| line |
true |
false |
branch |
|
139
|
17143 |
0 |
if (ssl->flags & SSL_FLAGS_ERROR || ssl->flags & SSL_FLAGS_CLOSED) |
|
|
0 |
17143 |
if (ssl->flags & SSL_FLAGS_ERROR || ssl->flags & SSL_FLAGS_CLOSED) |
|
166
|
4 |
17139 |
if (ssl->flags & SSL_FLAGS_NEED_ENCODE) |
|
196
|
0 |
17139 |
if (end - c == 0) |
|
206
|
0 |
17139 |
if (end - c < SSL3_HEADER_LEN) |
|
234
|
1142 |
15997 |
if (ssl->majVer != 0 || (*c & 0x80) == 0) |
|
|
1142 |
0 |
if (ssl->majVer != 0 || (*c & 0x80) == 0) |
|
236
|
0 |
17139 |
if (end - c < ssl->recordHeadLen) |
|
275
|
0 |
17139 |
if (ssl->rec.majVer != 0x03) |
|
305
|
17139 |
0 |
switch (ssl->rec.type) |
|
323
|
15989 |
1150 |
if (ssl->hsState != SSL_HS_SERVER_HELLO && |
|
|
14847 |
1142 |
if (ssl->hsState != SSL_HS_SERVER_HELLO && |
|
326
|
14847 |
0 |
if (ssl->rec.majVer != ssl->majVer || ssl->rec.minVer != ssl->minVer) |
|
|
0 |
14847 |
if (ssl->rec.majVer != ssl->majVer || ssl->rec.minVer != ssl->minVer) |
|
334
|
0 |
0 |
if (ssl->hsState != SSL_HS_DONE || |
|
|
0 |
0 |
if (ssl->hsState != SSL_HS_DONE || |
|
351
|
17139 |
0 |
if (ssl->rec.len > SSL_MAX_RECORD_LEN || ssl->rec.len == 0) |
|
|
0 |
17139 |
if (ssl->rec.len > SSL_MAX_RECORD_LEN || ssl->rec.len == 0) |
|
490
|
2068 |
15071 |
if (end - c < ssl->rec.len) |
|
672
|
6290 |
8781 |
if ((ssl->flags & SSL_FLAGS_READ_SECURE) && (ssl->deBlockSize > 1) && |
|
|
3 |
6287 |
if ((ssl->flags & SSL_FLAGS_READ_SECURE) && (ssl->deBlockSize > 1) && |
|
|
3 |
0 |
if ((ssl->flags & SSL_FLAGS_READ_SECURE) && (ssl->deBlockSize > 1) && |
|
676
|
3 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_1) |
|
678
|
0 |
3 |
if (ssl->rec.len < (ssl->deMacSize + 1 + ssl->deBlockSize)) |
|
687
|
0 |
0 |
if (ssl->rec.len < (ssl->deMacSize + 1)) |
|
705
|
0 |
15071 |
if (ssl->decrypt(ssl, c, ctStart, ssl->rec.len) < 0) |
|
714
|
6287 |
8784 |
if (ssl->flags & SSL_FLAGS_AEAD_R) |
|
717
|
0 |
6287 |
ssl->rec.len -= AEAD_TAG_LEN(ssl); |
|
718
|
6287 |
0 |
if (ssl->flags & SSL_FLAGS_NONCE_R) |
|
732
|
6290 |
8781 |
if (ssl->flags & SSL_FLAGS_READ_SECURE && !(ssl->flags & SSL_FLAGS_AEAD_R)) |
|
|
3 |
6287 |
if (ssl->flags & SSL_FLAGS_READ_SECURE && !(ssl->flags & SSL_FLAGS_AEAD_R)) |
|
745
|
0 |
3 |
if (ssl->deBlockSize <= 1) |
|
776
|
3 |
0 |
if (ssl->majVer == SSL3_MAJ_VER && ssl->minVer == SSL3_MIN_VER && |
|
|
0 |
3 |
if (ssl->majVer == SSL3_MAJ_VER && ssl->minVer == SSL3_MIN_VER && |
|
|
0 |
0 |
if (ssl->majVer == SSL3_MAJ_VER && ssl->minVer == SSL3_MIN_VER && |
|
785
|
3 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_1) |
|
