diff options
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/d1_lib.c | 38 | ||||
-rw-r--r-- | ssl/d1_msg.c | 11 | ||||
-rw-r--r-- | ssl/record/rec_layer_d1.c | 20 | ||||
-rw-r--r-- | ssl/record/rec_layer_s3.c | 114 | ||||
-rw-r--r-- | ssl/record/record.h | 28 | ||||
-rw-r--r-- | ssl/record/record_locl.h | 2 | ||||
-rw-r--r-- | ssl/record/ssl3_buffer.c | 4 | ||||
-rw-r--r-- | ssl/s3_enc.c | 13 | ||||
-rw-r--r-- | ssl/s3_lib.c | 5 | ||||
-rw-r--r-- | ssl/s3_msg.c | 8 | ||||
-rw-r--r-- | ssl/ssl_err.c | 1 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 47 | ||||
-rw-r--r-- | ssl/ssl_locl.h | 39 | ||||
-rw-r--r-- | ssl/statem/statem_dtls.c | 142 | ||||
-rw-r--r-- | ssl/statem/statem_lib.c | 11 |
15 files changed, 267 insertions, 216 deletions
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index e7a6650aff..72673863cb 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -23,10 +23,10 @@ static void get_current_time(struct timeval *t); static int dtls1_handshake_write(SSL *s); -static unsigned int dtls1_link_min_mtu(void); +static size_t dtls1_link_min_mtu(void); /* XDTLS: figure out the right values */ -static const unsigned int g_probable_mtu[] = { 1500, 512, 256 }; +static const size_t g_probable_mtu[] = { 1500, 512, 256 }; const SSL3_ENC_METHOD DTLSv1_enc_data = { tls1_enc, @@ -164,8 +164,8 @@ void dtls1_clear(SSL *s) { pqueue *buffered_messages; pqueue *sent_messages; - unsigned int mtu; - unsigned int link_mtu; + size_t mtu; + size_t link_mtu; DTLS_RECORD_LAYER_clear(&s->rlayer); @@ -344,7 +344,7 @@ void dtls1_stop_timer(SSL *s) int dtls1_check_timeout_num(SSL *s) { - unsigned int mtu; + size_t mtu; s->d1->timeout.num_alerts++; @@ -872,12 +872,13 @@ static int dtls1_handshake_write(SSL *s) # define HEARTBEAT_SIZE_STD(payload) HEARTBEAT_SIZE(payload, 16) -int dtls1_process_heartbeat(SSL *s, unsigned char *p, unsigned int length) +int dtls1_process_heartbeat(SSL *s, unsigned char *p, size_t length) { unsigned char *pl; unsigned short hbtype; unsigned int payload; unsigned int padding = 16; /* Use minimum padding */ + size_t written; if (s->msg_callback) s->msg_callback(0, s->version, DTLS1_RT_HEARTBEAT, @@ -897,7 +898,7 @@ int dtls1_process_heartbeat(SSL *s, unsigned char *p, unsigned int length) if (hbtype == TLS1_HB_REQUEST) { unsigned char *buffer, *bp; - unsigned int write_length = HEARTBEAT_SIZE(payload, padding); + size_t write_length = HEARTBEAT_SIZE(payload, padding); int r; if (write_length > SSL3_RT_MAX_PLAIN_LENGTH) @@ -920,16 +921,17 @@ int dtls1_process_heartbeat(SSL *s, unsigned char *p, unsigned int length) return -1; } - r = dtls1_write_bytes(s, DTLS1_RT_HEARTBEAT, buffer, write_length); + r = dtls1_write_bytes(s, DTLS1_RT_HEARTBEAT, buffer, write_length, + &written); - if (r >= 0 && s->msg_callback) + if (r > 0 && s->msg_callback) s->msg_callback(1, s->version, DTLS1_RT_HEARTBEAT, buffer, write_length, s, s->msg_callback_arg); OPENSSL_free(buffer); - if (r < 0) - return r; + if (r <= 0) + return -1; } else if (hbtype == TLS1_HB_RESPONSE) { unsigned int seq; @@ -953,9 +955,9 @@ int dtls1_heartbeat(SSL *s) { unsigned char *buf, *p; int ret = -1; - unsigned int payload = 18; /* Sequence number + random bytes */ - unsigned int padding = 16; /* Use minimum padding */ - unsigned int size; + size_t payload = 18; /* Sequence number + random bytes */ + size_t padding = 16; /* Use minimum padding */ + size_t size, written; /* Only send if peer supports and accepts HB requests... */ if (!