statem_dtls.c

Line

Source

Count

1

/*

-

2

-

3

*

-

4

* Licensed under the OpenSSL license (the "License"). You may not use

-

5

* this file except in compliance with the License. You can obtain a copy

-

6

* in the file LICENSE in the source distribution or at

-

7

* https://www.openssl.org/source/license.html

-

8

*/

-

9

-

10

#include <limits.h>

-

11

#include <string.h>

-

12

#include <stdio.h>

-

13

#include "../ssl_locl.h"

-

14

#include "statem_locl.h"

-

15

#include "internal/cryptlib.h"

-

16

#include <openssl/buffer.h>

-

17

#include <openssl/objects.h>

-

18

#include <openssl/evp.h>

-

19

#include <openssl/x509.h>

-

20

-

21

#define RSMBLY_BITMASK_SIZE(msg_len) (((msg_len) + 7) / 8)

-

22

-

23

#define RSMBLY_BITMASK_MARK(bitmask, start, end) { \

-

24

if ((end) - (start) <= 8) { \

-

25

long ii; \

-

26

for (ii = (start); ii < (end); ii++) bitmask[((ii) >> 3)] |= (1 << ((ii) & 7)); \

-

27

} else { \

-

28

long ii; \

-

29

bitmask[((start) >> 3)] |= bitmask_start_values[((start) & 7)]; \

-

30

for (ii = (((start) >> 3) + 1); ii < ((((end) - 1)) >> 3); ii++) bitmask[ii] = 0xff; \

-

31

bitmask[(((end) - 1) >> 3)] |= bitmask_end_values[((end) & 7)]; \

-

32

} }

-

33

-

34

#define RSMBLY_BITMASK_IS_COMPLETE(bitmask, msg_len, is_complete) { \

-

35

long ii; \

-

36

is_complete = 1; \

-

37

if (bitmask[(((msg_len) - 1) >> 3)] != bitmask_end_values[((msg_len) & 7)]) is_complete = 0; \

-

38

if (is_complete) for (ii = (((msg_len) - 1) >> 3) - 1; ii >= 0 ; ii--) \

-

39

if (bitmask[ii] != 0xff) { is_complete = 0; break; } }

-

40

-

41

static unsigned char bitmask_start_values[] =

-

42

{ 0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe0, 0xc0, 0x80 };

-

43

static unsigned char bitmask_end_values[] =

-

44

{ 0xff, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f };

-

45

-

46

static void dtls1_fix_message_header(SSL *s, size_t frag_off,

-

47

size_t frag_len);

-

48

static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p);

-

49

static void dtls1_set_message_header_int(SSL *s, unsigned char mt,

-

50

size_t len,

-

51

unsigned short seq_num,

-

52

size_t frag_off,

-

53

size_t frag_len);

-

54

static int dtls_get_reassembled_message(SSL *s, int *errtype, size_t *len);

-

55

-

56

static hm_fragment *dtls1_hm_fragment_new(size_t frag_len, int reassembly)

-

57

{

-

58

hm_fragment *frag = NULL;

-

59

unsigned char *buf = NULL;

-

60

unsigned char *bitmask = NULL;

-

61

-

62

if ((frag = OPENSSL_malloc(sizeof(*frag))) == NULL) {

(frag = CRYPTO...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2234 times by 1 test Evaluated by: libssl.so.1.1

0-2234

63

SSLerr(SSL_F_DTLS1_HM_FRAGMENT_NEW, ERR_R_MALLOC_FAILURE);

-

64

return NULL;

never executed: return ((void *)0) ;

0

65

}

-

66

-

67

if (frag_len) {

frag_len	Description
TRUE	evaluated 2225 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

9-2225

68

if ((buf = OPENSSL_malloc(frag_len)) == NULL) {

(buf = CRYPTO_...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2225 times by 1 test Evaluated by: libssl.so.1.1

0-2225

69

SSLerr(SSL_F_DTLS1_HM_FRAGMENT_NEW, ERR_R_MALLOC_FAILURE);

-

70

OPENSSL_free(frag);

-

71

return NULL;

never executed: return ((void *)0) ;

0

72

}

-

73

}

executed 2225 times by 1 test: end of block

Executed by:

libssl.so.1.1

2225

74

-

75

/* zero length fragment gets zero frag->fragment */

-

76

frag->fragment = buf;

-

77

-

78

/* Initialize reassembly bitmask if necessary */

-

79

if (reassembly) {

reassembly	Description
TRUE	evaluated 334 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1900 times by 1 test Evaluated by: libssl.so.1.1

334-1900

80

bitmask = OPENSSL_zalloc(RSMBLY_BITMASK_SIZE(frag_len));

-

81

if (bitmask == NULL) {

bitmask == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 334 times by 1 test Evaluated by: libssl.so.1.1

0-334

82

SSLerr(SSL_F_DTLS1_HM_FRAGMENT_NEW, ERR_R_MALLOC_FAILURE);

-

83

OPENSSL_free(buf);

-

84

OPENSSL_free(frag);

-

85

return NULL;

never executed: return ((void *)0) ;

0

86

}

-

87

}

executed 334 times by 1 test: end of block

Executed by:

libssl.so.1.1

334

88

-

89

frag->reassembly = bitmask;

-

90

-

91

return frag;

executed 2234 times by 1 test: return frag;

Executed by:

libssl.so.1.1

2234

92

}

-

93

-

94

void dtls1_hm_fragment_free(hm_fragment *frag)

-

95

{

-

96

if (!frag)

!frag	Description
TRUE	never evaluated
FALSE	evaluated 2234 times by 1 test Evaluated by: libssl.so.1.1

0-2234

97

return;

never executed: return;

0

98

if (frag->msg_header.is_ccs) {

frag->msg_header.is_ccs	Description
TRUE	evaluated 359 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1875 times by 1 test Evaluated by: libssl.so.1.1

359-1875

99

EVP_CIPHER_CTX_free(frag->msg_header.

-

100

saved_retransmit_state.enc_write_ctx);

-

101

EVP_MD_CTX_free(frag->msg_header.saved_retransmit_state.write_hash);

-

102

}

executed 359 times by 1 test: end of block

Executed by:

libssl.so.1.1

359

103

OPENSSL_free(frag->fragment);

-

104

OPENSSL_free(frag->reassembly);

-

105

OPENSSL_free(frag);

-

106

}

executed 2234 times by 1 test: end of block

Executed by:

libssl.so.1.1

2234

107

-

108

/*

-

109

* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or

-

110

* SSL3_RT_CHANGE_CIPHER_SPEC)

-

111

*/

-

112

int dtls1_do_write(SSL *s, int type)

-

113

{

-

114

int ret;

-

115

size_t written;

-

116

size_t curr_mtu;

-

117

int retry = 1;

-

118

size_t len, frag_off, mac_size, blocksize, used_len;

-

119

-

120

if (!dtls1_query_mtu(s))

!dtls1_query_mtu(s)	Description
TRUE	never evaluated
FALSE	evaluated 2013 times by 1 test Evaluated by: libssl.so.1.1

0-2013

121

return -1;

never executed: return -1;

0

122

-

123

if (s->d1->mtu < dtls1_min_mtu(s))

s->d1->mtu < dtls1_min_mtu(s)	Description
TRUE	never evaluated
FALSE	evaluated 2013 times by 1 test Evaluated by: libssl.so.1.1

0-2013

124

/* should have something reasonable now */

-

125

return -1;

never executed: return -1;

0

126

-

127

if (s->init_off == 0 && type == SSL3_RT_HANDSHAKE) {

s->init_off == 0	Description
TRUE	evaluated 2013 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

type == 22	Description
TRUE	evaluated 1634 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 379 times by 1 test Evaluated by: libssl.so.1.1

0-2013

128

if (!ossl_assert(s->init_num ==

!((s->init_num...en + 12) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 1634 times by 1 test Evaluated by: libssl.so.1.1

0-1634

129

s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH))

-

130

return -1;

never executed: return -1;

0

131

}

executed 1634 times by 1 test: end of block

Executed by:

libssl.so.1.1

1634

132

-

133

if (s->write_hash) {

s->write_hash	Description
TRUE	evaluated 452 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1561 times by 1 test Evaluated by: libssl.so.1.1

452-1561

134

if (s->enc_write_ctx

s->enc_write_ctx	Description
TRUE	evaluated 452 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-452

135

&& (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(s->enc_write_ctx)) &

(EVP_CIPHER_fl...0x200000) != 0	Description
TRUE	evaluated 307 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 145 times by 1 test Evaluated by: libssl.so.1.1

145-307

136

EVP_CIPH_FLAG_AEAD_CIPHER) != 0)

(EVP_CIPHER_fl...0x200000) != 0	Description
TRUE	evaluated 307 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 145 times by 1 test Evaluated by: libssl.so.1.1

145-307

137

mac_size = 0;

executed 307 times by 1 test: mac_size = 0;

Executed by:

libssl.so.1.1

307

138

else

-

139

mac_size = EVP_MD_CTX_size(s->write_hash);

executed 145 times by 1 test: mac_size = EVP_MD_size(EVP_MD_CTX_md(s->write_hash));

Executed by:

libssl.so.1.1

145

140

} else

-

141

mac_size = 0;

executed 1561 times by 1 test: mac_size = 0;

Executed by:

libssl.so.1.1

1561

142

-

143

if (s->enc_write_ctx &&

s->enc_write_ctx	Description
TRUE	evaluated 452 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1561 times by 1 test Evaluated by: libssl.so.1.1

452-1561

144

(EVP_CIPHER_CTX_mode(s->enc_write_ctx) == EVP_CIPH_CBC_MODE))

((EVP_CIPHER_f...F0007) == 0x2)	Description
TRUE	evaluated 133 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 319 times by 1 test Evaluated by: libssl.so.1.1

133-319

145

blocksize = 2 * EVP_CIPHER_CTX_block_size(s->enc_write_ctx);

executed 133 times by 1 test: blocksize = 2 * EVP_CIPHER_CTX_block_size(s->enc_write_ctx);

Executed by:

libssl.so.1.1

133

146

else

-

147

blocksize = 0;

executed 1880 times by 1 test: blocksize = 0;

Executed by:

libssl.so.1.1

1880

148

-

149

frag_off = 0;

-

150

s->rwstate = SSL_NOTHING;

-

151

-

152

/* s->init_num shouldn't ever be < 0...but just in case */

-

153

while (s->init_num > 0) {

s->init_num > 0	Description
TRUE	evaluated 3030 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-3030

154

if (type == SSL3_RT_HANDSHAKE && s->init_off != 0) {

type == 22	Description
TRUE	evaluated 2651 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 379 times by 1 test Evaluated by: libssl.so.1.1

s->init_off != 0	Description
TRUE	evaluated 1017 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1634 times by 1 test Evaluated by: libssl.so.1.1

379-2651

155

/* We must be writing a fragment other than the first one */

-

156

-

157

if (frag_off > 0) {

frag_off > 0	Description
TRUE	evaluated 1017 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1017

158

/* This is the first attempt at writing out this fragment */

-

159

-

160

if (s->init_off <= DTLS1_HM_HEADER_LENGTH) {

s->init_off <= 12	Description
TRUE	never evaluated
FALSE	evaluated 1017 times by 1 test Evaluated by: libssl.so.1.1

0-1017

161

/*

-

162

* Each fragment that was already sent must at least have

-

163

* contained the message header plus one other byte.

