diff options
author | Matt Caswell <matt@openssl.org> | 2015-02-02 10:05:09 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-03-26 15:01:59 +0000 |
commit | c103c7e266145dc922115a2c3079776bb8216939 (patch) | |
tree | 6bc0602f7dd8de26dc8a30dddc5249b46c795b4b /ssl/s3_pkt.c | |
parent | 02a36fdae8cb503e2f88eac52eb3053431089397 (diff) | |
download | openssl-c103c7e266145dc922115a2c3079776bb8216939.tar.gz |
Split out non record layer functions out of s3_pkt.c and d1_pkt.c into
the new files s3_msg.c and s1_msg.c respectively.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl/s3_pkt.c')
-rw-r--r-- | ssl/s3_pkt.c | 118 |
1 files changed, 2 insertions, 116 deletions
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 6248043bec..16a6db42cc 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -132,9 +132,6 @@ # define EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK 0 #endif -static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, - unsigned int len, int create_empty_fragment); - int ssl3_read_n(SSL *s, int n, int max, int extend) { /* @@ -518,8 +515,8 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) } } -static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, - unsigned int len, int create_empty_fragment) +int do_ssl3_write(SSL *s, int type, const unsigned char *buf, + unsigned int len, int create_empty_fragment) { unsigned char *p, *plen; int i, mac_size, clear = 0; @@ -1300,115 +1297,4 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) return (-1); } -int ssl3_do_change_cipher_spec(SSL *s) -{ - int i; - const char *sender; - int slen; - - if (s->state & SSL_ST_ACCEPT) - i = SSL3_CHANGE_CIPHER_SERVER_READ; - else - i = SSL3_CHANGE_CIPHER_CLIENT_READ; - - if (s->s3->tmp.key_block == NULL) { - if (s->session == NULL || s->session->master_key_length == 0) { - /* might happen if dtls1_read_bytes() calls this */ - SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, - SSL_R_CCS_RECEIVED_EARLY); - return (0); - } - - s->session->cipher = s->s3->tmp.new_cipher; - if (!s->method->ssl3_enc->setup_key_block(s)) - return (0); - } - - if (!s->method->ssl3_enc->change_cipher_state(s, i)) - return (0); - - /* - * we have to record the message digest at this point so we can get it - * before we read the finished message - */ - if (s->state & SSL_ST_CONNECT) { - sender = s->method->ssl3_enc->server_finished_label; - slen = s->method->ssl3_enc->server_finished_label_len; - } else { - sender = s->method->ssl3_enc->client_finished_label; - slen = s->method->ssl3_enc->client_finished_label_len; - } - - i = s->method->ssl3_enc->final_finish_mac(s, - sender, slen, - s->s3->tmp.peer_finish_md); - if (i == 0) { - SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR); - return 0; - } - s->s3->tmp.peer_finish_md_len = i; - - return (1); -} - -int ssl3_send_alert(SSL *s, int level, int desc) -{ - /* Map tls/ssl alert value to correct one */ - desc = s->method->ssl3_enc->alert_value(desc); - if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION) - desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have - * protocol_version alerts */ - if (desc < 0) - return -1; - /* If a fatal one, remove from cache */ - if ((level == SSL3_AL_FATAL) && (s->session != NULL)) - SSL_CTX_remove_session(s->ctx, s->session); - - s->s3->alert_dispatch = 1; - s->s3->send_alert[0] = level; - s->s3->send_alert[1] = desc; - if (SSL3_BUFFER_get_left(RECORD_LAYER_get_wbuf(&s->rlayer)) == 0) { - /* data still being written out? */ - return s->method->ssl_dispatch_alert(s); - } - /* - * else data is still being written out, we will get written some time in - * the future - */ - return -1; -} - -int ssl3_dispatch_alert(SSL *s) -{ - int i, j; - void (*cb) (const SSL *ssl, int type, int val) = NULL; - - s->s3->alert_dispatch = 0; - i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], 2, 0); - if (i <= 0) { - s->s3->alert_dispatch = 1; - } else { - /* - * Alert sent to BIO. If it is important, flush it now. If the - * message does not get sent due to non-blocking IO, we will not - * worry too much. - */ - if (s->s3->send_alert[0] == SSL3_AL_FATAL) - (void)BIO_flush(s->wbio); - - if (s->msg_callback) - s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert, - 2, s, s->msg_callback_arg); - - if (s->info_callback != NULL) - cb = s->info_callback; - else if (s->ctx->info_callback != NULL) - cb = s->ctx->info_callback; - if (cb != NULL) { - j = (s->s3->send_alert[0] << 8) | s->s3->send_alert[1]; - cb(s, SSL_CB_WRITE_ALERT, j); - } - } - return (i); -} |