int dtls1_send_hello_verify_request(SSL *s) { unsigned int len; unsigned char *buf; if (s->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) { buf = (unsigned char *)s->init_buf->data; if (s->ctx->app_gen_cookie_cb == NULL || s->ctx->app_gen_cookie_cb(s, s->d1->cookie, &(s->d1->cookie_len)) == 0 || s->d1->cookie_len > 255) { SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST, SSL_R_COOKIE_GEN_CALLBACK_FAILURE); s->state = SSL_ST_ERR; return 0; } len = dtls1_raw_hello_verify_request(&buf[DTLS1_HM_HEADER_LENGTH], s->d1->cookie, s->d1->cookie_len); dtls1_set_message_header(s, buf, DTLS1_MT_HELLO_VERIFY_REQUEST, len, 0, len); len += DTLS1_HM_HEADER_LENGTH; s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B; /* number of bytes to write */ s->init_num = len; s->init_off = 0; } /* s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */ return (dtls1_do_write(s, SSL3_RT_HANDSHAKE)); }
/* for these 2 messages, we need to * ssl->enc_read_ctx re-init * ssl->s3->read_sequence zero * ssl->s3->read_mac_secret re-init * ssl->session->read_sym_enc assign * ssl->session->read_compression assign * ssl->session->read_hash assign */ int dtls1_send_change_cipher_spec(SSL *s, int a, int b) { unsigned char *p; if (s->state == a) { p=(unsigned char *)s->init_buf->data; *p++=SSL3_MT_CCS; s->d1->handshake_write_seq = s->d1->next_handshake_write_seq; s->init_num=DTLS1_CCS_HEADER_LENGTH; if (s->client_version == DTLS1_BAD_VER) { s->d1->next_handshake_write_seq++; s2n(s->d1->handshake_write_seq,p); s->init_num+=2; } s->init_off=0; dtls1_set_message_header_int(s, SSL3_MT_CCS, 0, s->d1->handshake_write_seq, 0, 0); /* buffer the message to handle re-xmits */ dtls1_buffer_message(s, 1); s->state=b; } /* SSL3_ST_CW_CHANGE_B */ return(dtls1_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC)); }
int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen) { unsigned char *p,*d; int i; unsigned long l; if (s->state == a) { d=(unsigned char *)s->init_buf->data; p= &(d[DTLS1_HM_HEADER_LENGTH]); i=s->method->ssl3_enc->final_finish_mac(s, &(s->s3->finish_dgst1), &(s->s3->finish_dgst2), sender,slen,s->s3->tmp.finish_md); s->s3->tmp.finish_md_len = i; memcpy(p, s->s3->tmp.finish_md, i); p+=i; l=i; /* Copy the finished so we can use it for * renegotiation checks */ if(s->type == SSL_ST_CONNECT) { OPENSSL_assert(i <= EVP_MAX_MD_SIZE); memcpy(s->s3->previous_client_finished, s->s3->tmp.finish_md, i); s->s3->previous_client_finished_len=i; } else { OPENSSL_assert(i <= EVP_MAX_MD_SIZE); memcpy(s->s3->previous_server_finished, s->s3->tmp.finish_md, i); s->s3->previous_server_finished_len=i; } #ifdef OPENSSL_SYS_WIN16 /* MSVC 1.5 does not clear the top bytes of the word unless * I do this. */ l&=0xffff; #endif d = dtls1_set_message_header(s, d, SSL3_MT_FINISHED, l, 0, l); s->init_num=(int)l+DTLS1_HM_HEADER_LENGTH; s->init_off=0; /* buffer the message to handle re-xmits */ dtls1_buffer_message(s, 0); s->state=b; } /* SSL3_ST_SEND_xxxxxx_HELLO_B */ return(dtls1_do_write(s,SSL3_RT_HANDSHAKE)); }
int dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off, int *found) { int ret; /* XDTLS: for now assuming that read/writes are blocking */ pitem *item; hm_fragment *frag ; unsigned long header_length; PQ_64BIT seq64; /* OPENSSL_assert(s->init_num == 0); OPENSSL_assert(s->init_off == 0); */ /* XDTLS: the requested message ought to be found, otherwise error */ pq_64bit_init(&seq64); pq_64bit_assign_word(&seq64, seq); item = pqueue_find(s->d1->sent_messages, seq64); pq_64bit_free(&seq64); if ( item == NULL) { fprintf(stderr, "retransmit: message %d non-existant\n", seq); *found = 0; return 0; } *found = 1; frag = (hm_fragment *)item->data; if ( frag->msg_header.is_ccs) header_length = DTLS1_CCS_HEADER_LENGTH; else header_length = DTLS1_HM_HEADER_LENGTH; memcpy(s->init_buf->data, frag->fragment, frag->msg_header.msg_len + header_length); s->init_num = frag->msg_header.msg_len + header_length; dtls1_set_message_header_int(s, frag->msg_header.type, frag->msg_header.msg_len, frag->msg_header.seq, 0, frag->msg_header.frag_len); s->d1->retransmitting = 1; ret = dtls1_do_write(s, frag->msg_header.is_ccs ? SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE); s->d1->retransmitting = 0; (void)BIO_flush(SSL_get_wbio(s)); return ret; }
