generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove some duplicate DTLS code.

Browse Source 
In a couple of functions, a sequence number would be calculated twice.

Additionally, in |dtls1_process_out_of_seq_message|, we know that
|frag_len| <= |msg_hdr->msg_len| so the later tests for |frag_len <
msg_hdr->msg_len| can be more clearly written as |frag_len !=
msg_hdr->msg_len|, since that's the only remaining case.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
This commit is contained in:
Adam Langley 2014-06-06 14:47:07 -07:00 committed by Matt Caswell
parent 0c37aed3f3
commit 4e0fbdc4ec
1 changed files with 4 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
ssl/d1_both.c
View File

@ -599,7 +599,7 @@ static unsigned long dtls1_max_handshake_message_len(const SSL *s)
} }
static int static int
dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok) dtls1_reassemble_fragment(SSL *s, const struct hm_header_st* msg_hdr, int *ok)
{ {
hm_fragment *frag = NULL; hm_fragment *frag = NULL;
pitem *item = NULL; pitem *item = NULL;
@ -682,10 +682,6 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)
if (item == NULL) if (item == NULL)
{ {
memset(seq64be,0,sizeof(seq64be));
seq64be[6] = (unsigned char)(msg_hdr->seq>>8);
seq64be[7] = (unsigned char)(msg_hdr->seq);
item = pitem_new(seq64be, frag); item = pitem_new(seq64be, frag);
if (item == NULL) if (item == NULL)
{ {
@ -711,7 +707,7 @@ err:
static int static int
dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok) dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st* msg_hdr, int *ok)
{ {
int i=-1; int i=-1;
hm_fragment *frag = NULL; hm_fragment *frag = NULL;
@ -731,7 +727,7 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
/* If we already have an entry and this one is a fragment, /* If we already have an entry and this one is a fragment,
* don't discard it and rather try to reassemble it. * don't discard it and rather try to reassemble it.
*/ */
if (item != NULL && frag_len < msg_hdr->msg_len) if (item != NULL && frag_len != msg_hdr->msg_len)
item = NULL; item = NULL;
/* Discard the message if sequence number was already there, is /* Discard the message if sequence number was already there, is
@ -756,7 +752,7 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
} }
else else
{ {
if (frag_len < msg_hdr->msg_len) if (frag_len != msg_hdr->msg_len)
return dtls1_reassemble_fragment(s, msg_hdr, ok); return dtls1_reassemble_fragment(s, msg_hdr, ok);
if (frag_len > dtls1_max_handshake_message_len(s)) if (frag_len > dtls1_max_handshake_message_len(s))
@ -779,10 +775,6 @@ dtls1_process_out_of_seq_message(SSL *s, struct hm_header_st* msg_hdr, int *ok)
goto err; goto err;
} }
memset(seq64be,0,sizeof(seq64be));
seq64be[6] = (unsigned char)(msg_hdr->seq>>8);
seq64be[7] = (unsigned char)(msg_hdr->seq);
item = pitem_new(seq64be, frag); item = pitem_new(seq64be, frag);
if ( item == NULL) if ( item == NULL)
goto err; goto err;