Move PACKET creation into the state machine

# define SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC          371

# define SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST        385

# define SSL_F_DTLS_GET_REASSEMBLED_MESSAGE               370

# define SSL_F_DTLS_PROCESS_HELLO_VERIFY                  386

# define SSL_F_READ_STATE_MACHINE                         352

# define SSL_F_SSL3_ACCEPT                                128

# define SSL_F_SSL3_ADD_CERT_TO_BUF                       296

# define SSL_R_INVALID_TICKET_KEYS_LENGTH                 325

# define SSL_R_INVALID_TRUST                              279

# define SSL_R_LENGTH_MISMATCH                            159

# define SSL_R_LENGTH_TOO_LONG                            102

# define SSL_R_LENGTH_TOO_SHORT                           160

# define SSL_R_LIBRARY_BUG                                274

# define SSL_R_LIBRARY_HAS_NO_CIPHERS                     161

                          dtls1_get_client_method, DTLSv1_2_enc_data)

enum MSG_PROCESS_RETURN dtls_process_hello_verify(SSL *s, unsigned long n)

enum MSG_PROCESS_RETURN dtls_process_hello_verify(SSL *s, PACKET *pkt)

{

    int al;

    unsigned char *data;

    unsigned int cookie_len;

    PACKET cookiepkt;

    data = (unsigned char *)s->init_msg;

    data += 2;

    if (!PACKET_forward(pkt, 2)

            || !PACKET_get_length_prefixed_1(pkt, &cookiepkt)) {

        al = SSL_AD_DECODE_ERROR;

        SSLerr(SSL_F_DTLS_PROCESS_HELLO_VERIFY, SSL_R_LENGTH_MISMATCH);

        goto f_err;

    }

    cookie_len = *(data++);

    cookie_len = PACKET_remaining(&cookiepkt);

    if (cookie_len > sizeof(s->d1->cookie)) {

        al = SSL_AD_ILLEGAL_PARAMETER;

        SSLerr(SSL_F_DTLS_PROCESS_HELLO_VERIFY, SSL_R_LENGTH_TOO_LONG);

        goto f_err;

    }

    memcpy(s->d1->cookie, data, cookie_len);

    if (!PACKET_copy_bytes(&cookiepkt, s->d1->cookie, cookie_len)) {

        al = SSL_AD_DECODE_ERROR;

        SSLerr(SSL_F_DTLS_PROCESS_HELLO_VERIFY, SSL_R_LENGTH_MISMATCH);

        goto f_err;

    }

    s->d1->cookie_len = cookie_len;

    return MSG_PROCESS_FINISHED_READING;

}

#endif

enum MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, long n)

enum MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, PACKET *pkt)

{

    int al;

    long remain;

    remain = PACKET_remaining(pkt);

    /*

     * 'Change Cipher Spec' is just a single byte, which should already have

     * been consumed by ssl_get_message() so there should be no bytes left,

     * unless we're using DTLS1_BAD_VER, which has an extra 2 bytes

     */

    if (SSL_IS_DTLS(s)) {

        if ((s->version == DTLS1_BAD_VER && n != DTLS1_CCS_HEADER_LENGTH + 1)

        if ((s->version == DTLS1_BAD_VER

                        && remain != DTLS1_CCS_HEADER_LENGTH + 1)

                    || (s->version != DTLS1_BAD_VER

                        && n != DTLS1_CCS_HEADER_LENGTH - 1)) {

                        && remain != DTLS1_CCS_HEADER_LENGTH - 1)) {

                al = SSL_AD_ILLEGAL_PARAMETER;

                SSLerr(SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC,

                       SSL_R_BAD_CHANGE_CIPHER_SPEC);

                goto f_err;

        }

    } else {

        if (n != 0) {

        if (remain != 0) {

            al = SSL_AD_ILLEGAL_PARAMETER;

            SSLerr(SSL_F_TLS_PROCESS_CHANGE_CIPHER_SPEC,

                   SSL_R_BAD_CHANGE_CIPHER_SPEC);

    return MSG_PROCESS_ERROR;

}

enum MSG_PROCESS_RETURN tls_process_finished(SSL *s, unsigned long n)

enum MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt)

{

    int al, i;

    unsigned char *p;

    /* If this occurs, we have missed a message */

    if (!s->s3->change_cipher_spec) {

    }

    s->s3->change_cipher_spec = 0;

    p = (unsigned char *)s->init_msg;

    i = s->s3->tmp.peer_finish_md_len;

    if (i < 0 || (unsigned long)i != n) {

    if (i < 0 || (unsigned long)i != PACKET_remaining(pkt)) {

        al = SSL_AD_DECODE_ERROR;

