diff options
| author | jsing <> | 2019-02-25 16:52:34 +0000 |
|---|---|---|
| committer | jsing <> | 2019-02-25 16:52:34 +0000 |
| commit | 00b0b7c7b9a016dec85b4344c57d08c4019c8f06 (patch) | |
| tree | 0e724ebb242bfa78e586f1ef58071ff6e7f4dffd | |
| parent | 395120b4a264fb5eaadb4e8296f4d6bec2216b6b (diff) | |
| download | openbsd-00b0b7c7b9a016dec85b4344c57d08c4019c8f06.tar.gz openbsd-00b0b7c7b9a016dec85b4344c57d08c4019c8f06.tar.bz2 openbsd-00b0b7c7b9a016dec85b4344c57d08c4019c8f06.zip | |
Correctly handle oversize writes.
If the record layer is asked to write more than fits in a plaintext record,
cap the amount at that limit. This means that we will effectively write out
a single record and return a short-write.
This behaviour matches SSL_write() with SSL_MODE_ENABLE_PARTIAL_WRITE
enabled and the non-SSL_MODE_ENABLE_PARTIAL_WRITE case will be handled
at a higher layer.
ok inoguchi@ tb@
| -rw-r--r-- | src/lib/libssl/tls13_record_layer.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/lib/libssl/tls13_record_layer.c b/src/lib/libssl/tls13_record_layer.c index 07efcbc702..d4bc50ab4e 100644 --- a/src/lib/libssl/tls13_record_layer.c +++ b/src/lib/libssl/tls13_record_layer.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_record_layer.c,v 1.6 2019/02/23 15:02:34 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_record_layer.c,v 1.7 2019/02/25 16:52:34 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -760,7 +760,9 @@ static ssize_t | |||
| 760 | tls13_record_layer_write(struct tls13_record_layer *rl, uint8_t content_type, | 760 | tls13_record_layer_write(struct tls13_record_layer *rl, uint8_t content_type, |
| 761 | const uint8_t *buf, size_t n) | 761 | const uint8_t *buf, size_t n) |
| 762 | { | 762 | { |
| 763 | /* XXX - handle fragmenting... */ | 763 | if (n > TLS13_RECORD_MAX_PLAINTEXT_LEN) |
| 764 | n = TLS13_RECORD_MAX_PLAINTEXT_LEN; | ||
| 765 | |||
| 764 | return tls13_record_layer_write_record(rl, content_type, buf, n); | 766 | return tls13_record_layer_write_record(rl, content_type, buf, n); |
| 765 | } | 767 | } |
| 766 | 768 | ||