pike.git / lib / modules / SSL.pmod / Connection.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Connection.pike:38: Inside #if defined(SSL3_DEBUG)
     #ifdef SSL3_DEBUG   #define SSL3_DEBUG_MSG(X ...) werror(X)   #else /*! SSL3_DEBUG */   #define SSL3_DEBUG_MSG(X ...)   #endif /* SSL3_DEBUG */      Session session;   Context context;    - State pending_read_state; - State pending_write_state; + array(State) pending_read_state = ({}); + array(State) pending_write_state = ({});      /* State variables */      int handshake_state; // Constant.STATE_*   int previous_handshake; // Constant.HANDSHAKE_*   int reuse;      constant CERT_none = 0;   constant CERT_requested = 1;   constant CERT_received = 2;
pike.git/lib/modules/SSL.pmod/Connection.pike:125:    str = sprintf("%1c%3H", type, str);    handshake_messages += str;       /* Perhaps one need to split large packages? */    Packet packet = Packet(version, PACKET_handshake, str);    return packet;   }      Packet change_cipher_packet()   { -  expect_change_cipher = 1; +  expect_change_cipher++;    return Packet(version, PACKET_change_cipher_spec, "\001");   }      string(8bit) hash_messages(string(8bit) sender)   {    string(8bit) hash;    if(version == PROTOCOL_SSL_3_0) {    string(8bit) data = handshake_messages + sender;    hash = .Cipher.MACmd5(session->master_secret)->hash(data) +    .Cipher.MACsha(session->master_secret)->hash(data);
pike.git/lib/modules/SSL.pmod/Connection.pike:530:    // failed session from being used to establish new connections.    if (session) {    context->purge_session(session);    }    } else if (packet->description == ALERT_close_notify) {    state = [int(0..0)|ConnectionState](state | CONNECTION_local_closed);    }    }    string res = current_write_state->encrypt_packet(packet, context)->send();    if (packet->content_type == PACKET_change_cipher_spec) { -  current_write_state = pending_write_state; +  if (sizeof(pending_write_state)) { +  current_write_state = pending_write_state[0]; +  pending_write_state = pending_write_state[1..]; +  } else { +  error("Invalid Change Cipher Spec.\n"); +  }    if (version >= PROTOCOL_TLS_1_3) {    // The change cipher state packet is not sent on the wire in TLS 1.3.    return to_write();    }    }    return res;   }      //! Initiate close.   void send_close()
pike.git/lib/modules/SSL.pmod/Connection.pike:645:   int handle_change_cipher(int c)   {    if (!expect_change_cipher || (c != 1))    {    send_packet(alert(ALERT_fatal, ALERT_unexpected_message,    "Unexpected change cipher!\n"));    return -1;    }    else    { -  current_read_state = pending_read_state; -  expect_change_cipher = 0; +  if (sizeof(pending_read_state)) { +  SSL3_DEBUG_MSG("%O: Changing read state.\n", this); +  current_read_state = pending_read_state[0]; +  pending_read_state = pending_read_state[1..]; +  } else { +  error("No new read state pending!\n"); +  } +  expect_change_cipher--;    return 0;    }   }      void send_heartbeat()   {    if ((state != CONNECTION_ready) ||    (session->heartbeat_mode != HEARTBEAT_MODE_peer_allowed_to_send)) {    // We're not allowed to send heartbeats.    return;