(s->tlsext_heartbeat & SSL_DTLSEXT_HB_ENABLED) || @@ -1006,8 +1008,8 @@ int dtls1_heartbeat(SSL *s) goto err; } - ret = dtls1_write_bytes(s, DTLS1_RT_HEARTBEAT, buf, size); - if (ret >= 0) { + ret = dtls1_write_bytes(s, DTLS1_RT_HEARTBEAT, buf, size, &written); + if (ret > 0) { if (s->msg_callback) s->msg_callback(1, s->version, DTLS1_RT_HEARTBEAT, buf, size, s, s->msg_callback_arg); @@ -1078,13 +1080,13 @@ int dtls1_query_mtu(SSL *s) return 1; } -static unsigned int dtls1_link_min_mtu(void) +static size_t dtls1_link_min_mtu(void) { return (g_probable_mtu[(sizeof(g_probable_mtu) / sizeof(g_probable_mtu[0])) - 1]); } -unsigned int dtls1_min_mtu(SSL *s) +size_t dtls1_min_mtu(SSL *s) { return dtls1_link_min_mtu() - BIO_dgram_get_mtu_overhead(SSL_get_wbio(s)); } diff --git a/ssl/d1_msg.c b/ssl/d1_msg.c index ae7aff6959..ac6d28421c 100644 --- a/ssl/d1_msg.c +++ b/ssl/d1_msg.c @@ -10,7 +10,8 @@ #define USE_SOCKETS #include "ssl_locl.h" -int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len) +int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, size_t len, + size_t *written) { int i; @@ -41,8 +42,7 @@ int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len) return -1; } - i = dtls1_write_bytes(s, type, buf_, len); - return i; + return dtls1_write_bytes(s, type, buf_, len, written); } int dtls1_dispatch_alert(SSL *s) @@ -51,6 +51,7 @@ int dtls1_dispatch_alert(SSL *s) void (*cb) (const SSL *ssl, int type, int val) = NULL; unsigned char buf[DTLS1_AL_HEADER_LENGTH]; unsigned char *ptr = &buf[0]; + size_t written; s->s3->alert_dispatch = 0; @@ -65,7 +66,7 @@ int dtls1_dispatch_alert(SSL *s) } #endif - i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0); + i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf), 0, &written); if (i <= 0) { s->s3->alert_dispatch = 1; /* fprintf( stderr, "not done with alert\n" ); */ @@ -91,5 +92,5 @@ int dtls1_dispatch_alert(SSL *s) cb(s, SSL_CB_WRITE_ALERT, j); } } - return (i); + return i; } diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index 7b35d590dc..14f9fc1020 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -971,22 +971,23 @@ static size_t have_handshake_fragment(SSL *s, int type, unsigned char *buf, * Call this to write data in records of type 'type' It will return <= 0 if * not all data has been sent or non-blocking IO. */ -int dtls1_write_bytes(SSL *s, int type, const void *buf, int len) +int dtls1_write_bytes(SSL *s, int type, const void *buf, size_t len, + size_t *written) { int i; OPENSSL_assert(len <= SSL3_RT_MAX_PLAIN_LENGTH); s->rwstate = SSL_NOTHING; - i = do_dtls1_write(s, type, buf, len, 0); + i = do_dtls1_write(s, type, buf, len, 0, written); return i; } int do_dtls1_write(SSL *s, int type, const unsigned char *buf, - unsigned int len, int create_empty_fragment) + size_t len, int create_empty_fragment, size_t *written) { unsigned char *p, *pseq; int i, mac_size, clear = 0; - int prefix_len = 0; + size_t prefix_len = 0; int eivlen; SSL3_RECORD wr; SSL3_BUFFER *wb; @@ -1000,14 +1001,14 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, */ if (SSL3_BUFFER_get_left(wb) != 0) { OPENSSL_assert(0); /* XDTLS: want to see if we ever get here */ - return (ssl3_write_pending(s, type, buf, len)); + return ssl3_write_pending(s, type, buf, len, written); } /* If we have an alert to