source-git / openssl

Clone
Source Code
GIT

Blame ssl/s3_msg.c

c8 c8s master
  1.   c8s
  2.   ssl
  3.   s3_msg.c
Blob History Raw
Packit c4476c 
/*
Packit c4476c 
 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
Packit c4476c 
 *
Packit c4476c 
 * Licensed under the OpenSSL license (the "License").  You may not use
Packit c4476c 
 * this file except in compliance with the License.  You can obtain a copy
Packit c4476c 
 * in the file LICENSE in the source distribution or at
Packit c4476c 
 * https://www.openssl.org/source/license.html
Packit c4476c 
 */
Packit c4476c
Packit c4476c 
#include "ssl_local.h"
Packit c4476c
Packit c4476c 
int ssl3_do_change_cipher_spec(SSL *s)
Packit c4476c 
{
Packit c4476c 
    int i;
Packit c4476c
Packit c4476c 
    if (s->server)
Packit c4476c 
        i = SSL3_CHANGE_CIPHER_SERVER_READ;
Packit c4476c 
    else
Packit c4476c 
        i = SSL3_CHANGE_CIPHER_CLIENT_READ;
Packit c4476c
Packit c4476c 
    if (s->s3->tmp.key_block == NULL) {
Packit c4476c 
        if (s->session == NULL || s->session->master_key_length == 0) {
Packit c4476c 
            /* might happen if dtls1_read_bytes() calls this */
Packit c4476c 
            SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, SSL_R_CCS_RECEIVED_EARLY);
Packit c4476c 
            return 0;
Packit c4476c 
        }
Packit c4476c
Packit c4476c 
        s->session->cipher = s->s3->tmp.new_cipher;
Packit c4476c 
        if (!s->method->ssl3_enc->setup_key_block(s))
Packit c4476c 
            return 0;
Packit c4476c 
    }
Packit c4476c
Packit c4476c 
    if (!s->method->ssl3_enc->change_cipher_state(s, i))
Packit c4476c 
        return 0;
Packit c4476c
Packit c4476c 
    return 1;
Packit c4476c 
}
Packit c4476c
Packit c4476c 
int ssl3_send_alert(SSL *s, int level, int desc)
Packit c4476c 
{
Packit c4476c 
    /* Map tls/ssl alert value to correct one */
Packit c4476c 
    if (SSL_TREAT_AS_TLS13(s))
Packit c4476c 
        desc = tls13_alert_code(desc);
Packit c4476c 
    else
Packit c4476c 
        desc = s->method->ssl3_enc->alert_value(desc);
Packit c4476c 
    if (s->version == SSL3_VERSION && desc == SSL_AD_PROTOCOL_VERSION)
Packit c4476c 
        desc = SSL_AD_HANDSHAKE_FAILURE; /* SSL 3.0 does not have
Packit c4476c 
                                          * protocol_version alerts */
Packit c4476c 
    if (desc < 0)
Packit c4476c 
        return -1;
Packit c4476c 
    /* If a fatal one, remove from cache */
Packit c4476c 
    if ((level == SSL3_AL_FATAL) && (s->session != NULL))
Packit c4476c 
        SSL_CTX_remove_session(s->session_ctx, s->session);
Packit c4476c
Packit c4476c 
    s->s3->alert_dispatch = 1;
Packit c4476c 
    s->s3->send_alert[0] = level;
Packit c4476c 
    s->s3->send_alert[1] = desc;
Packit c4476c 
    if (!RECORD_LAYER_write_pending(&s->rlayer)) {
Packit c4476c 
        /* data still being written out? */
Packit c4476c 
        return s->method->ssl_dispatch_alert(s);
Packit c4476c 
    }
Packit c4476c 
    /*
Packit c4476c 
     * else data is still being written out, we will get written some time in
Packit c4476c 
     * the future
Packit c4476c 
     */
Packit c4476c 
    return -1;
Packit c4476c 
}
Packit c4476c
Packit c4476c 
int ssl3_dispatch_alert(SSL *s)
Packit c4476c 
{
Packit c4476c 
    int i, j;
Packit c4476c 
    size_t alertlen;
Packit c4476c 
    void (*cb) (const SSL *ssl, int type, int val) = NULL;
Packit c4476c 
    size_t written;
Packit c4476c
Packit c4476c 
    s->s3->alert_dispatch = 0;
Packit c4476c 
    alertlen = 2;
Packit c4476c 
    i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], &alertlen, 1, 0,
Packit c4476c 
                      &written);
Packit c4476c 
    if (i <= 0) {
Packit c4476c 
        s->s3->alert_dispatch = 1;
Packit c4476c 
    } else {
Packit c4476c 
        /*
Packit c4476c 
         * Alert sent to BIO - now flush. If the message does not get sent due
Packit c4476c 
         * to non-blocking IO, we will not worry too much.
Packit c4476c 
         */
Packit c4476c 
        (void)BIO_flush(s->wbio);
Packit c4476c
Packit c4476c 
        if (s->msg_callback)
Packit c4476c 
            s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert,
Packit c4476c 
                            2, s, s->msg_callback_arg);
Packit c4476c
Packit c4476c 
        if (s->info_callback != NULL)
Packit c4476c 
            cb = s->info_callback;
Packit c4476c 
        else if (s->ctx->info_callback != NULL)
Packit c4476c 
            cb = s->ctx->info_callback;
Packit c4476c
Packit c4476c 
        if (cb != NULL) {
Packit c4476c 
            j = (s->s3->send_alert[0] << 8) | s->s3->send_alert[1];
Packit c4476c 
            cb(s, SSL_CB_WRITE_ALERT, j);
Packit c4476c 
        }
Packit c4476c 
    }
Packit c4476c 
    return i;
Packit c4476c 
}

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation