2
0

d1_both.c 32 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184
  1. /* ssl/d1_both.c */
  2. /*
  3. * DTLS implementation written by Nagendra Modadugu
  4. * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
  5. */
  6. /* ====================================================================
  7. * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
  8. *
  9. * Redistribution and use in source and binary forms, with or without
  10. * modification, are permitted provided that the following conditions
  11. * are met:
  12. *
  13. * 1. Redistributions of source code must retain the above copyright
  14. * notice, this list of conditions and the following disclaimer.
  15. *
  16. * 2. Redistributions in binary form must reproduce the above copyright
  17. * notice, this list of conditions and the following disclaimer in
  18. * the documentation and/or other materials provided with the
  19. * distribution.
  20. *
  21. * 3. All advertising materials mentioning features or use of this
  22. * software must display the following acknowledgment:
  23. * "This product includes software developed by the OpenSSL Project
  24. * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  25. *
  26. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  27. * endorse or promote products derived from this software without
  28. * prior written permission. For written permission, please contact
  29. * openssl-core@openssl.org.
  30. *
  31. * 5. Products derived from this software may not be called "OpenSSL"
  32. * nor may "OpenSSL" appear in their names without prior written
  33. * permission of the OpenSSL Project.
  34. *
  35. * 6. Redistributions of any form whatsoever must retain the following
  36. * acknowledgment:
  37. * "This product includes software developed by the OpenSSL Project
  38. * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  39. *
  40. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  41. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  42. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  43. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  44. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  45. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  46. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  47. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  49. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  50. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  51. * OF THE POSSIBILITY OF SUCH DAMAGE.
  52. * ====================================================================
  53. *
  54. * This product includes cryptographic software written by Eric Young
  55. * (eay@cryptsoft.com). This product includes software written by Tim
  56. * Hudson (tjh@cryptsoft.com).
  57. *
  58. */
  59. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  60. * All rights reserved.
  61. *
  62. * This package is an SSL implementation written
  63. * by Eric Young (eay@cryptsoft.com).
  64. * The implementation was written so as to conform with Netscapes SSL.
  65. *
  66. * This library is free for commercial and non-commercial use as long as
  67. * the following conditions are aheared to. The following conditions
  68. * apply to all code found in this distribution, be it the RC4, RSA,
  69. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  70. * included with this distribution is covered by the same copyright terms
  71. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  72. *
  73. * Copyright remains Eric Young's, and as such any Copyright notices in
  74. * the code are not to be removed.
  75. * If this package is used in a product, Eric Young should be given attribution
  76. * as the author of the parts of the library used.
  77. * This can be in the form of a textual message at program startup or
  78. * in documentation (online or textual) provided with the package.
  79. *
  80. * Redistribution and use in source and binary forms, with or without
  81. * modification, are permitted provided that the following conditions
  82. * are met:
  83. * 1. Redistributions of source code must retain the copyright
  84. * notice, this list of conditions and the following disclaimer.
  85. * 2. Redistributions in binary form must reproduce the above copyright
  86. * notice, this list of conditions and the following disclaimer in the
  87. * documentation and/or other materials provided with the distribution.
  88. * 3. All advertising materials mentioning features or use of this software
  89. * must display the following acknowledgement:
  90. * "This product includes cryptographic software written by
  91. * Eric Young (eay@cryptsoft.com)"
  92. * The word 'cryptographic' can be left out if the rouines from the library
  93. * being used are not cryptographic related :-).
  94. * 4. If you include any Windows specific code (or a derivative thereof) from
  95. * the apps directory (application code) you must include an acknowledgement:
  96. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  97. *
  98. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  99. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  100. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  101. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  102. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  103. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  104. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  105. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  106. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  107. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  108. * SUCH DAMAGE.
  109. *
  110. * The licence and distribution terms for any publically available version or
  111. * derivative of this code cannot be changed. i.e. this code cannot simply be
  112. * copied and put under another distribution licence
  113. * [including the GNU Public Licence.]