        SSLerr(SSL_F_TLS_PROCESS_FINISHED, SSL_R_BAD_DIGEST_LENGTH);

        goto f_err;

    }

    if (CRYPTO_memcmp(p, s->s3->tmp.peer_finish_md, i) != 0) {

    if (CRYPTO_memcmp(PACKET_data(pkt), s->s3->tmp.peer_finish_md, i) != 0) {

        al = SSL_AD_DECRYPT_ERROR;

        SSLerr(SSL_F_TLS_PROCESS_FINISHED, SSL_R_DIGEST_CHECK_FAILED);

        goto f_err;

    return 0;

}

enum MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, unsigned long n)

enum MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt)

{

    STACK_OF(SSL_CIPHER) *sk;

    const SSL_CIPHER *c;

    PACKET pkt, session_id;

    PACKET session_id;

    size_t session_id_len;

    unsigned char *cipherchars;

    int i, al = SSL_AD_INTERNAL_ERROR;

    SSL_COMP *comp;

#endif

    if (!PACKET_buf_init(&pkt, s->init_msg, n)) {

        al = SSL_AD_INTERNAL_ERROR;

        SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO, ERR_R_INTERNAL_ERROR);

        goto f_err;

    }

    if (s->method->version == TLS_ANY_VERSION) {

        unsigned int sversion;

        if (!PACKET_get_net_2(&pkt, &sversion)) {

        if (!PACKET_get_net_2(pkt, &sversion)) {

            al = SSL_AD_DECODE_ERROR;

            SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_LENGTH_MISMATCH);

            goto f_err;

        unsigned int hversion;

        int options;

        if (!PACKET_get_net_2(&pkt, &hversion)) {

        if (!PACKET_get_net_2(pkt, &hversion)) {

            al = SSL_AD_DECODE_ERROR;

            SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_LENGTH_MISMATCH);

            goto f_err;

    } else {

        unsigned char *vers;

        if (!PACKET_get_bytes(&pkt, &vers, 2)) {

        if (!PACKET_get_bytes(pkt, &vers, 2)) {

            al = SSL_AD_DECODE_ERROR;

            SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_LENGTH_MISMATCH);

            goto f_err;

    /* load the server hello data */

    /* load the server random */

    if (!PACKET_copy_bytes(&pkt, s->s3->server_random, SSL3_RANDOM_SIZE)) {

    if (!PACKET_copy_bytes(pkt, s->s3->server_random, SSL3_RANDOM_SIZE)) {

        al = SSL_AD_DECODE_ERROR;

        SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_LENGTH_MISMATCH);

        goto f_err;

    s->hit = 0;

    /* Get the session-id. */

    if (!PACKET_get_length_prefixed_1(&pkt, &session_id)) {

    if (!PACKET_get_length_prefixed_1(pkt, &session_id)) {

        al = SSL_AD_DECODE_ERROR;

        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_LENGTH_MISMATCH);

        goto f_err;

        goto f_err;

    }

    if (!PACKET_get_bytes(&pkt, &cipherchars, TLS_CIPHER_LEN)) {

    if (!PACKET_get_bytes(pkt, &cipherchars, TLS_CIPHER_LEN)) {

        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_LENGTH_MISMATCH);

        al = SSL_AD_DECODE_ERROR;

        goto f_err;

        goto f_err;

    /* lets get the compression algorithm */

    /* COMPRESSION */

    if (!PACKET_get_1(&pkt, &compression)) {

    if (!PACKET_get_1(pkt, &compression)) {

        SSLerr(SSL_F_SSL3_GET_SERVER_HELLO, SSL_R_LENGTH_MISMATCH);

        al = SSL_AD_DECODE_ERROR;

        goto f_err;

#endif

    /* TLS extensions */

    if (!ssl_parse_serverhello_tlsext(s, &pkt)) {

    if (!ssl_parse_serverhello_tlsext(s, pkt)) {

        SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_PARSE_TLSEXT);

        goto err;

    }

    if (PACKET_remaining(&pkt) != 0) {

    if (PACKET_remaining(pkt) != 0) {

        /* wrong packet length */

        al = SSL_AD_DECODE_ERROR;

