From ce441b3442c8a4b7fae863e903abb0dcc0000e05 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Tue, 18 Feb 2014 17:40:52 +0100
Subject: [PATCH] Add space for new DTLS fields in handshake

---
 library/ssl_srv.c | 15 ++++++++++-
 library/ssl_tls.c | 65 ++++++++++++++++++++++++++++++++++-------------
 2 files changed, 62 insertions(+), 18 deletions(-)

diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 5ab626a67..07bbd3d7c 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -354,7 +354,7 @@ static int ssl_parse_ticket( ssl_context *ssl,
 #if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
 /*
  * Wrapper around f_sni, allowing use of ssl_set_own_cert() but
- * making it act on ssl->hanshake->sni_key_cert instead.
+ * making it act on ssl->handshake->sni_key_cert instead.
  */
 static int ssl_sni_wrapper( ssl_context *ssl,
                             const unsigned char* name, size_t len )
@@ -1205,6 +1205,19 @@ static int ssl_parse_client_hello( ssl_context *ssl )
 
     ssl->handshake->update_checksum( ssl, buf, n );
 
+    /*
+     * For DTLS, we move data so that is looks like TLS handshake format
+     */
+#if defined(POLARSSL_SSL_PROTO_DTLS)
+    if( ssl->transport == SSL_TRANSPORT_DATAGRAM )
+    {
+        // TODO: DTLS: actually use the additional fields before removing them!
+
+        memmove( buf + 4, buf + 12, n - 12 );
+        n -= 8;
+    }
+#endif /* POLARSSL_SSL_PROTO_DTLS */
+
     /*
      * SSL layer:
      *     0  .   0   handshake type
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index fba475183..e9ede30c2 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1924,6 +1924,25 @@ int ssl_write_record( ssl_context *ssl )
         ssl->out_msg[2] = (unsigned char)( ( len - 4 ) >>  8 );
         ssl->out_msg[3] = (unsigned char)( ( len - 4 )       );
 
+        /*
+         * DTLS has additional fields in the Handshake layer,
+         * between the length field and the actual payload:
+         *      uint16 message_seq;
+         *      uint24 fragment_offset;
+         *      uint24 fragment_length;
+         */
+#if defined(POLARSSL_SSL_PROTO_DTLS)
+        if( ssl->transport == SSL_TRANSPORT_DATAGRAM )
+        {
+            memmove( ssl->out_msg + 12, ssl->out_msg + 4, ssl->out_msglen - 4 );
+            ssl->out_msglen += 8;
+            len += 8;
+
+            // TODO: DTLS: fill additional fields correctly
+            memset( ssl->out_msg + 4, 0x00, 8 );
+        }
+#endif /* POLARSSL_SSL_PROTO_DTLS */
+
         if( ssl->out_msg[0] != SSL_HS_HELLO_REQUEST )
             ssl->handshake->update_checksum( ssl, ssl->out_msg, len );
     }
@@ -2004,34 +2023,38 @@ int ssl_write_record( ssl_context *ssl )
 
 static int ssl_prepare_handshake_record( ssl_context *ssl )
 {
-    ssl->in_hslen  = 4;
+    ssl->in_hslen  = ssl->transport == SSL_TRANSPORT_DATAGRAM ? 12 : 4;
     ssl->in_hslen += ( ssl->in_msg[2] << 8 ) | ssl->in_msg[3];
 
     SSL_DEBUG_MSG( 3, ( "handshake message: msglen ="
                         " %d, type = %d, hslen = %d",
-                   ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) );
+                        ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) );
 
-    /*
-     * Additional checks to validate the handshake header
-     */
-    if( ssl->in_msglen < 4 || ssl->in_msg[1] != 0 )
+    /* We don't handle handshake messages larger than one record (for now) */
+    if( ssl->in_msg[1] != 0 ||
+        ssl->in_msglen < ssl->in_hslen )
     {
         SSL_DEBUG_MSG( 1, ( "bad handshake length" ) );
         return( POLARSSL_ERR_SSL_INVALID_RECORD );
     }
 
-    if( ssl->in_msglen < ssl->in_hslen )
-    {
-        SSL_DEBUG_MSG( 1, ( "bad handshake length" ) );
-        return( POLARSSL_ERR_SSL_INVALID_RECORD );
-    }
-
-    /*
-     * Update handshake checksum
-     */
     if( ssl->state != SSL_HANDSHAKE_OVER )
         ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen );
 
+    /*
+     * For DTLS, we move data so that is looks like
+     * TLS handshake format to other functions.
+     */
+#if defined(POLARSSL_SSL_PROTO_DTLS)
+    if( ssl->transport == SSL_TRANSPORT_DATAGRAM )
+    {
+        // TODO: DTLS: actually use the additional fields before removing them!
+
+        memmove( ssl->in_msg + 4, ssl->in_msg + 12, ssl->in_hslen - 12 );
+        ssl->in_hslen -= 8;
+    }
+#endif /* POLARSSL_SSL_PROTO_DTLS */
+
     return( 0 );
 }
 
@@ -2042,8 +2065,16 @@ int ssl_read_record( ssl_context *ssl )
 
     SSL_DEBUG_MSG( 2, ( "=> read record" ) );
 
-    if( ssl->in_hslen != 0 &&
-        ssl->in_hslen < ssl->in_msglen )
+    /*
+     * With DTLS, we cheated on in_hslen to make the handshake message look
+     * like TLS format, restore the truth now
+     */
+#if defined(POLARSSL_SSL_PROTO_DTLS)
+    if( ssl->in_hslen != 0 && ssl->transport == SSL_TRANSPORT_DATAGRAM )
+        ssl->in_hslen += 8;
+#endif
+
+    if( ssl->in_hslen != 0 && ssl->in_hslen < ssl->in_msglen )
     {
         /*
          * Get next Handshake message in the current record