  114. */
  115. #include <limits.h>
  116. #include <string.h>
  117. #include <stdio.h>
  118. #include "ssl_locl.h"
  119. #include <openssl/buffer.h>
  120. #include <openssl/rand.h>
  121. #include <openssl/objects.h>
  122. #include <openssl/evp.h>
  123. #include <openssl/x509.h>
  124. /* XDTLS: figure out the right values */
  125. static unsigned int g_probable_mtu[] = {1500 - 28, 512 - 28, 256 - 28};
  126. static unsigned int dtls1_min_mtu(void);
  127. static unsigned int dtls1_guess_mtu(unsigned int curr_mtu);
  128. static void dtls1_fix_message_header(SSL *s, unsigned long frag_off,
  129. unsigned long frag_len);
  130. static unsigned char *dtls1_write_message_header(SSL *s,
  131. unsigned char *p);
  132. static void dtls1_set_message_header_int(SSL *s, unsigned char mt,
  133. unsigned long len, unsigned short seq_num, unsigned long frag_off,
  134. unsigned long frag_len);
  135. static int dtls1_retransmit_buffered_messages(SSL *s);
  136. static long dtls1_get_message_fragment(SSL *s, int st1, int stn,
  137. long max, int *ok);
  138. static hm_fragment *
  139. dtls1_hm_fragment_new(unsigned long frag_len)
  140. {
  141. hm_fragment *frag = NULL;
  142. unsigned char *buf = NULL;
  143. frag = (hm_fragment *)OPENSSL_malloc(sizeof(hm_fragment));
  144. if ( frag == NULL)
  145. return NULL;
  146. if (frag_len)
  147. {
  148. buf = (unsigned char *)OPENSSL_malloc(frag_len);
  149. if ( buf == NULL)
  150. {
  151. OPENSSL_free(frag);
  152. return NULL;
  153. }
  154. }
  155. /* zero length fragment gets zero frag->fragment */
  156. frag->fragment = buf;
  157. return frag;
  158. }
  159. static void
  160. dtls1_hm_fragment_free(hm_fragment *frag)
  161. {
  162. if (frag->fragment) OPENSSL_free(frag->fragment);
  163. OPENSSL_free(frag);
  164. }
  165. /* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */
  166. int dtls1_do_write(SSL *s, int type)
  167. {
  168. int ret;
  169. int curr_mtu;
  170. unsigned int len, frag_off;
  171. /* AHA! Figure out the MTU, and stick to the right size */
  172. if ( ! (SSL_get_options(s) & SSL_OP_NO_QUERY_MTU))
  173. {
  174. s->d1->mtu =
  175. BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
  176. /* I've seen the kernel return bogus numbers when it doesn't know
  177. * (initial write), so just make sure we have a reasonable number */
  178. if ( s->d1->mtu < dtls1_min_mtu())
  179. {
  180. s->d1->mtu = 0;
  181. s->d1->mtu = dtls1_guess_mtu(s->d1->mtu);
  182. BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SET_MTU,
  183. s->d1->mtu, NULL);
  184. }
  185. }
  186. #if 0
  187. mtu = s->d1->mtu;
  188. fprintf(stderr, "using MTU = %d\n", mtu);
  189. mtu -= (DTLS1_HM_HEADER_LENGTH + DTLS1_RT_HEADER_LENGTH);
  190. curr_mtu = mtu - BIO_wpending(SSL_get_wbio(s));
  191. if ( curr_mtu > 0)
  192. mtu = curr_mtu;
  193. else if ( ( ret = BIO_flush(SSL_get_wbio(s))) <= 0)
  194. return ret;
  195. if ( BIO_wpending(SSL_get_wbio(s)) + s->init_num >= mtu)
  196. {
  197. ret = BIO_flush(SSL_get_wbio(s));
  198. if ( ret <= 0)
  199. return ret;
  200. mtu = s->d1->mtu - (DTLS1_HM_HEADER_LENGTH + DTLS1_RT_HEADER_LENGTH);
  201. }
  202. OPENSSL_assert(mtu > 0); /* should have something reasonable now */
  203. #endif
  204. if ( s->init_off == 0 && type == SSL3_RT_HANDSHAKE)
  205. OPENSSL_assert(s->init_num ==
  206. (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
  207. frag_off = 0;
  208. while( s->init_num)
  209. {
  210. curr_mtu = s->d1->mtu - BIO_wpending(SSL_get_wbio(s)) -
  211. DTLS1_RT_HEADER_LENGTH;
  212. if ( curr_mtu <= DTLS1_HM_HEADER_LENGTH)
  213. {
  214. /* grr.. we could get an error if MTU picked was wrong */
  215. ret = BIO_flush(SSL_get_wbio(s));
  216. if ( ret <= 0)
  217. return ret;
  218. curr_mtu = s->d1->mtu - DTLS1_RT_HEADER_LENGTH;
  219. }
  220. if ( s->init_num > curr_mtu)
  221. len = curr_mtu;
  222. else
  223. len = s->init_num;
  224. /* XDTLS: this function is too long. split out the CCS part */
  225. if ( type == SSL3_RT_HANDSHAKE)
  226. {
  227. if ( s->init_off != 0)
  228. {
  229. OPENSSL_assert(s->init_off > DTLS1_HM_HEADER_LENGTH);
  230. s->init_off -= DTLS1_HM_HEADER_LENGTH;
  231. s->init_num += DTLS1_HM_HEADER_LENGTH;
  232. /* write atleast DTLS1_HM_HEADER_LENGTH bytes */
  233. if ( len <= DTLS1_HM_HEADER_LENGTH)
  234. len += DTLS1_HM_HEADER_LENGTH;
  235. }
  236. dtls1_fix_message_header(s, frag_off,
  237. len - DTLS1_HM_HEADER_LENGTH);
  238. dtls1_write_message_header(s, (unsigned char *)&s->init_buf->data[s->init_off]);
  239. OPENSSL_assert(len >= DTLS1_HM_HEADER_LENGTH);
  240. }
  241. ret=dtls1_write_bytes(s,type,&s->init_buf->data[s->init_off],
  242. len);
  243. if (ret < 0)
  244. {
  245. /* might need to update MTU here, but we don't know