787
|
0 |
3 |
if (ssl->rec.len < ssl->deMacSize + padLen + 1 + ssl->deBlockSize) |
|
794
|
0 |
0 |
if (ssl->rec.len < ssl->deMacSize + padLen + 1) |
|
799
|
0 |
3 |
if (macError) |
|
804
|
0 |
0 |
for (rc = 255; rc >= 0; rc--) |
|
810
|
0 |
0 |
if ((unsigned char) rc == padLen) |
|
824
|
3 |
0 |
if (!macError && ssl->majVer == TLS_MAJ_VER && |
|
|
3 |
0 |
if (!macError && ssl->majVer == TLS_MAJ_VER && |
|
|
3 |
0 |
if (!macError && ssl->majVer == TLS_MAJ_VER && |
|
827
|
34 |
3 |
for (mac = p - padLen - 1; mac < p; mac++) |
|
829
|
0 |
34 |
if (*mac != padLen) |
|
837
|
0 |
3 |
if (macError) |
|
839
|
0 |
0 |
for (rc = 256 - padLen - 1; rc > 0; rc--) |
|
845
|
0 |
0 |
if ((unsigned char) rc == padLen) |
|
859
|
3 |
0 |
if (!macError) |
|
866
|
734 |
3 |
for (rc = (256 - padLen) - 1; rc > 0; rc--) |
|
869
|
3 |
731 |
if ((unsigned char) rc == padLen) |
|
894
|
3 |
0 |
if ((ssl->flags & SSL_FLAGS_TLS_1_1) && (ssl->deBlockSize > 1)) |
|
|
3 |
0 |
if ((ssl->flags & SSL_FLAGS_TLS_1_1) && (ssl->deBlockSize > 1)) |
|
909
|
3 |
0 |
if (ssl->deBlockSize > 1) |
|
913
|
3 |
0 |
if (macError == 0) |
|
923
|
0 |
0 |
while (rc > 0) |
|
935
|
0 |
0 |
while (rc > 0) |
|
947
|
0 |
3 |
while (rc > 0) |
|
963
|
3 |
0 |
if (ssl->verifyMac(ssl, ssl->rec.type, ctStart, |
|
964
|
0 |
3 |
(uint32) (mac - ctStart), mac) < 0 || macError) |
|
1128
|
0 |
15071 |
if (ssl->maxPtFrag == 0xFF) /* Still negotiating size */ |
|
1130
|
0 |
0 |
if ((int32) (pend - p) > SSL_MAX_PLAINTEXT_LEN) |
|
1139
|
0 |
15071 |
if ((int32) (pend - p) > ssl->maxPtFrag) |
|
1160
|
0 |
2119 |
if (pend - p < 1) |
|
1166
|
2119 |
0 |
if (*p == 1) |
|
1211
|
2119 |
0 |
if (ssl->hsState == SSL_HS_FINISHED) |
|
1213
|
0 |
2119 |
if (sslActivateReadCipher(ssl) < 0) |
|
1226
|
0 |
0 |
if (ssl->hsState == SSL_HS_CERTIFICATE && ssl->sid && |
|
|
0 |
0 |
if (ssl->hsState == SSL_HS_CERTIFICATE && ssl->sid && |
|
|
0 |
0 |
if (ssl->hsState == SSL_HS_CERTIFICATE && ssl->sid && |
|
1234
|
0 |
0 |
if (sslCreateKeys(ssl) < 0) |
|
1240
|
0 |
0 |
if (sslActivateReadCipher(ssl) < 0) |
|
1249
|
0 |
0 |
else if ((ssl->flags & SSL_FLAGS_ANON_CIPHER) && |
|
|
0 |
0 |
else if ((ssl->flags & SSL_FLAGS_ANON_CIPHER) && |
|
1250
|
0 |
0 |
(ssl->hsState == SSL_HS_SERVER_KEY_EXCHANGE) && ssl->sid && |
|
|
0 |
0 |
(ssl->hsState == SSL_HS_SERVER_KEY_EXCHANGE) && ssl->sid && |
|
1258
|
0 |
0 |
if (sslCreateKeys(ssl) < 0) |
|
1264
|
0 |
0 |
if (sslActivateReadCipher(ssl) < 0) |
|
1274
|
0 |
0 |
else if ((ssl->flags & SSL_FLAGS_PSK_CIPHER) && |
|
|
0 |
0 |
