From ce079fda12a6fca06ec459c2d148fd1537d435b9 Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Tue, 2 Aug 2016 16:22:34 -0400 Subject: [PATCH] Add SSL_is_dtls. OpenSSL 1.1.0 added a function to tell if an SSL* is DTLS or not. This is probably a good idea, especially since SSL_version returns non-normalized versions. BUG=91 Change-Id: I25c6cf08b2ebabf0c610c74691de103399f729bc Reviewed-on: https://boringssl-review.googlesource.com/9077 Reviewed-by: Steven Valdez Reviewed-by: David Benjamin Commit-Queue: David Benjamin CQ-Verified: CQ bot account: commit-bot@chromium.org --- include/openssl/ssl.h | 5 ++++- ssl/d1_lib.c | 4 ++-- ssl/handshake_client.c | 10 +++++----- ssl/handshake_server.c | 2 +- ssl/internal.h | 3 --- ssl/ssl_buffer.c | 10 +++++----- ssl/ssl_lib.c | 16 +++++++++------- ssl/t1_lib.c | 18 +++++++++--------- ssl/tls_record.c | 8 ++++---- 9 files changed, 39 insertions(+), 37 deletions(-) diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 8a1eb4ce..0ec3b585 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -231,7 +231,10 @@ OPENSSL_EXPORT void SSL_set_accept_state(SSL *ssl); /* SSL_is_server returns one if |ssl| is configured as a server and zero * otherwise. */ -OPENSSL_EXPORT int SSL_is_server(SSL *ssl); +OPENSSL_EXPORT int SSL_is_server(const SSL *ssl); + +/* SSL_is_dtls returns one if |ssl| is a DTLS connection and zero otherwise. */ +OPENSSL_EXPORT int SSL_is_dtls(const SSL *ssl); /* SSL_set_bio configures |ssl| to read from |rbio| and write to |wbio|. |ssl| * takes ownership of the two |BIO|s. If |rbio| and |wbio| are the same, |ssl| diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index a38d3bb1..901168c7 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -153,7 +153,7 @@ void dtls1_start_timer(SSL *ssl) { } int DTLSv1_get_timeout(const SSL *ssl, struct timeval *out) { - if (!SSL_IS_DTLS(ssl)) { + if (!SSL_is_dtls(ssl)) { return 0; } @@ -254,7 +254,7 @@ int DTLSv1_handle_timeout(SSL *ssl) { /* Functions which use SSL_get_error must clear the error queue on entry. */ ERR_clear_error(); - if (!SSL_IS_DTLS(ssl)) { + if (!SSL_is_dtls(ssl)) { return -1; } diff --git a/ssl/handshake_client.c b/ssl/handshake_client.c index d4344874..396a66d4 100644 --- a/ssl/handshake_client.c +++ b/ssl/handshake_client.c @@ -221,7 +221,7 @@ int ssl3_connect(SSL *ssl) { goto end; } - if (!SSL_IS_DTLS(ssl) || ssl->d1->send_cookie) { + if (!SSL_is_dtls(ssl) || ssl->d1->send_cookie) { ssl->s3->tmp.next_state = SSL3_ST_CR_SRVR_HELLO_A; } else { ssl->s3->tmp.next_state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A; @@ -230,7 +230,7 @@ int ssl3_connect(SSL *ssl) { break; case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: - assert(SSL_IS_DTLS(ssl)); + assert(SSL_is_dtls(ssl)); ret = dtls1_get_hello_verify(ssl); if (ret <= 0) { goto end; @@ -655,7 +655,7 @@ int ssl_add_client_hello_body(SSL *ssl, CBB *body) { return 0; } - if (SSL_IS_DTLS(ssl)) { + if (SSL_is_dtls(ssl)) { if (!CBB_add_u8_length_prefixed(body, &child) || !CBB_add_bytes(&child, ssl->d1->cookie, ssl->d1->cookie_len)) { return 0; @@ -663,7 +663,7 @@ int ssl_add_client_hello_body(SSL *ssl, CBB *body) { } size_t header_len = - SSL_IS_DTLS(ssl) ? DTLS1_HM_HEADER_LENGTH : SSL3_HM_HEADER_LENGTH; + SSL_is_dtls(ssl) ? DTLS1_HM_HEADER_LENGTH : SSL3_HM_HEADER_LENGTH; if (!ssl_write_client_cipher_list(ssl, body, min_version, max_version, real_max_version) || !CBB_add_u8(body, 1 /* one compression method */) || @@ -719,7 +719,7 @@ static int ssl3_send_client_hello(SSL *ssl) { /* If resending the ClientHello in DTLS after a HelloVerifyRequest, don't * renegerate the client_random. The random must be reused. */ - if ((!SSL_IS_DTLS(ssl) || !ssl->d1->send_cookie) && + if ((!SSL_is_dtls(ssl) || !ssl->d1->send_cookie) && !RAND_bytes(ssl->s3->client_random, sizeof(ssl->s3->client_random))) { goto err; } diff --git a/ssl/handshake_server.c b/ssl/handshake_server.c index 81109190..dbf34e98 100644 --- a/ssl/handshake_server.c +++ b/ssl/handshake_server.c @@ -652,7 +652,7 @@ static int ssl3_get_client_hello(SSL *ssl) { /* Load the client random. */ memcpy(ssl->s3->client_random, CBS_data(&client_random), SSL3_RANDOM_SIZE); - if (SSL_IS_DTLS(ssl)) { + if (SSL_is_dtls(ssl)) { CBS cookie; if (!CBS_get_u8_length_prefixed(&client_hello, &cookie) || diff --git a/ssl/internal.h b/ssl/internal.h index fe8bbf5a..010c1c25 100644 --- a/ssl/internal.h +++ b/ssl/internal.h @@ -961,9 +961,6 @@ int ssl_log_secret(const SSL *ssl, const char *label, const uint8_t *secret, #define TLSEXT_CHANNEL_ID_SIZE 128 -/* Check if an SSL structure is using DTLS */ -#define SSL_IS_DTLS(ssl) (ssl->method->is_dtls) - /* From RFC4492, used in encoding the curve type in ECParameters */ #define NAMED_CURVE_TYPE 3 diff --git a/ssl/ssl_buffer.c b/ssl/ssl_buffer.c index a3cf360b..7feb1615 100644 --- a/ssl/ssl_buffer.c +++ b/ssl/ssl_buffer.c @@ -85,7 +85,7 @@ static int setup_read_buffer(SSL *ssl) { size_t header_len = ssl_record_prefix_len(ssl); size_t cap = SSL3_RT_MAX_ENCRYPTED_LENGTH; - if (SSL_IS_DTLS(ssl)) { + if (SSL_is_dtls(ssl)) { cap += DTLS1_RT_HEADER_LENGTH; } else { cap += SSL3_RT_HEADER_LENGTH; @@ -163,7 +163,7 @@ int ssl_read_buffer_extend_to(SSL *ssl, size_t len) { } int ret; - if (SSL_IS_DTLS(ssl)) { + if (SSL_is_dtls(ssl)) { /* |len| is ignored for a datagram transport. */ ret = dtls_read_buffer_next_packet(ssl); } else { @@ -188,7 +188,7 @@ void ssl_read_buffer_consume(SSL *ssl, size_t len) { * |ssl_read_buffer_discard| will require a |memcpy| to shift the excess back * to the front of the buffer, to ensure there is enough space for the next * record. */ - assert(SSL_IS_DTLS(ssl) || len == 0 || buf->len == 0); + assert(SSL_is_dtls(ssl) || len == 0 || buf->len == 0); } void ssl_read_buffer_discard(SSL *ssl) { @@ -229,7 +229,7 @@ int ssl_write_buffer_init(SSL *ssl, uint8_t **out_ptr, size_t max_len) { /* TODO(davidben): This matches the original behavior in keeping the malloc * size consistent. Does this matter? |cap| could just be |max_len|. */ size_t cap = SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD; - if (SSL_IS_DTLS(ssl)) { + if (SSL_is_dtls(ssl)) { cap += DTLS1_RT_HEADER_LENGTH; } else { cap += SSL3_RT_HEADER_LENGTH; @@ -299,7 +299,7 @@ int ssl_write_buffer_flush(SSL *ssl) { return -1; } - if (SSL_IS_DTLS(ssl)) { + if (SSL_is_dtls(ssl)) { return dtls_write_buffer_flush(ssl); } else { return