OpenCoverage

d1_lib.c

Absolute File Name:

/home/opencoverage/opencoverage/guest-scripts/openssl/src/ssl/d1_lib.c

Source code

Switch to Preprocessed file

Line Source Count

1 /* -

3 * -

4 * Licensed under the OpenSSL license (the "License"). You may not use -

5 * this file except in compliance with the License. You can obtain a copy -

6 * in the file LICENSE in the source distribution or at -

7 * https://www.openssl.org/source/license.html -

8 */ -

9 -

10 #include "e_os.h" -

11 #include <stdio.h> -

12 #include <openssl/objects.h> -

13 #include <openssl/rand.h> -

14 #include "ssl_locl.h" -

15 -

16 static void get_current_time(struct timeval *t); -

17 static int dtls1_handshake_write(SSL *s); -

18 static size_t dtls1_link_min_mtu(void); -

19 -

20 /* XDTLS: figure out the right values */ -

21 static const size_t g_probable_mtu[] = { 1500, 512, 256 }; -

22 -

23 const SSL3_ENC_METHOD DTLSv1_enc_data = { -

24 tls1_enc, -

25 tls1_mac, -

26 tls1_setup_key_block, -

27 tls1_generate_master_secret, -

28 tls1_change_cipher_state, -

29 tls1_final_finish_mac, -

30 TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE, -

31 TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE, -

32 tls1_alert_code, -

33 tls1_export_keying_material, -

34 SSL_ENC_FLAG_DTLS | SSL_ENC_FLAG_EXPLICIT_IV, -

35 dtls1_set_handshake_header, -

36 dtls1_close_construct_packet, -

37 dtls1_handshake_write -

38 }; -

39 -

40 const SSL3_ENC_METHOD DTLSv1_2_enc_data = { -

41 tls1_enc, -

42 tls1_mac, -

43 tls1_setup_key_block, -

44 tls1_generate_master_secret, -

45 tls1_change_cipher_state, -

46 tls1_final_finish_mac, -

47 TLS_MD_CLIENT_FINISH_CONST, TLS_MD_CLIENT_FINISH_CONST_SIZE, -

48 TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE, -

49 tls1_alert_code, -

50 tls1_export_keying_material, -

51 SSL_ENC_FLAG_DTLS | SSL_ENC_FLAG_EXPLICIT_IV | SSL_ENC_FLAG_SIGALGS -

52 | SSL_ENC_FLAG_SHA256_PRF | SSL_ENC_FLAG_TLS1_2_CIPHERS, -

53 dtls1_set_handshake_header, -

54 dtls1_close_construct_packet, -

55 dtls1_handshake_write -

56 }; -

57 -

58 long dtls1_default_timeout(void) -

59 { -

60 /* -

61 * 2 hours, the 24 hours mentioned in the DTLSv1 spec is way too long for -

62 * http, the cache would over fill -

63 */ -

return (60 * 60 * 2);

executed 305 times by 1 test: return (60 * 60 * 2);

Executed by:

libssl.so.1.1

305

65 } -

66 -

67 int dtls1_new(SSL *s) -

68 { -

69 DTLS1_STATE *d1; -

70 -

if (!DTLS_RECORD_LAYER_new(&s->rlayer)) {

!DTLS_RECORD_L...ew(&s->rlayer)	Description
TRUE	never evaluated
FALSE	evaluated 373 times by 1 test Evaluated by: libssl.so.1.1

0-373

return 0;

never executed: return 0;

73 } -

74 -

if (!ssl3_new(s))

!ssl3_new(s)	Description
TRUE	never evaluated
FALSE	evaluated 373 times by 1 test Evaluated by: libssl.so.1.1

0-373

return 0;

never executed: return 0;

if ((d1 = OPENSSL_zalloc(sizeof(*d1))) == NULL) {

(d1 = CRYPTO_z...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 373 times by 1 test Evaluated by: libssl.so.1.1

0-373

78 ssl3_free(s); -

return 0;

never executed: return 0;

80 } -

81 -

82 d1->buffered_messages = pqueue_new(); -

83 d1->sent_messages = pqueue_new(); -

84 -

if (s->server) {

s->server	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 372 times by 1 test Evaluated by: libssl.so.1.1

1-372

86 d1->cookie_len = sizeof(s->d1->cookie); -

}

executed 1 time by 1 test: end of block

Executed by:

libssl.so.1.1

88 -

89 d1->link_mtu = 0; -

90 d1->mtu = 0; -

91 -

if (d1->buffered_messages == NULL || d1->sent_messages == NULL) {

d1->buffered_m...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 373 times by 1 test Evaluated by: libssl.so.1.1

d1->sent_messa...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 373 times by 1 test Evaluated by: libssl.so.1.1

0-373

93 pqueue_free(d1->buffered_messages); -

94 pqueue_free(d1->sent_messages); -

95 OPENSSL_free(d1); -

96 ssl3_free(s); -

return 0;

never executed: return 0;

98 } -

99 -

100 s->d1 = d1; -

101 -

102

if (!s->method->ssl_clear(s))

!s->method->ssl_clear(s)	Description
TRUE	never evaluated
FALSE	evaluated 373 times by 1 test Evaluated by: libssl.so.1.1

0-373

103

return 0;

never executed: return 0;

104 -

105

return 1;

executed 373 times by 1 test: return 1;

Executed by:

libssl.so.1.1

373

106 } -

107 -

108 static void dtls1_clear_queues(SSL *s) -

109 { -

110 dtls1_clear_received_buffer(s); -

111 dtls1_clear_sent_buffer(s); -

112

}

executed 1490 times by 1 test: end of block

Executed by:

libssl.so.1.1

1490

113 -

114 void dtls1_clear_received_buffer(SSL *s) -

115 { -

116 pitem *item = NULL; -

117 hm_fragment *frag = NULL; -

118 -

119

while ((item = pqueue_pop(s->d1->buffered_messages)) != NULL) {

(item = pqueue...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 2200 times by 1 test Evaluated by: libssl.so.1.1

0-2200

120 frag = (hm_fragment *)item->data; -

121 dtls1_hm_fragment_free(frag); -

122 pitem_free(item); -

123

}

never executed: end of block

124

}

executed 2200 times by 1 test: end of block

Executed by:

libssl.so.1.1

2200

125 -

126 void dtls1_clear_sent_buffer(SSL *s) -

127 { -

128 pitem *item = NULL; -

129 hm_fragment *frag = NULL; -

130 -

131

while ((item = pqueue_pop(s->d1->sent_messages)) != NULL) {

(item = pqueue...!= ((void *)0)	Description
TRUE	evaluated 1891 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2319 times by 1 test Evaluated by: libssl.so.1.1

