generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Move s->packet and s->packet_length into s->rlayer

Browse Source 
Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell
2015-02-02 20:55:15 +00:00
parent 24a90afd85
commit 7a7048aff0
10 changed files with 84 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
ssl/record/d1_pkt.c
View File

@@ -193,8 +193,8 @@ static int dtls1_copy_record(SSL *s, pitem *item)
SSL3_BUFFER_release(&s->rlayer.rbuf);
s->packet = rdata->packet;
s->packet_length = rdata->packet_length;
s->rlayer.packet = rdata->packet;
s->rlayer.packet_length = rdata->packet_length;
memcpy(&s->rlayer.rbuf, &(rdata->rbuf), sizeof(SSL3_BUFFER));
memcpy(&s->rlayer.rrec, &(rdata->rrec), sizeof(SSL3_RECORD));
@@ -226,8 +226,8 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
return -1;
}
rdata->packet = s->packet;
rdata->packet_length = s->packet_length;
rdata->packet = s->rlayer.packet;
rdata->packet_length = s->rlayer.packet_length;
memcpy(&(rdata->rbuf), &s->rlayer.rbuf, sizeof(SSL3_BUFFER));
memcpy(&(rdata->rrec), &s->rlayer.rrec, sizeof(SSL3_RECORD));
@@ -243,8 +243,8 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
}
#endif
s->packet = NULL;
s->packet_length = 0;
s->rlayer.packet = NULL;
s->rlayer.packet_length = 0;
memset(&s->rlayer.rbuf, 0, sizeof(SSL3_BUFFER));
memset(&s->rlayer.rrec, 0, sizeof(SSL3_RECORD));

10
ssl/record/rec_layer.h
View File

@@ -148,6 +148,11 @@ typedef struct record_layer_st {
SSL3_RECORD rrec;
/* goes out from here */
SSL3_RECORD wrec;
/* used internally to point at a raw packet */
unsigned char *packet;
unsigned int packet_length;
} RECORD_LAYER;
@@ -161,6 +166,9 @@ typedef struct record_layer_st {
#define RECORD_LAYER_set_read_ahead(rl, ra) ((rl)->read_ahead = (ra))
#define RECORD_LAYER_get_read_ahead(rl) ((rl)->read_ahead)
#define RECORD_LAYER_setup_comp_buffer(rl) (SSL3_RECORD_setup(&(rl)->rrec))
#define RECORD_LAYER_get_packet(rl) ((rl)->packet)
#define RECORD_LAYER_get_packet_length(rl) ((rl)->packet_length)
#define RECORD_LAYER_add_packet_length(rl, inc) ((rl)->packet_length += (inc))
void RECORD_LAYER_init(RECORD_LAYER *rl, SSL *s);
void RECORD_LAYER_clear(RECORD_LAYER *rl);
@@ -193,6 +201,8 @@ void dtls1_reset_seq_numbers(SSL *s, int rw);
#define RECORD_LAYER_get_wbuf(rl) (&(rl)->wbuf)
#define RECORD_LAYER_get_rrec(rl) (&(rl)->rrec)
#define RECORD_LAYER_get_wrec(rl) (&(rl)->wrec)
#define RECORD_LAYER_set_packet(rl, p) ((rl)->packet = (p))
#define RECORD_LAYER_reset_packet_length(rl) ((rl)->packet_length = 0)
__owur int ssl3_read_n(SSL *s, int n, int max, int extend);
__owur int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,

15
ssl/record/s23_pkt.c
View File

@@ -94,19 +94,20 @@ int ssl23_read_bytes(SSL *s, int n)
unsigned char *p;
int j;
if (s->packet_length < (unsigned int)n) {
p = s->packet;
if (RECORD_LAYER_get_packet_length(&s->rlayer) < (unsigned int)n) {
p = RECORD_LAYER_get_packet(&s->rlayer);
for (;;) {
s->rwstate = SSL_READING;
j = BIO_read(s->rbio, (char *)&(p[s->packet_length]),
n - s->packet_length);
j = BIO_read(s->rbio,
(char *)&(p[RECORD_LAYER_get_packet_length(&s->rlayer)]),
n - RECORD_LAYER_get_packet_length(&s->rlayer));
if (j <= 0)
return (j);
s->rwstate = SSL_NOTHING;
s->packet_length += j;
if (s->packet_length >= (unsigned int)n)
return (s->packet_length);
RECORD_LAYER_add_packet_length(&s->rlayer, j);
if (RECORD_LAYER_get_packet_length(&s->rlayer) >= (unsigned int)n)
return (RECORD_LAYER_get_packet_length(&s->rlayer));
}
}
return (n);