  246. * which previous packet caused the failure -- so can't
  247. * really retransmit anything. continue as if everything
  248. * is fine and wait for an alert to handle the
  249. * retransmit
  250. */
  251. if ( BIO_ctrl(SSL_get_wbio(s),
  252. BIO_CTRL_DGRAM_MTU_EXCEEDED, 0, NULL))
  253. s->d1->mtu = BIO_ctrl(SSL_get_wbio(s),
  254. BIO_CTRL_DGRAM_QUERY_MTU, 0, NULL);
  255. else
  256. return(-1);
  257. }
  258. else
  259. {
  260. /* bad if this assert fails, only part of the handshake
  261. * message got sent. but why would this happen? */
  262. OPENSSL_assert(len == (unsigned int)ret);
  263. if (type == SSL3_RT_HANDSHAKE && ! s->d1->retransmitting)
  264. {
  265. /* should not be done for 'Hello Request's, but in that case
  266. * we'll ignore the result anyway */
  267. unsigned char *p = (unsigned char *)&s->init_buf->data[s->init_off];
  268. const struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
  269. int xlen;
  270. if (frag_off == 0)
  271. {
  272. /* reconstruct message header is if it
  273. * is being sent in single fragment */
  274. *p++ = msg_hdr->type;
  275. l2n3(msg_hdr->msg_len,p);
  276. s2n (msg_hdr->seq,p);
  277. l2n3(0,p);
  278. l2n3(msg_hdr->msg_len,p);
  279. p -= DTLS1_HM_HEADER_LENGTH;
  280. xlen = ret;
  281. }
  282. else
  283. {
  284. p += DTLS1_HM_HEADER_LENGTH;
  285. xlen = ret - DTLS1_HM_HEADER_LENGTH;
  286. }
  287. ssl3_finish_mac(s, p, xlen);
  288. }
  289. if (ret == s->init_num)
  290. {
  291. if (s->msg_callback)
  292. s->msg_callback(1, s->version, type, s->init_buf->data,
  293. (size_t)(s->init_off + s->init_num), s,
  294. s->msg_callback_arg);
  295. s->init_off = 0; /* done writing this message */
  296. s->init_num = 0;
  297. return(1);
  298. }
  299. s->init_off+=ret;
  300. s->init_num-=ret;
  301. frag_off += (ret -= DTLS1_HM_HEADER_LENGTH);
  302. }
  303. }
  304. return(0);
  305. }
  306. /* Obtain handshake message of message type 'mt' (any if mt == -1),
  307. * maximum acceptable body length 'max'.
  308. * Read an entire handshake message. Handshake messages arrive in
  309. * fragments.
  310. */
  311. long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
  312. {
  313. int i, al;
  314. struct hm_header_st *msg_hdr;
  315. /* s3->tmp is used to store messages that are unexpected, caused
  316. * by the absence of an optional handshake message */
  317. if (s->s3->tmp.reuse_message)
  318. {
  319. s->s3->tmp.reuse_message=0;
  320. if ((mt >= 0) && (s->s3->tmp.message_type != mt))
  321. {
  322. al=SSL_AD_UNEXPECTED_MESSAGE;
  323. SSLerr(SSL_F_DTLS1_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
  324. goto f_err;
  325. }
  326. *ok=1;
  327. s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
  328. s->init_num = (int)s->s3->tmp.message_size;
  329. return s->init_num;
  330. }
  331. msg_hdr = &s->d1->r_msg_hdr;
  332. do
  333. {
  334. if ( msg_hdr->frag_off == 0)
  335. {
  336. /* s->d1->r_message_header.msg_len = 0; */
  337. memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
  338. }
  339. i = dtls1_get_message_fragment(s, st1, stn, max, ok);
  340. if ( i == DTLS1_HM_BAD_FRAGMENT ||
  341. i == DTLS1_HM_FRAGMENT_RETRY) /* bad fragment received */
  342. continue;
  343. else if ( i <= 0 && !*ok)
  344. return i;
  345. /* Note that s->init_sum is used as a counter summing
  346. * up fragments' lengths: as soon as they sum up to
  347. * handshake packet length, we assume we have got all
  348. * the fragments. Overlapping fragments would cause
  349. * premature termination, so we don't expect overlaps.
  350. * Well, handling overlaps would require something more
  351. * drastic. Indeed, as it is now there is no way to
  352. * tell if out-of-order fragment from the middle was
  353. * the last. '>=' is the best/least we can do to control
  354. * the potential damage caused by malformed overlaps. */
  355. if ((unsigned int)s->init_num >= msg_hdr->msg_len)
  356. {
  357. unsigned char *p = (unsigned char *)s->init_buf->data;
  358. unsigned long msg_len = msg_hdr->msg_len;
  359. /* reconstruct message header as if it was
  360. * sent in single fragment */
  361. *(p++) = msg_hdr->type;
  362. l2n3(msg_len,p);
  363. s2n (msg_hdr->seq,p);
  364. l2n3(0,p);
  365. l2n3(msg_len,p);
  366. p -= DTLS1_HM_HEADER_LENGTH;
  367. msg_len += DTLS1_HM_HEADER_LENGTH;
  368. ssl3_finish_mac(s, p, msg_len);
  369. if (s->msg_callback)
  370. s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
  371. p, msg_len,
  372. s, s->msg_callback_arg);
  373. memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
  374. s->d1->handshake_read_seq++;
  375. /* we just read a handshake message from the other side:
  376. * this means that we don't need to retransmit of the
  377. * buffered messages.
