytes. | |
132 | * The packet will be in the sub-array of s->s3->rbuf.buf specified | |
133 | * by s->packet and s->packet_length. | |
134 | * (If s->read_ahead is set, 'max' bytes may be stored in rbuf | |
135 | * [plus s->packet_length bytes if extend == 1].) | |
136 | */ | |
d02b48c6 RE |
137 | int i,off,newb; |
138 | ||
c51ae173 BM |
139 | if (!extend) |
140 | { | |
141 | /* start with empty packet ... */ | |
142 | if (s->s3->rbuf.left == 0) | |
143 | s->s3->rbuf.offset = 0; | |
144 | s->packet = s->s3->rbuf.buf + s->s3->rbuf.offset; | |
145 | s->packet_length = 0; | |
146 | /* ... now we can act as if 'extend' was set */ | |
147 | } | |
148 | ||
149 | /* if there is enough in the buffer from a previous read, take some */ | |
d02b48c6 RE |
150 | if (s->s3->rbuf.left >= (int)n) |
151 | { | |
c51ae173 | 152 | s->packet_length+=n; |
d02b48c6 RE |
153 | s->s3->rbuf.left-=n; |
154 | s->s3->rbuf.offset+=n; | |
155 | return(n); | |
156 | } | |
157 | ||
158 | /* else we need to read more data */ | |
c51ae173 BM |
159 | if (!s->read_ahead) |
160 | max=n; | |
d02b48c6 | 161 | |
c51ae173 BM |
162 | { |
163 | /* avoid buffer overflow */ | |
164 | int max_max = SSL3_RT_MAX_PACKET_SIZE - s->packet_length; | |
165 | if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) | |
166 | max_max += SSL3_RT_MAX_EXTRA; | |
167 | if (max > max_max) | |
168 | max = max_max; | |
169 | } | |
cc96f6b7 BM |
170 | if (n > max) /* does not happen */ |
171 | { | |
172 | SSLerr(SSL_F_SSL3_READ_N,SSL_R_INTERNAL_ERROR); | |
173 | return -1; | |
174 | } | |
d02b48c6 | 175 | |
c51ae173 BM |
176 | off = s->packet_length; |
177 | newb = s->s3->rbuf.left; | |
178 | /* Move any available bytes to front of buffer: | |
179 | * 'off' bytes already pointed to by 'packet', | |
180 | * 'newb' extra ones at the end */ | |
181 | if (s->packet != s->s3->rbuf.buf) | |
182 | { | |
183 | /* off > 0 */ | |
184 | memmove(s->s3->rbuf.buf, s->packet, off+newb); | |
185 | s->packet = s->s3->rbuf.buf; | |
186 | } | |
187 | ||
d02b48c6 RE |
188 | while (newb < n) |
189 | { | |
c51ae173 BM |
190 | /* Now we have off+newb bytes at the front of s->s3->rbuf.buf and need |
191 | * to read in more until we have off+n (up to off+max if possible) */ | |
192 | ||
58964a49 | 193 | clear_sys_error(); |
d02b48c6 RE |
194 | if (s->rbio != NULL) |
195 | { | |
196 | s->rwstate=SSL_READING; | |
c51ae173 | 197 | i=BIO_read(s->rbio, &(s->s3->rbuf.buf[off+newb]), max-newb); |
d02b48c6 RE |
198 | } |
199 | else | |
200 | { | |
201 | SSLerr(SSL_F_SSL3_READ_N,SSL_R_READ_BIO_NOT_SET); | |
c51ae173 | 202 | i = -1; |
d02b48c6 RE |
203 | } |
204 | ||
205 | if (i <= 0) | |
206 | { | |
c51ae173 | 207 | s->s3->rbuf.left = newb; |
d02b48c6 RE |
208 | return(i); |
209 | } | |
210 | newb+=i; | |
211 | } | |
212 | ||
c51ae173 BM |
213 | /* done reading, now the book-keeping */ |
214 | s->s3->rbuf.offset = off + n; | |
215 | s->s3->rbuf.left = newb - n; | |
216 | s->packet_length += n; | |
e1798f85 | 217 | s->rwstate=SSL_NOTHING; |
d02b48c6 RE |
218 | return(n); |
219 | } | |
220 | ||
221 | /* Call this to get a new input record. | |
222 | * It will return <= 0 if more data is needed, normally due to an error | |
223 | * or non-blocking IO. | |
224 | * When it finishes, one packet has been decoded and can be found in | |
c51ae173 BM |
225 | * ssl->s3->rrec.type - is the type of record |
226 | * ssl->s3->rrec.data, - data | |
d02b48c6 RE |
227 | * ssl->s3->rrec.length, - number of bytes |
228 | */ | |
6b691a5c | 229 | static int ssl3_get_record(SSL *s) |
d02b48c6 RE |
230 | { |
231 | int ssl_major,ssl_minor,al; | |
232 | int n,i,ret= -1; | |
233 | SSL3_BUFFER *rb; | |
234 | SSL3_RECORD *rr; | |
235 | SSL_SESSION *sess; | |
236 | unsigned char *p; | |
237 | unsigned char md[EVP_MAX_MD_SIZE]; | |
238 | short version; | |
239 | unsigned int mac_size; | |
240 | int clear=0,extra; | |
241 | ||
242 | rr= &(s->s3->rrec); | |
243 | rb= &(s->s3->rbuf); | |
244 | sess=s->session; | |
