Encapsulate access to s->s3->wbuf (db9a32e7) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

ssl/d1_pkt.c

+3 −2

Original line number	Diff line number	Diff line
		@@ -1444,11 +1444,13 @@ int do_dtls1_write(SSL s, int type, const unsigned char buf,
		SSL3_BUFFER *wb;
		SSL_SESSION *sess;

		wb = RECORD_LAYER_get_wbuf(&s->rlayer);

		/*
		* first check if there is a SSL3_BUFFER still being written out. This
		* will happen with non blocking IO
		*/
		if (s->s3->wbuf.left != 0) {
		if (SSL3_BUFFER_get_left(wb) != 0) {
		OPENSSL_assert(0); /* XDTLS: want to see if we ever get here */
		return (ssl3_write_pending(s, type, buf, len));
		}
		@@ -1465,7 +1467,6 @@ int do_dtls1_write(SSL s, int type, const unsigned char buf,
		return 0;

		wr = &(s->s3->wrec);
		wb = &(s->s3->wbuf);
		sess = s->session;

		if ((sess == NULL) \|\|

+1 −0

Original line number	Diff line number	Diff line
		@@ -127,3 +127,4 @@ typedef struct record_layer_st {
		#define RECORD_LAYER_set_read_ahead(rl, ra) ((rl)->read_ahead = (ra))
		#define RECORD_LAYER_get_read_ahead(rl) ((rl)->read_ahead)
		#define RECORD_LAYER_get_rbuf(rl) (&(rl)->rbuf)
		#define RECORD_LAYER_get_wbuf(rl) (&(rl)->s->s3->wbuf)

+13 −6

Original line number	Diff line number	Diff line
		@@ -619,6 +619,9 @@ int ssl3_setup_write_buffer(SSL *s)
		{
		unsigned char *p;
		size_t len, align = 0, headerlen;
		SSL3_BUFFER *wb;

		wb = RECORD_LAYER_get_wbuf(&s->rlayer);

		if (SSL_version(s) == DTLS1_VERSION \|\| SSL_version(s) == DTLS1_BAD_VER)
		headerlen = DTLS1_RT_HEADER_LENGTH + 1;
		@@ -629,7 +632,7 @@ int ssl3_setup_write_buffer(SSL *s)
		align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
		#endif

		if (s->s3->wbuf.buf == NULL) {
		if (wb->buf == NULL) {
		len = s->max_send_fragment
		+ SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
		#ifndef OPENSSL_NO_COMP
		@@ -641,8 +644,8 @@ int ssl3_setup_write_buffer(SSL *s)

		if ((p = OPENSSL_malloc(len)) == NULL)
		goto err;
		s->s3->wbuf.buf = p;
		s->s3->wbuf.len = len;
		wb->buf = p;
		wb->len = len;
		}

		return 1;
		@@ -663,9 +666,13 @@ int ssl3_setup_buffers(SSL *s)

		int ssl3_release_write_buffer(SSL *s)
		{
		if (s->s3->wbuf.buf != NULL) {
		OPENSSL_free(s->s3->wbuf.buf);
		s->s3->wbuf.buf = NULL;
		SSL3_BUFFER *wb;

		wb = RECORD_LAYER_get_wbuf(&s->rlayer);

		if (wb->buf != NULL) {
		OPENSSL_free(wb->buf);
		wb->buf = NULL;
		}
		return 1;
		}