  378. * XDTLS: may be able clear out this
  379. * buffer a little sooner (i.e if an out-of-order
  380. * handshake message/record is received at the record
  381. * layer.
  382. * XDTLS: exception is that the server needs to
  383. * know that change cipher spec and finished messages
  384. * have been received by the client before clearing this
  385. * buffer. this can simply be done by waiting for the
  386. * first data segment, but is there a better way? */
  387. dtls1_clear_record_buffer(s);
  388. s->init_msg = s->init_buf->data + DTLS1_HM_HEADER_LENGTH;
  389. return s->init_num;
  390. }
  391. else
  392. msg_hdr->frag_off = i;
  393. } while(1) ;
  394. f_err:
  395. ssl3_send_alert(s,SSL3_AL_FATAL,al);
  396. *ok = 0;
  397. return -1;
  398. }
  399. static int dtls1_preprocess_fragment(SSL *s,struct hm_header_st *msg_hdr,int max)
  400. {
  401. size_t frag_off,frag_len,msg_len;
  402. msg_len = msg_hdr->msg_len;
  403. frag_off = msg_hdr->frag_off;
  404. frag_len = msg_hdr->frag_len;
  405. /* sanity checking */
  406. if ( (frag_off+frag_len) > msg_len)
  407. {
  408. SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
  409. return SSL_AD_ILLEGAL_PARAMETER;
  410. }
  411. if ( (frag_off+frag_len) > (unsigned long)max)
  412. {
  413. SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
  414. return SSL_AD_ILLEGAL_PARAMETER;
  415. }
  416. if ( s->d1->r_msg_hdr.frag_off == 0) /* first fragment */
  417. {
  418. /* msg_len is limited to 2^24, but is effectively checked
  419. * against max above */
  420. if (!BUF_MEM_grow_clean(s->init_buf,msg_len+DTLS1_HM_HEADER_LENGTH))
  421. {
  422. SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT,ERR_R_BUF_LIB);
  423. return SSL_AD_INTERNAL_ERROR;
  424. }
  425. s->s3->tmp.message_size = msg_len;
  426. s->d1->r_msg_hdr.msg_len = msg_len;
  427. s->s3->tmp.message_type = msg_hdr->type;
  428. s->d1->r_msg_hdr.type = msg_hdr->type;
  429. s->d1->r_msg_hdr.seq = msg_hdr->seq;
  430. }
  431. else if (msg_len != s->d1->r_msg_hdr.msg_len)
  432. {
  433. /* They must be playing with us! BTW, failure to enforce
  434. * upper limit would open possibility for buffer overrun. */
  435. SSLerr(SSL_F_DTLS1_PREPROCESS_FRAGMENT,SSL_R_EXCESSIVE_MESSAGE_SIZE);
  436. return SSL_AD_ILLEGAL_PARAMETER;
  437. }
  438. return 0; /* no error */
  439. }
  440. static int
  441. dtls1_retrieve_buffered_fragment(SSL *s, long max, int *ok)
  442. {
  443. /* (0) check whether the desired fragment is available
  444. * if so:
  445. * (1) copy over the fragment to s->init_buf->data[]
  446. * (2) update s->init_num
  447. */
  448. pitem *item;
  449. hm_fragment *frag;
  450. int al;
  451. *ok = 0;
  452. item = pqueue_peek(s->d1->buffered_messages);
  453. if ( item == NULL)
  454. return 0;
  455. frag = (hm_fragment *)item->data;
  456. if ( s->d1->handshake_read_seq == frag->msg_header.seq)
  457. {
  458. pqueue_pop(s->d1->buffered_messages);
  459. al=dtls1_preprocess_fragment(s,&frag->msg_header,max);
  460. if (al==0) /* no alert */
  461. {
  462. unsigned char *p = (unsigned char *)s->init_buf->data+DTLS1_HM_HEADER_LENGTH;
  463. memcpy(&p[frag->msg_header.frag_off],
  464. frag->fragment,frag->msg_header.frag_len);
  465. }
  466. dtls1_hm_fragment_free(frag);
  467. pitem_free(item);
  468. if (al==0)
  469. {
  470. *ok = 1;
  471. return frag->msg_header.frag_len;
  472. }
  473. ssl3_send_alert(s,SSL3_AL_FATAL,al);
  474. s->init_num = 0;
  475. *ok = 0;
  476. return -1;
  477. }
  478. else
  479. return 0;
  480. }
  481. static int
  482. dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
  483. {
  484. int i=-1;
  485. hm_fragment *frag = NULL;
  486. pitem *item = NULL;
  487. unsigned char seq64be[8];
  488. unsigned long frag_len = msg_hdr->frag_len;
  489. if ((msg_hdr->frag_off+frag_len) > msg_hdr->msg_len)
  490. goto err;
  491. if (msg_hdr->seq <= s->d1->handshake_read_seq)
  492. {
  493. unsigned char devnull [256];
  494. while (frag_len)
  495. {
  496. i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
  497. devnull,
  498. frag_len>sizeof(devnull)?sizeof(devnull):frag_len,0);
  499. if (i<=0) goto err;
  500. frag_len -= i;
  501. }
  502. }
  503. frag = dtls1_hm_fragment_new(frag_len);
  504. if ( frag == NULL)
  505. goto err;
  506. memcpy(&(frag->msg_header), msg_hdr, sizeof(*msg_hdr));
  507. if (frag_len)
  508. {
  509. /* read the body of the fragment (header has already been read */
