Remove remaining old listen code (912c89c5) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

ssl/d1_both.c

+4 −7

Original line number	Diff line number	Diff line
		@@ -530,10 +530,9 @@ long dtls1_get_message(SSL s, int st1, int stn, int mt, long max, int ok)

		memset(msg_hdr, 0, sizeof(*msg_hdr));

		/* Don't change sequence numbers while listening */
		if (!s->d1->listen)
		s->d1->handshake_read_seq++;


		s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
		return s->init_num;

		@@ -946,8 +945,7 @@ dtls1_get_message_fragment(SSL s, int st1, int stn, int mt, long max, int ok)
		* While listening, we accept seq 1 (ClientHello with cookie)
		* although we're still expecting seq 0 (ClientHello)
		*/
		if (msg_hdr.seq != s->d1->handshake_read_seq
		&& !(s->d1->listen && msg_hdr.seq == 1))
		if (msg_hdr.seq != s->d1->handshake_read_seq)
		return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);

		if (frag_len && frag_len < len)
		@@ -1300,8 +1298,7 @@ void dtls1_set_message_header(SSL s, unsigned char p,
		unsigned long frag_off,
		unsigned long frag_len)
		{
		/* Don't change sequence numbers while listening */
		if (frag_off == 0 && !s->d1->listen) {
		if (frag_off == 0) {
		s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
		s->d1->next_handshake_write_seq++;
		}

+0 −26

Original line number	Diff line number	Diff line
		@@ -165,7 +165,6 @@ int dtls1_accept(SSL *s)
		unsigned long alg_k;
		int ret = -1;
		int new_state, state, skip = 0;
		int listen;
		#ifndef OPENSSL_NO_SCTP
		unsigned char sctpauthkey[64];
		char labelbuffer[sizeof(DTLS1_SCTP_AUTH_LABEL)];
		@@ -180,8 +179,6 @@ int dtls1_accept(SSL *s)
		else if (s->ctx->info_callback != NULL)
		cb = s->ctx->info_callback;

		listen = s->d1->listen;

		/* init things to blank */
		s->in_handshake++;
		if (!SSL_in_init(s) \|\| SSL_in_before(s)) {
		@@ -189,7 +186,6 @@ int dtls1_accept(SSL *s)
		return -1;
		}

		s->d1->listen = listen;
		#ifndef OPENSSL_NO_SCTP
		/*
		* Notify SCTP BIO socket to enter handshake mode and prevent stream
		@@ -327,28 +323,6 @@ int dtls1_accept(SSL *s)
		s->state = SSL3_ST_SW_SRVR_HELLO_A;

		s->init_num = 0;

		/*
		* Reflect ClientHello sequence to remain stateless while
		* listening
		*/
		if (listen) {
		DTLS_RECORD_LAYER_resync_write(&s->rlayer);
		}

		/* If we're just listening, stop here */
		if (listen && s->state == SSL3_ST_SW_SRVR_HELLO_A) {
		ret = 2;
		s->d1->listen = 0;
		/*
		* Set expected sequence numbers to continue the handshake.
		*/
		s->d1->handshake_read_seq = 2;
		s->d1->handshake_write_seq = 1;
		s->d1->next_handshake_write_seq = 1;
		goto end;
		}

		break;

		case DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A:

+0 −5

Original line number	Diff line number	Diff line
		@@ -511,11 +511,6 @@ int dtls1_read_bytes(SSL s, int type, int recvd_type, unsigned char *buf,
		}
		}

		if (s->d1->listen && rr->type != SSL3_RT_HANDSHAKE) {
		SSL3_RECORD_set_length(rr, 0);
		goto start;
		}

		/* we now have a packet which can be read and processed */

		if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,

+4 −15

Original line number	Diff line number	Diff line
		@@ -1508,18 +1508,8 @@ int dtls1_get_record(SSL *s)
		/* Only do replay check if no SCTP bio */
		if (!BIO_dgram_is_sctp(SSL_get_rbio(s))) {
		#endif
		/*
		* Check whether this is a repeat, or aged record. Don't check if
		* we're listening and this message is a ClientHello. They can look
		* as if they're replayed, since they arrive from different
		* connections and would be dropped unnecessarily.
		*/
		if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
		RECORD_LAYER_get_packet_length(&s->rlayer)
		> DTLS1_RT_HEADER_LENGTH &&
		RECORD_LAYER_get_packet(&s->rlayer)[DTLS1_RT_HEADER_LENGTH]
		== SSL3_MT_CLIENT_HELLO) &&
		!dtls1_record_replay_check(s, bitmap)) {
		/* Check whether this is a repeat, or aged record. */
		if (!dtls1_record_replay_check(s, bitmap)) {
		rr->length = 0;
		RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */
		goto again; /* get another record */
		@@ -1535,11 +1525,10 @@ int dtls1_get_record(SSL *s)
		/*
		* If this record is from the next epoch (either HM or ALERT), and a
		* handshake is currently in progress, buffer it since it cannot be
		* processed at this time. However, do not buffer anything while
		* listening.
		* processed at this time.
		*/
		if (is_next_epoch) {
		if ((SSL_in_init(s) \|\| s->in_handshake) && !s->d1->listen) {
		if ((SSL_in_init(s) \|\| s->in_handshake)) {
		if (dtls1_buffer_record
		(s, &(DTLS_RECORD_LAYER_get_unprocessed_rcds(&s->rlayer)),
		rr->seq_num) < 0)

+0 −2

Original line number	Diff line number	Diff line
		@@ -1431,8 +1431,6 @@ typedef struct dtls1_state_st {
		/* Buffered (sent) handshake records */
		pqueue sent_messages;

		/* Is set when listening for new connections with dtls1_listen() */
		unsigned int listen;
		unsigned int link_mtu; /* max on-the-wire DTLS packet size */
		unsigned int mtu; /* max DTLS packet size */
		struct hm_header_st w_msg_hdr;