int do_dtls1_write(SSL *s, int type, const unsigned char *buf, size_t len, int create_empty_fragment, size_t *written) { unsigned char *p, *pseq; int i, mac_size, clear = 0; size_t prefix_len = 0; int eivlen; SSL3_RECORD wr; SSL3_BUFFER *wb; SSL_SESSION *sess; wb = &s->rlayer.wbuf[0]; /* * first check if there is a SSL3_BUFFER still being written out. This * will happen with non blocking IO */ if (!ossl_assert(SSL3_BUFFER_get_left(wb) == 0)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_DTLS1_WRITE, ERR_R_INTERNAL_ERROR); return 0; } /* If we have an alert to send, lets send it */ if (s->s3.alert_dispatch) { i = s->method->ssl_dispatch_alert(s); if (i <= 0) return i; /* if it went, fall through and send more stuff */ } if (len == 0 && !create_empty_fragment) return 0; if (len > ssl_get_max_send_fragment(s)) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_DTLS1_WRITE, SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE); return 0; } sess = s->session; if ((sess == NULL) || (s->enc_write_ctx == NULL) || (EVP_MD_CTX_md(s->write_hash) == NULL)) clear = 1; if (clear) mac_size = 0; else { mac_size = EVP_MD_CTX_size(s->write_hash); if (mac_size < 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_DTLS1_WRITE, SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE); return -1; } } p = SSL3_BUFFER_get_buf(wb) + prefix_len; /* write the header */ *(p++) = type & 0xff; SSL3_RECORD_set_type(&wr, type); /* * Special case: for hello verify request, client version 1.0 and we * haven't decided which version to use yet send back using version 1.0 * header: otherwise some clients will ignore it. */ if (s->method->version == DTLS_ANY_VERSION && s->max_proto_version != DTLS1_BAD_VER) { *(p++) = DTLS1_VERSION >> 8; *(p++) = DTLS1_VERSION & 0xff; } else {
int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment) { unsigned char *p, *pseq; int i, mac_size, clear = 0; int prefix_len = 0; int eivlen; SSL3_RECORD *wr; SSL3_BUFFER *wb; SSL_SESSION *sess; wb = &s->rlayer.wbuf; /* * first check if there is a SSL3_BUFFER still being written out. This * will happen with non blocking IO */ if (SSL3_BUFFER_get_left(wb) != 0) { OPENSSL_assert(0); /* XDTLS: want to see if we ever get here */ return (ssl3_write_pending(s, type, buf, len)); } /* If we have an alert to send, lets send it */ if (s->s3->alert_dispatch) { i = s->method->ssl_dispatch_alert(s); if (i <= 0) return (i); /* if it went, fall through and send more stuff */ } if (len == 0 && !create_empty_fragment) return 0; wr = &s->rlayer.wrec; sess = s->session; if ((sess == NULL) || (s->enc_write_ctx == NULL) || (EVP_MD_CTX_md(s->write_hash) == NULL)) clear = 1; if (clear) mac_size = 0; else { mac_size = EVP_MD_CTX_size(s->write_hash); if (mac_size < 0) goto err; } p = SSL3_BUFFER_get_buf(wb) + prefix_len; /* write the header */ *(p++) = type & 0xff; SSL3_RECORD_set_type(wr, type); /* * Special case: for hello verify request, client version 1.0 and we * haven't decided which version to use yet send back using version 1.0 * header: otherwise some clients will ignore it. */ if (s->method->version == DTLS_ANY_VERSION) { *(p++) = DTLS1_VERSION >> 8; *(p++) = DTLS1_VERSION & 0xff; } else {