Gitiles
Code Review Sign In
gerrit.openfyde.cn / boringssl.googlesource.com / boringssl / 29a83c5a0c9a71670ddfeef6a2a68b666338e9ff / . / ssl / d1_lib.c
blob: 6e05695e0295b5c9277bd586b650869f9691838c [file] [log] [blame]
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1/*
2 * DTLS implementation written by Nagendra Modadugu
3 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com). */
56
David Benjamin9e4e01e2015-09-15 01:48:04 -0400[diff] [blame]57#include <openssl/ssl.h>
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]58
David Benjaminb5eb1952016-06-17 18:44:38 -0400[diff] [blame]59#include <assert.h>
David Benjamin80cee912015-01-11 19:36:58 -0500[diff] [blame]60#include <limits.h>
David Benjaminf0ae1702015-04-07 23:05:04 -0400[diff] [blame]61#include <string.h>
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]62
David Benjamin9e4e01e2015-09-15 01:48:04 -0400[diff] [blame]63#include <openssl/err.h>
64#include <openssl/mem.h>
David Benjamin98193672016-03-25 18:07:11 -0400[diff] [blame]65#include <openssl/nid.h>
David Benjamin9e4e01e2015-09-15 01:48:04 -0400[diff] [blame]66
67#include "internal.h"
68
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]69#if defined(OPENSSL_WINDOWS)
70#include <sys/timeb.h>
71#else
72#include <sys/socket.h>
Adam Langleyded93582014-07-31 15:23:51 -0700[diff] [blame]73#include <sys/time.h>
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]74#endif
75
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]76
David Benjamine33b9b02015-01-26 01:27:22 -0500[diff] [blame]77/* DTLS1_MTU_TIMEOUTS is the maximum number of timeouts to expire
78 * before starting to decrease the MTU. */
79#define DTLS1_MTU_TIMEOUTS 2
80
81/* DTLS1_MAX_TIMEOUTS is the maximum number of timeouts to expire
82 * before failing the DTLS handshake. */
83#define DTLS1_MAX_TIMEOUTS 12
84
David Benjamin4d2e7ce2015-05-08 13:29:45 -0400[diff] [blame]85static void get_current_time(const SSL *ssl, struct timeval *out_clock);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]86
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]87int dtls1_new(SSL *ssl) {
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]88 DTLS1_STATE *d1;
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]89
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]90 if (!ssl3_new(ssl)) {
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]91 return 0;
92 }
93 d1 = OPENSSL_malloc(sizeof *d1);
94 if (d1 == NULL) {
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]95 ssl3_free(ssl);
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]96 return 0;
97 }
98 memset(d1, 0, sizeof *d1);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]99
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]100 d1->buffered_messages = pqueue_new();
David Benjamin29a83c52016-06-17 19:12:54 -0400[diff] [blame^]101 if (d1->buffered_messages == NULL) {
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]102 OPENSSL_free(d1);
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]103 ssl3_free(ssl);
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]104 return 0;
105 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]106
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]107 ssl->d1 = d1;
David Benjamin62fd1622015-01-11 13:30:01 -0500[diff] [blame]108
David Benjaminb83003e2015-12-30 17:39:26 -0500[diff] [blame]109 /* Set the version to the highest supported version.
