From 9e9db88c593e9fe3ec46a015b783a8903db297c3 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Wed, 22 Jan 2020 06:23:00 +0000 Subject: Implement support for SSL_peek() in the TLSv1.3 record layer. ok beck@ tb@ --- src/lib/libssl/tls13_record_layer.c | 36 +++++++++++++++++++++++++++++++----- 1 file changed, 31 insertions(+), 5 deletions(-) (limited to 'src/lib/libssl/tls13_record_layer.c') diff --git a/src/lib/libssl/tls13_record_layer.c b/src/lib/libssl/tls13_record_layer.c index ef558d52df..4de7340999 100644 --- a/src/lib/libssl/tls13_record_layer.c +++ b/src/lib/libssl/tls13_record_layer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_record_layer.c,v 1.21 2020/01/22 05:06:23 tb Exp $ */ +/* $OpenBSD: tls13_record_layer.c,v 1.22 2020/01/22 06:23:00 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -812,8 +812,8 @@ tls13_record_layer_read_record(struct tls13_record_layer *rl) } ssize_t -tls13_record_layer_read(struct tls13_record_layer *rl, uint8_t content_type, - uint8_t *buf, size_t n) +tls13_record_layer_read_internal(struct tls13_record_layer *rl, + uint8_t content_type, uint8_t *buf, size_t n, int peek) { ssize_t ret; @@ -898,8 +898,11 @@ tls13_record_layer_read(struct tls13_record_layer *rl, uint8_t content_type, /* XXX - CBS_memcpy? CBS_copy_bytes? */ memcpy(buf, CBS_data(&rl->rbuf_cbs), n); - if (!CBS_skip(&rl->rbuf_cbs, n)) - goto err; + + if (!peek) { + if (!CBS_skip(&rl->rbuf_cbs, n)) + goto err; + } if (CBS_len(&rl->rbuf_cbs) == 0) tls13_record_layer_rbuf_free(rl); @@ -910,6 +913,20 @@ tls13_record_layer_read(struct tls13_record_layer *rl, uint8_t content_type, return TLS13_IO_FAILURE; } +ssize_t +tls13_record_layer_peek(struct tls13_record_layer *rl, uint8_t content_type, + uint8_t *buf, size_t n) +{ + return tls13_record_layer_read_internal(rl, content_type, buf, n, 1); +} + +ssize_t +tls13_record_layer_read(struct tls13_record_layer *rl, uint8_t content_type, + uint8_t *buf, size_t n) +{ + return tls13_record_layer_read_internal(rl, content_type, buf, n, 0); +} + static ssize_t tls13_record_layer_write_record(struct tls13_record_layer *rl, uint8_t content_type, const uint8_t *content, size_t content_len) @@ -1005,6 +1022,15 @@ tls13_write_handshake_data(struct tls13_record_layer *rl, const uint8_t *buf, return tls13_record_layer_write(rl, SSL3_RT_HANDSHAKE, buf, n); } +ssize_t +tls13_peek_application_data(struct tls13_record_layer *rl, uint8_t *buf, size_t n) +{ + if (!rl->handshake_completed) + return TLS13_IO_FAILURE; + + return tls13_record_layer_peek(rl, SSL3_RT_APPLICATION_DATA, buf, n); +} + ssize_t tls13_read_application_data(struct tls13_record_layer *rl, uint8_t *buf, size_t n) { -- cgit v1.2.3-55-g6feb