245 | ||
58964a49 | 246 | if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) |
d02b48c6 RE |
247 | extra=SSL3_RT_MAX_EXTRA; |
248 | else | |
249 | extra=0; | |
250 | ||
251 | again: | |
252 | /* check if we have the header */ | |
253 | if ( (s->rstate != SSL_ST_READ_BODY) || | |
254 | (s->packet_length < SSL3_RT_HEADER_LENGTH)) | |
255 | { | |
256 | n=ssl3_read_n(s,SSL3_RT_HEADER_LENGTH, | |
257 | SSL3_RT_MAX_PACKET_SIZE,0); | |
258 | if (n <= 0) return(n); /* error or non-blocking */ | |
259 | s->rstate=SSL_ST_READ_BODY; | |
260 | ||
261 | p=s->packet; | |
262 | ||
263 | /* Pull apart the header into the SSL3_RECORD */ | |
264 | rr->type= *(p++); | |
265 | ssl_major= *(p++); | |
266 | ssl_minor= *(p++); | |
267 | version=(ssl_major<<8)|ssl_minor; | |
268 | n2s(p,rr->length); | |
269 | ||
270 | /* Lets check version */ | |
271 | if (s->first_packet) | |
272 | { | |
273 | s->first_packet=0; | |
274 | } | |
275 | else | |
276 | { | |
58964a49 RE |
277 | if (version != s->version) |
278 | { | |
279 | SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER); | |
280 | /* Send back error using their | |
281 | * version number :-) */ | |
282 | s->version=version; | |
283 | al=SSL_AD_PROTOCOL_VERSION; | |
284 | goto f_err; | |
285 | } | |
d02b48c6 RE |
286 | } |
287 | ||
58964a49 | 288 | if ((version>>8) != SSL3_VERSION_MAJOR) |
d02b48c6 | 289 | { |
58964a49 | 290 | SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER); |
d02b48c6 RE |
291 | goto err; |
292 | } | |
293 | ||
294 | if (rr->length > | |
295 | (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra) | |
296 | { | |
58964a49 | 297 | al=SSL_AD_RECORD_OVERFLOW; |
d02b48c6 RE |
298 | SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG); |
299 | goto f_err; | |
300 | } | |
301 | ||
52732b38 | 302 | /* now s->rstate == SSL_ST_READ_BODY */ |
d02b48c6 RE |
303 | } |
304 | ||
52732b38 BM |
305 | /* s->rstate == SSL_ST_READ_BODY, get and decode the data */ |
306 | ||
307 | if (rr->length > (s->packet_length-SSL3_RT_HEADER_LENGTH)) | |
d02b48c6 | 308 | { |
52732b38 BM |
309 | /* now s->packet_length == SSL3_RT_HEADER_LENGTH */ |
310 | i=rr->length; | |
311 | n=ssl3_read_n(s,i,i,1); | |
312 | if (n <= 0) return(n); /* error or non-blocking io */ | |
313 | /* now n == rr->length, | |
314 | * and s->packet_length == SSL3_RT_HEADER_LENGTH + rr->length */ | |
d02b48c6 RE |
315 | } |
316 | ||
52732b38 | 317 | s->rstate=SSL_ST_READ_HEADER; /* set state for later operations */ |
d02b48c6 | 318 | |
52732b38 BM |
319 | /* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length, |
320 | * and we have that many bytes in s->packet | |
321 | */ | |
d02b48c6 RE |
322 | rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]); |
323 | ||
324 | /* ok, we can now read from 's->packet' data into 'rr' | |
325 | * rr->input points at rr->length bytes, which | |
326 | * need to be copied into rr->data by either | |
327 | * the decryption or by the decompression | |
328 | * When the data is 'copied' into the rr->data buffer, | |
329 | * rr->input will be pointed at the new buffer */ | |
330 | ||
d02b48c6 RE |
331 | /* We now have - encrypted [ MAC [ compressed [ plain ] ] ] |
332 | * rr->length bytes of encrypted compressed stuff. */ | |
333 | ||
657e60fa | 334 | /* check is not needed I believe */ |
d02b48c6 RE |
335 | if (rr->length > (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra) |
336 | { | |
58964a49 | 337 | al=SSL_AD_RECORD_OVERFLOW; |
d02b48c6 RE |
338 | SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG); |
339 | goto f_err; | |
340 | } | |
341 | ||
342 | /* decrypt in place in 'rr->input' */ | |
343 | rr->data=rr->input; | |
344 | ||
58964a49 | 345 | if (!s->method->ssl3_enc->enc(s,0)) |
d02b48c6 | 346 | { |
58964a49 | 347 | al=SSL_AD_DECRYPT_ERROR; |
d02b48c6 RE |
348 | goto f_err; |
349 | } | |
58964a49 RE |
350 | #ifdef TLS_DEBUG |
351 | printf("dec %d\n",rr->length); | |
