generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

DTLS fixes for signed/unsigned issues

Browse Source 
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 1904d21123849a65dafde1705e6dd5b7c2f420eb)
This commit is contained in:
Matt Caswell 2014-12-12 15:32:24 +00:00
parent 9d410579a7
commit a60536348b
1 changed files with 27 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
ssl/d1_both.c
View File

@ -259,9 +259,9 @@ static int dtls1_query_mtu(SSL *s)
int dtls1_do_write(SSL *s, int type) int dtls1_do_write(SSL *s, int type)
{ {
int ret; int ret;
int curr_mtu; unsigned int curr_mtu;
int retry = 1; int retry = 1;
unsigned int len, frag_off, mac_size, blocksize; unsigned int len, frag_off, mac_size, blocksize, used_len;
if(!dtls1_query_mtu(s)) if(!dtls1_query_mtu(s))
return -1; return -1;
@ -284,10 +284,15 @@ int dtls1_do_write(SSL *s, int type)
blocksize = 0; blocksize = 0;
frag_off = 0; frag_off = 0;
while( s->init_num) /* s->init_num shouldn't ever be < 0...but just in case */
while( s->init_num > 0)
{ {
curr_mtu = s->d1->mtu - BIO_wpending(SSL_get_wbio(s)) - used_len = BIO_wpending(SSL_get_wbio(s)) + DTLS1_RT_HEADER_LENGTH
DTLS1_RT_HEADER_LENGTH - mac_size - blocksize; + mac_size + blocksize;
if(s->d1->mtu > used_len)
curr_mtu = s->d1->mtu - used_len;
else
curr_mtu = 0;
if ( curr_mtu <= DTLS1_HM_HEADER_LENGTH) if ( curr_mtu <= DTLS1_HM_HEADER_LENGTH)
{ {
@ -295,15 +300,23 @@ int dtls1_do_write(SSL *s, int type)
ret = BIO_flush(SSL_get_wbio(s)); ret = BIO_flush(SSL_get_wbio(s));
if ( ret <= 0) if ( ret <= 0)
return ret; return ret;
curr_mtu = s->d1->mtu - DTLS1_RT_HEADER_LENGTH - used_len = DTLS1_RT_HEADER_LENGTH + mac_size + blocksize;
mac_size - blocksize; if(s->d1->mtu > used_len + DTLS1_HM_HEADER_LENGTH)
curr_mtu = s->d1->mtu - used_len;
else
/* Shouldn't happen */
return -1;
} }
if ( s->init_num > curr_mtu) /* We just checked that s->init_num > 0 so this cast should be safe */
if (((unsigned int)s->init_num) > curr_mtu)
len = curr_mtu; len = curr_mtu;
else else
len = s->init_num; len = s->init_num;
/* Shouldn't ever happen */
if(len > INT_MAX)
len = INT_MAX;
/* XDTLS: this function is too long. split out the CCS part */ /* XDTLS: this function is too long. split out the CCS part */
if ( type == SSL3_RT_HANDSHAKE) if ( type == SSL3_RT_HANDSHAKE)
@ -314,12 +327,17 @@ int dtls1_do_write(SSL *s, int type)
s->init_off -= DTLS1_HM_HEADER_LENGTH; s->init_off -= DTLS1_HM_HEADER_LENGTH;
s->init_num += DTLS1_HM_HEADER_LENGTH; s->init_num += DTLS1_HM_HEADER_LENGTH;
if ( s->init_num > curr_mtu) /* We just checked that s->init_num > 0 so this cast should be safe */
if (((unsigned int)s->init_num) > curr_mtu)
len = curr_mtu; len = curr_mtu;
else else
len = s->init_num; len = s->init_num;
} }
/* Shouldn't ever happen */
if(len > INT_MAX)
len = INT_MAX;
if ( len < DTLS1_HM_HEADER_LENGTH ) if ( len < DTLS1_HM_HEADER_LENGTH )
{ {
/* /*