diff options
Diffstat (limited to 'ssl/statem')
-rw-r--r-- | ssl/statem/statem.c | 37 | ||||
-rw-r--r-- | ssl/statem/statem.h | 7 | ||||
-rw-r--r-- | ssl/statem/statem_clnt.c | 407 | ||||
-rw-r--r-- | ssl/statem/statem_dtls.c | 42 | ||||
-rw-r--r-- | ssl/statem/statem_lib.c | 77 | ||||
-rw-r--r-- | ssl/statem/statem_locl.h | 11 | ||||
-rw-r--r-- | ssl/statem/statem_srvr.c | 195 |
7 files changed, 373 insertions, 403 deletions
diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c index 9bfd29dcd1..3df4ce61e1 100644 --- a/ssl/statem/statem.c +++ b/ssl/statem/statem.c @@ -46,7 +46,7 @@ */ /* Sub state machine return values */ -typedef enum { +typedef enum { /* Something bad happened or NBIO */ SUB_STATE_ERROR, /* Sub state finished go to the next sub state */ @@ -165,7 +165,8 @@ void ossl_statem_set_hello_verify_done(SSL *s) s->statem.hand_state = TLS_ST_SR_CLNT_HELLO; } -int ossl_statem_connect(SSL *s) { +int ossl_statem_connect(SSL *s) +{ return state_machine(s, 0); } @@ -174,7 +175,9 @@ int ossl_statem_accept(SSL *s) return state_machine(s, 1); } -static void (*get_callback(SSL *s))(const SSL *, int, int) +typedef void (*info_cb) (const SSL *, int, int); + +static info_cb get_callback(SSL *s) { if (s->info_callback != NULL) return s->info_callback; @@ -237,7 +240,6 @@ static int state_machine(SSL *s, int server) if (!SSL_clear(s)) return -1; } - #ifndef OPENSSL_NO_SCTP if (SSL_IS_DTLS(s)) { /* @@ -282,8 +284,7 @@ static int state_machine(SSL *s, int server) if (SSL_IS_DTLS(s)) { if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00) && - (server - || (s->version & 0xff00) != (DTLS1_BAD_VER & 0xff00))) { + (server || (s->version & 0xff00) != (DTLS1_BAD_VER & 0xff00))) { SSLerr(SSL_F_STATE_MACHINE, ERR_R_INTERNAL_ERROR); goto end; } @@ -320,7 +321,6 @@ static int state_machine(SSL *s, int server) */ s->s3->change_cipher_spec = 0; - /* * Ok, we now need to push on a buffering BIO ...but not with * SCTP @@ -471,15 +471,16 @@ static void init_read_state_machine(SSL *s) * control returns to the calling application. When this function is recalled we * will resume in the same state where we left off. */ -static SUB_STATE_RETURN read_state_machine(SSL *s) { +static SUB_STATE_RETURN read_state_machine(SSL *s) +{ OSSL_STATEM *st = &s->statem; int ret, mt; unsigned long len = 0; - int (*transition)(SSL *s, int mt); + int (*transition) (SSL *s, int mt); PACKET pkt; - MSG_PROCESS_RETURN (*process_message)(SSL *s, PACKET *pkt); - WORK_STATE (*post_process_message)(SSL *s, WORK_STATE wst); - unsigned long (*max_message_size)(SSL *s); + MSG_PROCESS_RETURN(*process_message) (SSL *s, PACKET *pkt); + WORK_STATE(*post_process_message) (SSL *s, WORK_STATE wst); + unsigned long (*max_message_size) (SSL *s); void (*cb) (const SSL *ssl, int type, int val) = NULL; cb = get_callback(s); @@ -620,7 +621,7 @@ static int statem_do_write(SSL *s) OSSL_STATEM *st = &s->statem; if (st->hand_state == TLS_ST_CW_CHANGE - || st->hand_state == TLS_ST_SW_CHANGE) { + || st->hand_state == TLS_ST_SW_CHANGE) { if (SSL_IS_DTLS(s)) return dtls1_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC); else @@ -675,10 +676,10 @@ static SUB_STATE_RETURN write_state_machine(SSL *s) { OSSL_STATEM *st = &s->statem; int ret; - WRITE_TRAN (*transition)(SSL *s); - WORK_STATE (*pre_work)(SSL *s, WORK_STATE wst); - WORK_STATE (*post_work)(SSL *s, WORK_STATE wst); - int (*construct_message)(SSL *s); + WRITE_TRAN(*transition) (SSL *s); + WORK_STATE(*pre_work) (SSL *s, WORK_STATE wst); + WORK_STATE(*post_work) (SSL *s, WORK_STATE wst); + int (*construct_message) (SSL *s); void (*cb) (const SSL *ssl, int type, int val) = NULL; cb = get_callback(s); @@ -807,7 +808,7 @@ int ossl_statem_app_data_allowed(SSL *s) * ServerHello yet then we allow app data */ if (st->hand_state == TLS_ST_BEFORE - || st->hand_state == TLS_ST_SR_CLNT_HELLO) + || st->hand_state == TLS_ST_SR_CLNT_HELLO) return 1; } else { /* diff --git a/ssl/statem/statem.h b/ssl/statem/statem.h index e2aef15583..2fca39b0db 100644 --- a/ssl/statem/statem.h +++ b/ssl/statem/statem.h @@ -71,7 +71,6 @@ typedef enum { WRITE_STATE_POST_WORK } WRITE_STATE; - /***************************************************************************** * * * This structure should be considered "opaque" to anything outside of the * @@ -89,13 +88,10 @@ struct ossl_statem_st { OSSL_HANDSHAKE_STATE hand_state; int in_init; int read_state_first_init; - /* true when we are actually in SSL_accept() or SSL_connect() */ int in_handshake; - /* Should we skip the CertificateVerify message? */ unsigned int no_cert_verify; - int use_timer; #ifndef OPENSSL_NO_SCTP int in_sctp_read_sock; @@ -103,7 +99,6 @@ struct ossl_statem_st { }; typedef struct ossl_statem_st OSSL_STATEM; - /***************************************************************************** * * * The following macros/functions represent the libssl internal API to the * @@ -126,5 +121,3 @@ __owur int ossl_statem_app_data_allowed(SSL *s); void ossl_statem_set_sctp_read_sock(SSL *s, int read_sock); __owur int ossl_statem_in_sctp_read_sock(SSL *s); #endif - - diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 338a23babe..8f250cdc13 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -65,7 +65,6 @@ static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b); static int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p); - /* * Is a CertificateRequest message allowed at the moment or not? * @@ -77,8 +76,8 @@ static ossl_inline int cert_req_allowed(SSL *s) { /* TLS does not like anon-DH with client cert */ if ((s->version > SSL3_VERSION - && (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)) - || (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aSRP | SSL_aPSK))) + && (s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL)) + || (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aSRP | SSL_aPSK))) return 0; return 1; @@ -122,7 +121,7 @@ int ossl_statem_client_read_transition(SSL *s, int mt) OSSL_STATEM *st = &s->statem; int ske_expected; - switch(st->hand_state) { + switch (st->hand_state) { case TLS_ST_CW_CLNT_HELLO: if (mt == SSL3_MT_SERVER_HELLO) { st->hand_state = TLS_ST_CR_SRVR_HELLO; @@ -153,9 +152,9 @@ int ossl_statem_client_read_transition(SSL *s, int mt) st->hand_state = DTLS_ST_CR_HELLO_VERIFY_REQUEST; return 1; } else if (s->version >= TLS1_VERSION - && s->tls_session_secret_cb != NULL - && s->session->tlsext_tick != NULL - && mt == SSL3_MT_CHANGE_CIPHER_SPEC) { + && s->tls_session_secret_cb != NULL + && s->session->tlsext_tick != NULL + && mt == SSL3_MT_CHANGE_CIPHER_SPEC) { /* * Normally, we can tell if the server is resuming the session * from the session ID. EAP-FAST (RFC 4851), however, relies on @@ -166,7 +165,7 @@ int ossl_statem_client_read_transition(SSL *s, int mt) st->hand_state = TLS_ST_CR_CHANGE; return 1; } else if (!