else if ((ssl->flags & SSL_FLAGS_PSK_CIPHER) && |
|
1275
|
0 |
0 |
(ssl->hsState == SSL_HS_SERVER_KEY_EXCHANGE) && ssl->sid && |
|
|
0 |
0 |
(ssl->hsState == SSL_HS_SERVER_KEY_EXCHANGE) && ssl->sid && |
|
1283
|
0 |
0 |
if (sslCreateKeys(ssl) < 0) |
|
1289
|
0 |
0 |
if (sslActivateReadCipher(ssl) < 0) |
|
1318
|
0 |
91 |
if (pend - p < 2) |
|
1351
|
90 |
1 |
if (*alertLevel == SSL_ALERT_LEVEL_FATAL) |
|
1355
|
1 |
90 |
if (*alertDescription == SSL_ALERT_CLOSE_NOTIFY) |
|
1386
|
0 |
8738 |
if (ssl->fragMessage != NULL) |
|
1388
|
0 |
0 |
if (ssl->fragIndex == ssl->fragTotal) |
|
1428
|
0 |
3266 |
if (c < origbuf + *len) |
|
1438
|
0 |
0 |
if (*c == SSL_RECORD_TYPE_APPLICATION_DATA && |
|
|
0 |
0 |
if (*c == SSL_RECORD_TYPE_APPLICATION_DATA && |
|
1439
|
0 |
0 |
ssl->hsState == SSL_HS_DONE && |
|
1455
|
0 |
0 |
if (*c == SSL_RECORD_TYPE_APPLICATION_DATA && |
|
|
0 |
0 |
if (*c == SSL_RECORD_TYPE_APPLICATION_DATA && |
|
1456
|
0 |
0 |
ssl->hsState == SSL_HS_DONE && |
|
1460
|
0 |
0 |
psAssert(origbuf + *len == c); |
|
1463
|
0 |
0 |
else if (*c == SSL_RECORD_TYPE_APPLICATION_DATA && |
|
|
0 |
0 |
else if (*c == SSL_RECORD_TYPE_APPLICATION_DATA && |
|
1464
|
0 |
0 |
ssl->hsState == SSL_HS_HELLO_REQUEST && |
|
1487
|
0 |
0 |
psAssert(origbuf + *len == c); |
|
1502
|
0 |
90 |
if (ssl->err == SSL_ALERT_NONE) |
|
1509
|
0 |
0 |
if (ssl->err == SSL_ALERT_NONE) |
|
1526
|
0 |
4123 |
if ((ssl->hsState != SSL_HS_DONE && ssl->hsState != SSL_HS_SERVER_HELLO) |
|
|
0 |
0 |
if ((ssl->hsState != SSL_HS_DONE && ssl->hsState != SSL_HS_SERVER_HELLO) |
|
1527
|
0 |
4123 |
|| !(ssl->flags & SSL_FLAGS_READ_SECURE)) |
|
1570
|
0 |
4123 |
if (ctStart == mac) |
|
1572
|
0 |
0 |
if (ssl->ignoredMessageCount++ >= SSL_MAX_IGNORED_MESSAGE_COUNT) |
|
1580
|
0 |
4123 |
else if (ssl->ignoredMessageCount > 0) |
|
1608
|
0 |
3360 |
if ((ssl->flags & SSL_FLAGS_FALSE_START) && *buf != origbuf) |
|
|
0 |
0 |
if ((ssl->flags & SSL_FLAGS_FALSE_START) && *buf != origbuf) |
|
1626
|
0 |
3360 |
psAssert(origbuf == *buf); |
|
1650
|
0 |
3360 |
if (ssl->hsState == SSL_HS_HELLO_REQUEST) |
|
1669
|
3356 |
4 |
if (rc == MATRIXSSL_SUCCESS) |
|
1671
|
90 |
3266 |
if (ssl->err != SSL_ALERT_NONE) |
|
1680
|
0 |
90 |
if (tmpout.buf == tmpout.end) |
|
1690
|
0 |
3356 |
if ((ssl->flags & SSL_FLAGS_FALSE_START) && *buf != origbuf) |
|
|
0 |
0 |
if ((ssl->flags & SSL_FLAGS_FALSE_START) && *buf != origbuf) |
|
1705
|
4 |
0 |
if (rc == SSL_FULL) |
|
1709
|
0 |
4 |
if (*buf != origbuf) |
|
1711
|
0 |
0 |
psAssert(rc != SSL_FULL); |
|
1721
|
0 |
0 |
psAssert(rc < 0); |
|
1738
