int
main(void)
{
pitem *item;
pqueue pq;
pq = pqueue_new();
item = pitem_new(3, NULL);
pqueue_insert(pq, item);
item = pitem_new(1, NULL);
pqueue_insert(pq, item);
item = pitem_new(2, NULL);
pqueue_insert(pq, item);
item = pqueue_find(pq, 1);
fprintf(stderr, "found %ld\n", item->priority);
item = pqueue_find(pq, 2);
fprintf(stderr, "found %ld\n", item->priority);
item = pqueue_find(pq, 3);
fprintf(stderr, "found %ld\n", item ? item->priority: 0);
pqueue_print(pq);
for(item = pqueue_pop(pq); item != NULL; item = pqueue_pop(pq))
pitem_free(item);
pqueue_free(pq);
return 0;
}
static int
dtls1_buffer_handshake_fragment(SSL *s, struct hm_header_st* msg_hdr)
{
hm_fragment *frag = NULL;
pitem *item = NULL;
PQ_64BIT seq64;
frag = dtls1_hm_fragment_new(msg_hdr->frag_len);
if ( frag == NULL)
goto err;
memcpy(frag->fragment, &(s->init_buf->data[s->init_num]),
msg_hdr->frag_len + DTLS1_HM_HEADER_LENGTH);
memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
pq_64bit_init(&seq64);
pq_64bit_assign_word(&seq64, msg_hdr->seq);
item = pitem_new(seq64, frag);
if ( item == NULL)
goto err;
pq_64bit_free(&seq64);
pqueue_insert(s->d1->buffered_messages, item);
return 1;
err:
if ( frag != NULL) dtls1_hm_fragment_free(frag);
if ( item != NULL) OPENSSL_free(item);
return 0;
}
int dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
{
DTLS1_RECORD_DATA *rdata;
pitem *item;
/* Limit the size of the queue to prevent DOS attacks */
if (pqueue_size(queue->q) >= 100)
return 0;
rdata = OPENSSL_malloc(sizeof(*rdata));
item = pitem_new(priority, rdata);
if (rdata == NULL || item == NULL) {
OPENSSL_free(rdata);
pitem_free(item);
SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
return -1;
}
rdata->packet = s->rlayer.packet;
rdata->packet_length = s->rlayer.packet_length;
memcpy(&(rdata->rbuf), &s->rlayer.rbuf, sizeof(SSL3_BUFFER));
memcpy(&(rdata->rrec), &s->rlayer.rrec, sizeof(SSL3_RECORD));
item->data = rdata;
#ifndef OPENSSL_NO_SCTP
/* Store bio_dgram_sctp_rcvinfo struct */
if (BIO_dgram_is_sctp(SSL_get_rbio(s)) &&
(SSL_get_state(s) == TLS_ST_SR_FINISHED
|| SSL_get_state(s) == TLS_ST_CR_FINISHED)) {
BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SCTP_GET_RCVINFO,
sizeof(rdata->recordinfo), &rdata->recordinfo);
}
#endif
s->rlayer.packet = NULL;
s->rlayer.packet_length = 0;
memset(&s->rlayer.rbuf, 0, sizeof(s->rlayer.rbuf));
memset(&s->rlayer.rrec, 0, sizeof(s->rlayer.rrec));
if (!ssl3_setup_buffers(s)) {
SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
OPENSSL_free(rdata->rbuf.buf);
OPENSSL_free(rdata);
pitem_free(item);
return (-1);
}
/* insert should not fail, since duplicates are dropped */
if (pqueue_insert(queue->q, item) == NULL) {
SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
OPENSSL_free(rdata->rbuf.buf);
OPENSSL_free(rdata);
pitem_free(item);
return (-1);
}
return (1);
}
static int
dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
{
int i=-1;
hm_fragment *frag = NULL;
pitem *item = NULL;
PQ_64BIT seq64;
unsigned long frag_len = msg_hdr->frag_len;
if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len)
goto err;
if (msg_hdr->seq <= s->d1->handshake_read_seq)
{
unsigned char devnull [256];
while (frag_len)
{
