MercurialSymaptic / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | raw
| help
os/ossrv/ssl/libssl/src/d1_lib.c
changeset 0 bde4ae8d615e
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/os/ossrv/ssl/libssl/src/d1_lib.c	Fri Jun 15 03:10:57 2012 +0200
     1.3 @@ -0,0 +1,234 @@
     1.4 +/* ssl/d1_lib.c */
     1.5 +/* 
     1.6 + * DTLS implementation written by Nagendra Modadugu
     1.7 + * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
     1.8 + */
     1.9 +/* ====================================================================
    1.10 + * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
    1.11 + *
    1.12 + * Redistribution and use in source and binary forms, with or without
    1.13 + * modification, are permitted provided that the following conditions
    1.14 + * are met:
    1.15 + *
    1.16 + * 1. Redistributions of source code must retain the above copyright
    1.17 + *    notice, this list of conditions and the following disclaimer. 
    1.18 + *
    1.19 + * 2. Redistributions in binary form must reproduce the above copyright
    1.20 + *    notice, this list of conditions and the following disclaimer in
    1.21 + *    the documentation and/or other materials provided with the
    1.22 + *    distribution.
    1.23 + *
    1.24 + * 3. All advertising materials mentioning features or use of this
    1.25 + *    software must display the following acknowledgment:
    1.26 + *    "This product includes software developed by the OpenSSL Project
    1.27 + *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
    1.28 + *
    1.29 + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
    1.30 + *    endorse or promote products derived from this software without
    1.31 + *    prior written permission. For written permission, please contact
    1.32 + *    openssl-core@OpenSSL.org.
    1.33 + *
    1.34 + * 5. Products derived from this software may not be called "OpenSSL"
    1.35 + *    nor may "OpenSSL" appear in their names without prior written
    1.36 + *    permission of the OpenSSL Project.
    1.37 + *
    1.38 + * 6. Redistributions of any form whatsoever must retain the following
    1.39 + *    acknowledgment:
    1.40 + *    "This product includes software developed by the OpenSSL Project
    1.41 + *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
    1.42 + *
    1.43 + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
    1.44 + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
    1.45 + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
    1.46 + * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
    1.47 + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
    1.48 + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
    1.49 + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
    1.50 + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    1.51 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
    1.52 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    1.53 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    1.54 + * OF THE POSSIBILITY OF SUCH DAMAGE.
    1.55 + * ====================================================================
    1.56 + *
    1.57 + * This product includes cryptographic software written by Eric Young
    1.58 + * (eay@cryptsoft.com).  This product includes software written by Tim
    1.59 + * Hudson (tjh@cryptsoft.com).
    1.60 + *
    1.61 + */
    1.62 +/*
    1.63 + © Portions copyright (c) 2006 Nokia Corporation.  All rights reserved.
    1.64 + */
    1.65 + 
    1.66 +#include <stdio.h>
    1.67 +#include <openssl/objects.h>
    1.68 +#include "ssl_locl.h"
    1.69 +
    1.70 +const char dtls1_version_str[]="DTLSv1" OPENSSL_VERSION_PTEXT;
    1.71 +
    1.72 +#if (defined(SYMBIAN) && (defined(__WINSCW__) || defined(__WINS__)))
    1.73 +#include "libssl_wsd.h"
    1.74 +#endif 
    1.75 +
    1.76 +#ifdef EMULATOR
    1.77 +	
    1.78 +	GET_STATIC_VAR_FROM_TLS(dtlsv1_base_method_data,d1_lib,SSL_METHOD)
    1.79 +	
    1.80 +	#define dtlsv1_base_method_data (*GET_WSD_VAR_NAME(dtlsv1_base_method_data,d1_lib,s)())
    1.81 +
    1.82 +
    1.83 +	GET_GLOBAL_VAR_FROM_TLS(DTLSv1_enc_data,d1_lib,SSL3_ENC_METHOD)
    1.84 +	
    1.85 +	#define DTLSv1_enc_data (GET_WSD_VAR_NAME(DTLSv1_enc_data,d1_lib,g)())
    1.86 +
    1.87 +#endif
    1.88 +
    1.89 +#ifndef EMULATOR
    1.90 +SSL3_ENC_METHOD DTLSv1_enc_data={
    1.91 +#else
    1.92 +const SSL3_ENC_METHOD temp_DTLSv1_enc_data={
    1.93 +#endif
    1.94 +    dtls1_enc,
    1.95 +	tls1_mac,
    1.96 +	tls1_setup_key_block,
    1.97 +	tls1_generate_master_secret,
    1.98 +	tls1_change_cipher_state,
    1.99 +	tls1_final_finish_mac,
   1.100 +	TLS1_FINISH_MAC_LENGTH,
   1.101 +	tls1_cert_verify_mac,
