Provide ssl3_packet_read() and ssl3_packet_extend() functions that improve

the awkward API provided by ssl3_read_n(). Call these when we need to read or extend a packet. ok beck@
author: jsing <> 2017-01-25 06:13:02 +0000
committer: jsing <> 2017-01-25 06:13:02 +0000
commit: 994be17488e885953ca1fef89bbc4d5fb24eba71 (patch)
tree: fa8c6cb9fb6d55c7422e8539eed63d9c115a282d /src/lib/libssl/d1_pkt.c
parent: 0bc052b366fc7f6e3f38271d4294ce4217f86f4d (diff)
download: openbsd-994be17488e885953ca1fef89bbc4d5fb24eba71.tar.gz
openbsd-994be17488e885953ca1fef89bbc4d5fb24eba71.tar.bz2
openbsd-994be17488e885953ca1fef89bbc4d5fb24eba71.zip
1 files changed, 12 insertions, 19 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index f15b64364e..19853d2375 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.58 2017/01/23 14:35:42 jsing Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.59 2017/01/25 06:13:02 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -469,11 +469,11 @@ err:
 int
 dtls1_get_record(SSL *s)
 {
-        int i, n;
        SSL3_RECORD *rr;
        unsigned char *p = NULL;
        DTLS1_BITMAP *bitmap;
        unsigned int is_next_epoch;
+        int n;
        rr = &(S3I(s)->rrec);
@@ -501,13 +501,12 @@ again:
                uint16_t epoch, len, ssl_version;
                uint8_t type;
-                n = ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, s->s3->rbuf.len, 0);
+                n = ssl3_packet_read(s, DTLS1_RT_HEADER_LENGTH);
-                /* read timeout is handled by dtls1_read_bytes */
                if (n <= 0)
-                        return(n); /* error or non-blocking */
+                        return (n);
-                /* this packet contained a partial record, dump it */
+                /* If this packet contained a partial record, dump it. */
-                if (s->internal->packet_length != DTLS1_RT_HEADER_LENGTH)
+                if (n != DTLS1_RT_HEADER_LENGTH)
                        goto again;
                s->internal->rstate = SSL_ST_READ_BODY;
@@ -553,20 +552,14 @@ again:
        /* s->internal->rstate == SSL_ST_READ_BODY, get and decode the data */
-        if (rr->length > s->internal->packet_length - DTLS1_RT_HEADER_LENGTH) {
+        n = ssl3_packet_extend(s, DTLS1_RT_HEADER_LENGTH + rr->length);
-                /* now s->internal->packet_length == DTLS1_RT_HEADER_LENGTH */
+        if (n <= 0)
-                i = rr->length;
+                return (n);
-                n = ssl3_read_n(s, i, i, 1);
-                if (n <= 0)
-                        return(n); /* error or non-blocking io */
-                /* this packet contained a partial record, dump it */
+        /* If this packet contained a partial record, dump it. */
-                if (n != i)
+        if (n != DTLS1_RT_HEADER_LENGTH + rr->length)
-                        goto again;
+                goto again;
-                /* now n == rr->length,
-                 * and s->internal->packet_length == DTLS1_RT_HEADER_LENGTH + rr->length */
-        }
        s->internal->rstate = SSL_ST_READ_HEADER; /* set state for later operations */
        /* match epochs.  NULL means the packet is dropped on the floor */
author	jsing <>	2017-01-25 06:13:02 +0000
committer	jsing <>	2017-01-25 06:13:02 +0000
commit	994be17488e885953ca1fef89bbc4d5fb24eba71 (patch)
tree	fa8c6cb9fb6d55c7422e8539eed63d9c115a282d /src/lib/libssl/d1_pkt.c
parent	0bc052b366fc7f6e3f38271d4294ce4217f86f4d (diff)
download	openbsd-994be17488e885953ca1fef89bbc4d5fb24eba71.tar.gz openbsd-994be17488e885953ca1fef89bbc4d5fb24eba71.tar.bz2 openbsd-994be17488e885953ca1fef89bbc4d5fb24eba71.zip