diff options
Diffstat (limited to 'ssl/record/ssl3_record.c')
-rw-r--r-- | ssl/record/ssl3_record.c | 52 |
1 files changed, 28 insertions, 24 deletions
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index 5975a33c47..74343229cc 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -208,14 +208,14 @@ int ssl3_get_record(SSL *s) again: /* check if we have the header */ if ((s->rstate != SSL_ST_READ_BODY) || - (s->packet_length < SSL3_RT_HEADER_LENGTH)) { + (RECORD_LAYER_get_packet_length(&s->rlayer) < SSL3_RT_HEADER_LENGTH)) { n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, SSL3_BUFFER_get_len(&s->rlayer.rbuf), 0); if (n <= 0) return (n); /* error or non-blocking */ s->rstate = SSL_ST_READ_BODY; - p = s->packet; + p = RECORD_LAYER_get_packet(&s->rlayer); if (s->msg_callback) s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s, s->msg_callback_arg); @@ -260,7 +260,8 @@ int ssl3_get_record(SSL *s) /* s->rstate == SSL_ST_READ_BODY, get and decode the data */ - if (rr->length > s->packet_length - SSL3_RT_HEADER_LENGTH) { + if (rr->length > + RECORD_LAYER_get_packet_length(&s->rlayer) - SSL3_RT_HEADER_LENGTH) { /* now s->packet_length == SSL3_RT_HEADER_LENGTH */ i = rr->length; n = ssl3_read_n(s, i, i, 1); @@ -278,7 +279,7 @@ int ssl3_get_record(SSL *s) * At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length, * and we have that many bytes in s->packet */ - rr->input = &(s->packet[SSL3_RT_HEADER_LENGTH]); + rr->input = &(RECORD_LAYER_get_packet(&s->rlayer)[SSL3_RT_HEADER_LENGTH]); /* * ok, we can now read from 's->packet' data into 'rr' rr->input points @@ -446,7 +447,7 @@ int ssl3_get_record(SSL *s) */ /* we have pulled in a full packet so zero things */ - s->packet_length = 0; + RECORD_LAYER_reset_packet_length(&s->rlayer); /* just read a 0 length packet */ if (rr->length == 0) { @@ -1205,7 +1206,7 @@ int dtls1_process_record(SSL *s) * At this point, s->packet_length == SSL3_RT_HEADER_LNGTH + rr->length, * and we have that many bytes in s->packet */ - rr->input = &(s->packet[DTLS1_RT_HEADER_LENGTH]); + rr->input = &(RECORD_LAYER_get_packet(&s->rlayer)[DTLS1_RT_HEADER_LENGTH]); /* * ok, we can now read from 's->packet' data into 'rr' rr->input points @@ -1240,7 +1241,7 @@ int dtls1_process_record(SSL *s) if (enc_err == 0) { /* For DTLS we simply ignore bad packets. */ rr->length = 0; - s->packet_length = 0; + RECORD_LAYER_reset_packet_length(&s->rlayer); goto err; } #ifdef TLS_DEBUG @@ -1308,7 +1309,7 @@ int dtls1_process_record(SSL *s) if (enc_err < 0) { /* decryption failed, silently discard message */ rr->length = 0; - s->packet_length = 0; + RECORD_LAYER_reset_packet_length(&s->rlayer); goto err; } @@ -1344,7 +1345,7 @@ int dtls1_process_record(SSL *s) */ /* we have pulled in a full packet so zero things */ - s->packet_length = 0; + RECORD_LAYER_reset_packet_length(&s->rlayer); return (1); f_err: @@ -1399,7 +1400,7 @@ int dtls1_get_record(SSL *s) again: /* check if we have the header */ if ((s->rstate != SSL_ST_READ_BODY) || - (s->packet_length < DTLS1_RT_HEADER_LENGTH)) { + (RECORD_LAYER_get_packet_length(&s->rlayer) < DTLS1_RT_HEADER_LENGTH)) { n = ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, SSL3_BUFFER_get_len(&s->rlayer.rbuf), 0); /* read timeout