(s->s3->tmp.new_cipher->algorithm_auth - & (SSL_aNULL | SSL_aSRP | SSL_aPSK))) { + & (SSL_aNULL | SSL_aSRP | SSL_aPSK))) { if (mt == SSL3_MT_CERTIFICATE) { st->hand_state = TLS_ST_CR_CERT; return 1; @@ -175,19 +174,19 @@ int ossl_statem_client_read_transition(SSL *s, int mt) ske_expected = key_exchange_expected(s); /* SKE is optional for some PSK ciphersuites */ if (ske_expected - || ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_PSK) - && mt == SSL3_MT_SERVER_KEY_EXCHANGE)) { + || ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_PSK) + && mt == SSL3_MT_SERVER_KEY_EXCHANGE)) { if (mt == SSL3_MT_SERVER_KEY_EXCHANGE) { st->hand_state = TLS_ST_CR_KEY_EXCH; return 1; } } else if (mt == SSL3_MT_CERTIFICATE_REQUEST - && cert_req_allowed(s)) { - st->hand_state = TLS_ST_CR_CERT_REQ; - return 1; + && cert_req_allowed(s)) { + st->hand_state = TLS_ST_CR_CERT_REQ; + return 1; } else if (mt == SSL3_MT_SERVER_DONE) { - st->hand_state = TLS_ST_CR_SRVR_DONE; - return 1; + st->hand_state = TLS_ST_CR_SRVR_DONE; + return 1; } } } @@ -207,9 +206,8 @@ int ossl_statem_client_read_transition(SSL *s, int mt) case TLS_ST_CR_CERT_STATUS: ske_expected = key_exchange_expected(s); /* SKE is optional for some PSK ciphersuites */ - if (ske_expected - || ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_PSK) - && mt == SSL3_MT_SERVER_KEY_EXCHANGE)) { + if (ske_expected || ((s->s3->tmp.new_cipher->algorithm_mkey & SSL_PSK) + && mt == SSL3_MT_SERVER_KEY_EXCHANGE)) { if (mt == SSL3_MT_SERVER_KEY_EXCHANGE) { st->hand_state = TLS_ST_CR_KEY_EXCH; return 1; @@ -280,99 +278,99 @@ WRITE_TRAN ossl_statem_client_write_transition(SSL *s) { OSSL_STATEM *st = &s->statem; - switch(st->hand_state) { - case TLS_ST_OK: - /* Renegotiation - fall through */ - case TLS_ST_BEFORE: - st->hand_state = TLS_ST_CW_CLNT_HELLO; - return WRITE_TRAN_CONTINUE; - - case TLS_ST_CW_CLNT_HELLO: - /* - * No transition at the end of writing because we don't know what - * we will be sent - */ - return WRITE_TRAN_FINISHED; + switch (st->hand_state) { + case TLS_ST_OK: + /* Renegotiation - fall through */ + case TLS_ST_BEFORE: + st->hand_state = TLS_ST_CW_CLNT_HELLO; + return WRITE_TRAN_CONTINUE; - case DTLS_ST_CR_HELLO_VERIFY_REQUEST: - st->hand_state = TLS_ST_CW_CLNT_HELLO; - return WRITE_TRAN_CONTINUE; + case TLS_ST_CW_CLNT_HELLO: + /* + * No transition at the end of writing because we don't know what + * we will be sent + */ + return WRITE_TRAN_FINISHED; - case TLS_ST_CR_SRVR_DONE: - if (s->s3->tmp.cert_req) - st->hand_state = TLS_ST_CW_CERT; - else - st->hand_state = TLS_ST_CW_KEY_EXCH; - return WRITE_TRAN_CONTINUE; + case DTLS_ST_CR_HELLO_VERIFY_REQUEST: + st->hand_state = TLS_ST_CW_CLNT_HELLO; + return WRITE_TRAN_CONTINUE; - case TLS_ST_CW_CERT: + case TLS_ST_CR_SRVR_DONE: + if (s->s3->tmp.cert_req) + st->hand_state = TLS_ST_CW_CERT; + else st->hand_state = TLS_ST_CW_KEY_EXCH; - return WRITE_TRAN_CONTINUE; + return WRITE_TRAN_CONTINUE; - case TLS_ST_CW_KEY_EXCH: - /* - * For TLS, cert_req is set to 2, so a cert chain of nothing is - * sent, but no verify packet is sent - */ - /* - * XXX: For now, we do not support client authentication in ECDH - * cipher suites with ECDH (rather than ECDSA) certificates. We - * need to skip the certificate verify message when client's - * ECDH public key is sent inside the client certificate. - */ - if (s->s3->tmp.cert_req == 1) { - st->hand_state = TLS_ST_CW_CERT_VRFY; - } else { - st->hand_state = TLS_ST_CW_CHANGE; - } - if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) { - st->hand_state = TLS_ST_CW_CHANGE; - } - return WRITE_TRAN_CONTINUE; + case TLS_ST_CW_CERT: + st->hand_state = TLS_ST_CW_KEY_EXCH; + return WRITE_TRAN_CONTINUE; - case TLS_ST_CW_CERT_VRFY: + case TLS_ST_CW_KEY_EXCH: + /* + * For