summaryrefslogtreecommitdiff
path: root/src/lib/libssl/d1_both.c
diff options
context:
space:
mode:
authorjsing <>2021-01-19 18:51:08 +0000
committerjsing <>2021-01-19 18:51:08 +0000
commitac4995fa26f1a8ba3ff386c0caf843a423a4abc7 (patch)
tree5ff1746dcd8d564bdb0c60d5075f307fbaeac57d /src/lib/libssl/d1_both.c
parent0e9595ce9da2c27470d495fbfc1b189eb4a3df24 (diff)
downloadopenbsd-ac4995fa26f1a8ba3ff386c0caf843a423a4abc7.tar.gz
openbsd-ac4995fa26f1a8ba3ff386c0caf843a423a4abc7.tar.bz2
openbsd-ac4995fa26f1a8ba3ff386c0caf843a423a4abc7.zip
Provide record layer overhead for DTLS.
Rather than manually calculating the maximum record layer overhead in the DTLS code, have the record layer provide this information. This also makes it work correctly with AEAD ciphersuites. ok inoguchi@ tb@
Diffstat (limited to 'src/lib/libssl/d1_both.c')
-rw-r--r--src/lib/libssl/d1_both.c22
1 files changed, 7 insertions, 15 deletions
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index ae5ebfacb4..d6bf6dfd1b 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: d1_both.c,v 1.63 2020/12/05 19:34:57 tb Exp $ */ 1/* $OpenBSD: d1_both.c,v 1.64 2021/01/19 18:51:08 jsing Exp $ */
2/* 2/*
3 * DTLS implementation written by Nagendra Modadugu 3 * DTLS implementation written by Nagendra Modadugu
4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. 4 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -218,7 +218,8 @@ dtls1_do_write(SSL *s, int type)
218{ 218{
219 int ret; 219 int ret;
220 int curr_mtu; 220 int curr_mtu;
221 unsigned int len, frag_off, mac_size, blocksize; 221 unsigned int len, frag_off;
222 size_t overhead;
222 223
223 /* AHA! Figure out the MTU, and stick to the right size */ 224 /* AHA! Figure out the MTU, and stick to the right size */
224 if (D1I(s)->mtu < dtls1_min_mtu() && 225 if (D1I(s)->mtu < dtls1_min_mtu() &&
@@ -246,21 +247,13 @@ dtls1_do_write(SSL *s, int type)
246 OPENSSL_assert(s->internal->init_num == 247 OPENSSL_assert(s->internal->init_num ==
247 (int)D1I(s)->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH); 248 (int)D1I(s)->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH);
248 249
249 if (s->internal->write_hash) 250 if (!tls12_record_layer_write_overhead(s->internal->rl, &overhead))
250 mac_size = EVP_MD_CTX_size(s->internal->write_hash); 251 return -1;
251 else
252 mac_size = 0;
253
254 if (s->internal->enc_write_ctx &&
255 (EVP_CIPHER_mode( s->internal->enc_write_ctx->cipher) & EVP_CIPH_CBC_MODE))
256 blocksize = 2 * EVP_CIPHER_block_size(s->internal->enc_write_ctx->cipher);
257 else
258 blocksize = 0;
259 252
260 frag_off = 0; 253 frag_off = 0;
261 while (s->internal->init_num) { 254 while (s->internal->init_num) {
262 curr_mtu = D1I(s)->mtu - BIO_wpending(SSL_get_wbio(s)) - 255 curr_mtu = D1I(s)->mtu - BIO_wpending(SSL_get_wbio(s)) -
263 DTLS1_RT_HEADER_LENGTH - mac_size - blocksize; 256 DTLS1_RT_HEADER_LENGTH - overhead;
264 257
265 if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) { 258 if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) {
266 /* grr.. we could get an error if MTU picked was wrong */ 259 /* grr.. we could get an error if MTU picked was wrong */
@@ -268,7 +261,7 @@ dtls1_do_write(SSL *s, int type)
268 if (ret <= 0) 261 if (ret <= 0)
269 return ret; 262 return ret;
270 curr_mtu = D1I(s)->mtu - DTLS1_RT_HEADER_LENGTH - 263 curr_mtu = D1I(s)->mtu - DTLS1_RT_HEADER_LENGTH -
271 mac_size - blocksize; 264 overhead;
272 } 265 }
273 266
274 if (s->internal->init_num > curr_mtu) 267 if (s->internal->init_num > curr_mtu)
@@ -276,7 +269,6 @@ dtls1_do_write(SSL *s, int type)
276 else 269 else
277 len = s->internal->init_num; 270 len = s->internal->init_num;
278 271
279
280 /* XDTLS: this function is too long. split out the CCS part */ 272 /* XDTLS: this function is too long. split out the CCS part */
281 if (type == SSL3_RT_HANDSHAKE) { 273 if (type == SSL3_RT_HANDSHAKE) {
282 if (s->internal->init_off != 0) { 274 if (s->internal->init_off != 0) {
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 20:49:42 +0000