1891-2319

132 frag = (hm_fragment *)item->data; -

133 dtls1_hm_fragment_free(frag); -

134 pitem_free(item); -

135

}

executed 1891 times by 1 test: end of block

Executed by:

libssl.so.1.1

1891

136

}

executed 2319 times by 1 test: end of block

Executed by:

libssl.so.1.1

2319

137 -

138 -

139 void dtls1_free(SSL *s) -

140 { -

141 DTLS_RECORD_LAYER_free(&s->rlayer); -

142 -

143 ssl3_free(s); -

144 -

145 dtls1_clear_queues(s); -

146 -

147 pqueue_free(s->d1->buffered_messages); -

148 pqueue_free(s->d1->sent_messages); -

149 -

150 OPENSSL_free(s->d1); -

151 s->d1 = NULL; -

152

}

executed 373 times by 1 test: end of block

Executed by:

libssl.so.1.1

373

153 -

154 int dtls1_clear(SSL *s) -

155 { -

156 pqueue *buffered_messages; -

157 pqueue *sent_messages; -

158 size_t mtu; -

159 size_t link_mtu; -

160 -

161 DTLS_RECORD_LAYER_clear(&s->rlayer); -

162 -

163

if (s->d1) {

s->d1	Description
TRUE	evaluated 1117 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 373 times by 1 test Evaluated by: libssl.so.1.1

373-1117

164 DTLS_timer_cb timer_cb = s->d1->timer_cb; -

165 -

166 buffered_messages = s->d1->buffered_messages; -

167 sent_messages = s->d1->sent_messages; -

168 mtu = s->d1->mtu; -

169 link_mtu = s->d1->link_mtu; -

170 -

171 dtls1_clear_queues(s); -

172 -

173 memset(s->d1, 0, sizeof(*s->d1)); -

174 -

175 /* Restore the timer callback from previous state */ -

176 s->d1->timer_cb = timer_cb; -

177 -

178

if (s->server) {

s->server	Description
TRUE	evaluated 408 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 709 times by 1 test Evaluated by: libssl.so.1.1

408-709

179 s->d1->cookie_len = sizeof(s->d1->cookie); -

180

}

executed 408 times by 1 test: end of block

Executed by:

libssl.so.1.1

408

181 -

182

if (SSL_get_options(s) & SSL_OP_NO_QUERY_MTU) {

SSL_get_option... & 0x00001000U	Description
TRUE	never evaluated
FALSE	evaluated 1117 times by 1 test Evaluated by: libssl.so.1.1

0-1117

183 s->d1->mtu = mtu; -

184 s->d1->link_mtu = link_mtu; -

185

}

never executed: end of block

186 -

187 s->d1->buffered_messages = buffered_messages; -

188 s->d1->sent_messages = sent_messages; -

189

}

executed 1117 times by 1 test: end of block

Executed by:

libssl.so.1.1

1117

190 -

191

if (!ssl3_clear(s))

!ssl3_clear(s)	Description
TRUE	never evaluated
FALSE	evaluated 1490 times by 1 test Evaluated by: libssl.so.1.1

0-1490

192

return 0;

never executed: return 0;

193 -

194

if (s->method->version == DTLS_ANY_VERSION)

s->method->version == 0x1FFFF	Description
TRUE	evaluated 1490 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-1490

195

s->version = DTLS_MAX_VERSION;

executed 1490 times by 1 test: s->version = 0xFEFD;

Executed by:

libssl.so.1.1

1490

196 #ifndef OPENSSL_NO_DTLS1_METHOD -

197

else if (s->options & SSL_OP_CISCO_ANYCONNECT)

s->options & 0x00008000U	Description
TRUE	never evaluated
FALSE	never evaluated

198

s->client_version = s->version = DTLS1_BAD_VER;

never executed: s->client_version = s->version = 0x0100;

199 #endif -

200 else -

201

s->version = s->method->version;

never executed: s->version = s->method->version;

202 -

203

return 1;

executed 1490 times by 1 test: return 1;

Executed by:

libssl.so.1.1

1490

204 } -

205 -

206 long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg) -

207 { -

208 int ret = 0; -

209 -

210 switch (cmd) { -

211

case DTLS_CTRL_GET_TIMEOUT:

never executed: case 73:

212

if (dtls1_get_timeout(s, (struct timeval *)parg) != NULL) {

dtls1_get_time...!= ((void *)0)	Description
TRUE	never evaluated
FALSE	never evaluated

213 ret = 1; -

214

}

never executed: end of block

215

break;

never executed: break;

216

case DTLS_CTRL_HANDLE_TIMEOUT:

executed 102 times by 1 test: case 74:

Executed by:

libssl.so.1.1

102

217 ret = dtls1_handle_timeout(s); -

218

break;

executed 102 times by 1 test: break;

Executed by:

libssl.so.1.1

102

219

case DTLS_CTRL_SET_LINK_MTU:

never executed: case 120:

220

if (larg < (long)dtls1_link_min_mtu())

larg < (long)d...link_min_mtu()	Description
TRUE	never evaluated
FALSE	never evaluated

221

return 0;

never executed: return 0;

222 s->d1->link_mtu = larg; -

223

return 1;

never executed: return 1;

224

case DTLS_CTRL_GET_LINK_MIN_MTU:

never executed: case 121:

225

return (long)dtls1_link_min_mtu();

never executed: return (long)dtls1_link_min_mtu();

226

case SSL_CTRL_SET_MTU:

executed 837 times by 1 test: case 17:

Executed by:

libssl.so.1.1

837

227 /* -

228 * We may not have a BIO set yet so can't call dtls1_min_mtu() -

229 * We'll have to make do with dtls1_link_min_mtu() and max overhead -

230 */ -

231

if (larg < (long)dtls1_link_min_mtu() - DTLS1_MAX_MTU_OVERHEAD)

larg < (long)d...min_mtu() - 48	Description
TRUE	never evaluated
FALSE	evaluated 837 times by 1 test Evaluated by: libssl.so.1.1

0-837

232

return 0;

never executed: return 0;

233 s->d1->mtu = larg; -

234

return larg;

executed 837 times by 1 test: return larg;

Executed by:

libssl.so.1.1

837

235

default:

executed 361 times by 1 test: default:

Executed by:

libssl.so.1.1

361

236 ret = ssl3_ctrl(s, cmd, larg, parg); -

237

break;

executed 361 times by 1 test: break;

Executed by:

libssl.so.1.1

361

238 } -

239

return ret;

executed 463 times by 1 test: return ret;

Executed by:

libssl.so.1.1

463

240 } -

241 -

242 void dtls1_start_timer(SSL *s) -

243 { -

244 unsigned int sec, usec; -

245 -

246 #ifndef OPENSSL_NO_SCTP -

247 /* Disable timer for SCTP */ -

248 if (BIO_dgram_is_sctp(SSL_get_wbio(s))) { -

249 memset(&s->d1->next_timeout, 0, sizeof(s->d1->next_timeout)); -

250 return; -

251 } -

252 #endif -

253 -

254 /* -

255 * If timer is not set, initialize duration with 1 second or -

256 * a user-specified value if the timer callback is installed. -

257 */ -

258

if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0) {

s->d1->next_ti...ut.tv_sec == 0	Description
TRUE	evaluated 721 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 858 times by 1 test Evaluated by: libssl.so.1.1

s->d1->next_ti...t.tv_usec == 0	Description
TRUE	evaluated 721 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-858

259 -

260

if (s->d1->timer_cb != NULL)

s->d1->timer_cb != ((void *)0)	Description
TRUE	evaluated 93 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 628 times by 1 test Evaluated by: libssl.so.1.1

93-628

261

s->d1->timeout_duration_us = s->d1->timer_cb(s, 0);

executed 93 times by 1 test: s->d1->timeout_duration_us = s->d1->timer_cb(s, 0);

Executed by:

libssl.so.1.1

262 else -

263

s->d1->timeout_duration_us = 1000000;

executed 628 times by 1 test: s->d1->timeout_duration_us = 1000000;

