Encapsulate SSL3_BUFFER and all access to s->s3->rbuf.
Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
parent
52e1d7b152
commit
28d59af874
12 changed files with 334 additions and 59 deletions
|
@ -29,7 +29,8 @@ LIBSRC= \
|
|||
ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
|
||||
ssl_ciph.c ssl_stat.c ssl_rsa.c \
|
||||
ssl_asn1.c ssl_txt.c ssl_algs.c ssl_conf.c \
|
||||
bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c
|
||||
bio_ssl.c ssl_err.c kssl.c t1_reneg.c tls_srp.c t1_trce.c ssl_utst.c \
|
||||
record/ssl3_buffer.c
|
||||
LIBOBJ= \
|
||||
s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_enc.o s3_pkt.o s3_both.o s3_cbc.o \
|
||||
s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \
|
||||
|
@ -39,7 +40,8 @@ LIBOBJ= \
|
|||
ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
|
||||
ssl_ciph.o ssl_stat.o ssl_rsa.o \
|
||||
ssl_asn1.o ssl_txt.o ssl_algs.o ssl_conf.o \
|
||||
bio_ssl.o ssl_err.o kssl.o t1_reneg.o tls_srp.o t1_trce.o ssl_utst.o
|
||||
bio_ssl.o ssl_err.o kssl.o t1_reneg.o tls_srp.o t1_trce.o ssl_utst.o \
|
||||
record/ssl3_buffer.o
|
||||
|
||||
SRC= $(LIBSRC)
|
||||
|
||||
|
|
26
ssl/d1_pkt.c
26
ssl/d1_pkt.c
|
@ -198,12 +198,12 @@ static int dtls1_copy_record(SSL *s, pitem *item)
|
|||
|
||||
rdata = (DTLS1_RECORD_DATA *)item->data;
|
||||
|
||||
if (s->s3->rbuf.buf != NULL)
|
||||
OPENSSL_free(s->s3->rbuf.buf);
|
||||
SSL3_BUFFER_release(RECORD_LAYER_get_rbuf(&s->rlayer));
|
||||
|
||||
s->packet = rdata->packet;
|
||||
s->packet_length = rdata->packet_length;
|
||||
memcpy(&(s->s3->rbuf), &(rdata->rbuf), sizeof(SSL3_BUFFER));
|
||||
memcpy(RECORD_LAYER_get_rbuf(&s->rlayer), &(rdata->rbuf),
|
||||
sizeof(SSL3_BUFFER));
|
||||
memcpy(&(s->s3->rrec), &(rdata->rrec), sizeof(SSL3_RECORD));
|
||||
|
||||
/* Set proper sequence number for mac calculation */
|
||||
|
@ -236,7 +236,8 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
|
|||
|
||||
rdata->packet = s->packet;
|
||||
rdata->packet_length = s->packet_length;
|
||||
memcpy(&(rdata->rbuf), &(s->s3->rbuf), sizeof(SSL3_BUFFER));
|
||||
memcpy(&(rdata->rbuf), RECORD_LAYER_get_rbuf(&s->rlayer),
|
||||
sizeof(SSL3_BUFFER));
|
||||
memcpy(&(rdata->rrec), &(s->s3->rrec), sizeof(SSL3_RECORD));
|
||||
|
||||
item->data = rdata;
|
||||
|
@ -253,7 +254,7 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
|
|||
|
||||
s->packet = NULL;
|
||||
s->packet_length = 0;
|
||||
memset(&(s->s3->rbuf), 0, sizeof(SSL3_BUFFER));
|
||||
memset(RECORD_LAYER_get_rbuf(&s->rlayer), 0, sizeof(SSL3_BUFFER));
|
||||
memset(&(s->s3->rrec), 0, sizeof(SSL3_RECORD));
|
||||
|
||||
if (!ssl3_setup_buffers(s)) {
|
||||
|
@ -544,7 +545,8 @@ int dtls1_get_record(SSL *s)
|
|||
/* check if we have the header */
|
||||
if ((s->rstate != SSL_ST_READ_BODY) ||
|
||||
(s->packet_length < DTLS1_RT_HEADER_LENGTH)) {
|
||||
n = ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
|
||||
n = ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH,
|
||||
SSL3_BUFFER_get_len(RECORD_LAYER_get_rbuf(&s->rlayer)), 0);
|
||||
/* read timeout is handled by dtls1_read_bytes */
|
||||
if (n <= 0)
|
||||
return (n); /* error or non-blocking */
|
||||
|
@ -722,9 +724,11 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
|
|||
SSL3_RECORD *rr;
|
||||
void (*cb) (const SSL *ssl, int type2, int val) = NULL;
|
||||
|
||||