        SSLerr(SSL_F_TLS_PROCESS_SERVER_HELLO, SSL_R_BAD_PACKET_LENGTH);

    return MSG_PROCESS_ERROR;

}

enum MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, unsigned long n)

enum MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt)

{

    int al, i, ret = MSG_PROCESS_ERROR, exp_idx;

    unsigned long cert_list_len, cert_len;

    unsigned char *certstart, *certbytes;

    STACK_OF(X509) *sk = NULL;

    EVP_PKEY *pkey = NULL;

    PACKET pkt;

    if (!PACKET_buf_init(&pkt, s->init_msg, n)) {

        al = SSL_AD_INTERNAL_ERROR;

        SSLerr(SSL_F_TLS_PROCESS_SERVER_CERTIFICATE, ERR_R_INTERNAL_ERROR);

        goto f_err;

    }

    if ((sk = sk_X509_new_null()) == NULL) {

        SSLerr(SSL_F_TLS_PROCESS_SERVER_CERTIFICATE, ERR_R_MALLOC_FAILURE);

        goto err;

    }

    if (!PACKET_get_net_3(&pkt, &cert_list_len)

            || PACKET_remaining(&pkt) != cert_list_len) {

    if (!PACKET_get_net_3(pkt, &cert_list_len)

            || PACKET_remaining(pkt) != cert_list_len) {

        al = SSL_AD_DECODE_ERROR;

        SSLerr(SSL_F_TLS_PROCESS_SERVER_CERTIFICATE, SSL_R_LENGTH_MISMATCH);

        goto f_err;

    }

    while (PACKET_remaining(&pkt)) {

        if (!PACKET_get_net_3(&pkt, &cert_len)

                || !PACKET_get_bytes(&pkt, &certbytes, cert_len)) {

    while (PACKET_remaining(pkt)) {

        if (!PACKET_get_net_3(pkt, &cert_len)

                || !PACKET_get_bytes(pkt, &certbytes, cert_len)) {

            al = SSL_AD_DECODE_ERROR;

            SSLerr(SSL_F_TLS_PROCESS_SERVER_CERTIFICATE,

                   SSL_R_CERT_LENGTH_MISMATCH);

    return ret;

}

enum MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, unsigned long n)

enum MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt)

{

#ifndef OPENSSL_NO_RSA

    unsigned char *q, md_buf[EVP_MAX_MD_SIZE * 2];

    EC_POINT *srvr_ecpoint = NULL;

    int curve_nid = 0;

#endif

    PACKET pkt, save_param_start, signature;

    PACKET save_param_start, signature;

    EVP_MD_CTX_init(&md_ctx);

    alg_k = s->s3->tmp.new_cipher->algorithm_mkey;

    if (!PACKET_buf_init(&pkt, s->init_msg, n)) {

            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);

            al = SSL_AD_INTERNAL_ERROR;

            goto f_err;

    }

    save_param_start = pkt;

    save_param_start = *pkt;

#ifndef OPENSSL_NO_RSA

    RSA_free(s->s3->peer_rsa_tmp);

    /* PSK ciphersuites are preceded by an identity hint */

    if (alg_k & SSL_PSK) {

        PACKET psk_identity_hint;

        if (!PACKET_get_length_prefixed_2(&pkt, &psk_identity_hint)) {

        if (!PACKET_get_length_prefixed_2(pkt, &psk_identity_hint)) {

            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_MISMATCH);

            goto f_err;

        }

#ifndef OPENSSL_NO_SRP

    if (alg_k & SSL_kSRP) {

        PACKET prime, generator, salt, server_pub;

        if (!PACKET_get_length_prefixed_2(&pkt, &prime)

            || !PACKET_get_length_prefixed_2(&pkt, &generator)

            || !PACKET_get_length_prefixed_1(&pkt, &salt)

            || !PACKET_get_length_prefixed_2(&pkt, &server_pub)) {

        if (!PACKET_get_length_prefixed_2(pkt, &prime)

            || !PACKET_get_length_prefixed_2(pkt, &generator)

            || !PACKET_get_length_prefixed_1(pkt, &salt)

            || !PACKET_get_length_prefixed_2(pkt, &server_pub)) {

            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_MISMATCH);

            goto f_err;

        }

            goto f_err;

        }

        if (!PACKET_get_length_prefixed_2(&pkt, &mod)

            || !PACKET_get_length_prefixed_2(&pkt, &exp)) {

        if (!PACKET_get_length_prefixed_2(pkt, &mod)

            || !PACKET_get_length_prefixed_2(pkt, &exp)) {

            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_MISMATCH);

            goto f_err;