|
3 |
0 |
if (ssl->flags & SSL_FLAGS_TLS_1_1) |
|
1746
|
0 |
3 |
if (ssl->deMacSize == SHA1_HASH_SIZE || ssl->deMacSize == SHA256_HASH_SIZE) |
|
|
0 |
0 |
if (ssl->deMacSize == SHA1_HASH_SIZE || ssl->deMacSize == SHA256_HASH_SIZE) |
|
1748
|
0 |
3 |
while (l1 > 64) |
|
1752
|
0 |
3 |
if (l1 > 56) |
|
1756
|
0 |
3 |
while (l2 > 64) |
|
1760
|
0 |
3 |
if (l2 > 56) |
|
1766
|
0 |
0 |
else if (ssl->deMacSize == SHA384_HASH_SIZE) |
|
1768
|
0 |
0 |
while (l1 > 128) |
|
1772
|
0 |
0 |
if (l1 > 112) |
|
1776
|
0 |
0 |
while (l2 > 128) |
|
1780
|
0 |
0 |
if (l2 > 112) |
|
1839
|
0 |
8738 |
if (ssl->fragMessage != NULL) |
|
1848
|
0 |
0 |
if (ssl->fragIndex == ssl->fragTotal) |
|
1872
|
0 |
8738 |
if (end - c < 1) |
|
1943
|
7 |
8731 |
if (hsType != ssl->hsState && |
|
|
7 |
0 |
if (hsType != ssl->hsState && |
|
1944
|
0 |
7 |
(hsType != SSL_HS_CLIENT_HELLO || ssl->hsState != SSL_HS_DONE)) |
|
1952
|
0 |
0 |
if ((hsType == SSL_HS_CERTIFICATE_REQUEST) && |
|
|
0 |
0 |
if ((hsType == SSL_HS_CERTIFICATE_REQUEST) && |
|
1968
|
0 |
0 |
if ((hsType == SSL_HS_HELLO_REQUEST) && |
|
|
0 |
0 |
if ((hsType == SSL_HS_HELLO_REQUEST) && |
|
1969
|
0 |
0 |
(ssl->hsState == SSL_HS_DONE) && |
|
1981
|
0 |
0 |
if ((hsType == SSL_HS_HELLO_REQUEST) && |
|
|
0 |
0 |
if ((hsType == SSL_HS_HELLO_REQUEST) && |
|
1982
|
0 |
0 |
(ssl->hsState == SSL_HS_SERVER_HELLO) && |
|
1983
|
0 |
0 |
(ssl->flags & SSL_FLAGS_READ_SECURE) && |
|
1984
|
0 |
0 |
(ssl->flags & SSL_FLAGS_WRITE_SECURE) && |
|
1989
|
0 |
0 |
if (end - c < 3) |
|
2012
|
0 |
0 |
if (ssl->rehandshakeCount <= 0) |
|
2020
|
0 |
0 |
if (hsLen == 0) |
|
2033
|
0 |
0 |
if ((hsType == SSL_HS_NEW_SESSION_TICKET) && |
|
|
0 |
0 |
if ((hsType == SSL_HS_NEW_SESSION_TICKET) && |
|
2034
|
0 |
0 |
(ssl->hsState == SSL_HS_FINISHED) && ssl->sid && |
|
|
0 |
0 |
(ssl->hsState == SSL_HS_FINISHED) && ssl->sid && |
|
2035
|
0 |
0 |
(ssl->sid->sessionTicketState == SESS_TICKET_STATE_RECVD_EXT) && |
|
2048
|
0 |
0 |
if (ssl->hsState == SSL_HS_CERTIFICATE_STATUS) |
|
2084
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_PSK_CIPHER) |
|
2086
|
0 |
0 |
if ((hsType == SSL_HS_SERVER_HELLO_DONE) && |
|
|
0 |
0 |
if ((hsType == SSL_HS_SERVER_HELLO_DONE) && |
|
2093
|
0 |
0 |
if (ssl->flags & SSL_FLAGS_DHE_KEY_EXCH) |
|
2150
|
1149 |
7589 |
if (hsType == SSL_HS_CLIENT_HELLO) |
|
2153
|
7 |
1142 |
if (ssl->hsState == SSL_HS_DONE) |
|
2159
|
0 |
7 |
if (ssl->rehandshakeCount <= 0) |
|
2179
|
2119 |
6619 |
if (ssl->hsState == SSL_HS_FINISHED) |
|
2181
|
0 |
2119 |
if (sslSnapshotHSHash(ssl, hsMsgHash, |
