Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
de07f311
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
de07f311
编写于
2月 03, 2015
作者:
M
Matt Caswell
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Move read_sequence and write_sequence from s->s3 to s->rlayer
Reviewed-by:
N
Richard Levitte
<
levitte@openssl.org
>
上级
f8caa3c8
变更
10
隐藏空白更改
内联
并排
Showing
10 changed file
with
61 addition
and
38 deletion
+61
-38
ssl/d1_both.c
ssl/d1_both.c
+9
-9
ssl/d1_srvr.c
ssl/d1_srvr.c
+2
-2
ssl/record/d1_pkt.c
ssl/record/d1_pkt.c
+9
-9
ssl/record/rec_layer.h
ssl/record/rec_layer.h
+8
-0
ssl/record/s3_pkt.c
ssl/record/s3_pkt.c
+19
-4
ssl/record/ssl3_record.c
ssl/record/ssl3_record.c
+9
-7
ssl/s3_both.c
ssl/s3_both.c
+1
-1
ssl/s3_enc.c
ssl/s3_enc.c
+2
-2
ssl/ssl_locl.h
ssl/ssl_locl.h
+0
-2
ssl/t1_enc.c
ssl/t1_enc.c
+2
-2
未找到文件。
ssl/d1_both.c
浏览文件 @
de07f311
...
...
@@ -961,7 +961,7 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
/*-
* for these 2 messages, we need to
* ssl->enc_read_ctx re-init
* ssl->
s3->read_sequence
zero
* ssl->
rlayer.read_sequence
zero
* ssl->s3->read_mac_secret re-init
* ssl->session->read_sym_enc assign
* ssl->session->read_compression assign
...
...
@@ -1198,10 +1198,10 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
if
(
frag
->
msg_header
.
saved_retransmit_state
.
epoch
==
saved_state
.
epoch
-
1
)
{
memcpy
(
save_write_sequence
,
s
->
s3
->
write_sequence
,
sizeof
(
s
->
s3
->
write_sequence
));
memcpy
(
s
->
s3
->
write_sequence
,
s
->
d1
->
last_write_sequence
,
sizeof
(
s
->
s3
->
write_sequence
)
);
memcpy
(
save_write_sequence
,
RECORD_LAYER_get_write_sequence
(
&
s
->
rlayer
),
sizeof
(
save_write_sequence
));
RECORD_LAYER_set_write_sequence
(
&
s
->
rlayer
,
s
->
d1
->
last_write_sequence
);
}
ret
=
dtls1_do_write
(
s
,
frag
->
msg_header
.
is_ccs
?
...
...
@@ -1216,10 +1216,10 @@ dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
if
(
frag
->
msg_header
.
saved_retransmit_state
.
epoch
==
saved_state
.
epoch
-
1
)
{
memcpy
(
s
->
d1
->
last_write_sequence
,
s
->
s3
->
write_sequence
,
sizeof
(
s
->
s3
->
write_sequence
));
memcpy
(
s
->
s3
->
write_sequence
,
save_write_sequence
,
sizeof
(
s
->
s3
->
write_sequence
)
);
memcpy
(
s
->
d1
->
last_write_sequence
,
RECORD_LAYER_get_write_sequence
(
&
s
->
rlayer
),
sizeof
(
s
->
d1
->
last_write_sequence
));
RECORD_LAYER_set_write_sequence
(
&
s
->
rlayer
,
save_write_sequence
);
}
s
->
d1
->
retransmitting
=
0
;
...
...
ssl/d1_srvr.c
浏览文件 @
de07f311
...
...
@@ -330,8 +330,8 @@ int dtls1_accept(SSL *s)
* listening
*/
if
(
listen
)
{
memcpy
(
s
->
s3
->
write_sequence
,
s
->
s3
->
read_sequence
,
sizeof
(
s
->
s3
->
write_sequence
));
RECORD_LAYER_set_write_sequence
(
&
s
->
rlayer
,
RECORD_LAYER_get_read_sequence
(
&
s
->
rlayer
));
}
/* If we're just listening, stop here */
...
