diff options
Diffstat (limited to 'ssl/d1_lib.c')
| -rw-r--r-- | ssl/d1_lib.c | 64 |
1 files changed, 21 insertions, 43 deletions
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index 3d27e3085818..f61f71818308 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -82,6 +82,7 @@ SSL3_ENC_METHOD DTLSv1_enc_data={ TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE, TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE, tls1_alert_code, + tls1_export_keying_material, }; long dtls1_default_timeout(void) @@ -91,11 +92,6 @@ long dtls1_default_timeout(void) return(60*60*2); } -IMPLEMENT_dtls1_meth_func(dtlsv1_base_method, - ssl_undefined_function, - ssl_undefined_function, - ssl_bad_method) - int dtls1_new(SSL *s) { DTLS1_STATE *d1; @@ -105,17 +101,6 @@ int dtls1_new(SSL *s) memset(d1,0, sizeof *d1); /* d1->handshake_epoch=0; */ -#if defined(OPENSSL_SYS_VMS) || defined(VMS_TEST) - d1->bitmap.length=64; -#else - d1->bitmap.length=sizeof(d1->bitmap.map) * 8; -#endif - pq_64bit_init(&(d1->bitmap.map)); - pq_64bit_init(&(d1->bitmap.max_seq_num)); - - d1->next_bitmap.length = d1->bitmap.length; - pq_64bit_init(&(d1->next_bitmap.map)); - pq_64bit_init(&(d1->next_bitmap.max_seq_num)); d1->unprocessed_rcds.q=pqueue_new(); d1->processed_rcds.q=pqueue_new(); @@ -209,12 +194,6 @@ void dtls1_free(SSL *s) pqueue_free(s->d1->buffered_messages); pqueue_free(s->d1->sent_messages); pqueue_free(s->d1->buffered_app_data.q); - - pq_64bit_free(&(s->d1->bitmap.map)); - pq_64bit_free(&(s->d1->bitmap.max_seq_num)); - - pq_64bit_free(&(s->d1->next_bitmap.map)); - pq_64bit_free(&(s->d1->next_bitmap.max_seq_num)); OPENSSL_free(s->d1); } @@ -239,12 +218,6 @@ void dtls1_clear(SSL *s) dtls1_clear_queues(s); - pq_64bit_free(&(s->d1->bitmap.map)); - pq_64bit_free(&(s->d1->bitmap.max_seq_num)); - - pq_64bit_free(&(s->d1->next_bitmap.map)); - pq_64bit_free(&(s->d1->next_bitmap.max_seq_num)); - memset(s->d1, 0, sizeof(*(s->d1))); if (s->server) @@ -262,18 +235,6 @@ void dtls1_clear(SSL *s) s->d1->buffered_messages = buffered_messages; s->d1->sent_messages = sent_messages; s->d1->buffered_app_data.q = buffered_app_data; - -#if defined(OPENSSL_SYS_VMS) || defined(VMS_TEST) - s->d1->bitmap.length=64; -#else - s->d1->bitmap.length=sizeof(s->d1->bitmap.map) * 8; -#endif - pq_64bit_init(&(s->d1->bitmap.map)); - pq_64bit_init(&(s->d1->bitmap.max_seq_num)); - - s->d1->next_bitmap.length = s->d1->bitmap.length; - pq_64bit_init(&(s->d1->next_bitmap.map)); - pq_64bit_init(&(s->d1->next_bitmap.max_seq_num)); } ssl3_clear(s); @@ -316,13 +277,13 @@ long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg) * to explicitly list their SSL_* codes. Currently RC4 is the only one * available, but if new ones emerge, they will have to be added... */ -SSL_CIPHER *dtls1_get_cipher(unsigned int u) +const SSL_CIPHER *dtls1_get_cipher(unsigned int u) { - SSL_CIPHER *ciph = ssl3_get_cipher(u); + const SSL_CIPHER *ciph = ssl3_get_cipher(u); if (ciph != NULL) { - if ((ciph->algorithms&SSL_ENC_MASK) == SSL_RC4) + if (ciph->algorithm_enc == SSL_RC4) return NULL; } @@ -331,6 +292,15 @@ SSL_CIPHER *dtls1_get_cipher(unsigned int u) void dtls1_start_timer(SSL *s) { +#ifndef OPENSSL_NO_SCTP + /* Disable timer for SCTP */ + if (BIO_dgram_is_sctp(SSL_get_wbio(s))) + { + memset(&(s->d1->next_timeout), 0, sizeof(struct timeval)); + return; + } +#endif + /* If timer is not set, initialize duration with 1 second */ if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0) { @@ -468,6 +438,14 @@ int dtls1_handle_timeout(SSL *s) s->d1->timeout.read_timeouts = 1; } +#ifndef OPENSSL_NO_HEARTBEATS + if (s->tlsext_hb_pending) + { + s->tlsext_hb_pending = 0; + return dtls1_heartbeat(s); + } +#endif + dtls1_start_timer(s); return dtls1_retransmit_buffered_messages(s); } |