  510. i = s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
  511. frag->fragment,frag_len,0);
  512. if (i<=0 || (unsigned long)i!=frag_len)
  513. goto err;
  514. }
  515. memset(seq64be,0,sizeof(seq64be));
  516. seq64be[6] = (unsigned char)(msg_hdr->seq>>8);
  517. seq64be[7] = (unsigned char)(msg_hdr->seq);
  518. item = pitem_new(seq64be, frag);
  519. if ( item == NULL)
  520. goto err;
  521. pqueue_insert(s->d1->buffered_messages, item);
  522. return DTLS1_HM_FRAGMENT_RETRY;
  523. err:
  524. if ( frag != NULL) dtls1_hm_fragment_free(frag);
  525. if ( item != NULL) OPENSSL_free(item);
  526. *ok = 0;
  527. return i;
  528. }
  529. static long
  530. dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
  531. {
  532. unsigned char wire[DTLS1_HM_HEADER_LENGTH];
  533. unsigned long l, frag_off, frag_len;
  534. int i,al;
  535. struct hm_header_st msg_hdr;
  536. /* see if we have the required fragment already */
  537. if ((frag_len = dtls1_retrieve_buffered_fragment(s,max,ok)) || *ok)
  538. {
  539. if (*ok) s->init_num += frag_len;
  540. return frag_len;
  541. }
  542. /* read handshake message header */
  543. i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,wire,
  544. DTLS1_HM_HEADER_LENGTH, 0);
  545. if (i <= 0) /* nbio, or an error */
  546. {
  547. s->rwstate=SSL_READING;
  548. *ok = 0;
  549. return i;
  550. }
  551. OPENSSL_assert(i == DTLS1_HM_HEADER_LENGTH);
  552. /* parse the message fragment header */
  553. dtls1_get_message_header(wire, &msg_hdr);
  554. /*
  555. * if this is a future (or stale) message it gets buffered
  556. * (or dropped)--no further processing at this time
  557. */
  558. if ( msg_hdr.seq != s->d1->handshake_read_seq)
  559. return dtls1_process_out_of_seq_message(s, &msg_hdr, ok);
  560. l = msg_hdr.msg_len;
  561. frag_off = msg_hdr.frag_off;
  562. frag_len = msg_hdr.frag_len;
  563. if (!s->server && s->d1->r_msg_hdr.frag_off == 0 &&
  564. wire[0] == SSL3_MT_HELLO_REQUEST)
  565. {
  566. /* The server may always send 'Hello Request' messages --
  567. * we are doing a handshake anyway now, so ignore them
  568. * if their format is correct. Does not count for
  569. * 'Finished' MAC. */
  570. if (wire[1] == 0 && wire[2] == 0 && wire[3] == 0)
  571. {
  572. if (s->msg_callback)
  573. s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE,
  574. wire, DTLS1_HM_HEADER_LENGTH, s,
  575. s->msg_callback_arg);
  576. s->init_num = 0;
  577. return dtls1_get_message_fragment(s, st1, stn,
  578. max, ok);
  579. }
  580. else /* Incorrectly formated Hello request */
  581. {
  582. al=SSL_AD_UNEXPECTED_MESSAGE;
  583. SSLerr(SSL_F_DTLS1_GET_MESSAGE_FRAGMENT,SSL_R_UNEXPECTED_MESSAGE);
  584. goto f_err;
  585. }
  586. }
  587. if ((al=dtls1_preprocess_fragment(s,&msg_hdr,max)))
  588. goto f_err;
  589. /* XDTLS: ressurect this when restart is in place */
  590. s->state=stn;
  591. if ( frag_len > 0)
  592. {
  593. unsigned char *p=(unsigned char *)s->init_buf->data+DTLS1_HM_HEADER_LENGTH;
  594. i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,
  595. &p[frag_off],frag_len,0);
  596. /* XDTLS: fix this--message fragments cannot span multiple packets */
  597. if (i <= 0)
  598. {
  599. s->rwstate=SSL_READING;
  600. *ok = 0;
  601. return i;
  602. }
  603. }
  604. else
  605. i = 0;
  606. /* XDTLS: an incorrectly formatted fragment should cause the
  607. * handshake to fail */
  608. OPENSSL_assert(i == (int)frag_len);
  609. *ok = 1;
  610. /* Note that s->init_num is *not* used as current offset in
  611. * s->init_buf->data, but as a counter summing up fragments'
  612. * lengths: as soon as they sum up to handshake packet
  613. * length, we assume we have got all the fragments. */
  614. s->init_num += frag_len;
  615. return frag_len;
  616. f_err:
  617. ssl3_send_alert(s,SSL3_AL_FATAL,al);
  618. s->init_num = 0;
  619. *ok=0;
  620. return(-1);
  621. }
  622. int dtls1_send_finished(SSL *s, int a, int b, const char *sender, int slen)
  623. {
  624. unsigned char *p,*d;
  625. int i;
  626. unsigned long l;
  627. if (s->state == a)
  628. {
  629. d=(unsigned char *)s->init_buf->data;
  630. p= &(d[DTLS1_HM_HEADER_LENGTH]);
  631. i=s->method->ssl3_enc->final_finish_mac(s,
  632. sender,slen,s->s3->tmp.finish_md);
  633. s->s3->tmp.finish_md_len = i;
  634. memcpy(p, s->s3->tmp.finish_md, i);
  635. p+=i;
  636. l=i;
  637. #ifdef OPENSSL_SYS_WIN16
  638. /* MSVC 1.5 does not clear the top bytes of the word unless
  639. * I do this.