David Benjamin62fd1622015-01-11 13:30:01 -0500[diff] [blame]110 *
David Benjaminb83003e2015-12-30 17:39:26 -0500[diff] [blame]111 * TODO(davidben): Move this field into |s3|, have it store the normalized
112 * protocol version, and implement this pre-negotiation quirk in |SSL_version|
113 * at the API boundary rather than in internal state. */
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]114 ssl->version = DTLS1_2_VERSION;
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]115 return 1;
116}
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]117
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]118static void dtls1_clear_queues(SSL *ssl) {
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]119 pitem *item = NULL;
120 hm_fragment *frag = NULL;
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]121
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]122 while ((item = pqueue_pop(ssl->d1->buffered_messages)) != NULL) {
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]123 frag = (hm_fragment *)item->data;
124 dtls1_hm_fragment_free(frag);
125 pitem_free(item);
126 }
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]127}
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]128
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]129void dtls1_free(SSL *ssl) {
130 ssl3_free(ssl);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]131
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]132 if (ssl == NULL || ssl->d1 == NULL) {
David Benjamin62fd1622015-01-11 13:30:01 -0500[diff] [blame]133 return;
134 }
135
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]136 dtls1_clear_queues(ssl);
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]137 pqueue_free(ssl->d1->buffered_messages);
David Benjamin29a83c52016-06-17 19:12:54 -0400[diff] [blame^]138
139 dtls_clear_outgoing_messages(ssl);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]140
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]141 OPENSSL_free(ssl->d1);
142 ssl->d1 = NULL;
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]143}
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]144
David Benjamina1c90a52015-05-30 17:03:14 -0400[diff] [blame]145int dtls1_supports_cipher(const SSL_CIPHER *cipher) {
Matt Braithwaiteaf096752015-09-02 19:48:16 -0700[diff] [blame]146 /* DTLS does not support stream ciphers. The NULL cipher is rejected because
147 * it's not needed. */
148 return cipher->algorithm_enc != SSL_RC4 && cipher->algorithm_enc != SSL_eNULL;
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]149}
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]150
Taylor Brandstetter376a0fe2016-05-10 19:30:28 -0700[diff] [blame]151void DTLSv1_set_initial_timeout_duration(SSL *ssl, unsigned int duration_ms) {
152 ssl->initial_timeout_duration_ms = duration_ms;
153}
154
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]155void dtls1_start_timer(SSL *ssl) {
Taylor Brandstetter376a0fe2016-05-10 19:30:28 -0700[diff] [blame]156 /* If timer is not set, initialize duration (by default, 1 second) */
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]157 if (ssl->d1->next_timeout.tv_sec == 0 && ssl->d1->next_timeout.tv_usec == 0) {
Taylor Brandstetter376a0fe2016-05-10 19:30:28 -0700[diff] [blame]158 ssl->d1->timeout_duration_ms = ssl->initial_timeout_duration_ms;
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]159 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]160
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]161 /* Set timeout to current time */
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]162 get_current_time(ssl, &ssl->d1->next_timeout);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]163
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]164 /* Add duration to current time */
Taylor Brandstetter376a0fe2016-05-10 19:30:28 -0700[diff] [blame]165 ssl->d1->next_timeout.tv_sec += ssl->d1->timeout_duration_ms / 1000;
166 ssl->d1->next_timeout.tv_usec += (ssl->d1->timeout_duration_ms % 1000) * 1000;
167 if (ssl->d1->next_timeout.tv_usec >= 1000000) {
168 ssl->d1->next_timeout.tv_sec++;
169 ssl->d1->next_timeout.tv_usec -= 1000000;
170 }
David Benjamin2f871122016-05-20 14:27:17 -0400[diff] [blame]171 BIO_ctrl(ssl->rbio, BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]172 &ssl->d1->next_timeout);
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]173}
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]174
David Benjamin4d2e7ce2015-05-08 13:29:45 -0400[diff] [blame]175int DTLSv1_get_timeout(const SSL *ssl, struct timeval *out) {
David Benjamin8c249802015-05-05 09:44:18 -0400[diff] [blame]176 if (!SSL_IS_DTLS(ssl)) {
177 return 0;
178 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]179
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]180 /* If no timeout is set, just return NULL */
David Benjamin8c249802015-05-05 09:44:18 -0400[diff] [blame]181 if (ssl->d1->next_timeout.tv_sec == 0 && ssl->d1->next_timeout.tv_usec == 0) {
182 return 0;
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]183 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]184
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]185 /* Get current time */
