From 12636c149d7cd76657d5c8da8e848a1f3c7c5c3b Mon Sep 17 00:00:00 2001
From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Thu, 22 Mar 2018 17:28:39 +0100
Subject: [PATCH] Handle partial messages in TLSProxy

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5412)
---
 util/perl/TLSProxy/Proxy.pm  | 30 +++++++++++++++++++-----------
 util/perl/TLSProxy/Record.pm | 13 +++++++++++--
 2 files changed, 30 insertions(+), 13 deletions(-)

diff --git a/util/perl/TLSProxy/Proxy.pm b/util/perl/TLSProxy/Proxy.pm
index 7b4ad052de..0b90159811 100644
--- a/util/perl/TLSProxy/Proxy.pm
+++ b/util/perl/TLSProxy/Proxy.pm
@@ -61,7 +61,9 @@ sub new
         ciphersuitesc => "",
         ciphers => "AES128-SHA",
         ciphersuitess => "TLS_AES_128_GCM_SHA256",
-        flight => 0,
+        flight => -1,
+        direction => -1,
+        partial => ["", ""],
         record_list => [],
         message_list => [],
     };
@@ -138,7 +140,9 @@ sub clearClient
 
     $self->{cipherc} = "";
     $self->{ciphersuitec} = "";
-    $self->{flight} = 0;
+    $self->{flight} = -1;
+    $self->{direction} = -1;
+    $self->{partial} = ["", ""];
     $self->{record_list} = [];
     $self->{message_list} = [];
     $self->{clientflags} = "";
@@ -379,34 +383,38 @@ sub process_packet
         print "Received client packet\n";
     }
 
+    if ($self->{direction} != $server) {
+        $self->{flight} = $self->{flight} + 1;
+        $self->{direction} = $server;
+    }
+
     print "Packet length = ".length($packet)."\n";
     print "Processing flight ".$self->flight."\n";
 
     #Return contains the list of record found in the packet followed by the
-    #list of messages in those records
-    my @ret = TLSProxy::Record->get_records($server, $self->flight, $packet);
+    #list of messages in those records and any partial message
+    my @ret = TLSProxy::Record->get_records($server, $self->flight, $self->{partial}[$server].$packet);
+    $self->{partial}[$server] = $ret[2];
     push @{$self->record_list}, @{$ret[0]};
     push @{$self->{message_list}}, @{$ret[1]};
 
     print "\n";
 
+    if (scalar(@{$ret[0]}) == 0 or length($ret[2]) != 0) {
+        return "";
+    }
+
     #Finished parsing. Call user provided filter here
-    if(defined $self->filter) {
+    if (defined $self->filter) {
         $self->filter->($self);
     }
 
     #Reconstruct the packet
     $packet = "";
     foreach my $record (@{$self->record_list}) {
-        #We only replay the records for the current flight
-        if ($record->flight != $self->flight) {
-            next;
-        }
         $packet .= $record->reconstruct_record($server);
     }
 
-    $self->{flight} = $self->{flight} + 1;
-
     print "Forwarded packet length = ".length($packet)."\n\n";
 
     return $packet;
diff --git a/util/perl/TLSProxy/Record.pm b/util/perl/TLSProxy/Record.pm
index b52e344419..624d31c2d2 100644
--- a/util/perl/TLSProxy/Record.pm
+++ b/util/perl/TLSProxy/Record.pm
@@ -61,6 +61,7 @@ sub get_records
     my $server = shift;
     my $flight = shift;
     my $packet = shift;
+    my $partial = "";
     my @record_list = ();
     my @message_list = ();
     my $data;
@@ -79,8 +80,10 @@ sub get_records
             print " (client -> server)\n";
         }
         #Get the record header
-        if (length($packet) < TLS_RECORD_HEADER_LENGTH) {
+        if (length($packet) < TLS_RECORD_HEADER_LENGTH
+                || length($packet) < 5 + unpack("n", substr($packet, 3, 2))) {
             print "Partial data : ".length($packet)." bytes\n";
+            $partial = $packet;
             $packet = "";
         } else {
             ($content_type, $version, $len) = unpack('CnnC*', $packet);
@@ -137,7 +140,7 @@ sub get_records
         }
     }
 
-    return (\@record_list, \@message_list);
+    return (\@record_list, \@message_list, $partial);
 }
 
 sub clear
@@ -197,6 +200,7 @@ sub new
         data => $data,
         decrypt_data => $decrypt_data,
         orig_decrypt_data => $decrypt_data,
+        sent => 0,
         encrypted => 0,
         outer_content_type => RT_APPLICATION_DATA
     };
@@ -287,6 +291,11 @@ sub reconstruct_record
     my $server = shift;
     my $data;
 
+    if ($self->{sent}) {
+        return "";
+    }
+    $self->{sent} = 1;
+
     if ($self->sslv2) {
         $data = pack('n', $self->len | 0x8000);
     } else {
-- 
2.34.1