+8 −7

Original line number	Diff line number	Diff line
		@@ -3131,7 +3131,7 @@ void ssl3_free(SSL *s)
		return;

		ssl3_cleanup_key_block(s);
		if (s->s3->wbuf.buf != NULL)
		if (SSL3_BUFFER_is_initialised(RECORD_LAYER_get_wbuf(&s->rlayer)))
		ssl3_release_write_buffer(s);
		if (s->s3->rrec.comp != NULL)
		OPENSSL_free(s->s3->rrec.comp);
		@@ -3188,8 +3188,8 @@ void ssl3_clear(SSL *s)
		# endif /* !OPENSSL_NO_EC */
		#endif /* !OPENSSL_NO_TLSEXT */

		wp = s->s3->wbuf.buf;
		wlen = s->s3->wbuf.len;
		wp = SSL3_BUFFER_get_buf(RECORD_LAYER_get_wbuf(&s->rlayer));
		wlen = SSL3_BUFFER_get_len(RECORD_LAYER_get_wbuf(&s->rlayer));
		init_extra = s->s3->init_extra;
		BIO_free(s->s3->handshake_buffer);
		s->s3->handshake_buffer = NULL;
		@@ -3203,8 +3203,8 @@ void ssl3_clear(SSL *s)
		}
		#endif
		memset(s->s3, 0, sizeof *s->s3);
		s->s3->wbuf.buf = wp;
		s->s3->wbuf.len = wlen;
		SSL3_BUFFER_set_buf(RECORD_LAYER_get_wbuf(&s->rlayer), wp);
		SSL3_BUFFER_set_len(RECORD_LAYER_get_wbuf(&s->rlayer), wlen);
		s->s3->init_extra = init_extra;

		ssl_free_wbio_buffer(s);
		@@ -4488,8 +4488,9 @@ int ssl3_renegotiate_check(SSL *s)
		int ret = 0;

		if (s->s3->renegotiate) {
		if ((SSL3_BUFFER_get_left(RECORD_LAYER_get_rbuf(&s->rlayer)) == 0) &&
		(s->s3->wbuf.left == 0) && !SSL_in_init(s)) {
		if ((SSL3_BUFFER_get_left(RECORD_LAYER_get_rbuf(&s->rlayer)) == 0)
		&& (SSL3_BUFFER_get_left(RECORD_LAYER_get_wbuf(&s->rlayer)) == 0)
		&& !SSL_in_init(s)) {
		/*
		* if we are the server, and we have sent a 'RENEGOTIATE'
		* message, we need to go to SSL_ST_ACCEPT.

+6 −4

Original line number	Diff line number	Diff line
		@@ -645,7 +645,7 @@ int ssl3_write_bytes(SSL s, int type, const void buf_, int len)
		#if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK
		unsigned int max_send_fragment;
		#endif
		SSL3_BUFFER *wb = &(s->s3->wbuf);
		SSL3_BUFFER *wb = RECORD_LAYER_get_wbuf(&s->rlayer);
		int i;
		unsigned int u_len = (unsigned int)len;

		@@ -875,7 +875,7 @@ static int do_ssl3_write(SSL s, int type, const unsigned char buf,
		int eivlen;
		long align = 0;
		SSL3_RECORD *wr;
		SSL3_BUFFER *wb = &(s->s3->wbuf);
		SSL3_BUFFER *wb = RECORD_LAYER_get_wbuf(&s->rlayer);
		SSL_SESSION *sess;

		/*
		@@ -1100,7 +1100,7 @@ int ssl3_write_pending(SSL s, int type, const unsigned char buf,
		unsigned int len)
		{
		int i;
		SSL3_BUFFER *wb = &(s->s3->wbuf);
		SSL3_BUFFER *wb = RECORD_LAYER_get_wbuf(&s->rlayer);

		/* XXXX */
		if ((s->s3->wpend_tot > (int)len)
		@@ -1715,8 +1715,10 @@ int ssl3_send_alert(SSL *s, int level, int desc)
		s->s3->alert_dispatch = 1;
		s->s3->send_alert[0] = level;
		s->s3->send_alert[1] = desc;
		if (s->s3->wbuf.left == 0) /* data still being written out? */
		if (SSL3_BUFFER_get_left(RECORD_LAYER_get_wbuf(&s->rlayer)) == 0) {
		/* data still being written out? */
		return s->method->ssl_dispatch_alert(s);
		}
		/*
		* else data is still being written out, we will get written some time in
		* the future