  640. */
  641. l&=0xffff;
  642. #endif
  643. d = dtls1_set_message_header(s, d, SSL3_MT_FINISHED, l, 0, l);
  644. s->init_num=(int)l+DTLS1_HM_HEADER_LENGTH;
  645. s->init_off=0;
  646. /* buffer the message to handle re-xmits */
  647. dtls1_buffer_message(s, 0);
  648. s->state=b;
  649. }
  650. /* SSL3_ST_SEND_xxxxxx_HELLO_B */
  651. return(dtls1_do_write(s,SSL3_RT_HANDSHAKE));
  652. }
  653. /* for these 2 messages, we need to
  654. * ssl->enc_read_ctx re-init
  655. * ssl->s3->read_sequence zero
  656. * ssl->s3->read_mac_secret re-init
  657. * ssl->session->read_sym_enc assign
  658. * ssl->session->read_compression assign
  659. * ssl->session->read_hash assign
  660. */
  661. int dtls1_send_change_cipher_spec(SSL *s, int a, int b)
  662. {
  663. unsigned char *p;
  664. if (s->state == a)
  665. {
  666. p=(unsigned char *)s->init_buf->data;
  667. *p++=SSL3_MT_CCS;
  668. s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
  669. s->init_num=DTLS1_CCS_HEADER_LENGTH;
  670. s->init_off=0;
  671. dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
  672. s->d1->handshake_write_seq, 0, 0);
  673. /* buffer the message to handle re-xmits */
  674. dtls1_buffer_message(s, 1);
  675. s->state=b;
  676. }
  677. /* SSL3_ST_CW_CHANGE_B */
  678. return(dtls1_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
  679. }
  680. unsigned long dtls1_output_cert_chain(SSL *s, X509 *x)
  681. {
  682. unsigned char *p;
  683. int n,i;
  684. unsigned long l= 3 + DTLS1_HM_HEADER_LENGTH;
  685. BUF_MEM *buf;
  686. X509_STORE_CTX xs_ctx;
  687. X509_OBJECT obj;
  688. /* TLSv1 sends a chain with nothing in it, instead of an alert */
  689. buf=s->init_buf;
  690. if (!BUF_MEM_grow_clean(buf,10))
  691. {
  692. SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
  693. return(0);
  694. }
  695. if (x != NULL)
  696. {
  697. if(!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL))
  698. {
  699. SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
  700. return(0);
  701. }
  702. for (;;)
  703. {
  704. n=i2d_X509(x,NULL);
  705. if (!BUF_MEM_grow_clean(buf,(n+l+3)))
  706. {
  707. SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
  708. return(0);
  709. }
  710. p=(unsigned char *)&(buf->data[l]);
  711. l2n3(n,p);
  712. i2d_X509(x,&p);
  713. l+=n+3;
  714. if (X509_NAME_cmp(X509_get_subject_name(x),
  715. X509_get_issuer_name(x)) == 0) break;
  716. i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509,
  717. X509_get_issuer_name(x),&obj);
  718. if (i <= 0) break;
  719. x=obj.data.x509;
  720. /* Count is one too high since the X509_STORE_get uped the
  721. * ref count */
  722. X509_free(x);
  723. }
  724. X509_STORE_CTX_cleanup(&xs_ctx);
  725. }
  726. /* Thawte special :-) */
  727. if (s->ctx->extra_certs != NULL)
  728. for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++)
  729. {
  730. x=sk_X509_value(s->ctx->extra_certs,i);
  731. n=i2d_X509(x,NULL);
  732. if (!BUF_MEM_grow_clean(buf,(n+l+3)))
  733. {
  734. SSLerr(SSL_F_DTLS1_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
  735. return(0);
  736. }
  737. p=(unsigned char *)&(buf->data[l]);
  738. l2n3(n,p);
  739. i2d_X509(x,&p);
  740. l+=n+3;
  741. }
  742. l-= (3 + DTLS1_HM_HEADER_LENGTH);
  743. p=(unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH]);
  744. l2n3(l,p);
  745. l+=3;
  746. p=(unsigned char *)&(buf->data[0]);
  747. p = dtls1_set_message_header(s, p, SSL3_MT_CERTIFICATE, l, 0, l);
  748. l+=DTLS1_HM_HEADER_LENGTH;
  749. return(l);
  750. }
  751. int dtls1_read_failed(SSL *s, int code)
  752. {
  753. DTLS1_STATE *state;
  754. BIO *bio;
  755. int send_alert = 0;
  756. if ( code > 0)
  757. {
  758. fprintf( stderr, "invalid state reached %s:%d", __FILE__, __LINE__);
  759. return 1;
  760. }
  761. bio = SSL_get_rbio(s);
  762. if ( ! BIO_dgram_recv_timedout(bio))
  763. {
  764. /* not a timeout, none of our business,
  765. let higher layers handle this. in fact it's probably an error */
  766. return code;
  767. }
  768. if ( ! SSL_in_init(s)) /* done, no need to send a retransmit */
  769. {
  770. BIO_set_flags(SSL_get_rbio(s), BIO_FLAGS_READ);
  771. return code;
  772. }
  773. state = s->d1;
  774. state->timeout.num_alerts++;
  775. if ( state->timeout.num_alerts > DTLS1_TMO_ALERT_COUNT)
  776. {
  777. /* fail the connection, enough alerts have been sent */
  778. SSLerr(SSL_F_DTLS1_READ_FAILED,SSL_R_READ_TIMEOUT_EXPIRED);
  779. return 0;
  780. }
  781. state->timeout.read_timeouts++;
