kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Du kannst nicht mehr als 25 Themen auswählen Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
2080 Commits
12 Branches
38 MiB
 
 
 
 
 
 
Struktur: a0ef7b0a56
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „a0ef7b0a56“
${ noResults }
boringssl/ssl/ssl_buffer.c

326 Zeilen
9.1 KiB
Originalformat Blame Verlauf 

  1. /* Copyright (c) 2015, Google Inc.

  2.  *

  3.  * Permission to use, copy, modify, and/or distribute this software for any

  4.  * purpose with or without fee is hereby granted, provided that the above

  5.  * copyright notice and this permission notice appear in all copies.

  6.  *

  7.  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

  8.  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

  9.  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY

  10.  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

  11.  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION

  12.  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN

  13.  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */

  14. 

  15. #include <openssl/ssl.h>

  16. 

  17. #include <assert.h>

  18. #include <limits.h>

  19. #include <stdlib.h>

  20. #include <string.h>

  21. 

  22. #include <openssl/bio.h>

  23. #include <openssl/err.h>

  24. #include <openssl/mem.h>

  25. #include <openssl/type_check.h>

  26. 

  27. #include "internal.h"

  28. 

  29. 

  30. OPENSSL_COMPILE_ASSERT(0xffff <= INT_MAX, uint16_fits_in_int);

  31. 

  32. OPENSSL_COMPILE_ASSERT((SSL3_ALIGN_PAYLOAD & (SSL3_ALIGN_PAYLOAD - 1)) == 0,

  33.                        align_to_a_power_of_two);

  34. 

  35. /* setup_buffer initializes |buf| with capacity |cap|, aligned such that data

  36.  * written after |header_len| is aligned to a |SSL3_ALIGN_PAYLOAD|-byte

  37.  * boundary. It returns one on success and zero on error. */

  38. static int setup_buffer(SSL3_BUFFER *buf, size_t header_len, size_t cap) {

  39.   if (buf->buf != NULL || cap > 0xffff) {

  40.     OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);

  41.     return 0;

  42.   }

  43. 

  44.   /* Add up to |SSL3_ALIGN_PAYLOAD| - 1 bytes of slack for alignment. */

  45.   buf->buf = OPENSSL_malloc(cap + SSL3_ALIGN_PAYLOAD - 1);

  46.   if (buf->buf == NULL) {

  47.     OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);

  48.     return 0;

  49.   }

  50. 

  51.   /* Arrange the buffer such that the record body is aligned. */

  52.   buf->offset = (0 - header_len - (uintptr_t)buf->buf) &

  53.                 (SSL3_ALIGN_PAYLOAD - 1);

  54.   buf->len = 0;

  55.   buf->cap = cap;

  56.   return 1;

  57. }

  58. 

  59. static void consume_buffer(SSL3_BUFFER *buf, size_t len) {

  60.   if (len > buf->len) {

  61.     abort();

  62.   }

  63.   buf->offset += (uint16_t)len;

  64.   buf->len -= (uint16_t)len;

  65.   buf->cap -= (uint16_t)len;

  66. }

  67. 

  68. static void clear_buffer(SSL3_BUFFER *buf) {

  69.   OPENSSL_free(buf->buf);

  70.   memset(buf, 0, sizeof(SSL3_BUFFER));

  71. }

  72. 

  73. OPENSSL_COMPILE_ASSERT(DTLS1_RT_HEADER_LENGTH + SSL3_RT_MAX_ENCRYPTED_LENGTH +

  74.                            SSL3_RT_MAX_EXTRA <= 0xffff,

  75.                        maximum_read_buffer_too_large);

  76. 

  77. /* setup_read_buffer initializes the read buffer if not already initialized. It

  78.  * returns one on success and zero on failure. */

  79. static int setup_read_buffer(SSL *ssl) {

  80.   SSL3_BUFFER *buf = &ssl->s3->read_buffer;

  81. 

  82.   if (buf->buf != NULL) {

  83.     return 1;

  84.   }

  85. 

  86.   size_t header_len = ssl_record_prefix_len(ssl);

  87.   size_t cap = SSL3_RT_MAX_ENCRYPTED_LENGTH;

  88.   if (SSL_IS_DTLS(ssl)) {

  89.     cap += DTLS1_RT_HEADER_LENGTH;

  90.   } else {

  91.     cap += SSL3_RT_HEADER_LENGTH;

  92.   }

  93.   if (ssl->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER) {

  94.     cap += SSL3_RT_MAX_EXTRA;

  95.   }

  96. 

  97.   return setup_buffer(buf, header_len, cap);

  98. }

  99. 

  100. uint8_t *ssl_read_buffer(SSL *ssl) {

  101.   return ssl->s3->read_buffer.buf + ssl->s3->read_buffer.offset;

  102. }

  103. 

