d1_both.c

mediastreamer2是开源的网络传输媒体流的库

        memcpy(&s->init_buf->data[s->init_num],
            p + DTLS1_HM_HEADER_LENGTH + overlap,
            frag->msg_header.frag_len - overlap);
    
        OPENSSL_free(frag->fragment);
        OPENSSL_free(frag);
        pitem_free(item);

        *copied = frag->msg_header.frag_len - overlap;
        return *copied;
        }
    else
        return 0;
    }


static int
dtls1_buffer_handshake_fragment(SSL *s, struct hm_header_st* msg_hdr)
{
    hm_fragment *frag = NULL;
    pitem *item = NULL;
	PQ_64BIT seq64;

    frag = dtls1_hm_fragment_new(msg_hdr->frag_len);
    if ( frag == NULL)
        goto err;

    memcpy(frag->fragment, &(s->init_buf->data[s->init_num]),
        msg_hdr->frag_len + DTLS1_HM_HEADER_LENGTH);

    memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));

    pq_64bit_init(&seq64);
    pq_64bit_assign_word(&seq64, msg_hdr->seq);

    item = pitem_new(seq64, frag);
    if ( item == NULL)
        goto err;

    pq_64bit_free(&seq64);

    pqueue_insert(s->d1->buffered_messages, item);
    return 1;

err:
    if ( frag != NULL) dtls1_hm_fragment_free(frag);
    if ( item != NULL) OPENSSL_free(item);
    return 0;
}


static void
dtls1_process_handshake_fragment(SSL *s, int frag_len)
    {
    unsigned char *p;

    p = (unsigned char *)s->init_buf->data;

	ssl3_finish_mac(s, &p[s->init_num - frag_len], frag_len);
    }


static int
dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st *msg_hdr, int *ok)
    {
    int i;
    unsigned char *p;

    /* make sure there's enough room to read this fragment */
    if ( (int)msg_hdr->frag_len && !BUF_MEM_grow_clean(s->init_buf, 
             (int)msg_hdr->frag_len + DTLS1_HM_HEADER_LENGTH + s->init_num))
        {
        SSLerr(SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE,ERR_R_BUF_LIB);
        goto err;
        }

    p = (unsigned char *)s->init_buf->data;

    /* read the body of the fragment (header has already been read */
    if ( msg_hdr->frag_len > 0)
		{
		i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
            &p[s->init_num], 
            msg_hdr->frag_len,0);
		if (i <= 0)
			{
			*ok = 0;
			return i;
			}
		}

    if ( msg_hdr->seq > s->d1->handshake_read_seq)
        dtls1_buffer_handshake_fragment(s, msg_hdr);
    else
        OPENSSL_assert(msg_hdr->seq < s->d1->handshake_read_seq);

    return DTLS1_HM_FRAGMENT_RETRY;
err:
    *ok = 0;
    return -1;
    }


static long
dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
	{
	unsigned char *p;
	unsigned long l, frag_off, frag_len;
	int i,al;
	struct hm_header_st msg_hdr;
    unsigned long overlap;
    
    /* see if we have the required fragment already */
    if (dtls1_retrieve_buffered_fragment(s, &l))
    {
        /* compute MAC, remove fragment headers */
        dtls1_process_handshake_fragment(s, l);
        s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
        s->state = stn;
        return 1;
    }

    /* get a handshake fragment from the record layer */
	p = (unsigned char *)s->init_buf->data;

    /* read handshake message header */
	i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,&p[s->init_num],
		DTLS1_HM_HEADER_LENGTH, 0);
	if (i <= 0) 	/* nbio, or an error */
		{
		s->rwstate=SSL_READING;
		*ok = 0;
		return i;
		}

	OPENSSL_assert(i == DTLS1_HM_HEADER_LENGTH);

	p += s->init_num;
    /* parse the message fragment header */
    
    dtls1_get_message_header(p, &msg_hdr);

    /* 
     * if this is a future (or stale) message it gets buffered
     * (or dropped)--no further processing at this time 
     */
    if ( msg_hdr.seq != s->d1->handshake_read_seq)
        return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);

    l = msg_hdr.msg_len;
    frag_off = msg_hdr.frag_off;
	frag_len = msg_hdr.frag_len;

