#endif
static void get_current_time(struct timeval *t);
-static void dtls1_set_handshake_header(SSL *s, int type, unsigned long len);
+static int dtls1_set_handshake_header(SSL *s, int type, unsigned long len);
static int dtls1_handshake_write(SSL *s);
const char dtls1_version_str[] = "DTLSv1" OPENSSL_VERSION_PTEXT;
int dtls1_listen(SSL *s, struct sockaddr *client);
return 1;
}
-static void dtls1_set_handshake_header(SSL *s, int htype, unsigned long len)
+static int dtls1_set_handshake_header(SSL *s, int htype, unsigned long len)
{
unsigned char *p = (unsigned char *)s->init_buf->data;
dtls1_set_message_header(s, p, htype, len, 0, len);
s->init_num = (int)len + DTLS1_HM_HEADER_LENGTH;
s->init_off = 0;
/* Buffer the message to handle re-xmits */
- /*
- * Deliberately swallow error return. We really should do something with
- * this - but its a void function that can't (easily) be changed
- */
- if(!dtls1_buffer_message(s, 0));
+
+ if(!dtls1_buffer_message(s, 0))
+ return 0;
+
+ return 1;
}
static int dtls1_handshake_write(SSL *s)
s->s3->previous_server_finished_len = i;
}
- ssl_set_handshake_header(s, SSL3_MT_FINISHED, l);
+ if(!ssl_set_handshake_header(s, SSL3_MT_FINISHED, l)) {
+ SSLerr(SSL_F_SSL3_SEND_FINISHED, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
s->state = b;
}
p = ssl_handshake_start(s);
l2n3(l, p);
l += 3;
- ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE, l);
+
+ if(!ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE, l)) {
+ SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
return l + SSL_HM_HEADER_LENGTH(s);
}
#endif
l = p - d;
- ssl_set_handshake_header(s, SSL3_MT_CLIENT_HELLO, l);
+ if(!ssl_set_handshake_header(s, SSL3_MT_CLIENT_HELLO, l)) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
s->state = SSL3_ST_CW_CLNT_HELLO_B;
}
goto err;
}
- ssl_set_handshake_header(s, SSL3_MT_CLIENT_KEY_EXCHANGE, n);
+ if(!ssl_set_handshake_header(s, SSL3_MT_CLIENT_KEY_EXCHANGE, n)) {
+ ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
+
s->state = SSL3_ST_CW_KEY_EXCH_B;
}
SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
goto err;
}
- ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE_VERIFY, n);
+ if(!ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE_VERIFY, n)) {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
+ goto err;
+ }
s->state = SSL3_ST_CW_CERT_VRFY_B;
}
EVP_MD_CTX_cleanup(&mctx);
SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0;
}
-void ssl3_set_handshake_header(SSL *s, int htype, unsigned long len)
+int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len)
{
unsigned char *p = (unsigned char *)s->init_buf->data;
*(p++) = htype;
l2n3(len, p);
s->init_num = (int)len + SSL3_HM_HEADER_LENGTH;
s->init_off = 0;
+
+ return 1;
}
int ssl3_handshake_write(SSL *s)
{
if (s->state == SSL3_ST_SW_HELLO_REQ_A) {
- ssl_set_handshake_header(s, SSL3_MT_HELLO_REQUEST, 0);
+ if(!ssl_set_handshake_header(s, SSL3_MT_HELLO_REQUEST, 0)) {
+ SSLerr(SSL_F_SSL3_SEND_HELLO_REQUEST, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
s->state = SSL3_ST_SW_HELLO_REQ_B;
}
#endif
/* do the header */
l = (p - d);
- ssl_set_handshake_header(s, SSL3_MT_SERVER_HELLO, l);
+ if(!ssl_set_handshake_header(s, SSL3_MT_SERVER_HELLO, l)) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
s->state = SSL3_ST_SW_SRVR_HELLO_B;
}
{
if (s->state == SSL3_ST_SW_SRVR_DONE_A) {
- ssl_set_handshake_header(s, SSL3_MT_SERVER_DONE, 0);
+ if(!ssl_set_handshake_header(s, SSL3_MT_SERVER_DONE, 0)) {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_DONE, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
s->state = SSL3_ST_SW_SRVR_DONE_B;
}
}
}
- ssl_set_handshake_header(s, SSL3_MT_SERVER_KEY_EXCHANGE, n);
+ if(!ssl_set_handshake_header(s, SSL3_MT_SERVER_KEY_EXCHANGE, n)) {
+ al = SSL_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+ goto f_err;
+ }
}
s->state = SSL3_ST_SW_KEY_EXCH_B;
p = ssl_handshake_start(s) + off;
s2n(nl, p);
- ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE_REQUEST, n);
+ if(!ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE_REQUEST, n)) {
+ SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST, ERR_R_INTERNAL_ERROR);
+ return -1;
+ }
s->state = SSL3_ST_SW_CERT_REQ_B;
}
/* Now write out lengths: p points to end of data written */
/* Total length */
len = p - ssl_handshake_start(s);
- ssl_set_handshake_header(s, SSL3_MT_NEWSESSION_TICKET, len);
+ if(!ssl_set_handshake_header(s, SSL3_MT_NEWSESSION_TICKET, len))
+ goto err;
/* Skip ticket lifetime hint */
p = ssl_handshake_start(s) + 4;
s2n(len - 6, p);
# define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151
# define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152
# define SSL_F_SSL3_SEND_CLIENT_VERIFY 153
+# define SSL_F_SSL3_SEND_FINISHED 343
+# define SSL_F_SSL3_SEND_HELLO_REQUEST 344
# define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
+# define SSL_F_SSL3_SEND_SERVER_DONE 345
# define SSL_F_SSL3_SEND_SERVER_HELLO 242
# define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
# define SSL_F_SSL3_SETUP_KEY_BLOCK 157
{ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE),
"ssl3_send_client_key_exchange"},
{ERR_FUNC(SSL_F_SSL3_SEND_CLIENT_VERIFY), "ssl3_send_client_verify"},
+ {ERR_FUNC(SSL_F_SSL3_SEND_FINISHED), "ssl3_send_finished"},
+ {ERR_FUNC(SSL_F_SSL3_SEND_HELLO_REQUEST), "ssl3_send_hello_request"},
{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_CERTIFICATE),
"ssl3_send_server_certificate"},
+ {ERR_FUNC(SSL_F_SSL3_SEND_SERVER_DONE), "ssl3_send_server_done"},
{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_HELLO), "ssl3_send_server_hello"},
{ERR_FUNC(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE),
"ssl3_send_server_key_exchange"},
/* Handshake header length */
unsigned int hhlen;
/* Set the handshake header */
- void (*set_handshake_header) (SSL *s, int type, unsigned long len);
+ int (*set_handshake_header) (SSL *s, int type, unsigned long len);
/* Write out handshake message */
int (*do_write) (SSL *s);
} SSL3_ENC_METHOD;
__owur int ssl3_do_change_cipher_spec(SSL *ssl);
__owur long ssl3_default_timeout(void);
-void ssl3_set_handshake_header(SSL *s, int htype, unsigned long len);
+__owur int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len);
__owur int ssl3_handshake_write(SSL *s);
__owur int ssl23_num_ciphers(void);
projects / openssl / commitdiff