Executed by:

libssl.so.1.1

628

264 } -

265 -

266 /* Set timeout to current time */ -

267 get_current_time(&(s->d1->next_timeout)); -

268 -

269 /* Add duration to current time */ -

270 -

271 sec = s->d1->timeout_duration_us / 1000000; -

272 usec = s->d1->timeout_duration_us - (sec * 1000000); -

273 -

274 s->d1->next_timeout.tv_sec += sec; -

275 s->d1->next_timeout.tv_usec += usec; -

276 -

277

if (s->d1->next_timeout.tv_usec >= 1000000) {

s->d1->next_ti...sec >= 1000000	Description
TRUE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1571 times by 1 test Evaluated by: libssl.so.1.1

8-1571

278 s->d1->next_timeout.tv_sec++; -

279 s->d1->next_timeout.tv_usec -= 1000000; -

280

}

executed 8 times by 1 test: end of block

Executed by:

libssl.so.1.1

281 -

282 BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0, -

283 &(s->d1->next_timeout)); -

284

}

executed 1579 times by 1 test: end of block

Executed by:

libssl.so.1.1

1579

285 -

286 struct timeval *dtls1_get_timeout(SSL *s, struct timeval *timeleft) -

287 { -

288 struct timeval timenow; -

289 -

290 /* If no timeout is set, just return NULL */ -

291

if (s->d1->next_timeout.tv_sec == 0 && s->d1->next_timeout.tv_usec == 0) {

s->d1->next_ti...ut.tv_sec == 0	Description
TRUE	evaluated 1284 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 7067 times by 1 test Evaluated by: libssl.so.1.1

s->d1->next_ti...t.tv_usec == 0	Description
TRUE	evaluated 1284 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-7067

292

return NULL;

executed 1284 times by 1 test: return ((void *)0) ;

Executed by:

libssl.so.1.1

1284

293 } -

294 -

295 /* Get current time */ -

296 get_current_time(&timenow); -

297 -

298 /* If timer already expired, set remaining time to 0 */ -

299

if (s->d1->next_timeout.tv_sec < timenow.tv_sec ||

s->d1->next_ti...timenow.tv_sec	Description
TRUE	never evaluated
FALSE	evaluated 7067 times by 1 test Evaluated by: libssl.so.1.1

0-7067

300

(s->d1->next_timeout.tv_sec == timenow.tv_sec &&

s->d1->next_ti...timenow.tv_sec	Description
TRUE	evaluated 1813 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 5254 times by 1 test Evaluated by: libssl.so.1.1

1813-5254

301

s->d1->next_timeout.tv_usec <= timenow.tv_usec)) {

s->d1->next_ti...imenow.tv_usec	Description
TRUE	evaluated 45 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1768 times by 1 test Evaluated by: libssl.so.1.1

45-1768

302 memset(timeleft, 0, sizeof(*timeleft)); -

303

return timeleft;

executed 45 times by 1 test: return timeleft;

Executed by:

libssl.so.1.1

304 } -

305 -

306 /* Calculate time left until timer expires */ -

307 memcpy(timeleft, &(s->d1->next_timeout), sizeof(struct timeval)); -

308 timeleft->tv_sec -= timenow.tv_sec; -

309 timeleft->tv_usec -= timenow.tv_usec; -

310

if (timeleft->tv_usec < 0) {

timeleft->tv_usec < 0	Description
TRUE	evaluated 5254 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1768 times by 1 test Evaluated by: libssl.so.1.1

1768-5254

311 timeleft->tv_sec--; -

312 timeleft->tv_usec += 1000000; -

313

}

executed 5254 times by 1 test: end of block

Executed by:

libssl.so.1.1

5254

314 -

315 /* -

316 * If remaining time is less than 15 ms, set it to 0 to prevent issues -

317 * because of small divergences with socket timeouts. -

318 */ -

319

if (timeleft->tv_sec == 0 && timeleft->tv_usec < 15000) {

timeleft->tv_sec == 0	Description
TRUE	evaluated 7022 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

timeleft->tv_usec < 15000	Description
TRUE	never evaluated
FALSE	evaluated 7022 times by 1 test Evaluated by: libssl.so.1.1

0-7022

320 memset(timeleft, 0, sizeof(*timeleft)); -

321

}

never executed: end of block

322 -

323

return timeleft;

executed 7022 times by 1 test: return timeleft;

Executed by:

libssl.so.1.1

7022

324 } -

325 -

326 int dtls1_is_timer_expired(SSL *s) -

327 { -

328 struct timeval timeleft; -

329 -

330 /* Get time left until timeout, return false if no timer running */ -

331

if (dtls1_get_timeout(s, &timeleft) == NULL) {

dtls1_get_time...== ((void *)0)	Description
TRUE	evaluated 1284 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 7067 times by 1 test Evaluated by: libssl.so.1.1

1284-7067

332

return 0;

executed 1284 times by 1 test: return 0;

Executed by:

libssl.so.1.1

1284

333 } -

334 -

335 /* Return false if timer is not expired yet */ -

336

if (timeleft.tv_sec > 0 || timeleft.tv_usec > 0) {

timeleft.tv_sec > 0	Description
TRUE	never evaluated
FALSE	evaluated 7067 times by 1 test Evaluated by: libssl.so.1.1

timeleft.tv_usec > 0	Description
TRUE	evaluated 7022 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 45 times by 1 test Evaluated by: libssl.so.1.1

0-7067

337

return 0;

executed 7022 times by 1 test: return 0;

Executed by:

libssl.so.1.1

7022

338 } -

339 -

340 /* Timer expired, so return true */ -

341

return 1;

executed 45 times by 1 test: return 1;

Executed by:

libssl.so.1.1

342 } -

343 -

344 void dtls1_double_timeout(SSL *s) -

345 { -

346 s->d1->timeout_duration_us *= 2; -

347

if (s->d1->timeout_duration_us > 60000000)

s->d1->timeout..._us > 60000000	Description
TRUE	never evaluated
FALSE	never evaluated

348

s->d1->timeout_duration_us = 60000000;

never executed: s->d1->timeout_duration_us = 60000000;

349 dtls1_start_timer(s); -

350

}

never executed: end of block

351 -

352 void dtls1_stop_timer(SSL *s) -

353 { -

354 /* Reset everything */ -

355 memset(&s->d1->timeout, 0, sizeof(s->d1->timeout)); -

356 memset(&s->d1->next_timeout, 0, sizeof(s->d1->next_timeout)); -

357 s->d1->timeout_duration_us = 1000000; -

358 BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0, -

359 &(s->d1->next_timeout)); -

360 /* Clear retransmission buffer */ -

361 dtls1_clear_sent_buffer(s); -

362

}

executed 826 times by 1 test: end of block

Executed by:

libssl.so.1.1

826

363 -

364 int dtls1_check_timeout_num(SSL *s) -

365 { -

366 size_t mtu; -

367 -

368 s->d1->timeout.num_alerts++; -

369 -

370 /* Reduce MTU after 2 unsuccessful retransmissions */ -

371

if (s->d1->timeout.num_alerts > 2

s->d1->timeout.num_alerts > 2	Description
TRUE	never evaluated
FALSE	evaluated 51 times by 1 test Evaluated by: libssl.so.1.1