i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
devnull,
frag_len>sizeof(devnull)?sizeof(devnull):frag_len,0);
if (i<=0) goto err;
frag_len -= i;
}
}
frag = dtls1_hm_fragment_new(frag_len);
if ( frag == NULL)
goto err;
memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
if (frag_len)
{
/* read the body of the fragment (header has already been read */
i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
frag->fragment,frag_len,0);
if (i<=0 || (unsigned long)i!=frag_len)
goto err;
}
pq_64bit_init(&seq64);
pq_64bit_assign_word(&seq64, msg_hdr->seq);
item = pitem_new(seq64, frag);
pq_64bit_free(&seq64);
if ( item == NULL)
goto err;
pqueue_insert(s->d1->buffered_messages, item);
return DTLS1_HM_FRAGMENT_RETRY;
err:
if ( frag != NULL) dtls1_hm_fragment_free(frag);
if ( item != NULL) OPENSSL_free(item);
*ok = 0;
return i;
}
int
dtls1_buffer_message(SSL *s, int is_ccs)
{
pitem *item;
hm_fragment *frag;
PQ_64BIT seq64;
unsigned int epoch = s->d1->w_epoch;
/* this function is called immediately after a message has
* been serialized */
OPENSSL_assert(s->init_off == 0);
frag = dtls1_hm_fragment_new(s->init_num);
memcpy(frag->fragment, s->init_buf->data, s->init_num);
if ( is_ccs)
{
OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
DTLS1_CCS_HEADER_LENGTH <= (unsigned int)s->init_num);
epoch++;
}
else
{
OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
}
frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;
frag->msg_header.seq = s->d1->w_msg_hdr.seq;
frag->msg_header.type = s->d1->w_msg_hdr.type;
frag->msg_header.frag_off = 0;
frag->msg_header.frag_len = s->d1->w_msg_hdr.msg_len;
frag->msg_header.is_ccs = is_ccs;
pq_64bit_init(&seq64);
pq_64bit_assign_word(&seq64, epoch<<16 | frag->msg_header.seq);
item = pitem_new(seq64, frag);
pq_64bit_free(&seq64);
if ( item == NULL)
{
dtls1_hm_fragment_free(frag);
return 0;
}
#if 0
fprintf( stderr, "buffered messge: \ttype = %xx\n", msg_buf->type);
fprintf( stderr, "\t\t\t\t\tlen = %d\n", msg_buf->len);
fprintf( stderr, "\t\t\t\t\tseq_num = %d\n", msg_buf->seq_num);
#endif
pqueue_insert(s->d1->sent_messages, item);
return 1;
}
int
main(void)
{
pitem *item;
pqueue pq;
int one = 1;
int two = 2;
int three = 3;
pq = pqueue_new();
item = pitem_new((unsigned char*)&three, NULL);
pqueue_insert(pq, item);
item = pitem_new((unsigned char*)&one, NULL);
pqueue_insert(pq, item);
item = pitem_new((unsigned char*)&two, NULL);
pqueue_insert(pq, item);
item = pqueue_find(pq, (unsigned char*)&one);
TINYCLR_SSL_FPRINTF(OPENSSL_TYPE__FILE_STDERR, "found %ld\n", item->priority);
item = pqueue_find(pq, (unsigned char*)&two);
TINYCLR_SSL_FPRINTF(OPENSSL_TYPE__FILE_STDERR, "found %ld\n", item->priority);
item = pqueue_find(pq, (unsigned char*)&three);
TINYCLR_SSL_FPRINTF(OPENSSL_TYPE__FILE_STDERR, "found %ld\n", item ? item->priority: 0);
pqueue_print(pq);
for(item = pqueue_pop(pq); item != NULL; item = pqueue_pop(pq))
pitem_free(item);
pqueue_free(pq);
return 0;
}
int main(void)
{
pitem *item;
pqueue pq;
pq = pqueue_new();
item = pitem_new(prio3, NULL);
pqueue_insert(pq, item);
item = pitem_new(prio1, NULL);
pqueue_insert(pq, item);
item = pitem_new(prio2, NULL);
pqueue_insert(pq, item);
item = pqueue_find(pq, prio1);
