Use the read and write buffers in DTLSv1_listen() (585e6919) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

ssl/d1_lib.c

+17 −28

Original line number	Diff line number	Diff line
		@@ -449,11 +449,10 @@ int DTLSv1_listen(SSL s, BIO_ADDR client)
		unsigned char cookie[DTLS1_COOKIE_LENGTH];
		unsigned char seq[SEQ_NUM_SIZE];
		const unsigned char *data;
		unsigned char *buf;
		unsigned char buf, wbuf;
		size_t fragoff, fraglen, msglen;
		unsigned int rectype, versmajor, msgseq, msgtype, clientvers, cookielen;
		BIO rbio, wbio;
		BUF_MEM *bufm;
		BIO_ADDR *tmpclient = NULL;
		PACKET pkt, msgpkt, msgpayload, session, cookiepkt;

		@@ -495,34 +494,19 @@ int DTLSv1_listen(SSL s, BIO_ADDR client)
		return -1;
		}

		if (s->init_buf == NULL) {
		if ((bufm = BUF_MEM_new()) == NULL) {
		SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_MALLOC_FAILURE);
		if (!ssl3_setup_buffers(s)) {
		/* SSLerr already called */
		return -1;
		}

		if (!BUF_MEM_grow(bufm, SSL3_RT_MAX_PLAIN_LENGTH)) {
		BUF_MEM_free(bufm);
		SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_MALLOC_FAILURE);
		return -1;
		}
		s->init_buf = bufm;
		}
		buf = (unsigned char *)s->init_buf->data;
		buf = RECORD_LAYER_get_rbuf(&s->rlayer)->buf;
		wbuf = RECORD_LAYER_get_wbuf(&s->rlayer)[0].buf;

		do {
		/* Get a packet */

		clear_sys_error();
		/*
		* Technically a ClientHello could be SSL3_RT_MAX_PLAIN_LENGTH
		* + DTLS1_RT_HEADER_LENGTH bytes long. Normally init_buf does not store
		* the record header as well, but we do here. We've set up init_buf to
		* be the standard size for simplicity. In practice we shouldn't ever
		* receive a ClientHello as long as this. If we do it will get dropped
		* in the record length check below.
		*/
		n = BIO_read(rbio, buf, SSL3_RT_MAX_PLAIN_LENGTH);
		n = BIO_read(rbio, buf, SSL3_RT_MAX_PLAIN_LENGTH
		+ DTLS1_RT_HEADER_LENGTH);

		if (n <= 0) {
		if (BIO_should_retry(rbio)) {
		@@ -732,7 +716,11 @@ int DTLSv1_listen(SSL s, BIO_ADDR client)
		: s->version;

		/* Construct the record and message headers */
		if (!WPACKET_init(&wpkt, s->init_buf)
		if (!WPACKET_init_static_len(&wpkt,
		wbuf,
		SSL3_RT_MAX_PLAIN_LENGTH
		+ DTLS1_RT_HEADER_LENGTH,
		0)
		\|\| !WPACKET_put_bytes_u8(&wpkt, SSL3_RT_HANDSHAKE)
		\|\| !WPACKET_put_bytes_u16(&wpkt, version)
		/*
		@@ -790,8 +778,8 @@ int DTLSv1_listen(SSL s, BIO_ADDR client)
		* plus one byte for the message content type. The source is the
		* last 3 bytes of the message header
		*/
		memcpy(&buf[DTLS1_RT_HEADER_LENGTH + 1],
		&buf[DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH - 3],
		memcpy(&wbuf[DTLS1_RT_HEADER_LENGTH + 1],
		&wbuf[DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH - 3],
		3);

		if (s->msg_callback)
		@@ -815,7 +803,7 @@ int DTLSv1_listen(SSL s, BIO_ADDR client)
		tmpclient = NULL;

		/* TODO(size_t): convert this call */
		if (BIO_write(wbio, buf, wreclen) < (int)wreclen) {
		if (BIO_write(wbio, wbuf, wreclen) < (int)wreclen) {
		if (BIO_should_retry(wbio)) {
		/*
		* Non-blocking IO...but we're stateless, so we're just
		@@ -865,6 +853,7 @@ int DTLSv1_listen(SSL s, BIO_ADDR client)
		if (BIO_dgram_get_peer(rbio, client) <= 0)
		BIO_ADDR_clear(client);


		ret = 1;
		clearpkt = 0;
		end:

ssl/record/record.h

+2 −0

Original line number	Diff line number	Diff line
		@@ -188,6 +188,8 @@ typedef struct record_layer_st {
		((rl)->d->processed_rcds)
		#define DTLS_RECORD_LAYER_get_unprocessed_rcds(rl) \
		((rl)->d->unprocessed_rcds)
		#define RECORD_LAYER_get_rbuf(rl) (&(rl)->rbuf)
		#define RECORD_LAYER_get_wbuf(rl) ((rl)->wbuf)

		void RECORD_LAYER_init(RECORD_LAYER rl, SSL s);
		void RECORD_LAYER_clear(RECORD_LAYER *rl);

ssl/record/record_locl.h

+0 −2

Original line number	Diff line number	Diff line
		@@ -18,8 +18,6 @@

		/* Functions/macros provided by the RECORD_LAYER component */

		#define RECORD_LAYER_get_rbuf(rl) (&(rl)->rbuf)
		#define RECORD_LAYER_get_wbuf(rl) ((rl)->wbuf)
		#define RECORD_LAYER_get_rrec(rl) ((rl)->rrec)
		#define RECORD_LAYER_set_packet(rl, p) ((rl)->packet = (p))
		#define RECORD_LAYER_reset_packet_length(rl) ((rl)->packet_length = 0)