20
ssl/record/s3_pkt.c
View File

@@ -187,7 +187,7 @@ int RECORD_LAYER_write_pending(RECORD_LAYER *rl)
int RECORD_LAYER_set_data(RECORD_LAYER *rl, const unsigned char *buf, int len)
{
rl->s->packet_length = len;
rl->packet_length = len;
if(len != 0) {
rl->s->rstate = SSL_ST_READ_HEADER;
if (!SSL3_BUFFER_is_initialised(&rl->rbuf))
@@ -195,7 +195,7 @@ int RECORD_LAYER_set_data(RECORD_LAYER *rl, const unsigned char *buf, int len)
return 0;
}
rl->s->packet = SSL3_BUFFER_get_buf(&rl->rbuf);
rl->packet = SSL3_BUFFER_get_buf(&rl->rbuf);
SSL3_BUFFER_set_data(&rl->rbuf, buf, len);
return 1;
@@ -261,8 +261,8 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
rb->offset = align;
}
}
s->packet = rb->buf + rb->offset;
s->packet_length = 0;
s->rlayer.packet = rb->buf + rb->offset;
s->rlayer.packet_length = 0;
/* ... now we can act as if 'extend' was set */
}
@@ -280,7 +280,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
/* if there is enough in the buffer from a previous read, take some */
if (left >= n) {
s->packet_length += n;
s->rlayer.packet_length += n;
rb->left = left - n;
rb->offset += n;
return (n);
@@ -288,15 +288,15 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
/* else we need to read more data */
len = s->packet_length;
len = s->rlayer.packet_length;
pkt = rb->buf + align;
/*
* Move any available bytes to front of buffer: 'len' bytes already
* pointed to by 'packet', 'left' extra ones at the end
*/
if (s->packet != pkt) { /* len > 0 */
memmove(pkt, s->packet, len + left);
s->packet = pkt;
if (s->rlayer.packet != pkt) { /* len > 0 */
memmove(pkt, s->rlayer.packet, len + left);
s->rlayer.packet = pkt;
rb->offset = len + align;
}
@@ -354,7 +354,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend)
/* done reading, now the book-keeping */
rb->offset += n;
rb->left = left - n;
s->packet_length += n;
s->rlayer.packet_length += n;
s->rwstate = SSL_NOTHING;
return (n);
}

2
ssl/record/ssl3_buffer.c
View File

@@ -160,7 +160,7 @@ int ssl3_setup_read_buffer(SSL *s)
b->len = len;
}
s->packet = &(b->buf[0]);
RECORD_LAYER_set_packet(&s->rlayer, &(b->buf[0]));
return 1;
err:

52
ssl/record/ssl3_record.c
View File

@@ -208,14 +208,14 @@ int ssl3_get_record(SSL *s)
again:
/* check if we have the header */
if ((s->rstate != SSL_ST_READ_BODY) ||
(s->packet_length < SSL3_RT_HEADER_LENGTH)) {
(RECORD_LAYER_get_packet_length(&s->rlayer) < SSL3_RT_HEADER_LENGTH)) {
n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH,
SSL3_BUFFER_get_len(&s->rlayer.rbuf), 0);
if (n <= 0)
return (n); /* error or non-blocking */
s->rstate = SSL_ST_READ_BODY;
p = s->packet;
p = RECORD_LAYER_get_packet(&s->rlayer);
if (s->msg_callback)
s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s,
s->msg_callback_arg);
@@ -260,7 +260,8 @@ int ssl3_get_record(SSL *s)
/* s->rstate == SSL_ST_READ_BODY, get and decode the data */
if (rr->length > s->packet_length - SSL3_RT_HEADER_LENGTH) {
if (rr->length >
RECORD_LAYER_get_packet_length(&s->rlayer) - SSL3_RT_HEADER_LENGTH) {
/* now s->packet_length == SSL3_RT_HEADER_LENGTH */
i = rr->length;
n = ssl3_read_n(s, i, i, 1);
@@ -278,7 +279,7 @@ int ssl3_get_record(SSL *s)
* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
* and we have that many bytes in s->packet
*/
rr->input = &(s->packet[SSL3_RT_HEADER_LENGTH]);
rr->input = &(RECORD_LAYER_get_packet(&s->rlayer)[SSL3_RT_HEADER_LENGTH]);
/*
* ok, we can now read from 's->packet' data into 'rr' rr->input points
@@ -446,7 +447,7 @@ int ssl3_get_record(SSL *s)
*/
/* we have pulled in a full packet so zero things */
s->packet_length = 0;
RECORD_LAYER_reset_packet_length(&s->rlayer);
/* just read a 0 length packet */
if (rr->length == 0) {
@@ -1205,7 +1206,7 @@ int dtls1_process_record(SSL *s)
* At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length,
* and we have that many bytes in s->packet
*/
rr->input = &(s->packet[DTLS1_RT_HEADER_LENGTH]);
rr->input = &(RECORD_LAYER_get_packet(&s->rlayer)[DTLS1_RT_HEADER_LENGTH]);
/*
* ok, we can now read from 's->packet' data into 'rr' rr->input points
@@ -1240,7 +1241,7 @@ int dtls1_process_record(SSL *s)
if (enc_err == 0) {
/* For DTLS we simply ignore bad packets. */
rr->length = 0;
s->packet_length = 0;
RECORD_LAYER_reset_packet_length(&s->rlayer);
goto err;
}
#ifdef TLS_DEBUG
@@ -1308,7 +1309,7 @@ int dtls1_process_record(SSL *s)
if (enc_err < 0) {
/* decryption failed, silently discard message */
rr->length = 0;
s->packet_length = 0;
RECORD_LAYER_reset_packet_length(&s->rlayer);
goto err;
}
@@ -1344,7 +1345,7 @@ int dtls1_process_record(SSL *s)
*/
/* we have pulled in a full packet so zero things */
s->packet_length = 0;
RECORD_LAYER_reset_packet_length(&s->rlayer);
return (1);
f_err:
@@ -1399,7 +1400,7 @@ int dtls1_get_record(SSL *s)
again:
/* check if we have the header */
if ((s->rstate != SSL_ST_READ_BODY) ||
(s->packet_length < DTLS1_RT_HEADER_LENGTH)) {
(RECORD_LAYER_get_packet_length(&s->rlayer) < DTLS1_RT_HEADER_LENGTH)) {
n = ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH,
SSL3_BUFFER_get_len(&s->rlayer.rbuf), 0);
/* read timeout is handled by dtls1_read_bytes */
@@ -1407,14 +1408,14 @@ int dtls1_get_record(SSL *s)
return (n); /* error or non-blocking */
/* this packet contained a partial record, dump it */
if (s->packet_length != DTLS1_RT_HEADER_LENGTH) {
s->packet_length = 0;
if (RECORD_LAYER_get_packet_length(&s->rlayer) != DTLS1_RT_HEADER_LENGTH) {
RECORD_LAYER_reset_packet_length(&s->rlayer);
goto again;
}
s->rstate = SSL_ST_READ_BODY;
p = s->packet;
p = RECORD_LAYER_get_packet(&s->rlayer);
if (s->msg_callback)
s->msg_callback(0, 0, SSL3_RT_HEADER, p, DTLS1_RT_HEADER_LENGTH,
@@ -1439,7 +1440,7 @@ int dtls1_get_record(SSL *s)
if (version != s->version) {
/* unexpected version, silently discard */
rr->length = 0;
s->packet_length = 0;
RECORD_LAYER_reset_packet_length(&s->rlayer);
goto again;
}
}
@@ -1447,14 +1448,14 @@ int dtls1_get_record(SSL *s)
if ((version & 0xff00) != (s->version & 0xff00)) {
/* wrong version, silently discard record */
rr->length = 0;
s->packet_length = 0;
RECORD_LAYER_reset_packet_length(&s->rlayer);
goto again;
}
if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
/* record too long, silently discard it */
rr->length = 0;
s->packet_length = 0;
RECORD_LAYER_reset_packet_length(&s->rlayer);
goto again;
}
@@ -1463,14 +1464,15 @@ int dtls1_get_record(SSL *s)
/* s->rstate == SSL_ST_READ_BODY, get and decode the data */
if (rr->length > s->packet_length - DTLS1_RT_HEADER_LENGTH) {
if (rr->length >
RECORD_LAYER_get_packet_length(&s->rlayer) - DTLS1_RT_HEADER_LENGTH) {
/* now s->packet_length == DTLS1_RT_HEADER_LENGTH */
i = rr->length;
n = ssl3_read_n(s, i, i, 1);
/* this packet contained a partial record, dump it */
if (n != i) {
rr->length = 0;
s->packet_length = 0;
RECORD_LAYER_reset_packet_length(&s->rlayer);
goto again;
}
@@ -1485,7 +1487,7 @@ int dtls1_get_record(SSL *s)
bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
if (bitmap == NULL) {
rr->length = 0;
s->packet_length = 0; /* dump this record */
RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */
goto again; /* get another record */
}
#ifndef OPENSSL_NO_SCTP
@@ -1499,11 +1501,13 @@ int dtls1_get_record(SSL *s)
* connections and would be dropped unnecessarily.
*/
if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE &&
s->packet_length > DTLS1_RT_HEADER_LENGTH &&
s->packet[DTLS1_RT_HEADER_LENGTH] == SSL3_MT_CLIENT_HELLO) &&
RECORD_LAYER_get_packet_length(&s->rlayer)
> DTLS1_RT_HEADER_LENGTH &&
RECORD_LAYER_get_packet(&s->rlayer)[DTLS1_RT_HEADER_LENGTH]
== SSL3_MT_CLIENT_HELLO) &&
!dtls1_record_replay_check(s, bitmap)) {
rr->length = 0;
s->packet_length = 0; /* dump this record */
RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */
goto again; /* get another record */
}
#ifndef OPENSSL_NO_SCTP
@@ -1529,13 +1533,13 @@ int dtls1_get_record(SSL *s)
dtls1_record_bitmap_update(s, bitmap);
}
rr->length = 0;
s->packet_length = 0;
RECORD_LAYER_reset_packet_length(&s->rlayer);
goto again;
}
if (!dtls1_process_record(s)) {
rr->length = 0;
s->packet_length = 0; /* dump this record */
RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */
goto again; /* get another record */
}
dtls1_record_bitmap_update(s, bitmap); /* Mark receipt of record. */