  782. if ( state->timeout.read_timeouts > DTLS1_TMO_READ_COUNT)
  783. {
  784. send_alert = 1;
  785. state->timeout.read_timeouts = 1;
  786. }
  787. #if 0 /* for now, each alert contains only one record number */
  788. item = pqueue_peek(state->rcvd_records);
  789. if ( item )
  790. {
  791. /* send an alert immediately for all the missing records */
  792. }
  793. else
  794. #endif
  795. #if 0 /* no more alert sending, just retransmit the last set of messages */
  796. if ( send_alert)
  797. ssl3_send_alert(s,SSL3_AL_WARNING,
  798. DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
  799. #endif
  800. return dtls1_retransmit_buffered_messages(s) ;
  801. }
  802. static int
  803. dtls1_retransmit_buffered_messages(SSL *s)
  804. {
  805. pqueue sent = s->d1->sent_messages;
  806. piterator iter;
  807. pitem *item;
  808. hm_fragment *frag;
  809. int found = 0;
  810. iter = pqueue_iterator(sent);
  811. for ( item = pqueue_next(&iter); item != NULL; item = pqueue_next(&iter))
  812. {
  813. frag = (hm_fragment *)item->data;
  814. if ( dtls1_retransmit_message(s, frag->msg_header.seq, 0, &found) <= 0 &&
  815. found)
  816. {
  817. fprintf(stderr, "dtls1_retransmit_message() failed\n");
  818. return -1;
  819. }
  820. }
  821. return 1;
  822. }
  823. int
  824. dtls1_buffer_message(SSL *s, int is_ccs)
  825. {
  826. pitem *item;
  827. hm_fragment *frag;
  828. unsigned char seq64be[8];
  829. unsigned int epoch = s->d1->w_epoch;
  830. /* this function is called immediately after a message has
  831. * been serialized */
  832. OPENSSL_assert(s->init_off == 0);
  833. frag = dtls1_hm_fragment_new(s->init_num);
  834. memcpy(frag->fragment, s->init_buf->data, s->init_num);
  835. if ( is_ccs)
  836. {
  837. OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
  838. DTLS1_CCS_HEADER_LENGTH == (unsigned int)s->init_num);
  839. epoch++;
  840. }
  841. else
  842. {
  843. OPENSSL_assert(s->d1->w_msg_hdr.msg_len +
  844. DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num);
  845. }
  846. frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len;
  847. frag->msg_header.seq = s->d1->w_msg_hdr.seq;
  848. frag->msg_header.type = s->d1->w_msg_hdr.type;
  849. frag->msg_header.frag_off = 0;
  850. frag->msg_header.frag_len = s->d1->w_msg_hdr.msg_len;
  851. frag->msg_header.is_ccs = is_ccs;
  852. memset(seq64be,0,sizeof(seq64be));
  853. seq64be[0] = (unsigned char)(epoch>>8);
  854. seq64be[1] = (unsigned char)(epoch);
  855. seq64be[6] = (unsigned char)(frag->msg_header.seq>>8);
  856. seq64be[7] = (unsigned char)(frag->msg_header.seq);
  857. item = pitem_new(seq64be, frag);
  858. if ( item == NULL)
  859. {
  860. dtls1_hm_fragment_free(frag);
  861. return 0;
  862. }
  863. #if 0
  864. fprintf( stderr, "buffered messge: \ttype = %xx\n", msg_buf->type);
  865. fprintf( stderr, "\t\t\t\t\tlen = %d\n", msg_buf->len);
  866. fprintf( stderr, "\t\t\t\t\tseq_num = %d\n", msg_buf->seq_num);
  867. #endif
  868. pqueue_insert(s->d1->sent_messages, item);
  869. return 1;
  870. }
  871. int
  872. dtls1_retransmit_message(SSL *s, unsigned short seq, unsigned long frag_off,
  873. int *found)
  874. {
  875. int ret;
  876. /* XDTLS: for now assuming that read/writes are blocking */
  877. pitem *item;
  878. hm_fragment *frag ;
  879. unsigned long header_length;
  880. unsigned char seq64be[8];
  881. /*
  882. OPENSSL_assert(s->init_num == 0);
  883. OPENSSL_assert(s->init_off == 0);
  884. */
  885. /* XDTLS: the requested message ought to be found, otherwise error */
  886. memset(seq64be,0,sizeof(seq64be));
  887. seq64be[6] = (unsigned char)(seq>>8);
  888. seq64be[7] = (unsigned char)seq;
  889. item = pqueue_find(s->d1->sent_messages, seq64be);
  890. if ( item == NULL)
  891. {
  892. fprintf(stderr, "retransmit: message %d non-existant\n", seq);
  893. *found = 0;
  894. return 0;
  895. }
  896. *found = 1;
  897. frag = (hm_fragment *)item->data;
  898. if ( frag->msg_header.is_ccs)
  899. header_length = DTLS1_CCS_HEADER_LENGTH;
  900. else
  901. header_length = DTLS1_HM_HEADER_LENGTH;
  902. memcpy(s->init_buf->data, frag->fragment,
  903. frag->msg_header.msg_len + header_length);
  904. s->init_num = frag->msg_header.msg_len + header_length;
  905. dtls1_set_message_header_int(s, frag->msg_header.type,
  906. frag->msg_header.msg_len, frag->msg_header.seq, 0,
  907. frag->msg_header.frag_len);
  908. s->d1->retransmitting = 1;
  909. ret = dtls1_do_write(s, frag->msg_header.is_ccs ?
