| 1 | /* |
|---|---|
| 2 | * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. |
| 3 | * |
| 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
| 5 | * this file except in compliance with the License. You can obtain a copy |
| 6 | * in the file LICENSE in the source distribution or at |
| 7 | * https://www.openssl.org/source/license.html |
| 8 | */ |
| 9 | |
| 10 | /***************************************************************************** |
| 11 | * * |
| 12 | * These structures should be considered PRIVATE to the record layer. No * |
| 13 | * non-record layer code should be using these structures in any way. * |
| 14 | * * |
| 15 | *****************************************************************************/ |
| 16 | |
| 17 | typedef struct ssl3_buffer_st { |
| 18 | /* at least SSL3_RT_MAX_PACKET_SIZE bytes, see ssl3_setup_buffers() */ |
| 19 | unsigned char *buf; |
| 20 | /* default buffer size (or 0 if no default set) */ |
| 21 | size_t default_len; |
| 22 | /* buffer size */ |
| 23 | size_t len; |
| 24 | /* where to 'copy from' */ |
| 25 | size_t offset; |
| 26 | /* how many bytes left */ |
| 27 | size_t left; |
| 28 | } SSL3_BUFFER; |
| 29 | |
| 30 | #define SEQ_NUM_SIZE 8 |
| 31 | |
| 32 | typedef struct ssl3_record_st { |
| 33 | /* Record layer version */ |
| 34 | /* r */ |
| 35 | int rec_version; |
| 36 | /* type of record */ |
| 37 | /* r */ |
| 38 | int type; |
| 39 | /* How many bytes available */ |
| 40 | /* rw */ |
| 41 | size_t length; |
| 42 | /* |
| 43 | * How many bytes were available before padding was removed? This is used |
| 44 | * to implement the MAC check in constant time for CBC records. |
| 45 | */ |
| 46 | /* rw */ |
| 47 | size_t orig_len; |
| 48 | /* read/write offset into 'buf' */ |
| 49 | /* r */ |
| 50 | size_t off; |
| 51 | /* pointer to the record data */ |
| 52 | /* rw */ |
| 53 | unsigned char *data; |
| 54 | /* where the decode bytes are */ |
| 55 | /* rw */ |
| 56 | unsigned char *input; |
| 57 | /* only used with decompression - malloc()ed */ |
| 58 | /* r */ |
| 59 | unsigned char *comp; |
| 60 | /* Whether the data from this record has already been read or not */ |
| 61 | /* r */ |
| 62 | unsigned int read; |
| 63 | /* epoch number, needed by DTLS1 */ |
| 64 | /* r */ |
| 65 | unsigned long epoch; |
| 66 | /* sequence number, needed by DTLS1 */ |
| 67 | /* r */ |
| 68 | unsigned char seq_num[SEQ_NUM_SIZE]; |
| 69 | } SSL3_RECORD; |
| 70 | |
| 71 | typedef struct dtls1_bitmap_st { |
| 72 | /* Track 32 packets on 32-bit systems and 64 - on 64-bit systems */ |
| 73 | unsigned long map; |
| 74 | /* Max record number seen so far, 64-bit value in big-endian encoding */ |
| 75 | unsigned char max_seq_num[SEQ_NUM_SIZE]; |
| 76 | } DTLS1_BITMAP; |
| 77 | |
| 78 | typedef struct record_pqueue_st { |
| 79 | unsigned short epoch; |
| 80 | struct pqueue_st *q; |
| 81 | } record_pqueue; |
| 82 | |
| 83 | typedef struct dtls1_record_data_st { |
| 84 | unsigned char *packet; |
| 85 | size_t packet_length; |
| 86 | SSL3_BUFFER rbuf; |
| 87 | SSL3_RECORD rrec; |
| 88 | #ifndef OPENSSL_NO_SCTP |
| 89 | struct bio_dgram_sctp_rcvinfo recordinfo; |
| 90 | #endif |
| 91 | } DTLS1_RECORD_DATA; |
| 92 | |
| 93 | typedef struct dtls_record_layer_st { |
| 94 | /* |
| 95 | * The current data and handshake epoch. This is initially |
| 96 | * undefined, and starts at zero once the initial handshake is |
| 97 | * completed |
| 98 | */ |
| 99 | unsigned short r_epoch; |
| 100 | unsigned short w_epoch; |
| 101 | /* records being received in the current epoch */ |