dfeab068 | 352 | { unsigned int z; for (z=0; z<rr->length; z++) printf("%02X%c",rr->data[z],((z+1)%16)?' ':'\n'); } |
58964a49 RE |
353 | printf("\n"); |
354 | #endif | |
d02b48c6 RE |
355 | /* r->length is now the compressed data plus mac */ |
356 | if ( (sess == NULL) || | |
357 | (s->enc_read_ctx == NULL) || | |
358 | (s->read_hash == NULL)) | |
359 | clear=1; | |
360 | ||
361 | if (!clear) | |
362 | { | |
363 | mac_size=EVP_MD_size(s->read_hash); | |
364 | ||
365 | if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size) | |
366 | { | |
58964a49 | 367 | al=SSL_AD_RECORD_OVERFLOW; |
d02b48c6 RE |
368 | SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG); |
369 | goto f_err; | |
370 | } | |
52732b38 | 371 | /* check the MAC for rr->input (it's in mac_size bytes at the tail) */ |
d02b48c6 RE |
372 | if (rr->length < mac_size) |
373 | { | |
58964a49 | 374 | al=SSL_AD_DECODE_ERROR; |
d02b48c6 RE |
375 | SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT); |
376 | goto f_err; | |
377 | } | |
378 | rr->length-=mac_size; | |
58964a49 | 379 | i=s->method->ssl3_enc->mac(s,md,0); |
d02b48c6 RE |
380 | if (memcmp(md,&(rr->data[rr->length]),mac_size) != 0) |
381 | { | |
58964a49 | 382 | al=SSL_AD_BAD_RECORD_MAC; |
d02b48c6 | 383 | SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_MAC_DECODE); |
58964a49 | 384 | ret= -1; |
d02b48c6 RE |
385 | goto f_err; |
386 | } | |
387 | } | |
388 | ||
389 | /* r->length is now just compressed */ | |
dfeab068 | 390 | if (s->expand != NULL) |
d02b48c6 RE |
391 | { |
392 | if (rr->length > | |
393 | (unsigned int)SSL3_RT_MAX_COMPRESSED_LENGTH+extra) | |
394 | { | |
58964a49 | 395 | al=SSL_AD_RECORD_OVERFLOW; |
d02b48c6 RE |
396 | SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG); |
397 | goto f_err; | |
398 | } | |
399 | if (!do_uncompress(s)) | |
400 | { | |
58964a49 | 401 | al=SSL_AD_DECOMPRESSION_FAILURE; |
d02b48c6 RE |
402 | SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION); |
403 | goto f_err; | |
404 | } | |
405 | } | |
406 | ||
407 | if (rr->length > (unsigned int)SSL3_RT_MAX_PLAIN_LENGTH+extra) | |
408 | { | |
58964a49 | 409 | al=SSL_AD_RECORD_OVERFLOW; |
d02b48c6 RE |
410 | SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG); |
411 | goto f_err; | |
412 | } | |
413 | ||
414 | rr->off=0; | |
415 | /* So at this point the following is true | |
416 | * ssl->s3->rrec.type is the type of record | |
417 | * ssl->s3->rrec.length == number of bytes in record | |
418 | * ssl->s3->rrec.off == offset to first valid byte | |
419 | * ssl->s3->rrec.data == where to take bytes from, increment | |
420 | * after use :-). | |
421 | */ | |
422 | ||
423 | /* we have pulled in a full packet so zero things */ | |
424 | s->packet_length=0; | |
425 | ||
426 | /* just read a 0 length packet */ | |
427 | if (rr->length == 0) goto again; | |
428 | ||
429 | return(1); | |
430 | f_err: | |
431 | ssl3_send_alert(s,SSL3_AL_FATAL,al); | |
432 | err: | |
433 | return(ret); | |
434 | } | |
435 | ||
6b691a5c | 436 | static int do_uncompress(SSL *ssl) |
d02b48c6 | 437 | { |
dfeab068 RE |
438 | int i; |
439 | SSL3_RECORD *rr; | |
440 | ||
441 | rr= &(ssl->s3->rrec); | |
442 | i=COMP_expand_block(ssl->expand,rr->comp, | |
443 | SSL3_RT_MAX_PLAIN_LENGTH,rr->data,(int)rr->length); | |
444 | if (i < 0) | |
445 | return(0); | |
446 | else | |
447 | rr->length=i; | |
448 | rr->data=rr->comp; | |
449 | ||
d02b48c6 RE |
450 | return(1); |
451 | } | |
452 | ||
6b691a5c | 453 | static int do_compress(SSL *ssl) |
d02b48c6 | 454 | { |
dfeab068 RE |
455 | int i; |
456 | SSL3_RECORD *wr; | |
457 | ||
458 | wr= &(ssl->s3->wrec); | |
459 | i=COMP_compress_block(ssl->compress,wr->data, | |
460 | SSL3_RT_MAX_COMPRESSED_LENGTH, | |
461 | wr->input,(int)wr->length); | |
462 | if (i < 0) | |
463 | return(0); | |
464 | else | |
465 | wr->length=i; | |
466 | ||
467 | wr->input=wr->data; | |
d02b48c6 RE |
468 | return(1); |
469 | } | |
470 | ||
52732b38 | 471 | /* Call this to write data in records of type 'type' |
d02b48c6 RE |
