diff options
author | Matt Caswell <matt@openssl.org> | 2015-09-04 13:51:49 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-10-30 08:38:18 +0000 |
commit | c130dd8ea4d09cb708aac9e41bd25c2f5fa7ea38 (patch) | |
tree | 6466c850736d62f8fd90b31defdde4d93cc5ac39 /ssl/d1_srvr.c | |
parent | 94836de2aeab65869caf2aa9a260114a309aaf0a (diff) |
Move server side DTLS to new state machine
Implement all of the necessary changes to make DTLS on the server work
with the new state machine code.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl/d1_srvr.c')
-rw-r--r-- | ssl/d1_srvr.c | 49 |
1 files changed, 23 insertions, 26 deletions
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c index 22dbbfe3d3..02a944d86e 100644 --- a/ssl/d1_srvr.c +++ b/ssl/d1_srvr.c @@ -127,7 +127,6 @@ #endif static const SSL_METHOD *dtls1_get_server_method(int ver); -static int dtls1_send_hello_verify_request(SSL *s); static const SSL_METHOD *dtls1_get_server_method(int ver) { @@ -157,6 +156,7 @@ IMPLEMENT_dtls1_meth_func(DTLS1_VERSION, ssl_undefined_function, dtls1_get_server_method, DTLSv1_2_enc_data) +#if 0 int dtls1_accept(SSL *s) { BUF_MEM *buf; @@ -857,6 +857,7 @@ int dtls1_accept(SSL *s) cb(s, SSL_CB_ACCEPT_EXIT, ret); return (ret); } +#endif unsigned int dtls1_raw_hello_verify_request(unsigned char *buf, unsigned char *cookie, @@ -879,37 +880,33 @@ unsigned int dtls1_raw_hello_verify_request(unsigned char *buf, } -int dtls1_send_hello_verify_request(SSL *s) +int dtls_construct_hello_verify_request(SSL *s) { unsigned int len; unsigned char *buf; - if (s->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) { - buf = (unsigned char *)s->init_buf->data; - - if (s->ctx->app_gen_cookie_cb == NULL || - s->ctx->app_gen_cookie_cb(s, s->d1->cookie, - &(s->d1->cookie_len)) == 0 || - s->d1->cookie_len > 255) { - SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST, - SSL_R_COOKIE_GEN_CALLBACK_FAILURE); - s->state = SSL_ST_ERR; - return 0; - } + buf = (unsigned char *)s->init_buf->data; - len = dtls1_raw_hello_verify_request(&buf[DTLS1_HM_HEADER_LENGTH], - s->d1->cookie, s->d1->cookie_len); + if (s->ctx->app_gen_cookie_cb == NULL || + s->ctx->app_gen_cookie_cb(s, s->d1->cookie, + &(s->d1->cookie_len)) == 0 || + s->d1->cookie_len > 255) { + SSLerr(SSL_F_DTLS1_SEND_HELLO_VERIFY_REQUEST, + SSL_R_COOKIE_GEN_CALLBACK_FAILURE); + statem_set_error(s); + return 0; + } - dtls1_set_message_header(s, buf, DTLS1_MT_HELLO_VERIFY_REQUEST, len, 0, - len); - len += DTLS1_HM_HEADER_LENGTH; + len = dtls1_raw_hello_verify_request(&buf[DTLS1_HM_HEADER_LENGTH], + s->d1->cookie, s->d1->cookie_len); - s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B; - /* number of bytes to write */ - s->init_num = len; - s->init_off = 0; - } + dtls1_set_message_header(s, buf, DTLS1_MT_HELLO_VERIFY_REQUEST, len, 0, + len); + len += DTLS1_HM_HEADER_LENGTH; + + /* number of bytes to write */ + s->init_num = len; + s->init_off = 0; - /* s->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */ - return (dtls1_do_write(s, SSL3_RT_HANDSHAKE)); + return 1; } |