send, lets send it */ if (s->s3->alert_dispatch) { i = s->method->ssl_dispatch_alert(s); if (i <= 0) - return (i); + return i; /* if it went, fall through and send more stuff */ } @@ -1072,7 +1073,7 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, /* lets setup the record stuff. */ SSL3_RECORD_set_data(&wr, p + eivlen); /* make room for IV in case of CBC */ - SSL3_RECORD_set_length(&wr, (int)len); + SSL3_RECORD_set_length(&wr, len); SSL3_RECORD_set_input(&wr, (unsigned char *)buf); /* @@ -1160,7 +1161,8 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, * we are in a recursive call; just return the length, don't write * out anything here */ - return wr.length; + *written = wr.length; + return 1; } /* now let's set up wb */ @@ -1177,7 +1179,7 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, s->rlayer.wpend_ret = len; /* we now just need to write the buffer */ - return ssl3_write_pending(s, type, buf, len); + return ssl3_write_pending(s, type, buf, len, written); err: return -1; } diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 6415f4882d..9c3a097420 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -347,22 +347,18 @@ int ssl3_read_n(SSL *s, size_t n, size_t max, int extend, int clearold, * Call this to write data in records of type 'type' It will return <= 0 if * not all data has been sent or non-blocking IO. */ -int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) +int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len, + size_t *written) { const unsigned char *buf = buf_; - int tot; - unsigned int n, split_send_fragment, maxpipes; + size_t tot; + size_t n, split_send_fragment, maxpipes; #if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK - unsigned int max_send_fragment, nw; - unsigned int u_len = (unsigned int)len; + size_t max_send_fragment, nw; #endif SSL3_BUFFER *wb = &s->rlayer.wbuf[0]; int i; - - if (len < 0) { - SSLerr(SSL_F_SSL3_WRITE_BYTES, SSL_R_SSL_NEGATIVE_LENGTH); - return -1; - } + size_t tmpwrit; s->rwstate = SSL_NOTHING; tot = s->rlayer.wnum; @@ -375,7 +371,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) * promptly send beyond the end of the users buffer ... so we trap and * report the error in a way the user will notice */ - if ((unsigned int)len < s->rlayer.wnum) { + if (len < s->rlayer.wnum) { SSLerr(SSL_F_SSL3_WRITE_BYTES, SSL_R_BAD_LENGTH); return -1; } @@ -385,7 +381,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) if (SSL_in_init(s) && !ossl_statem_get_in_handshake(s)) { i = s->handshake_func(s); if (i < 0) - return (i); + return i; if (i == 0) { SSLerr(SSL_F_SSL3_WRITE_BYTES, SSL_R_SSL_HANDSHAKE_FAILURE); return -1; @@ -397,13 +393,14 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) * will happen with non blocking IO */ if (wb->left != 0) { - i = ssl3_write_pending(s, type, &buf[tot], s->rlayer.wpend_tot); + i = ssl3_write_pending(s, type, &buf[tot], s->rlayer.wpend_tot, + &tmpwrit); if (i <= 0) { /* XXX should we ssl3_release_write_buffer if i<0? */ s->rlayer.wnum = tot; return i; } - tot += i; /* this might be last fragment */ + tot += tmpwrit; /* this might be last fragment */ } #if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK /* @@ -413,7 +410,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) * compromise is considered worthy. */ if (type == SSL3_RT_APPLICATION_DATA && - u_len >= 4 * (max_send_fragment = s->max_send_fragment) && + len >= 4 * (max_send_fragment = s->max_send_fragment) && s->compress == NULL && s->msg_callback == NULL && !SSL_USE_ETM(s) && SSL_USE_EXPLICIT_IV(s) && EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(s->enc_write_ctx)) & @@ -433,7 +430,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE, max_send_fragment, NULL); - if (u_len >= 8 * max_send_fragment) + if (len >= 8 * max_send_fragment) packlen *= 8; else packlen *= 4; @@ -513,7 +510,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) s->rlayer.wpend_type = type; s->rlayer.wpend_ret = nw; - i = ssl3_write_pending(s, type, &buf[tot], nw); + i = ssl3_write_pending(s, type, &buf[tot], nw, &tmpwrit); if (i <= 0) { if (i < 0 && (!s->wbio || !BIO_should_retry(s->wbio))) { /* free jumbo buffer */ @@ -522,13 +519,14 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) s->rlayer.wnum = tot; return i; } - if (i == (int)n) { + if (tmpwrit == n) { /* free jumbo buffer */ ssl3_release_write_buffer(s); - return tot + i; + *written = tot + tmpwrit; + return 1; } - n -= i; - tot += i; + n -= tmpwrit; + tot += tmpwrit; } } else #endif @@ -536,7 +534,8 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) if (s->mode & SSL_MODE_RELEASE_BUFFERS && !SSL_IS_DTLS(s)) ssl3_release_write_buffer(s); - return tot; + *written = tot; + return 1; } n = (len - tot); @@ -574,8 +573,8 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) } for (;;) { - unsigned int pipelens[SSL_MAX_PIPELINES], tmppipelen, remain; - unsigned int numpipes, j; + size_t pipelens[SSL_MAX_PIPELINES], tmppipelen, remain; + size_t numpipes, j; if (n == 0) numpipes = 1; @@ -603,14 +602,15 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) } } - i = do_ssl3_write(s, type, &(buf[tot]), pipelens, numpipes, 0); + i = do_ssl3_write(s, type, &(buf[tot]), pipelens, numpipes, 0, + &tmpwrit); if (i <= 0) { /* XXX should we ssl3_release_write_buffer if i<0? */ s->rlayer.wnum = tot; return i; } - if ((i == (int)n) || + if ((tmpwrit == n) || (type == SSL3_RT_APPLICATION_DATA && (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE))) { /* @@ -623,29 +623,29 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) !SSL_IS_DTLS(s)) ssl3_release_write_buffer(s); - return tot + i; + *written = tot + tmpwrit; + return 1; } - n -= i; - tot += i; + n -= tmpwrit; + tot += tmpwrit; } } -/* TODO(size_t): convert me */ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, - unsigned int *pipelens, unsigned int numpipes, - int create_empty_fragment) + size_t *pipelens, size_t numpipes, + int create_empty_fragment, size_t *written) { unsigned char *outbuf[SSL_MAX_PIPELINES], *plen[SSL_MAX_PIPELINES]; SSL3_RECORD wr[SSL_MAX_PIPELINES]; int i, mac_size, clear = 0; - int prefix_len = 0; + size_t prefix_len = 0; int eivlen; size_t align = 0; SSL3_BUFFER *wb; SSL_SESSION *sess; - unsigned int totlen = 0; - unsigned int j; + size_t totlen = 0; + size_t j; for (j = 0; j < numpipes; j++) totlen += pipelens[j]; @@ -654,7 +654,7 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, * will happen with non blocking IO */ if (RECORD_LAYER_write_pending(&s->rlayer)) - return (ssl3_write_pending(s, type, buf, totlen)); + return ssl3_write_pending(s, type, buf, totlen, written); /* If we have an alert to send, lets send it */ if (s->s3->alert_dispatch) { @@ -678,6 +678,7 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, clear = s->enc_write_ctx ? 