472 | * It will return <= 0 if not all data has been sent or non-blocking IO. |
473 | */ | |
52732b38 | 474 | int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) |
d02b48c6 | 475 | { |
52732b38 | 476 | const unsigned char *buf=buf_; |
d02b48c6 RE |
477 | unsigned int tot,n,nw; |
478 | int i; | |
479 | ||
480 | s->rwstate=SSL_NOTHING; | |
481 | tot=s->s3->wnum; | |
482 | s->s3->wnum=0; | |
483 | ||
484 | if (SSL_in_init(s) && !s->in_handshake) | |
485 | { | |
486 | i=s->handshake_func(s); | |
487 | if (i < 0) return(i); | |
488 | if (i == 0) | |
489 | { | |
490 | SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); | |
491 | return(-1); | |
492 | } | |
493 | } | |
494 | ||
495 | n=(len-tot); | |
496 | for (;;) | |
497 | { | |
498 | if (n > SSL3_RT_MAX_PLAIN_LENGTH) | |
499 | nw=SSL3_RT_MAX_PLAIN_LENGTH; | |
500 | else | |
501 | nw=n; | |
58964a49 | 502 | |
d02b48c6 RE |
503 | i=do_ssl3_write(s,type,&(buf[tot]),nw); |
504 | if (i <= 0) | |
505 | { | |
506 | s->s3->wnum=tot; | |
507 | return(i); | |
508 | } | |
509 | ||
510 | if (type == SSL3_RT_HANDSHAKE) | |
e778802f | 511 | ssl3_finish_mac(s,&(buf[tot]),i); |
d02b48c6 | 512 | |
e1056435 BM |
513 | if ((i == (int)n) || |
514 | (type == SSL3_RT_APPLICATION_DATA && | |
11b1adad | 515 | (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE))) |
e1056435 BM |
516 | { |
517 | return(tot+i); | |
518 | } | |
d02b48c6 RE |
519 | |
520 | n-=i; | |
521 | tot+=i; | |
522 | } | |
523 | } | |
524 | ||
61f5b6f3 BL |
525 | static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, |
526 | unsigned int len) | |
d02b48c6 RE |
527 | { |
528 | unsigned char *p,*plen; | |
529 | int i,mac_size,clear=0; | |
530 | SSL3_RECORD *wr; | |
531 | SSL3_BUFFER *wb; | |
532 | SSL_SESSION *sess; | |
533 | ||
534 | /* first check is there is a SSL3_RECORD still being written | |
535 | * out. This will happen with non blocking IO */ | |
536 | if (s->s3->wbuf.left != 0) | |
537 | return(ssl3_write_pending(s,type,buf,len)); | |
538 | ||
539 | /* If we have an alert to send, lets send it */ | |
540 | if (s->s3->alert_dispatch) | |
541 | { | |
542 | i=ssl3_dispatch_alert(s); | |
543 | if (i <= 0) | |
544 | return(i); | |
545 | /* if it went, fall through and send more stuff */ | |
546 | } | |
547 | ||
b058a080 | 548 | if (len == 0) return(len); |
d02b48c6 RE |
549 | |
550 | wr= &(s->s3->wrec); | |
551 | wb= &(s->s3->wbuf); | |
552 | sess=s->session; | |
553 | ||
554 | if ( (sess == NULL) || | |
555 | (s->enc_write_ctx == NULL) || | |
556 | (s->write_hash == NULL)) | |
557 | clear=1; | |
558 | ||
559 | if (clear) | |
560 | mac_size=0; | |
561 | else | |
562 | mac_size=EVP_MD_size(s->write_hash); | |
563 | ||
564 | p=wb->buf; | |
565 | ||
566 | /* write the header */ | |
567 | *(p++)=type&0xff; | |
568 | wr->type=type; | |
569 | ||
58964a49 RE |
570 | *(p++)=(s->version>>8); |
571 | *(p++)=s->version&0xff; | |
d02b48c6 RE |
572 | |
573 | /* record where we are to write out packet length */ | |
574 | plen=p; | |
575 | p+=2; | |
576 | ||
577 | /* lets setup the record stuff. */ | |
578 | wr->data=p; | |
579 | wr->length=(int)len; | |
580 | wr->input=(unsigned char *)buf; | |
581 | ||
582 | /* we now 'read' from wr->input, wr->length bytes into | |
583 | * wr->data */ | |
584 | ||
585 | /* first we compress */ | |
dfeab068 | 586 | if (s->compress != NULL) |
d02b48c6 RE |
587 | { |
588 | if (!do_compress(s)) | |
589 | { | |
590 | SSLerr(SSL_F_DO_SSL3_WRITE,SSL_R_COMPRESSION_FAILURE); | |
591 | goto err; | |
592 | } | |
593 | } | |
594 | else | |
595 | { | |
596 | memcpy(wr->data,wr->input,wr->length); | |
597 | wr->input=wr->data; | |
598 | } | |
599 | ||
600 | /* we should still have the output to wr->data and the input | |
601 | * from wr->input. Length should be wr->length. | |
602 | * wr->data still points in the wb->buf */ | |
603 | ||
604 | if (mac_size != 0) | |
605 | { | |
58964a49 | 606 | s->method->ssl3_enc->mac(s,&(p[wr->length]),1); |
d02b48c6 RE |