        }

    else if (alg_k & (SSL_kDHE | SSL_kDHEPSK)) {

        PACKET prime, generator, pub_key;

        if (!PACKET_get_length_prefixed_2(&pkt, &prime)

            || !PACKET_get_length_prefixed_2(&pkt, &generator)

            || !PACKET_get_length_prefixed_2(&pkt, &pub_key)) {

        if (!PACKET_get_length_prefixed_2(pkt, &prime)

            || !PACKET_get_length_prefixed_2(pkt, &generator)

            || !PACKET_get_length_prefixed_2(pkt, &pub_key)) {

            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_MISMATCH);

            goto f_err;

        }

         * public key. For now we only support named (not generic) curves and

         * ECParameters in this case is just three bytes.

         */

        if (!PACKET_get_bytes(&pkt, &ecparams, 3)) {

        if (!PACKET_get_bytes(pkt, &ecparams, 3)) {

            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);

            goto f_err;

        }

            goto err;

        }

        if (!PACKET_get_length_prefixed_1(&pkt, &encoded_pt)) {

        if (!PACKET_get_length_prefixed_1(pkt, &encoded_pt)) {

            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_MISMATCH);

            goto f_err;

        }

         */

        if (!PACKET_get_sub_packet(&save_param_start, &params,

                                   PACKET_remaining(&save_param_start) -

                                   PACKET_remaining(&pkt))) {

                                   PACKET_remaining(pkt))) {

            al = SSL_AD_INTERNAL_ERROR;

            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);

            goto f_err;

        if (SSL_USE_SIGALGS(s)) {

            unsigned char *sigalgs;

            int rv;

            if (!PACKET_get_bytes(&pkt, &sigalgs, 2)) {

            if (!PACKET_get_bytes(pkt, &sigalgs, 2)) {

                SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_TOO_SHORT);

                goto f_err;

            }

            md = EVP_sha1();

        }

        if (!PACKET_get_length_prefixed_2(&pkt, &signature)

            || PACKET_remaining(&pkt) != 0) {

        if (!PACKET_get_length_prefixed_2(pkt, &signature)

            || PACKET_remaining(pkt) != 0) {

            SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE, SSL_R_LENGTH_MISMATCH);

            goto f_err;

        }

            goto err;

        }

        /* still data left over */

        if (PACKET_remaining(&pkt) != 0) {

        if (PACKET_remaining(pkt) != 0) {

            SSLerr(SSL_F_TLS_PROCESS_KEY_EXCHANGE, SSL_R_EXTRA_DATA_IN_MESSAGE);

            goto f_err;

        }

    return MSG_PROCESS_ERROR;

}

enum MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, unsigned long n)

enum MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt)

{

    int ret = MSG_PROCESS_ERROR;

    unsigned int list_len, ctype_num, i, name_len;

    unsigned char *data;

    unsigned char *namestart, *namebytes;

    STACK_OF(X509_NAME) *ca_sk = NULL;

    PACKET pkt;

    if (!PACKET_buf_init(&pkt, s->init_msg, n)) {

        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);

        SSLerr(SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST, ERR_R_INTERNAL_ERROR);

        goto err;

    }

    if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {

        SSLerr(SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);

    }

    /* get the certificate types */

    if (!PACKET_get_1(&pkt, &ctype_num)

            || !PACKET_get_bytes(&pkt, &data, ctype_num)) {

    if (!PACKET_get_1(pkt, &ctype_num)

            || !PACKET_get_bytes(pkt, &data, ctype_num)) {

        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);

        SSLerr(SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST, SSL_R_LENGTH_MISMATCH);

        goto err;

        s->s3->tmp.ctype[i] = data[i];

    if (SSL_USE_SIGALGS(s)) {

        if (!PACKET_get_net_2(&pkt, &list_len)

                || !PACKET_get_bytes(&pkt, &data, list_len)) {

        if (!PACKET_get_net_2(pkt, &list_len)

                || !PACKET_get_bytes(pkt, &data, list_len)) {

            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);

            SSLerr(SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST,

                   SSL_R_LENGTH_MISMATCH);

    }

    /* get the CA RDNs */

    if (!PACKET_get_net_2(&pkt, &list_len)

            || PACKET_remaining(&pkt) != list_len) {

    if (!PACKET_get_net_2(pkt, &list_len)

            || PACKET_remaining(pkt) != list_len) {

        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);

