kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Quellcode durchsuchen

Remove the free_buffer parameter to release_current_message. 

With on_handshake_complete, this can be managed internally by the TLS
code. The next commit will add a ton more calls to this function.

Change-Id: I91575d3e4bfcccbbe492017ae33c74b8cc1d1340
Reviewed-on: https://boringssl-review.googlesource.com/18865
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
kris/onging/CECPQ3_patch15
David Benjamin vor 7 Jahren
committed by Steven Valdez
Ursprung
9bbdf5832d
Commit
e3dee27f9c
9 geänderte Dateien mit 38 neuen und 31 gelöschten Zeilen
Geteilte Ansicht
Diff-Optionen
Statistiken anzeigen Patch-Datei herunterladen Vergleichs-Datei herunterladen
  1. +2
    -2
      ssl/d1_both.cc
  2. +1
    -0
      ssl/dtls_method.cc
  3. +0
    -1
      ssl/handshake_client.cc
  4. +0
    -1
      ssl/handshake_server.cc
  5. +5
    -5
      ssl/internal.h
  6. +23
    -19
      ssl/s3_both.cc
  7. +1
    -1
      ssl/s3_pkt.cc
  8. +1
    -1
      ssl/ssl_lib.cc
  9. +5
    -1
      ssl/tls_method.cc

+ 2
- 2
ssl/d1_both.cc Datei anzeigen

@@ -425,7 +425,7 @@ int dtls1_get_message(SSL *ssl) {
assert(ssl->init_msg != NULL);
ssl->s3->tmp.reuse_message = 0;
} else {
dtls1_release_current_message(ssl, 0 /* don't free buffer */);
dtls1_release_current_message(ssl);
}

/* Process handshake records until the current message is ready. */
@@ -463,7 +463,7 @@ void dtls1_get_current_message(const SSL *ssl, CBS *out) {
CBS_init(out, frag->data, DTLS1_HM_HEADER_LENGTH + frag->msg_len);
}

void dtls1_release_current_message(SSL *ssl, int free_buffer) {
void dtls1_release_current_message(SSL *ssl) {
if (ssl->init_msg == NULL) {
return;
}


+ 1
- 0
ssl/dtls_method.cc Datei anzeigen

@@ -73,6 +73,7 @@ static int dtls1_supports_cipher(const SSL_CIPHER *cipher) {
}

static void dtls1_on_handshake_complete(SSL *ssl) {
dtls1_release_current_message(ssl);
/* If we wrote the last flight, we'll have a timer left over without waiting
* for a read. Stop the timer but leave the flight around for post-handshake
* transmission logic. */


+ 0
- 1
ssl/handshake_client.cc Datei anzeigen

@@ -492,7 +492,6 @@ int ssl3_connect(SSL_HANDSHAKE *hs) {

case SSL3_ST_FINISH_CLIENT_HANDSHAKE:
ssl->method->on_handshake_complete(ssl);
ssl->method->release_current_message(ssl, 1 /* free_buffer */);

SSL_SESSION_free(ssl->s3->established_session);
if (ssl->session != NULL) {


+ 0
- 1
ssl/handshake_server.cc Datei anzeigen

@@ -418,7 +418,6 @@ int ssl3_accept(SSL_HANDSHAKE *hs) {

case SSL_ST_OK:
ssl->method->on_handshake_complete(ssl);
ssl->method->release_current_message(ssl, 1 /* free_buffer */);

/* If we aren't retaining peer certificates then we can discard it
* now. */


+ 5
- 5
ssl/internal.h Datei anzeigen

@@ -2137,7 +2137,7 @@ int ssl3_get_finished(SSL_HANDSHAKE *hs);
int ssl3_send_alert(SSL *ssl, int level, int desc);
int ssl3_get_message(SSL *ssl);
void ssl3_get_current_message(const SSL *ssl, CBS *out);
void ssl3_release_current_message(SSL *ssl, int free_buffer);
void ssl3_release_current_message(SSL *ssl);

int ssl3_send_finished(SSL_HANDSHAKE *hs);
int ssl3_dispatch_alert(SSL *ssl);
@@ -2216,7 +2216,7 @@ void dtls1_free(SSL *ssl);

int dtls1_get_message(SSL *ssl);
void dtls1_get_current_message(const SSL *ssl, CBS *out);
void dtls1_release_current_message(SSL *ssl, int free_buffer);
void dtls1_release_current_message(SSL *ssl);
int dtls1_dispatch_alert(SSL *ssl);

int tls1_change_cipher_state(SSL_HANDSHAKE *hs, int which);
@@ -2362,9 +2362,9 @@ struct ssl_protocol_method_st {
/* get_current_message sets |*out| to the current handshake message. This
* includes the protocol-specific message header. */
void (*get_current_message)(const SSL *ssl, CBS *out);
/* release_current_message is called to release the current handshake message.
* If |free_buffer| is one, buffers will also be released. */
void (*release_current_message)(SSL *ssl, int free_buffer);
/* release_current_message is called to release the current handshake
* message. */
void (*release_current_message)(SSL *ssl);
/* read_app_data reads up to |len| bytes of application data into |buf|. On
* success, it returns the number of bytes read. Otherwise, it returns <= 0
* and sets |*out_got_handshake| to whether the failure was due to a


