diff options
Diffstat (limited to 'src/lib/libssl/d1_both.c')
| -rw-r--r-- | src/lib/libssl/d1_both.c | 22 |
1 files changed, 7 insertions, 15 deletions
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c index ae5ebfacb4..d6bf6dfd1b 100644 --- a/src/lib/libssl/d1_both.c +++ b/src/lib/libssl/d1_both.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_both.c,v 1.63 2020/12/05 19:34:57 tb Exp $ */ | 1 | /* $OpenBSD: d1_both.c,v 1.64 2021/01/19 18:51:08 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -218,7 +218,8 @@ dtls1_do_write(SSL *s, int type) | |||
| 218 | { | 218 | { |
| 219 | int ret; | 219 | int ret; |
| 220 | int curr_mtu; | 220 | int curr_mtu; |
| 221 | unsigned int len, frag_off, mac_size, blocksize; | 221 | unsigned int len, frag_off; |
| 222 | size_t overhead; | ||
| 222 | 223 | ||
| 223 | /* AHA! Figure out the MTU, and stick to the right size */ | 224 | /* AHA! Figure out the MTU, and stick to the right size */ |
| 224 | if (D1I(s)->mtu < dtls1_min_mtu() && | 225 | if (D1I(s)->mtu < dtls1_min_mtu() && |
| @@ -246,21 +247,13 @@ dtls1_do_write(SSL *s, int type) | |||
| 246 | OPENSSL_assert(s->internal->init_num == | 247 | OPENSSL_assert(s->internal->init_num == |
| 247 | (int)D1I(s)->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH); | 248 | (int)D1I(s)->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH); |
| 248 | 249 | ||
| 249 | if (s->internal->write_hash) | 250 | if (!tls12_record_layer_write_overhead(s->internal->rl, &overhead)) |
| 250 | mac_size = EVP_MD_CTX_size(s->internal->write_hash); | 251 | return -1; |
| 251 | else | ||
| 252 | mac_size = 0; | ||
| 253 | |||
| 254 | if (s->internal->enc_write_ctx && | ||
| 255 | (EVP_CIPHER_mode( s->internal->enc_write_ctx->cipher) & EVP_CIPH_CBC_MODE)) | ||
| 256 | blocksize = 2 * EVP_CIPHER_block_size(s->internal->enc_write_ctx->cipher); | ||
| 257 | else | ||
| 258 | blocksize = 0; | ||
| 259 | 252 | ||
| 260 | frag_off = 0; | 253 | frag_off = 0; |
| 261 | while (s->internal->init_num) { | 254 | while (s->internal->init_num) { |
| 262 | curr_mtu = D1I(s)->mtu - BIO_wpending(SSL_get_wbio(s)) - | 255 | curr_mtu = D1I(s)->mtu - BIO_wpending(SSL_get_wbio(s)) - |
| 263 | DTLS1_RT_HEADER_LENGTH - mac_size - blocksize; | 256 | DTLS1_RT_HEADER_LENGTH - overhead; |
| 264 | 257 | ||
| 265 | if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) { | 258 | if (curr_mtu <= DTLS1_HM_HEADER_LENGTH) { |
| 266 | /* grr.. we could get an error if MTU picked was wrong */ | 259 | /* grr.. we could get an error if MTU picked was wrong */ |
| @@ -268,7 +261,7 @@ dtls1_do_write(SSL *s, int type) | |||
| 268 | if (ret <= 0) | 261 | if (ret <= 0) |
| 269 | return ret; | 262 | return ret; |
| 270 | curr_mtu = D1I(s)->mtu - DTLS1_RT_HEADER_LENGTH - | 263 | curr_mtu = D1I(s)->mtu - DTLS1_RT_HEADER_LENGTH - |
| 271 | mac_size - blocksize; | 264 | overhead; |
| 272 | } | 265 | } |
| 273 | 266 | ||
| 274 | if (s->internal->init_num > curr_mtu) | 267 | if (s->internal->init_num > curr_mtu) |
| @@ -276,7 +269,6 @@ dtls1_do_write(SSL *s, int type) | |||
| 276 | else | 269 | else |
| 277 | len = s->internal->init_num; | 270 | len = s->internal->init_num; |
| 278 | 271 | ||
| 279 | |||
| 280 | /* XDTLS: this function is too long. split out the CCS part */ | 272 | /* XDTLS: this function is too long. split out the CCS part */ |
| 281 | if (type == SSL3_RT_HANDSHAKE) { | 273 | if (type == SSL3_RT_HANDSHAKE) { |
| 282 | if (s->internal->init_off != 0) { | 274 | if (s->internal->init_off != 0) { |