X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fs3_pkt.c;h=330918a78aabfde2e893cf96c30f6a262d2fceae;hp=f90bb776667571f323c0384fad100d08f77ac774;hb=8aa02e97a782a4229936d5df6da42db3efe4acd1;hpb=fbeaa3c47d05dd90781bdf13b9004fd274512e74 diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index f90bb77666..330918a78a 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -129,14 +129,49 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) * (If s->read_ahead is set, 'max' bytes may be stored in rbuf * [plus s->packet_length bytes if extend == 1].) */ - int i,off,newb; + int i,len,left; + long align=0; + unsigned char *pkt; + SSL3_BUFFER *rb; + + if (n <= 0) return n; + + rb = &(s->s3->rbuf); + if (rb->buf == NULL) + if (!ssl3_setup_read_buffer(s)) + return -1; + + left = rb->left; +#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0 + align = (long)rb->buf + SSL3_RT_HEADER_LENGTH; + align = (-align)&(SSL3_ALIGN_PAYLOAD-1); +#endif if (!extend) { /* start with empty packet ... */ - if (s->s3->rbuf.left == 0) - s->s3->rbuf.offset = 0; - s->packet = s->s3->rbuf.buf + s->s3->rbuf.offset; + if (left == 0) + rb->offset = align; + else if (align != 0 && left >= SSL3_RT_HEADER_LENGTH) + { + /* check if next packet length is large + * enough to justify payload alignment... */ + pkt = rb->buf + rb->offset; + if (pkt[0] == SSL3_RT_APPLICATION_DATA + && (pkt[3]<<8|pkt[4]) >= 128) + { + /* Note that even if packet is corrupted + * and its length field is insane, we can + * only be led to wrong decision about + * whether memmove will occur or not. + * Header values has no effect on memmove + * arguments and therefore no buffer + * overrun can be triggered. */ + memmove (rb->buf+align,pkt,left); + rb->offset = align; + } + } + s->packet = rb->buf + rb->offset; s->packet_length = 0; /* ... now we can act as if 'extend' was set */ } @@ -145,57 +180,54 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) if ( SSL_version(s) == DTLS1_VERSION && extend) { - if ( s->s3->rbuf.left > 0 && n > s->s3->rbuf.left) - n = s->s3->rbuf.left; + if ( left > 0 && n > left) + n = left; } /* if there is enough in the buffer from a previous read, take some */ - if (s->s3->rbuf.left >= (int)n) + if (left >= n) { s->packet_length+=n; - s->s3->rbuf.left-=n; - s->s3->rbuf.offset+=n; + rb->left=left-n; + rb->offset+=n; return(n); } /* else we need to read more data */ - if (!s->read_ahead) - max=n; - { - /* avoid buffer overflow */ - int max_max = s->s3->rbuf.len - s->packet_length; - if (max > max_max) - max = max_max; - } + len = s->packet_length; + pkt = rb->buf+align; + /* Move any available bytes to front of buffer: + * 'len' bytes already pointed to by 'packet', + * 'left' extra ones at the end */ + if (s->packet != pkt) /* len > 0 */ + { + memmove(pkt, s->packet, len+left); + s->packet = pkt; + rb->offset = len + align; + } + + max = rb->len - rb->offset; if (n > max) /* does not happen */ { SSLerr(SSL_F_SSL3_READ_N,ERR_R_INTERNAL_ERROR); return -1; } - off = s->packet_length; - newb = s->s3->rbuf.left; - /* Move any available bytes to front of buffer: - * 'off' bytes already pointed to by 'packet', - * 'newb' extra ones at the end */ - if (s->packet != s->s3->rbuf.buf) - { - /* off > 0 */ - memmove(s->s3->rbuf.buf, s->packet, off+newb); - s->packet = s->s3->rbuf.buf; - } + if (!s->read_ahead) + max=n; - while (newb < n) + while (left < n) { - /* Now we have off+newb bytes at the front of s->s3->rbuf.buf and need - * to read in more until we have off+n (up to off+max if possible) */ + /* Now we have len+left bytes at the front of s->s3->rbuf.buf + * and need to read in more until we have len+n (up to + * len+max if possible) */ clear_sys_error(); if (s->rbio != NULL) { s->rwstate=SSL_READING; - i=BIO_read(s->rbio, &(s->s3->rbuf.buf[off+newb]), max-newb); + i=BIO_read(s->rbio,pkt+len+left, max-left); } else { @@ -205,15 +237,18 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) if (i <= 0) { - s->s3->rbuf.left = newb; + rb->left = left; + if (s->mode & SSL_MODE_RELEASE_BUFFERS) + if (len+left == 0) + ssl3_release_read_buffer(s); return(i); } - newb+=i; + left+=i; } /* done reading, now the book-keeping */ - s->s3->rbuf.offset = off + n; - s->s3->rbuf.left = newb - n; + rb->offset += n; + rb->left = left - n; s->packet_length += n; s->rwstate=SSL_NOTHING; return(n); @@ -250,9 +285,9 @@ static int ssl3_get_record(SSL *s) extra=SSL3_RT_MAX_EXTRA; else extra=0; - if (extra != s->s3->rbuf.len - SSL3_RT_MAX_PACKET_SIZE) + if (extra && !s->s3->init_extra) { - /* actually likely an application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER + /* An application error: SLS_OP_MICROSOFT_BIG_SSLV3_BUFFER * set after ssl3_setup_buffers() was done */ SSLerr(SSL_F_SSL3_GET_RECORD, ERR_R_INTERNAL_ERROR); return -1; @@ -275,13 +310,12 @@ again: ssl_minor= *(p++); version=(ssl_major<<8)|ssl_minor; n2s(p,rr->length); +#if 0 +fprintf(stderr, "Record type=%d, Length=%d\n", rr->type, rr->length); +#endif /* Lets check version */ - if (s->first_packet) - { - s->first_packet=0; - } - else + if (!s->first_packet) { if (version != s->version) { @@ -300,7 +334,7 @@ again: goto err; } - if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH+extra) + if (rr->length > s->s3->rbuf.len - SSL3_RT_HEADER_LENGTH) { al=SSL_AD_RECORD_OVERFLOW; SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG); @@ -373,12 +407,13 @@ printf("\n"); /* r->length is now the compressed data plus mac */ if ( (sess == NULL) || (s->enc_read_ctx == NULL) || - (s->read_hash == NULL)) + (EVP_MD_CTX_md(s->read_hash) == NULL)) clear=1; if (!clear) { - mac_size=EVP_MD_size(s->read_hash); + /* !clear => s->read_hash != NULL => mac_size != -1 */ + mac_size=EVP_MD_CTX_size(s->read_hash); if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size) { @@ -466,6 +501,10 @@ printf("\n"); /* just read a 0 length packet */ if (rr->length == 0) goto again; +#if 0 +fprintf(stderr, "Ultimate Record type=%d, Length=%d\n", rr->type, rr->length); +#endif + return(1); f_err: @@ -476,6 +515,7 @@ err: int ssl3_do_uncompress(SSL *ssl) { +#ifndef OPENSSL_NO_COMP int i; SSL3_RECORD *rr; @@ -487,12 +527,13 @@ int ssl3_do_uncompress(SSL *ssl) else rr->length=i; rr->data=rr->comp; - +#endif return(1); } int ssl3_do_compress(SSL *ssl) { +#ifndef OPENSSL_NO_COMP int i; SSL3_RECORD *wr; @@ -506,6 +547,7 @@ int ssl3_do_compress(SSL *ssl) wr->length=i; wr->input=wr->data; +#endif return(1); } @@ -536,8 +578,8 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) n=(len-tot); for (;;) { - if (n > SSL3_RT_MAX_PLAIN_LENGTH) - nw=SSL3_RT_MAX_PLAIN_LENGTH; + if (n > s->max_send_fragment) + nw=s->max_send_fragment; else nw=n; @@ -569,14 +611,19 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, { unsigned char *p,*plen; int i,mac_size,clear=0; - int prefix_len = 0; + int prefix_len=0; + long align=0; SSL3_RECORD *wr; - SSL3_BUFFER *wb; + SSL3_BUFFER *wb=&(s->s3->wbuf); SSL_SESSION *sess; + if (wb->buf == NULL) + if (!ssl3_setup_write_buffer(s)) + return -1; + /* first check if there is a SSL3_BUFFER still being written * out. This will happen with non blocking IO */ - if (s->s3->wbuf.left != 0) + if (wb->left != 0) return(ssl3_write_pending(s,type,buf,len)); /* If we have an alert to send, lets send it */ @@ -592,18 +639,17 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, return 0; wr= &(s->s3->wrec); - wb= &(s->s3->wbuf); sess=s->session; if ( (sess == NULL) || (s->enc_write_ctx == NULL) || - (s->write_hash == NULL)) + (EVP_MD_CTX_md(s->write_hash) == NULL)) clear=1; if (clear) mac_size=0; else - mac_size=EVP_MD_size(s->write_hash); + mac_size=EVP_MD_CTX_size(s->write_hash); /* 