1 /*
2 * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include "../ssl_local.h"
11 #include "record_local.h"
12
SSL3_BUFFER_set_data(SSL3_BUFFER * b,const unsigned char * d,size_t n)13 void SSL3_BUFFER_set_data(SSL3_BUFFER *b, const unsigned char *d, size_t n)
14 {
15 if (d != NULL)
16 memcpy(b->buf, d, n);
17 b->left = n;
18 b->offset = 0;
19 }
20
21 /*
22 * Clear the contents of an SSL3_BUFFER but retain any memory allocated. Also
23 * retains the default_len setting
24 */
SSL3_BUFFER_clear(SSL3_BUFFER * b)25 void SSL3_BUFFER_clear(SSL3_BUFFER *b)
26 {
27 b->offset = 0;
28 b->left = 0;
29 }
30
SSL3_BUFFER_release(SSL3_BUFFER * b)31 void SSL3_BUFFER_release(SSL3_BUFFER *b)
32 {
33 OPENSSL_free(b->buf);
34 b->buf = NULL;
35 }
36
ssl3_setup_read_buffer(SSL * s)37 int ssl3_setup_read_buffer(SSL *s)
38 {
39 unsigned char *p;
40 size_t len, align = 0, headerlen;
41 SSL3_BUFFER *b;
42
43 b = RECORD_LAYER_get_rbuf(&s->rlayer);
44
45 if (SSL_IS_DTLS(s))
46 headerlen = DTLS1_RT_HEADER_LENGTH;
47 else
48 headerlen = SSL3_RT_HEADER_LENGTH;
49
50 #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
51 align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
52 #endif
53
54 if (b->buf == NULL) {
55 len = SSL3_RT_MAX_PLAIN_LENGTH
56 + SSL3_RT_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
57 #ifndef OPENSSL_NO_COMP
58 if (ssl_allow_compression(s))
59 len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
60 #endif
61
62 /* Ensure our buffer is large enough to support all our pipelines */
63 if (s->max_pipelines > 1)
64 len *= s->max_pipelines;
65
66 if (b->default_len > len)
67 len = b->default_len;
68 if ((p = OPENSSL_malloc(len)) == NULL) {
69 /*
70 * We've got a malloc failure, and we're still initialising buffers.
71 * We assume we're so doomed that we won't even be able to send an
72 * alert.
73 */
74 SSLfatal(s, SSL_AD_NO_ALERT, ERR_R_MALLOC_FAILURE);
75 return 0;
76 }
77 b->buf = p;
78 b->len = len;
79 }
80
81 return 1;
82 }
83
ssl3_setup_write_buffer(SSL * s,size_t numwpipes,size_t len)84 int ssl3_setup_write_buffer(SSL *s, size_t numwpipes, size_t len)
85 {
86 unsigned char *p;
87 size_t align = 0, headerlen;
88 SSL3_BUFFER *wb;
89 size_t currpipe;
90
91 s->rlayer.numwpipes = numwpipes;
92
93 if (len == 0) {
94 if (SSL_IS_DTLS(s))
95 headerlen = DTLS1_RT_HEADER_LENGTH + 1;
96 else
97 headerlen = SSL3_RT_HEADER_LENGTH;
98
99 #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
100 align = SSL3_ALIGN_PAYLOAD - 1;
101 #endif
102
103 len = ssl_get_max_send_fragment(s)
104 + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + headerlen + align
105 + SSL_RT_MAX_CIPHER_BLOCK_SIZE /* Explicit IV allowance */;
106 #ifndef OPENSSL_NO_COMP
107 if (ssl_allow_compression(s))
108 len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
109 #endif
110 /*
111 * We don't need to add an allowance for eivlen here since empty
112 * fragments only occur when we don't have an explicit IV
113 */
114 if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
115 len += headerlen + align + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
116 }
117
118 wb = RECORD_LAYER_get_wbuf(&s->rlayer);
119 for (currpipe = 0; currpipe < numwpipes; currpipe++) {
120 SSL3_BUFFER *thiswb = &wb[currpipe];
121
122 if (thiswb->len != len) {
123 OPENSSL_free(thiswb->buf);
124 thiswb->buf = NULL; /* force reallocation */
125 }
126
127 if (thiswb->buf == NULL) {
128 if (s->wbio == NULL || !BIO_get_ktls_send(s->wbio)) {
129 p = OPENSSL_malloc(len);
130 if (p == NULL) {
131 s->rlayer.numwpipes = currpipe;
132 /*
133 * We've got a malloc failure, and we're still initialising
134 * buffers. We assume we're so doomed that we won't even be able
135 * to send an alert.
136 */
137 SSLfatal(s, SSL_AD_NO_ALERT, ERR_R_MALLOC_FAILURE);
138 return 0;
139 }
140 } else {
141 p = NULL;
142 }
143 memset(thiswb, 0, sizeof(SSL3_BUFFER));
144 thiswb->buf = p;
145 thiswb->len = len;
146 }
147 }
148
149 return 1;
150 }
151
ssl3_setup_buffers(SSL * s)152 int ssl3_setup_buffers(SSL *s)
153 {
154 if (!ssl3_setup_read_buffer(s)) {
155 /* SSLfatal() already called */
156 return 0;
157 }
158 if (!ssl3_setup_write_buffer(s, 1, 0)) {
159 /* SSLfatal() already called */
160 return 0;
161 }
162 return 1;
163 }
164
ssl3_release_write_buffer(SSL * s)165 int ssl3_release_write_buffer(SSL *s)
166 {
167 SSL3_BUFFER *wb;
168 size_t pipes;
169
170 pipes = s->rlayer.numwpipes;
171 while (pipes > 0) {
172 wb = &RECORD_LAYER_get_wbuf(&s->rlayer)[pipes - 1];
173
174 if (SSL3_BUFFER_is_app_buffer(wb))
175 SSL3_BUFFER_set_app_buffer(wb, 0);
176 else
177 OPENSSL_free(wb->buf);
178 wb->buf = NULL;
179 pipes--;
180 }
181 s->rlayer.numwpipes = 0;
182 return 1;
183 }
184
ssl3_release_read_buffer(SSL * s)185 int ssl3_release_read_buffer(SSL *s)
186 {
187 SSL3_BUFFER *b;
188
189 b = RECORD_LAYER_get_rbuf(&s->rlayer);
190 if (s->options & SSL_OP_CLEANSE_PLAINTEXT)
191 OPENSSL_cleanse(b->buf, b->len);
192 OPENSSL_free(b->buf);
193 b->buf = NULL;
194 return 1;
195 }
196