diff options
Diffstat (limited to 'ssl/s3_pkt.c')
| -rw-r--r-- | ssl/s3_pkt.c | 36 |
1 files changed, 19 insertions, 17 deletions
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index 1f89e8ccef..f92ec59447 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -118,15 +118,9 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, unsigned int len, int create_empty_fragment); -static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, - unsigned int len); static int ssl3_get_record(SSL *s); -static int do_compress(SSL *ssl); -static int do_uncompress(SSL *ssl); -static int do_change_cipher_spec(SSL *ssl); -/* used only by ssl3_get_record */ -static int ssl3_read_n(SSL *s, int n, int max, int extend) +int ssl3_read_n(SSL *s, int n, int max, int extend) { /* If extend == 0, obtain new n-byte packet; if extend == 1, increase * packet by another n bytes. @@ -147,6 +141,14 @@ static int ssl3_read_n(SSL *s, int n, int max, int extend) /* ... now we can act as if 'extend' was set */ } + /* extend reads should not span multiple packets for DTLS */ + if ( SSL_version(s) == DTLS1_VERSION && + extend) + { + if ( s->s3->rbuf.left > 0 && n > s->s3->rbuf.left) + n = s->s3->rbuf.left; + } + /* if there is enough in the buffer from a previous read, take some */ if (s->s3->rbuf.left >= (int)n) { @@ -434,7 +436,7 @@ printf("\n"); SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG); goto f_err; } - if (!do_uncompress(s)) + if (!ssl3_do_uncompress(s)) { al=SSL_AD_DECOMPRESSION_FAILURE; SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION); @@ -472,7 +474,7 @@ err: return(ret); } -static int do_uncompress(SSL *ssl) +int ssl3_do_uncompress(SSL *ssl) { int i; SSL3_RECORD *rr; @@ -489,7 +491,7 @@ static int do_uncompress(SSL *ssl) return(1); } -static int do_compress(SSL *ssl) +int ssl3_do_compress(SSL *ssl) { int i; SSL3_RECORD *wr; @@ -580,7 +582,7 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, /* If we have an alert to send, lets send it */ if (s->s3->alert_dispatch) { - i=ssl3_dispatch_alert(s); + i=s->method->ssl_dispatch_alert(s); if (i <= 0) return(i); /* if it went, fall through and send more stuff */ @@ -655,7 +657,7 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, /* first we compress */ if (s->compress != NULL) { - if (!do_compress(s)) + if (!ssl3_do_compress(s)) { SSLerr(SSL_F_DO_SSL3_WRITE,SSL_R_COMPRESSION_FAILURE); goto err; @@ -716,8 +718,8 @@ err: } /* if s->s3->wbuf.left != 0, we need to call this */ -static int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, - unsigned int len) +int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, + unsigned int len) { int i; @@ -1091,7 +1093,7 @@ start: s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1, s, s->msg_callback_arg); s->s3->change_cipher_spec=1; - if (!do_change_cipher_spec(s)) + if (!ssl3_do_change_cipher_spec(s)) goto err; else goto start; @@ -1203,7 +1205,7 @@ err: return(-1); } -static int do_change_cipher_spec(SSL *s) +int ssl3_do_change_cipher_spec(SSL *s) { int i; const char *sender; @@ -1260,7 +1262,7 @@ void ssl3_send_alert(SSL *s, int level, int desc) s->s3->send_alert[0]=level; s->s3->send_alert[1]=desc; if (s->s3->wbuf.left == 0) /* data still being written out? */ - ssl3_dispatch_alert(s); + s->method->ssl_dispatch_alert(s); /* else data is still being written out, we will get written * some time in the future */ } |