  104. size_t ssl_read_buffer_len(const SSL *ssl) {

  105.   return ssl->s3->read_buffer.len;

  106. }

  107. 

  108. static int dtls_read_buffer_next_packet(SSL *ssl) {

  109.   SSL3_BUFFER *buf = &ssl->s3->read_buffer;

  110. 

  111.   if (buf->len > 0) {

  112.     /* It is an error to call |dtls_read_buffer_extend| when the read buffer is

  113.      * not empty. */

  114.     OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);

  115.     return -1;

  116.   }

  117. 

  118.   /* Read a single packet from |ssl->rbio|. |buf->cap| must fit in an int. */

  119.   ssl->rwstate = SSL_READING;

  120.   int ret = BIO_read(ssl->rbio, buf->buf + buf->offset, (int)buf->cap);

  121.   if (ret <= 0) {

  122.     return ret;

  123.   }

  124.   ssl->rwstate = SSL_NOTHING;

  125.   /* |BIO_read| was bound by |buf->cap|, so this cannot overflow. */

  126.   buf->len = (uint16_t)ret;

  127.   return 1;

  128. }

  129. 

  130. static int tls_read_buffer_extend_to(SSL *ssl, size_t len) {

  131.   SSL3_BUFFER *buf = &ssl->s3->read_buffer;

  132. 

  133.   if (len > buf->cap) {

  134.     /* This may occur if |SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER| was toggled after

  135.      * |setup_read_buffer| was called. Stay within bounds, but do not attempt to

  136.      * recover. */

  137.     OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL);

  138.     return -1;

  139.   }

  140. 

  141.   /* Read until the target length is reached. */

  142.   while (buf->len < len) {

  143.     /* The amount of data to read is bounded by |buf->cap|, which must fit in an

  144.      * int. */

  145.     ssl->rwstate = SSL_READING;

  146.     int ret = BIO_read(ssl->rbio, buf->buf + buf->offset + buf->len,

  147.                        (int)(len - buf->len));

  148.     if (ret <= 0) {

  149.       return ret;

  150.     }

  151.     ssl->rwstate = SSL_NOTHING;

  152.     /* |BIO_read| was bound by |buf->cap - buf->len|, so this cannot

  153.      * overflow. */

  154.     buf->len += (uint16_t)ret;

  155.   }

  156. 

  157.   return 1;

  158. }

  159. 

  160. int ssl_read_buffer_extend_to(SSL *ssl, size_t len) {

  161.   /* |ssl_read_buffer_extend_to| implicitly discards any consumed data. */

  162.   ssl_read_buffer_discard(ssl);

  163. 

  164.   if (!setup_read_buffer(ssl)) {

  165.     return -1;

  166.   }

  167. 

  168.   if (ssl->rbio == NULL) {

  169.     OPENSSL_PUT_ERROR(SSL, SSL_R_BIO_NOT_SET);

  170.     return -1;

  171.   }

  172. 

  173.   ERR_clear_system_error();

  174. 

  175.   int ret;

  176.   if (SSL_IS_DTLS(ssl)) {

  177.     /* |len| is ignored for a datagram transport. */

  178.     ret = dtls_read_buffer_next_packet(ssl);

  179.   } else {

  180.     ret = tls_read_buffer_extend_to(ssl, len);

  181.   }

  182. 

  183.   if (ret <= 0) {

  184.     /* If the buffer was empty originally and remained empty after attempting to

  185.      * extend it, release the buffer until the next attempt. */

  186.     ssl_read_buffer_discard(ssl);

  187.   }

  188.   return ret;

  189. }

  190. 

  191. void ssl_read_buffer_consume(SSL *ssl, size_t len) {

  192.   SSL3_BUFFER *buf = &ssl->s3->read_buffer;

  193. 

  194.   consume_buffer(buf, len);

  195.   if (!SSL_IS_DTLS(ssl)) {

  196.     /* The TLS stack never reads beyond the current record, so there will never

  197.      * be unconsumed data. If read-ahead is ever reimplemented,

  198.      * |ssl_read_buffer_discard| will require a |memcpy| to shift the excess

  199.      * back to the front of the buffer, to ensure there is enough space for the

  200.      * next record. */

  201.      assert(buf->len == 0);

  202.   }

  203. }

  204. 

  205. void ssl_read_buffer_discard(SSL *ssl) {

  206.   if (ssl->s3->read_buffer.len == 0) {

  207.     ssl_read_buffer_clear(ssl);

  208.   }

  209. }

  210. 

  211. void ssl_read_buffer_clear(SSL *ssl) {

  212.   clear_buffer(&ssl->s3->read_buffer);

  213. }

  214. 

  215. 