+ 23
- 19
ssl/s3_both.cc Datei anzeigen

@@ -683,6 +683,14 @@ static int read_v2_client_hello(SSL *ssl) {
}

int ssl3_get_message(SSL *ssl) {
if (ssl->s3->tmp.reuse_message) {
/* There must be a current message. */
assert(ssl->init_msg != NULL);
ssl->s3->tmp.reuse_message = 0;
} else {
ssl3_release_current_message(ssl);
}

/* Re-create the handshake buffer if needed. */
if (ssl->init_buf == NULL) {
ssl->init_buf = BUF_MEM_new();
@@ -700,14 +708,6 @@ int ssl3_get_message(SSL *ssl) {
ssl->s3->v2_hello_done = 1;
}

if (ssl->s3->tmp.reuse_message) {
/* There must be a current message. */
assert(ssl->init_msg != NULL);
ssl->s3->tmp.reuse_message = 0;
} else {
ssl3_release_current_message(ssl, 0 /* don't free buffer */);
}

/* Read the message header, if we haven't yet. */
int ret = extend_handshake_buffer(ssl, SSL3_HM_HEADER_LENGTH);
if (ret <= 0) {
@@ -757,19 +757,23 @@ int ssl_hash_current_message(SSL_HANDSHAKE *hs) {
return hs->transcript.Update(CBS_data(&cbs), CBS_len(&cbs));
}

void ssl3_release_current_message(SSL *ssl, int free_buffer) {
if (ssl->init_msg != NULL) {
/* |init_buf| never contains data beyond the current message. */
assert(SSL3_HM_HEADER_LENGTH + ssl->init_num == ssl->init_buf->length);

/* Clear the current message. */
ssl->init_msg = NULL;
ssl->init_num = 0;
ssl->init_buf->length = 0;
ssl->s3->is_v2_hello = 0;
void ssl3_release_current_message(SSL *ssl) {
if (ssl->init_msg == NULL) {
return;
}

if (free_buffer) {
/* |init_buf| never contains data beyond the current message. */
assert(SSL3_HM_HEADER_LENGTH + ssl->init_num == ssl->init_buf->length);

/* Clear the current message. */
ssl->init_msg = NULL;
ssl->init_num = 0;
ssl->init_buf->length = 0;
ssl->s3->is_v2_hello = 0;

/* Post-handshake messages are rare, so release the buffer after every
* message. During the handshake, |on_handshake_complete| will release it. */
if (!SSL_in_init(ssl)) {
BUF_MEM_free(ssl->init_buf);
ssl->init_buf = NULL;
}


+ 1
- 1
ssl/s3_pkt.cc Datei anzeigen

@@ -377,7 +377,7 @@ int ssl3_read_app_data(SSL *ssl, int *out_got_handshake, uint8_t *buf, int len,
assert(!ssl->s3->aead_read_ctx->is_null_cipher());
*out_got_handshake = 0;

ssl->method->release_current_message(ssl, 0 /* don't free buffer */);
ssl->method->release_current_message(ssl);

SSL3_RECORD *rr = &ssl->s3->rrec;



+ 1
- 1
ssl/ssl_lib.cc Datei anzeigen

@@ -942,7 +942,7 @@ static int ssl_read_impl(SSL *ssl, void *buf, int num, int peek) {
if (!ssl_do_post_handshake(ssl)) {
return -1;
}
ssl->method->release_current_message(ssl, 1 /* free buffer */);
ssl->method->release_current_message(ssl);
}
}



+ 5
- 1
ssl/tls_method.cc Datei anzeigen

@@ -69,7 +69,11 @@ namespace bssl {

static int ssl3_supports_cipher(const SSL_CIPHER *cipher) { return 1; }

static void ssl3_on_handshake_complete(SSL *ssl) {}
static void ssl3_on_handshake_complete(SSL *ssl) {
ssl3_release_current_message(ssl);
BUF_MEM_free(ssl->init_buf);
ssl->init_buf = NULL;
}

static int ssl3_set_read_state(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx) {
if (ssl->s3->rrec.length != 0) {


Verfassen Vorschau
Laden…
Abbrechen
Speichern