fprintf(stderr, "found %p\n", item->priority);
item = pqueue_find(pq, prio2);
fprintf(stderr, "found %p\n", item->priority);
item = pqueue_find(pq, prio3);
fprintf(stderr, "found %p\n", item ? item->priority : 0);
pqueue_print(pq);
if (!pqueue_test(pq))
return 1;
for (item = pqueue_pop(pq); item != NULL; item = pqueue_pop(pq))
pitem_free(item);
pqueue_free(pq);
return 0;
}
static int trivial() {
pqueue q = pqueue_new();
if (q == NULL) {
return 0;
}
int32_t data = 0xdeadbeef;
uint8_t priority[8] = {0};
pitem *item = pitem_new(priority, &data);
if (item == NULL ||
pqueue_insert(q, item) != item ||
pqueue_size(q) != 1 ||
pqueue_peek(q) != item ||
pqueue_pop(q) != item ||
pqueue_size(q) != 0 ||
pqueue_pop(q) != NULL) {
return 0;
}
pitem_free(item);
pqueue_free(q);
return 1;
}
static int
dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
{
int i=-1;
hm_fragment *frag = NULL;
pitem *item = NULL;
PQ_64BIT seq64;
unsigned long frag_len = msg_hdr->frag_len;
if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len)
goto err;
/* Try to find item in queue, to prevent duplicate entries */
pq_64bit_init(&seq64);
pq_64bit_assign_word(&seq64, msg_hdr->seq);
item = pqueue_find(s->d1->buffered_messages, seq64);
pq_64bit_free(&seq64);
/* If we already have an entry and this one is a fragment,
* don't discard it and rather try to reassemble it.
*/
if (item != NULL && frag_len < msg_hdr->msg_len)
item = NULL;
/* Discard the message if sequence number was already there, is
* too far in the future, already in the queue or if we received
* a FINISHED before the SERVER_HELLO, which then must be a stale
* retransmit.
*/
if (msg_hdr->seq <= s->d1->handshake_read_seq ||
msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL ||
(s->d1->handshake_read_seq == 0 && msg_hdr->type == SSL3_MT_FINISHED))
{
unsigned char devnull [256];
while (frag_len)
{
i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
devnull,
frag_len>sizeof(devnull)?sizeof(devnull):frag_len,0);
if (i<=0) goto err;
frag_len -= i;
}
}
else
{
if (frag_len && frag_len < msg_hdr->msg_len)
return dtls1_reassemble_fragment(s, msg_hdr, ok);
frag = dtls1_hm_fragment_new(frag_len, 0);
if ( frag == NULL)
goto err;
memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
if (frag_len)
{
/* read the body of the fragment (header has already been read) */
i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
frag->fragment,frag_len,0);
if (i<=0 || (unsigned long)i!=frag_len)
goto err;
}
pq_64bit_init(&seq64);
pq_64bit_assign_word(&seq64, msg_hdr->seq);
item = pitem_new(seq64, frag);
pq_64bit_free(&seq64);
if ( item == NULL)
goto err;
pqueue_insert(s->d1->buffered_messages, item);
}
return DTLS1_HM_FRAGMENT_RETRY;
err:
if ( frag != NULL) dtls1_hm_fragment_free(frag);
if ( item != NULL) OPENSSL_free(item);
*ok = 0;
return i;
}
static int
dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)
{
hm_fragment *frag = NULL;
pitem *item = NULL;
int i = -1, is_complete;
PQ_64BIT seq64;
unsigned long frag_len = msg_hdr->frag_len, max_len;
if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len)
goto err;
/* Determine maximum allowed message size. Depends on (user set)
* maximum certificate length, but 16k is minimum.