-

164

* Therefore |init_off| must have progressed by at least

-

165

* |DTLS1_HM_HEADER_LENGTH + 1| bytes. If not something went

-

166

* wrong.

-

167

*/

-

168

return -1;

never executed: return -1;

0

169

}

-

170

-

171

/*

-

172

* Adjust |init_off| and |init_num| to allow room for a new

-

173

* message header for this fragment.

-

174

*/

-

175

s->init_off -= DTLS1_HM_HEADER_LENGTH;

-

176

s->init_num += DTLS1_HM_HEADER_LENGTH;

-

177

} else {

executed 1017 times by 1 test: end of block

Executed by:

libssl.so.1.1

1017

178

/*

-

179

* We must have been called again after a retry so use the

-

180

* fragment offset from our last attempt. We do not need

-

181

* to adjust |init_off| and |init_num| as above, because

-

182

* that should already have been done before the retry.

-

183

*/

-

184

frag_off = s->d1->w_msg_hdr.frag_off;

-

185

}

never executed: end of block

0

186

}

-

187

-

188

used_len = BIO_wpending(s->wbio) + DTLS1_RT_HEADER_LENGTH

-

189

+ mac_size + blocksize;

-

190

if (s->d1->mtu > used_len)

s->d1->mtu > used_len	Description
TRUE	evaluated 1962 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1068 times by 1 test Evaluated by: libssl.so.1.1

1068-1962

191

curr_mtu = s->d1->mtu - used_len;

executed 1962 times by 1 test: curr_mtu = s->d1->mtu - used_len;

Executed by:

libssl.so.1.1

1962

192

else

-

193

curr_mtu = 0;

executed 1068 times by 1 test: curr_mtu = 0;

Executed by:

libssl.so.1.1

1068

194

-

195

if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) {

curr_mtu <= 12	Description
TRUE	evaluated 1162 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1868 times by 1 test Evaluated by: libssl.so.1.1

1162-1868

196

/*

-

197

* grr.. we could get an error if MTU picked was wrong

-

198

*/

-

199

ret = BIO_flush(s->wbio);

-

200

if (ret <= 0) {

ret <= 0	Description
TRUE	never evaluated
FALSE	evaluated 1162 times by 1 test Evaluated by: libssl.so.1.1

0-1162

201

s->rwstate = SSL_WRITING;

-

202

return ret;

never executed: return ret;

0

203

}

-

204

used_len = DTLS1_RT_HEADER_LENGTH + mac_size + blocksize;

-

205

if (s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH) {

s->d1->mtu > used_len + 12	Description
TRUE	evaluated 1162 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1162

206

curr_mtu = s->d1->mtu - used_len;

-

207

} else {

executed 1162 times by 1 test: end of block

Executed by:

libssl.so.1.1

1162

208

/* Shouldn't happen */

-

209

return -1;

never executed: return -1;

0

210

}

-

211

}

-

212

-

213

/*

-

214

* We just checked that s->init_num > 0 so this cast should be safe

-

215

*/

-

216

if (((unsigned int)s->init_num) > curr_mtu)

((unsigned int...um) > curr_mtu	Description
TRUE	evaluated 1017 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2013 times by 1 test Evaluated by: libssl.so.1.1

1017-2013

217

len = curr_mtu;

executed 1017 times by 1 test: len = curr_mtu;

Executed by:

libssl.so.1.1

1017

218

else

-

219

len = s->init_num;

executed 2013 times by 1 test: len = s->init_num;

Executed by:

libssl.so.1.1

2013

220

-

221

if (len > s->max_send_fragment)

len > s->max_send_fragment	Description
TRUE	never evaluated
FALSE	evaluated 3030 times by 1 test Evaluated by: libssl.so.1.1

0-3030

222

len = s->max_send_fragment;

never executed: len = s->max_send_fragment;

0

223

-

224

/*

-

225

* XDTLS: this function is too long. split out the CCS part

-

226

*/

-

227

if (type == SSL3_RT_HANDSHAKE) {

type == 22	Description
TRUE	evaluated 2651 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 379 times by 1 test Evaluated by: libssl.so.1.1

379-2651

228

if (len < DTLS1_HM_HEADER_LENGTH) {

len < 12	Description
TRUE	never evaluated
FALSE	evaluated 2651 times by 1 test Evaluated by: libssl.so.1.1

0-2651

229

/*

-

230

* len is so small that we really can't do anything sensible

-

231

* so fail

-

232

*/

-

233

return -1;

never executed: return -1;

0

234

}

-

235

dtls1_fix_message_header(s, frag_off, len - DTLS1_HM_HEADER_LENGTH);

-

236

-

237

dtls1_write_message_header(s,

-

238

(unsigned char *)&s->init_buf->

-

239

data[s->init_off]);

-

240

}

executed 2651 times by 1 test: end of block

Executed by:

libssl.so.1.1

2651

241

-

242

ret = dtls1_write_bytes(s, type, &s->init_buf->data[s->init_off], len,

-

243

&written);

-

244

if (ret < 0) {

ret < 0	Description
TRUE	never evaluated
FALSE	evaluated 3030 times by 1 test Evaluated by: libssl.so.1.1

0-3030

245

/*

-

246

* might need to update MTU here, but we don't know which

-

247

* previous packet caused the failure -- so can't really

-

248

* retransmit anything. continue as if everything is fine and

-

249

* wait for an alert to handle the retransmit

-

250

*/

-

251

if (retry && BIO_ctrl(SSL_get_wbio(s),

retry	Description
TRUE	never evaluated
FALSE	never evaluated

BIO_ctrl(SSL_g...oid *)0) ) > 0	Description
TRUE	never evaluated
FALSE	never evaluated

0

252

BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL) > 0) {

BIO_ctrl(SSL_g...oid *)0) ) > 0	Description
TRUE	never evaluated
FALSE	never evaluated

0

253

if (!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {

!(SSL_get_opti...& 0x00001000U)	Description
TRUE	never evaluated
FALSE	never evaluated

0

254

if (!dtls1_query_mtu(s))

!dtls1_query_mtu(s)	Description
TRUE	never evaluated
FALSE	never evaluated

0

255

return -1;

never executed: return -1;

0

256

/* Have one more go */

-

257

retry = 0;

-

258

} else

never executed: end of block

0

259

return -1;

never executed: return -1;

0

260

} else {

-

261

return -1;

never executed: return -1;

0

262

}

-

263

} else {

-

264

-

265

/*

-

266

* bad if this assert fails, only part of the handshake message

-

267

* got sent. but why would this happen?

-

268

*/

-

269

if (!ossl_assert(len == written))

!((len == written) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 3030 times by 1 test Evaluated by: libssl.so.1.1

0-3030

270

return -1;

never executed: return -1;

0

271

-

272

if (type == SSL3_RT_HANDSHAKE && !s->d1->retransmitting) {

type == 22	Description
TRUE	evaluated 2651 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 379 times by 1 test Evaluated by: libssl.so.1.1

!s->d1->retransmitting	Description
TRUE	evaluated 2479 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 172 times by 1 test Evaluated by: libssl.so.1.1

172-2651

273

/*

-

274

* should not be done for 'Hello Request's, but in that case

-

275

* we'll ignore the result anyway

-

276

*/

-

277

unsigned char *p =

-

278

(unsigned char *)&s->init_buf->data[s->init_off];

-

279

const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;

-

280

size_t xlen;

-

281

-

282

if (frag_off == 0 && s->version != DTLS1_BAD_VER) {

frag_off == 0	Description
TRUE	evaluated 1532 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 947 times by 1 test Evaluated by: libssl.so.1.1

s->version != 0x0100	Description
TRUE	evaluated 1529 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

3-1532

283

/*

-

284

* reconstruct message header is if it is being sent in

-

285

* single fragment

-

286

*/

-

287

*p++ = msg_hdr->type;

-

288

l2n3(msg_hdr->msg_len, p);

-

289

s2n(msg_hdr->seq, p);

-

290

l2n3(0, p);

-

291

l2n3(msg_hdr->msg_len, p);

-

292

p -= DTLS1_HM_HEADER_LENGTH;

-

293

xlen = written;

-

294

} else {

executed 1529 times by 1 test: end of block

Executed by:

libssl.so.1.1

1529

295

p += DTLS1_HM_HEADER_LENGTH;

-

296

xlen = written - DTLS1_HM_HEADER_LENGTH;

-

297

}

executed 950 times by 1 test: end of block

Executed by:

libssl.so.1.1

950

298

-

299

if (!ssl3_finish_mac(s, p, xlen))

!ssl3_finish_mac(s, p, xlen)	Description
TRUE	never evaluated
FALSE	evaluated 2479 times by 1 test Evaluated by: libssl.so.1.1

0-2479

300

return -1;

never executed: return -1;

0

301

}

executed 2479 times by 1 test: end of block

Executed by:

libssl.so.1.1

2479

302

-

303

if (written == s->init_num) {

written == s->init_num	Description
TRUE	evaluated 2013 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1017 times by 1 test Evaluated by: libssl.so.1.1

1017-2013

304

if (s->msg_callback)

s->msg_callback	Description
TRUE	never evaluated
FALSE	evaluated 2013 times by 1 test Evaluated by: libssl.so.1.1

0-2013

305

s->msg_callback(1, s->version, type, s->init_buf->data,

never executed: s->msg_callback(1, s->version, type, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg);

0

306

(size_t)(s->init_off + s->init_num), s,

never executed: s->msg_callback(1, s->version, type, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg);

0

307

s->msg_callback_arg);

never executed: s->msg_callback(1, s->version, type, s->init_buf->data, (size_t)(s->init_off + s->init_num), s, s->msg_callback_arg);

0

308

-

309

s->init_off = 0; /* done writing this message */

-

310

s->init_num = 0;

-

311

-

312

return 1;

executed 2013 times by 1 test: return 1;

Executed by:

libssl.so.1.1

2013

313

}

-

314

s->init_off += written;

-

315

s->init_num -= written;

-

316

written -= DTLS1_HM_HEADER_LENGTH;

-

317

frag_off += written;

-

318

-

319

/*

-

320

* We save the fragment offset for the next fragment so we have it

-

321

* available in case of an IO retry. We don't know the length of the

-

322

* next fragment yet so just set that to 0 for now. It will be

-

323

* updated again later.

