Remove the free_buffer parameter to release_current_message.
With on_handshake_complete, this can be managed internally by the TLS code. The next commit will add a ton more calls to this function. Change-Id: I91575d3e4bfcccbbe492017ae33c74b8cc1d1340 Reviewed-on: https://boringssl-review.googlesource.com/18865 Commit-Queue: Steven Valdez <svaldez@google.com> Reviewed-by: Steven Valdez <svaldez@google.com>
This commit is contained in:
parent
9bbdf5832d
commit
e3dee27f9c
@ -425,7 +425,7 @@ int dtls1_get_message(SSL *ssl) {
|
||||
assert(ssl->init_msg != NULL);
|
||||
ssl->s3->tmp.reuse_message = 0;
|
||||
} else {
|
||||
dtls1_release_current_message(ssl, 0 /* don't free buffer */);
|
||||
dtls1_release_current_message(ssl);
|
||||
}
|
||||
|
||||
/* Process handshake records until the current message is ready. */
|
||||
@ -463,7 +463,7 @@ void dtls1_get_current_message(const SSL *ssl, CBS *out) {
|
||||
CBS_init(out, frag->data, DTLS1_HM_HEADER_LENGTH + frag->msg_len);
|
||||
}
|
||||
|
||||
void dtls1_release_current_message(SSL *ssl, int free_buffer) {
|
||||
void dtls1_release_current_message(SSL *ssl) {
|
||||
if (ssl->init_msg == NULL) {
|
||||
return;
|
||||
}
|
||||
|
@ -73,6 +73,7 @@ static int dtls1_supports_cipher(const SSL_CIPHER *cipher) {
|
||||
}
|
||||
|
||||
static void dtls1_on_handshake_complete(SSL *ssl) {
|
||||
dtls1_release_current_message(ssl);
|
||||
/* If we wrote the last flight, we'll have a timer left over without waiting
|
||||
* for a read. Stop the timer but leave the flight around for post-handshake
|
||||
* transmission logic. */
|
||||
|
@ -492,7 +492,6 @@ int ssl3_connect(SSL_HANDSHAKE *hs) {
|
||||
|
||||
case SSL3_ST_FINISH_CLIENT_HANDSHAKE:
|
||||
ssl->method->on_handshake_complete(ssl);
|
||||
ssl->method->release_current_message(ssl, 1 /* free_buffer */);
|
||||
|
||||
SSL_SESSION_free(ssl->s3->established_session);
|
||||
if (ssl->session != NULL) {
|
||||
|
@ -418,7 +418,6 @@ int ssl3_accept(SSL_HANDSHAKE *hs) {
|
||||
|
||||
case SSL_ST_OK:
|
||||
ssl->method->on_handshake_complete(ssl);
|
||||
ssl->method->release_current_message(ssl, 1 /* free_buffer */);
|
||||
|
||||
/* If we aren't retaining peer certificates then we can discard it
|
||||
* now. */
|
||||
|
@ -2137,7 +2137,7 @@ int ssl3_get_finished(SSL_HANDSHAKE *hs);
|
||||
int ssl3_send_alert(SSL *ssl, int level, int desc);
|
||||
int ssl3_get_message(SSL *ssl);
|
||||
void ssl3_get_current_message(const SSL *ssl, CBS *out);
|
||||
void ssl3_release_current_message(SSL *ssl, int free_buffer);
|
||||
void ssl3_release_current_message(SSL *ssl);
|
||||
|
||||
int ssl3_send_finished(SSL_HANDSHAKE *hs);
|
||||
int ssl3_dispatch_alert(SSL *ssl);
|
||||
@ -2216,7 +2216,7 @@ void dtls1_free(SSL *ssl);
|
||||
|
||||
int dtls1_get_message(SSL *ssl);
|
||||
void dtls1_get_current_message(const SSL *ssl, CBS *out);
|
||||
void dtls1_release_current_message(SSL *ssl, int free_buffer);
|
||||
void dtls1_release_current_message(SSL *ssl);
|
||||
int dtls1_dispatch_alert(SSL *ssl);
|
||||
|
||||
int tls1_change_cipher_state(SSL_HANDSHAKE *hs, int which);
|
||||
@ -2362,9 +2362,9 @@ struct ssl_protocol_method_st {
|
||||
/* get_current_message sets |*out| to the current handshake message. This
|
||||
* includes the protocol-specific message header. */
|
||||
void (*get_current_message)(const SSL *ssl, CBS *out);
|
||||
/* release_current_message is called to release the current handshake message.