  216. int ssl_write_buffer_is_pending(const SSL *ssl) {

  217.   return ssl->s3->write_buffer.len > 0;

  218. }

  219. 

  220. OPENSSL_COMPILE_ASSERT(SSL3_RT_HEADER_LENGTH * 2 +

  221.                            SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD * 2 +

  222.                            SSL3_RT_MAX_PLAIN_LENGTH <= 0xffff,

  223.                        maximum_tls_write_buffer_too_large);

  224. 

  225. OPENSSL_COMPILE_ASSERT(DTLS1_RT_HEADER_LENGTH +

  226.                            SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD +

  227.                            SSL3_RT_MAX_PLAIN_LENGTH <= 0xffff,

  228.                        maximum_dtls_write_buffer_too_large);

  229. 

  230. int ssl_write_buffer_init(SSL *ssl, uint8_t **out_ptr, size_t max_len) {

  231.   SSL3_BUFFER *buf = &ssl->s3->write_buffer;

  232. 

  233.   if (buf->buf != NULL) {

  234.     OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);

  235.     return 0;

  236.   }

  237. 

  238.   size_t header_len = ssl_seal_prefix_len(ssl);

  239. 

  240.   /* TODO(davidben): This matches the original behavior in keeping the malloc

  241.    * size consistent. Does this matter? |cap| could just be |max_len|. */

  242.   size_t cap = SSL3_RT_MAX_PLAIN_LENGTH + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;

  243.   if (SSL_IS_DTLS(ssl)) {

  244.     cap += DTLS1_RT_HEADER_LENGTH;

  245.   } else {

  246.     cap += SSL3_RT_HEADER_LENGTH;

  247.     if (ssl->mode & SSL_MODE_CBC_RECORD_SPLITTING) {

  248.       cap += SSL3_RT_HEADER_LENGTH + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;

  249.     }

  250.   }

  251. 

  252.   if (max_len > cap) {

  253.     OPENSSL_PUT_ERROR(SSL, SSL_R_BUFFER_TOO_SMALL);

  254.     return 0;

  255.   }

  256. 

  257.   if (!setup_buffer(buf, header_len, cap)) {

  258.     return 0;

  259.   }

  260.   *out_ptr = buf->buf + buf->offset;

  261.   return 1;

  262. }

  263. 

  264. void ssl_write_buffer_set_len(SSL *ssl, size_t len) {

  265.   SSL3_BUFFER *buf = &ssl->s3->write_buffer;

  266. 

  267.   if (len > buf->cap) {

  268.     abort();

  269.   }

  270.   buf->len = len;

  271. }

  272. 

  273. static int tls_write_buffer_flush(SSL *ssl) {

  274.   SSL3_BUFFER *buf = &ssl->s3->write_buffer;

  275. 

  276.   while (buf->len > 0) {

  277.     ssl->rwstate = SSL_WRITING;

  278.     int ret = BIO_write(ssl->wbio, buf->buf + buf->offset, buf->len);

  279.     if (ret <= 0) {

  280.       return ret;

  281.     }

  282.     ssl->rwstate = SSL_NOTHING;

  283.     consume_buffer(buf, (size_t)ret);

  284.   }

  285.   ssl_write_buffer_clear(ssl);

  286.   return 1;

  287. }

  288. 

  289. static int dtls_write_buffer_flush(SSL *ssl) {

  290.   SSL3_BUFFER *buf = &ssl->s3->write_buffer;

  291.   if (buf->len == 0) {

  292.     return 1;

  293.   }

  294. 

  295.   ssl->rwstate = SSL_WRITING;

  296.   int ret = BIO_write(ssl->wbio, buf->buf + buf->offset, buf->len);

  297.   if (ret <= 0) {

  298.     /* If the write failed, drop the write buffer anyway. Datagram transports

  299.      * can't write half a packet, so the caller is expected to retry from the

  300.      * top. */

  301.     ssl_write_buffer_clear(ssl);

  302.     return ret;

  303.   }

  304.   ssl->rwstate = SSL_NOTHING;

  305.   ssl_write_buffer_clear(ssl);

  306.   return 1;

  307. }

  308. 

  309. int ssl_write_buffer_flush(SSL *ssl) {

  310.   if (ssl->wbio == NULL) {

  311.     OPENSSL_PUT_ERROR(SSL, SSL_R_BIO_NOT_SET);

  312.     return -1;

  313.   }

  314.   ERR_clear_system_error();

  315. 

  316.   if (SSL_IS_DTLS(ssl)) {

  317.     return dtls_write_buffer_flush(ssl);

  318.   } else {

  319.     return tls_write_buffer_flush(ssl);

  320.   }

  321. }

  322. 

  323. void ssl_write_buffer_clear(SSL *ssl) {

  324.   clear_buffer(&ssl->s3->write_buffer);

  325. }