        SSLerr(SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST, SSL_R_LENGTH_MISMATCH);

        goto err;

    }

    while (PACKET_remaining(&pkt)) {

        if (!PACKET_get_net_2(&pkt, &name_len)

                || !PACKET_get_bytes(&pkt, &namebytes, name_len)) {

    while (PACKET_remaining(pkt)) {

        if (!PACKET_get_net_2(pkt, &name_len)

                || !PACKET_get_bytes(pkt, &namebytes, name_len)) {

            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);

            SSLerr(SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST,

                   SSL_R_LENGTH_MISMATCH);

    return (X509_NAME_cmp(*a, *b));

}

enum MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, unsigned long n)

enum MSG_PROCESS_RETURN tls_process_new_session_ticket(SSL *s, PACKET *pkt)

{

    int al;

    unsigned int ticklen;

    unsigned long ticket_lifetime_hint;

    PACKET pkt;

    if (!PACKET_buf_init(&pkt, s->init_msg, n)) {

        al = SSL_AD_INTERNAL_ERROR;

        SSLerr(SSL_F_TLS_PROCESS_NEW_SESSION_TICKET, ERR_R_INTERNAL_ERROR);

        goto f_err;

    }

    if (!PACKET_get_net_4(&pkt, &ticket_lifetime_hint)

            || !PACKET_get_net_2(&pkt, &ticklen)

            || PACKET_remaining(&pkt) != ticklen) {

    if (!PACKET_get_net_4(pkt, &ticket_lifetime_hint)

            || !PACKET_get_net_2(pkt, &ticklen)

            || PACKET_remaining(pkt) != ticklen) {

        al = SSL_AD_DECODE_ERROR;

        SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);

        goto f_err;

        SSLerr(SSL_F_TLS_PROCESS_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE);

        goto err;

    }

    if (!PACKET_copy_bytes(&pkt, s->session->tlsext_tick, ticklen)) {

    if (!PACKET_copy_bytes(pkt, s->session->tlsext_tick, ticklen)) {

        al = SSL_AD_DECODE_ERROR;

        SSLerr(SSL_F_TLS_PROCESS_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);

        goto f_err;

    return MSG_PROCESS_ERROR;

}

enum MSG_PROCESS_RETURN tls_process_cert_status(SSL *s, unsigned long n)

enum MSG_PROCESS_RETURN tls_process_cert_status(SSL *s, PACKET *pkt)

{

    int al;

    unsigned long resplen;

    unsigned int type;

    PACKET pkt;

    if (!PACKET_buf_init(&pkt, s->init_msg, n)) {

        al = SSL_AD_INTERNAL_ERROR;

        SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS, ERR_R_INTERNAL_ERROR);

        goto f_err;

    }

    if (!PACKET_get_1(&pkt, &type)

    if (!PACKET_get_1(pkt, &type)

            || type != TLSEXT_STATUSTYPE_ocsp) {

        al = SSL_AD_DECODE_ERROR;

        SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS, SSL_R_UNSUPPORTED_STATUS_TYPE);

        goto f_err;

    }

    if (!PACKET_get_net_3(&pkt, &resplen)

            || PACKET_remaining(&pkt) != resplen) {

    if (!PACKET_get_net_3(pkt, &resplen)

            || PACKET_remaining(pkt) != resplen) {

        al = SSL_AD_DECODE_ERROR;

        SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS, SSL_R_LENGTH_MISMATCH);

        goto f_err;

        SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS, ERR_R_MALLOC_FAILURE);

        goto f_err;

    }

    if (!PACKET_copy_bytes(&pkt, s->tlsext_ocsp_resp, resplen)) {

    if (!PACKET_copy_bytes(pkt, s->tlsext_ocsp_resp, resplen)) {

        al = SSL_AD_DECODE_ERROR;

        SSLerr(SSL_F_TLS_PROCESS_CERT_STATUS, SSL_R_LENGTH_MISMATCH);

        goto f_err;

    return MSG_PROCESS_ERROR;

}

enum MSG_PROCESS_RETURN tls_process_server_done(SSL *s, unsigned long n)

enum MSG_PROCESS_RETURN tls_process_server_done(SSL *s, PACKET *pkt)

{

    if (n > 0) {

    if (PACKET_remaining(pkt) > 0) {

        /* should contain no data */

        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);

        SSLerr(SSL_F_TLS_PROCESS_SERVER_DONE, SSL_R_LENGTH_MISMATCH);