tls_write_buffer_flush(ssl); diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 294f95dc..9fe78dfb 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1375,7 +1375,7 @@ int SSL_set_max_send_fragment(SSL *ssl, size_t max_send_fragment) { } int SSL_set_mtu(SSL *ssl, unsigned mtu) { - if (!SSL_IS_DTLS(ssl) || mtu < dtls1_min_mtu()) { + if (!SSL_is_dtls(ssl) || mtu < dtls1_min_mtu()) { return 0; } ssl->d1->mtu = mtu; @@ -2644,7 +2644,7 @@ int ssl3_can_false_start(const SSL *ssl) { const SSL_CIPHER *const cipher = SSL_get_current_cipher(ssl); /* False Start only for TLS 1.2 with an ECDHE+AEAD cipher and ALPN or NPN. */ - return !SSL_IS_DTLS(ssl) && + return !SSL_is_dtls(ssl) && SSL_version(ssl) == TLS1_2_VERSION && (ssl->s3->alpn_selected || ssl->s3->next_proto_neg_seen) && cipher != NULL && @@ -2688,7 +2688,7 @@ int ssl_get_full_version_range(const SSL *ssl, uint16_t *out_min_version, /* For historical reasons, |SSL_OP_NO_DTLSv1| aliases |SSL_OP_NO_TLSv1|, but * DTLS 1.0 should be mapped to TLS 1.1. */ uint32_t options = ssl->options; - if (SSL_IS_DTLS(ssl)) { + if (SSL_is_dtls(ssl)) { options &= ~SSL_OP_NO_TLSv1_1; if (options & SSL_OP_NO_DTLSv1) { options |= SSL_OP_NO_TLSv1_1; @@ -2775,7 +2775,9 @@ uint16_t ssl3_protocol_version(const SSL *ssl) { return ssl->method->version_from_wire(ssl->version); } -int SSL_is_server(SSL *ssl) { return ssl->server; } +int SSL_is_server(const SSL *ssl) { return ssl->server; } + +int SSL_is_dtls(const SSL *ssl) { return ssl->method->is_dtls; } void SSL_CTX_set_select_certificate_cb( SSL_CTX *ctx, int (*cb)(const struct ssl_early_callback_ctx *)) { @@ -2833,7 +2835,7 @@ static uint64_t be_to_u64(const uint8_t in[8]) { uint64_t SSL_get_read_sequence(const SSL *ssl) { /* TODO(davidben): Internally represent sequence numbers as uint64_t. */ - if (SSL_IS_DTLS(ssl)) { + if (SSL_is_dtls(ssl)) { /* max_seq_num already includes the epoch. */ assert(ssl->d1->r_epoch == (ssl->d1->bitmap.max_seq_num >> 48)); return ssl->d1->bitmap.max_seq_num; @@ -2843,7 +2845,7 @@ uint64_t SSL_get_read_sequence(const SSL *ssl) { uint64_t SSL_get_write_sequence(const SSL *ssl) { uint64_t ret = be_to_u64(ssl->s3->write_sequence); - if (SSL_IS_DTLS(ssl)) { + if (SSL_is_dtls(ssl)) { assert((ret >> 48) == 0); ret |= ((uint64_t)ssl->d1->w_epoch) << 48; } @@ -2938,7 +2940,7 @@ int SSL_clear(SSL *ssl) { return 0; } - if (SSL_IS_DTLS(ssl) && (SSL_get_options(ssl) & SSL_OP_NO_QUERY_MTU)) { + if (SSL_is_dtls(ssl) && (SSL_get_options(ssl) & SSL_OP_NO_QUERY_MTU)) { ssl->d1->mtu = mtu; } diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index e35a38c8..eef0d837 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -225,7 +225,7 @@ int ssl_early_callback_init(SSL *ssl, struct ssl_early_callback_ctx *ctx, ctx->session_id_len = CBS_len(&session_id); /* Skip past DTLS cookie */ - if (SSL_IS_DTLS(ctx->ssl)) { + if (SSL_is_dtls(ctx->ssl)) { CBS cookie; if (!CBS_get_u8_length_prefixed(&client_hello, &cookie)) { @@ -1279,7 +1279,7 @@ static int ext_npn_add_clienthello(SSL *ssl, CBB *out) { if (ssl->s3->initial_handshake_complete || ssl->ctx->next_proto_select_cb == NULL || (ssl->options & SSL_OP_DISABLE_NPN) || - SSL_IS_DTLS(ssl)) { + SSL_is_dtls(ssl)) { return 1; } @@ -1305,7 +1305,7 @@ static int ext_npn_parse_serverhello(SSL *ssl, uint8_t *out_alert, * extension in the ClientHello and thus this function should never have been * called. */ assert(!ssl->s3->initial_handshake_complete); - assert(!SSL_IS_DTLS(ssl)); + assert(!SSL_is_dtls(ssl)); assert(ssl->ctx->next_proto_select_cb != NULL); assert(!