X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=ssl%2Fs3_both.c;h=17a805486828b381f494e9cf780360cf6204abb8;hb=fa4629b6a2518d202fd051f228c3d8770682b3be;hp=2bc4e6a7104310064533bf92caf95e6c2d8cf1b1;hpb=77d514c5a00511017967f98b03a946d86c923e94;p=openssl.git diff --git a/ssl/s3_both.c b/ssl/s3_both.c index 2bc4e6a710..17a8054868 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -168,7 +168,7 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) i = s->method->ssl3_enc->final_finish_mac(s, sender, slen, s->s3->tmp.finish_md); - if (i == 0) + if (i <= 0) return 0; s->s3->tmp.finish_md_len = i; memcpy(p, s->s3->tmp.finish_md, i); @@ -187,7 +187,7 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) s->s3->previous_server_finished_len = i; } - if(!ssl_set_handshake_header(s, SSL3_MT_FINISHED, l)) { + if (!ssl_set_handshake_header(s, SSL3_MT_FINISHED, l)) { SSLerr(SSL_F_SSL3_SEND_FINISHED, ERR_R_INTERNAL_ERROR); return -1; } @@ -292,7 +292,7 @@ int ssl3_get_finished(SSL *s, int a, int b) /*- * for these 2 messages, we need to * ssl->enc_read_ctx re-init - * ssl->s3->read_sequence zero + * ssl->rlayer.read_sequence zero * ssl->s3->read_mac_secret re-init * ssl->session->read_sym_enc assign * ssl->session->read_compression assign @@ -328,7 +328,7 @@ unsigned long ssl3_output_cert_chain(SSL *s, CERT_PKEY *cpk) l2n3(l, p); l += 3; - if(!ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE, l)) { + if (!ssl_set_handshake_header(s, SSL3_MT_CERTIFICATE, l)) { SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN, ERR_R_INTERNAL_ERROR); return 0; } @@ -356,21 +356,21 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) } *ok = 1; s->state = stn; - s->init_msg = s->init_buf->data + 4; + s->init_msg = s->init_buf->data + SSL3_HM_HEADER_LENGTH; s->init_num = (int)s->s3->tmp.message_size; return s->init_num; } p = (unsigned char *)s->init_buf->data; - if (s->state == st1) { /* s->init_num < 4 */ + if (s->state == st1) { + /* s->init_num < SSL3_HM_HEADER_LENGTH */ int skip_message; do { - while (s->init_num < 4) { + while (s->init_num < SSL3_HM_HEADER_LENGTH) { i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, - &p[s->init_num], - 4 - s->init_num, 0); + &p[s->init_num], SSL3_HM_HEADER_LENGTH - s->init_num, 0); if (i <= 0) { s->rwstate = SSL_READING; *ok = 0; @@ -394,12 +394,11 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) if (s->msg_callback) s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, - p, 4, s, s->msg_callback_arg); + p, SSL3_HM_HEADER_LENGTH, s, + s->msg_callback_arg); } - } - while (skip_message); - - /* s->init_num == 4 */ + } while (skip_message); + /* s->init_num == SSL3_HM_HEADER_LENGTH */ if ((mt >= 0) && (*p != mt)) { al = SSL_AD_UNEXPECTED_MESSAGE; @@ -409,26 +408,50 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) s->s3->tmp.message_type = *(p++); - n2l3(p, l); - if (l > (unsigned long)max) { - al = SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE); - goto f_err; - } - if (l > (INT_MAX - 4)) { /* BUF_MEM_grow takes an 'int' parameter */ - al = SSL_AD_ILLEGAL_PARAMETER; - SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE); - goto f_err; - } - if (l && !BUF_MEM_grow_clean(s->init_buf, (int)l + 4)) { - SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB); - goto err; - } - s->s3->tmp.message_size = l; - s->state = stn; + if(RECORD_LAYER_is_sslv2_record(&s->rlayer)) { + /* + * Only happens with SSLv3+ in an SSLv2 backward compatible + * ClientHello + */ + /* + * Total message size is the remaining record bytes to read + * plus the SSL3_HM_HEADER_LENGTH bytes that we already read + */ + l = RECORD_LAYER_get_rrec_length(&s->rlayer) + + SSL3_HM_HEADER_LENGTH; + if (l && !BUF_MEM_grow_clean(s->init_buf, (int)l)) { + SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB); + goto err; + } + s->s3->tmp.message_size = l; + s->state = stn; + + s->init_msg = s->init_buf->data; + s->init_num = SSL3_HM_HEADER_LENGTH; + } else { + n2l3(p, l); + if (l > (unsigned long)max) { + al = SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE); + goto