   1.102 +	TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
   1.103 +	TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
   1.104 +	tls1_alert_code,
   1.105 +	};
   1.106 +
   1.107 +long dtls1_default_timeout(void)
   1.108 +	{
   1.109 +	/* 2 hours, the 24 hours mentioned in the DTLSv1 spec
   1.110 +	 * is way too long for http, the cache would over fill */
   1.111 +	return(60*60*2);
   1.112 +	}
   1.113 +
   1.114 +IMPLEMENT_dtls1_meth_func(dtlsv1_base_method,
   1.115 +			ssl_undefined_function,
   1.116 +			ssl_undefined_function,
   1.117 +			ssl_bad_method)
   1.118 +
   1.119 +int dtls1_new(SSL *s)
   1.120 +	{
   1.121 +	DTLS1_STATE *d1;
   1.122 +
   1.123 +	if (!ssl3_new(s)) return(0);
   1.124 +	if ((d1=OPENSSL_malloc(sizeof *d1)) == NULL) return (0);
   1.125 +	memset(d1,0, sizeof *d1);
   1.126 +
   1.127 +	/* d1->handshake_epoch=0; */
   1.128 +#if defined(OPENSSL_SYS_VMS) || defined(VMS_TEST)
   1.129 +	d1->bitmap.length=64;
   1.130 +#else
   1.131 +	d1->bitmap.length=sizeof(d1->bitmap.map) * 8;
   1.132 +#endif
   1.133 +	pq_64bit_init(&(d1->bitmap.map));
   1.134 +	pq_64bit_init(&(d1->bitmap.max_seq_num));
   1.135 +	
   1.136 +	pq_64bit_init(&(d1->next_bitmap.map));
   1.137 +	pq_64bit_init(&(d1->next_bitmap.max_seq_num));
   1.138 +
   1.139 +	d1->unprocessed_rcds.q=pqueue_new();
   1.140 +	d1->processed_rcds.q=pqueue_new();
   1.141 +	d1->buffered_messages = pqueue_new();
   1.142 +	d1->sent_messages=pqueue_new();
   1.143 +
   1.144 +	if ( s->server)
   1.145 +		{
   1.146 +		d1->cookie_len = sizeof(s->d1->cookie);
   1.147 +		}
   1.148 +
   1.149 +	if( ! d1->unprocessed_rcds.q || ! d1->processed_rcds.q 
   1.150 +        || ! d1->buffered_messages || ! d1->sent_messages)
   1.151 +		{
   1.152 +        if ( d1->unprocessed_rcds.q) pqueue_free(d1->unprocessed_rcds.q);
   1.153 +        if ( d1->processed_rcds.q) pqueue_free(d1->processed_rcds.q);
   1.154 +        if ( d1->buffered_messages) pqueue_free(d1->buffered_messages);
   1.155 +		if ( d1->sent_messages) pqueue_free(d1->sent_messages);
   1.156 +		OPENSSL_free(d1);
   1.157 +		return (0);
   1.158 +		}
   1.159 +
   1.160 +	s->d1=d1;
   1.161 +	s->method->ssl_clear(s);
   1.162 +	return(1);
   1.163 +	}
   1.164 +
   1.165 +void dtls1_free(SSL *s)
   1.166 +	{
   1.167 +    pitem *item = NULL;
   1.168 +    hm_fragment *frag = NULL;
   1.169 +
   1.170 +	ssl3_free(s);
   1.171 +
   1.172 +    while( (item = pqueue_pop(s->d1->unprocessed_rcds.q)) != NULL)
   1.173 +        {
   1.174 +        OPENSSL_free(item->data);
   1.175 +        pitem_free(item);
   1.176 +        }
   1.177 +    pqueue_free(s->d1->unprocessed_rcds.q);
   1.178 +
   1.179 +    while( (item = pqueue_pop(s->d1->processed_rcds.q)) != NULL)
   1.180 +        {
   1.181 +        OPENSSL_free(item->data);
   1.182 +        pitem_free(item);
   1.183 +        }
   1.184 +    pqueue_free(s->d1->processed_rcds.q);
   1.185 +
   1.186 +    while( (item = pqueue_pop(s->d1->buffered_messages)) != NULL)
   1.187 +        {
   1.188 +        frag = (hm_fragment *)item->data;
   1.189 +        OPENSSL_free(frag->fragment);
   1.190 +        OPENSSL_free(frag);
   1.191 +        pitem_free(item);
   1.192 +        }
   1.193 +    pqueue_free(s->d1->buffered_messages);
   1.194 +
   1.195 +    while ( (item = pqueue_pop(s->d1->sent_messages)) != NULL)
   1.196 +        {
   1.197 +        frag = (hm_fragment *)item->data;
   1.198 +        OPENSSL_free(frag->fragment);
   1.199 +        OPENSSL_free(frag);
   1.200 +        pitem_free(item);
   1.201 +        }
   1.202 +	pqueue_free(s->d1->sent_messages);
   1.203 +
   1.204 +	pq_64bit_free(&(s->d1->bitmap.map));
   1.205 +	pq_64bit_free(&(s->d1->bitmap.max_seq_num));
   1.206 +
   1.207 +	pq_64bit_free(&(s->d1->next_bitmap.map));
   1.208 +	pq_64bit_free(&(s->d1->next_bitmap.max_seq_num));
   1.209 +
   1.210 +	OPENSSL_free(s->d1);
   1.211 +	}
   1.212 +
   1.213 +void dtls1_clear(SSL *s)
   1.214 +	{
   1.215 +	ssl3_clear(s);
   1.216 +	s->version=DTLS1_VERSION;
   1.217 +	}
   1.218 +
   1.219 +/*
   1.220 + * As it's impossible to use stream ciphers in "datagram" mode, this
   1.221 + * simple filter is designed to disengage them in DTLS. Unfortunately
   1.222 + * there is no universal way to identify stream SSL_CIPHER, so we have
   1.223 + * to explicitly list their SSL_* codes. Currently RC4 is the only one
   1.224 + * available, but if new ones emerge, they will have to be added...
   1.225 + */
   1.226 +SSL_CIPHER *dtls1_get_cipher(unsigned int u)
   1.227 +	{
   1.228 +	SSL_CIPHER *ciph = ssl3_get_cipher(u);
   1.229 +
   1.230 +	if (ciph != NULL)
   1.231 +		{
   1.232 +		if ((ciph->algorithms&SSL_ENC_MASK) == SSL_RC4)
   1.233 +			return NULL;
   1.234 +		}
   1.235 +
   1.236 +	return ciph;
   1.237 +	}
Symaptic