if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
|
||||
if (!SSL3_BUFFER_is_initialised(RECORD_LAYER_get_rbuf(&s->rlayer))) {
|
||||
/* Not initialized yet */
|
||||
if (!ssl3_setup_buffers(s))
|
||||
return (-1);
|
||||
}
|
||||
|
||||
if ((type && (type != SSL3_RT_APPLICATION_DATA) &&
|
||||
(type != SSL3_RT_HANDSHAKE)) ||
|
||||
|
@ -1047,7 +1051,9 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
|
|||
}
|
||||
|
||||
if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
|
||||
if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
|
||||
if (SSL3_BUFFER_get_left(
|
||||
RECORD_LAYER_get_rbuf(&s->rlayer)) == 0) {
|
||||
/* no read-ahead left? */
|
||||
BIO *bio;
|
||||
/*
|
||||
* In the case where we try to read application data,
|
||||
|
@ -1269,7 +1275,9 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
|
|||
}
|
||||
|
||||
if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
|
||||
if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
|
||||
if (SSL3_BUFFER_get_left(
|
||||
RECORD_LAYER_get_rbuf(&s->rlayer)) == 0) {
|
||||
/* no read-ahead left? */
|
||||
BIO *bio;
|
||||
/*
|
||||
* In the case where we try to read application data, but we
|
||||
|
|
|
@ -110,6 +110,8 @@
|
|||
*/
|
||||
|
||||
typedef struct record_layer_st {
|
||||
/* The parent SSL structure */
|
||||
SSL *s;
|
||||
/*
|
||||
* Read as many input bytes as possible (for
|
||||
* non-blocking reads)
|
||||
|
@ -117,5 +119,7 @@ typedef struct record_layer_st {
|
|||
int read_ahead;
|
||||
} RECORD_LAYER;
|
||||
|
||||
#define RECORD_LAYER_set_ssl(rl, s) ((rl)->s = (s))
|
||||
#define RECORD_LAYER_set_read_ahead(rl, ra) ((rl)->read_ahead = (ra))
|
||||
#define RECORD_LAYER_get_read_ahead(rl) ((rl)->read_ahead)
|
||||
#define RECORD_LAYER_get_rbuf(rl) (&(rl)->s->s3->rbuf)
|
||||
|
|
127
ssl/record/ssl3_buffer.c
Normal file
127
ssl/record/ssl3_buffer.c
Normal file
|
@ -0,0 +1,127 @@
|
|||
/* ssl/record/ssl3_buffer.c */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
#include "../ssl_locl.h"
|
||||
|
||||
void SSL3_BUFFER_set_data(SSL3_BUFFER *b, unsigned char *d, int n)
|
||||
{
|
||||
if(d != NULL)
|
||||
memcpy(b->buf, d, n);
|
||||
b->left = n;
|
||||
b->offset = 0;
|
||||
}
|
||||
|
||||
void SSL3_BUFFER_release(SSL3_BUFFER *b)
|
||||
{
|
||||
if (b->buf != NULL)
|
||||
OPENSSL_free(b->buf);
|
||||
b->buf = NULL;
|
||||
}
|
132
ssl/record/ssl3_buffer.h
Normal file
132
ssl/record/ssl3_buffer.h
Normal file
|
@ -0,0 +1,132 @@
|
|||
/* ssl/record/ssl3_buffer.h */
|
||||
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
|
||||
* All rights reserved.
|
||||
*
|
||||
* This package is an SSL implementation written
|
||||
* by Eric Young (eay@cryptsoft.com).
|
||||
* The implementation was written so as to conform with Netscapes SSL.
|
||||
*
|
||||
* This library is free for commercial and non-commercial use as long as
|
||||
* the following conditions are aheared to. The following conditions
|
||||
* apply to all code found in this distribution, be it the RC4, RSA,
|
||||
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
|
||||
* included with this distribution is covered by the same copyright terms
|
||||
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
* Copyright remains Eric Young's, and as such any Copyright notices in
|
||||
* the code are not to be removed.