0-51

372

&& !(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {

!(SSL_get_opti...& 0x00001000U)	Description
TRUE	never evaluated
FALSE	never evaluated

373 mtu = -

374 BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_FALLBACK_MTU, 0, NULL); -

375

if (mtu < s->d1->mtu)

mtu < s->d1->mtu	Description
TRUE	never evaluated
FALSE	never evaluated

376

s->d1->mtu = mtu;

never executed: s->d1->mtu = mtu;

377

}

never executed: end of block

378 -

379

if (s->d1->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT) {

s->d1->timeout.num_alerts > 12	Description
TRUE	never evaluated
FALSE	evaluated 51 times by 1 test Evaluated by: libssl.so.1.1

0-51

380 /* fail the connection, enough alerts have been sent */ -

381 SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_DTLS1_CHECK_TIMEOUT_NUM, -

382 SSL_R_READ_TIMEOUT_EXPIRED); -

383

return -1;

never executed: return -1;

384 } -

385 -

386

return 0;

executed 51 times by 1 test: return 0;

Executed by:

libssl.so.1.1

387 } -

388 -

389 int dtls1_handle_timeout(SSL *s) -

390 { -

391 /* if no timer is expired, don't do anything */ -

392

if (!dtls1_is_timer_expired(s)) {

!dtls1_is_timer_expired(s)	Description
TRUE	evaluated 7102 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 45 times by 1 test Evaluated by: libssl.so.1.1

45-7102

393

return 0;

executed 7102 times by 1 test: return 0;

Executed by:

libssl.so.1.1

7102

394 } -

395 -

396

if (s->d1->timer_cb != NULL)

s->d1->timer_cb != ((void *)0)	Description
TRUE	evaluated 45 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-45

397

s->d1->timeout_duration_us = s->d1->timer_cb(s, s->d1->timeout_duration_us);

executed 45 times by 1 test: s->d1->timeout_duration_us = s->d1->timer_cb(s, s->d1->timeout_duration_us);

Executed by:

libssl.so.1.1

398 else -

399

dtls1_double_timeout(s);

never executed: dtls1_double_timeout(s);

400 -

401

if (dtls1_check_timeout_num(s) < 0) {

dtls1_check_timeout_num(s) < 0	Description
TRUE	never evaluated
FALSE	evaluated 45 times by 1 test Evaluated by: libssl.so.1.1

0-45

402 /* SSLfatal() already called */ -

403

return -1;

never executed: return -1;

404 } -

405 -

406 s->d1->timeout.read_timeouts++; -

407

if (s->d1->timeout.read_timeouts > DTLS1_TMO_READ_COUNT) {

s->d1->timeout...d_timeouts > 2	Description
TRUE	never evaluated
FALSE	evaluated 45 times by 1 test Evaluated by: libssl.so.1.1

0-45

408 s->d1->timeout.read_timeouts = 1; -

409

}

never executed: end of block

410 -

411 dtls1_start_timer(s); -

412 /* Calls SSLfatal() if required */ -

413

return dtls1_retransmit_buffered_messages(s);

executed 45 times by 1 test: return dtls1_retransmit_buffered_messages(s);

Executed by:

libssl.so.1.1

414 } -

415 -

416 static void get_current_time(struct timeval *t) -

417 { -

418 #if defined(_WIN32) -

419 SYSTEMTIME st; -

420 union { -

421 unsigned __int64 ul; -

422 FILETIME ft; -

423 } now; -

424 -

425 GetSystemTime(&st); -

426 SystemTimeToFileTime(&st, &now.ft); -

427 /* re-bias to 1/1/1970 */ -

428 # ifdef __MINGW32__ -

429 now.ul -= 116444736000000000ULL; -

430 # else -

431 /* *INDENT-OFF* */ -

432 now.ul -= 116444736000000000UI64; -

433 /* *INDENT-ON* */ -

434 # endif -

435 t->tv_sec = (long)(now.ul / 10000000); -

436 t->tv_usec = ((int)(now.ul % 10000000)) / 10; -

437 #else -

438 gettimeofday(t, NULL); -

439 #endif -

440

}

executed 8646 times by 1 test: end of block

Executed by:

libssl.so.1.1

8646

441 -

442 #define LISTEN_SUCCESS 2 -

443 #define LISTEN_SEND_VERIFY_REQUEST 1 -

444 -

445 #ifndef OPENSSL_NO_SOCK -

446 int DTLSv1_listen(SSL *s, BIO_ADDR *client) -

447 { -

448 int next, n, ret = 0, clearpkt = 0; -

449 unsigned char cookie[DTLS1_COOKIE_LENGTH]; -

450 unsigned char seq[SEQ_NUM_SIZE]; -

451 const unsigned char *data; -

452 unsigned char *buf; -

453 size_t fragoff, fraglen, msglen; -

454 unsigned int rectype, versmajor, msgseq, msgtype, clientvers, cookielen; -

455 BIO *rbio, *wbio; -

456 BUF_MEM *bufm; -

457 BIO_ADDR *tmpclient = NULL; -

458 PACKET pkt, msgpkt, msgpayload, session, cookiepkt; -

459 -

460

if (s->handshake_func == NULL) {

s->handshake_f...== ((void *)0)	Description
TRUE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-9

461 /* Not properly initialized yet */ -

462 SSL_set_accept_state(s); -

463

}

executed 9 times by 1 test: end of block

Executed by:

libssl.so.1.1

464 -

465 /* Ensure there is no state left over from a previous invocation */ -

466

if (!SSL_clear(s))

!SSL_clear(s)	Description
TRUE	never evaluated
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

0-9

467

return -1;

never executed: return -1;

468 -

469 ERR_clear_error(); -

470 -

471 rbio = SSL_get_rbio(s); -

472 wbio = SSL_get_wbio(s); -

473 -

474

if (!rbio || !wbio) {

!rbio	Description
TRUE	never evaluated
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

!wbio	Description
TRUE	never evaluated
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

0-9

475 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_BIO_NOT_SET); -

476

return -1;

never executed: return -1;

477 } -

478 -

479 /* -

480 * We only peek at incoming ClientHello's until we're sure we are going to -

481 * to respond with a HelloVerifyRequest. If its a ClientHello with a valid -

482 * cookie then we leave it in the BIO for accept to handle. -

483 */ -

484 BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_PEEK_MODE, 1, NULL); -

485 -

486 /* -

487 * Note: This check deliberately excludes DTLS1_BAD_VER because that version -

488 * requires the MAC to be calculated *including* the first ClientHello -

489 * (without the cookie). Since DTLSv1_listen is stateless that cannot be -

490 * supported. DTLS1_BAD_VER must use cookies in a stateful manner (e.g. via -

491 * SSL_accept) -

492 */ -

493

if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00)) {

(s->version & ...FEFF & 0xff00)	Description
TRUE	never evaluated
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

0-9

494 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_UNSUPPORTED_SSL_VERSION); -

495

return -1;

never executed: return -1;

496 } -

497 -

498

if (s->init_buf == NULL) {

s->init_buf == ((void *)0)	Description
TRUE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-9

499

if ((bufm = BUF_MEM_new()) == NULL) {

(bufm = BUF_ME...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

0-9

500 SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_MALLOC_FAILURE); -

501

return -1;

never executed: return -1;