*/
if (DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH < s->max_cert_list)
max_len = s->max_cert_list;
else
max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;
if ((msg_hdr->frag_off+frag_len) > max_len)
goto err;
/* Try to find item in queue */
pq_64bit_init(&seq64);
pq_64bit_assign_word(&seq64, msg_hdr->seq);
item = pqueue_find(s->d1->buffered_messages, seq64);
pq_64bit_free(&seq64);
if (item == NULL)
{
frag = dtls1_hm_fragment_new(msg_hdr->msg_len, 1);
if ( frag == NULL)
goto err;
memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
frag->msg_header.frag_len = frag->msg_header.msg_len;
frag->msg_header.frag_off = 0;
}
else
{
frag = (hm_fragment*) item->data;
if (frag->msg_header.msg_len != msg_hdr->msg_len)
{
item = NULL;
frag = NULL;
goto err;
}
}
/* If message is already reassembled, this must be a
* retransmit and can be dropped.
*/
if (frag->reassembly == NULL)
{
unsigned char devnull [256];
while (frag_len)
{
i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
devnull,
frag_len>sizeof(devnull)?sizeof(devnull):frag_len,0);
if (i<=0) goto err;
frag_len -= i;
}
return DTLS1_HM_FRAGMENT_RETRY;
}
/* read the body of the fragment (header has already been read */
i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
frag->fragment + msg_hdr->frag_off,frag_len,0);
if (i<=0 || (unsigned long)i!=frag_len)
goto err;
RSMBLY_BITMASK_MARK(frag->reassembly, (long)msg_hdr->frag_off,
(long)(msg_hdr->frag_off + frag_len));
RSMBLY_BITMASK_IS_COMPLETE(frag->reassembly, (long)msg_hdr->msg_len,
is_complete);
if (is_complete)
{
OPENSSL_free(frag->reassembly);
frag->reassembly = NULL;
}
if (item == NULL)
{
pq_64bit_init(&seq64);
pq_64bit_assign_word(&seq64, msg_hdr->seq);
item = pitem_new(seq64, frag);
pq_64bit_free(&seq64);
if (item == NULL)
{
i = -1;
goto err;
}
pqueue_insert(s->d1->buffered_messages, item);
}
return DTLS1_HM_FRAGMENT_RETRY;
err:
if (frag != NULL) dtls1_hm_fragment_free(frag);
if (item != NULL) OPENSSL_free(item);
*ok = 0;
return i;
}
int
dtls1_buffer_message(SSL *s, int is_ccs)
{
pitem *item;
hm_fragment *frag;
PQ_64BIT seq64;
/* this function is called immediately after a message has
* been serialized */
OPENSSL_assert(s->init_off == 0);
frag = dtls1_hm_fragment_new(s->init_num, 0);
memcpy(frag->fragment, s->init_buf->data, s->init_num);
if ( is_ccs)
{
OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
DTLS1_CCS_HEADER_LENGTH <= (unsigned int)s->init_num);
}
else
{
OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
}
frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;
frag->msg_header.seq = s->d1->w_msg_hdr.seq;
frag->msg_header.type = s->d1->w_msg_hdr.type;
frag->msg_header.frag_off = 0;
frag->msg_header.frag_len = s->d1->w_msg_hdr.msg_len;
frag->msg_header.is_ccs = is_ccs;
/* save current state*/
frag->msg_header.saved_retransmit_state.enc_write_ctx = s->enc_write_ctx;
frag->msg_header.saved_retransmit_state.write_hash = s->write_hash;
frag->msg_header.saved_retransmit_state.compress = s->compress;
frag->msg_header.saved_retransmit_state.session = s->session;
frag->msg_header.saved_retransmit_state.epoch = s->d1->w_epoch;
pq_64bit_init(&seq64);
pq_64bit_assign_word(&seq64,