David Benjamin4d2e7ce2015-05-08 13:29:45 -0400[diff] [blame]186 struct timeval timenow;
David Benjamin8c249802015-05-05 09:44:18 -0400[diff] [blame]187 get_current_time(ssl, &timenow);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]188
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]189 /* If timer already expired, set remaining time to 0 */
David Benjamin8c249802015-05-05 09:44:18 -0400[diff] [blame]190 if (ssl->d1->next_timeout.tv_sec < timenow.tv_sec ||
191 (ssl->d1->next_timeout.tv_sec == timenow.tv_sec &&
192 ssl->d1->next_timeout.tv_usec <= timenow.tv_usec)) {
David Benjamin4d2e7ce2015-05-08 13:29:45 -0400[diff] [blame]193 memset(out, 0, sizeof(struct timeval));
David Benjamin8c249802015-05-05 09:44:18 -0400[diff] [blame]194 return 1;
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]195 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]196
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]197 /* Calculate time left until timer expires */
David Benjamin4d2e7ce2015-05-08 13:29:45 -0400[diff] [blame]198 memcpy(out, &ssl->d1->next_timeout, sizeof(struct timeval));
David Benjamin8c249802015-05-05 09:44:18 -0400[diff] [blame]199 out->tv_sec -= timenow.tv_sec;
200 out->tv_usec -= timenow.tv_usec;
201 if (out->tv_usec < 0) {
202 out->tv_sec--;
203 out->tv_usec += 1000000;
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]204 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]205
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]206 /* If remaining time is less than 15 ms, set it to 0 to prevent issues
207 * because of small devergences with socket timeouts. */
David Benjamin8c249802015-05-05 09:44:18 -0400[diff] [blame]208 if (out->tv_sec == 0 && out->tv_usec < 15000) {
David Benjamin4d2e7ce2015-05-08 13:29:45 -0400[diff] [blame]209 memset(out, 0, sizeof(struct timeval));
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]210 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]211
David Benjamin8c249802015-05-05 09:44:18 -0400[diff] [blame]212 return 1;
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]213}
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]214
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]215int dtls1_is_timer_expired(SSL *ssl) {
David Benjamin4d2e7ce2015-05-08 13:29:45 -0400[diff] [blame]216 struct timeval timeleft;
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]217
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]218 /* Get time left until timeout, return false if no timer running */
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]219 if (!DTLSv1_get_timeout(ssl, &timeleft)) {
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]220 return 0;
221 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]222
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]223 /* Return false if timer is not expired yet */
224 if (timeleft.tv_sec > 0 || timeleft.tv_usec > 0) {
225 return 0;
226 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]227
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]228 /* Timer expired, so return true */
229 return 1;
230}
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]231
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]232void dtls1_double_timeout(SSL *ssl) {
Taylor Brandstetter376a0fe2016-05-10 19:30:28 -0700[diff] [blame]233 ssl->d1->timeout_duration_ms *= 2;
234 if (ssl->d1->timeout_duration_ms > 60000) {
235 ssl->d1->timeout_duration_ms = 60000;
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]236 }
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]237 dtls1_start_timer(ssl);
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]238}
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]239
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]240void dtls1_stop_timer(SSL *ssl) {
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]241 /* Reset everything */
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]242 ssl->d1->num_timeouts = 0;
243 memset(&ssl->d1->next_timeout, 0, sizeof(struct timeval));
Taylor Brandstetter376a0fe2016-05-10 19:30:28 -0700[diff] [blame]244 ssl->d1->timeout_duration_ms = ssl->initial_timeout_duration_ms;
David Benjamin2f871122016-05-20 14:27:17 -0400[diff] [blame]245 BIO_ctrl(ssl->rbio, BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0,
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]246 &ssl->d1->next_timeout);
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]247 /* Clear retransmission buffer */
David Benjamin29a83c52016-06-17 19:12:54 -0400[diff] [blame^]248 dtls_clear_outgoing_messages(ssl);
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]249}
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]250
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]251int dtls1_check_timeout_num(SSL *ssl) {
252 ssl->d1->num_timeouts++;
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]253
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]254 /* Reduce MTU after 2 unsuccessful retransmissions */
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]255 if (ssl->d1->num_timeouts > DTLS1_MTU_TIMEOUTS &&
256 !(SSL_get_options(ssl) & SSL_OP_NO_QUERY_MTU)) {