(ssl->options & SSL_OP_DISABLE_NPN)); @@ -1366,7 +1366,7 @@ static int ext_npn_parse_clienthello(SSL *ssl, uint8_t *out_alert, * |next_proto_neg_seen|. */ ssl->s3->alpn_selected != NULL || ssl->ctx->next_protos_advertised_cb == NULL || - SSL_IS_DTLS(ssl)) { + SSL_is_dtls(ssl)) { return 1; } @@ -1615,7 +1615,7 @@ static void ext_channel_id_init(SSL *ssl) { static int ext_channel_id_add_clienthello(SSL *ssl, CBB *out) { if (!ssl->tlsext_channel_id_enabled || - SSL_IS_DTLS(ssl)) { + SSL_is_dtls(ssl)) { return 1; } @@ -1637,7 +1637,7 @@ static int ext_channel_id_parse_serverhello(SSL *ssl, uint8_t *out_alert, return 0; } - assert(!SSL_IS_DTLS(ssl)); + assert(!SSL_is_dtls(ssl)); assert(ssl->tlsext_channel_id_enabled); if (CBS_len(contents) != 0) { @@ -1652,7 +1652,7 @@ static int ext_channel_id_parse_clienthello(SSL *ssl, uint8_t *out_alert, CBS *contents) { if (contents == NULL || !ssl->tlsext_channel_id_enabled || - SSL_IS_DTLS(ssl)) { + SSL_is_dtls(ssl)) { return 1; } @@ -1840,7 +1840,7 @@ static int ext_srtp_add_serverhello(SSL *ssl, CBB *out) { * https://tools.ietf.org/html/rfc4492#section-5.1.2 */ static int ssl_any_ec_cipher_suites_enabled(const SSL *ssl) { - if (ssl->version < TLS1_VERSION && !SSL_IS_DTLS(ssl)) { + if (ssl->version < TLS1_VERSION && !SSL_is_dtls(ssl)) { return 0; } @@ -2424,7 +2424,7 @@ int ssl_add_clienthello_tlsext(SSL *ssl, CBB *out, size_t header_len) { goto err; } - if (!SSL_IS_DTLS(ssl)) { + if (!SSL_is_dtls(ssl)) { header_len += 2 + CBB_len(&extensions); if (header_len > 0xff && header_len < 0x200) { /* Add padding to workaround bugs in F5 terminators. See RFC 7685. diff --git a/ssl/tls_record.c b/ssl/tls_record.c index 38979589..8289b2a5 100644 --- a/ssl/tls_record.c +++ b/ssl/tls_record.c @@ -151,7 +151,7 @@ int ssl_record_sequence_update(uint8_t *seq, size_t seq_len) { } size_t ssl_record_prefix_len(const SSL *ssl) { - if (SSL_IS_DTLS(ssl)) { + if (SSL_is_dtls(ssl)) { return DTLS1_RT_HEADER_LENGTH + SSL_AEAD_CTX_explicit_nonce_len(ssl->s3->aead_read_ctx); } else { @@ -161,7 +161,7 @@ size_t ssl_record_prefix_len(const SSL *ssl) { } size_t ssl_seal_align_prefix_len(const SSL *ssl) { - if (SSL_IS_DTLS(ssl)) { + if (SSL_is_dtls(ssl)) { return DTLS1_RT_HEADER_LENGTH + SSL_AEAD_CTX_explicit_nonce_len(ssl->s3->aead_write_ctx); } else { @@ -177,7 +177,7 @@ size_t ssl_seal_align_prefix_len(const SSL *ssl) { size_t ssl_max_seal_overhead(const SSL *ssl) { size_t ret = SSL_AEAD_CTX_max_overhead(ssl->s3->aead_write_ctx); - if (SSL_IS_DTLS(ssl)) { + if (SSL_is_dtls(ssl)) { ret += DTLS1_RT_HEADER_LENGTH; } else { ret += SSL3_RT_HEADER_LENGTH; @@ -187,7 +187,7 @@ size_t ssl_max_seal_overhead(const SSL *ssl) { ssl3_protocol_version(ssl) >= TLS1_3_VERSION) { ret += 1; } - if (!SSL_IS_DTLS(ssl) && ssl_needs_record_splitting(ssl)) { + if (!SSL_is_dtls(ssl) && ssl_needs_record_splitting(ssl)) { ret *= 2; } return ret;