diff options
Diffstat (limited to 'lib/dtls.c')
-rw-r--r-- | lib/dtls.c | 193 |
1 files changed, 96 insertions, 97 deletions
diff --git a/lib/dtls.c b/lib/dtls.c index 65edb83acf..7df4b26c64 100644 --- a/lib/dtls.c +++ b/lib/dtls.c @@ -40,10 +40,10 @@ void _dtls_async_timer_delete(gnutls_session_t session) { if (session->internals.dtls.async_term != 0) { - _gnutls_dtls_log - ("DTLS[%p]: Deinitializing previous handshake state.\n", - session); - session->internals.dtls.async_term = 0; /* turn off "timer" */ + _gnutls_dtls_log( + "DTLS[%p]: Deinitializing previous handshake state.\n", + session); + session->internals.dtls.async_term = 0; /* turn off "timer" */ _dtls_reset_hsk_state(session); _gnutls_handshake_io_buffer_clear(session); @@ -55,8 +55,8 @@ void _dtls_async_timer_delete(gnutls_session_t session) * outgoing message. It accepts mtu_data which is a buffer to * be reused (should be set to NULL initially). */ -static inline int -transmit_message(gnutls_session_t session, mbuffer_st * bufel, uint8_t ** buf) +static inline int transmit_message(gnutls_session_t session, mbuffer_st *bufel, + uint8_t **buf) { uint8_t *data, *mtu_data; int ret = 0; @@ -69,13 +69,12 @@ transmit_message(gnutls_session_t session, mbuffer_st * bufel, uint8_t ** buf) mtu -= DTLS_HANDSHAKE_HEADER_SIZE; if (bufel->type == GNUTLS_CHANGE_CIPHER_SPEC) { - _gnutls_dtls_log - ("DTLS[%p]: Sending Packet[%u] fragment %s(%d), mtu %u\n", - session, bufel->handshake_sequence, - _gnutls_handshake2str(bufel->htype), bufel->htype, mtu); + _gnutls_dtls_log( + "DTLS[%p]: Sending Packet[%u] fragment %s(%d), mtu %u\n", + session, bufel->handshake_sequence, + _gnutls_handshake2str(bufel->htype), bufel->htype, mtu); - return _gnutls_send_int(session, bufel->type, -1, - bufel->epoch, + return _gnutls_send_int(session, bufel->type, -1, bufel->epoch, _mbuffer_get_uhead_ptr(bufel), _mbuffer_get_uhead_size(bufel), 0); } @@ -94,7 +93,7 @@ transmit_message(gnutls_session_t session, mbuffer_st * bufel, uint8_t ** buf) */ /* Handshake type */ - mtu_data[0] = (uint8_t) bufel->htype; + mtu_data[0] = (uint8_t)bufel->htype; /* Total length */ _gnutls_write_uint24(data_size, &mtu_data[1]); @@ -124,20 +123,20 @@ transmit_message(gnutls_session_t session, mbuffer_st * bufel, uint8_t ** buf) /* Fragment length */ _gnutls_write_uint24(frag_len, &mtu_data[9]); - memcpy(&mtu_data[DTLS_HANDSHAKE_HEADER_SIZE], - data + offset, frag_len); + memcpy(&mtu_data[DTLS_HANDSHAKE_HEADER_SIZE], data + offset, + frag_len); - _gnutls_dtls_log - ("DTLS[%p]: Sending Packet[%u] fragment %s(%d) with " - "length: %u, offset: %u, fragment length: %u, mtu: %u\n", - session, bufel->handshake_sequence, - _gnutls_handshake2str(bufel->htype), bufel->htype, - data_size, offset, frag_len, mtu); + _gnutls_dtls_log( + "DTLS[%p]: Sending Packet[%u] fragment %s(%d) with " + "length: %u, offset: %u, fragment length: %u, mtu: %u\n", + session, bufel->handshake_sequence, + _gnutls_handshake2str(bufel->htype), bufel->htype, + data_size, offset, frag_len, mtu); ret = _gnutls_send_int(session, bufel->type, bufel->htype, bufel->epoch, mtu_data, - DTLS_HANDSHAKE_HEADER_SIZE + - frag_len, 0); + DTLS_HANDSHAKE_HEADER_SIZE + frag_len, + 0); if (ret < 0) { gnutls_assert(); break; @@ -148,7 +147,7 @@ transmit_message(gnutls_session_t session, mbuffer_st * bufel, uint8_t ** buf) } static int drop_usage_count(gnutls_session_t