|
||||
* If this package is used in a product, Eric Young should be given attribution
|
||||
* as the author of the parts of the library used.
|
||||
* This can be in the form of a textual message at program startup or
|
||||
* in documentation (online or textual) provided with the package.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. All advertising materials mentioning features or use of this software
|
||||
* must display the following acknowledgement:
|
||||
* "This product includes cryptographic software written by
|
||||
* Eric Young (eay@cryptsoft.com)"
|
||||
* The word 'cryptographic' can be left out if the rouines from the library
|
||||
* being used are not cryptographic related :-).
|
||||
* 4. If you include any Windows specific code (or a derivative thereof) from
|
||||
* the apps directory (application code) you must include an acknowledgement:
|
||||
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* The licence and distribution terms for any publically available version or
|
||||
* derivative of this code cannot be changed. i.e. this code cannot simply be
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
typedef struct ssl3_buffer_st {
|
||||
/* at least SSL3_RT_MAX_PACKET_SIZE bytes, see ssl3_setup_buffers() */
|
||||
unsigned char *buf;
|
||||
/* buffer size */
|
||||
size_t len;
|
||||
/* where to 'copy from' */
|
||||
int offset;
|
||||
/* how many bytes left */
|
||||
int left;
|
||||
} SSL3_BUFFER;
|
||||
|
||||
#define SSL3_BUFFER_get_buf(b) ((b)->buf)
|
||||
#define SSL3_BUFFER_set_buf(b, n) ((b)->buf = (n))
|
||||
#define SSL3_BUFFER_get_len(b) ((b)->len)
|
||||
#define SSL3_BUFFER_set_len(b, l) ((b)->len = (l))
|
||||
#define SSL3_BUFFER_get_left(b) ((b)->left)
|
||||
#define SSL3_BUFFER_is_initialised(b) ((b)->buf != NULL)
|
||||
|
||||
void SSL3_BUFFER_set_data(SSL3_BUFFER *b, unsigned char *d, int n);
|
||||
void SSL3_BUFFER_release(SSL3_BUFFER *b);
|
||||
|
|
@ -481,7 +481,7 @@ static int ssl23_client_hello(SSL *s)
|
|||
|
||||
static int ssl23_get_server_hello(SSL *s)
|
||||
{
|
||||
char buf[8];
|
||||
unsigned char buf[8];
|
||||
unsigned char *p;
|
||||
int i;
|
||||
int n;
|
||||
|
@ -575,13 +575,11 @@ static int ssl23_get_server_hello(SSL *s)
|
|||
*/
|
||||
s->rstate = SSL_ST_READ_HEADER;
|
||||
s->packet_length = n;
|
||||
if (s->s3->rbuf.buf == NULL)
|
||||
if (!SSL3_BUFFER_is_initialised(RECORD_LAYER_get_rbuf(&s->rlayer)))
|
||||
if (!ssl3_setup_read_buffer(s))
|
||||
goto err;
|
||||
s->packet = &(s->s3->rbuf.buf[0]);
|
||||
memcpy(s->packet, buf, n);
|
||||
s->s3->rbuf.left = n;
|
||||
s->s3->rbuf.offset = 0;
|
||||
s->packet = SSL3_BUFFER_get_buf(RECORD_LAYER_get_rbuf(&s->rlayer));
|
||||
SSL3_BUFFER_set_data(RECORD_LAYER_get_rbuf(&s->rlayer), buf, n);
|
||||
|
||||
s->handshake_func = s->method->ssl_connect;
|
||||
} else {
|
||||
|
|
|
@ -244,8 +244,8 @@ int ssl23_get_client_hello(SSL *s)
|
|||
* 6-8 length > Client Hello message
|
||||