  910. SSL3_RT_CHANGE_CIPHER_SPEC : SSL3_RT_HANDSHAKE);
  911. s->d1->retransmitting = 0;
  912. (void)BIO_flush(SSL_get_wbio(s));
  913. return ret;
  914. }
  915. /* call this function when the buffered messages are no longer needed */
  916. void
  917. dtls1_clear_record_buffer(SSL *s)
  918. {
  919. pitem *item;
  920. for(item = pqueue_pop(s->d1->sent_messages);
  921. item != NULL; item = pqueue_pop(s->d1->sent_messages))
  922. {
  923. dtls1_hm_fragment_free((hm_fragment *)item->data);
  924. pitem_free(item);
  925. }
  926. }
  927. unsigned char *
  928. dtls1_set_message_header(SSL *s, unsigned char *p, unsigned char mt,
  929. unsigned long len, unsigned long frag_off, unsigned long frag_len)
  930. {
  931. if ( frag_off == 0)
  932. {
  933. s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
  934. s->d1->next_handshake_write_seq++;
  935. }
  936. dtls1_set_message_header_int(s, mt, len, s->d1->handshake_write_seq,
  937. frag_off, frag_len);
  938. return p += DTLS1_HM_HEADER_LENGTH;
  939. }
  940. /* don't actually do the writing, wait till the MTU has been retrieved */
  941. static void
  942. dtls1_set_message_header_int(SSL *s, unsigned char mt,
  943. unsigned long len, unsigned short seq_num, unsigned long frag_off,
  944. unsigned long frag_len)
  945. {
  946. struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
  947. msg_hdr->type = mt;
  948. msg_hdr->msg_len = len;
  949. msg_hdr->seq = seq_num;
  950. msg_hdr->frag_off = frag_off;
  951. msg_hdr->frag_len = frag_len;
  952. }
  953. static void
  954. dtls1_fix_message_header(SSL *s, unsigned long frag_off,
  955. unsigned long frag_len)
  956. {
  957. struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
  958. msg_hdr->frag_off = frag_off;
  959. msg_hdr->frag_len = frag_len;
  960. }
  961. static unsigned char *
  962. dtls1_write_message_header(SSL *s, unsigned char *p)
  963. {
  964. struct hm_header_st *msg_hdr = &s->d1->w_msg_hdr;
  965. *p++ = msg_hdr->type;
  966. l2n3(msg_hdr->msg_len, p);
  967. s2n(msg_hdr->seq, p);
  968. l2n3(msg_hdr->frag_off, p);
  969. l2n3(msg_hdr->frag_len, p);
  970. return p;
  971. }
  972. static unsigned int
  973. dtls1_min_mtu(void)
  974. {
  975. return (g_probable_mtu[(sizeof(g_probable_mtu) /
  976. sizeof(g_probable_mtu[0])) - 1]);
  977. }
  978. static unsigned int
  979. dtls1_guess_mtu(unsigned int curr_mtu)
  980. {
  981. unsigned int i;
  982. if ( curr_mtu == 0 )
  983. return g_probable_mtu[0] ;
  984. for ( i = 0; i < sizeof(g_probable_mtu)/sizeof(g_probable_mtu[0]); i++)
  985. if ( curr_mtu > g_probable_mtu[i])
  986. return g_probable_mtu[i];
  987. return curr_mtu;
  988. }
  989. void
  990. dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
  991. {
  992. memset(msg_hdr, 0x00, sizeof(struct hm_header_st));
  993. msg_hdr->type = *(data++);
  994. n2l3(data, msg_hdr->msg_len);
  995. n2s(data, msg_hdr->seq);
  996. n2l3(data, msg_hdr->frag_off);
  997. n2l3(data, msg_hdr->frag_len);
  998. }
  999. void
  1000. dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr)
  1001. {
  1002. memset(ccs_hdr, 0x00, sizeof(struct ccs_header_st));
  1003. ccs_hdr->type = *(data++);
  1004. }