502 } -

503 -

504

if (!BUF_MEM_grow(bufm, SSL3_RT_MAX_PLAIN_LENGTH)) {

!BUF_MEM_grow(bufm, 16384)	Description
TRUE	never evaluated
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

0-9

505 BUF_MEM_free(bufm); -

506 SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_MALLOC_FAILURE); -

507

return -1;

never executed: return -1;

508 } -

509 s->init_buf = bufm; -

510

}

executed 9 times by 1 test: end of block

Executed by:

libssl.so.1.1

511 buf = (unsigned char *)s->init_buf->data; -

512 -

513 do { -

514 /* Get a packet */ -

515 -

516 clear_sys_error(); -

517 /* -

518 * Technically a ClientHello could be SSL3_RT_MAX_PLAIN_LENGTH -

519 * + DTLS1_RT_HEADER_LENGTH bytes long. Normally init_buf does not store -

520 * the record header as well, but we do here. We've set up init_buf to -

521 * be the standard size for simplicity. In practice we shouldn't ever -

522 * receive a ClientHello as long as this. If we do it will get dropped -

523 * in the record length check below. -

524 */ -

525 n = BIO_read(rbio, buf, SSL3_RT_MAX_PLAIN_LENGTH); -

526 -

527

if (n <= 0) {

n <= 0	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

3-9

528

if (BIO_should_retry(rbio)) {

BIO_test_flags(rbio, 0x08)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-3

529 /* Non-blocking IO */ -

530

goto end;

executed 3 times by 1 test: goto end;

Executed by:

libssl.so.1.1

531 } -

532

return -1;

never executed: return -1;

533 } -

534 -

535 /* If we hit any problems we need to clear this packet from the BIO */ -

536 clearpkt = 1; -

537 -

538

if (!PACKET_buf_init(&pkt, buf, n)) {

!PACKET_buf_init(&pkt, buf, n)	Description
TRUE	never evaluated
FALSE	evaluated 9 times by 1 test Evaluated by: libssl.so.1.1

0-9

539 SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_INTERNAL_ERROR); -

540

return -1;

never executed: return -1;

541 } -

542 -

543 /* -

544 * Parse the received record. If there are any problems with it we just -

545 * dump it - with no alert. RFC6347 says this "Unlike TLS, DTLS is -

546 * resilient in the face of invalid records (e.g., invalid formatting, -

547 * length, MAC, etc.). In general, invalid records SHOULD be silently -

548 * discarded, thus preserving the association; however, an error MAY be -

549 * logged for diagnostic purposes." -

550 */ -

551 -

552 /* this packet contained a partial record, dump it */ -

553

if (n < DTLS1_RT_HEADER_LENGTH) {

n < 13	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

1-8

554 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_RECORD_TOO_SMALL); -

555

goto end;

executed 1 time by 1 test: goto end;

Executed by:

libssl.so.1.1

556 } -

557 -

558

if (s->msg_callback)

s->msg_callback	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

559

s->msg_callback(0, 0, SSL3_RT_HEADER, buf,

never executed: s->msg_callback(0, 0, 0x100, buf, 13, s, s->msg_callback_arg);

560

DTLS1_RT_HEADER_LENGTH, s, s->msg_callback_arg);

never executed: s->msg_callback(0, 0, 0x100, buf, 13, s, s->msg_callback_arg);

561 -

562 /* Get the record header */ -

563

if (!PACKET_get_1(&pkt, &rectype)

!PACKET_get_1(&pkt, &rectype)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

564

|| !PACKET_get_1(&pkt, &versmajor)) {

!PACKET_get_1(...t, &versmajor)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

565 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_LENGTH_MISMATCH); -

566

goto end;

never executed: goto end;

567 } -

568 -

569

if (rectype != SSL3_RT_HANDSHAKE) {

rectype != 22	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

570 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_UNEXPECTED_MESSAGE); -

571

goto end;

never executed: goto end;

572 } -

573 -

574 /* -

575 * Check record version number. We only check that the major version is -

576 * the same. -

577 */ -

578

if (versmajor != DTLS1_VERSION_MAJOR) {

versmajor != 0xFE	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

579 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_BAD_PROTOCOL_VERSION_NUMBER); -

580

goto end;

never executed: goto end;

581 } -

582 -

583

if (!PACKET_forward(&pkt, 1)

!PACKET_forward(&pkt, 1)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

584 /* Save the sequence number: 64 bits, with top 2 bytes = epoch */ -

585

|| !PACKET_copy_bytes(&pkt, seq, SEQ_NUM_SIZE)

!PACKET_copy_b...(&pkt, seq, 8)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

586

|| !PACKET_get_length_prefixed_2(&pkt, &msgpkt)) {

!PACKET_get_le...&pkt, &msgpkt)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

587 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_LENGTH_MISMATCH); -

588

goto end;

never executed: goto end;

589 } -

590 /* -

591 * We allow data remaining at the end of the packet because there could -

592 * be a second record (but we ignore it) -

593 */ -

594 -

595 /* This is an initial ClientHello so the epoch has to be 0 */ -

596

if (seq[0] != 0 || seq[1] != 0) {

seq[0] != 0	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

seq[1] != 0	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

597 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_UNEXPECTED_MESSAGE); -

598

goto end;

never executed: goto end;

599 } -

600 -

601 /* Get a pointer to the raw message for the later callback */ -

602 data = PACKET_data(&msgpkt); -

603 -

604 /* Finished processing the record header, now process the message */ -

605

if (!PACKET_get_1(&msgpkt, &msgtype)

!PACKET_get_1(...pkt, &msgtype)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

606

|| !PACKET_get_net_3_len(&msgpkt, &msglen)

!PACKET_get_ne...gpkt, &msglen)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

607

|| !PACKET_get_net_2(&msgpkt, &msgseq)

!PACKET_get_ne...gpkt, &msgseq)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

608

|| !PACKET_get_net_3_len(&msgpkt, &fragoff)

!PACKET_get_ne...pkt, &fragoff)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

609

|| !PACKET_get_net_3_len(&msgpkt, &fraglen)

!PACKET_get_ne...pkt, &fraglen)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

610

|| !PACKET_get_sub_packet(&msgpkt, &msgpayload, fraglen)

!PACKET_get_su...load, fraglen)	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

611

|| PACKET_remaining(&msgpkt) != 0) {

PACKET_remaining(&msgpkt) != 0	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

612 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_LENGTH_MISMATCH); -

613

goto end;

never executed: goto end;

614 } -

615 -

616

if (msgtype != SSL3_MT_CLIENT_HELLO) {

msgtype != 1	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

617 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_UNEXPECTED_MESSAGE); -

618

goto end;

never executed: goto end;

619 } -

620 -

621 /* Message sequence number can only be 0 or 1 */ -

622

if (msgseq > 2) {

msgseq > 2	Description
TRUE	never evaluated
FALSE	evaluated 8 times by 1 test Evaluated by: libssl.so.1.1

0-8

623 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_INVALID_SEQUENCE_NUMBER); -

624

goto end;

never executed: goto end;

625 } -

626 -

627 /* -

628 * We don't support fragment reassembly for ClientHellos whilst -

629 * listening because that would require server side state (which is -

630 * against the whole point of the ClientHello/HelloVerifyRequest -

631 * mechanism). Instead we only look at the first ClientHello fragment -

632 * and require that the cookie must be contained within it. -

633 */ -

634

if (fragoff != 0 || fraglen > msglen) {

fragoff != 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1

fraglen > msglen	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1

0-7

635 /* Non initial ClientHello fragment (or bad fragment) */ -

636 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_FRAGMENTED_CLIENT_HELLO); -