607 | wr->length+=mac_size; |
608 | wr->input=p; | |
609 | wr->data=p; | |
610 | } | |
611 | ||
612 | /* ssl3_enc can only have an error on read */ | |
58964a49 | 613 | s->method->ssl3_enc->enc(s,1); |
d02b48c6 RE |
614 | |
615 | /* record length after mac and block padding */ | |
616 | s2n(wr->length,plen); | |
617 | ||
618 | /* we should now have | |
619 | * wr->data pointing to the encrypted data, which is | |
620 | * wr->length long */ | |
621 | wr->type=type; /* not needed but helps for debugging */ | |
622 | wr->length+=SSL3_RT_HEADER_LENGTH; | |
623 | ||
624 | /* Now lets setup wb */ | |
625 | wb->left=wr->length; | |
626 | wb->offset=0; | |
627 | ||
628 | s->s3->wpend_tot=len; | |
629 | s->s3->wpend_buf=buf; | |
630 | s->s3->wpend_type=type; | |
631 | s->s3->wpend_ret=len; | |
632 | ||
633 | /* we now just need to write the buffer */ | |
634 | return(ssl3_write_pending(s,type,buf,len)); | |
635 | err: | |
636 | return(-1); | |
637 | } | |
638 | ||
639 | /* if s->s3->wbuf.left != 0, we need to call this */ | |
61f5b6f3 BL |
640 | static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, |
641 | unsigned int len) | |
d02b48c6 RE |
642 | { |
643 | int i; | |
644 | ||
58964a49 | 645 | /* XXXX */ |
e1056435 BM |
646 | if ((s->s3->wpend_tot > (int)len) |
647 | || ((s->s3->wpend_buf != buf) && | |
1afd8b39 | 648 | !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) |
d02b48c6 RE |
649 | || (s->s3->wpend_type != type)) |
650 | { | |
651 | SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY); | |
58964a49 | 652 | return(-1); |
d02b48c6 RE |
653 | } |
654 | ||
655 | for (;;) | |
656 | { | |
58964a49 | 657 | clear_sys_error(); |
d02b48c6 RE |
658 | if (s->wbio != NULL) |
659 | { | |
660 | s->rwstate=SSL_WRITING; | |
661 | i=BIO_write(s->wbio, | |
662 | (char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]), | |
663 | (unsigned int)s->s3->wbuf.left); | |
664 | } | |
665 | else | |
666 | { | |
667 | SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BIO_NOT_SET); | |
668 | i= -1; | |
669 | } | |
670 | if (i == s->s3->wbuf.left) | |
671 | { | |
672 | s->s3->wbuf.left=0; | |
673 | s->rwstate=SSL_NOTHING; | |
674 | return(s->s3->wpend_ret); | |
675 | } | |
676 | else if (i <= 0) | |
677 | return(i); | |
678 | s->s3->wbuf.offset+=i; | |
679 | s->s3->wbuf.left-=i; | |
680 | } | |
681 | } | |
682 | ||
61f5b6f3 | 683 | int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len) |
d02b48c6 RE |
684 | { |
685 | int al,i,j,n,ret; | |
686 | SSL3_RECORD *rr; | |
d02b48c6 | 687 | void (*cb)()=NULL; |
58964a49 | 688 | BIO *bio; |
d02b48c6 | 689 | |
c51ae173 | 690 | if (s->s3->rbuf.buf == NULL) /* Not initialized yet */ |
d02b48c6 RE |
691 | if (!ssl3_setup_buffers(s)) |
692 | return(-1); | |
693 | ||
58964a49 | 694 | if (!s->in_handshake && SSL_in_init(s)) |
d02b48c6 RE |
695 | { |
696 | i=s->handshake_func(s); | |
697 | if (i < 0) return(i); | |
698 | if (i == 0) | |
699 | { | |
700 | SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); | |
701 | return(-1); | |
702 | } | |
703 | } | |
704 | start: | |
705 | s->rwstate=SSL_NOTHING; | |
706 | ||
c51ae173 BM |
707 | /* s->s3->rrec.type - is the type of record |
708 | * s->s3->rrec.data, - data | |
709 | * s->s3->rrec.off, - offset into 'data' for next read | |
710 | * s->s3->rrec.length, - number of bytes. */ | |
d02b48c6 RE |
711 | rr= &(s->s3->rrec); |
712 | ||
713 | /* get new packet */ | |
714 | if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) | |
715 | { | |
716 | ret=ssl3_get_record(s); | |
717 | if (ret <= 0) return(ret); | |
718 | } | |
719 | ||
720 | /* we now have a packet which can be read and processed */ | |
721 | ||
722 | if (s->s3->change_cipher_spec && (rr->type != SSL3_RT_HANDSHAKE)) | |
723 | { | |
58964a49 | 724 | al=SSL_AD_UNEXPECTED_MESSAGE; |
d02b48c6 RE |
725 | SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED); |
726 | goto err; | |
727 | } | |
728 | ||
729 | /* If the other end has shutdown, throw anything we read away */ | |
730 | if (s->shutdown & SSL_RECEIVED_SHUTDOWN) | |
731 | { | |
732 | rr->length=0; | |
733 | s->rwstate=SSL_NOTHING; | |
734 | return(0); | |
735 | } | |
736 | ||
c51ae173 | 737 | /* Check for an incoming 'Hello Request' message from client */ |
d02b48c6 | 738 | if ((rr->type == SSL3_RT_HANDSHAKE) && (rr->length == 4) && |
c51ae173 | 739 | (rr->data[0] == SSL3_MT_HELLO_REQUEST) && |
d02b48c6 RE |
740 | (s->session != NULL) && (s->session->cipher != NULL)) |
741 | { | |
742 | if ((rr->data[1] != 0) || (rr->data[2] != 0) || | |
743 | (rr->data[3] != 0)) | |
744 | { | |
58964a49 | 745 | al=SSL_AD_DECODE_ERROR; |
c51ae173 | 746 | SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_HELLO_REQUEST); |
d02b48c6 RE |
747 | goto err; |
748 | } | |
749 | ||
750 | if (SSL_is_init_finished(s) && | |
58964a49 RE |
751 | !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS) && |
752 | !s->s3->renegotiate) | |
d02b48c6 RE |
753 | { |
754 | ssl3_renegotiate(s); | |
58964a49 | 755 | if (ssl3_renegotiate_check(s)) |
d02b48c6 | 756 | { |
58964a49 RE |
757 | n=s->handshake_func(s); |
758 | if (n < 0) return(n); | |
759 | if (n == 0) | |
760 | { | |
761 | SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); | |
762 | return(-1); | |
763 | } | |
d02b48c6 RE |
764 | } |
765 | } | |
766 | rr->length=0; | |
767 | /* ZZZ */ goto start; | |
768 | } | |
769 | ||
770 | /* if it is not the type we want, or we have shutdown and want | |
771 | * the peer shutdown */ | |
772 | if ((rr->type != type) || (s->shutdown & SSL_SENT_SHUTDOWN)) | |
773 | { | |
774 | if (rr->type == SSL3_RT_ALERT) | |
775 | { | |
776 | if ((rr->length != 2) || (rr->off != 0)) | |
777 | { | |
58964a49 | 778 | al=SSL_AD_DECODE_ERROR; |
d02b48c6 RE |
779 | SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_ALERT_RECORD); |
780 | goto f_err; | |
781 | } | |
782 | ||
783 | i=rr->data[0]; | |
784 | n=rr->data[1]; | |
785 | ||
786 | /* clear from buffer */ | |
787 | rr->length=0; | |
788 | ||
789 | if (s->info_callback != NULL) | |
790 | cb=s->info_callback; | |
791 | else if (s->ctx->info_callback != NULL) | |
792 | cb=s->ctx->info_callback; | |
793 | ||
794 | if (cb != NULL) | |
795 | { | |
796 | j=(i<<8)|n; | |
797 | cb(s,SSL_CB_READ_ALERT,j); | |
798 | } | |
799 | ||
52732b38 | 800 | if (i == 1) /* warning */ |
d02b48c6 RE |
801 | { |
802 | s->s3->warn_alert=n; | |
58964a49 | 803 | if (n == SSL_AD_CLOSE_NOTIFY) |
d02b48c6 RE |
804 | { |
805 | s->shutdown|=SSL_RECEIVED_SHUTDOWN; | |
806 | return(0); | |
807 | } | |
808 | } | |
52732b38 | 809 | else if (i == 2) /* fatal */ |
d02b48c6 | 810 | { |
58964a49 RE |
811 | char tmp[16]; |
812 | ||
d02b48c6 RE |
813 | s->rwstate=SSL_NOTHING; |
814 | s->s3->fatal_alert=n; | |
dfeab068 RE |
815 | SSLerr(SSL_F_SSL3_READ_BYTES, |
816 | SSL_AD_REASON_OFFSET+n); | |
58964a49 RE |
817 | sprintf(tmp,"%d",n); |
818 | ERR_add_error_data(2,"SSL alert number ",tmp); | |
d02b48c6 RE |
819 | s->shutdown|=SSL_RECEIVED_SHUTDOWN; |
820 | SSL_CTX_remove_session(s->ctx,s->session); | |
821 | return(0); | |
822 | } | |
823 | else | |
824 | { | |
58964a49 | 825 | al=SSL_AD_ILLEGAL_PARAMETER; |
d02b48c6 RE |
826 | SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE); |
827 | goto f_err; | |
828 | } | |
829 | ||
830 | rr->length=0; | |
831 | goto start; | |
832 | } | |
833 | ||
834 | if (s->shutdown & SSL_SENT_SHUTDOWN) | |
835 | { | |
836 | s->rwstate=SSL_NOTHING; | |
837 | rr->length=0; | |
838 | return(0); | |
839 | } | |
840 | ||
841 | if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) | |
842 | { | |
843 | if ( (rr->length != 1) || (rr->off != 0) || | |
844 | (rr->data[0] != SSL3_MT_CCS)) | |
845 | { | |
58964a49 | 846 | i=SSL_AD_ILLEGAL_PARAMETER; |
d02b48c6 RE |
847 | SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC); |
848 | goto err; | |
849 | } | |
850 | ||
851 | rr->length=0; | |
d02b48c6 | 852 | s->s3->change_cipher_spec=1; |
58964a49 | 853 | if (!do_change_cipher_spec(s)) |
