* or configure TLS not to exceed MAX_RECORD_SIZE.
*/
typedef struct _record_t {
- unsigned char data[MAX_RECORD_SIZE];
- unsigned int used;
+ uint8_t data[MAX_RECORD_SIZE];
+ size_t used;
} record_t;
typedef struct _tls_info_t {
- unsigned char origin;
- unsigned char content_type;
- unsigned char handshake_type;
- unsigned char alert_level;
- unsigned char alert_description;
+ int origin;
+ int content_type;
+ uint8_t handshake_type;
+ uint8_t alert_level;
+ uint8_t alert_description;
+ bool initialized;
+
char info_description[256];
size_t record_len;
int version;
- char initialized;
} tls_info_t;
/*
* Fill in our 'info' with TLS data.
*/
void cbtls_msg(int write_p, int msg_version, int content_type,
- void const *buf, size_t len,
+ void const *inbuf, size_t len,
SSL *ssl UNUSED, void *arg)
{
+ uint8_t const *buf = inbuf;
tls_session_t *state = (tls_session_t *)arg;
/*
*/
if (!state) return;
- state->info.origin = (unsigned char)write_p;
- state->info.content_type = (unsigned char)content_type;
+ state->info.origin = write_p;
+ state->info.content_type = content_type;
state->info.record_len = len;
state->info.version = msg_version;
- state->info.initialized = 1;
+ state->info.initialized = true;
if (content_type == SSL3_RT_ALERT) {
- state->info.alert_level = ((unsigned char const *)buf)[0];
- state->info.alert_description = ((unsigned char const *)buf)[1];
+ state->info.alert_level = buf[0];
+ state->info.alert_description = buf[1];
state->info.handshake_type = 0x00;
} else if (content_type == SSL3_RT_HANDSHAKE) {
- state->info.handshake_type = ((unsigned char const *)buf)[0];
+ state->info.handshake_type = buf[0];
state->info.alert_level = 0x00;
state->info.alert_description = 0x00;
err = BIO_write(ssn->into_ssl, ssn->dirty_in.data, ssn->dirty_in.used);
if (err != (int) ssn->dirty_in.used) {
- RDEBUG("Failed writing %d to SSL BIO: %d", ssn->dirty_in.used,
+ RDEBUG("Failed writing %zd bytes to SSL BIO: %d", ssn->dirty_in.used,
err);
record_init(&ssn->dirty_in);
return 0;
ssn->dirty_in.used);
if (err != (int) ssn->dirty_in.used) {
record_init(&ssn->dirty_in);
- RDEBUG("Failed writing %d to SSL BIO: %d", ssn->dirty_in.used, err);
+ RDEBUG("Failed writing %zd bytes to SSL BIO: %d", ssn->dirty_in.used, err);
return FR_TLS_FAIL;
}
RERROR("FAIL: Unexpected ACK received. Could not obtain session information");
return FR_TLS_INVALID;
}
- if (ssn->info.initialized == 0) {
+ if (!ssn->info.initialized) {
RDEBUG("No SSL info available. Waiting for more SSL data");
return FR_TLS_REQUEST;
}
*/
if ((sock->ssn->clean_out.used < 20) ||
(((sock->ssn->clean_out.data[2] << 8) | sock->ssn->clean_out.data[3]) != (int) sock->ssn->clean_out.used)) {
- RDEBUG("Received bad packet: Length %d contents %d",
+ RDEBUG("Received bad packet: Length %zd contents %d",
sock->ssn->clean_out.used,
(sock->ssn->clean_out.data[2] << 8) | sock->ssn->clean_out.data[3]);
goto do_close;