637

goto end;

executed 1 time by 1 test: goto end;

Executed by:

libssl.so.1.1

638 } -

639 -

640

if (s->msg_callback)

s->msg_callback	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1

0-7

641

s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, data,

never executed: s->msg_callback(0, s->version, 22, data, fraglen + 12, s, s->msg_callback_arg);

642

fraglen + DTLS1_HM_HEADER_LENGTH, s,

never executed: s->msg_callback(0, s->version, 22, data, fraglen + 12, s, s->msg_callback_arg);

643

s->msg_callback_arg);

never executed: s->msg_callback(0, s->version, 22, data, fraglen + 12, s, s->msg_callback_arg);

644 -

645

if (!PACKET_get_net_2(&msgpayload, &clientvers)) {

!PACKET_get_ne..., &clientvers)	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1

0-7

646 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_LENGTH_MISMATCH); -

647

goto end;

never executed: goto end;

648 } -

649 -

650 /* -

651 * Verify client version is supported -

652 */ -

653

if (DTLS_VERSION_LT(clientvers, (unsigned int)s->method->version) &&

((clientvers) == 0x0100)	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1

((((clientvers...od->version)))	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1

0-7

654

s->method->version != DTLS_ANY_VERSION) {

s->method->version != 0x1FFFF	Description
TRUE	never evaluated
FALSE	never evaluated

655 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_WRONG_VERSION_NUMBER); -

656

goto end;

never executed: goto end;

657 } -

658 -

659

if (!PACKET_forward(&msgpayload, SSL3_RANDOM_SIZE)

!PACKET_forwar...sgpayload, 32)	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1

0-7

660

|| !PACKET_get_length_prefixed_1(&msgpayload, &session)

!PACKET_get_le...oad, &session)	Description
TRUE	never evaluated
FALSE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1

0-7

661

|| !PACKET_get_length_prefixed_1(&msgpayload, &cookiepkt)) {

!PACKET_get_le...d, &cookiepkt)	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 5 times by 1 test Evaluated by: libssl.so.1.1

2-5

662 /* -

663 * Could be malformed or the cookie does not fit within the initial -

664 * ClientHello fragment. Either way we can't handle it. -

665 */ -

666 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_LENGTH_MISMATCH); -

667

goto end;

executed 2 times by 1 test: goto end;

Executed by:

libssl.so.1.1

668 } -

669 -

670 /* -

671 * Check if we have a cookie or not. If not we need to send a -

672 * HelloVerifyRequest. -

673 */ -

674

if (PACKET_remaining(&cookiepkt) == 0) {

PACKET_remaini...ookiepkt) == 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

2-3

675 next = LISTEN_SEND_VERIFY_REQUEST; -

676

} else {

executed 2 times by 1 test: end of block

Executed by:

libssl.so.1.1

677 /* -

678 * We have a cookie, so lets check it. -

679 */ -

680

if (s->ctx->app_verify_cookie_cb == NULL) {

s->ctx->app_ve...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

681 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_NO_VERIFY_COOKIE_CALLBACK); -

682 /* This is fatal */ -

683

return -1;

never executed: return -1;

684 } -

685

if (s->ctx->app_verify_cookie_cb(s, PACKET_data(&cookiepkt),

s->ctx->app_ve...okiepkt)) == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

1-2

686

(unsigned int)PACKET_remaining(&cookiepkt)) == 0) {

s->ctx->app_ve...okiepkt)) == 0	Description
TRUE	evaluated 1 time by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

1-2

687 /* -

688 * We treat invalid cookies in the same was as no cookie as -

689 * per RFC6347 -

690 */ -

691 next = LISTEN_SEND_VERIFY_REQUEST; -

692

} else {

executed 1 time by 1 test: end of block

Executed by:

libssl.so.1.1

693 /* Cookie verification succeeded */ -

694 next = LISTEN_SUCCESS; -

695

}

executed 2 times by 1 test: end of block

Executed by:

libssl.so.1.1

696 } -

697 -

698

if (next == LISTEN_SEND_VERIFY_REQUEST) {

next == 1	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

2-3

699 WPACKET wpkt; -

700 unsigned int version; -

701 size_t wreclen; -

702 -

703 /* -

704 * There was no cookie in the ClientHello so we need to send a -

705 * HelloVerifyRequest. If this fails we do not worry about trying -

706 * to resend, we just drop it. -

707 */ -

708 -

709 /* -

710 * Dump the read packet, we don't need it any more. Ignore return -

711 * value -

712 */ -

713 BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_PEEK_MODE, 0, NULL); -

714 BIO_read(rbio, buf, SSL3_RT_MAX_PLAIN_LENGTH); -

715 BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_PEEK_MODE, 1, NULL); -

716 -

717 /* Generate the cookie */ -

718

if (s->ctx->app_gen_cookie_cb == NULL ||

s->ctx->app_ge...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

719

s->ctx->app_gen_cookie_cb(s, cookie, &cookielen) == 0 ||

s->ctx->app_ge...ookielen) == 0	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

720

cookielen > 255) {

cookielen > 255	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

721 SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_COOKIE_GEN_CALLBACK_FAILURE); -

722 /* This is fatal */ -

723

return -1;

never executed: return -1;

724 } -

725 -

726 /* -

727 * Special case: for hello verify request, client version 1.0 and we -

728 * haven't decided which version to use yet send back using version -

729 * 1.0 header: otherwise some clients will ignore it. -

730 */ -

731

version = (s->method->version == DTLS_ANY_VERSION) ? DTLS1_VERSION

(s->method->ve...on == 0x1FFFF)	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-3

732 : s->version; -

733 -

734 /* Construct the record and message headers */ -

735

if (!WPACKET_init(&wpkt, s->init_buf)

!WPACKET_init(..., s->init_buf)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

736

|| !WPACKET_put_bytes_u8(&wpkt, SSL3_RT_HANDSHAKE)

!WPACKET_put_b...pkt), (22), 1)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

737

|| !WPACKET_put_bytes_u16(&wpkt, version)

!WPACKET_put_b... (version), 2)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

738 /* -

739 * Record sequence number is always the same as in the -

740 * received ClientHello -

741 */ -

742

|| !WPACKET_memcpy(&wpkt, seq, SEQ_NUM_SIZE)

!WPACKET_memcpy(&wpkt, seq, 8)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

743 /* End of record, start sub packet for message */ -

744

|| !WPACKET_start_sub_packet_u16(&wpkt)

!WPACKET_start...__((&wpkt), 2)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

745 /* Message type */ -

746

|| !WPACKET_put_bytes_u8(&wpkt,

!WPACKET_put_b...wpkt), (3), 1)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

747 DTLS1_MT_HELLO_VERIFY_REQUEST) -

748 /* -

749 * Message length - doesn't follow normal TLS convention: -

750 * the length isn't the last thing in the message header. -

751 * We'll need to fill this in later when we know the -

752 * length. Set it to zero for now -

753 */ -

754

|| !WPACKET_put_bytes_u24(&wpkt, 0)

!WPACKET_put_b...wpkt), (0), 3)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