d02b48c6 | 854 | goto err; |
58964a49 RE |
855 | else |
856 | goto start; | |
d02b48c6 RE |
857 | } |
858 | ||
859 | /* else we have a handshake */ | |
860 | if ((rr->type == SSL3_RT_HANDSHAKE) && | |
861 | !s->in_handshake) | |
862 | { | |
863 | if (((s->state&SSL_ST_MASK) == SSL_ST_OK) && | |
864 | !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)) | |
865 | { | |
413c4f45 MC |
866 | s->state=SSL_ST_BEFORE|(s->server) |
867 | ?SSL_ST_ACCEPT | |
868 | :SSL_ST_CONNECT; | |
d02b48c6 RE |
869 | s->new_session=1; |
870 | } | |
871 | n=s->handshake_func(s); | |
872 | if (n < 0) return(n); | |
873 | if (n == 0) | |
874 | { | |
875 | SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE); | |
876 | return(-1); | |
877 | } | |
58964a49 RE |
878 | |
879 | /* In the case where we try to read application data | |
880 | * the first time, but we trigger an SSL handshake, we | |
881 | * return -1 with the retry option set. I do this | |
882 | * otherwise renegotiation can cause nasty problems | |
883 | * in the non-blocking world */ | |
884 | ||
885 | s->rwstate=SSL_READING; | |
886 | bio=SSL_get_rbio(s); | |
887 | BIO_clear_retry_flags(bio); | |
888 | BIO_set_retry_read(bio); | |
889 | return(-1); | |
d02b48c6 RE |
890 | } |
891 | ||
58964a49 RE |
892 | switch (rr->type) |
893 | { | |
894 | default: | |
895 | #ifndef NO_TLS | |
896 | /* TLS just ignores unknown message types */ | |
897 | if (s->version == TLS1_VERSION) | |
898 | { | |
899 | goto start; | |
900 | } | |
901 | #endif | |
902 | case SSL3_RT_CHANGE_CIPHER_SPEC: | |
903 | case SSL3_RT_ALERT: | |
904 | case SSL3_RT_HANDSHAKE: | |
905 | al=SSL_AD_UNEXPECTED_MESSAGE; | |
906 | SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD); | |
907 | goto f_err; | |
908 | case SSL3_RT_APPLICATION_DATA: | |
909 | /* At this point, we were expecting something else, | |
910 | * but have application data. What we do is set the | |
911 | * error, and return -1. On the way out, if the | |
912 | * library was running inside ssl3_read() and it makes | |
913 | * sense to read application data at this point, we | |
914 | * will indulge it. This will mostly happen during | |
915 | * session renegotiation. | |
916 | */ | |
917 | if (s->s3->in_read_app_data && | |
918 | (s->s3->total_renegotiations != 0) && | |
919 | (( | |
920 | (s->state & SSL_ST_CONNECT) && | |
921 | (s->state >= SSL3_ST_CW_CLNT_HELLO_A) && | |
922 | (s->state <= SSL3_ST_CR_SRVR_HELLO_A) | |
923 | ) || ( | |
924 | (s->state & SSL_ST_ACCEPT) && | |
925 | (s->state <= SSL3_ST_SW_HELLO_REQ_A) && | |
926 | (s->state >= SSL3_ST_SR_CLNT_HELLO_A) | |
927 | ) | |
928 | )) | |
929 | { | |
930 | s->s3->in_read_app_data=0; | |
931 | return(-1); | |
932 | } | |
933 | else | |
934 | { | |
935 | al=SSL_AD_UNEXPECTED_MESSAGE; | |
936 | SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD); | |
937 | goto f_err; | |
938 | } | |
939 | } | |
52732b38 | 940 | /* not reached */ |
d02b48c6 RE |
941 | } |
942 | ||
52732b38 BM |
943 | /* rr->type == type */ |
944 | ||
d02b48c6 RE |
945 | /* make sure that we are not getting application data when we |
946 | * are doing a handshake for the first time */ | |
947 | if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) && | |
948 | (s->enc_read_ctx == NULL)) | |
949 | { | |
58964a49 | 950 | al=SSL_AD_UNEXPECTED_MESSAGE; |
d02b48c6 RE |
951 | SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE); |
952 | goto f_err; | |
953 | } | |
954 | ||
955 | if (len <= 0) return(len); | |
956 | ||
957 | if ((unsigned int)len > rr->length) | |
958 | n=rr->length; | |
959 | else | |
960 | n=len; | |
961 | ||
962 | memcpy(buf,&(rr->data[rr->off]),(unsigned int)n); | |
963 | rr->length-=n; | |
964 | rr->off+=n; | |
b058a080 | 965 | if (rr->length == 0) |
58964a49 | 966 | { |
d02b48c6 | 967 | s->rstate=SSL_ST_READ_HEADER; |
58964a49 RE |
968 | rr->off=0; |
969 | } | |
d02b48c6 RE |
970 | |
971 | if (type == SSL3_RT_HANDSHAKE) | |
e778802f | 972 | ssl3_finish_mac(s,buf,n); |