|
||||
* If |free_buffer| is one, buffers will also be released. */
|
||||
void (*release_current_message)(SSL *ssl, int free_buffer);
|
||||
/* release_current_message is called to release the current handshake
|
||||
* message. */
|
||||
void (*release_current_message)(SSL *ssl);
|
||||
/* read_app_data reads up to |len| bytes of application data into |buf|. On
|
||||
* success, it returns the number of bytes read. Otherwise, it returns <= 0
|
||||
* and sets |*out_got_handshake| to whether the failure was due to a
|
||||
|
@ -683,6 +683,14 @@ static int read_v2_client_hello(SSL *ssl) {
|
||||
}
|
||||
|
||||
int ssl3_get_message(SSL *ssl) {
|
||||
if (ssl->s3->tmp.reuse_message) {
|
||||
/* There must be a current message. */
|
||||
assert(ssl->init_msg != NULL);
|
||||
ssl->s3->tmp.reuse_message = 0;
|
||||
} else {
|
||||
ssl3_release_current_message(ssl);
|
||||
}
|
||||
|
||||
/* Re-create the handshake buffer if needed. */
|
||||
if (ssl->init_buf == NULL) {
|
||||
ssl->init_buf = BUF_MEM_new();
|
||||
@ -700,14 +708,6 @@ int ssl3_get_message(SSL *ssl) {
|
||||
ssl->s3->v2_hello_done = 1;
|
||||
}
|
||||
|
||||
if (ssl->s3->tmp.reuse_message) {
|
||||
/* There must be a current message. */
|
||||
assert(ssl->init_msg != NULL);
|
||||
ssl->s3->tmp.reuse_message = 0;
|
||||
} else {
|
||||
ssl3_release_current_message(ssl, 0 /* don't free buffer */);
|
||||
}
|
||||
|
||||
/* Read the message header, if we haven't yet. */
|
||||
int ret = extend_handshake_buffer(ssl, SSL3_HM_HEADER_LENGTH);
|
||||
if (ret <= 0) {
|
||||
@ -757,19 +757,23 @@ int ssl_hash_current_message(SSL_HANDSHAKE *hs) {
|
||||
return hs->transcript.Update(CBS_data(&cbs), CBS_len(&cbs));
|
||||
}
|
||||
|
||||
void ssl3_release_current_message(SSL *ssl, int free_buffer) {
|
||||
if (ssl->init_msg != NULL) {
|
||||
/* |init_buf| never contains data beyond the current message. */
|
||||
assert(SSL3_HM_HEADER_LENGTH + ssl->init_num == ssl->init_buf->length);
|
||||
|
||||
/* Clear the current message. */
|
||||
ssl->init_msg = NULL;
|
||||
ssl->init_num = 0;
|
||||
ssl->init_buf->length = 0;
|
||||
ssl->s3->is_v2_hello = 0;
|
||||
void ssl3_release_current_message(SSL *ssl) {
|
||||
if (ssl->init_msg == NULL) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (free_buffer) {
|
||||
/* |init_buf| never contains data beyond the current message. */
|
||||
assert(SSL3_HM_HEADER_LENGTH + ssl->init_num == ssl->init_buf->length);
|
||||
|
||||
/* Clear the current message. */
|
||||
ssl->init_msg = NULL;
|
||||
ssl->init_num = 0;
|
||||
ssl->init_buf->length = 0;
|
||||
ssl->s3->is_v2_hello = 0;
|
||||
|
||||
/* Post-handshake messages are rare, so release the buffer after every
|
||||
* message. During the handshake, |on_handshake_complete| will release it. */
|
||||
if (!SSL_in_init(ssl)) {
|
||||
BUF_MEM_free(ssl->init_buf);
|
||||
ssl->init_buf = NULL;
|
||||
}
|
||||
|
@ -377,7 +377,7 @@ int ssl3_read_app_data(SSL *ssl, int *out_got_handshake, uint8_t *buf, int len,
|
||||
assert(!ssl->s3->aead_read_ctx->is_null_cipher());
|
||||
*out_got_handshake = 0;
|
||||
|
||||
ssl->method->release_current_message(ssl, 0 /* don't free buffer */);
|
||||
ssl->method->release_current_message(ssl);
|
||||
|
||||
SSL3_RECORD *rr = &ssl->s3->rrec;
|
||||
|
||||
|
@ -942,7 +942,7 @@ static int ssl_read_impl(SSL *ssl, void *buf, int num, int peek) {
|
||||
if (!ssl_do_post_handshake(ssl)) {
|
||||
return -1;
|
||||
}
|
||||
ssl->method->release_current_message(ssl, 1 /* free buffer */);
|
||||
ssl->method->release_current_message(ssl);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -69,7 +69,11 @@ namespace bssl {
|
||||
|
||||
static int ssl3_supports_cipher(const SSL_CIPHER *cipher) { return 1; }
|
||||
|
||||
static void ssl3_on_handshake_complete(SSL *ssl) {}
|
||||
static void ssl3_on_handshake_complete(SSL *ssl) {
|
||||
ssl3_release_current_message(ssl);
|
||||
BUF_MEM_free(ssl->init_buf);
|
||||
ssl->init_buf = NULL;
|
||||
}
|
||||
|
||||
static int ssl3_set_read_state(SSL *ssl, UniquePtr<SSLAEADContext> aead_ctx) {
|
||||
if (ssl->s3->rrec.length != 0) {
|
||||
|
Loading…
Reference in New Issue
Block a user