session, - mbuffer_head_st * const send_buffer) + mbuffer_head_st *const send_buffer) { int ret; mbuffer_st *cur; @@ -174,9 +173,8 @@ static int is_next_hpacket_expected(gnutls_session_t session) int ret; /* htype is arbitrary */ - ret = - _gnutls_recv_in_buffers(session, GNUTLS_HANDSHAKE, - GNUTLS_HANDSHAKE_FINISHED, 0); + ret = _gnutls_recv_in_buffers(session, GNUTLS_HANDSHAKE, + GNUTLS_HANDSHAKE_FINISHED, 0); if (ret < 0) return gnutls_assert_val(ret); @@ -197,13 +195,16 @@ void _dtls_reset_hsk_state(gnutls_session_t session) _mbuffer_head_clear(&session->internals.handshake_send_buffer); } -#define UPDATE_TIMER { \ - session->internals.dtls.actual_retrans_timeout_ms *= 2; \ - session->internals.dtls.actual_retrans_timeout_ms %= MAX_DTLS_TIMEOUT; \ - } +#define UPDATE_TIMER \ + { \ + session->internals.dtls.actual_retrans_timeout_ms *= 2; \ + session->internals.dtls.actual_retrans_timeout_ms %= \ + MAX_DTLS_TIMEOUT; \ + } -#define RESET_TIMER \ - session->internals.dtls.actual_retrans_timeout_ms = session->internals.dtls.retrans_timeout_ms +#define RESET_TIMER \ + session->internals.dtls.actual_retrans_timeout_ms = \ + session->internals.dtls.retrans_timeout_ms #define TIMER_WINDOW session->internals.dtls.actual_retrans_timeout_ms @@ -221,7 +222,7 @@ int _dtls_transmit(gnutls_session_t session) /* PREPARING -> SENDING state transition */ mbuffer_head_st *const send_buffer = - &session->internals.handshake_send_buffer; + &session->internals.handshake_send_buffer; mbuffer_st *cur; gnutls_handshake_description_t last_type = 0; unsigned int diff; @@ -233,8 +234,8 @@ int _dtls_transmit(gnutls_session_t session) * non blocking way, check if it is time to retransmit or just * return. */ - if (session->internals.dtls.flight_init != 0 - && (session->internals.flags & GNUTLS_NONBLOCK)) { + if (session->internals.dtls.flight_init != 0 && + (session->internals.flags & GNUTLS_NONBLOCK)) { /* just in case previous run was interrupted */ ret = _gnutls_io_write_flush(session); if (ret < 0) { @@ -242,31 +243,29 @@ int _dtls_transmit(gnutls_session_t session) goto cleanup; } - if (session->internals.dtls.last_flight == 0 - || !_dtls_is_async(session)) { + if (session->internals.dtls.last_flight == 0 || + !_dtls_is_async(session)) { /* check for ACK */ ret = _gnutls_io_check_recv(session, 0); if (ret == GNUTLS_E_TIMEDOUT) { /* if no retransmission is required yet just return */ - if (timespec_sub_ms - (&now, - &session->internals.dtls.last_retransmit) < + if (timespec_sub_ms(&now, + &session->internals.dtls + .last_retransmit) < TIMER_WINDOW) { gnutls_assert(); goto nb_timeout; } - } else { /* received something */ + } else { /* received something */ if (ret == 0) { ret = is_next_hpacket_expected(session); - if (ret == GNUTLS_E_AGAIN - || ret == GNUTLS_E_INTERRUPTED) + if (ret == GNUTLS_E_AGAIN || + ret == GNUTLS_E_INTERRUPTED) goto nb_timeout; - if (ret < 0 - && ret != - GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET) - { + if (ret < 0 && + ret != GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET) { gnutls_assert(); goto cleanup; } @@ -282,25 +281,24 @@ int _dtls_transmit(gnutls_session_t session) do { timeout = TIMER_WINDOW; - diff = - timespec_sub_ms(&now, - &session->internals.handshake_start_time); + diff = timespec_sub_ms( + &now, &session->internals.handshake_start_time); if (diff >= session->internals.handshake_timeout_ms) { _gnutls_dtls_log("Session timeout: %u ms\n", diff); ret = gnutls_assert_val(GNUTLS_E_TIMEDOUT); goto end_flight; } - diff = - timespec_sub_ms(&now, - &session->internals.dtls.last_retransmit); - if (session->internals.dtls.flight_init == 0 - || diff >= TIMER_WINDOW) { - _gnutls_dtls_log - ("DTLS[%p]: %sStart of flight transmission.