DTLS revision.

Revise DTLS code. There was a *lot* of code duplication in the
DTLS code that generates records. This makes it harder to maintain and
sometimes a TLS update is omitted by accident from the DTLS code.

Specifically almost all of the record generation functions have code like
this:

some_pointer = buffer + HANDSHAKE_HEADER_LENGTH;
... Record creation stuff ...
set_handshake_header(ssl, SSL_MT_SOMETHING, message_len);

...

write_handshake_message(ssl);

Where the "Record creation stuff" is identical between SSL/TLS and DTLS or
in some cases has very minor differences.

By adding a few fields to SSL3_ENC to include the header length, some flags
and function pointers for handshake header setting and handshake writing the
code can cope with both cases.

(cherry picked from commit 173e72e64c6a07ae97660c322396b66215009f33)

1 files changed, 19 insertions, 1 deletions

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 2250faa2e2..c026c7b697 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -2918,6 +2918,10 @@ SSL3_ENC_METHOD SSLv3_enc_data={
 	(int (*)(SSL *, unsigned char *, size_t, const char *,
 		 size_t, const unsigned char *, size_t,
 		 int use_context))ssl_undefined_function,
+	0,
+	SSL3_HM_HEADER_LENGTH,
+	ssl3_set_handshake_header,
+	ssl3_handshake_write
 	};
 
 long ssl3_default_timeout(void)
@@ -2948,6 +2952,20 @@ int ssl3_pending(const SSL *s)
 	return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
 	}
 
+void ssl3_set_handshake_header(SSL *s, int htype, unsigned long len)
+	{
+	unsigned char *p = (unsigned char *)s->init_buf->data;
+	*(p++) = htype;
+	l2n3(len, p);
+	s->init_num = (int)len + SSL3_HM_HEADER_LENGTH;
+	s->init_off = 0;
+	}
+
+int ssl3_handshake_write(SSL *s)
+	{
+	return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
+	}
+
 int ssl3_new(SSL *s)
 	{
 	SSL3_STATE *s3;
@@ -4467,4 +4485,4 @@ long ssl_get_algorithm2(SSL *s)
 		return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
 	return alg2;
 	}
-		
+