diff options
| author | Matt Caswell <matt@openssl.org> | 2022-10-13 11:25:56 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2022-10-20 14:39:33 +0100 |
| commit | 248a9bf21ad5a61d911765964e2758e0da3c554c (patch) | |
| tree | 434f4df627f1daf61c522a53980335f7c7e17d95 | |
| parent | 602ee1f672a41f984e8923ad7430ca51ca42abde (diff) | |
Start using WPACKET in the dtls write records code
Previously this was writing to the buffers directly. We use the safer
WPACKET instead
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19424)
| -rw-r--r-- | ssl/record/methods/dtls_meth.c | 28 | ||||
| -rw-r--r-- | ssl/record/methods/tls1_meth.c | 3 | ||||
| -rw-r--r-- | ssl/record/methods/tlsany_meth.c | 2 |
3 files changed, 24 insertions, 9 deletions
diff --git a/ssl/record/methods/dtls_meth.c b/ssl/record/methods/dtls_meth.c index 14cd70095d..1b51c84893 100644 --- a/ssl/record/methods/dtls_meth.c +++ b/ssl/record/methods/dtls_meth.c @@ -701,6 +701,9 @@ int dtls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates, SSL3_BUFFER *wb; SSL_SESSION *sess; SSL *s = SSL_CONNECTION_GET_SSL(sc); + WPACKET pkt, *thispkt = &pkt; + size_t wpinited = 0; + int ret = 0; sess = sc->session; @@ -731,6 +734,14 @@ int dtls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates, return 0; } + if (!rl->funcs->initialise_write_packets(rl, templates, numtempl, + NULL, thispkt, rl->wbuf, + &wpinited)) { + /* RLAYERfatal() already called */ + return 0; + } + + wb = rl->wbuf; p = SSL3_BUFFER_get_buf(wb); @@ -752,7 +763,7 @@ int dtls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates, eivlen = EVP_CIPHER_CTX_get_iv_length(sc->enc_write_ctx); if (eivlen < 0) { RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_LIBRARY_BUG); - return 0; + goto err; } if (eivlen <= 1) eivlen = 0; @@ -780,7 +791,7 @@ int dtls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates, if (sc->compress != NULL) { if (!ssl3_do_compress(sc, &wr)) { RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_COMPRESSION_FAILURE); - return 0; + goto err; } } else { memcpy(SSL3_RECORD_get_data(&wr), SSL3_RECORD_get_input(&wr), @@ -799,7 +810,7 @@ int dtls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates, &(p[SSL3_RECORD_get_length(&wr) + eivlen]), 1)) { RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); - return 0; + goto err; } SSL3_RECORD_add_length(&wr, mac_size); } @@ -815,14 +826,14 @@ int dtls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates, if (!ossl_statem_in_error(sc)) { RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); } - return 0; + goto err; } if (SSL_WRITE_ETM(sc) && mac_size != 0) { if (!s->method->ssl3_enc->mac(sc, &wr, &(p[SSL3_RECORD_get_length(&wr)]), 1)) { RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); - return 0; + goto err; } SSL3_RECORD_add_length(&wr, mac_size); } @@ -863,8 +874,11 @@ int dtls_write_records(OSSL_RECORD_LAYER *rl, OSSL_RECORD_TEMPLATE *templates, sc->rlayer.wpend_type = templates->type; sc->rlayer.wpend_ret = templates->buflen; - - return 1; + ret = 1; + err: + if (wpinited > 0) + WPACKET_cleanup(thispkt); + return ret; } const OSSL_RECORD_METHOD ossl_dtls_record_method = { diff --git a/ssl/record/methods/tls1_meth.c b/ssl/record/methods/tls1_meth.c index 392ce336be..5f6ff3f806 100644 --- a/ssl/record/methods/tls1_meth.c +++ b/ssl/record/methods/tls1_meth.c @@ -680,7 +680,8 @@ struct record_functions_st dtls_1_funcs = { * instead. */ tls_allocate_write_buffers_default, - NULL, + /* Don't use tls1_initialise_write_packets for same reason as above */ + tls_initialise_write_packets_default, NULL, NULL, NULL, diff --git a/ssl/record/methods/tlsany_meth.c b/ssl/record/methods/tlsany_meth.c index 0914acc15e..4cdb0e8ca6 100644 --- a/ssl/record/methods/tlsany_meth.c +++ b/ssl/record/methods/tlsany_meth.c @@ -185,7 +185,7 @@ struct record_functions_st dtls_any_funcs = { NULL, dtls_write_records, tls_allocate_write_buffers_default, - NULL, + tls_initialise_write_packets_default, NULL, NULL, NULL, |