755 /* -

756 * Message sequence number is always 0 for a -

757 * HelloVerifyRequest -

758 */ -

759

|| !WPACKET_put_bytes_u16(&wpkt, 0)

!WPACKET_put_b...wpkt), (0), 2)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

760 /* -

761 * We never fragment a HelloVerifyRequest, so fragment -

762 * offset is 0 -

763 */ -

764

|| !WPACKET_put_bytes_u24(&wpkt, 0)

!WPACKET_put_b...wpkt), (0), 3)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

765 /* -

766 * Fragment length is the same as message length, but -

767 * this *is* the last thing in the message header so we -

768 * can just start a sub-packet. No need to come back -

769 * later for this one. -

770 */ -

771

|| !WPACKET_start_sub_packet_u24(&wpkt)

!WPACKET_start...__((&wpkt), 3)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

772 /* Create the actual HelloVerifyRequest body */ -

773

|| !dtls_raw_hello_verify_request(&wpkt, cookie, cookielen)

!dtls_raw_hell...ie, cookielen)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

774 /* Close message body */ -

775

|| !WPACKET_close(&wpkt)

!WPACKET_close(&wpkt)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

776 /* Close record body */ -

777

|| !WPACKET_close(&wpkt)

!WPACKET_close(&wpkt)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

778

|| !WPACKET_get_total_written(&wpkt, &wreclen)

!WPACKET_get_t...pkt, &wreclen)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

779

|| !WPACKET_finish(&wpkt)) {

!WPACKET_finish(&wpkt)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

780 SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_INTERNAL_ERROR); -

781 WPACKET_cleanup(&wpkt); -

782 /* This is fatal */ -

783

return -1;

never executed: return -1;

784 } -

785 -

786 /* -

787 * Fix up the message len in the message header. Its the same as the -

788 * fragment len which has been filled in by WPACKET, so just copy -

789 * that. Destination for the message len is after the record header -

790 * plus one byte for the message content type. The source is the -

791 * last 3 bytes of the message header -

792 */ -

793 memcpy(&buf[DTLS1_RT_HEADER_LENGTH + 1], -

794 &buf[DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH - 3], -

795 3); -

796 -

797

if (s->msg_callback)

s->msg_callback	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

798

s->msg_callback(1, 0, SSL3_RT_HEADER, buf,

never executed: s->msg_callback(1, 0, 0x100, buf, 13, s, s->msg_callback_arg);

799

DTLS1_RT_HEADER_LENGTH, s, s->msg_callback_arg);

never executed: s->msg_callback(1, 0, 0x100, buf, 13, s, s->msg_callback_arg);

800 -

801

if ((tmpclient = BIO_ADDR_new()) == NULL) {

(tmpclient = B...== ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

802 SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_MALLOC_FAILURE); -

803

goto end;

never executed: goto end;

804 } -

805 -

806 /* -

807 * This is unnecessary if rbio and wbio are one and the same - but -

808 * maybe they're not. We ignore errors here - some BIOs do not -

809 * support this. -

810 */ -

811

if (BIO_dgram_get_peer(rbio, tmpclient) > 0) {

(int)BIO_ctrl(...mpclient)) > 0	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

812 (void)BIO_dgram_set_peer(wbio, tmpclient); -

813

}

never executed: end of block

814 BIO_ADDR_free(tmpclient); -

815 tmpclient = NULL; -

816 -

817 /* TODO(size_t): convert this call */ -

818

if (BIO_write(wbio, buf, wreclen) < (int)wreclen) {

BIO_write(wbio...< (int)wreclen	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

819

if (BIO_should_retry(wbio)) {

BIO_test_flags(wbio, 0x08)	Description
TRUE	never evaluated
FALSE	never evaluated

820 /* -

821 * Non-blocking IO...but we're stateless, so we're just -

822 * going to drop this packet. -

823 */ -

824

goto end;

never executed: goto end;

825 } -

826

return -1;

never executed: return -1;

827 } -

828 -

829

if (BIO_flush(wbio) <= 0) {

(int)BIO_ctrl(...id *)0) ) <= 0	Description
TRUE	never evaluated
FALSE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1

0-3

830

if (BIO_should_retry(wbio)) {

BIO_test_flags(wbio, 0x08)	Description
TRUE	never evaluated
FALSE	never evaluated

831 /* -

832 * Non-blocking IO...but we're stateless, so we're just -

833 * going to drop this packet. -

834 */ -

835

goto end;

never executed: goto end;

836 } -

837

return -1;

never executed: return -1;

838 } -

839

}

executed 3 times by 1 test: end of block

Executed by:

libssl.so.1.1

840

} while (next != LISTEN_SUCCESS);

executed 5 times by 1 test: end of block

Executed by:

libssl.so.1.1

next != 2	Description
TRUE	evaluated 3 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

2-5

841 -

842 /* -

843 * Set expected sequence numbers to continue the handshake. -

844 */ -

845 s->d1->handshake_read_seq = 1; -

846 s->d1->handshake_write_seq = 1; -

847 s->d1->next_handshake_write_seq = 1; -

848 DTLS_RECORD_LAYER_set_write_sequence(&s->rlayer, seq); -

849 -

850 /* -

851 * We are doing cookie exchange, so make sure we set that option in the -

852 * SSL object -

853 */ -

854 SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE); -

855 -

856 /* -

857 * Tell the state machine that we've done the initial hello verify -

858 * exchange -

859 */ -

860 ossl_statem_set_hello_verify_done(s); -

861 -

862 /* -

863 * Some BIOs may not support this. If we fail we clear the client address -

864 */ -

865

if (BIO_dgram_get_peer(rbio, client) <= 0)

(int)BIO_ctrl(...(client)) <= 0	Description
TRUE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-2

866

BIO_ADDR_clear(client);

executed 2 times by 1 test: BIO_ADDR_clear(client);

Executed by:

libssl.so.1.1

867 -

868 ret = 1; -

869 clearpkt = 0; -

870

end:

code before this statement executed 2 times by 1 test: end:

Executed by:

libssl.so.1.1

871 BIO_ADDR_free(tmpclient); -

872 BIO_ctrl(SSL_get_rbio(s), BIO_CTRL_DGRAM_SET_PEEK_MODE, 0, NULL); -

873

if (clearpkt) {

clearpkt	Description
TRUE	evaluated 7 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 2 times by 1 test Evaluated by: libssl.so.1.1

2-7

874 /* Dump this packet. Ignore return value */ -

875 BIO_read(rbio, buf, SSL3_RT_MAX_PLAIN_LENGTH); -

876

}

executed 7 times by 1 test: end of block

Executed by:

libssl.so.1.1

877

return ret;

executed 9 times by 1 test: return ret;

Executed by:

libssl.so.1.1

878 } -

879 #endif -

880 -

881 static int dtls1_handshake_write(SSL *s) -

882 { -

883

return dtls1_do_write(s, SSL3_RT_HANDSHAKE);

executed 1532 times by 1 test: return dtls1_do_write(s, 22);

