Provide a new WPACKET function for filling in all the lengths

For the psk extension we need to fill in all the lengths of the message so
far, even though we haven't closed the WPACKET yet. This provides a function
to do that.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2259)

diff --git a/ssl/packet.c b/ssl/packet.c
index 12321e719e9ddab9c3d298d45e3618c7a4116023..87473fbbce9fdb44ccf60929d2b4792b539b8aa1 100644 (file)
--- a/ssl/packet.c
+++ b/ssl/packet.c
@@ -180,12 +180,13 @@ static int put_value(unsigned char *data, size_t value, size_t len)
 
 
 /*
- * Internal helper function used by WPACKET_close() and WPACKET_finish() to
- * close a sub-packet and write out its length if necessary.
+ * Internal helper function used by WPACKET_close(), WPACKET_finish() and
+ * WPACKET_fill_lengths() to close a sub-packet and write out its length if
+ * necessary. If |doclose| is 0 then it goes through the motions of closing
+ * (i.e. it fills in all the lengths), but doesn't actually close anything.
  */
-static int wpacket_intern_close(WPACKET *pkt)
+static int wpacket_intern_close(WPACKET *pkt, WPACKET_SUB *sub, int doclose)
 {
-    WPACKET_SUB *sub = pkt->subs;
     size_t packlen = pkt->written - sub->pwritten;
 
     if (packlen == 0
@@ -194,6 +195,10 @@ static int wpacket_intern_close(WPACKET *pkt)
 
     if (packlen == 0
             && sub->flags & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) {
+        /* We can't handle this case. Return an error */
+        if (!doclose)
+            return 0;
+
         /* Deallocate any bytes allocated for the length of the WPACKET */
         if ((pkt->curr - sub->lenbytes) == sub->packet_len) {
             pkt->written -= sub->lenbytes;
@@ -211,8 +216,28 @@ static int wpacket_intern_close(WPACKET *pkt)
                               sub->lenbytes))
             return 0;
 
-    pkt->subs = sub->parent;
-    OPENSSL_free(sub);
+    if (doclose) {
+        pkt->subs = sub->parent;
+        OPENSSL_free(sub);
+    }
+
+    return 1;
+}
+
+int WPACKET_fill_lengths(WPACKET *pkt)
+{
+    WPACKET_SUB *sub;
+
+    assert(pkt->subs != NULL);
+    if (pkt->subs == NULL)
+        return 0;
+
+    sub = pkt->subs;
+    do {
+        if (!wpacket_intern_close(pkt, sub, 0))
+            return 0;
+        sub = sub->parent;
+    } while (sub != NULL);
 
     return 1;
 }
@@ -226,7 +251,7 @@ int WPACKET_close(WPACKET *pkt)
     if (pkt->subs == NULL || pkt->subs->parent == NULL)
         return 0;
 
-    return wpacket_intern_close(pkt);
+    return wpacket_intern_close(pkt, pkt->subs, 1);
 }
 
 int WPACKET_finish(WPACKET *pkt)
@@ -240,7 +265,7 @@ int WPACKET_finish(WPACKET *pkt)
     if (pkt->subs == NULL || pkt->subs->parent != NULL)
         return 0;
 
-    ret = wpacket_intern_close(pkt);
+    ret = wpacket_intern_close(pkt, pkt->subs, 1);
     if (ret) {
         OPENSSL_free(pkt->subs);
         pkt->subs = NULL;

diff --git a/ssl/packet_locl.h b/ssl/packet_locl.h
index 61233d9b6a041a70165cb27fab0341a0913ab04c..cd702653370f61c561dc4938a2363e63cfc17b3d 100644 (file)
--- a/ssl/packet_locl.h
+++ b/ssl/packet_locl.h
@@ -699,6 +699,15 @@ int WPACKET_close(WPACKET *pkt);
  */
 int WPACKET_finish(WPACKET *pkt);
 
+/*
+ * Iterates through all the sub-packets and writes out their lengths as if they
+ * were being closed. The lengths will be overwritten with the final lengths
+ * when the sub-packets are eventually closed (which may be different if more
+ * data is added to the WPACKET). This function will fail if a sub-packet is of
+ * 0 length and WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH is used.
+ */
+int WPACKET_fill_lengths(WPACKET *pkt);
+
 /*
  * Initialise a new sub-packet. Additionally |lenbytes| of data is preallocated
  * at the start of the sub-packet to store its length once we know it. Don't