-

324

*/

-

325

dtls1_fix_message_header(s, frag_off, 0);

-

326

}

executed 1017 times by 1 test: end of block

Executed by:

libssl.so.1.1

1017

327

}

-

328

return 0;

never executed: return 0;

0

329

}

-

330

-

331

int dtls_get_message(SSL *s, int *mt, size_t *len)

-

332

{

-

333

struct hm_header_st *msg_hdr;

-

334

unsigned char *p;

-

335

size_t msg_len;

-

336

size_t tmplen;

-

337

int errtype;

-

338

-

339

msg_hdr = &s->d1->r_msg_hdr;

-

340

memset(msg_hdr, 0, sizeof(*msg_hdr));

-

341

-

342

again:

code before this statement executed 2843 times by 1 test: again:

Executed by:

libssl.so.1.1

2843

343

if (!dtls_get_reassembled_message(s, &errtype, &tmplen)) {

!dtls_get_reas...type, &tmplen)	Description
TRUE	evaluated 2369 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1868 times by 1 test Evaluated by: libssl.so.1.1

1868-2369

344

if (errtype == DTLS1_HM_BAD_FRAGMENT

errtype == -2	Description
TRUE	never evaluated
FALSE	evaluated 2369 times by 1 test Evaluated by: libssl.so.1.1

0-2369

345

|| errtype == DTLS1_HM_FRAGMENT_RETRY) {

errtype == -3	Description
TRUE	evaluated 1394 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 975 times by 1 test Evaluated by: libssl.so.1.1

975-1394

346

/* bad fragment received */

-

347

goto again;

executed 1394 times by 1 test: goto again;

Executed by:

libssl.so.1.1

1394

348

}

-

349

return 0;

executed 975 times by 1 test: return 0;

Executed by:

libssl.so.1.1

975

350

}

-

351

-

352

*mt = s->s3->tmp.message_type;

-

353

-

354

p = (unsigned char *)s->init_buf->data;

-

355

*len = s->init_num;

-

356

-

357

if (*mt == SSL3_MT_CHANGE_CIPHER_SPEC) {

*mt == 0x0101	Description
TRUE	evaluated 358 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1

358-1510

358

if (s->msg_callback) {

s->msg_callback	Description
TRUE	never evaluated
FALSE	evaluated 358 times by 1 test Evaluated by: libssl.so.1.1

0-358

359

s->msg_callback(0, s->version, SSL3_RT_CHANGE_CIPHER_SPEC,

-

360

p, 1, s, s->msg_callback_arg);

-

361

}

never executed: end of block

0

362

/*

-

363

* This isn't a real handshake message so skip the processing below.

-

364

*/

-

365

return 1;

executed 358 times by 1 test: return 1;

Executed by:

libssl.so.1.1

358

366

}

-

367

-

368

msg_len = msg_hdr->msg_len;

-

369

-

370

/* reconstruct message header */

-

371

*(p++) = msg_hdr->type;

-

372

l2n3(msg_len, p);

-

373

s2n(msg_hdr->seq, p);

-

374

l2n3(0, p);

-

375

l2n3(msg_len, p);

-

376

if (s->version != DTLS1_BAD_VER) {

s->version != 0x0100	Description
TRUE	evaluated 1507 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

3-1507

377

p -= DTLS1_HM_HEADER_LENGTH;

-

378

msg_len += DTLS1_HM_HEADER_LENGTH;

-

379

}

executed 1507 times by 1 test: end of block

Executed by:

libssl.so.1.1

1507

380

-

381

/*

-

382

* If receiving Finished, record MAC of prior handshake messages for

-

383

* Finished verification.

-

384

*/

-

385

if (*mt == SSL3_MT_FINISHED && !ssl3_take_mac(s)) {

*mt == 20	Description
TRUE	evaluated 355 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1155 times by 1 test Evaluated by: libssl.so.1.1

!ssl3_take_mac(s)	Description
TRUE	never evaluated
FALSE	evaluated 355 times by 1 test Evaluated by: libssl.so.1.1

0-1155

386

/* SSLfatal() already called */

-

387

return 0;

never executed: return 0;

0

388

}

-

389

-

390

if (!ssl3_finish_mac(s, p, msg_len))

!ssl3_finish_m...s, p, msg_len)	Description
TRUE	never evaluated
FALSE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1

0-1510

391

return 0;

never executed: return 0;

0

392

if (s->msg_callback)

s->msg_callback	Description
TRUE	never evaluated
FALSE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1

0-1510

393

s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,

never executed: s->msg_callback(0, s->version, 22, p, msg_len, s, s->msg_callback_arg);

0

394

p, msg_len, s, s->msg_callback_arg);

never executed: s->msg_callback(0, s->version, 22, p, msg_len, s, s->msg_callback_arg);

0

395

-

396

memset(msg_hdr, 0, sizeof(*msg_hdr));

-

397

-

398

s->d1->handshake_read_seq++;

-

399

-

400

s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;

-

401

-

402

return 1;

executed 1510 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1510

403

}

-

404

-

405

/*

-

406

* dtls1_max_handshake_message_len returns the maximum number of bytes

-

407

* permitted in a DTLS handshake message for |s|. The minimum is 16KB, but

-

408

* may be greater if the maximum certificate list size requires it.

-

409

*/

-

410

static size_t dtls1_max_handshake_message_len(const SSL *s)

-

411

{

-

412

size_t max_len = DTLS1_HM_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH;

-

413

if (max_len < s->max_cert_list)

max_len < s->max_cert_list	Description
TRUE	evaluated 2793 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-2793

414

return s->max_cert_list;

executed 2793 times by 1 test: return s->max_cert_list;

Executed by:

libssl.so.1.1

2793

415

return max_len;

never executed: return max_len;

0

416

}

-

417

-

418

static int dtls1_preprocess_fragment(SSL *s, struct hm_header_st *msg_hdr)

-

419

{

-

420

size_t frag_off, frag_len, msg_len;

-

421

-

422

msg_len = msg_hdr->msg_len;

-

423

frag_off = msg_hdr->frag_off;

-

424

frag_len = msg_hdr->frag_len;

-

425

-

426

/* sanity checking */

-

427

if ((frag_off + frag_len) > msg_len

(frag_off + fr...len) > msg_len	Description
TRUE	never evaluated
FALSE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1

0-1510

428

|| msg_len > dtls1_max_handshake_message_len(s)) {

msg_len > dtls...message_len(s)	Description
TRUE	never evaluated
FALSE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1

0-1510

429

SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_DTLS1_PREPROCESS_FRAGMENT,

-

430

SSL_R_EXCESSIVE_MESSAGE_SIZE);

-

431

return 0;

never executed: return 0;

0

432

}

-

433

-

434

if (s->d1->r_msg_hdr.frag_off == 0) { /* first fragment */

s->d1->r_msg_hdr.frag_off == 0	Description
TRUE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1510

435

/*

-

436

* msg_len is limited to 2^24, but is effectively checked against

-

437

* dtls_max_handshake_message_len(s) above

-

438

*/

-

439

if (!BUF_MEM_grow_clean(s->init_buf, msg_len + DTLS1_HM_HEADER_LENGTH)) {

!BUF_MEM_grow_... msg_len + 12)	Description
TRUE	never evaluated
FALSE	evaluated 1510 times by 1 test Evaluated by: libssl.so.1.1

0-1510

440

SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DTLS1_PREPROCESS_FRAGMENT,

-

441

ERR_R_BUF_LIB);

-

442

return 0;

never executed: return 0;

0

443

}

-

444

-

445

s->s3->tmp.message_size = msg_len;

-

446

s->d1->r_msg_hdr.msg_len = msg_len;

-

447

s->s3->tmp.message_type = msg_hdr->type;

-

448

s->d1->r_msg_hdr.type = msg_hdr->type;

-

449

s->d1->r_msg_hdr.seq = msg_hdr->seq;

-

450

} else if (msg_len != s->d1->r_msg_hdr.msg_len) {

executed 1510 times by 1 test: end of block

Executed by:

libssl.so.1.1

msg_len != s->...sg_hdr.msg_len	Description
TRUE	never evaluated
FALSE	never evaluated

0-1510

451

/*

-

452

* They must be playing with us! BTW, failure to enforce upper limit

-

453

* would open possibility for buffer overrun.

-

454

*/

-

455

SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_DTLS1_PREPROCESS_FRAGMENT,

-

456

SSL_R_EXCESSIVE_MESSAGE_SIZE);

-

457

return 0;

never executed: return 0;

0

458

}

-

459

-

460

return 1;

executed 1510 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1510

461

}

-

462

-

463

/*

-

464

* Returns 1 if there is a buffered fragment available, 0 if not, or -1 on a

-

465

* fatal error.

