12139Sjp161948 /* ssl/d1_lib.c */
22139Sjp161948 /*
32139Sjp161948 * DTLS implementation written by Nagendra Modadugu
42139Sjp161948 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
52139Sjp161948 */
62139Sjp161948 /* ====================================================================
72139Sjp161948 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
82139Sjp161948 *
92139Sjp161948 * Redistribution and use in source and binary forms, with or without
102139Sjp161948 * modification, are permitted provided that the following conditions
112139Sjp161948 * are met:
122139Sjp161948 *
132139Sjp161948 * 1. Redistributions of source code must retain the above copyright
142139Sjp161948 * notice, this list of conditions and the following disclaimer.
152139Sjp161948 *
162139Sjp161948 * 2. Redistributions in binary form must reproduce the above copyright
172139Sjp161948 * notice, this list of conditions and the following disclaimer in
182139Sjp161948 * the documentation and/or other materials provided with the
192139Sjp161948 * distribution.
202139Sjp161948 *
212139Sjp161948 * 3. All advertising materials mentioning features or use of this
222139Sjp161948 * software must display the following acknowledgment:
232139Sjp161948 * "This product includes software developed by the OpenSSL Project
242139Sjp161948 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
252139Sjp161948 *
262139Sjp161948 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
272139Sjp161948 * endorse or promote products derived from this software without
282139Sjp161948 * prior written permission. For written permission, please contact
292139Sjp161948 * openssl-core@OpenSSL.org.
302139Sjp161948 *
312139Sjp161948 * 5. Products derived from this software may not be called "OpenSSL"
322139Sjp161948 * nor may "OpenSSL" appear in their names without prior written
332139Sjp161948 * permission of the OpenSSL Project.
342139Sjp161948 *
352139Sjp161948 * 6. Redistributions of any form whatsoever must retain the following
362139Sjp161948 * acknowledgment:
372139Sjp161948 * "This product includes software developed by the OpenSSL Project
382139Sjp161948 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
392139Sjp161948 *
402139Sjp161948 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
412139Sjp161948 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
422139Sjp161948 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
432139Sjp161948 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
442139Sjp161948 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
452139Sjp161948 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
462139Sjp161948 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
472139Sjp161948 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
482139Sjp161948 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
492139Sjp161948 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
502139Sjp161948 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
512139Sjp161948 * OF THE POSSIBILITY OF SUCH DAMAGE.
522139Sjp161948 * ====================================================================
532139Sjp161948 *
542139Sjp161948 * This product includes cryptographic software written by Eric Young
552139Sjp161948 * (eay@cryptsoft.com). This product includes software written by Tim
562139Sjp161948 * Hudson (tjh@cryptsoft.com).
572139Sjp161948 *
582139Sjp161948 */
592139Sjp161948
602139Sjp161948 #include <stdio.h>
612139Sjp161948 #include <openssl/objects.h>
622139Sjp161948 #include "ssl_locl.h"
632139Sjp161948
64*5434Sjp161948 const char dtls1_version_str[]="DTLSv1" OPENSSL_VERSION_PTEXT;
652139Sjp161948
662139Sjp161948 SSL3_ENC_METHOD DTLSv1_enc_data={
672139Sjp161948 dtls1_enc,
682139Sjp161948 tls1_mac,
692139Sjp161948 tls1_setup_key_block,
702139Sjp161948 tls1_generate_master_secret,
712139Sjp161948 tls1_change_cipher_state,
722139Sjp161948 tls1_final_finish_mac,
732139Sjp161948 TLS1_FINISH_MAC_LENGTH,
742139Sjp161948 tls1_cert_verify_mac,
752139Sjp161948 TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
762139Sjp161948 TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
772139Sjp161948 tls1_alert_code,
782139Sjp161948 };
792139Sjp161948
dtls1_default_timeout(void)802139Sjp161948 long dtls1_default_timeout(void)
812139Sjp161948 {
822139Sjp161948 /* 2 hours, the 24 hours mentioned in the DTLSv1 spec
832139Sjp161948 * is way too long for http, the cache would over fill */
842139Sjp161948 return(60*60*2);
852139Sjp161948 }
862139Sjp161948
IMPLEMENT_dtls1_meth_func(dtlsv1_base_method,ssl_undefined_function,ssl_undefined_function,ssl_bad_method)872139Sjp161948 IMPLEMENT_dtls1_meth_func(dtlsv1_base_method,
882139Sjp161948 ssl_undefined_function,
892139Sjp161948 ssl_undefined_function,
902139Sjp161948 ssl_bad_method)
912139Sjp161948
