提交 5591a613 编写于 作者: M Matt Caswell

Convert dlts1_write_bytes() to use SSLfatal()

Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4841)
上级 c2853382
...@@ -752,7 +752,8 @@ int dtls1_write_bytes(SSL *s, int type, const void *buf, size_t len, ...@@ -752,7 +752,8 @@ int dtls1_write_bytes(SSL *s, int type, const void *buf, size_t len,
int i; int i;
if (!ossl_assert(len <= SSL3_RT_MAX_PLAIN_LENGTH)) { if (!ossl_assert(len <= SSL3_RT_MAX_PLAIN_LENGTH)) {
SSLerr(SSL_F_DTLS1_WRITE_BYTES, ERR_R_INTERNAL_ERROR); SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DTLS1_WRITE_BYTES,
ERR_R_INTERNAL_ERROR);
return -1; return -1;
} }
s->rwstate = SSL_NOTHING; s->rwstate = SSL_NOTHING;
...@@ -778,7 +779,8 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, ...@@ -778,7 +779,8 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
* will happen with non blocking IO * will happen with non blocking IO
*/ */
if (!ossl_assert(SSL3_BUFFER_get_left(wb) == 0)) { if (!ossl_assert(SSL3_BUFFER_get_left(wb) == 0)) {
SSLerr(SSL_F_DO_DTLS1_WRITE, ERR_R_INTERNAL_ERROR); SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_DTLS1_WRITE,
ERR_R_INTERNAL_ERROR);
return 0; return 0;
} }
...@@ -794,7 +796,8 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, ...@@ -794,7 +796,8 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
return 0; return 0;
if (len > ssl_get_max_send_fragment(s)) { if (len > ssl_get_max_send_fragment(s)) {
SSLerr(SSL_F_DO_DTLS1_WRITE, SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE); SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_DTLS1_WRITE,
SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE);
return 0; return 0;
} }
...@@ -808,8 +811,11 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, ...@@ -808,8 +811,11 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
mac_size = 0; mac_size = 0;
else { else {
mac_size = EVP_MD_CTX_size(s->write_hash); mac_size = EVP_MD_CTX_size(s->write_hash);
if (mac_size < 0) if (mac_size < 0) {
goto err; SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_DTLS1_WRITE,
SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE);
return -1;
}
} }
p = SSL3_BUFFER_get_buf(wb) + prefix_len; p = SSL3_BUFFER_get_buf(wb) + prefix_len;
...@@ -866,8 +872,9 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, ...@@ -866,8 +872,9 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
/* first we compress */ /* first we compress */
if (s->compress != NULL) { if (s->compress != NULL) {
if (!ssl3_do_compress(s, &wr)) { if (!ssl3_do_compress(s, &wr)) {
SSLerr(SSL_F_DO_DTLS1_WRITE, SSL_R_COMPRESSION_FAILURE); SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_DTLS1_WRITE,
goto err; SSL_R_COMPRESSION_FAILURE);
return -1;
} }
} else { } else {
memcpy(SSL3_RECORD_get_data(&wr), SSL3_RECORD_get_input(&wr), memcpy(SSL3_RECORD_get_data(&wr), SSL3_RECORD_get_input(&wr),
...@@ -884,8 +891,11 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, ...@@ -884,8 +891,11 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
if (!SSL_WRITE_ETM(s) && mac_size != 0) { if (!SSL_WRITE_ETM(s) && mac_size != 0) {
if (!s->method->ssl3_enc->mac(s, &wr, if (!s->method->ssl3_enc->mac(s, &wr,
&(p[SSL3_RECORD_get_length(&wr) + eivlen]), &(p[SSL3_RECORD_get_length(&wr) + eivlen]),
1)) 1)) {
goto err; SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_DTLS1_WRITE,
ERR_R_INTERNAL_ERROR);
return -1;
}
SSL3_RECORD_add_length(&wr, mac_size); SSL3_RECORD_add_length(&wr, mac_size);
} }
...@@ -896,13 +906,19 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, ...@@ -896,13 +906,19 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
if (eivlen) if (eivlen)
SSL3_RECORD_add_length(&wr, eivlen); SSL3_RECORD_add_length(&wr, eivlen);
if (s->method->ssl3_enc->enc(s, &wr, 1, 1) < 1) if (s->method->ssl3_enc->enc(s, &wr, 1, 1) < 1) {
goto err; SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_DTLS1_WRITE,
ERR_R_INTERNAL_ERROR);
return -1;
}
if (SSL_WRITE_ETM(s) && mac_size != 0) { if (SSL_WRITE_ETM(s) && mac_size != 0) {
if (!s->method->ssl3_enc->mac(s, &wr, if (!s->method->ssl3_enc->mac(s, &wr,
&(p[SSL3_RECORD_get_length(&wr)]), 1)) &(p[SSL3_RECORD_get_length(&wr)]), 1)) {
goto err; SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DO_DTLS1_WRITE,
ERR_R_INTERNAL_ERROR);
return -1;
}
SSL3_RECORD_add_length(&wr, mac_size); SSL3_RECORD_add_length(&wr, mac_size);
} }
...@@ -953,8 +969,6 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, ...@@ -953,8 +969,6 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf,
/* we now just need to write the buffer. Calls SSLfatal() as required. */ /* we now just need to write the buffer. Calls SSLfatal() as required. */
return ssl3_write_pending(s, type, buf, len, written); return ssl3_write_pending(s, type, buf, len, written);
err:
return -1;
} }
DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr,
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册