-

466

*/

-

467

static int dtls1_retrieve_buffered_fragment(SSL *s, size_t *len)

-

468

{

-

469

/*-

-

470

* (0) check whether the desired fragment is available

-

471

* if so:

-

472

* (1) copy over the fragment to s->init_buf->data[]

-

473

* (2) update s->init_num

-

474

*/

-

475

pitem *item;

-

476

hm_fragment *frag;

-

477

int ret;

-

478

-

479

do {

-

480

item = pqueue_peek(s->d1->buffered_messages);

-

481

if (item == NULL)

item == ((void *)0)	Description
TRUE	evaluated 2806 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1431 times by 1 test Evaluated by: libssl.so.1.1

1431-2806

482

return 0;

executed 2806 times by 1 test: return 0;

Executed by:

libssl.so.1.1

2806

483

-

484

frag = (hm_fragment *)item->data;

-

485

-

486

if (frag->msg_header.seq < s->d1->handshake_read_seq) {

frag->msg_head...shake_read_seq	Description
TRUE	never evaluated
FALSE	evaluated 1431 times by 1 test Evaluated by: libssl.so.1.1

0-1431

487

/* This is a stale message that has been buffered so clear it */

-

488

pqueue_pop(s->d1->buffered_messages);

-

489

dtls1_hm_fragment_free(frag);

-

490

pitem_free(item);

-

491

item = NULL;

-

492

frag = NULL;

-

493

}

never executed: end of block

0

494

} while (item == NULL);

executed 1431 times by 1 test: end of block

Executed by:

libssl.so.1.1

item == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1431 times by 1 test Evaluated by: libssl.so.1.1

0-1431

495

-

496

/* Don't return if reassembly still in progress */

-

497

if (frag->reassembly != NULL)

frag->reassemb...!= ((void *)0)	Description
TRUE	evaluated 1073 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 358 times by 1 test Evaluated by: libssl.so.1.1

358-1073

498

return 0;

executed 1073 times by 1 test: return 0;

Executed by:

libssl.so.1.1

1073

499

-

500

if (s->d1->handshake_read_seq == frag->msg_header.seq) {

s->d1->handsha...msg_header.seq	Description
TRUE	evaluated 343 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 15 times by 1 test Evaluated by: libssl.so.1.1

15-343

501

size_t frag_len = frag->msg_header.frag_len;

-

502

pqueue_pop(s->d1->buffered_messages);

-

503

-

504

/* Calls SSLfatal() as required */

-

505

ret = dtls1_preprocess_fragment(s, &frag->msg_header);

-

506

-

507

if (ret && frag->msg_header.frag_len > 0) {

ret	Description
TRUE	evaluated 343 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

frag->msg_header.frag_len > 0	Description
TRUE	evaluated 334 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

0-343

508

unsigned char *p =

-

509

(unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;

-

510

memcpy(&p[frag->msg_header.frag_off], frag->fragment,

-

511

frag->msg_header.frag_len);

-

512

}

executed 334 times by 1 test: end of block

Executed by:

libssl.so.1.1

334

513

-

514

dtls1_hm_fragment_free(frag);

-

515

pitem_free(item);

-

516

-

517

if (ret) {

ret	Description
TRUE	evaluated 343 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-343

518

*len = frag_len;

-

519

return 1;

executed 343 times by 1 test: return 1;

Executed by:

libssl.so.1.1

343

520

}

-

521

-

522

/* Fatal error */

-

523

s->init_num = 0;

-

524

return -1;

never executed: return -1;

0

525

} else {

-

526

return 0;

executed 15 times by 1 test: return 0;

Executed by:

libssl.so.1.1

15

527

}

-

528

}

-

529

-

530

static int

-

531

dtls1_reassemble_fragment(SSL *s, const struct hm_header_st *msg_hdr)

-

532

{

-

533

hm_fragment *frag = NULL;

-

534

pitem *item = NULL;

-

535

int i = -1, is_complete;

-

536

unsigned char seq64be[8];

-

537

size_t frag_len = msg_hdr->frag_len;

-

538

size_t readbytes;

-

539

-

540

if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len ||

(msg_hdr->frag...g_hdr->msg_len	Description
TRUE	never evaluated
FALSE	evaluated 1274 times by 1 test Evaluated by: libssl.so.1.1

0-1274

541

msg_hdr->msg_len > dtls1_max_handshake_message_len(s))

msg_hdr->msg_l...message_len(s)	Description
TRUE	never evaluated
FALSE	evaluated 1274 times by 1 test Evaluated by: libssl.so.1.1

0-1274

542

goto err;

never executed: goto err;

0

543

-

544

if (frag_len == 0) {

frag_len == 0	Description
TRUE	never evaluated
FALSE	evaluated 1274 times by 1 test Evaluated by: libssl.so.1.1

0-1274

545

return DTLS1_HM_FRAGMENT_RETRY;

never executed: return -3;

0

546

}

-

547

-

548

/* Try to find item in queue */

-

549

memset(seq64be, 0, sizeof(seq64be));

-

550

seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);

-

551

seq64be[7] = (unsigned char)msg_hdr->seq;

-

552

item = pqueue_find(s->d1->buffered_messages, seq64be);

-

553

-

554

if (item == NULL) {

item == ((void *)0)	Description
TRUE	evaluated 334 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 940 times by 1 test Evaluated by: libssl.so.1.1

334-940

555

frag = dtls1_hm_fragment_new(msg_hdr->msg_len, 1);

-

556

if (frag == NULL)

frag == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 334 times by 1 test Evaluated by: libssl.so.1.1

0-334

557

goto err;

never executed: goto err;

0

558

memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));

-

559

frag->msg_header.frag_len = frag->msg_header.msg_len;

-

560

frag->msg_header.frag_off = 0;

-

561

} else {

executed 334 times by 1 test: end of block

Executed by:

libssl.so.1.1

334

562

frag = (hm_fragment *)item->data;

-

563

if (frag->msg_header.msg_len != msg_hdr->msg_len) {

frag->msg_head...g_hdr->msg_len	Description
TRUE	never evaluated
FALSE	evaluated 940 times by 1 test Evaluated by: libssl.so.1.1

0-940

564

item = NULL;

-

565

frag = NULL;

-

566

goto err;

never executed: goto err;

0

567

}

-

568

}

executed 940 times by 1 test: end of block

Executed by:

libssl.so.1.1

940

569

-

570

/*

-

571

* If message is already reassembled, this must be a retransmit and can

-

572

* be dropped. In this case item != NULL and so frag does not need to be

-

573

* freed.

-

574

*/

-

575

if (frag->reassembly == NULL) {

frag->reassemb...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1274 times by 1 test Evaluated by: libssl.so.1.1

0-1274

576

unsigned char devnull[256];

-

577

-

578

while (frag_len) {

frag_len	Description
TRUE	never evaluated
FALSE	never evaluated

0

579

i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, NULL,

-

580

devnull,

-

581

frag_len >

-

582

sizeof(devnull) ? sizeof(devnull) :

-

583

frag_len, 0, &readbytes);

-

584

if (i <= 0)

i <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

0

585

goto err;

never executed: goto err;

0

586

frag_len -= readbytes;

-

587

}

never executed: end of block

0

588

return DTLS1_HM_FRAGMENT_RETRY;

never executed: return -3;

0

589

}

-

590

-

591

/* read the body of the fragment (header has already been read */

-

592

i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, NULL,

-

593

frag->fragment + msg_hdr->frag_off,

-

594

frag_len, 0, &readbytes);

-

595

if (i <= 0 || readbytes != frag_len)

i <= 0	Description
TRUE	never evaluated
FALSE	evaluated 1274 times by 1 test Evaluated by: libssl.so.1.1

readbytes != frag_len	Description
TRUE	never evaluated
FALSE	evaluated 1274 times by 1 test Evaluated by: libssl.so.1.1

0-1274

596

i = -1;

never executed: i = -1;

0

597

if (i <= 0)

i <= 0	Description
TRUE	never evaluated
FALSE	evaluated 1274 times by 1 test Evaluated by: libssl.so.1.1

0-1274

598

goto err;

never executed: goto err;

0

599

-

600

RSMBLY_BITMASK_MARK(frag->reassembly, (long)msg_hdr->frag_off,

executed 91 times by 1 test: frag->reassembly[((ii) >> 3)] |= (1 << ((ii) & 7));

Executed by:

libssl.so.1.1

executed 24 times by 1 test: end of block

Executed by:

libssl.so.1.1

executed 27354 times by 1 test: frag->reassembly[ii] = 0xff;

Executed by:

libssl.so.1.1

executed 1250 times by 1 test: end of block

Executed by:

libssl.so.1.1

((long)(msg_hd...frag_off) <= 8	Description
TRUE	evaluated 24 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1250 times by 1 test Evaluated by: libssl.so.1.1

ii < ((long)(m...f + frag_len))	Description
TRUE	evaluated 91 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 24 times by 1 test Evaluated by: libssl.so.1.1

ii < (((((long...)) - 1)) >> 3)	Description
TRUE	evaluated 27354 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1250 times by 1 test Evaluated by: libssl.so.1.1

24-27354

601

(long)(msg_hdr->frag_off + frag_len));

-

602

-

603

if (!ossl_assert(msg_hdr->msg_len > 0))

!((msg_hdr->msg_len > 0) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 1274 times by 1 test Evaluated by: libssl.so.1.1

0-1274

604

goto err;

never executed: goto err;

0

605

RSMBLY_BITMASK_IS_COMPLETE(frag->reassembly, (long)msg_hdr->msg_len,

executed 926 times by 1 test: is_complete = 0;

Executed by:

libssl.so.1.1

executed 14 times by 1 test: break;

Executed by:

libssl.so.1.1

frag->reassemb...msg_len) & 7)]	Description
TRUE	evaluated 926 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 348 times by 1 test Evaluated by: libssl.so.1.1

is_complete	Description
TRUE	evaluated 348 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 926 times by 1 test Evaluated by: libssl.so.1.1

frag->reassembly[ii] != 0xff	Description
TRUE	evaluated 14 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 28905 times by 1 test Evaluated by: libssl.so.1.1

ii >= 0	Description
TRUE	evaluated 28919 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 334 times by 1 test Evaluated by: libssl.so.1.1

14-28919

606

is_complete);

-

607

-

608

if (is_complete) {

is_complete	Description
TRUE	evaluated 334 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 940 times by 1 test Evaluated by: libssl.so.1.1

334-940

609

OPENSSL_free(frag->reassembly);

-

610

frag->reassembly = NULL;

-

611

}

executed 334 times by 1 test: end of block

Executed by:

libssl.so.1.1

334

612

-

613

if (item == NULL) {

item == ((void *)0)	Description
TRUE	evaluated 334 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 940 times by 1 test Evaluated by: libssl.so.1.1

334-940

614

item = pitem_new(seq64be, frag);

-

615

if (item == NULL) {

item == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 334 times by 1 test Evaluated by: libssl.so.1.1

0-334

616

i = -1;

-

617

goto err;

never executed: goto err;

0

618

}

-

619

-

620

item = pqueue_insert(s->d1->buffered_messages, item);

-

621

/*

-

622

* pqueue_insert fails iff a duplicate item is inserted. However,

-

623

* |item| cannot be a duplicate. If it were, |pqueue_find|, above,

-

624

* would have returned it and control would never have reached this

-

625

* branch.