| 102 | DTLS1_BITMAP bitmap; |
| 103 | /* renegotiation starts a new set of sequence numbers */ |
| 104 | DTLS1_BITMAP next_bitmap; |
| 105 | /* Received handshake records (processed and unprocessed) */ |
| 106 | record_pqueue unprocessed_rcds; |
| 107 | record_pqueue processed_rcds; |
| 108 | /* |
| 109 | * Buffered application records. Only for records between CCS and |
| 110 | * Finished to prevent either protocol violation or unnecessary message |
| 111 | * loss. |
| 112 | */ |
| 113 | record_pqueue buffered_app_data; |
| 114 | /* save last and current sequence numbers for retransmissions */ |
| 115 | unsigned char last_write_sequence[8]; |
| 116 | unsigned char curr_write_sequence[8]; |
| 117 | } DTLS_RECORD_LAYER; |
| 118 | |
| 119 | /***************************************************************************** |
| 120 | * * |
| 121 | * This structure should be considered "opaque" to anything outside of the * |
| 122 | * record layer. No non-record layer code should be accessing the members of * |
| 123 | * this structure. * |
| 124 | * * |
| 125 | *****************************************************************************/ |
| 126 | |
| 127 | typedef struct record_layer_st { |
| 128 | /* The parent SSL structure */ |
| 129 | SSL *s; |
| 130 | /* |
| 131 | * Read as many input bytes as possible (for |
| 132 | * non-blocking reads) |
| 133 | */ |
| 134 | int read_ahead; |
| 135 | /* where we are when reading */ |
| 136 | int rstate; |
| 137 | /* How many pipelines can be used to read data */ |
| 138 | size_t numrpipes; |
| 139 | /* How many pipelines can be used to write data */ |
| 140 | size_t numwpipes; |
| 141 | /* read IO goes into here */ |
| 142 | SSL3_BUFFER rbuf; |
| 143 | /* write IO goes into here */ |
| 144 | SSL3_BUFFER wbuf[SSL_MAX_PIPELINES]; |
| 145 | /* each decoded record goes in here */ |
| 146 | SSL3_RECORD rrec[SSL_MAX_PIPELINES]; |
| 147 | /* used internally to point at a raw packet */ |
| 148 | unsigned char *packet; |
| 149 | size_t packet_length; |
| 150 | /* number of bytes sent so far */ |
| 151 | size_t wnum; |
| 152 | unsigned char handshake_fragment[4]; |
| 153 | size_t handshake_fragment_len; |
| 154 | /* The number of consecutive empty records we have received */ |
| 155 | size_t empty_record_count; |
| 156 | /* partial write - check the numbers match */ |
| 157 | /* number bytes written */ |
| 158 | size_t wpend_tot; |
| 159 | int wpend_type; |
| 160 | /* number of bytes submitted */ |
| 161 | size_t wpend_ret; |
| 162 | const unsigned char *wpend_buf; |
| 163 | unsigned char read_sequence[SEQ_NUM_SIZE]; |
| 164 | unsigned char write_sequence[SEQ_NUM_SIZE]; |
| 165 | /* Set to true if this is the first record in a connection */ |
| 166 | unsigned int is_first_record; |
| 167 | /* Count of the number of consecutive warning alerts received */ |
| 168 | unsigned int alert_count; |
| 169 | DTLS_RECORD_LAYER *d; |
| 170 | } RECORD_LAYER; |
| 171 | |
| 172 | /***************************************************************************** |
| 173 | * * |
| 174 | * The following macros/functions represent the libssl internal API to the * |
| 175 | * record layer. Any libssl code may call these functions/macros * |
| 176 | * * |
| 177 | *****************************************************************************/ |
| 178 | |
| 179 | #define MIN_SSL2_RECORD_LEN 9 |
| 180 | |
| 181 | #define RECORD_LAYER_set_read_ahead(rl, ra) ((rl)->read_ahead = (ra)) |
| 182 | #define RECORD_LAYER_get_read_ahead(rl) ((rl)->read_ahead) |