Executed by:

libssl.so.1.1

1532

884 } -

885 -

886 int dtls1_shutdown(SSL *s) -

887 { -

888 int ret; -

889 #ifndef OPENSSL_NO_SCTP -

890 BIO *wbio; -

891 -

892 wbio = SSL_get_wbio(s); -

893 if (wbio != NULL && BIO_dgram_is_sctp(wbio) && -

894 !(s->shutdown & SSL_SENT_SHUTDOWN)) { -

895 ret = BIO_dgram_sctp_wait_for_dry(wbio); -

896 if (ret < 0) -

897 return -1; -

898 -

899 if (ret == 0) -

900 BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 1, -

901 NULL); -

902 } -

903 #endif -

904 ret = ssl3_shutdown(s); -

905 #ifndef OPENSSL_NO_SCTP -

906 BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_SAVE_SHUTDOWN, 0, NULL); -

907 #endif -

908

return ret;

executed 438 times by 1 test: return ret;

Executed by:

libssl.so.1.1

438

909 } -

910 -

911 int dtls1_query_mtu(SSL *s) -

912 { -

913

if (s->d1->link_mtu) {

s->d1->link_mtu	Description
TRUE	never evaluated
FALSE	evaluated 2013 times by 1 test Evaluated by: libssl.so.1.1

0-2013

914 s->d1->mtu = -

915 s->d1->link_mtu - BIO_dgram_get_mtu_overhead(SSL_get_wbio(s)); -

916 s->d1->link_mtu = 0; -

917

}

never executed: end of block

918 -

919 /* AHA! Figure out the MTU, and stick to the right size */ -

920

if (s->d1->mtu < dtls1_min_mtu(s)) {

s->d1->mtu < dtls1_min_mtu(s)	Description
TRUE	evaluated 359 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 1654 times by 1 test Evaluated by: libssl.so.1.1

359-1654

921

if (!(SSL_get_options(s) & SSL_OP_NO_QUERY_MTU)) {

!(SSL_get_opti...& 0x00001000U)	Description
TRUE	evaluated 359 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-359

922 s->d1->mtu = -

923 BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL); -

924 -

925 /* -

926 * I've seen the kernel return bogus numbers when it doesn't know -

927 * (initial write), so just make sure we have a reasonable number -

928 */ -

929

if (s->d1->mtu < dtls1_min_mtu(s)) {

s->d1->mtu < dtls1_min_mtu(s)	Description
TRUE	evaluated 359 times by 1 test Evaluated by: libssl.so.1.1
FALSE	never evaluated

0-359

930 /* Set to min mtu */ -

931 s->d1->mtu = dtls1_min_mtu(s); -

932 BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU, -

933 (long)s->d1->mtu, NULL); -

934

}

executed 359 times by 1 test: end of block

Executed by:

libssl.so.1.1

359

935

} else

executed 359 times by 1 test: end of block

Executed by:

libssl.so.1.1

359

936

return 0;

never executed: return 0;

937 } -

938

return 1;

executed 2013 times by 1 test: return 1;

Executed by:

libssl.so.1.1

2013

939 } -

940 -

941 static size_t dtls1_link_min_mtu(void) -

942 { -

943

return (g_probable_mtu[(sizeof(g_probable_mtu) /

executed 5581 times by 1 test: return (g_probable_mtu[(sizeof(g_probable_mtu) / sizeof(g_probable_mtu[0])) - 1]);

Executed by:

libssl.so.1.1

5581

944

sizeof(g_probable_mtu[0])) - 1]);

executed 5581 times by 1 test: return (g_probable_mtu[(sizeof(g_probable_mtu) / sizeof(g_probable_mtu[0])) - 1]);

Executed by:

libssl.so.1.1

5581

945 } -

946 -

947 size_t dtls1_min_mtu(SSL *s) -

948 { -

949

return dtls1_link_min_mtu() - BIO_dgram_get_mtu_overhead(SSL_get_wbio(s));

executed 4744 times by 1 test: return dtls1_link_min_mtu() - (unsigned int)BIO_ctrl((SSL_get_wbio(s)), 49, 0, ((void *)0) );

Executed by:

libssl.so.1.1

4744

950 } -

951 -

952 size_t DTLS_get_data_mtu(const SSL *s) -

953 { -

954 size_t mac_overhead, int_overhead, blocksize, ext_overhead; -

955 const SSL_CIPHER *ciph = SSL_get_current_cipher(s); -

956 size_t mtu = s->d1->mtu; -

957 -

958

if (ciph == NULL)

ciph == ((void *)0)	Description
TRUE	never evaluated
FALSE	evaluated 810 times by 1 test Evaluated by: libssl.so.1.1

0-810

959

return 0;

never executed: return 0;

960 -

961

if (!ssl_cipher_get_overhead(ciph, &mac_overhead, &int_overhead,

!ssl_cipher_ge...&ext_overhead)	Description
TRUE	never evaluated
FALSE	evaluated 810 times by 1 test Evaluated by: libssl.so.1.1

0-810

962

&blocksize, &ext_overhead))

!ssl_cipher_ge...&ext_overhead)	Description
TRUE	never evaluated
FALSE	evaluated 810 times by 1 test Evaluated by: libssl.so.1.1

0-810

963

return 0;

never executed: return 0;

964 -

965

if (SSL_READ_ETM(s))

(s->s3->flags & 0x0100)	Description
TRUE	evaluated 270 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 540 times by 1 test Evaluated by: libssl.so.1.1

270-540

966

ext_overhead += mac_overhead;

executed 270 times by 1 test: ext_overhead += mac_overhead;

Executed by:

libssl.so.1.1

270

967 else -

968

int_overhead += mac_overhead;

executed 540 times by 1 test: int_overhead += mac_overhead;

Executed by:

libssl.so.1.1

540

969 -

970 /* Subtract external overhead (e.g. IV/nonce, separate MAC) */ -

971

if (ext_overhead + DTLS1_RT_HEADER_LENGTH >= mtu)

ext_overhead + 13 >= mtu	Description
TRUE	never evaluated
FALSE	evaluated 810 times by 1 test Evaluated by: libssl.so.1.1

0-810

972

return 0;

never executed: return 0;

973 mtu -= ext_overhead + DTLS1_RT_HEADER_LENGTH; -

974 -

975 /* Round encrypted payload down to cipher block size (for CBC etc.) -

976 * No check for overflow since 'mtu % blocksize' cannot exceed mtu. */ -

977

if (blocksize)

blocksize	Description
TRUE	evaluated 360 times by 1 test Evaluated by: libssl.so.1.1
FALSE	evaluated 450 times by 1 test Evaluated by: libssl.so.1.1

360-450

978

mtu -= (mtu % blocksize);

executed 360 times by 1 test: mtu -= (mtu % blocksize);

Executed by:

libssl.so.1.1

360

979 -

980 /* Subtract internal overhead (e.g. CBC padding len byte) */ -

981

if (int_overhead >= mtu)

int_overhead >= mtu	Description
TRUE	never evaluated
FALSE	evaluated 810 times by 1 test Evaluated by: libssl.so.1.1

0-810

982

return 0;

never executed: return 0;

983 mtu -= int_overhead; -

984 -

985

return mtu;

executed 810 times by 1 test: return mtu;

Executed by:

libssl.so.1.1

810

986 } -

987 -

988 void DTLS_set_timer_cb(SSL *s, DTLS_timer_cb cb) -

989 { -

990 s->d1->timer_cb = cb; -

991

}

executed 50 times by 1 test: end of block

Executed by:

libssl.so.1.1

Source code

Switch to Preprocessed file

Generated by Squish Coco 4.2.2