...
ssl/record/d1_pkt.c
浏览文件 @
de07f311
...
...
@@ -199,7 +199,7 @@ static int dtls1_copy_record(SSL *s, pitem *item)
memcpy
(
&
s
->
rlayer
.
rrec
,
&
(
rdata
->
rrec
),
sizeof
(
SSL3_RECORD
));
/* Set proper sequence number for mac calculation */
memcpy
(
&
(
s
->
s3
->
read_sequence
[
2
]),
&
(
rdata
->
packet
[
5
]),
6
);
memcpy
(
&
(
s
->
rlayer
.
read_sequence
[
2
]),
&
(
rdata
->
packet
[
5
]),
6
);
return
(
1
);
}
...
...
@@ -1179,7 +1179,7 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
* else s2n(s->d1->handshake_epoch, pseq);
*/
memcpy
(
pseq
,
&
(
s
->
s3
->
write_sequence
[
2
]),
6
);
memcpy
(
pseq
,
&
(
s
->
rlayer
.
write_sequence
[
2
]),
6
);
pseq
+=
6
;
s2n
(
wr
->
length
,
pseq
);
...
...
@@ -1194,7 +1194,7 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
wr
->
type
=
type
;
/* not needed but helps for debugging */
wr
->
length
+=
DTLS1_RT_HEADER_LENGTH
;
ssl3_record_sequence_update
(
&
(
s
->
s3
->
write_sequence
[
0
]));
ssl3_record_sequence_update
(
&
(
s
->
rlayer
.
write_sequence
[
0
]));
if
(
create_empty_fragment
)
{
/*
...
...
@@ -1227,7 +1227,7 @@ int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap)
{
int
cmp
;
unsigned
int
shift
;
const
unsigned
char
*
seq
=
s
->
s3
->
read_sequence
;
const
unsigned
char
*
seq
=
s
->
rlayer
.
read_sequence
;
cmp
=
satsub64be
(
seq
,
bitmap
->
max_seq_num
);
if
(
cmp
>
0
)
{
...
...
@@ -1248,7 +1248,7 @@ void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap)
{
int
cmp
;
unsigned
int
shift
;
const
unsigned
char
*
seq
=
s
->
s3
->
read_sequence
;
const
unsigned
char
*
seq
=
s
->
rlayer
.
read_sequence
;
cmp
=
satsub64be
(
seq
,
bitmap
->
max_seq_num
);
if
(
cmp
>
0
)
{
...
...
@@ -1288,17 +1288,17 @@ DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
void
dtls1_reset_seq_numbers
(
SSL
*
s
,
int
rw
)
{
unsigned
char
*
seq
;
unsigned
int
seq_bytes
=
sizeof
(
s
->
s3
->
read_sequence
);
unsigned
int
seq_bytes
=
sizeof
(
s
->
rlayer
.
read_sequence
);
if
(
rw
&
SSL3_CC_READ
)
{
seq
=
s
->
s3
->
read_sequence
;
seq
=
s
->
rlayer
.
read_sequence
;
s
->
d1
->
r_epoch
++
;
memcpy
(
&
(
s
->
d1
->
bitmap
),
&
(
s
->
d1
->
next_bitmap
),
sizeof
(
DTLS1_BITMAP
));
memset
(
&
(
s
->
d1
->
next_bitmap
),
0x00
,
sizeof
(
DTLS1_BITMAP
));
}
else
{
seq
=
s
->
s3
->
write_sequence
;
seq
=
s
->
rlayer
.
write_sequence
;
memcpy
(
s
->
d1
->
last_write_sequence
,
seq
,
sizeof
(
s
->
s3
->
write_sequence
));
sizeof
(
s
->
rlayer
.
write_sequence
));
s
->
d1
->
w_epoch
++
;
}
...
...
ssl/record/rec_layer.h
浏览文件 @
de07f311
...
...