-

626

*/

-

627

if (!ossl_assert(item != NULL))

!((item != ((void *)0) ) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 334 times by 1 test Evaluated by: libssl.so.1.1

0-334

628

goto err;

never executed: goto err;

0

629

}

executed 334 times by 1 test: end of block

Executed by:

libssl.so.1.1

334

630

-

631

return DTLS1_HM_FRAGMENT_RETRY;

executed 1274 times by 1 test: return -3;

Executed by:

libssl.so.1.1

1274

632

-

633

err:

-

634

if (item == NULL)

item == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

635

dtls1_hm_fragment_free(frag);

never executed: dtls1_hm_fragment_free(frag);

0

636

return -1;

never executed: return -1;

0

637

}

-

638

-

639

static int

-

640

dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st *msg_hdr)

-

641

{

-

642

int i = -1;

-

643

hm_fragment *frag = NULL;

-

644

pitem *item = NULL;

-

645

unsigned char seq64be[8];

-

646

size_t frag_len = msg_hdr->frag_len;

-

647

size_t readbytes;

-

648

-

649

if ((msg_hdr->frag_off + frag_len) > msg_hdr->msg_len)

(msg_hdr->frag...g_hdr->msg_len	Description
TRUE	never evaluated
FALSE	evaluated 143 times by 1 test Evaluated by: libssl.so.1.1

0-143

650

goto err;

never executed: goto err;

0

651

-

652

/* Try to find item in queue, to prevent duplicate entries */

-

653

memset(seq64be, 0, sizeof(seq64be));

-

654

seq64be[6] = (unsigned char)(msg_hdr->seq >> 8);

-

655

seq64be[7] = (unsigned char)msg_hdr->seq;

-

656

item = pqueue_find(s->d1->buffered_messages, seq64be);

-

657

-

658

/*

-

659

* If we already have an entry and this one is a fragment, don't discard

-

660

* it and rather try to reassemble it.

-

661

*/

-

662

if (item != NULL && frag_len != msg_hdr->msg_len)

item != ((void *)0)	Description
TRUE	evaluated 16 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 127 times by 1 test Evaluated by: libssl.so.1.1

frag_len != msg_hdr->msg_len	Description
TRUE	evaluated 16 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-127

663

item = NULL;

executed 16 times by 1 test: item = ((void *)0) ;

Executed by:

libssl.so.1.1

16

664

-

665

/*

-

666

* Discard the message if sequence number was already there, is too far

-

667

* in the future, already in the queue or if we received a FINISHED

-

668

* before the SERVER_HELLO, which then must be a stale retransmit.

-

669

*/

-

670

if (msg_hdr->seq <= s->d1->handshake_read_seq ||

msg_hdr->seq <...shake_read_seq	Description
TRUE	evaluated 111 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 32 times by 1 test Evaluated by: libssl.so.1.1

32-111

671

msg_hdr->seq > s->d1->handshake_read_seq + 10 || item != NULL ||

msg_hdr->seq >..._read_seq + 10	Description
TRUE	never evaluated
FALSE	evaluated 32 times by 1 test Evaluated by: libssl.so.1.1

item != ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 32 times by 1 test Evaluated by: libssl.so.1.1

0-32

672

(s->d1->handshake_read_seq == 0 && msg_hdr->type == SSL3_MT_FINISHED)) {

s->d1->handshake_read_seq == 0	Description
TRUE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 23 times by 1 test Evaluated by: libssl.so.1.1

msg_hdr->type == 20	Description
TRUE	never evaluated
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

0-23

673

unsigned char devnull[256];

-

674

-

675

while (frag_len) {

frag_len	Description
TRUE	evaluated 99 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 111 times by 1 test Evaluated by: libssl.so.1.1

99-111

676

i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, NULL,

-

677

devnull,

-

678

frag_len >

-

679

sizeof(devnull) ? sizeof(devnull) :

-

680

frag_len, 0, &readbytes);

-

681

if (i <= 0)

i <= 0	Description
TRUE	never evaluated
FALSE	evaluated 99 times by 1 test Evaluated by: libssl.so.1.1

0-99

682

goto err;

never executed: goto err;

0

683

frag_len -= readbytes;

-

684

}

executed 99 times by 1 test: end of block

Executed by:

libssl.so.1.1

99

685

} else {

executed 111 times by 1 test: end of block

Executed by:

libssl.so.1.1

111

686

if (frag_len != msg_hdr->msg_len) {

frag_len != msg_hdr->msg_len	Description
TRUE	evaluated 23 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

9-23

687

return dtls1_reassemble_fragment(s, msg_hdr);

executed 23 times by 1 test: return dtls1_reassemble_fragment(s, msg_hdr);

Executed by:

libssl.so.1.1

23

688

}

-

689

-

690

if (frag_len > dtls1_max_handshake_message_len(s))

frag_len > dtl...message_len(s)	Description
TRUE	never evaluated
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

0-9

691

goto err;

never executed: goto err;

0

692

-

693

frag = dtls1_hm_fragment_new(frag_len, 0);

-

694

if (frag == NULL)

frag == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

0-9

695

goto err;

never executed: goto err;

0

696

-

697

memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));

-

698

-

699

if (frag_len) {

frag_len	Description
TRUE	never evaluated
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

0-9

700

/*

-

701

* read the body of the fragment (header has already been read

-

702

*/

-

703

i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, NULL,

-

704

frag->fragment, frag_len, 0,

-

705

&readbytes);

-

706

if (i<=0 || readbytes != frag_len)

i<=0	Description
TRUE	never evaluated
FALSE	never evaluated

readbytes != frag_len	Description
TRUE	never evaluated
FALSE	never evaluated

0

707

i = -1;

never executed: i = -1;

0

708

if (i <= 0)

i <= 0	Description
TRUE	never evaluated
FALSE	never evaluated

0

709

goto err;

never executed: goto err;

0

710

}

never executed: end of block

0

711

-

712

item = pitem_new(seq64be, frag);

-

713

if (item == NULL)

item == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

0-9

714

goto err;

never executed: goto err;

0

715

-

716

item = pqueue_insert(s->d1->buffered_messages, item);

-

717

/*

-

718

* pqueue_insert fails iff a duplicate item is inserted. However,

-

719

* |item| cannot be a duplicate. If it were, |pqueue_find|, above,

-

720

* would have returned it. Then, either |frag_len| !=

-

721

* |msg_hdr->msg_len| in which case |item| is set to NULL and it will

-

722

* have been processed with |dtls1_reassemble_fragment|, above, or

-

723

* the record will have been discarded.

-

724

*/

-

725

if (!ossl_assert(item != NULL))

!((item != ((void *)0) ) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

0-9

726

goto err;

never executed: goto err;

0

727

}

executed 9 times by 1 test: end of block

Executed by:

libssl.so.1.1

9

728

-

729

return DTLS1_HM_FRAGMENT_RETRY;

executed 120 times by 1 test: return -3;

Executed by:

libssl.so.1.1

120

730

-

731

err:

-

732

if (item == NULL)

item == ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

0

733

dtls1_hm_fragment_free(frag);

never executed: dtls1_hm_fragment_free(frag);

0

734

return 0;

never executed: return 0;

0

735

}

-

736

-

737

static int dtls_get_reassembled_message(SSL *s, int *errtype, size_t *len)

-

738

{

-

739

unsigned char wire[DTLS1_HM_HEADER_LENGTH];

-

740

size_t mlen, frag_off, frag_len;

-

741

int i, ret, recvd_type;

-

742

struct hm_header_st msg_hdr;

-

743

size_t readbytes;

-

744

-

745

*errtype = 0;

-

746

-

747

redo:

code before this statement executed 4237 times by 1 test: redo:

Executed by:

libssl.so.1.1

4237

748

/* see if we have the required fragment already */

-

749

ret = dtls1_retrieve_buffered_fragment(s, &frag_len);

-

750

if (ret < 0) {

ret < 0	Description
TRUE	never evaluated
FALSE	evaluated 4237 times by 1 test Evaluated by: libssl.so.1.1

0-4237

751

/* SSLfatal() already called */

-

752

return 0;

never executed: return 0;

0

753

}

-

754

if (ret > 0) {

ret > 0	Description
TRUE	evaluated 343 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3894 times by 1 test Evaluated by: libssl.so.1.1

343-3894

755

s->init_num = frag_len;

-

756

*len = frag_len;

-

757

return 1;

executed 343 times by 1 test: return 1;

Executed by:

libssl.so.1.1

343

758

}

-

759

-

760

/* read handshake message header */

-

761

i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, &recvd_type, wire,

-

762

DTLS1_HM_HEADER_LENGTH, 0, &readbytes);

-

763

if (i <= 0) { /* nbio, or an error */

i <= 0	Description
TRUE	evaluated 975 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2919 times by 1 test Evaluated by: libssl.so.1.1

975-2919

764

s->rwstate = SSL_READING;

-

765

*len = 0;

-

766

return 0;

executed 975 times by 1 test: return 0;

Executed by:

libssl.so.1.1

975

767

}

-

768

if (recvd_type == SSL3_RT_CHANGE_CIPHER_SPEC) {

recvd_type == 20	Description
TRUE	evaluated 358 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2561 times by 1 test Evaluated by: libssl.so.1.1

358-2561

769

if (wire[0] != SSL3_MT_CCS) {

wire[0] != 1	Description
TRUE	never evaluated
FALSE	evaluated 358 times by 1 test Evaluated by: libssl.so.1.1

0-358

770

SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE,

-

771

SSL_F_DTLS_GET_REASSEMBLED_MESSAGE,

-

772

SSL_R_BAD_CHANGE_CIPHER_SPEC);