* 9/10 client_version /
|
||||
*/
|
||||
char buf_space[11];
|
||||
char *buf = &(buf_space[0]);
|
||||
unsigned char buf_space[11];
|
||||
unsigned char *buf = &(buf_space[0]);
|
||||
unsigned char *p, *d, *d_len, *dd;
|
||||
unsigned int i;
|
||||
unsigned int csl, sil, cl;
|
||||
|
@ -558,18 +558,15 @@ int ssl23_get_client_hello(SSL *s)
|
|||
*/
|
||||
s->rstate = SSL_ST_READ_HEADER;
|
||||
s->packet_length = n;
|
||||
if (s->s3->rbuf.buf == NULL)
|
||||
if (!SSL3_BUFFER_is_initialised(RECORD_LAYER_get_rbuf(&s->rlayer)))
|
||||
if (!ssl3_setup_read_buffer(s))
|
||||
goto err;
|
||||
|
||||
s->packet = &(s->s3->rbuf.buf[0]);
|
||||
memcpy(s->packet, buf, n);
|
||||
s->s3->rbuf.left = n;
|
||||
s->s3->rbuf.offset = 0;
|
||||
s->packet = SSL3_BUFFER_get_buf(RECORD_LAYER_get_rbuf(&s->rlayer));
|
||||
SSL3_BUFFER_set_data(RECORD_LAYER_get_rbuf(&s->rlayer), buf, n);
|
||||
} else {
|
||||
s->packet_length = 0;
|
||||
s->s3->rbuf.left = 0;
|
||||
s->s3->rbuf.offset = 0;
|
||||
SSL3_BUFFER_set_data(RECORD_LAYER_get_rbuf(&s->rlayer), NULL, 0);
|
||||
}
|
||||
s->handshake_func = s->method->ssl_accept;
|
||||
} else {
|
||||
|
|
|
@ -577,6 +577,9 @@ int ssl3_setup_read_buffer(SSL *s)
|
|||
{
|
||||
unsigned char *p;
|
||||
size_t len, align = 0, headerlen;
|
||||
SSL3_BUFFER *b;
|
||||
|
||||
b = RECORD_LAYER_get_rbuf(&s->rlayer);
|
||||
|
||||
if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER)
|
||||
headerlen = DTLS1_RT_HEADER_LENGTH;
|
||||
|
@ -587,7 +590,7 @@ int ssl3_setup_read_buffer(SSL *s)
|
|||
align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
|
||||
#endif
|
||||
|
||||
if (s->s3->rbuf.buf == NULL) {
|
||||
if (b->buf == NULL) {
|
||||
len = SSL3_RT_MAX_PLAIN_LENGTH
|
||||
+ SSL3_RT_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
|
||||
if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) {
|
||||
|
@ -600,11 +603,11 @@ int ssl3_setup_read_buffer(SSL *s)
|
|||
#endif
|
||||
if ((p = OPENSSL_malloc(len)) == NULL)
|
||||
goto err;
|
||||
s->s3->rbuf.buf = p;
|
||||
s->s3->rbuf.len = len;
|
||||
b->buf = p;
|
||||
b->len = len;
|
||||
}
|
||||
|
||||
s->packet = &(s->s3->rbuf.buf[0]);
|
||||
s->packet = &(b->buf[0]);
|
||||
return 1;
|
||||
|
||||
err:
|
||||
|
@ -669,9 +672,12 @@ int ssl3_release_write_buffer(SSL *s)
|
|||
|
||||
int ssl3_release_read_buffer(SSL *s)
|
||||
{
|
||||
if (s->s3->rbuf.buf != NULL) {
|
||||
OPENSSL_free(s->s3->rbuf.buf);
|
||||
s->s3->rbuf.buf = NULL;
|
||||
SSL3_BUFFER *b;
|
||||
|
||||
b = RECORD_LAYER_get_rbuf(&s->rlayer);
|
||||
if (b->buf != NULL) {
|
||||
OPENSSL_free(b->buf);
|
||||
b->buf = NULL;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
|
12
ssl/s3_lib.c
12
ssl/s3_lib.c
|
@ -3131,7 +3131,7 @@ void ssl3_free(SSL *s)
|
|||
return;
|
||||
|
||||
ssl3_cleanup_key_block(s);
|
||||
if (s->s3->rbuf.buf != NULL)
|
||||
if (SSL3_BUFFER_is_initialised(RECORD_LAYER_get_rbuf(&s->rlayer)))
|
||||
ssl3_release_read_buffer(s);
|
||||