| 183 | #define RECORD_LAYER_get_packet(rl) ((rl)->packet) |
| 184 | #define RECORD_LAYER_get_packet_length(rl) ((rl)->packet_length) |
| 185 | #define RECORD_LAYER_add_packet_length(rl, inc) ((rl)->packet_length += (inc)) |
| 186 | #define DTLS_RECORD_LAYER_get_w_epoch(rl) ((rl)->d->w_epoch) |
| 187 | #define DTLS_RECORD_LAYER_get_processed_rcds(rl) \ |
| 188 | ((rl)->d->processed_rcds) |
| 189 | #define DTLS_RECORD_LAYER_get_unprocessed_rcds(rl) \ |
| 190 | ((rl)->d->unprocessed_rcds) |
| 191 | #define RECORD_LAYER_get_rbuf(rl) (&(rl)->rbuf) |
| 192 | #define RECORD_LAYER_get_wbuf(rl) ((rl)->wbuf) |
| 193 | |
| 194 | void RECORD_LAYER_init(RECORD_LAYER *rl, SSL *s); |
| 195 | void RECORD_LAYER_clear(RECORD_LAYER *rl); |
| 196 | void RECORD_LAYER_release(RECORD_LAYER *rl); |
| 197 | int RECORD_LAYER_read_pending(const RECORD_LAYER *rl); |
| 198 | int RECORD_LAYER_processed_read_pending(const RECORD_LAYER *rl); |
| 199 | int RECORD_LAYER_write_pending(const RECORD_LAYER *rl); |
| 200 | void RECORD_LAYER_reset_read_sequence(RECORD_LAYER *rl); |
| 201 | void RECORD_LAYER_reset_write_sequence(RECORD_LAYER *rl); |
| 202 | int RECORD_LAYER_is_sslv2_record(RECORD_LAYER *rl); |
| 203 | size_t RECORD_LAYER_get_rrec_length(RECORD_LAYER *rl); |
| 204 | __owur size_t ssl3_pending(const SSL *s); |
| 205 | __owur int ssl3_write_bytes(SSL *s, int type, const void *buf, size_t len, |
| 206 | size_t *written); |
| 207 | int do_ssl3_write(SSL *s, int type, const unsigned char *buf, |
| 208 | size_t *pipelens, size_t numpipes, |
| 209 | int create_empty_fragment, size_t *written); |
| 210 | __owur int ssl3_read_bytes(SSL *s, int type, int *recvd_type, |
| 211 | unsigned char *buf, size_t len, int peek, |
| 212 | size_t *readbytes); |
| 213 | __owur int ssl3_setup_buffers(SSL *s); |
| 214 | __owur int ssl3_enc(SSL *s, SSL3_RECORD *inrecs, size_t n_recs, int send); |
| 215 | __owur int n_ssl3_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int send); |
| 216 | __owur int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, size_t len, |
| 217 | size_t *written); |
| 218 | __owur int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int send); |
| 219 | __owur int tls1_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int send); |
| 220 | __owur int tls13_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int send); |
| 221 | int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl); |
| 222 | void DTLS_RECORD_LAYER_free(RECORD_LAYER *rl); |
| 223 | void DTLS_RECORD_LAYER_clear(RECORD_LAYER *rl); |
| 224 | void DTLS_RECORD_LAYER_set_saved_w_epoch(RECORD_LAYER *rl, unsigned short e); |
| 225 | void DTLS_RECORD_LAYER_clear(RECORD_LAYER *rl); |
| 226 | void DTLS_RECORD_LAYER_set_write_sequence(RECORD_LAYER *rl, unsigned char *seq); |
| 227 | __owur int dtls1_read_bytes(SSL *s, int type, int *recvd_type, |
| 228 | unsigned char *buf, size_t len, int peek, |
| 229 | size_t *readbytes); |
| 230 | __owur int dtls1_write_bytes(SSL *s, int type, const void *buf, size_t len, |
| 231 | size_t *written); |
| 232 | int do_dtls1_write(SSL *s, int type, const unsigned char *buf, |
| 233 | size_t len, int create_empty_fragment, size_t *written); |
| 234 | void dtls1_reset_seq_numbers(SSL *s, int rw); |
| 235 | int dtls_buffer_listen_record(SSL *s, size_t len, unsigned char *seq, |
| 236 | size_t off); |
| 237 |
Generated while processing ClickHouse/contrib/openssl/ssl/bio_ssl.c
Generated on 2020-Jan-04 from project ClickHouse revision 19.17.6
Powered by 
Code Browser 2.1
Generator usage only permitted with license.