-

773

goto f_err;

never executed: goto f_err;

0

774

}

-

775

-

776

memcpy(s->init_buf->data, wire, readbytes);

-

777

s->init_num = readbytes - 1;

-

778

s->init_msg = s->init_buf->data + 1;

-

779

s->s3->tmp.message_type = SSL3_MT_CHANGE_CIPHER_SPEC;

-

780

s->s3->tmp.message_size = readbytes - 1;

-

781

*len = readbytes - 1;

-

782

return 1;

executed 358 times by 1 test: return 1;

Executed by:

libssl.so.1.1

358

783

}

-

784

-

785

/* Handshake fails if message header is incomplete */

-

786

if (readbytes != DTLS1_HM_HEADER_LENGTH) {

readbytes != 12	Description
TRUE	never evaluated
FALSE	evaluated 2561 times by 1 test Evaluated by: libssl.so.1.1

0-2561

787

SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE,

-

788

SSL_F_DTLS_GET_REASSEMBLED_MESSAGE, SSL_R_UNEXPECTED_MESSAGE);

-

789

goto f_err;

never executed: goto f_err;

0

790

}

-

791

-

792

/* parse the message fragment header */

-

793

dtls1_get_message_header(wire, &msg_hdr);

-

794

-

795

mlen = msg_hdr.msg_len;

-

796

frag_off = msg_hdr.frag_off;

-

797

frag_len = msg_hdr.frag_len;

-

798

-

799

/*

-

800

* We must have at least frag_len bytes left in the record to be read.

-

801

* Fragments must not span records.

-

802

*/

-

803

if (frag_len > RECORD_LAYER_get_rrec_length(&s->rlayer)) {

frag_len > REC...th(&s->rlayer)	Description
TRUE	never evaluated
FALSE	evaluated 2561 times by 1 test Evaluated by: libssl.so.1.1

0-2561

804

SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER,

-

805

SSL_F_DTLS_GET_REASSEMBLED_MESSAGE, SSL_R_BAD_LENGTH);

-

806

goto f_err;

never executed: goto f_err;

0

807

}

-

808

-

809

/*

-

810

* if this is a future (or stale) message it gets buffered

-

811

* (or dropped)--no further processing at this time

-

812

* While listening, we accept seq 1 (ClientHello with cookie)

-

813

* although we're still expecting seq 0 (ClientHello)

-

814

*/

-

815

if (msg_hdr.seq != s->d1->handshake_read_seq) {

msg_hdr.seq !=...shake_read_seq	Description
TRUE	evaluated 143 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2418 times by 1 test Evaluated by: libssl.so.1.1

143-2418

816

*errtype = dtls1_process_out_of_seq_message(s, &msg_hdr);

-

817

return 0;

executed 143 times by 1 test: return 0;

Executed by:

libssl.so.1.1

143

818

}

-

819

-

820

if (frag_len && frag_len < mlen) {

frag_len	Description
TRUE	evaluated 2258 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 160 times by 1 test Evaluated by: libssl.so.1.1

frag_len < mlen	Description
TRUE	evaluated 1251 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1007 times by 1 test Evaluated by: libssl.so.1.1

160-2258

821

*errtype = dtls1_reassemble_fragment(s, &msg_hdr);

-

822

return 0;

executed 1251 times by 1 test: return 0;

Executed by:

libssl.so.1.1

1251

823

}

-

824

-

825

if (!s->server

!s->server	Description
TRUE	evaluated 668 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 499 times by 1 test Evaluated by: libssl.so.1.1

499-668

826

&& s->d1->r_msg_hdr.frag_off == 0

s->d1->r_msg_hdr.frag_off == 0	Description
TRUE	evaluated 668 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-668

827

&& s->statem.hand_state != TLS_ST_OK

s->statem.hand...e != TLS_ST_OK	Description
TRUE	evaluated 665 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

3-665

828

&& wire[0] == SSL3_MT_HELLO_REQUEST) {

wire[0] == 0	Description
TRUE	never evaluated
FALSE	evaluated 665 times by 1 test Evaluated by: libssl.so.1.1

0-665

829

/*

-

830

* The server may always send 'Hello Request' messages -- we are

-

831

* doing a handshake anyway now, so ignore them if their format is

-

832

* correct. Does not count for 'Finished' MAC.

-

833

*/

-

834

if (wire[1] == 0 && wire[2] == 0 && wire[3] == 0) {

wire[1] == 0	Description
TRUE	never evaluated
FALSE	never evaluated

wire[2] == 0	Description
TRUE	never evaluated
FALSE	never evaluated

wire[3] == 0	Description
TRUE	never evaluated
FALSE	never evaluated

0

835

if (s->msg_callback)

s->msg_callback	Description
TRUE	never evaluated
FALSE	never evaluated

0

836

s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,

never executed: s->msg_callback(0, s->version, 22, wire, 12, s, s->msg_callback_arg);

0

837

wire, DTLS1_HM_HEADER_LENGTH, s,

never executed: s->msg_callback(0, s->version, 22, wire, 12, s, s->msg_callback_arg);

0

838

s->msg_callback_arg);

never executed: s->msg_callback(0, s->version, 22, wire, 12, s, s->msg_callback_arg);

0

839

-

840

s->init_num = 0;

-

841

goto redo;

never executed: goto redo;

0

842

} else { /* Incorrectly formatted Hello request */

-

843

-

844

SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE,

-

845

SSL_F_DTLS_GET_REASSEMBLED_MESSAGE,

-

846

SSL_R_UNEXPECTED_MESSAGE);

-

847

goto f_err;

never executed: goto f_err;

0

848

}

-

849

}

-

850

-

851

if (!dtls1_preprocess_fragment(s, &msg_hdr)) {

!dtls1_preproc...t(s, &msg_hdr)	Description
TRUE	never evaluated
FALSE	evaluated 1167 times by 1 test Evaluated by: libssl.so.1.1

0-1167

852

/* SSLfatal() already called */

-

853

goto f_err;

never executed: goto f_err;

0

854

}

-

855

-

856

if (frag_len > 0) {

frag_len > 0	Description
TRUE	evaluated 1007 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 160 times by 1 test Evaluated by: libssl.so.1.1

160-1007

857

unsigned char *p =

-

858

(unsigned char *)s->init_buf->data + DTLS1_HM_HEADER_LENGTH;

-

859

-

860

i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, NULL,

-

861

&p[frag_off], frag_len, 0, &readbytes);

-

862

-

863

/*

-

864

* This shouldn't ever fail due to NBIO because we already checked

-

865

* that we have enough data in the record

-

866

*/

-

867

if (i <= 0) {

i <= 0	Description
TRUE	never evaluated
FALSE	evaluated 1007 times by 1 test Evaluated by: libssl.so.1.1

0-1007

868

s->rwstate = SSL_READING;

-

869

*len = 0;

-

870

return 0;

never executed: return 0;

0

871

}

-

872

} else {

executed 1007 times by 1 test: end of block

Executed by:

libssl.so.1.1

1007

873

readbytes = 0;

-

874

}

executed 160 times by 1 test: end of block

Executed by:

libssl.so.1.1

160

875

-

876

/*

-

877

* XDTLS: an incorrectly formatted fragment should cause the handshake

-

878

* to fail

-

879

*/

-

880

if (readbytes != frag_len) {

readbytes != frag_len	Description
TRUE	never evaluated
FALSE	evaluated 1167 times by 1 test Evaluated by: libssl.so.1.1

0-1167

881

SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER,

-

882

SSL_F_DTLS_GET_REASSEMBLED_MESSAGE, SSL_R_BAD_LENGTH);

-

883

goto f_err;

never executed: goto f_err;

0

884

}

-

885

-

886

/*

-

887

* Note that s->init_num is *not* used as current offset in

-

888

* s->init_buf->data, but as a counter summing up fragments' lengths: as

-

889

* soon as they sum up to handshake packet length, we assume we have got

-

890

* all the fragments.

-

891

*/

-

892

*len = s->init_num = frag_len;

-

893

return 1;

executed 1167 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1167

894

-

895

f_err:

-

896

s->init_num = 0;

-

897

*len = 0;

-

898

return 0;

never executed: return 0;

0

899

}

-

900

-

901

/*-

-

902

* for these 2 messages, we need to

-

903

* ssl->enc_read_ctx re-init

-

904

* ssl->rlayer.read_sequence zero

-

905

* ssl->s3->read_mac_secret re-init

-

906

* ssl->session->read_sym_enc assign

-

907

* ssl->session->read_compression assign

-

908

* ssl->session->read_hash assign

-

909

*/

-

910

int dtls_construct_change_cipher_spec(SSL *s, WPACKET *pkt)

-

911

{

-

912

if (s->version == DTLS1_BAD_VER) {

s->version == 0x0100	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 358 times by 1 test Evaluated by: libssl.so.1.1

1-358

913

s->d1->next_handshake_write_seq++;

-

914

-

915

if (!WPACKET_put_bytes_u16(pkt, s->d1->handshake_write_seq)) {

!WPACKET_put_b...write_seq), 2)	Description
TRUE	never evaluated
FALSE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1

0-1

916

SSLfatal(s, SSL_AD_INTERNAL_ERROR,

-

917

SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC,

-

918

ERR_R_INTERNAL_ERROR);

-

919

return 0;

never executed: return 0;

0

920

}

-

921

}

executed 1 time by 1 test: end of block

Executed by:

libssl.so.1.1

1

922

-

923

return 1;

executed 359 times by 1 test: return 1;

Executed by:

libssl.so.1.1

359

924

}

-

925

-

926

#ifndef OPENSSL_NO_SCTP

-

927

/*

-

928

* Wait for a dry event. Should only be called at a point in the handshake

-

929

* where we are not expecting any data from the peer except an alert.

-

930

*/

-

931

WORK_STATE dtls_wait_for_dry(SSL *s)

-

932

{

-

933

int ret, errtype;

-

934

size_t len;

-

935

-

936

/* read app data until dry event */

-

937

ret = BIO_dgram_sctp_wait_for_dry(SSL_get_wbio(s));

-

938

if (ret < 0) {

-

939

SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DTLS_WAIT_FOR_DRY,

-

940

ERR_R_INTERNAL_ERROR);

-

941

return WORK_ERROR;

-

942

}

-

943

-

944

if (ret == 0) {

-

945

/*

-

946

* We're not expecting any more messages from the peer at this point -

-

947

* but we could get an alert. If an alert is waiting then we will never

-

948

* return successfully. Therefore we attempt to read a message. This

-

949

* should never succeed but will process any waiting alerts.