|
2190
|
0 |
8738 |
if (ssl->hsState == SSL_HS_CERTIFICATE_VERIFY) |
|
2194
|
0 |
0 |
if (sslSnapshotHSHash(ssl, hsMsgHash, -1) <= 0) |
|
2211
|
8738 |
0 |
if (ssl->rec.majVer >= SSL3_MAJ_VER) |
|
2213
|
0 |
8738 |
if (end - c < 3) |
|
2343
|
0 |
8738 |
if ((uint32) (end - c) < hsLen) |
|
2347
|
0 |
0 |
if (ssl->fragMessage == NULL) |
|
2352
|
0 |
0 |
if (ssl->fragMessage == NULL) |
|
2428
|
0 |
0 |
else if (ssl->rec.majVer == SSL2_MAJ_VER) |
|
2455
|
0 |
1149 |
psAssert(rc == 0); /* checking to see if this is the correct default */ |
|
2456
|
0 |
1149 |
if (c + hsLen != end) |
|
2464
|
1149 |
0 |
if (rc < 0 && rc != SSL_PROCESS_DATA) |
|
|
0 |
1149 |
if (rc < 0 && rc != SSL_PROCESS_DATA) |
|
2473
|
0 |
1057 |
psAssert(rc == 0); /* checking to see if this is the correct default */ |
|
2475
|
0 |
1057 |
if (rc < 0) |
|
2485
|
0 |
2119 |
psAssert(rc == 0); /* checking to see if this is the correct default */ |
|
2488
|
1059 |
1060 |
if (rc < 0 && rc != SSL_PROCESS_DATA) |
|
|
0 |
1059 |
if (rc < 0 && rc != SSL_PROCESS_DATA) |
|
2499
|
0 |
0 |
if (end - c != 0) |
|
2506
|
0 |
0 |
if (ssl->rehandshakeCount <= 0) |
|
2529
|
0 |
1150 |
psAssert(rc == 0); /* checking to see if this is the correct default */ |
|
2531
|
0 |
1150 |
if (rc < 0) |
|
2545
|
0 |
1148 |
psAssert(rc == 0); /* checking to see if this is the correct default */ |
|
2547
|
90 |
1058 |
if (rc < 0) |
|
2562
|
0 |
0 |
if (rc < 0) |
|
2584
|
0 |
0 |
if (hsLen < 6) |
|
2598
|
0 |
0 |
if ((uint32) (end - c) < hsLen) |
|
2604
|
0 |
0 |
if (ssl->sid->sessionTicketLen == 0) |
|
2609
|
0 |
0 |
if ((ssl->sid->sessionTicket = psMalloc(ssl->sid->pool, |
|
2626
|
0 |
0 |
psAssert(ssl->sid->sessionTicket); /* exists from previous hs */ |
|
2627
|
0 |
0 |
if (hsLen == ssl->sid->sessionTicketLen && |
|
|
0 |
0 |
if (hsLen == ssl->sid->sessionTicketLen && |
|
2637
|
0 |
0 |
if ((ssl->sid->sessionTicket = psMalloc(ssl->sid->pool, |
|
2663
|
0 |
1058 |
psAssert(rc == 0); /* checking to see if this is the correct default */ |
|
2665
|
1058 |
0 |
if (rc < 0 && rc != SSL_PROCESS_DATA) |
|
|
0 |
1058 |
if (rc < 0 && rc != SSL_PROCESS_DATA) |
|
2677
|
0 |
0 |
psAssert(rc == 0); /* checking to see if this is the correct default */ |
|
2679
|
0 |
0 |
if (rc < 0) |
|
2693
|
0 |
0 |
psAssert(rc == 0); /* checking to see if this is the correct default */ |
|
2695
|
0 |
0 |
if (rc < 0) |
|
2708
|
0 |
1057 |
psAssert(rc == 0); /* checking to see if this is the correct default */ |
|
2710
|
0 |
1057 |
if (rc < 0) |
|
2803
|
0 |
8648 |
if (c < end) |