@@ -174,6 +174,9 @@ typedef struct record_layer_st {
/* number of bytes submitted */
int
wpend_ret
;
const
unsigned
char
*
wpend_buf
;
unsigned
char
read_sequence
[
8
];
unsigned
char
write_sequence
[
8
];
}
RECORD_LAYER
;
...
...
@@ -190,6 +193,8 @@ typedef struct record_layer_st {
#define RECORD_LAYER_get_packet(rl) ((rl)->packet)
#define RECORD_LAYER_get_packet_length(rl) ((rl)->packet_length)
#define RECORD_LAYER_add_packet_length(rl, inc) ((rl)->packet_length += (inc))
#define RECORD_LAYER_get_read_sequence(rl) ((rl)->read_sequence)
#define RECORD_LAYER_get_write_sequence(rl) ((rl)->write_sequence)
void
RECORD_LAYER_init
(
RECORD_LAYER
*
rl
,
SSL
*
s
);
void
RECORD_LAYER_clear
(
RECORD_LAYER
*
rl
);
...
...
@@ -198,6 +203,9 @@ int RECORD_LAYER_read_pending(RECORD_LAYER *rl);
int
RECORD_LAYER_write_pending
(
RECORD_LAYER
*
rl
);
int
RECORD_LAYER_set_data
(
RECORD_LAYER
*
rl
,
const
unsigned
char
*
buf
,
int
len
);
void
RECORD_LAYER_dup
(
RECORD_LAYER
*
dst
,
RECORD_LAYER
*
src
);
void
RECORD_LAYER_reset_read_sequence
(
RECORD_LAYER
*
rl
);
void
RECORD_LAYER_reset_write_sequence
(
RECORD_LAYER
*
rl
);
void
RECORD_LAYER_set_write_sequence
(
RECORD_LAYER
*
rl
,
const
unsigned
char
*
ws
);
__owur
int
ssl3_pending
(
const
SSL
*
s
);
__owur
int
ssl23_read_bytes
(
SSL
*
s
,
int
n
);
__owur
int
ssl23_write_bytes
(
SSL
*
s
);
...
...
ssl/record/s3_pkt.c
浏览文件 @
de07f311
...
...
@@ -211,6 +211,21 @@ void RECORD_LAYER_dup(RECORD_LAYER *dst, RECORD_LAYER *src)
dst
->
rstate
=
src
->
rstate
;
}
void
RECORD_LAYER_reset_read_sequence
(
RECORD_LAYER
*
rl
)
{
memset
(
rl
->
read_sequence
,
0
,
8
);
}
void
RECORD_LAYER_reset_write_sequence
(
RECORD_LAYER
*
rl
)
{
memset
(
rl
->
write_sequence
,
0
,
8
);
}
void
RECORD_LAYER_set_write_sequence
(
RECORD_LAYER
*
rl
,
const
unsigned
char
*
ws
)
{
memcpy
(
rl
->
write_sequence
,
ws
,
sizeof
(
rl
->
write_sequence
));
}
int
ssl3_pending
(
const
SSL
*
s
)
{
if
(
s
->
rlayer
.
rstate
==
SSL_ST_READ_BODY
)
...
...
@@ -541,7 +556,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
else
nw
=
max_send_fragment
*
(
mb_param
.
interleave
=
4
);
memcpy
(
aad
,
s
->
s3
->
write_sequence
,
8
);
memcpy
(
aad
,
s
->
rlayer
.
write_sequence
,
8
);
aad
[
8
]
=
type
;
aad
[
9
]
=
(
unsigned
char
)(
s
->
version
>>
8
);
aad
[
10
]
=
(
unsigned
char
)(
s
->
version
);
...
...