-

950

*/

-

951

if (dtls_get_reassembled_message(s, &errtype, &len)) {

-

952

/* The call succeeded! This should never happen */

-

953

SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_DTLS_WAIT_FOR_DRY,

-

954

SSL_R_UNEXPECTED_MESSAGE);

-

955

return WORK_ERROR;

-

956

}

-

957

-

958

s->s3->in_read_app_data = 2;

-

959

s->rwstate = SSL_READING;

-

960

BIO_clear_retry_flags(SSL_get_rbio(s));

-

961

BIO_set_retry_read(SSL_get_rbio(s));

-

962

return WORK_MORE_A;

-

963

}

-

964

return WORK_FINISHED_CONTINUE;

-

965

}

-

966

#endif

-

967

-

968

int dtls1_read_failed(SSL *s, int code)

-

969

{

-

970

if (code > 0) {

code > 0	Description
TRUE	never evaluated
FALSE	evaluated 1204 times by 1 test Evaluated by: libssl.so.1.1

0-1204

971

SSLfatal(s, SSL_AD_INTERNAL_ERROR,

-

972

SSL_F_DTLS1_READ_FAILED, ERR_R_INTERNAL_ERROR);

-

973

return 0;

never executed: return 0;

0

974

}

-

975

-

976

if (!dtls1_is_timer_expired(s) || ossl_statem_in_error(s)) {

!dtls1_is_timer_expired(s)	Description
TRUE	evaluated 1204 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

ossl_statem_in_error(s)	Description
TRUE	never evaluated
FALSE	never evaluated

0-1204

977

/*

-

978

* not a timeout, none of our business, let higher layers handle

-

979

* this. in fact it's probably an error

-

980

*/

-

981

return code;

executed 1204 times by 1 test: return code;

Executed by:

libssl.so.1.1

1204

982

}

-

983

/* done, no need to send a retransmit */

-

984

if (!SSL_in_init(s))

!SSL_in_init(s)	Description
TRUE	never evaluated
FALSE	never evaluated

0

985

{

-

986

BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);

-

987

return code;

never executed: return code;

0

988

}

-

989

-

990

return dtls1_handle_timeout(s);

never executed: return dtls1_handle_timeout(s);

0

991

}

-

992

-

993

int dtls1_get_queue_priority(unsigned short seq, int is_ccs)

-

994

{

-

995

/*

-

996

* The index of the retransmission queue actually is the message sequence

-

997

* number, since the queue only contains messages of a single handshake.

-

998

* However, the ChangeCipherSpec has no message sequence number and so

-

999

* using only the sequence will result in the CCS and Finished having the

-

1000

* same index. To prevent this, the sequence number is multiplied by 2.

-

1001

* In case of a CCS 1 is subtracted. This does not only differ CSS and

-

1002

* Finished, it also maintains the order of the index (important for

-

1003

* priority queues) and fits in the unsigned short variable.

-

1004

*/

-

1005

return seq * 2 - is_ccs;

executed 3904 times by 1 test: return seq * 2 - is_ccs;

Executed by:

libssl.so.1.1

3904

1006

}

-

1007

-

1008

int dtls1_retransmit_buffered_messages(SSL *s)

-

1009

{

-

1010

pqueue *sent = s->d1->sent_messages;

-

1011

piterator iter;

-

1012

pitem *item;

-

1013

hm_fragment *frag;

-

1014

int found = 0;

-

1015

-

1016

iter = pqueue_iterator(sent);

-

1017

-

1018

for (item = pqueue_next(&iter); item != NULL; item = pqueue_next(&iter)) {

item != ((void *)0)	Description
TRUE	evaluated 122 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 51 times by 1 test Evaluated by: libssl.so.1.1

51-122

1019

frag = (hm_fragment *)item->data;

-

1020

if (dtls1_retransmit_message(s, (unsigned short)

dtls1_retransm..., &found) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 1 test Evaluated by: libssl.so.1.1

0-122

1021

dtls1_get_queue_priority

dtls1_retransm..., &found) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 1 test Evaluated by: libssl.so.1.1

0-122

1022

(frag->msg_header.seq,

dtls1_retransm..., &found) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 1 test Evaluated by: libssl.so.1.1

0-122

1023

frag->msg_header.is_ccs), &found) <= 0)

dtls1_retransm..., &found) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 1 test Evaluated by: libssl.so.1.1

0-122

1024

return -1;

never executed: return -1;

0

1025

}

executed 122 times by 1 test: end of block

Executed by:

libssl.so.1.1

122

1026

-

1027

return 1;

executed 51 times by 1 test: return 1;

Executed by:

libssl.so.1.1

51

1028

}

-

1029

-

1030

int dtls1_buffer_message(SSL *s, int is_ccs)

-

1031

{

-

1032

pitem *item;

-

1033

hm_fragment *frag;

-

1034

unsigned char seq64be[8];

-

1035

-

1036

/*

-

1037

* this function is called immediately after a message has been

-

1038

* serialized

-

1039

*/

-

1040

if (!ossl_assert(s->init_off == 0))

!((s->init_off == 0) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 1891 times by 1 test Evaluated by: libssl.so.1.1

0-1891

1041

return 0;

never executed: return 0;

0

1042

-

1043

frag = dtls1_hm_fragment_new(s->init_num, 0);

-

1044

if (frag == NULL)

frag == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1891 times by 1 test Evaluated by: libssl.so.1.1

0-1891

1045

return 0;

never executed: return 0;

0

1046

-

1047

memcpy(frag->fragment, s->init_buf->data, s->init_num);

-

1048

-

1049

if (is_ccs) {

is_ccs	Description
TRUE	evaluated 359 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1532 times by 1 test Evaluated by: libssl.so.1.1

359-1532

1050

/* For DTLS1_BAD_VER the header length is non-standard */

-

1051

if (!ossl_assert(s->d1->w_msg_hdr.msg_len +

!((s->d1->w_ms...nit_num) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 359 times by 1 test Evaluated by: libssl.so.1.1

(s->version == 0x0100)	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 358 times by 1 test Evaluated by: libssl.so.1.1

0-359

1052

((s->version ==

-

1053

DTLS1_BAD_VER) ? 3 : DTLS1_CCS_HEADER_LENGTH)

-

1054

== (unsigned int)s->init_num))

-

1055

return 0;

never executed: return 0;

0

1056

} else {

executed 359 times by 1 test: end of block

Executed by:

libssl.so.1.1

359

1057

if (!ossl_assert(s->d1->w_msg_hdr.msg_len +

!((s->d1->w_ms...nit_num) != 0)	Description
TRUE	never evaluated
FALSE	evaluated 1532 times by 1 test Evaluated by: libssl.so.1.1

0-1532

1058

DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num))

-

1059

return 0;

never executed: return 0;

0

1060

}

executed 1532 times by 1 test: end of block

Executed by:

libssl.so.1.1

1532

1061

-

1062

frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;

-

1063

frag->msg_header.seq = s->d1->w_msg_hdr.seq;

-

1064

frag->msg_header.type = s->d1->w_msg_hdr.type;

-

1065

frag->msg_header.frag_off = 0;

-

1066

frag->msg_header.frag_len = s->d1->w_msg_hdr.msg_len;

-

1067

frag->msg_header.is_ccs = is_ccs;

-

1068

-

1069

/* save current state */

-

1070

frag->msg_header.saved_retransmit_state.enc_write_ctx = s->enc_write_ctx;

-

1071

frag->msg_header.saved_retransmit_state.write_hash = s->write_hash;

-

1072

frag->msg_header.saved_retransmit_state.compress = s->compress;

-

1073

frag->msg_header.saved_retransmit_state.session = s->session;

-

1074

frag->msg_header.saved_retransmit_state.epoch =

-

1075

DTLS_RECORD_LAYER_get_w_epoch(&s->rlayer);

-

1076

-

1077

memset(seq64be, 0, sizeof(seq64be));

-

1078

seq64be[6] =

-

1079

(unsigned

-

1080

char)(dtls1_get_queue_priority(frag->msg_header.seq,

-

1081

frag->msg_header.is_ccs) >> 8);

-

1082

seq64be[7] =

-

1083

(unsigned

-

1084

char)(dtls1_get_queue_priority(frag->msg_header.seq,

-

1085

frag->msg_header.is_ccs));

-

1086

-

1087

item = pitem_new(seq64be, frag);

-

1088

if (item == NULL) {

item == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 1891 times by 1 test Evaluated by: libssl.so.1.1

0-1891

1089

dtls1_hm_fragment_free(frag);

-

1090

return 0;

never executed: return 0;

0

1091

}

-

1092

-

1093

pqueue_insert(s->d1->sent_messages, item);

-

1094

return 1;

executed 1891 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1891

1095

}

-

1096

-

1097

int dtls1_retransmit_message(SSL *s, unsigned short seq, int *found)

-

1098

{

-

1099

int ret;

-

1100

/* XDTLS: for now assuming that read/writes are blocking */

-

1101

pitem *item;

-

1102

hm_fragment *frag;

-

1103

unsigned long header_length;

-

1104

unsigned char seq64be[8];

-

1105

struct dtls1_retransmit_state saved_state;

-

1106

-

1107

/* XDTLS: the requested message ought to be found, otherwise error */

-

1108

memset(seq64be, 0, sizeof(seq64be));

-

1109

seq64be[6] = (unsigned char)(seq >> 8);

-

1110

seq64be[7] = (unsigned char)seq;

-

1111

-

1112

item = pqueue_find(s->d1->sent_messages, seq64be);

-

1113

if (item == NULL) {

item == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 122 times by 1 test Evaluated by: libssl.so.1.1

0-122

1114

SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DTLS1_RETRANSMIT_MESSAGE,

-

1115

ERR_R_INTERNAL_ERROR);

-

1116

*found = 0;

-

1117

return 0;

never executed: return 0;

0

1118

}

-

1119

-

1120

*found = 1;