int dtls1_send_hello_request(SSL *s) { unsigned char *p; if (s->state == SSL3_ST_SW_HELLO_REQ_A) { p=(unsigned char *)s->init_buf->data; p = dtls1_set_message_header(s, p, SSL3_MT_HELLO_REQUEST, 0, 0, 0); s->state=SSL3_ST_SW_HELLO_REQ_B; /* number of bytes to write */ s->init_num=DTLS1_HM_HEADER_LENGTH; s->init_off=0; /* no need to buffer this message, since there are no retransmit * requests for it */ } /* SSL3_ST_SW_HELLO_REQ_B */ return(dtls1_do_write(s,SSL3_RT_HANDSHAKE)); }
int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen) { unsigned char *p,*d; int i; unsigned long l; if (s->state == a) { d=(unsigned char *)s->init_buf->data; p= &(d[DTLS1_HM_HEADER_LENGTH]); i=s->method->ssl3_enc->final_finish_mac(s, &(s->s3->finish_dgst1), &(s->s3->finish_dgst2), sender,slen,s->s3->tmp.finish_md); s->s3->tmp.finish_md_len = i; memcpy(p, s->s3->tmp.finish_md, i); p+=i; l=i; #ifdef OPENSSL_SYS_WIN16 /* MSVC 1.5 does not clear the top bytes of the word unless * I do this. */ l&=0xffff; #endif d = dtls1_set_message_header(s, d, SSL3_MT_FINISHED, l, 0, l); s->init_num=(int)l+DTLS1_HM_HEADER_LENGTH; s->init_off=0; /* buffer the message to handle re-xmits */ dtls1_buffer_message(s, 0); s->state=b; } /* SSL3_ST_SEND_xxxxxx_HELLO_B */ return(dtls1_do_write(s,SSL3_RT_HANDSHAKE)); }
int dtls1_handshake_write(SSL *s) { return dtls1_do_write(s, SSL3_RT_HANDSHAKE); }
int dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off, int *found) { int ret; /* XDTLS: for now assuming that read/writes are blocking */ pitem *item; hm_fragment *frag ; unsigned long header_length; PQ_64BIT seq64; struct dtls1_retransmit_state saved_state; unsigned char save_write_sequence[8]; /* OPENSSL_assert(s->init_num == 0); OPENSSL_assert(s->init_off == 0); */ /* XDTLS: the requested message ought to be found, otherwise error */ pq_64bit_init(&seq64); pq_64bit_assign_word(&seq64, seq); item = pqueue_find(s->d1->sent_messages, seq64); pq_64bit_free(&seq64); if ( item == NULL) { fprintf(stderr, "retransmit: message %d non-existant\n", seq); *found = 0; return 0; } *found = 1; frag = (hm_fragment *)item->data; if ( frag->msg_header.is_ccs) header_length = DTLS1_CCS_HEADER_LENGTH; else header_length = DTLS1_HM_HEADER_LENGTH; memcpy(s->init_buf->data, frag->fragment, frag->msg_header.msg_len + header_length); s->init_num = frag->msg_header.msg_len + header_length; dtls1_set_message_header_int(s, frag->msg_header.type, frag->msg_header.msg_len, frag->msg_header.seq, 0, frag->msg_header.frag_len); /* save current state */ saved_state.enc_write_ctx = s->enc_write_ctx; saved_state.write_hash = s->write_hash; saved_state.compress = s->compress; saved_state.session = s->session; saved_state.epoch = s->d1->w_epoch; saved_state.epoch = s->d1->w_epoch; s->d1->retransmitting = 1; /* restore state in which the message was originally sent */ s->enc_write_ctx = frag->msg_header.saved_retransmit_state.enc_write_ctx; s->write_hash = frag->msg_header.saved_retransmit_state.write_hash; s->compress = frag->msg_header.saved_retransmit_state.compress; s->session = frag->msg_header.saved_retransmit_state.session; s->d1->w_epoch = frag->msg_header.saved_retransmit_state.epoch; if (frag->msg_header.saved_retransmit_state.epoch == saved_state.epoch - 1) { memcpy(save_write_sequence, s->s3->write_sequence, sizeof(s->s3->write_sequence)); memcpy(s->s3->write_sequence, s->d1->last_write_sequence, sizeof(s->s3->write_sequence)); } ret = dtls1_do_write(s, frag->msg_header.is_ccs ? SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE); /* restore current state */ s->enc_write_ctx = saved_state.enc_write_ctx; s->write_hash = saved_state.write_hash; s->compress = saved_state.compress; s->session = saved_state.session; s->d1->w_epoch = saved_state.epoch; if (frag->msg_header.saved_retransmit_state.epoch == saved_state.epoch - 1) { memcpy(s->d1->last_write_sequence, s->s3->write_sequence, sizeof(s->s3->write_sequence)); memcpy(s->s3->write_sequence, save_write_sequence, sizeof(s->s3->write_sequence)); } s->d1->retransmitting = 0; (void)BIO_flush(SSL_get_wbio(s)); return ret; }
int dtls1_handshake_write(SSL *s) { return dtls1_do_write(s, SSL3_RT_HANDSHAKE, dtls1_use_current_epoch); }