d02b48c6 RE |
973 | return(n); |
974 | f_err: | |
975 | ssl3_send_alert(s,SSL3_AL_FATAL,al); | |
976 | err: | |
977 | return(-1); | |
978 | } | |
979 | ||
6b691a5c | 980 | static int do_change_cipher_spec(SSL *s) |
58964a49 RE |
981 | { |
982 | int i; | |
c44f7540 | 983 | const char *sender; |
58964a49 RE |
984 | int slen; |
985 | ||
986 | if (s->state & SSL_ST_ACCEPT) | |
987 | i=SSL3_CHANGE_CIPHER_SERVER_READ; | |
988 | else | |
989 | i=SSL3_CHANGE_CIPHER_CLIENT_READ; | |
990 | ||
991 | if (s->s3->tmp.key_block == NULL) | |
992 | { | |
993 | s->session->cipher=s->s3->tmp.new_cipher; | |
994 | if (!s->method->ssl3_enc->setup_key_block(s)) return(0); | |
995 | } | |
996 | ||
997 | if (!s->method->ssl3_enc->change_cipher_state(s,i)) | |
998 | return(0); | |
999 | ||
1000 | /* we have to record the message digest at | |
1001 | * this point so we can get it before we read | |
1002 | * the finished message */ | |
1003 | if (s->state & SSL_ST_CONNECT) | |
1004 | { | |
c44f7540 BM |
1005 | sender=s->method->ssl3_enc->server_finished_label; |
1006 | slen=s->method->ssl3_enc->server_finished_label_len; | |
58964a49 RE |
1007 | } |
1008 | else | |
1009 | { | |
c44f7540 BM |
1010 | sender=s->method->ssl3_enc->client_finished_label; |
1011 | slen=s->method->ssl3_enc->client_finished_label_len; | |
58964a49 RE |
1012 | } |
1013 | ||
9fb617e2 | 1014 | s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s, |
58964a49 RE |
1015 | &(s->s3->finish_dgst1), |
1016 | &(s->s3->finish_dgst2), | |
9fb617e2 | 1017 | sender,slen,s->s3->tmp.peer_finish_md); |
58964a49 RE |
1018 | |
1019 | return(1); | |
1020 | } | |
1021 | ||
52732b38 | 1022 | /* send s->init_buf in records of type 'type' */ |
6b691a5c | 1023 | int ssl3_do_write(SSL *s, int type) |
d02b48c6 RE |
1024 | { |
1025 | int ret; | |
1026 | ||
61f5b6f3 BL |
1027 | ret=ssl3_write_bytes(s,type,&s->init_buf->data[s->init_off], |
1028 | s->init_num); | |
d02b48c6 RE |
1029 | if (ret == s->init_num) |
1030 | return(1); | |
1031 | if (ret < 0) return(-1); | |
1032 | s->init_off+=ret; | |
1033 | s->init_num-=ret; | |
1034 | return(0); | |
1035 | } | |
1036 | ||
6b691a5c | 1037 | void ssl3_send_alert(SSL *s, int level, int desc) |
d02b48c6 | 1038 | { |
58964a49 RE |
1039 | /* Map tls/ssl alert value to correct one */ |
1040 | desc=s->method->ssl3_enc->alert_value(desc); | |
1041 | if (desc < 0) return; | |
d02b48c6 RE |
1042 | /* If a fatal one, remove from cache */ |
1043 | if ((level == 2) && (s->session != NULL)) | |
1044 | SSL_CTX_remove_session(s->ctx,s->session); | |
1045 | ||
1046 | s->s3->alert_dispatch=1; | |
1047 | s->s3->send_alert[0]=level; | |
1048 | s->s3->send_alert[1]=desc; | |
1049 | if (s->s3->wbuf.left == 0) /* data still being written out */ | |
1050 | ssl3_dispatch_alert(s); | |
1051 | /* else data is still being written out, we will get written | |
1052 | * some time in the future */ | |
1053 | } | |
1054 | ||
6b691a5c | 1055 | int ssl3_dispatch_alert(SSL *s) |
d02b48c6 RE |
1056 | { |
1057 | int i,j; | |
1058 | void (*cb)()=NULL; | |
1059 | ||
1060 | s->s3->alert_dispatch=0; | |
61f5b6f3 | 1061 | i=do_ssl3_write(s,SSL3_RT_ALERT,&s->s3->send_alert[0],2); |
d02b48c6 RE |
1062 | if (i <= 0) |
1063 | { | |
1064 | s->s3->alert_dispatch=1; | |
1065 | } | |
1066 | else | |
1067 | { | |
1068 | /* If it is important, send it now. If the message | |
1069 | * does not get sent due to non-blocking IO, we will | |
1070 | * not worry too much. */ | |
1071 | if (s->s3->send_alert[0] == SSL3_AL_FATAL) | |
d58d092b | 1072 | (void)BIO_flush(s->wbio); |
d02b48c6 RE |
1073 | |
1074 | if (s->info_callback != NULL) | |
1075 | cb=s->info_callback; | |
1076 | else if (s->ctx->info_callback != NULL) | |
1077 | cb=s->ctx->info_callback; | |
1078 | ||
1079 | if (cb != NULL) | |
1080 | { | |
1081 | j=(s->s3->send_alert[0]<<8)|s->s3->send_alert[1]; | |
1082 | cb(s,SSL_CB_WRITE_ALERT,j); | |
1083 | } | |
1084 | } | |
1085 | return(i); | |
1086 | } |