-

1121

frag = (hm_fragment *)item->data;

-

1122

-

1123

if (frag->msg_header.is_ccs)

frag->msg_header.is_ccs	Description
TRUE	evaluated 20 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 102 times by 1 test Evaluated by: libssl.so.1.1

20-102

1124

header_length = DTLS1_CCS_HEADER_LENGTH;

executed 20 times by 1 test: header_length = 1;

Executed by:

libssl.so.1.1

20

1125

else

-

1126

header_length = DTLS1_HM_HEADER_LENGTH;

executed 102 times by 1 test: header_length = 12;

Executed by:

libssl.so.1.1

102

1127

-

1128

memcpy(s->init_buf->data, frag->fragment,

-

1129

frag->msg_header.msg_len + header_length);

-

1130

s->init_num = frag->msg_header.msg_len + header_length;

-

1131

-

1132

dtls1_set_message_header_int(s, frag->msg_header.type,

-

1133

frag->msg_header.msg_len,

-

1134

frag->msg_header.seq, 0,

-

1135

frag->msg_header.frag_len);

-

1136

-

1137

/* save current state */

-

1138

saved_state.enc_write_ctx = s->enc_write_ctx;

-

1139

saved_state.write_hash = s->write_hash;

-

1140

saved_state.compress = s->compress;

-

1141

saved_state.session = s->session;

-

1142

saved_state.epoch = DTLS_RECORD_LAYER_get_w_epoch(&s->rlayer);

-

1143

-

1144

s->d1->retransmitting = 1;

-

1145

-

1146

/* restore state in which the message was originally sent */

-

1147

s->enc_write_ctx = frag->msg_header.saved_retransmit_state.enc_write_ctx;

-

1148

s->write_hash = frag->msg_header.saved_retransmit_state.write_hash;

-

1149

s->compress = frag->msg_header.saved_retransmit_state.compress;

-

1150

s->session = frag->msg_header.saved_retransmit_state.session;

-

1151

DTLS_RECORD_LAYER_set_saved_w_epoch(&s->rlayer,

-

1152

frag->msg_header.

-

1153

saved_retransmit_state.epoch);

-

1154

-

1155

ret = dtls1_do_write(s, frag->msg_header.is_ccs ?

-

1156

SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE);

-

1157

-

1158

/* restore current state */

-

1159

s->enc_write_ctx = saved_state.enc_write_ctx;

-

1160

s->write_hash = saved_state.write_hash;

-

1161

s->compress = saved_state.compress;

-

1162

s->session = saved_state.session;

-

1163

DTLS_RECORD_LAYER_set_saved_w_epoch(&s->rlayer, saved_state.epoch);

-

1164

-

1165

s->d1->retransmitting = 0;

-

1166

-

1167

(void)BIO_flush(s->wbio);

-

1168

return ret;

executed 122 times by 1 test: return ret;

Executed by:

libssl.so.1.1

122

1169

}

-

1170

-

1171

void dtls1_set_message_header(SSL *s,

-

1172

unsigned char mt, size_t len,

-

1173

size_t frag_off, size_t frag_len)

-

1174

{

-

1175

if (frag_off == 0) {

frag_off == 0	Description
TRUE	evaluated 1532 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1532

1176

s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;

-

1177

s->d1->next_handshake_write_seq++;

-

1178

}

executed 1532 times by 1 test: end of block

Executed by:

libssl.so.1.1

1532

1179

-

1180

dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq,

-

1181

frag_off, frag_len);

-

1182

}

executed 1532 times by 1 test: end of block

Executed by:

libssl.so.1.1

1532

1183

-

1184

/* don't actually do the writing, wait till the MTU has been retrieved */

-

1185

static void

-

1186

dtls1_set_message_header_int(SSL *s, unsigned char mt,

-

1187

size_t len, unsigned short seq_num,

-

1188

size_t frag_off, size_t frag_len)

-

1189

{

-

1190

struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;

-

1191

-

1192

msg_hdr->type = mt;

-

1193

msg_hdr->msg_len = len;

-

1194

msg_hdr->seq = seq_num;

-

1195

msg_hdr->frag_off = frag_off;

-

1196

msg_hdr->frag_len = frag_len;

-

1197

}

executed 2013 times by 1 test: end of block

Executed by:

libssl.so.1.1

2013

1198

-

1199

static void

-

1200

dtls1_fix_message_header(SSL *s, size_t frag_off, size_t frag_len)

-

1201

{

-

1202

struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;

-

1203

-

1204

msg_hdr->frag_off = frag_off;

-

1205

msg_hdr->frag_len = frag_len;

-

1206

}

executed 3668 times by 1 test: end of block

Executed by:

libssl.so.1.1

3668

1207

-

1208

static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p)

-

1209

{

-

1210

struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;

-

1211

-

1212

*p++ = msg_hdr->type;

-

1213

l2n3(msg_hdr->msg_len, p);

-

1214

-

1215

s2n(msg_hdr->seq, p);

-

1216

l2n3(msg_hdr->frag_off, p);

-

1217

l2n3(msg_hdr->frag_len, p);

-

1218

-

1219

return p;

executed 2651 times by 1 test: return p;

Executed by:

libssl.so.1.1

2651

1220

}

-

1221

-

1222

void dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)

-

1223

{

-

1224

memset(msg_hdr, 0, sizeof(*msg_hdr));

-

1225

msg_hdr->type = *(data++);

-

1226

n2l3(data, msg_hdr->msg_len);

-

1227

-

1228

n2s(data, msg_hdr->seq);

-

1229

n2l3(data, msg_hdr->frag_off);

-

1230

n2l3(data, msg_hdr->frag_len);

-

1231

}

executed 2579 times by 1 test: end of block

Executed by:

libssl.so.1.1

2579

1232

-

1233

int dtls1_set_handshake_header(SSL *s, WPACKET *pkt, int htype)

-

1234

{

-

1235

unsigned char *header;

-

1236

-

1237

if (htype == SSL3_MT_CHANGE_CIPHER_SPEC) {

htype == 0x0101	Description
TRUE	evaluated 359 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1532 times by 1 test Evaluated by: libssl.so.1.1

359-1532

1238

s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;

-

1239

dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,

-

1240

s->d1->handshake_write_seq, 0, 0);

-

1241

if (!WPACKET_put_bytes_u8(pkt, SSL3_MT_CCS))

!WPACKET_put_b...(pkt), (1), 1)	Description
TRUE	never evaluated
FALSE	evaluated 359 times by 1 test Evaluated by: libssl.so.1.1

0-359

1242

return 0;

never executed: return 0;

0

1243

} else {

executed 359 times by 1 test: end of block

Executed by:

libssl.so.1.1

359

1244

dtls1_set_message_header(s, htype, 0, 0, 0);

-

1245

/*

-

1246

* We allocate space at the start for the message header. This gets

-

1247

* filled in later

-

1248

*/

-

1249

if (!WPACKET_allocate_bytes(pkt, DTLS1_HM_HEADER_LENGTH, &header)

!WPACKET_alloc..., 12, &header)	Description
TRUE	never evaluated
FALSE	evaluated 1532 times by 1 test Evaluated by: libssl.so.1.1

0-1532

1250

|| !WPACKET_start_sub_packet(pkt))

!WPACKET_start_sub_packet(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 1532 times by 1 test Evaluated by: libssl.so.1.1

0-1532

1251

return 0;

never executed: return 0;

0

1252

}

executed 1532 times by 1 test: end of block

Executed by:

libssl.so.1.1

1532

1253

-

1254

return 1;

executed 1891 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1891

1255

}

-

1256

-

1257

int dtls1_close_construct_packet(SSL *s, WPACKET *pkt, int htype)

-

1258

{

-

1259

size_t msglen;

-

1260

-

1261

if ((htype != SSL3_MT_CHANGE_CIPHER_SPEC && !WPACKET_close(pkt))

htype != 0x0101	Description
TRUE	evaluated 1532 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 359 times by 1 test Evaluated by: libssl.so.1.1

!WPACKET_close(pkt)	Description
TRUE	never evaluated
FALSE	evaluated 1532 times by 1 test Evaluated by: libssl.so.1.1

0-1532

1262

|| !WPACKET_get_length(pkt, &msglen)

!WPACKET_get_l...(pkt, &msglen)	Description
TRUE	never evaluated
FALSE	evaluated 1891 times by 1 test Evaluated by: libssl.so.1.1

0-1891

1263

|| msglen > INT_MAX)

msglen > 0x7fffffff	Description
TRUE	never evaluated
FALSE	evaluated 1891 times by 1 test Evaluated by: libssl.so.1.1

0-1891

1264

return 0;

never executed: return 0;

0

1265

-

1266

if (htype != SSL3_MT_CHANGE_CIPHER_SPEC) {

htype != 0x0101	Description
TRUE	evaluated 1532 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 359 times by 1 test Evaluated by: libssl.so.1.1

359-1532

1267

s->d1->w_msg_hdr.msg_len = msglen - DTLS1_HM_HEADER_LENGTH;

-

1268

s->d1->w_msg_hdr.frag_len = msglen - DTLS1_HM_HEADER_LENGTH;

-

1269

}

executed 1532 times by 1 test: end of block

Executed by:

libssl.so.1.1

1532

1270

s->init_num = (int)msglen;

-

1271

s->init_off = 0;

-

1272

-

1273

if (htype != DTLS1_MT_HELLO_VERIFY_REQUEST) {

htype != 3	Description
TRUE	evaluated 1891 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1891

1274

/* Buffer the message to handle re-xmits */

-

1275

if (!dtls1_buffer_message(s, htype == SSL3_MT_CHANGE_CIPHER_SPEC

!dtls1_buffer_...x0101 ? 1 : 0)	Description
TRUE	never evaluated
FALSE	evaluated 1891 times by 1 test Evaluated by: libssl.so.1.1

0-1891

1276

? 1 : 0))

!dtls1_buffer_...x0101 ? 1 : 0)	Description
TRUE	never evaluated
FALSE	evaluated 1891 times by 1 test Evaluated by: libssl.so.1.1

0-1891

1277

return 0;

never executed: return 0;

0

1278

}

executed 1891 times by 1 test: end of block

Executed by:

libssl.so.1.1

1891

1279

-

1280

return 1;

executed 1891 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1891

1281

}

-