summaryrefslogtreecommitdiffstats
path: root/ssl
diff options
context:
space:
mode:
authorMatt Caswell <matt@openssl.org>2018-10-08 16:46:51 +0200
committerMatt Caswell <matt@openssl.org>2018-10-19 15:24:40 +0200
commit2fc4c77c3f06443f4c476f6f58d83e5e108d1dce (patch)
treebbf0b600b4becd2127d6b7bfc571c47ed6e6852a /ssl
parentTest DTLS cookie generation and verification (diff)
downloadopenssl-2fc4c77c3f06443f4c476f6f58d83e5e108d1dce.tar.xz
openssl-2fc4c77c3f06443f4c476f6f58d83e5e108d1dce.zip
Use the read and write buffers in DTLSv1_listen()
Rather than using init_buf we use the record layer read and write buffers in DTLSv1_listen(). These seem more appropriate anyway and will help with the next commit. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/7375)
Diffstat (limited to 'ssl')
-rw-r--r--ssl/d1_lib.c45
-rw-r--r--ssl/record/record.h2
-rw-r--r--ssl/record/record_locl.h2
3 files changed, 19 insertions, 30 deletions
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index f80851251f..38adda3355 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -449,11 +449,10 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client)
unsigned char cookie[DTLS1_COOKIE_LENGTH];
unsigned char seq[SEQ_NUM_SIZE];
const unsigned char *data;
- unsigned char *buf;
+ unsigned char *buf, *wbuf;
size_t fragoff, fraglen, msglen;
unsigned int rectype, versmajor, msgseq, msgtype, clientvers, cookielen;
BIO *rbio, *wbio;
- BUF_MEM *bufm;
BIO_ADDR *tmpclient = NULL;
PACKET pkt, msgpkt, msgpayload, session, cookiepkt;
@@ -495,34 +494,19 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client)
return -1;
}
- if (s->init_buf == NULL) {
- if ((bufm = BUF_MEM_new()) == NULL) {
- SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_MALLOC_FAILURE);
- return -1;
- }
-
- if (!BUF_MEM_grow(bufm, SSL3_RT_MAX_PLAIN_LENGTH)) {
- BUF_MEM_free(bufm);
- SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_MALLOC_FAILURE);
- return -1;
- }
- s->init_buf = bufm;
+ if (!ssl3_setup_buffers(s)) {
+ /* SSLerr already called */
+ return -1;
}
- buf = (unsigned char *)s->init_buf->data;
+ buf = RECORD_LAYER_get_rbuf(&s->rlayer)->buf;
+ wbuf = RECORD_LAYER_get_wbuf(&s->rlayer)[0].buf;
do {
/* Get a packet */
clear_sys_error();
- /*
- * Technically a ClientHello could be SSL3_RT_MAX_PLAIN_LENGTH
- * + DTLS1_RT_HEADER_LENGTH bytes long. Normally init_buf does not store
- * the record header as well, but we do here. We've set up init_buf to
- * be the standard size for simplicity. In practice we shouldn't ever
- * receive a ClientHello as long as this. If we do it will get dropped
- * in the record length check below.
- */
- n = BIO_read(rbio, buf, SSL3_RT_MAX_PLAIN_LENGTH);
+ n = BIO_read(rbio, buf, SSL3_RT_MAX_PLAIN_LENGTH
+ + DTLS1_RT_HEADER_LENGTH);
if (n <= 0) {
if (BIO_should_retry(rbio)) {
@@ -732,7 +716,11 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client)
: s->version;
/* Construct the record and message headers */
- if (!WPACKET_init(&wpkt, s->init_buf)
+ if (!WPACKET_init_static_len(&wpkt,
+ wbuf,
+ SSL3_RT_MAX_PLAIN_LENGTH
+ + DTLS1_RT_HEADER_LENGTH,
+ 0)
|| !WPACKET_put_bytes_u8(&wpkt, SSL3_RT_HANDSHAKE)
|| !WPACKET_put_bytes_u16(&wpkt, version)
/*
@@ -790,8 +778,8 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client)
* plus one byte for the message content type. The source is the
* last 3 bytes of the message header
*/
- memcpy(&buf[DTLS1_RT_HEADER_LENGTH + 1],
- &buf[DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH - 3],
+ memcpy(&wbuf[DTLS1_RT_HEADER_LENGTH + 1],
+ &wbuf[DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH - 3],
3);
if (s->msg_callback)
@@ -815,7 +803,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client)
tmpclient = NULL;
/* TODO(size_t): convert this call */
- if (BIO_write(wbio, buf, wreclen) < (int)wreclen) {
+ if (BIO_write(wbio, wbuf, wreclen) < (int)wreclen) {
if (BIO_should_retry(wbio)) {
/*
* Non-blocking IO...but we're stateless, so we're just
@@ -865,6 +853,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client)
if (BIO_dgram_get_peer(rbio, client) <= 0)
BIO_ADDR_clear(client);
+
ret = 1;
clearpkt = 0;
end:
diff --git a/ssl/record/record.h b/ssl/record/record.h
index 32db8212aa..93f6f9ee3f 100644
--- a/ssl/record/record.h
+++ b/ssl/record/record.h
@@ -188,6 +188,8 @@ typedef struct record_layer_st {
((rl)->d->processed_rcds)
#define DTLS_RECORD_LAYER_get_unprocessed_rcds(rl) \
((rl)->d->unprocessed_rcds)
+#define RECORD_LAYER_get_rbuf(rl) (&(rl)->rbuf)
+#define RECORD_LAYER_get_wbuf(rl) ((rl)->wbuf)
void RECORD_LAYER_init(RECORD_LAYER *rl, SSL *s);
void RECORD_LAYER_clear(RECORD_LAYER *rl);
diff --git a/ssl/record/record_locl.h b/ssl/record/record_locl.h
index 07fd7ab640..5e8dd7f704 100644
--- a/ssl/record/record_locl.h
+++ b/ssl/record/record_locl.h
@@ -18,8 +18,6 @@
/* Functions/macros provided by the RECORD_LAYER component */
-#define RECORD_LAYER_get_rbuf(rl) (&(rl)->rbuf)
-#define RECORD_LAYER_get_wbuf(rl) ((rl)->wbuf)
#define RECORD_LAYER_get_rrec(rl) ((rl)->rrec)
#define RECORD_LAYER_set_packet(rl, p) ((rl)->packet = (p))
#define RECORD_LAYER_reset_packet_length(rl) ((rl)->packet_length = 0)