TLS, cert_req is set to 2, so a cert chain of nothing is + * sent, but no verify packet is sent + */ + /* + * XXX: For now, we do not support client authentication in ECDH + * cipher suites with ECDH (rather than ECDSA) certificates. We + * need to skip the certificate verify message when client's + * ECDH public key is sent inside the client certificate. + */ + if (s->s3->tmp.cert_req == 1) { + st->hand_state = TLS_ST_CW_CERT_VRFY; + } else { st->hand_state = TLS_ST_CW_CHANGE; - return WRITE_TRAN_CONTINUE; + } + if (s->s3->flags & TLS1_FLAGS_SKIP_CERT_VERIFY) { + st->hand_state = TLS_ST_CW_CHANGE; + } + return WRITE_TRAN_CONTINUE; - case TLS_ST_CW_CHANGE: + case TLS_ST_CW_CERT_VRFY: + st->hand_state = TLS_ST_CW_CHANGE; + return WRITE_TRAN_CONTINUE; + + case TLS_ST_CW_CHANGE: #if defined(OPENSSL_NO_NEXTPROTONEG) - st->hand_state = TLS_ST_CW_FINISHED; + st->hand_state = TLS_ST_CW_FINISHED; #else - if (!SSL_IS_DTLS(s) && s->s3->next_proto_neg_seen) - st->hand_state = TLS_ST_CW_NEXT_PROTO; - else - st->hand_state = TLS_ST_CW_FINISHED; + if (!SSL_IS_DTLS(s) && s->s3->next_proto_neg_seen) + st->hand_state = TLS_ST_CW_NEXT_PROTO; + else + st->hand_state = TLS_ST_CW_FINISHED; #endif - return WRITE_TRAN_CONTINUE; + return WRITE_TRAN_CONTINUE; #if !defined(OPENSSL_NO_NEXTPROTONEG) - case TLS_ST_CW_NEXT_PROTO: - st->hand_state = TLS_ST_CW_FINISHED; - return WRITE_TRAN_CONTINUE; + case TLS_ST_CW_NEXT_PROTO: + st->hand_state = TLS_ST_CW_FINISHED; + return WRITE_TRAN_CONTINUE; #endif - case TLS_ST_CW_FINISHED: - if (s->hit) { - st->hand_state = TLS_ST_OK; - ossl_statem_set_in_init(s, 0); - return WRITE_TRAN_CONTINUE; - } else { - return WRITE_TRAN_FINISHED; - } + case TLS_ST_CW_FINISHED: + if (s->hit) { + st->hand_state = TLS_ST_OK; + ossl_statem_set_in_init(s, 0); + return WRITE_TRAN_CONTINUE; + } else { + return WRITE_TRAN_FINISHED; + } - case TLS_ST_CR_FINISHED: - if (s->hit) { - st->hand_state = TLS_ST_CW_CHANGE; - return WRITE_TRAN_CONTINUE; - } else { - st->hand_state = TLS_ST_OK; - ossl_statem_set_in_init(s, 0); - return WRITE_TRAN_CONTINUE; - } + case TLS_ST_CR_FINISHED: + if (s->hit) { + st->hand_state = TLS_ST_CW_CHANGE; + return WRITE_TRAN_CONTINUE; + } else { + st->hand_state = TLS_ST_OK; + ossl_statem_set_in_init(s, 0); + return WRITE_TRAN_CONTINUE; + } - default: - /* Shouldn't happen */ - return WRITE_TRAN_ERROR; + default: + /* Shouldn't happen */ + return WRITE_TRAN_ERROR; } } @@ -384,7 +382,7 @@ WORK_STATE ossl_statem_client_pre_work(SSL *s, WORK_STATE wst) { OSSL_STATEM *st = &s->statem; - switch(st->hand_state) { + switch (st->hand_state) { case TLS_ST_CW_CLNT_HELLO: s->shutdown = 0; if (SSL_IS_DTLS(s)) { @@ -433,7 +431,7 @@ WORK_STATE ossl_statem_client_post_work(SSL *s, WORK_STATE wst) s->init_num = 0; - switch(st->hand_state) { + switch (st->hand_state) { case TLS_ST_CW_CLNT_HELLO: if (wst == WORK_MORE_A && statem_flush(s) != 1) return WORK_MORE_A; @@ -516,7 +514,7 @@ int ossl_statem_client_construct_message(SSL *s) { OSSL_STATEM *st = &s->statem; - switch(st->hand_state) { + switch (st->hand_state) { case TLS_ST_CW_CLNT_HELLO: return tls_construct_client_hello(s); @@ -562,46 +560,47 @@ unsigned long ossl_statem_client_max_message_size(SSL *s) { OSSL_STATEM *st = &s->statem; - switch(st->hand_state) { - case TLS_ST_CR_SRVR_HELLO: - return SERVER_HELLO_MAX_LENGTH; + switch (st->hand_state) { + case TLS_ST_CR_SRVR_HELLO: + return SERVER_HELLO_MAX_LENGTH; - case DTLS_ST_CR_HELLO_VERIFY_REQUEST: - return HELLO_VERIFY_REQUEST_MAX_LENGTH; + case