\n", - session, - (session->internals.dtls.flight_init == - 0) ? "" : "re-"); + diff = timespec_sub_ms( + &now, &session->internals.dtls.last_retransmit); + if (session->internals.dtls.flight_init == 0 || + diff >= TIMER_WINDOW) { + _gnutls_dtls_log( + "DTLS[%p]: %sStart of flight transmission.\n", + session, + (session->internals.dtls.flight_init == 0) ? + "" : + "re-"); for (cur = send_buffer->head; cur != NULL; cur = cur->next) { ret = transmit_message(session, cur, &buf); @@ -311,8 +309,8 @@ int _dtls_transmit(gnutls_session_t session) last_type = cur->htype; } - gnutls_gettime(&session->internals. - dtls.last_retransmit); + gnutls_gettime( + &session->internals.dtls.last_retransmit); if (session->internals.dtls.flight_init == 0) { session->internals.dtls.flight_init = 1; @@ -347,7 +345,7 @@ int _dtls_transmit(gnutls_session_t session) */ ret = 0; goto cleanup; - } else { /* all other messages -> implicit ack (receive of next flight) */ + } else { /* all other messages -> implicit ack (receive of next flight) */ if (!(session->internals.flags & GNUTLS_NONBLOCK)) ret = _gnutls_io_check_recv(session, timeout); @@ -360,11 +358,12 @@ int _dtls_transmit(gnutls_session_t session) if (ret == 0) { ret = is_next_hpacket_expected(session); - if (ret == GNUTLS_E_AGAIN - || ret == GNUTLS_E_INTERRUPTED) + if (ret == GNUTLS_E_AGAIN || + ret == GNUTLS_E_INTERRUPTED) goto nb_timeout; - if (ret == GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET) { + if (ret == + GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET) { ret = GNUTLS_E_TIMEDOUT; goto keep_up; } @@ -376,7 +375,7 @@ int _dtls_transmit(gnutls_session_t session) } } - keep_up: + keep_up: gnutls_gettime(&now); } while (ret == GNUTLS_E_TIMEDOUT); @@ -387,18 +386,18 @@ int _dtls_transmit(gnutls_session_t session) ret = 0; - end_flight: +end_flight: _gnutls_dtls_log("DTLS[%p]: End of flight transmission.\n", session); _dtls_reset_hsk_state(session); - cleanup: +cleanup: if (buf != NULL) gnutls_free(buf); /* SENDING -> WAITING state transition */ return ret; - nb_timeout: +nb_timeout: if (buf != NULL) gnutls_free(buf); @@ -481,9 +480,9 @@ void gnutls_dtls_set_mtu(gnutls_session_t session, unsigned int mtu) /* when max is non-zero this function will return the maximum * overhead that this ciphersuite may introduce, e.g., the maximum * amount of padding required */ -unsigned _gnutls_record_overhead(const version_entry_st * ver, - const cipher_entry_st * cipher, - const mac_entry_st * mac, unsigned max) +unsigned _gnutls_record_overhead(const version_entry_st *ver, + const cipher_entry_st *cipher, + const mac_entry_st *mac, unsigned max) { int total = 0; int ret; @@ -518,7 +517,7 @@ unsigned _gnutls_record_overhead(const version_entry_st * ver, exp_iv = _gnutls_cipher_get_explicit_iv_size(cipher); if (max) - total += 2 * exp_iv; /* block == iv size */ + total += 2 * exp_iv; /* block == iv size */ else total += exp_iv + 1; } @@ -657,8 +656,8 @@ unsigned int gnutls_dtls_get_data_mtu(gnutls_session_t