int
dtls1_send_hello_verify_request(SSL *s)
{
unsigned char *d, *p;
if (s->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {
d = p = ssl3_handshake_msg_start(s,
DTLS1_MT_HELLO_VERIFY_REQUEST);
*(p++) = s->version >> 8;
*(p++) = s->version & 0xFF;
if (s->ctx->app_gen_cookie_cb == NULL ||
s->ctx->app_gen_cookie_cb(s, s->d1->cookie,
&(s->d1->cookie_len)) == 0) {
SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST,
ERR_R_INTERNAL_ERROR);
return 0;
}
*(p++) = (unsigned char) s->d1->cookie_len;
memcpy(p, s->d1->cookie, s->d1->cookie_len);
p += s->d1->cookie_len;
ssl3_handshake_msg_finish(s, p - d);
s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;
}
int
dtls1_send_hello_request(SSL *s)
{
if (s->state == SSL3_ST_SW_HELLO_REQ_A) {
ssl3_handshake_msg_start(s, SSL3_MT_HELLO_REQUEST);
ssl3_handshake_msg_finish(s, 0);
s->state = SSL3_ST_SW_HELLO_REQ_B;
}
/* SSL3_ST_SW_HELLO_REQ_B */
return (ssl3_handshake_write(s));
}
int
dtls1_client_hello(SSL *s)
{
unsigned char *bufend, *d, *p;
unsigned int i;
if (s->state == SSL3_ST_CW_CLNT_HELLO_A) {
SSL_SESSION *sess = s->session;
if ((s->session == NULL) ||
(s->session->ssl_version != s->version) ||
(!sess->session_id_length && !sess->tlsext_tick) ||
(s->session->not_resumable)) {
if (!ssl_get_new_session(s, 0))
goto err;
}
/* else use the pre-loaded session */
p = s->s3->client_random;
/* if client_random is initialized, reuse it, we are
* required to use same upon reply to HelloVerify */
for (i = 0; p[i]=='\0' && i < sizeof(s->s3->client_random); i++)
;
if (i == sizeof(s->s3->client_random))
arc4random_buf(p, sizeof(s->s3->client_random));
d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO);
*(p++) = s->version >> 8;
*(p++) = s->version&0xff;
s->client_version = s->version;
/* Random stuff */
memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
p += SSL3_RANDOM_SIZE;
/* Session ID */
if (s->new_session)
i = 0;
else
i = s->session->session_id_length;
*(p++) = i;
if (i != 0) {
if (i > sizeof s->session->session_id) {
SSLerr(SSL_F_DTLS1_CLIENT_HELLO,
ERR_R_INTERNAL_ERROR);
goto err;
}
memcpy(p, s->session->session_id, i);
p += i;
}
/* cookie stuff */
if (s->d1->cookie_len > sizeof(s->d1->cookie)) {
SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
goto err;
}
*(p++) = s->d1->cookie_len;
memcpy(p, s->d1->cookie, s->d1->cookie_len);
p += s->d1->cookie_len;
/* Ciphers supported */
i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]);
if (i == 0) {
SSLerr(SSL_F_DTLS1_CLIENT_HELLO,
SSL_R_NO_CIPHERS_AVAILABLE);
goto err;
}
s2n(i, p);
p += i;
/* add in (no) COMPRESSION */
*(p++) = 1;
*(p++) = 0; /* Add the NULL method */
bufend = (unsigned char *)s->init_buf->data +
SSL3_RT_MAX_PLAIN_LENGTH;
if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) {
SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
goto err;
}
ssl3_handshake_msg_finish(s, p - d);
s->state = SSL3_ST_CW_CLNT_HELLO_B;
}