2
ssl/s23_clnt.c
View File

@@ -490,7 +490,7 @@ static int ssl23_get_server_hello(SSL *s)
if (n != 7)
return (n);
p = s->packet;
p = RECORD_LAYER_get_packet(&s->rlayer);
memcpy(buf, p, n);

19
ssl/s23_srvr.c
View File

@@ -264,7 +264,7 @@ int ssl23_get_client_hello(SSL *s)
if (n != sizeof buf_space)
return (n); /* n == -1 || n == 0 */
p = s->packet;
p = RECORD_LAYER_get_packet(&s->rlayer);
memcpy(buf, p, n);
@@ -415,7 +415,7 @@ int ssl23_get_client_hello(SSL *s)
*/
type = 2;
p = s->packet;
p = RECORD_LAYER_get_packet(&s->rlayer);
v[0] = p[3]; /* == SSL3_VERSION_MAJOR */
v[1] = p[4];
@@ -451,20 +451,25 @@ int ssl23_get_client_hello(SSL *s)
if (j <= 0)
return (j);
ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2);
ssl3_finish_mac(s, RECORD_LAYER_get_packet(&s->rlayer) + 2,
RECORD_LAYER_get_packet_length(&s->rlayer) - 2);
/* CLIENT-HELLO */
if (s->msg_callback)
s->msg_callback(0, SSL2_VERSION, 0, s->packet + 2,
s->packet_length - 2, s, s->msg_callback_arg);
s->msg_callback(0, SSL2_VERSION, 0,
RECORD_LAYER_get_packet(&s->rlayer) + 2,
RECORD_LAYER_get_packet_length(&s->rlayer) - 2, s,
s->msg_callback_arg);
p = s->packet;
p = RECORD_LAYER_get_packet(&s->rlayer);
p += 5;
n2s(p, csl);
n2s(p, sil);
n2s(p, cl);
d = (unsigned char *)s->init_buf->data;
if ((csl + sil + cl + 11) != s->packet_length) { /* We can't have TLS
if ((csl + sil + cl + 11)
!= RECORD_LAYER_get_packet_length(&s->rlayer)) {
/* We can't have TLS
* extensions in SSL
* 2.0 format *
* Client Hello, can

1
ssl/s3_lib.c
View File

@@ -3183,7 +3183,6 @@ void ssl3_clear(SSL *s)
ssl_free_wbio_buffer(s);
s->packet_length = 0;
s->s3->renegotiate = 0;
s->s3->total_renegotiations = 0;
s->s3->num_renegotiations = 0;

4
ssl/ssl_locl.h
View File

@@ -1029,9 +1029,7 @@ struct ssl_st {
* ssl3_get_message() */
int init_num; /* amount read/written */
int init_off; /* amount read/written */
/* used internally to point at a raw packet */
unsigned char *packet;
unsigned int packet_length;
struct ssl3_state_st *s3; /* SSLv3 variables */
struct dtls1_state_st *d1; /* DTLSv1 variables */