dtls1_get_queue_priority(frag->msg_header.seq,
frag->msg_header.is_ccs));
item = pitem_new(seq64, frag);
pq_64bit_free(&seq64);
if ( item == NULL)
{
dtls1_hm_fragment_free(frag);
return 0;
}
#if 0
fprintf( stderr, "buffered messge: \ttype = %xx\n", msg_buf->type);
fprintf( stderr, "\t\t\t\t\tlen = %d\n", msg_buf->len);
fprintf( stderr, "\t\t\t\t\tseq_num = %d\n", msg_buf->seq_num);
#endif
pqueue_insert(s->d1->sent_messages, item);
return 1;
}
static int
dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
{
int i=-1;
hm_fragment *frag = NULL;
pitem *item = NULL;
PQ_64BIT seq64;
unsigned long frag_len = msg_hdr->frag_len;
if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len)
goto err;
/* Try to find item in queue, to prevent duplicate entries */
pq_64bit_init(&seq64);
pq_64bit_assign_word(&seq64, msg_hdr->seq);
item = pqueue_find(s->d1->buffered_messages, seq64);
pq_64bit_free(&seq64);
/* Discard the message if sequence number was already there, is
* too far in the future or the fragment is already in the queue */
if (msg_hdr->seq <= s->d1->handshake_read_seq ||
msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL)
{
unsigned char devnull [256];
while (frag_len)
{
i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
devnull,
frag_len>sizeof(devnull)?sizeof(devnull):frag_len,0);
if (i<=0) goto err;
frag_len -= i;
}
}
if (frag_len)
{
frag = dtls1_hm_fragment_new(frag_len);
if ( frag == NULL)
goto err;
memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
/* read the body of the fragment (header has already been read) */
i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
frag->fragment,frag_len,0);
if (i<=0 || (unsigned long)i!=frag_len)
goto err;
pq_64bit_init(&seq64);
pq_64bit_assign_word(&seq64, msg_hdr->seq);
item = pitem_new(seq64, frag);
pq_64bit_free(&seq64);
if ( item == NULL)
goto err;
pqueue_insert(s->d1->buffered_messages, item);
}
return DTLS1_HM_FRAGMENT_RETRY;
err:
if ( frag != NULL) dtls1_hm_fragment_free(frag);
if ( item != NULL) OPENSSL_free(item);
*ok = 0;
return i;
}
static int fixed_random() {
/* Random order of 10 elements, chosen by
* random.choice(list(itertools.permutations(range(10)))) */
int ordering[NUM_ITEMS] = {9, 6, 3, 4, 0, 2, 7, 1, 8, 5};
int i;
pqueue q = pqueue_new();
uint8_t priority[8] = {0};
piterator iter;
pitem *curr, *item;
if (q == NULL) {
return 0;
}
/* Insert the elements */
for (i = 0; i < NUM_ITEMS; i++) {
priority[7] = ordering[i];
item = pitem_new(priority, &ordering[i]);
if (pqueue_insert(q, item) != item) {
return 0;
}
}
/* Insert the elements again. This inserts duplicates and should
* fail. */
for (i = 0; i < NUM_ITEMS; i++) {
priority[7] = ordering[i];
item = pitem_new(priority, &ordering[i]);
if (pqueue_insert(q, item) != NULL) {
return 0;
}
pitem_free(item);
}
if (pqueue_size(q) != NUM_ITEMS) {
return 0;
}
/* Iterate over the elements. */
iter = pqueue_iterator(q);
curr = pqueue_next(&iter);
if (curr == NULL) {
return 0;
}
while (1) {
pitem *next = pqueue_next(&iter);
int *curr_data, *next_data;
if (next == NULL) {
break;
}
curr_data = (int*)curr->data;
next_data = (int*)next->data;
if (*curr_data >= *next_data) {
return 0;
}
curr = next;
}
pqueue_free(q);
return 1;
}