@@ -570,10 +585,10 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len)
sizeof
(
mb_param
),
&
mb_param
)
<=
0
)
return
-
1
;
s
->
s3
->
write_sequence
[
7
]
+=
mb_param
.
interleave
;
if
(
s
->
s3
->
write_sequence
[
7
]
<
mb_param
.
interleave
)
{
s
->
rlayer
.
write_sequence
[
7
]
+=
mb_param
.
interleave
;
if
(
s
->
rlayer
.
write_sequence
[
7
]
<
mb_param
.
interleave
)
{
int
j
=
6
;
while
(
j
>=
0
&&
(
++
s
->
s3
->
write_sequence
[
j
--
])
==
0
)
;
while
(
j
>=
0
&&
(
++
s
->
rlayer
.
write_sequence
[
j
--
])
==
0
)
;
}
wb
->
offset
=
0
;
...
...
ssl/record/ssl3_record.c
浏览文件 @
de07f311
...
...
@@ -659,7 +659,8 @@ int tls1_enc(SSL *s, int send)
if
(
EVP_CIPHER_flags
(
ds
->
cipher
)
&
EVP_CIPH_FLAG_AEAD_CIPHER
)
{
unsigned
char
buf
[
13
],
*
seq
;
seq
=
send
?
s
->
s3
->
write_sequence
:
s
->
s3
->
read_sequence
;
seq
=
send
?
RECORD_LAYER_get_write_sequence
(
&
s
->
rlayer
)
:
RECORD_LAYER_get_read_sequence
(
&
s
->
rlayer
);
if
(
SSL_IS_DTLS
(
s
))
{
unsigned
char
dtlsseq
[
9
],
*
p
=
dtlsseq
;
...
...
@@ -773,12 +774,12 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send)
if
(
send
)
{
rec
=
RECORD_LAYER_get_wrec
(
&
ssl
->
rlayer
);
mac_sec
=
&
(
ssl
->
s3
->
write_mac_secret
[
0
]);
seq
=
&
(
ssl
->
s3
->
write_sequence
[
0
]
);
seq
=
RECORD_LAYER_get_write_sequence
(
&
ssl
->
rlayer
);
hash
=
ssl
->
write_hash
;
}
else
{
rec
=
RECORD_LAYER_get_rrec
(
&
ssl
->
rlayer
);
mac_sec
=
&
(
ssl
->
s3
->
read_mac_secret
[
0
]);
seq
=
&
(
ssl
->
s3
->
read_sequence
[
0
]
);
seq
=
RECORD_LAYER_get_read_sequence
(
&
ssl
->
rlayer
);
hash
=
ssl
->
read_hash
;
}
...
...
@@ -869,11 +870,11 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send)
if
(
send
)
{
rec
=
RECORD_LAYER_get_wrec
(
&
ssl
->
rlayer
);
seq
=
&
(
ssl
->
s3
->
write_sequence
[
0
]
);
seq
=
RECORD_LAYER_get_write_sequence
(
&
ssl
->
rlayer
);
hash
=
ssl
->
write_hash
;
}
else
{
rec
=
RECORD_LAYER_get_rrec
(
&
ssl
->
rlayer
);
seq
=
&
(
ssl
->
s3
->
read_sequence
[
0
]
);
seq
=
RECORD_LAYER_get_read_sequence
(
&
ssl
->
rlayer
);
hash
=
ssl
->
read_hash
;
}
...
...
@@ -1045,7 +1046,8 @@ int tls1_cbc_remove_padding(const SSL *s,
*/
if
((
s
->
options
&
SSL_OP_TLS_BLOCK_PADDING_BUG
)
&&
!
s
->
expand
)
{
/* First packet is even in size, so check */
if
((
memcmp
(
s
->
s3
->
read_sequence
,
"
\0\0\0\0\0\0\0\0
"
,
8
)
==
0
)
&&
if
((
memcmp
(
RECORD_LAYER_get_read_sequence
(
&
s
->
rlayer
),
"
\0\0\0\0\0\0\0\0
"
,
8
)
==
0
)
&&
!
(
padding_length
&
1
))
{
s
->
s3
->
flags
|=
TLS1_FLAGS_TLS_PADDING_BUG
;
}
...
...