    /* sanity checking */
    if ( frag_off + frag_len > l)
        {
        al=SSL_AD_ILLEGAL_PARAMETER;
        SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
        goto f_err;
        }

	if (!s->server && s->d1->r_msg_hdr.frag_off == 0 &&
        p[0] == SSL3_MT_HELLO_REQUEST)
        {
        /* The server may always send 'Hello Request' messages --
         * we are doing a handshake anyway now, so ignore them
         * if their format is correct. Does not count for
         * 'Finished' MAC. */
        if (p[1] == 0 && p[2] == 0 &&p[3] == 0)
            {
            if (s->msg_callback)
                s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, 
                    p, DTLS1_HM_HEADER_LENGTH, s, 
                    s->msg_callback_arg);
            
            s->init_num = 0;
            return dtls1_get_message_fragment(s, st1, stn,
                max, ok);
            }
        else /* Incorrectly formated Hello request */
            {
            al=SSL_AD_UNEXPECTED_MESSAGE;
            SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_UNEXPECTED_MESSAGE);
            goto f_err;
            }
        }

    /* XDTLS: do a sanity check on the fragment */

    s->init_num += i;

	if ( s->d1->r_msg_hdr.frag_off == 0) /* first fragment */
		{
		/* BUF_MEM_grow takes an 'int' parameter */
		if (l > (INT_MAX-DTLS1_HM_HEADER_LENGTH)) 
			{
			al=SSL_AD_ILLEGAL_PARAMETER;
			SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
			goto f_err;
			}
		if (l && !BUF_MEM_grow_clean(s->init_buf,(int)l
			+ DTLS1_HM_HEADER_LENGTH))
			{
			SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,ERR_R_BUF_LIB);
			goto err;
			}
        /* Only do this test when we're reading the expected message.
         * Stale messages will be dropped and future messages will be buffered */
        if ( l > (unsigned long)max)
			{
			al=SSL_AD_ILLEGAL_PARAMETER;
			SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
			goto f_err;
			}

		s->s3->tmp.message_size=l;
		}

    if ( frag_len > (unsigned long)max)
        {
        al=SSL_AD_ILLEGAL_PARAMETER;
        SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
        goto f_err;
        }
    if ( frag_len + s->init_num > (INT_MAX - DTLS1_HM_HEADER_LENGTH))
        {
        al=SSL_AD_ILLEGAL_PARAMETER;
        SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
        goto f_err;
        }

    if ( frag_len & !BUF_MEM_grow_clean(s->init_buf, (int)frag_len 
             + DTLS1_HM_HEADER_LENGTH + s->init_num))
        {
        SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,ERR_R_BUF_LIB);
        goto err;
        }

	if ( s->d1->r_msg_hdr.frag_off == 0)
		{
		s->s3->tmp.message_type = msg_hdr.type;
		s->d1->r_msg_hdr.type = msg_hdr.type;
		s->d1->r_msg_hdr.msg_len = l;
		/* s->d1->r_msg_hdr.seq = seq_num; */
		}

	/* XDTLS:  ressurect this when restart is in place */
	s->state=stn;
	
	/* next state (stn) */
	p = (unsigned char *)s->init_buf->data;

	if ( frag_len > 0)
		{
		i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
            &p[s->init_num], 
            frag_len,0);
        /* XDTLS:  fix this--message fragments cannot span multiple packets */
		if (i <= 0)
			{
			s->rwstate=SSL_READING;
			*ok = 0;
			return i;
			}
		}
	else
		i = 0;

    /* XDTLS:  an incorrectly formatted fragment should cause the 
     * handshake to fail */
	OPENSSL_assert(i == (int)frag_len);

#if 0
    /* Successfully read a fragment.
     * It may be (1) out of order, or
     *           (2) it's a repeat, in which case we dump it
     *           (3) the one we are expecting next (maybe with overlap)
     * If it is next one, it may overlap with previously read bytes
     */

    /* case (1): buffer the future fragment 
     * (we can treat fragments from a future message the same
     * as future fragments from the message being currently read, since
     * they are sematically simply out of order.
     */
    if ( msg_hdr.seq > s->d1->handshake_read_seq ||
        frag_off > s->init_num - DTLS1_HM_HEADER_LENGTH)
    {
        dtls1_buffer_handshake_fragment(s, &msg_hdr);
        return DTLS1_HM_FRAGMENT_RETRY;
    }

