From 585e691948ec71433f8f7f24799b18e62fe07bd3 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Mon, 8 Oct 2018 15:46:51 +0100 Subject: [PATCH] Use the read and write buffers in DTLSv1_listen() Rather than using init_buf we use the record layer read and write buffers in DTLSv1_listen(). These seem more appropriate anyway and will help with the next commit. Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/7375) (cherry picked from commit 2fc4c77c3f06443f4c476f6f58d83e5e108d1dce) --- ssl/d1_lib.c | 45 +++++++++++++++------------------------- ssl/record/record.h | 2 ++ ssl/record/record_locl.h | 2 -- 3 files changed, 19 insertions(+), 30 deletions(-) diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index f80851251f..38adda3355 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -449,11 +449,10 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) unsigned char cookie[DTLS1_COOKIE_LENGTH]; unsigned char seq[SEQ_NUM_SIZE]; const unsigned char *data; - unsigned char *buf; + unsigned char *buf, *wbuf; size_t fragoff, fraglen, msglen; unsigned int rectype, versmajor, msgseq, msgtype, clientvers, cookielen; BIO *rbio, *wbio; - BUF_MEM *bufm; BIO_ADDR *tmpclient = NULL; PACKET pkt, msgpkt, msgpayload, session, cookiepkt; @@ -495,34 +494,19 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) return -1; } - if (s->init_buf == NULL) { - if ((bufm = BUF_MEM_new()) == NULL) { - SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_MALLOC_FAILURE); - return -1; - } - - if (!BUF_MEM_grow(bufm, SSL3_RT_MAX_PLAIN_LENGTH)) { - BUF_MEM_free(bufm); - SSLerr(SSL_F_DTLSV1_LISTEN, ERR_R_MALLOC_FAILURE); - return -1; - } - s->init_buf = bufm; + if (!ssl3_setup_buffers(s)) { + /* SSLerr already called */ + return -1; } - buf = (unsigned char *)s->init_buf->data; + buf = RECORD_LAYER_get_rbuf(&s->rlayer)->buf; + wbuf = RECORD_LAYER_get_wbuf(&s->rlayer)[0].buf; do { /* Get a packet */ clear_sys_error(); - /* - * Technically a ClientHello could be SSL3_RT_MAX_PLAIN_LENGTH - * + DTLS1_RT_HEADER_LENGTH bytes long. Normally init_buf does not store - * the record header as well, but we do here. We've set up init_buf to - * be the standard size for simplicity. In practice we shouldn't ever - * receive a ClientHello as long as this. If we do it will get dropped - * in the record length check below. - */ - n = BIO_read(rbio, buf, SSL3_RT_MAX_PLAIN_LENGTH); + n = BIO_read(rbio, buf, SSL3_RT_MAX_PLAIN_LENGTH + + DTLS1_RT_HEADER_LENGTH); if (n <= 0) { if (BIO_should_retry(rbio)) { @@ -732,7 +716,11 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) : s->version; /* Construct the record and message headers */ - if (!WPACKET_init(&wpkt, s->init_buf) + if (!WPACKET_init_static_len(&wpkt, + wbuf, + SSL3_RT_MAX_PLAIN_LENGTH + + DTLS1_RT_HEADER_LENGTH, + 0) || !WPACKET_put_bytes_u8(&wpkt, SSL3_RT_HANDSHAKE) || !WPACKET_put_bytes_u16(&wpkt, version) /* @@ -790,8 +778,8 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) * plus one byte for the message content type. The source is the * last 3 bytes of the message header */ - memcpy(&buf[DTLS1_RT_HEADER_LENGTH + 1], - &buf[DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH - 3], + memcpy(&wbuf[DTLS1_RT_HEADER_LENGTH + 1], + &wbuf[DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH - 3], 3); if (s->msg_callback) @@ -815,7 +803,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) tmpclient = NULL; /* TODO(size_t): convert this call */ - if (BIO_write(wbio, buf, wreclen) < (int)wreclen) { + if (BIO_write(wbio, wbuf, wreclen) < (int)wreclen) { if (BIO_should_retry(wbio)) { /* * Non-blocking IO...but we're stateless, so we're just @@ -865,6 +853,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client) if (BIO_dgram_get_peer(rbio, client) <= 0) BIO_ADDR_clear(client); + ret = 1; clearpkt = 0; end: diff --git a/ssl/record/record.h b/ssl/record/record.h index 32db8212aa..93f6f9ee3f 100644 --- a/ssl/record/record.h +++ b/ssl/record/record.h @@ -188,6 +188,8 @@ typedef struct record_layer_st { ((rl)->d->processed_rcds) #define DTLS_RECORD_LAYER_get_unprocessed_rcds(rl) \ ((rl)->d->unprocessed_rcds) +#define RECORD_LAYER_get_rbuf(rl) (&(rl)->rbuf) +#define RECORD_LAYER_get_wbuf(rl) ((rl)->wbuf) void RECORD_LAYER_init(RECORD_LAYER *rl, SSL *s); void RECORD_LAYER_clear(RECORD_LAYER *rl); diff --git a/ssl/record/record_locl.h b/ssl/record/record_locl.h index 07fd7ab640..5e8dd7f704 100644 --- a/ssl/record/record_locl.h +++ b/ssl/record/record_locl.h @@ -18,8 +18,6 @@ /* Functions/macros provided by the RECORD_LAYER component */ -#define RECORD_LAYER_get_rbuf(rl) (&(rl)->rbuf) -#define RECORD_LAYER_get_wbuf(rl) ((rl)->wbuf) #define RECORD_LAYER_get_rrec(rl) ((rl)->rrec) #define RECORD_LAYER_set_packet(rl, p) ((rl)->packet = (p)) #define RECORD_LAYER_reset_packet_length(rl) ((rl)->packet_length = 0) -- GitLab