0 : 1; /* must be AEAD cipher */ mac_size = 0; } else { + /* TODO(siz_t): Convert me */ mac_size = EVP_MD_CTX_size(s->write_hash); if (mac_size < 0) goto err; @@ -699,10 +700,11 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, * 'prefix_len' bytes are sent out later together with the actual * payload) */ - unsigned int tmppipelen = 0; + size_t tmppipelen = 0; + int ret; - prefix_len = do_ssl3_write(s, type, buf, &tmppipelen, 1, 1); - if (prefix_len <= 0) + ret = do_ssl3_write(s, type, buf, &tmppipelen, 1, 1, &prefix_len); + if (ret <= 0) goto err; if (prefix_len > @@ -749,6 +751,7 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, if (s->enc_write_ctx && SSL_USE_EXPLICIT_IV(s)) { int mode = EVP_CIPHER_CTX_mode(s->enc_write_ctx); if (mode == EVP_CIPH_CBC_MODE) { + /* TODO(size_t): Convert me */ eivlen = EVP_CIPHER_CTX_iv_length(s->enc_write_ctx); if (eivlen <= 1) eivlen = 0; @@ -868,7 +871,8 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, SSLerr(SSL_F_DO_SSL3_WRITE, ERR_R_INTERNAL_ERROR); goto err; } - return SSL3_RECORD_get_length(wr); + *written = SSL3_RECORD_get_length(wr); + return 1; } /* now let's set up wb */ @@ -886,7 +890,7 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, s->rlayer.wpend_ret = totlen; /* we now just need to write the buffer */ - return ssl3_write_pending(s, type, buf, totlen); + return ssl3_write_pending(s, type, buf, totlen, written); err: return -1; } @@ -894,24 +898,24 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, /* if s->s3->wbuf.left != 0, we need to call this * * Return values are as per SSL_read(), i.e. - * >0 The number of read bytes + * 1 Success * 0 Failure (not retryable) * <0 Failure (may be retryable) */ -int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, - unsigned int len) +int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, size_t len, + size_t *written) { int i; SSL3_BUFFER *wb = s->rlayer.wbuf; - unsigned int currbuf = 0; + size_t currbuf = 0; + size_t tmpwrit; -/* XXXX */ - if ((s->rlayer.wpend_tot > (int)len) + if ((s->rlayer.wpend_tot > len) || ((s->rlayer.wpend_buf != buf) && !(s->mode & SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)) || (s->rlayer.wpend_type != type)) { SSLerr(SSL_F_SSL3_WRITE_PENDING, SSL_R_BAD_WRITE_RETRY); - return (-1); + return -1; } for (;;) { @@ -924,21 +928,25 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, clear_sys_error(); if (s->wbio != NULL) { s->rwstate = SSL_WRITING; + /* TODO(size_t): Convert this call */ i = BIO_write(s->wbio, (char *) &(SSL3_BUFFER_get_buf(&wb[currbuf]) [SSL3_BUFFER_get_offset(&wb[currbuf])]), (unsigned int)SSL3_BUFFER_get_left(&wb[currbuf])); + if (i >= 0) + tmpwrit = i; } else { SSLerr(SSL_F_SSL3_WRITE_PENDING, SSL_R_BIO_NOT_SET); i = -1; } - if (i == (int)SSL3_BUFFER_get_left(&wb[currbuf])) { + if (i > 0 && tmpwrit == SSL3_BUFFER_get_left(&wb[currbuf])) { SSL3_BUFFER_set_left(&wb[currbuf], 0); - SSL3_BUFFER_add_offset(&wb[currbuf], i); + SSL3_BUFFER_add_offset(&wb[currbuf], tmpwrit); if (currbuf + 1 < s->rlayer.numwpipes) continue; s->rwstate = SSL_NOTHING; - return (s->rlayer.wpend_ret); + *written = s->rlayer.wpend_ret; + return 1; } else if (i <= 0) { if (SSL_IS_DTLS(s)) { /* @@ -949,8 +957,8 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, } return -1; } - SSL3_BUFFER_add_offset(&wb[currbuf], i); - SSL3_BUFFER_sub_left(&wb[currbuf], i); + SSL3_BUFFER_add_offset(&wb[currbuf], tmpwrit); + SSL3_BUFFER_sub_left(&wb[currbuf], tmpwrit); } } diff --git a/ssl/record/record.h b/ssl/record/record.h index fc70f8d848..1fe7e3db8f 100644 --- a/ssl/record/record.h +++ b/ssl/record/record.h @@ -145,7 +145,7 @@ typedef struct record_layer_st { /* How many pipelines can be used to read data */ size_t numrpipes; /* How many pipelines can be used to write data */ - unsigned int numwpipes; + size_t numwpipes; /* read IO goes into here */ SSL3_BUFFER rbuf; /* write IO goes into here */ @@ -156,7 +156,7 @@ typedef struct record_layer_st { unsigned char *packet; size_t packet_length; /* number of bytes sent so far */ - unsigned int wnum; + size_t wnum; /* * storage for Alert/Handshake protocol data received but not yet * processed by ssl3_read_bytes: @@ -169,10 +169,10 @@ typedef struct record_layer_st { size_t empty_record_count; /* partial write - check the numbers match */ /* number bytes written */ - int wpend_tot; + size_t wpend_tot; int wpend_type; /* number of bytes submitted */ - int wpend_ret; + size_t wpend_ret; const unsigned char *wpend_buf; unsigned char read_sequence[SEQ_NUM_SIZE]; unsigned char write_sequence[SEQ_NUM_SIZE]; @@ -215,18 +215,19 @@ void RECORD_LAYER_reset_write_sequence(RECORD_LAYER *rl); int RECORD_LAYER_is_sslv2_record(RECORD_LAYER *rl); size_t RECORD_LAYER_get_rrec_length(RECORD_LAYER *rl); __owur int ssl3_pending(const SSL *s); -__owur int ssl3_write_bytes(SSL *s, int type, const void *buf, int len); -__owur int do_ssl3_write(SSL *s, int type, const unsigned char *buf, - unsigned int *pipelens, unsigned int numpipes, - int create_empty_fragment); +__owur int ssl3_write_bytes(SSL *s, int type, const void *buf, size_t len, + size_t *written); +int do_ssl3_write(SSL *s, int type, const unsigned char *buf, + size_t *pipelens, size_t numpipes, + int create_empty_fragment, size_t *written); __owur int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, size_t len, int peek, size_t *read); __owur int ssl3_setup_buffers(SSL *s); __owur int ssl3_enc(SSL *s, SSL3_RECORD *inrecs, unsigned int n_recs, int send); __owur int n_ssl3_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int send); -__owur int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, - unsigned int len); +__owur int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, size_t len, + size_t *written); __owur int tls1_enc(SSL *s, SSL3_RECORD *recs, unsigned int n_recs, int send); __owur int tls1_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int send); int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl); @@ -239,7 +240,8 @@ void DTLS_RECORD_LAYER_set_write_sequence(RECORD_LAYER *rl, unsigned char *seq); __owur int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, size_t len, int peek, size_t *read); -__owur int dtls1_write_bytes(SSL *s, int type, const void *buf, int len); -__owur int do_dtls1_write(SSL *s, int type, const unsigned char *buf, - unsigned int len, int create_empty_fragement); +__owur int dtls1_write_bytes(SSL *s, int type, const void *buf, size_t len, + size_t *written); +int do_dtls1_write(SSL *s, int type, const unsigned char *buf, + size_t len, int create_empty_fragment, size_t *written); void dtls1_reset_seq_numbers(SSL *s, int rw); diff --git a/ssl/record/record_locl.h b/ssl/record/record_locl.h index ffd1e51dfa..0c9df3e6b0 100644 --- a/ssl/record/record_locl.h +++ b/ssl/record/record_locl.h @@ -73,7 +73,7 @@ void SSL3_BUFFER_clear(SSL3_BUFFER *b); void SSL3_BUFFER_set_data(SSL3_BUFFER *b, const unsigned char *d, size_t n); void SSL3_BUFFER_release(SSL3_BUFFER *b); __owur int ssl3_setup_read_buffer(SSL *s); -__owur int ssl3_setup_write_buffer(SSL *s, unsigned int numwpipes, size_t len); +__owur int ssl3_setup_write_buffer(SSL *s, size_t numwpipes, size_t len); int ssl3_release_read_buffer(SSL *s); int ssl3_release_write_buffer(SSL *s); diff --git a/ssl/record/ssl3_buffer.c b/ssl/record/ssl3_buffer.c index 8a2a6e473d..1252310394 100644 --- a/ssl/record/ssl3_buffer.c +++ b/ssl/record/ssl3_buffer.c @@ -74,12 +74,12 @@ int ssl3_setup_read_buffer(SSL *s) return 0; } -int ssl3_setup_write_buffer(SSL *s, unsigned int numwpipes, size_t len) +int ssl3_setup_write_buffer(SSL *s, size_t numwpipes, size_t len) { unsigned char *p; size_t align = 0, headerlen; SSL3_BUFFER *wb; - unsigned int currpipe; + size_t currpipe; s->rlayer.numwpipes = numwpipes; diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 56bd34a3d1..f32b68a0b3 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -356,13 +356,18 @@ void ssl3_free_digest_list(SSL *s) s->s3->handshake_dgst = NULL; } -int ssl3_finish_mac(SSL *s, const unsigned char *buf, int len) +int ssl3_finish_mac(SSL *s, const unsigned char *buf, size_t len) { - if (s->s3->handshake_dgst == NULL) + if (s->s3->handshake_dgst == NULL) { + int ret; /* Note: this writes to a memory BIO so a failure is a fatal error */ - return BIO_write(s->s3->handshake_buffer, (void *)buf, len) == len; - else + if (len > INT_MAX) + return 0; + ret = BIO_write(s->s3->handshake_buffer, (void *)buf, (int)len); + return ret > 0 && ret == (int)len; + } else { return EVP_DigestUpdate(s->s3->handshake_dgst, buf, len); + } } int ssl3_digest_cached_records(SSL *s, int keep) diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 37dea73b24..52f9214c3d 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3829,13 +3829,14 @@ int ssl3_shutdown(SSL *s) return (0); } -int ssl3_write(SSL *s, const void *buf, int len) +int ssl3_write(SSL *s, const void *buf, size_t len, size_t *written) { clear_sys_error(); if (s->s3->renegotiate) ssl3_renegotiate_check(s); - return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len); + return s->method->ssl_write_bytes(s, SSL3_RT_APPLICATION_DATA, buf, len, + written); } static int ssl3_read_internal(SSL *s, void *buf, size_t len, int peek, diff --git a/ssl/s3_msg.c b/ssl/s3_msg.c index 82513d2590..a39994eaff 100644 --- a/ssl/s3_msg.c +++ b/ssl/s3_msg.c @@ -90,12 +90,14 @@ int ssl3_send_alert(SSL *s, int level, int desc) int ssl3_dispatch_alert(SSL *s) { int i, j; - unsigned int alertlen; + size_t alertlen; void (*cb) (const SSL *ssl, int type, int val) = NULL; + size_t written; s->s3->alert_dispatch = 0; alertlen = 2; - i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], &alertlen, 1, 0); + i = do_ssl3_write(s, SSL3_RT_ALERT, &s->s3->send_alert[0], &alertlen, 1, 0, + &written); if (i <= 0) { s->s3->alert_dispatch = 1; } else { @@ -121,5 +123,5 @@ int ssl3_dispatch_alert(SSL *s) cb(s, SSL_CB_WRITE_ALERT, j); } } - return (i); + return i; } diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index eac03a4ac5..5c2e961096 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -229,6 +229,7 @@ static ERR_STRING_DATA