David Benjamin2f871122016-05-20 14:27:17 -0400[diff] [blame]257 long mtu = BIO_ctrl(ssl->wbio, BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0, NULL);
David Benjamin80cee912015-01-11 19:36:58 -0500[diff] [blame]258 if (mtu >= 0 && mtu <= (1 << 30) && (unsigned)mtu >= dtls1_min_mtu()) {
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]259 ssl->d1->mtu = (unsigned)mtu;
David Benjamin80cee912015-01-11 19:36:58 -0500[diff] [blame]260 }
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]261 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]262
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]263 if (ssl->d1->num_timeouts > DTLS1_MAX_TIMEOUTS) {
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]264 /* fail the connection, enough alerts have been sent */
David Benjamin3570d732015-06-29 00:28:17 -0400[diff] [blame]265 OPENSSL_PUT_ERROR(SSL, SSL_R_READ_TIMEOUT_EXPIRED);
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]266 return -1;
267 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]268
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]269 return 0;
270}
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]271
David Benjamin8c249802015-05-05 09:44:18 -0400[diff] [blame]272int DTLSv1_handle_timeout(SSL *ssl) {
David Benjamin4c5ddb82016-03-11 22:56:19 -0500[diff] [blame]273 ssl->rwstate = SSL_NOTHING;
David Benjamin15c14882016-03-14 14:25:46 -0400[diff] [blame]274 /* Functions which use SSL_get_error must clear the error queue on entry. */
275 ERR_clear_error();
276
David Benjamin8c249802015-05-05 09:44:18 -0400[diff] [blame]277 if (!SSL_IS_DTLS(ssl)) {
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]278 return -1;
279 }
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]280
David Benjamin8c249802015-05-05 09:44:18 -0400[diff] [blame]281 /* if no timer is expired, don't do anything */
282 if (!dtls1_is_timer_expired(ssl)) {
283 return 0;
284 }
285
286 dtls1_double_timeout(ssl);
287
288 if (dtls1_check_timeout_num(ssl) < 0) {
289 return -1;
290 }
291
292 dtls1_start_timer(ssl);
293 return dtls1_retransmit_buffered_messages(ssl);
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]294}
295
David Benjamin4d2e7ce2015-05-08 13:29:45 -0400[diff] [blame]296static void get_current_time(const SSL *ssl, struct timeval *out_clock) {
David Benjamin377fc312015-01-26 00:22:12 -0500[diff] [blame]297 if (ssl->ctx->current_time_cb != NULL) {
298 ssl->ctx->current_time_cb(ssl, out_clock);
299 return;
300 }
301
Adam Langleyded93582014-07-31 15:23:51 -0700[diff] [blame]302#if defined(OPENSSL_WINDOWS)
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]303 struct _timeb time;
304 _ftime(&time);
David Benjamin377fc312015-01-26 00:22:12 -0500[diff] [blame]305 out_clock->tv_sec = time.time;
306 out_clock->tv_usec = time.millitm * 1000;
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]307#else
David Benjamin377fc312015-01-26 00:22:12 -0500[diff] [blame]308 gettimeofday(out_clock, NULL);
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]309#endif
310}
311
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]312int dtls1_set_handshake_header(SSL *ssl, int htype, unsigned long len) {
313 uint8_t *message = (uint8_t *)ssl->init_buf->data;
David Benjamine4824e82014-12-14 19:44:34 -0500[diff] [blame]314
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]315 ssl->d1->handshake_write_seq = ssl->d1->next_handshake_write_seq;
316 ssl->d1->next_handshake_write_seq++;
David Benjamin16d031a2014-12-14 18:52:44 -0500[diff] [blame]317
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]318 ssl->init_num = (int)len + DTLS1_HM_HEADER_LENGTH;
319 ssl->init_off = 0;
David Benjamin16d031a2014-12-14 18:52:44 -0500[diff] [blame]320
David Benjaminb5eb1952016-06-17 18:44:38 -0400[diff] [blame]321 /* Serialize the message header as if it were a single fragment. */
322 uint8_t *p = message;
David Benjamin29a83c52016-06-17 19:12:54 -0400[diff] [blame^]323 *p++ = htype;
324 l2n3(len, p);
325 s2n(ssl->d1->handshake_write_seq, p);
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]326 l2n3(0, p);
David Benjamin29a83c52016-06-17 19:12:54 -0400[diff] [blame^]327 l2n3(len, p);
David Benjaminb5eb1952016-06-17 18:44:38 -0400[diff] [blame]328 assert(p == message + DTLS1_HM_HEADER_LENGTH);
329
330 /* Buffer the message to handle re-xmits. */
331 dtls1_buffer_message(ssl);
332
333 return ssl3_update_handshake_hash(ssl, message, ssl->init_num);
David Benjamine4824e82014-12-14 19:44:34 -0500[diff] [blame]334}
335
David Benjamin0d56f882015-12-19 17:05:56 -0500[diff] [blame]336int dtls1_handshake_write(SSL *ssl) {
David Benjaminb5eb1952016-06-17 18:44:38 -0400[diff] [blame]337 size_t offset = ssl->init_off;
338 int ret = dtls1_do_handshake_write(
339 ssl, &offset, (const uint8_t *)ssl->init_buf->data, offset, ssl->init_num,
340 dtls1_use_current_epoch);
341 ssl->init_off = offset;
342 return ret;
Adam Langley71d8a082014-12-13 16:28:18 -0800[diff] [blame]343}
David Benjaminaa7734b2016-06-07 16:40:46 -0400[diff] [blame]344
345void dtls1_expect_flight(SSL *ssl) {
346 dtls1_start_timer(ssl);
347}
348
349void dtls1_received_flight(SSL *ssl) {
350 dtls1_stop_timer(ssl);
351}