is handled by dtls1_read_bytes */ @@ -1407,14 +1408,14 @@ int dtls1_get_record(SSL *s) return (n); /* error or non-blocking */ /* this packet contained a partial record, dump it */ - if (s->packet_length != DTLS1_RT_HEADER_LENGTH) { - s->packet_length = 0; + if (RECORD_LAYER_get_packet_length(&s->rlayer) != DTLS1_RT_HEADER_LENGTH) { + RECORD_LAYER_reset_packet_length(&s->rlayer); goto again; } s->rstate = SSL_ST_READ_BODY; - p = s->packet; + p = RECORD_LAYER_get_packet(&s->rlayer); if (s->msg_callback) s->msg_callback(0, 0, SSL3_RT_HEADER, p, DTLS1_RT_HEADER_LENGTH, @@ -1439,7 +1440,7 @@ int dtls1_get_record(SSL *s) if (version != s->version) { /* unexpected version, silently discard */ rr->length = 0; - s->packet_length = 0; + RECORD_LAYER_reset_packet_length(&s->rlayer); goto again; } } @@ -1447,14 +1448,14 @@ int dtls1_get_record(SSL *s) if ((version & 0xff00) != (s->version & 0xff00)) { /* wrong version, silently discard record */ rr->length = 0; - s->packet_length = 0; + RECORD_LAYER_reset_packet_length(&s->rlayer); goto again; } if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) { /* record too long, silently discard it */ rr->length = 0; - s->packet_length = 0; + RECORD_LAYER_reset_packet_length(&s->rlayer); goto again; } @@ -1463,14 +1464,15 @@ int dtls1_get_record(SSL *s) /* s->rstate == SSL_ST_READ_BODY, get and decode the data */ - if (rr->length > s->packet_length - DTLS1_RT_HEADER_LENGTH) { + if (rr->length > + RECORD_LAYER_get_packet_length(&s->rlayer) - DTLS1_RT_HEADER_LENGTH) { /* now s->packet_length == DTLS1_RT_HEADER_LENGTH */ i = rr->length; n = ssl3_read_n(s, i, i, 1); /* this packet contained a partial record, dump it */ if (n != i) { rr->length = 0; - s->packet_length = 0; + RECORD_LAYER_reset_packet_length(&s->rlayer); goto again; } @@ -1485,7 +1487,7 @@ int dtls1_get_record(SSL *s) bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch); if (bitmap == NULL) { rr->length = 0; - s->packet_length = 0; /* dump this record */ + RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */ goto again; /* get another record */ } #ifndef OPENSSL_NO_SCTP @@ -1499,11 +1501,13 @@ int dtls1_get_record(SSL *s) * connections and would be dropped unnecessarily. */ if (!(s->d1->listen && rr->type == SSL3_RT_HANDSHAKE && - s->packet_length > DTLS1_RT_HEADER_LENGTH && - s->packet[DTLS1_RT_HEADER_LENGTH] == SSL3_MT_CLIENT_HELLO) && + RECORD_LAYER_get_packet_length(&s->rlayer) + > DTLS1_RT_HEADER_LENGTH && + RECORD_LAYER_get_packet(&s->rlayer)[DTLS1_RT_HEADER_LENGTH] + == SSL3_MT_CLIENT_HELLO) && !dtls1_record_replay_check(s, bitmap)) { rr->length = 0; - s->packet_length = 0; /* dump this record */ + RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */ goto again; /* get another record */ } #ifndef OPENSSL_NO_SCTP @@ -1529,13 +1533,13 @@ int dtls1_get_record(SSL *s) dtls1_record_bitmap_update(s, bitmap); } rr->length = 0; - s->packet_length = 0; + RECORD_LAYER_reset_packet_length(&s->rlayer); goto again; } if (!dtls1_process_record(s)) { rr->length = 0; - s->packet_length = 0; /* dump this record */ + RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */ goto again; /* get another record */ } dtls1_record_bitmap_update(s, bitmap); /* Mark receipt of record. */ |