DTLS_ST_CR_HELLO_VERIFY_REQUEST: + return HELLO_VERIFY_REQUEST_MAX_LENGTH; - case TLS_ST_CR_CERT: - return s->max_cert_list; + case TLS_ST_CR_CERT: + return s->max_cert_list; - case TLS_ST_CR_CERT_STATUS: - return SSL3_RT_MAX_PLAIN_LENGTH; + case TLS_ST_CR_CERT_STATUS: + return SSL3_RT_MAX_PLAIN_LENGTH; - case TLS_ST_CR_KEY_EXCH: - return SERVER_KEY_EXCH_MAX_LENGTH; + case TLS_ST_CR_KEY_EXCH: + return SERVER_KEY_EXCH_MAX_LENGTH; - case TLS_ST_CR_CERT_REQ: - /* Set to s->max_cert_list for compatibility with previous releases. - * In practice these messages can get quite long if servers are - * configured to provide a long list of acceptable CAs - */ - return s->max_cert_list; + case TLS_ST_CR_CERT_REQ: + /* + * Set to s->max_cert_list for compatibility with previous releases. In + * practice these messages can get quite long if servers are configured + * to provide a long list of acceptable CAs + */ + return s->max_cert_list; - case TLS_ST_CR_SRVR_DONE: - return SERVER_HELLO_DONE_MAX_LENGTH; + case TLS_ST_CR_SRVR_DONE: + return SERVER_HELLO_DONE_MAX_LENGTH; - case TLS_ST_CR_CHANGE: - if (s->version == DTLS1_BAD_VER) - return 3; - return CCS_MAX_LENGTH; + case TLS_ST_CR_CHANGE: + if (s->version == DTLS1_BAD_VER) + return 3; + return CCS_MAX_LENGTH; - case TLS_ST_CR_SESSION_TICKET: - return SSL3_RT_MAX_PLAIN_LENGTH; + case TLS_ST_CR_SESSION_TICKET: + return SSL3_RT_MAX_PLAIN_LENGTH; - case TLS_ST_CR_FINISHED: - return FINISHED_MAX_LENGTH; + case TLS_ST_CR_FINISHED: + return FINISHED_MAX_LENGTH; - default: - /* Shouldn't happen */ - break; + default: + /* Shouldn't happen */ + break; } return 0; @@ -614,40 +613,40 @@ MSG_PROCESS_RETURN ossl_statem_client_process_message(SSL *s, PACKET *pkt) { OSSL_STATEM *st = &s->statem; - switch(st->hand_state) { - case TLS_ST_CR_SRVR_HELLO: - return tls_process_server_hello(s, pkt); + switch (st->hand_state) { + case TLS_ST_CR_SRVR_HELLO: + return tls_process_server_hello(s, pkt); - case DTLS_ST_CR_HELLO_VERIFY_REQUEST: - return dtls_process_hello_verify(s, pkt); + case DTLS_ST_CR_HELLO_VERIFY_REQUEST: + return dtls_process_hello_verify(s, pkt); - case TLS_ST_CR_CERT: - return tls_process_server_certificate(s, pkt); + case TLS_ST_CR_CERT: + return tls_process_server_certificate(s, pkt); - case TLS_ST_CR_CERT_STATUS: - return tls_process_cert_status(s, pkt); + case TLS_ST_CR_CERT_STATUS: + return tls_process_cert_status(s, pkt); - case TLS_ST_CR_KEY_EXCH: - return tls_process_key_exchange(s, pkt); + case TLS_ST_CR_KEY_EXCH: + return tls_process_key_exchange(s, pkt); - case TLS_ST_CR_CERT_REQ: - return tls_process_certificate_request(s, pkt); + case TLS_ST_CR_CERT_REQ: + return tls_process_certificate_request(s, pkt); - case TLS_ST_CR_SRVR_DONE: - return tls_process_server_done(s, pkt); + case TLS_ST_CR_SRVR_DONE: + return tls_process_server_done(s, pkt); - case TLS_ST_CR_CHANGE: - return tls_process_change_cipher_spec(s, pkt); + case TLS_ST_CR_CHANGE: + return tls_process_change_cipher_spec(s, pkt); - case TLS_ST_CR_SESSION_TICKET: - return tls_process_new_session_ticket(s, pkt); + case TLS_ST_CR_SESSION_TICKET: + return tls_process_new_session_ticket(s, pkt); - case TLS_ST_CR_FINISHED: - return tls_process_finished(s, pkt); + case TLS_ST_CR_FINISHED: + return tls_process_finished(s, pkt); - default: - /* Shouldn't happen */ - break; + default: + /* Shouldn't happen */ + break; } return MSG_PROCESS_ERROR; @@ -661,7 +660,7 @@ WORK_STATE ossl_statem_client_post_process_message(SSL *s, WORK_STATE wst) { OSSL_STATEM *st = &s->statem; - switch(st->hand_state) { + switch (st->hand_state) { case TLS_ST_CR_CERT_REQ: return tls_prepare_client_certificate(s, wst); @@ -711,8 +710,7 @@ int tls_construct_client_hello(SSL *s) goto err; } - if ((sess == NULL) || - !ssl_version_supported(s, sess->ssl_version) || + if ((sess == NULL) || !ssl_version_supported(s, sess->ssl_version) || /* * In the case of EAP-FAST, we can have a pre-shared * "ticket" without a session ID. @@ -742,8 +740,7 @@ int tls_construct_client_hello(SSL *s) } else i = 1; - if (i && ssl_fill_hello_random(s, 0, p, - sizeof(s->s3->client_random)) <= 0) + if (i && ssl_fill_hello_random(s, 0, p, sizeof(s->s3->client_random)) <= 0) goto err; /* Do the message type and length last */ @@ -846,7 +843,7 @@ int tls_construct_client_hello(SSL *s) *(p++) = comp->id; } #endif - *(p++) = 0; /* Add the NULL method */ + *(p++) = 0; /* Add the NULL method */ /* TLS extensions */ if (ssl_prepare_clienthello_tlsext(s) <= 0) { @@ -881,7 +878,7 @@ MSG_PROCESS_RETURN dtls_process_hello_verify(SSL *s, PACKET *pkt) PACKET cookiepkt; if (!PACKET_forward(pkt, 2) - || !PACKET_get_length_prefixed_1(pkt, &cookiepkt)) { + || !PACKET_get_length_prefixed_1(pkt, &cookiepkt)) { al = SSL_AD_DECODE_ERROR; SSLerr(SSL_F_DTLS_PROCESS_HELLO_VERIFY, SSL_R_LENGTH_MISMATCH); goto f_err; @@ -1145,7 +1142,6 @@ MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt) SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_BAD_PACKET_LENGTH); goto f_err; } - #ifndef OPENSSL_NO_SCTP if (SSL_IS_DTLS(s) && s->hit) { unsigned char sctpauthkey[64]; @@ -1159,10 +1155,9 @@ MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt) sizeof(DTLS1_SCTP_AUTH_LABEL)); if (SSL_export_keying_material(s, sctpauthkey, - sizeof(sctpauthkey), - labelbuffer, - sizeof(labelbuffer), NULL, 0, - 0) <= 0) + sizeof(sctpauthkey), + labelbuffer, + sizeof(labelbuffer), NULL, 0, 0) <= 0) goto err; BIO_ctrl(SSL_get_wbio(s), @@ -1194,14 +1189,14 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt) } if (!PACKET_get_net_3(pkt, &cert_list_len) - || PACKET_remaining(pkt) != cert_list_len) { + || PACKET_remaining(pkt) != cert_list_len) { al = SSL_AD_DECODE_ERROR; SSLerr(SSL_F_TLS_PROCESS_SERVER_CERTIFICATE, SSL_R_LENGTH_MISMATCH); goto f_err; } while (PACKET_remaining(pkt)) { if (!PACKET_get_net_3(pkt, &cert_len) - || !PACKET_get_bytes(pkt, &certbytes, cert_len)) { + || !PACKET_get_bytes(pkt, &certbytes, cert_len)) { al = SSL_AD_DECODE_ERROR; SSLerr(SSL_F_TLS_PROCESS_SERVER_CERTIFICATE, SSL_R_CERT_LENGTH_MISMATCH); @@ -1274,9 +1269,9 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt) exp_idx = ssl_cipher_get_cert_index(s->s3->tmp.new_cipher); if (exp_idx >= 0 && i != exp_idx - && (exp_idx != SSL_PKEY_GOST_EC || - (i != SSL_PKEY_GOST12_512 && i != SSL_PKEY_GOST12_256 - && i != SSL_PKEY_GOST01))) { + && (exp_idx != SSL_PKEY_GOST_EC || + (i != SSL_PKEY_GOST12_512 && i != SSL_PKEY_GOST12_256 + && i != SSL_PKEY_GOST01))) { x = NULL; al = SSL_AD_ILLEGAL_PARAMETER; SSLerr(SSL_F_TLS_PROCESS_SERVER_CERTIFICATE, @@ -1333,7 +1328,7 @@ static int tls_process_ske_psk_preamble(SSL *s, PACKET *pkt, int *al) OPENSSL_free(s->session->psk_identity_hint); s->session->psk_identity_hint = NULL; } else if (!PACKET_strndup(&psk_identity_hint, - &s->session->psk_identity_hint)) { + &s->session->psk_identity_hint)) { *al = SSL_AD_INTERNAL_ERROR; return 0; } @@ -1384,7 +1379,7 @@ static int tls_process_ske_srp(SSL *s, PACKET *pkt, EVP_PKEY **pkey, int *al) } /* We must check if there is a certificate */ - if (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aRSA|SSL_aDSS)) + if (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aRSA | SSL_aDSS)) *pkey = X509_get0_pubkey(s->session->peer); return 1; @@ -1422,8 +1417,7 @@ static int tls_process_ske_dhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey, int *al) } p = BN_bin2bn(PACKET_data(&prime), PACKET_remaining(&prime), NULL); - g = BN_bin2bn(PACKET_data(&generator), PACKET_remaining(&generator), - NULL); + g = BN_bin2bn(PACKET_data(&generator), PACKET_remaining(&generator), NULL); bnpub_key = BN_bin2bn(PACKET_data(&pub_key), PACKET_remaining(&pub_key), NULL); if (p == NULL || g == NULL || bnpub_key == NULL) { @@ -1470,7 +1464,7 @@ static int tls_process_ske_dhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey, int *al) * FIXME: This makes assumptions about which ciphersuites come with * public keys. We should have a less ad-hoc way of doing this */ - if (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aRSA|SSL_aDSS)) + if (s->s3->tmp.new_cipher->algorithm_auth & (SSL_aRSA | SSL_aDSS)) *pkey = X509_get0_pubkey(s->session->peer); /* else anonymous DH, so no certificate or pkey. */ @@ -1522,7 +1516,7 @@ static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey, int *al) curve_nid = tls1_ec_curve_id2nid(*(ecparams + 2), &curve_flags); - if (curve_nid == 0) { + if (curve_nid == 0) { *al = SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_TLS_PROCESS_SKE_ECDHE, SSL_R_UNABLE_TO_FIND_ECDH_PARAMETERS); @@ -1689,7 +1683,8 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) if (PACKET_remaining(&signature) > (size_t)maxsig) { /* wrong packet length */ al = SSL_AD_DECODE_ERROR; - SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_WRONG_SIGNATURE_LENGTH); + SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, + SSL_R_WRONG_SIGNATURE_LENGTH); goto err; } @@ -1701,12 +1696,12 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) } if (EVP_VerifyInit_ex(md_ctx, md, NULL) <= 0 - || EVP_VerifyUpdate(md_ctx, &(s->s3->client_random[0]), - SSL3_RANDOM_SIZE) <= 0 - || EVP_VerifyUpdate(md_ctx, &(s->s3->server_random[0]), - SSL3_RANDOM_SIZE) <= 0 - || EVP_VerifyUpdate(md_ctx, PACKET_data(¶ms), - PACKET_remaining(¶ms)) <= 0) { + || EVP_VerifyUpdate(md_ctx, &(s->s3->client_random[0]), + SSL3_RANDOM_SIZE) <= 0 + || EVP_VerifyUpdate(md_ctx, &(s->s3->server_random[0]), + SSL3_RANDOM_SIZE) <= 0 + || EVP_VerifyUpdate(md_ctx, PACKET_data(¶ms), + PACKET_remaining(¶ms)) <= 0) { EVP_MD_CTX_free(md_ctx); al = SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_EVP_LIB); @@ -1724,7 +1719,7 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) } else { /* aNULL, aSRP or PSK do not need public keys */ if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL | SSL_aSRP)) - && !(alg_k & SSL_PSK)) { + && !(alg_k & SSL_PSK)) { /* Might be wrong key type, check it */ if (ssl3_check_cert_and_algorithm(s)) { /* Otherwise this shouldn't happen */ @@ -1767,7 +1762,7 @@ MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt) /* get the certificate types */ if (!PACKET_get_1(pkt, &ctype_num) - || !PACKET_get_bytes(pkt, &data, ctype_num)) { + || !PACKET_get_bytes(pkt, &data, ctype_num)) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); SSLerr(SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST, SSL_R_LENGTH_MISMATCH); goto err; @@ -1790,7 +1785,7 @@ MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt) if (SSL_USE_SIGALGS(s)) { if (!PACKET_get_net_2(pkt, &list_len) - || !PACKET_get_bytes(pkt, &data, list_len)) { + || !PACKET_get_bytes(pkt, &data, list_len)) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); SSLerr(SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST, SSL_R_LENGTH_MISMATCH); @@ -1819,7 +1814,7 @@ MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt) /* get the CA RDNs */ if (!PACKET_get_net_2(pkt, &list_len) - || PACKET_remaining(pkt) != list_len) { + || PACKET_remaining(pkt) != list_len) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); SSLerr(SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST, SSL_R_LENGTH_MISMATCH); goto err; @@ -1827,7 +1822,7 @@ MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt) while (PACKET_remaining(pkt)) { if (!PACKET_get_net_2(pkt, &name_len) - || !PACKET_get_bytes(pkt, &namebytes, name_len)) { + || !PACKET_get_bytes(pkt, &namebytes, name_len)) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); SSLerr(SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST, SSL_R_LENGTH_MISMATCH); @@ -1885,8 +1880,8 @@ MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt) unsigned long ticket_lifetime_hint; if (!PACKET_get_net_4(pkt, &ticket_lifetime_hint) - || !PACKET_get_net_2(pkt, &ticklen) - || PACKET_remaining(pkt) != ticklen) { + || !PACKET_get_net_2(pkt, &ticklen) + || PACKET_remaining(pkt) != ticklen) { al = SSL_AD_DECODE_ERROR; SSLerr(SSL_F_TLS_PROCESS_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH); goto f_err; @@ -1968,13 +1963,13 @@ MSG_PROCESS_RETURN tls_process_cert_status(SSL *s, PACKET *pkt) unsigned int type; if (!PACKET_get_1(pkt, &type) - || type != TLSEXT_STATUSTYPE_ocsp) { + || type != TLSEXT_STATUSTYPE_ocsp) { al = SSL_AD_DECODE_ERROR; SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS, SSL_R_UNSUPPORTED_STATUS_TYPE); goto f_err; } if (!PACKET_get_net_3(pkt, &resplen) - || PACKET_remaining(pkt) != resplen) { + || PACKET_remaining(pkt) != resplen) { al = SSL_AD_DECODE_ERROR; SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS, SSL_R_LENGTH_MISMATCH); goto f_err; @@ -2007,7 +2002,6 @@ MSG_PROCESS_RETURN tls_process_server_done(SSL *s, PACKET *pkt) ossl_statem_set_error(s); return MSG_PROCESS_ERROR; } - #ifndef OPENSSL_NO_SRP if (s->s3->tmp.new_cipher->algorithm_mkey & SSL_kSRP) { if (SRP_Calc_A_param(s) <= 0) { @@ -2050,7 +2044,6 @@ MSG_PROCESS_RETURN tls_process_server_done(SSL *s, PACKET *pkt) return MSG_PROCESS_ERROR; } } - #ifndef OPENSSL_NO_CT if (s->ct_validation_callback != NULL) { /* Note we validate the SCTs whether or not we abort on error */ @@ -2064,7 +2057,7 @@ MSG_PROCESS_RETURN tls_process_server_done(SSL *s, PACKET *pkt) #ifndef OPENSSL_NO_SCTP /* Only applies to renegotiation */ if (SSL_IS_DTLS(s) && BIO_dgram_is_sctp(SSL_get_wbio(s)) - && s->renegotiate != 0) + && s->renegotiate != 0) return MSG_PROCESS_CONTINUE_PROCESSING; else #endif @@ -2379,8 +2372,8 @@ static int tls_construct_cke_gost(SSL *s, unsigned char **p, int *len, int *al) } if (EVP_PKEY_encrypt_init(pkey_ctx) <= 0 - /* Generate session key */ - || RAND_bytes(pms, pmslen) <= 0) { + /* Generate session key */ + || RAND_bytes(pms, pmslen) <= 0) { *al = SSL_AD_INTERNAL_ERROR; SSLerr(SSL_F_TLS_CONSTRUCT_CKE_GOST, ERR_R_INTERNAL_ERROR); goto err; @@ -2389,8 +2382,7 @@ static int tls_construct_cke_gost(SSL *s, unsigned char **p, int *len, int *al) * If we have client certificate, use its secret as peer key */ if (s->s3->tmp.cert_req && s->cert->key->privatekey) { - if (EVP_PKEY_derive_set_peer - (pkey_ctx, s->cert->key->privatekey) <= 0) { + if (EVP_PKEY_derive_set_peer(pkey_ctx, s->cert->key->privatekey) <= 0) { /* * If there was an err |