    /* case (2):  drop the entire fragment, and try again */
    if ( msg_hdr.seq < s->d1->handshake_read_seq ||
        frag_off + frag_len < s->init_num - DTLS1_HM_HEADER_LENGTH)
        {
        s->init_num -= DTLS1_HM_HEADER_LENGTH;
        return DTLS1_HM_FRAGMENT_RETRY;
        }
#endif

    /* case (3): received a immediately useful fragment.  Determine the 
     * possible overlap and copy the fragment.
     */
    overlap = (s->init_num - DTLS1_HM_HEADER_LENGTH) - frag_off;
        
    /* retain the header for the first fragment */
    if ( s->init_num > DTLS1_HM_HEADER_LENGTH)
        {
        memmove(&(s->init_buf->data[s->init_num]),
            &(s->init_buf->data[s->init_num + DTLS1_HM_HEADER_LENGTH + overlap]),
            frag_len - overlap);

        s->init_num += frag_len - overlap;
        }
    else
        s->init_num += frag_len;

    dtls1_process_handshake_fragment(s, frag_len - overlap);

	if (s->msg_callback)
		s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data, 
			(size_t)s->init_num, s, 
			s->msg_callback_arg);
	*ok=1;

	return s->init_num;

f_err:
	ssl3_send_alert(s,SSL3_AL_FATAL,al);
    s->init_num = 0;
err:
	*ok=0;
	return(-1);
	}

int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)
	{
	unsigned char *p,*d;
	int i;
	unsigned long l;

	if (s->state == a)
		{
		d=(unsigned char *)s->init_buf->data;
		p= &(d[DTLS1_HM_HEADER_LENGTH]);

		i=s->method->ssl3_enc->final_finish_mac(s,
			&(s->s3->finish_dgst1),
			&(s->s3->finish_dgst2),
			sender,slen,s->s3->tmp.finish_md);
		s->s3->tmp.finish_md_len = i;
		memcpy(p, s->s3->tmp.finish_md, i);
		p+=i;
		l=i;

#ifdef OPENSSL_SYS_WIN16
		/* MSVC 1.5 does not clear the top bytes of the word unless
		 * I do this.
		 */
		l&=0xffff;
#endif

		d = dtls1_set_message_header(s, d, SSL3_MT_FINISHED, l, 0, l);
		s->init_num=(int)l+DTLS1_HM_HEADER_LENGTH;
		s->init_off=0;

		/* buffer the message to handle re-xmits */
		dtls1_buffer_message(s, 0);
		
		s->state=b;
		}

	/* SSL3_ST_SEND_xxxxxx_HELLO_B */
	return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
	}

/* for these 2 messages, we need to
 * ssl->enc_read_ctx			re-init
 * ssl->s3->read_sequence		zero
 * ssl->s3->read_mac_secret		re-init
 * ssl->session->read_sym_enc		assign
 * ssl->session->read_compression	assign
 * ssl->session->read_hash		assign
 */
int dtls1_send_change_cipher_spec(SSL *s, int a, int b)
	{ 
	unsigned char *p;

	if (s->state == a)
		{
		p=(unsigned char *)s->init_buf->data;
		*p++=SSL3_MT_CCS;
		s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
		s->d1->next_handshake_write_seq++;
		s2n(s->d1->handshake_write_seq,p);

		s->init_num=DTLS1_CCS_HEADER_LENGTH;
		s->init_off=0;

		dtls1_set_message_header_int(s, SSL3_MT_CCS, 0, 
			s->d1->handshake_write_seq, 0, 0);

		/* buffer the message to handle re-xmits */
		dtls1_buffer_message(s, 1);

		s->state=b;
		}

	/* SSL3_ST_CW_CHANGE_B */
	return(dtls1_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
	}

unsigned long dtls1_output_cert_chain(SSL *s, X509 *x)
	{
	unsigned char *p;
	int n,i;
	unsigned long l= 3 + DTLS1_HM_HEADER_LENGTH;
	BUF_MEM *buf;
	X509_STORE_CTX xs_ctx;
	X509_OBJECT obj;