@@ -1431,7 +1433,7 @@ int dtls1_get_record(SSL *s)
/* sequence number is 64 bits, with top 2 bytes = epoch */
n2s
(
p
,
rr
->
epoch
);
memcpy
(
&
(
s
->
s3
->
read_sequence
[
2
]),
p
,
6
);
memcpy
(
&
(
RECORD_LAYER_get_read_sequence
(
&
s
->
rlayer
)
[
2
]),
p
,
6
);
p
+=
6
;
n2s
(
p
,
rr
->
length
);
...
...
ssl/s3_both.c
浏览文件 @
de07f311
...
...
@@ -292,7 +292,7 @@ int ssl3_get_finished(SSL *s, int a, int b)
/*-
* for these 2 messages, we need to
* ssl->enc_read_ctx re-init
* ssl->
s3->read_sequence
zero
* ssl->
rlayer.read_sequence
zero
* ssl->s3->read_mac_secret re-init
* ssl->session->read_sym_enc assign
* ssl->session->read_compression assign
...
...
ssl/s3_enc.c
浏览文件 @
de07f311
...
...
@@ -274,7 +274,7 @@ int ssl3_change_cipher_state(SSL *s, int which)
goto
err
;
}
#endif
memset
(
&
(
s
->
s3
->
read_sequence
[
0
]),
0
,
8
);
RECORD_LAYER_reset_read_sequence
(
&
s
->
rlayer
);
mac_secret
=
&
(
s
->
s3
->
read_mac_secret
[
0
]);
}
else
{
if
(
s
->
enc_write_ctx
!=
NULL
)
...
...
@@ -307,7 +307,7 @@ int ssl3_change_cipher_state(SSL *s, int which)
}
}
#endif
memset
(
&
(
s
->
s3
->
write_sequence
[
0
]),
0
,
8
);
RECORD_LAYER_reset_write_sequence
(
&
s
->
rlayer
);
mac_secret
=
&
(
s
->
s3
->
write_mac_secret
[
0
]);
}
...
...
ssl/ssl_locl.h
浏览文件 @
de07f311
...
...
@@ -1224,10 +1224,8 @@ struct ssl_st {
typedef
struct
ssl3_state_st
{
long
flags
;
int
delay_buf_pop_ret
;
unsigned
char
read_sequence
[
8
];
int
read_mac_secret_size
;
unsigned
char
read_mac_secret
[
EVP_MAX_MD_SIZE
];
unsigned
char
write_sequence
[
8
];
int
write_mac_secret_size
;
unsigned
char
write_mac_secret
[
EVP_MAX_MD_SIZE
];
unsigned
char
server_random
[
SSL3_RANDOM_SIZE
];
...
...
ssl/t1_enc.c
浏览文件 @
de07f311
...
...
@@ -404,7 +404,7 @@ int tls1_change_cipher_state(SSL *s, int which)
* this is done by dtls1_reset_seq_numbers for DTLS
*/
if
(
!
SSL_IS_DTLS
(
s
))
memset
(
&
(
s
->
s3
->
read_sequence
[
0
]),
0
,
8
);
RECORD_LAYER_reset_read_sequence
(
&
s
->
rlayer
);
mac_secret
=
&
(
s
->
s3
->
read_mac_secret
[
0
]);
mac_secret_size
=
&
(
s
->
s3
->
read_mac_secret_size
);
}
else
{
...
...
@@ -442,7 +442,7 @@ int tls1_change_cipher_state(SSL *s, int which)
* this is done by dtls1_reset_seq_numbers for DTLS
*/
if
(
!
SSL_IS_DTLS
(
s
))
memset
(
&
(
s
->
s3
->
write_sequence
[
0
]),
0
,
8
);
RECORD_LAYER_reset_write_sequence
(
&
s
->
rlayer
);
mac_secret
=
&
(
s
->
s3
->
write_mac_secret
[
0
]);
mac_secret_size
=
&
(
s
->
s3
->
write_mac_secret_size
);
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录