session) if (ret < 0) return mtu; - if (params->cipher->type == CIPHER_AEAD - || params->cipher->type == CIPHER_STREAM) + if (params->cipher->type == CIPHER_AEAD || + params->cipher->type == CIPHER_STREAM) return mtu - _gnutls_record_overhead(get_version(session), params->cipher, params->mac, 0); @@ -820,9 +819,9 @@ unsigned int gnutls_dtls_get_timeout(gnutls_session_t session) * * Since: 3.0 **/ -int gnutls_dtls_cookie_send(gnutls_datum_t * key, void *client_data, +int gnutls_dtls_cookie_send(gnutls_datum_t *key, void *client_data, size_t client_data_size, - gnutls_dtls_prestate_st * prestate, + gnutls_dtls_prestate_st *prestate, gnutls_transport_ptr_t ptr, gnutls_push_func push_func) { @@ -833,7 +832,7 @@ int gnutls_dtls_cookie_send(gnutls_datum_t * key, void *client_data, if (key == NULL || key->data == NULL || key->size == 0) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); -/* send + /* send * struct { * ContentType type - 1 byte GNUTLS_HANDSHAKE; * ProtocolVersion version; - 2 bytes (254,255) @@ -893,9 +892,8 @@ int gnutls_dtls_cookie_send(gnutls_datum_t * key, void *client_data, hvr[hvr_size++] = 255; hvr[hvr_size++] = COOKIE_SIZE; - ret = - _gnutls_mac_fast(C_HASH, key->data, key->size, client_data, - client_data_size, digest); + ret = _gnutls_mac_fast(C_HASH, key->data, key->size, client_data, + client_data_size, digest); if (ret < 0) return gnutls_assert_val(ret); @@ -929,10 +927,10 @@ int gnutls_dtls_cookie_send(gnutls_datum_t * key, void *client_data, * * Since: 3.0 **/ -int gnutls_dtls_cookie_verify(gnutls_datum_t * key, - void *client_data, size_t client_data_size, - void *_msg, size_t msg_size, - gnutls_dtls_prestate_st * prestate) +int gnutls_dtls_cookie_verify(gnutls_datum_t *key, void *client_data, + size_t client_data_size, void *_msg, + size_t msg_size, + gnutls_dtls_prestate_st *prestate) { gnutls_datum_t cookie; int ret; @@ -969,24 +967,25 @@ int gnutls_dtls_cookie_verify(gnutls_datum_t * key, cookie.data = &msg[pos]; if (cookie.size != COOKIE_SIZE) { if (cookie.size > 0) - _gnutls_audit_log(NULL, - "Received cookie with illegal size %d. Expected %d\n", - (int)cookie.size, COOKIE_SIZE); + _gnutls_audit_log( + NULL, + "Received cookie with illegal size %d. Expected %d\n", + (int)cookie.size, COOKIE_SIZE); return gnutls_assert_val(GNUTLS_E_BAD_COOKIE); } - ret = - _gnutls_mac_fast(C_HASH, key->data, key->size, client_data, - client_data_size, digest); + ret = _gnutls_mac_fast(C_HASH, key->data, key->size, client_data, + client_data_size, digest); if (ret < 0) return gnutls_assert_val(ret); if (memcmp(digest, cookie.data, COOKIE_MAC_SIZE) != 0) return gnutls_assert_val(GNUTLS_E_BAD_COOKIE); - prestate->record_seq = msg[10]; /* client's record seq */ - prestate->hsk_read_seq = msg[DTLS_RECORD_HEADER_SIZE + 5]; /* client's hsk seq */ - prestate->hsk_write_seq = 0; /* we always send zero for this msg */ + prestate->record_seq = msg[10]; /* client's record seq */ + prestate->hsk_read_seq = + msg[DTLS_RECORD_HEADER_SIZE + 5]; /* client's hsk seq */ + prestate->hsk_write_seq = 0; /* we always send zero for this msg */ return 0; } @@ -1006,7 +1005,7 @@ int gnutls_dtls_cookie_verify(gnutls_datum_t * key, * Since: 3.0 **/ void gnutls_dtls_prestate_set(gnutls_session_t session, - gnutls_dtls_prestate_st * prestate) + gnutls_dtls_prestate_st *prestate) { record_parameters_st *params; int ret; |