The first step towards a SSL_peek fix.
The main thing to verify about these changes is that nothing at all has changed, as far as behaviour is concerned (except that some SSLerr() invocations now have a different function code): SSL_read (ssl2_read, ssl3_read) behaves exactly as before, and SSL_peek refuses to do any work exactly as before. But now the functions actually doing the work have a 'peek' flag, so it should be easy to change them to behave accordingly.
This commit is contained in:
Bodo Möller
90
ssl/s3_lib.c
90
ssl/s3_lib.c
@@ -55,6 +55,59 @@
|
||||
* copied and put under another distribution licence
|
||||
* [including the GNU Public Licence.]
|
||||
*/
|
||||
/* ====================================================================
|
||||
* Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in
|
||||
* the documentation and/or other materials provided with the
|
||||
* distribution.
|
||||
*
|
||||
* 3. All advertising materials mentioning features or use of this
|
||||
* software must display the following acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
||||
*
|
||||
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
||||
* endorse or promote products derived from this software without
|
||||
* prior written permission. For written permission, please contact
|
||||
* openssl-core@openssl.org.
|
||||
*
|
||||
* 5. Products derived from this software may not be called "OpenSSL"
|
||||
* nor may "OpenSSL" appear in their names without prior written
|
||||
* permission of the OpenSSL Project.
|
||||
*
|
||||
* 6. Redistributions of any form whatsoever must retain the following
|
||||
* acknowledgment:
|
||||
* "This product includes software developed by the OpenSSL Project
|
||||
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
||||
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
||||
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
||||
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
||||
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
* ====================================================================
|
||||
*
|
||||
* This product includes cryptographic software written by Eric Young
|
||||
* (eay@cryptsoft.com). This product includes software written by Tim
|
||||
* Hudson (tjh@cryptsoft.com).
|
||||
*
|
||||
*/
|
||||
|
||||
#include <stdio.h>
|
||||
#include <openssl/md5.h>
|
||||
@@ -1189,7 +1242,7 @@ int ssl3_shutdown(SSL *s)
|
||||
else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
|
||||
{
|
||||
/* If we are waiting for a close from our peer, we are closed */
|
||||
ssl3_read_bytes(s,0,NULL,0);
|
||||
ssl3_read_bytes(s,0,NULL,0,0);
|
||||
}
|
||||
|
||||
if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
|
||||
@@ -1252,14 +1305,14 @@ int ssl3_write(SSL *s, const void *buf, int len)
|
||||
return(ret);
|
||||
}
|
||||
|
||||
int ssl3_read(SSL *s, void *buf, int len)
|
||||
static int ssl3_read_internal(SSL *s, void *buf, int len, int peek)
|
||||
{
|
||||
int ret;
|
||||
|
||||
clear_sys_error();
|
||||
if (s->s3->renegotiate) ssl3_renegotiate_check(s);
|
||||
s->s3->in_read_app_data=1;
|
||||
ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len);
|
||||
ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
|
||||
if ((ret == -1) && (s->s3->in_read_app_data == 0))
|
||||
{
|
||||
/* ssl3_read_bytes decided to call s->handshake_func, which
|
||||
@@ -1269,7 +1322,7 @@ int ssl3_read(SSL *s, void *buf, int len)
|
||||
* by resetting 'in_read_app_data', strangely); so disable
|
||||
* handshake processing and try to read application data again. */
|
||||
s->in_handshake++;
|
||||
ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len);
|
||||
ret=ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len,peek);
|
||||
s->in_handshake--;
|
||||
}
|
||||
else
|
||||
@@ -1278,31 +1331,14 @@ int ssl3_read(SSL *s, void *buf, int len)
|
||||
return(ret);
|
||||
}
|
||||
|
||||
int ssl3_read(SSL *s, void *buf, int len)
|
||||
{
|
||||
return ssl3_read_internal(s, buf, len, 0);
|
||||
}
|
||||
|
||||
int ssl3_peek(SSL *s, char *buf, int len)
|
||||
{
|
||||
#if 1
|
||||
SSLerr(SSL_F_SSL3_PEEK, SSL_R_FIXME); /* function is totally broken */
|
||||
return -1;
|
||||
#else
|
||||
SSL3_RECORD *rr;
|
||||
int n;
|
||||
|
||||
rr= &(s->s3->rrec);
|
||||
if ((rr->length == 0) || (rr->type != SSL3_RT_APPLICATION_DATA))
|
||||
{
|
||||
n=ssl3_read(s,buf,1);
|
||||
if (n <= 0) return(n);
|
||||
rr->length++;
|
||||
rr->off--;
|
||||
}
|
||||
|
||||
if ((unsigned int)len > rr->length)
|
||||
n=rr->length;
|
||||
else
|
||||
n=len;
|
||||
memcpy(buf,&(rr->data[rr->off]),(unsigned int)n);
|
||||
return(n);
|
||||
#endif
|
||||
return ssl3_read_internal(s, buf, len, 0);
|
||||
}
|
||||
|
||||
int ssl3_renegotiate(SSL *s)
|
||||
|
||||
Reference in New Issue
Block a user