922139Sjp161948 int dtls1_new(SSL *s)
932139Sjp161948 {
942139Sjp161948 DTLS1_STATE *d1;
952139Sjp161948
962139Sjp161948 if (!ssl3_new(s)) return(0);
972139Sjp161948 if ((d1=OPENSSL_malloc(sizeof *d1)) == NULL) return (0);
982139Sjp161948 memset(d1,0, sizeof *d1);
992139Sjp161948
1002139Sjp161948 /* d1->handshake_epoch=0; */
1012139Sjp161948 #if defined(OPENSSL_SYS_VMS) || defined(VMS_TEST)
1022139Sjp161948 d1->bitmap.length=64;
1032139Sjp161948 #else
1042139Sjp161948 d1->bitmap.length=sizeof(d1->bitmap.map) * 8;
1052139Sjp161948 #endif
1062139Sjp161948 pq_64bit_init(&(d1->bitmap.map));
1072139Sjp161948 pq_64bit_init(&(d1->bitmap.max_seq_num));
1082139Sjp161948
1092139Sjp161948 pq_64bit_init(&(d1->next_bitmap.map));
1102139Sjp161948 pq_64bit_init(&(d1->next_bitmap.max_seq_num));
1112139Sjp161948
1122139Sjp161948 d1->unprocessed_rcds.q=pqueue_new();
1132139Sjp161948 d1->processed_rcds.q=pqueue_new();
1142139Sjp161948 d1->buffered_messages = pqueue_new();
1152139Sjp161948 d1->sent_messages=pqueue_new();
1162139Sjp161948
1172139Sjp161948 if ( s->server)
1182139Sjp161948 {
1192139Sjp161948 d1->cookie_len = sizeof(s->d1->cookie);
1202139Sjp161948 }
1212139Sjp161948
1222139Sjp161948 if( ! d1->unprocessed_rcds.q || ! d1->processed_rcds.q
1232139Sjp161948 || ! d1->buffered_messages || ! d1->sent_messages)
1242139Sjp161948 {
1252139Sjp161948 if ( d1->unprocessed_rcds.q) pqueue_free(d1->unprocessed_rcds.q);
1262139Sjp161948 if ( d1->processed_rcds.q) pqueue_free(d1->processed_rcds.q);
1272139Sjp161948 if ( d1->buffered_messages) pqueue_free(d1->buffered_messages);
1282139Sjp161948 if ( d1->sent_messages) pqueue_free(d1->sent_messages);
1292139Sjp161948 OPENSSL_free(d1);
1302139Sjp161948 return (0);
1312139Sjp161948 }
1322139Sjp161948
1332139Sjp161948 s->d1=d1;
1342139Sjp161948 s->method->ssl_clear(s);
1352139Sjp161948 return(1);
1362139Sjp161948 }
1372139Sjp161948
dtls1_free(SSL * s)1382139Sjp161948 void dtls1_free(SSL *s)
1392139Sjp161948 {
1402139Sjp161948 pitem *item = NULL;
1412139Sjp161948 hm_fragment *frag = NULL;
1422139Sjp161948
1432139Sjp161948 ssl3_free(s);
1442139Sjp161948
1452139Sjp161948 while( (item = pqueue_pop(s->d1->unprocessed_rcds.q)) != NULL)
1462139Sjp161948 {
1472139Sjp161948 OPENSSL_free(item->data);
1482139Sjp161948 pitem_free(item);
1492139Sjp161948 }
1502139Sjp161948 pqueue_free(s->d1->unprocessed_rcds.q);
1512139Sjp161948
1522139Sjp161948 while( (item = pqueue_pop(s->d1->processed_rcds.q)) != NULL)
1532139Sjp161948 {
1542139Sjp161948 OPENSSL_free(item->data);
1552139Sjp161948 pitem_free(item);
1562139Sjp161948 }
1572139Sjp161948 pqueue_free(s->d1->processed_rcds.q);
1582139Sjp161948
1592139Sjp161948 while( (item = pqueue_pop(s->d1->buffered_messages)) != NULL)
1602139Sjp161948 {
1612139Sjp161948 frag = (hm_fragment *)item->data;
1622139Sjp161948 OPENSSL_free(frag->fragment);
1632139Sjp161948 OPENSSL_free(frag);
1642139Sjp161948 pitem_free(item);
1652139Sjp161948 }
1662139Sjp161948 pqueue_free(s->d1->buffered_messages);
1672139Sjp161948
1682139Sjp161948 while ( (item = pqueue_pop(s->d1->sent_messages)) != NULL)
1692139Sjp161948 {
1702139Sjp161948 frag = (hm_fragment *)item->data;
1712139Sjp161948 OPENSSL_free(frag->fragment);
1722139Sjp161948 OPENSSL_free(frag);
1732139Sjp161948 pitem_free(item);
1742139Sjp161948 }
1752139Sjp161948 pqueue_free(s->d1->sent_messages);
1762139Sjp161948
1772139Sjp161948 pq_64bit_free(&(s->d1->bitmap.map));
1782139Sjp161948 pq_64bit_free(&(s->d1->bitmap.max_seq_num));
1792139Sjp161948
1802139Sjp161948 pq_64bit_free(&(s->d1->next_bitmap.map));
1812139Sjp161948 pq_64bit_free(&(s->d1->next_bitmap.max_seq_num));
1822139Sjp161948
1832139Sjp161948 OPENSSL_free(s->d1);
1842139Sjp161948 }
1852139Sjp161948
dtls1_clear(SSL * s)1862139Sjp161948 void dtls1_clear(SSL *s)
1872139Sjp161948 {
1882139Sjp161948 ssl3_clear(s);
1892139Sjp161948 s->version=DTLS1_VERSION;
1902139Sjp161948 }
191*5434Sjp161948
192*5434Sjp161948 /*
193*5434Sjp161948 * As it's impossible to use stream ciphers in "datagram" mode, this
194*5434Sjp161948 * simple filter is designed to disengage them in DTLS. Unfortunately
195*5434Sjp161948 * there is no universal way to identify stream SSL_CIPHER, so we have
196*5434Sjp161948 * to explicitly list their SSL_* codes. Currently RC4 is the only one
197*5434Sjp161948 * available, but if new ones emerge, they will have to be added...
198*5434Sjp161948 */
dtls1_get_cipher(unsigned int u)199*5434Sjp161948 SSL_CIPHER *dtls1_get_cipher(unsigned int u)
200*5434Sjp161948 {
201*5434Sjp161948 SSL_CIPHER *ciph = ssl3_get_cipher(u);
202*5434Sjp161948
203*5434Sjp161948 if (ciph != NULL)
204*5434Sjp161948 {
205*5434Sjp161948 if ((ciph->algorithms&SSL_ENC_MASK) == SSL_RC4)
206*5434Sjp161948 return NULL;
207*5434Sjp161948 }
208*5434Sjp161948
209*5434Sjp161948 return ciph;
210*5434Sjp161948 }
211