if (s->s3->wbuf.buf != NULL)
|
||||
ssl3_release_write_buffer(s);
|
||||
|
@ -3190,9 +3190,9 @@ void ssl3_clear(SSL *s)
|
|||
# endif /* !OPENSSL_NO_EC */
|
||||
#endif /* !OPENSSL_NO_TLSEXT */
|
||||
|
||||
rp = s->s3->rbuf.buf;
|
||||
rp = SSL3_BUFFER_get_buf(RECORD_LAYER_get_rbuf(&s->rlayer));
|
||||
wp = s->s3->wbuf.buf;
|
||||
rlen = s->s3->rbuf.len;
|
||||
rlen = SSL3_BUFFER_get_len(RECORD_LAYER_get_rbuf(&s->rlayer));
|
||||
wlen = s->s3->wbuf.len;
|
||||
init_extra = s->s3->init_extra;
|
||||
BIO_free(s->s3->handshake_buffer);
|
||||
|
@ -3207,9 +3207,9 @@ void ssl3_clear(SSL *s)
|
|||
}
|
||||
#endif
|
||||
memset(s->s3, 0, sizeof *s->s3);
|
||||
s->s3->rbuf.buf = rp;
|
||||
SSL3_BUFFER_set_buf(RECORD_LAYER_get_rbuf(&s->rlayer), rp);
|
||||
s->s3->wbuf.buf = wp;
|
||||
s->s3->rbuf.len = rlen;
|
||||
SSL3_BUFFER_set_len(RECORD_LAYER_get_rbuf(&s->rlayer), rlen);
|
||||
s->s3->wbuf.len = wlen;
|
||||
s->s3->init_extra = init_extra;
|
||||
|
||||
|
@ -4494,7 +4494,7 @@ int ssl3_renegotiate_check(SSL *s)
|
|||
int ret = 0;
|
||||
|
||||
if (s->s3->renegotiate) {
|
||||
if ((s->s3->rbuf.left == 0) &&
|
||||
if ((SSL3_BUFFER_get_left(RECORD_LAYER_get_rbuf(&s->rlayer)) == 0) &&
|
||||
(s->s3->wbuf.left == 0) && !SSL_in_init(s)) {
|
||||
/*
|
||||
* if we are the server, and we have sent a 'RENEGOTIATE'
|
||||
|
|
23
ssl/s3_pkt.c
23
ssl/s3_pkt.c
|
@ -153,7 +153,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
|
|||
if (n <= 0)
|
||||
return n;
|
||||
|
||||
rb = &(s->s3->rbuf);
|
||||
rb = RECORD_LAYER_get_rbuf(&s->rlayer);
|
||||
if (rb->buf == NULL)
|
||||
if (!ssl3_setup_read_buffer(s))
|
||||
return -1;
|
||||
|
@ -336,7 +336,8 @@ static int ssl3_get_record(SSL *s)
|
|||
/* check if we have the header */
|
||||
if ((s->rstate != SSL_ST_READ_BODY) ||
|
||||
(s->packet_length < SSL3_RT_HEADER_LENGTH)) {
|
||||
n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
|
||||
n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH,
|
||||
SSL3_BUFFER_get_len(RECORD_LAYER_get_rbuf(&s->rlayer)), 0);
|
||||
if (n <= 0)
|
||||
return (n); /* error or non-blocking */
|
||||
s->rstate = SSL_ST_READ_BODY;
|
||||
|
@ -373,7 +374,9 @@ static int ssl3_get_record(SSL *s)
|
|||
goto err;
|
||||
}
|
||||
|
||||
if (rr->length > s->s3->rbuf.len - SSL3_RT_HEADER_LENGTH) {
|
||||
if (rr->length >
|
||||
SSL3_BUFFER_get_len(RECORD_LAYER_get_rbuf(&s->rlayer))
|
||||
- SSL3_RT_HEADER_LENGTH) {
|
||||
al = SSL_AD_RECORD_OVERFLOW;
|
||||
SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_PACKET_LENGTH_TOO_LONG);
|
||||
goto f_err;
|
||||
|
@ -1174,9 +1177,11 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
|
|||
SSL3_RECORD *rr;
|
||||
void (*cb) (const SSL *ssl, int type2, int val) = NULL;
|
||||
|
||||
if (s->s3->rbuf.buf == NULL) /* Not initialized yet */
|
||||
if (!SSL3_BUFFER_is_initialised(RECORD_LAYER_get_rbuf(&s->rlayer))) {
|
||||
/* Not initialized yet */
|
||||
if (!ssl3_setup_read_buffer(s))
|
||||