SSL_str_functs[] = { {ERR_FUNC(SSL_F_SSL_VALIDATE_CT), "ssl_validate_ct"}, {ERR_FUNC(SSL_F_SSL_VERIFY_CERT_CHAIN), "ssl_verify_cert_chain"}, {ERR_FUNC(SSL_F_SSL_WRITE), "SSL_write"}, + {ERR_FUNC(SSL_F_SSL_WRITE_EX), "SSL_write_ex"}, {ERR_FUNC(SSL_F_STATE_MACHINE), "state_machine"}, {ERR_FUNC(SSL_F_TLS12_CHECK_PEER_SIGALG), "tls12_check_peer_sigalg"}, {ERR_FUNC(SSL_F_TLS1_CHANGE_CIPHER_STATE), "tls1_change_cipher_state"}, diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 30b1d6b860..a26e352b29 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -85,7 +85,7 @@ struct ssl_async_args { enum { READFUNC, WRITEFUNC, OTHERFUNC } type; union { int (*func_read) (SSL *, void *, size_t, size_t *); - int (*func_write) (SSL *, const void *, int); + int (*func_write) (SSL *, const void *, size_t, size_t *); int (*func_other) (SSL *); } f; }; @@ -1517,9 +1517,9 @@ static int ssl_io_intern(void *vargs) num = args->num; switch (args->type) { case READFUNC: - return args->f.func_read(s, buf, num, &s->asyncread); + return args->f.func_read(s, buf, num, &s->asyncrw); case WRITEFUNC: - return args->f.func_write(s, buf, num); + return args->f.func_write(s, buf, num, &s->asyncrw); case OTHERFUNC: return args->f.func_other(s); } @@ -1571,7 +1571,7 @@ int SSL_read_ex(SSL *s, void *buf, size_t num, size_t *read) args.f.func_read = s->method->ssl_read; ret = ssl_start_async_job(s, &args, ssl_io_intern); - *read = s->asyncread; + *read = s->asyncrw; return ret; } else { return s->method->ssl_read(s, buf, num, read); @@ -1621,7 +1621,7 @@ int SSL_peek_ex(SSL *s, void *buf, size_t num, size_t *read) args.f.func_read = s->method->ssl_peek; ret = ssl_start_async_job(s, &args, ssl_io_intern); - *read = s->asyncread; + *read = s->asyncrw; return ret; } else { return s->method->ssl_peek(s, buf, num, read); @@ -1630,18 +1630,41 @@ int SSL_peek_ex(SSL *s, void *buf, size_t num, size_t *read) int SSL_write(SSL *s, const void *buf, int num) { + int ret; + size_t written; + + if (num < 0) { + SSLerr(SSL_F_SSL_WRITE, SSL_R_BAD_LENGTH); + return -1; + } + + ret = SSL_write_ex(s, buf, (size_t)num, &written); + + /* + * The cast is safe here because ret should be <= INT_MAX because num is + * <= INT_MAX + */ + if (ret > 0) + ret = (int)written; + + return ret; +} + +int SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *written) +{ if (s->handshake_func == NULL) { - SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED); + SSLerr(SSL_F_SSL_WRITE_EX, SSL_R_UNINITIALIZED); return -1; } if (s->shutdown & SSL_SENT_SHUTDOWN) { s->rwstate = SSL_NOTHING; - SSLerr(SSL_F_SSL_WRITE, SSL_R_PROTOCOL_IS_SHUTDOWN); + SSLerr(SSL_F_SSL_WRITE_EX, SSL_R_PROTOCOL_IS_SHUTDOWN); return (-1); } if ((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) { + int ret; struct ssl_async_args args; args.s = s; @@ -1650,9 +1673,11 @@ int SSL_write(SSL *s, const void *buf, int num) args.type = WRITEFUNC; args.f.func_write = s->method->ssl_write; - return ssl_start_async_job(s, &args, ssl_io_intern); + ret = ssl_start_async_job(s, &args, ssl_io_intern); + *written = s->asyncrw; + return ret; } else { - return s->method->ssl_write(s, buf, num); + return s->method->ssl_write(s, buf, num, written); } } @@ -1751,7 +1776,7 @@ long SSL_ctrl(SSL *s, int cmd, long larg, void *parg) s->split_send_fragment = s->max_send_fragment; return 1; case SSL_CTRL_SET_SPLIT_SEND_FRAGMENT: - if ((unsigned int)larg > s->max_send_fragment || larg == 0) + if ((size_t)l |