f_err; + } + /* BUF_MEM_grow takes an 'int' parameter */ + if (l > (INT_MAX - SSL3_HM_HEADER_LENGTH)) { + al = SSL_AD_ILLEGAL_PARAMETER; + SSLerr(SSL_F_SSL3_GET_MESSAGE, SSL_R_EXCESSIVE_MESSAGE_SIZE); + goto f_err; + } + if (l && !BUF_MEM_grow_clean(s->init_buf, + (int)l + SSL3_HM_HEADER_LENGTH)) { + SSLerr(SSL_F_SSL3_GET_MESSAGE, ERR_R_BUF_LIB); + goto err; + } + s->s3->tmp.message_size = l; + s->state = stn; - s->init_msg = s->init_buf->data + 4; - s->init_num = 0; + s->init_msg = s->init_buf->data + SSL3_HM_HEADER_LENGTH; + s->init_num = 0; + } } /* next state (stn) */ @@ -456,10 +479,20 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) #endif /* Feed this message into MAC computation. */ - ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4); - if (s->msg_callback) - s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data, - (size_t)s->init_num + 4, s, s->msg_callback_arg); + if(RECORD_LAYER_is_sslv2_record(&s->rlayer)) { + ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num); + if (s->msg_callback) + s->msg_callback(0, SSL2_VERSION, 0, s->init_buf->data, + (size_t)s->init_num, s, s->msg_callback_arg); + } else { + ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, + s->init_num + SSL3_HM_HEADER_LENGTH); + if (s->msg_callback) + s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data, + (size_t)s->init_num + SSL3_HM_HEADER_LENGTH, s, + s->msg_callback_arg); + } + *ok = 1; return s->init_num; f_err: @@ -573,109 +606,6 @@ int ssl_verify_alarm_type(long type) return (al); } -int ssl3_setup_read_buffer(SSL *s) -{ - unsigned char *p; - size_t len, align = 0, headerlen; - - if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER) - headerlen = DTLS1_RT_HEADER_LENGTH; - else - headerlen = SSL3_RT_HEADER_LENGTH; - -#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0 - align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1); -#endif - - if (s->s3->rbuf.buf == NULL) { - len = SSL3_RT_MAX_PLAIN_LENGTH - + SSL3_RT_MAX_ENCRYPTED_OVERHEAD + headerlen + align; - if (s->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) { - s->s3->init_extra = 1; - len += SSL3_RT_MAX_EXTRA; - } -#ifndef OPENSSL_NO_COMP - if (ssl_allow_compression(s)) - len += SSL3_RT_MAX_COMPRESSED_OVERHEAD; -#endif - if ((p = OPENSSL_malloc(len)) == NULL) - goto err; - s->s3->rbuf.buf = p; - s->s3->rbuf.len = len; - } - - s->packet = &(s->s3->rbuf.buf[0]); - return 1; - - err: - SSLerr(SSL_F_SSL3_SETUP_READ_BUFFER, ERR_R_MALLOC_FAILURE); - return 0; -} - -int ssl3_setup_write_buffer(SSL *s) -{ - unsigned char *p; - size_t len, align = 0, headerlen; - - if (SSL_version(s) == DTLS1_VERSION || SSL_version(s) == DTLS1_BAD_VER) - headerlen = DTLS1_RT_HEADER_LENGTH + 1; - else - headerlen = SSL3_RT_HEADER_LENGTH; - -#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0 - align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1); -#endif - - if (s->s3->wbuf.buf == NULL) { - len = s->max_send_fragment - + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + headerlen + align; -#ifndef OPENSSL_NO_COMP - if (ssl_allow_compression(s)) - len += SSL3_RT_MAX_COMPRESSED_OVERHEAD; -#endif - if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)) - len += headerlen + align + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD; - - if ((p = OPENSSL_malloc(len)) == NULL) - goto err; - s->s3->wbuf.buf = p; - s->s3->wbuf.len = len; - } - - return 1; - - err: - SSLerr(SSL_F_SSL3_SETUP_WRITE_BUFFER, ERR_R_MALLOC_FAILURE); - return 0; -} - -int ssl3_setup_buffers(SSL *s) -{ - if (!ssl3_setup_read_buffer(s)) - return 0; - if (!ssl3_setup_write_buffer(s)) - return 0; - return 1; -} - -int ssl3_release_write_buffer(SSL *s) -{ - if (s->s3->wbuf.buf != NULL) { - OPENSSL_free(s->s3->wbuf.buf); - s->s3->wbuf.buf = NULL; - } - return 1; -} - -int ssl3_release_read_buffer(SSL *s) -{ - if (s->s3->rbuf.buf != NULL) { - OPENSSL_free(s->s3->rbuf.buf); - s->s3->rbuf.buf = NULL; - } - return 1; -} - int ssl_allow_compression(SSL *s) { if (s->options & SSL_OP_NO_COMPRESSION)