return (-1);
|
||||
}
|
||||
|
||||
if ((type && (type != SSL3_RT_APPLICATION_DATA)
|
||||
&& (type != SSL3_RT_HANDSHAKE)) || (peek
|
||||
|
@ -1288,7 +1293,8 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
|
|||
s->rstate = SSL_ST_READ_HEADER;
|
||||
rr->off = 0;
|
||||
if (s->mode & SSL_MODE_RELEASE_BUFFERS
|
||||
&& s->s3->rbuf.left == 0)
|
||||
&& SSL3_BUFFER_get_left(
|
||||
RECORD_LAYER_get_rbuf(&s->rlayer)) == 0)
|
||||
ssl3_release_read_buffer(s);
|
||||
}
|
||||
}
|
||||
|
@ -1391,7 +1397,9 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
|
|||
}
|
||||
|
||||
if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
|
||||
if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
|
||||
if (SSL3_BUFFER_get_left(
|
||||
RECORD_LAYER_get_rbuf(&s->rlayer)) == 0) {
|
||||
/* no read-ahead left? */
|
||||
BIO *bio;
|
||||
/*
|
||||
* In the case where we try to read application data,
|
||||
|
@ -1563,7 +1571,8 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
|
|||
}
|
||||
|
||||
if (!(s->mode & SSL_MODE_AUTO_RETRY)) {
|
||||
if (s->s3->rbuf.left == 0) { /* no read-ahead left? */
|
||||
if (SSL3_BUFFER_get_left(RECORD_LAYER_get_rbuf(&s->rlayer)) == 0) {
|
||||
/* no read-ahead left? */
|
||||
BIO *bio;
|
||||
/*
|
||||
* In the case where we try to read application data, but we
|
||||
|
|
|
@ -280,6 +280,8 @@ SSL *SSL_new(SSL_CTX *ctx)
|
|||
goto err;
|
||||
memset(s, 0, sizeof(SSL));
|
||||
|
||||
RECORD_LAYER_set_ssl(&s->rlayer, s);
|
||||
|
||||
#ifndef OPENSSL_NO_KRB5
|
||||
s->kssl_ctx = kssl_ctx_new();
|
||||
#endif /* OPENSSL_NO_KRB5 */
|
||||
|
|
|
@ -166,6 +166,7 @@
|
|||
# include <openssl/symhacks.h>
|
||||
|
||||
#include "record/rec_layer.h"
|
||||
#include "record/ssl3_buffer.h"
|
||||
|
||||
# ifdef OPENSSL_BUILD_SHLIBSSL
|
||||
# undef OPENSSL_EXTERN
|
||||
|
@ -979,8 +980,6 @@ struct ssl_st {
|
|||
int type;
|
||||
/* SSLv3 */
|
||||
const SSL_METHOD *method;
|
||||
|
||||
RECORD_LAYER rlayer;
|
||||
/*
|
||||
* There are 2 BIO's even though they are normally both the same. This
|
||||
* is so data can be read and written to different handlers
|
||||
|
@ -1220,6 +1219,8 @@ struct ssl_st {
|
|||
* basis, depending on the chosen cipher.
|
||||
*/
|
||||
int (*not_resumable_session_cb) (SSL *ssl, int is_forward_secure);
|
||||
|
||||
RECORD_LAYER rlayer;
|
||||
};
|
||||
|
||||
typedef struct ssl3_record_st {
|
||||
|
@ -1264,17 +1265,6 @@ typedef struct ssl3_record_st {
|
|||
*/ unsigned char seq_num[8];
|
||||
} SSL3_RECORD;
|
||||
|
||||
typedef struct ssl3_buffer_st {
|
||||
/* at least SSL3_RT_MAX_PACKET_SIZE bytes, see ssl3_setup_buffers() */
|
||||
unsigned char *buf;
|
||||
/* buffer size */
|
||||
size_t len;
|
||||
/* where to 'copy from' */
|
||||
int offset;
|
||||
/* how many bytes left */
|
||||
int left;
|
||||
} SSL3_BUFFER;
|
||||
|
||||
typedef struct ssl3_state_st {
|
||||
long flags;
|
||||
int delay_buf_pop_ret;
|
||||
|
|
Loading…
Reference in a new issue