$ diff -r openssl-1.0.1f/ssl/t1_lib.c openssl-1.0.1g/ssl/t1_lib.c#ifndef

1. $ diff -r openssl-1.0.1f/ssl/t1_lib.c openssl-1.0.1g/ssl/t1_lib.c
2.  
3.  
4.  
5. #ifndef OPENSSL_NO_HEARTBEATS #ifndef OPENSSL_NO_HEARTBEATS
6. int int
7. tls1_process_heartbeat(SSL *s) tls1_process_heartbeat(SSL *s)
8. { {
9. unsigned char *p = &s->s3->rrec.data[0], *pl; unsigned char *p = &s->s3->rrec.data[0], *pl;
10. unsigned short hbtype; unsigned short hbtype;
11. unsigned int payload; unsigned int payload;
12. unsigned int padding = 16; /* Use minimum padding */ unsigned int padding = 16; /* Use minimum padding */
13.  
14. /* Read type and payload length first */ <
15. hbtype = *p++; <
16. n2s(p, payload); <
17. pl = p; <
18. <
19. if (s->msg_callback) if (s->msg_callback)
20. s->msg_callback(0, s->version, TLS1_RT_HEARTB s->msg_callback(0, s->version, TLS1_RT_HEARTB
21. &s->s3->rrec.data[0], s->s3->rrec.len &s->s3->rrec.data[0], s->s3->rrec.len
22. s, s->msg_callback_arg); s, s->msg_callback_arg);
23.  
24. > /* Read type and payload length first */
25. > if (1 + 2 + 16 > s->s3->rrec.length)
26. > return 0; /* silently discard */
27. > hbtype = *p++;
28. > n2s(p, payload);
29. > if (1 + 2 + payload + 16 > s->s3->rrec.length)
30. > return 0; /* silently discard per RFC 6520 se
31. > pl = p;
32. >
33. if (hbtype == TLS1_HB_REQUEST) if (hbtype == TLS1_HB_REQUEST)
34. { {
35. unsigned char *buffer, *bp; unsigned char *buffer, *bp;
36. int r; int r;
37.  
38. /* Allocate memory for the response, size is /* Allocate memory for the response, size is
39. * message type, plus 2 bytes payload length, * message type, plus 2 bytes payload length,
40. * payload, plus padding * payload, plus padding
41. */ */
42. buffer = OPENSSL_malloc(1 + 2 + payload + pad buffer = OPENSSL_malloc(1 + 2 + payload + pad
43. bp = buffer; bp = buffer;
44.  
45. /* Enter response type, length and copy paylo /* Enter response type, length and copy paylo
46. *bp++ = TLS1_HB_RESPONSE; *bp++ = TLS1_HB_RESPONSE;
47. s2n(payload, bp); s2n(payload, bp);
48. memcpy(bp, pl, payload); memcpy(bp, pl, payload);
49. bp += payload; bp += payload;
50. /* Random padding */ /* Random padding */
51. RAND_pseudo_bytes(bp, padding); RAND_pseudo_bytes(bp, padding);
52.  
53. r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, bu r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, bu
54.  
55. if (r >= 0 && s->msg_callback) if (r >= 0 && s->msg_callback)
56. s->msg_callback(1, s->version, TLS1_R s->msg_callback(1, s->version, TLS1_R
57. buffer, 3 + payload + padding buffer, 3 + payload + padding
58. s, s->msg_callback_arg); s, s->msg_callback_arg);
59.  
60. OPENSSL_free(buffer); OPENSSL_free(buffer);
61.  
62. if (r < 0) if (r < 0)
63. return r; return r;
64. } }
65. else if (hbtype == TLS1_HB_RESPONSE) else if (hbtype == TLS1_HB_RESPONSE)
66. { {
67. unsigned int seq; unsigned int seq;
68.  
69. /* We only send sequence numbers (2 bytes uns /* We only send sequence numbers (2 bytes uns
70. * and 16 random bytes, so we just try to rea * and 16 random bytes, so we just try to rea
71. * sequence number */ * sequence number */
72. n2s(pl, seq); n2s(pl, seq);
73.  
74. if (payload == 18 && seq == s->tlsext_hb_seq) if (payload == 18 && seq == s->tlsext_hb_seq)
75. { {
76. s->tlsext_hb_seq++; s->tlsext_hb_seq++;
77. s->tlsext_hb_pending = 0; s->tlsext_hb_pending = 0;
78. } }
79. } }
80.  
81. return 0; return 0;
82. } }