'create_empty_fragment' is true only when this function calls itself */ if (!clear && !create_empty_fragment && !s->s3->empty_fragment_done) @@ -621,7 +667,8 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, if (prefix_len <= 0) goto err; - if (s->s3->wbuf.len < (size_t)prefix_len + SSL3_RT_MAX_PACKET_SIZE) + if (prefix_len > + (SSL3_RT_HEADER_LENGTH + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD)) { /* insufficient space */ SSLerr(SSL_F_DO_SSL3_WRITE, ERR_R_INTERNAL_ERROR); @@ -632,7 +679,32 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, s->s3->empty_fragment_done = 1; } - p = wb->buf + prefix_len; + if (create_empty_fragment) + { +#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0 + /* extra fragment would be couple of cipher blocks, + * which would be multiple of SSL3_ALIGN_PAYLOAD, so + * if we want to align the real payload, then we can + * just pretent we simply have two headers. */ + align = (long)wb->buf + 2*SSL3_RT_HEADER_LENGTH; + align = (-align)&(SSL3_ALIGN_PAYLOAD-1); +#endif + p = wb->buf + align; + wb->offset = align; + } + else if (prefix_len) + { + p = wb->buf + wb->offset + prefix_len; + } + else + { +#if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0 + align = (long)wb->buf + SSL3_RT_HEADER_LENGTH; + align = (-align)&(SSL3_ALIGN_PAYLOAD-1); +#endif + p = wb->buf + align; + wb->offset = align; + } /* write the header */ @@ -703,7 +775,6 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, /* now let's set up wb */ wb->left = prefix_len + wr->length; - wb->offset = 0; /* memorize arguments so that ssl3_write_pending can detect bad write retries later */ s->s3->wpend_tot=len; @@ -722,6 +793,7 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, unsigned int len) { int i; + SSL3_BUFFER *wb=&(s->s3->wbuf); /* XXXX */ if ((s->s3->wpend_tot > (int)len) @@ -740,24 +812,34 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, { s->rwstate=SSL_WRITING; i=BIO_write(s->wbio, - (char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]), - (unsigned int)s->s3->wbuf.left); + (char *)&(wb->buf[wb->offset]), + (unsigned int)wb->left); } else { SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BIO_NOT_SET); i= -1; } - if (i == s->s3->wbuf.left) + if (i == wb->left) { - s->s3->wbuf.left=0; + wb->left=0; + wb->offset+=i; + if (s->mode & SSL_MODE_RELEASE_BUFFERS) + ssl3_release_write_buffer(s); s->rwstate=SSL_NOTHING; return(s->s3->wpend_ret); } - else if (i <= 0) + else if (i <= 0) { + if (s->version == DTLS1_VERSION) { + /* For DTLS, just drop it. That's kind of the wh +ole + point in using a datagram service */ + wb->left = 0; + } return(i); - s->s3->wbuf.offset+=i; - s->s3->wbuf.left-=i; + } + wb->offset+=i; + wb->left-=i; } } @@ -796,7 +878,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) void (*cb)(const SSL *ssl,int type2,int val)=NULL; if (s->s3->rbuf.buf == NULL) /* Not initialized yet */ - if (!ssl3_setup_buffers(s)) + if (!ssl3_setup_read_buffer(s)) return(-1); if ((type && (type != SSL3_RT_APPLICATION_DATA) && (type != SSL3_RT_HANDSHAKE) && type) || @@ -905,6 +987,8 @@ start: { s->rstate=SSL_ST_READ_HEADER; rr->off=0; + if (s->mode & SSL_MODE_RELEASE_BUFFERS) + ssl3_release_read_buffer(s); } } return(n); @@ -1226,6 +1310,13 @@ int ssl3_do_change_cipher_spec(SSL *s) if (s->s3->tmp.key_block == NULL) { + if (s->session == NULL) + { + /* might happen if dtls1_read_bytes() calls this */ + SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC,SSL_R_CCS_RECEIVED_EARLY); + return (0); + } + s->session->cipher=s->s3->tmp.new_cipher; if (!s->method->ssl3_enc->setup_key_block(s)) return(0); } @@ -1248,8 +1339,6 @@ int ssl3_do_change_cipher_spec(SSL *s) } s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s, - &(s->s3->finish_dgst1), - &(s->s3->finish_dgst2), sender,slen,s->s3->tmp.peer_finish_md); return(1);