1 /* $OpenBSD: ssl_both.c,v 1.42 2022/02/05 14:54:10 jsing Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 /* ==================================================================== 59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. 60 * 61 * Redistribution and use in source and binary forms, with or without 62 * modification, are permitted provided that the following conditions 63 * are met: 64 * 65 * 1. Redistributions of source code must retain the above copyright 66 * notice, this list of conditions and the following disclaimer. 67 * 68 * 2. Redistributions in binary form must reproduce the above copyright 69 * notice, this list of conditions and the following disclaimer in 70 * the documentation and/or other materials provided with the 71 * distribution. 72 * 73 * 3. All advertising materials mentioning features or use of this 74 * software must display the following acknowledgment: 75 * "This product includes software developed by the OpenSSL Project 76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 77 * 78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 79 * endorse or promote products derived from this software without 80 * prior written permission. For written permission, please contact 81 * openssl-core@openssl.org. 82 * 83 * 5. Products derived from this software may not be called "OpenSSL" 84 * nor may "OpenSSL" appear in their names without prior written 85 * permission of the OpenSSL Project. 86 * 87 * 6. Redistributions of any form whatsoever must retain the following 88 * acknowledgment: 89 * "This product includes software developed by the OpenSSL Project 90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 91 * 92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 103 * OF THE POSSIBILITY OF SUCH DAMAGE. 104 * ==================================================================== 105 * 106 * This product includes cryptographic software written by Eric Young 107 * (eay@cryptsoft.com). This product includes software written by Tim 108 * Hudson (tjh@cryptsoft.com). 109 * 110 */ 111 /* ==================================================================== 112 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. 113 * ECC cipher suite support in OpenSSL originally developed by 114 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. 115 */ 116 117 #include <limits.h> 118 #include <stdio.h> 119 #include <string.h> 120 121 #include <openssl/buffer.h> 122 #include <openssl/evp.h> 123 #include <openssl/objects.h> 124 #include <openssl/x509.h> 125 126 #include "bytestring.h" 127 #include "dtls_locl.h" 128 #include "ssl_locl.h" 129 130 /* 131 * Send s->internal->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or 132 * SSL3_RT_CHANGE_CIPHER_SPEC). 133 */ 134 int 135 ssl3_do_write(SSL *s, int type) 136 { 137 int ret; 138 139 ret = ssl3_write_bytes(s, type, &s->internal->init_buf->data[s->internal->init_off], 140 s->internal->init_num); 141 if (ret < 0) 142 return (-1); 143 144 if (type == SSL3_RT_HANDSHAKE) 145 /* 146 * Should not be done for 'Hello Request's, but in that case 147 * we'll ignore the result anyway. 148 */ 149 tls1_transcript_record(s, 150 (unsigned char *)&s->internal->init_buf->data[s->internal->init_off], ret); 151 152 if (ret == s->internal->init_num) { 153 ssl_msg_callback(s, 1, type, s->internal->init_buf->data, 154 (size_t)(s->internal->init_off + s->internal->init_num)); 155 return (1); 156 } 157 158 s->internal->init_off += ret; 159 s->internal->init_num -= ret; 160 161 return (0); 162 } 163 164 int 165 ssl3_send_finished(SSL *s, int state_a, int state_b) 166 { 167 CBB cbb, finished; 168 169 memset(&cbb, 0, sizeof(cbb)); 170 171 if (s->s3->hs.state == state_a) { 172 if (!tls12_derive_finished(s)) 173 goto err; 174 175 /* Copy finished so we can use it for renegotiation checks. */ 176 if (!s->server) { 177 memcpy(s->s3->previous_client_finished, 178 s->s3->hs.finished, s->s3->hs.finished_len); 179 s->s3->previous_client_finished_len = 180 s->s3->hs.finished_len; 181 } else { 182 memcpy(s->s3->previous_server_finished, 183 s->s3->hs.finished, s->s3->hs.finished_len); 184 s->s3->previous_server_finished_len = 185 s->s3->hs.finished_len; 186 } 187 188 if (!ssl3_handshake_msg_start(s, &cbb, &finished, 189 SSL3_MT_FINISHED)) 190 goto err; 191 if (!CBB_add_bytes(&finished, s->s3->hs.finished, 192 s->s3->hs.finished_len)) 193 goto err; 194 if (!ssl3_handshake_msg_finish(s, &cbb)) 195 goto err; 196 197 s->s3->hs.state = state_b; 198 } 199 200 return (ssl3_handshake_write(s)); 201 202 err: 203 CBB_cleanup(&cbb); 204 205 return (-1); 206 } 207 208 int 209 ssl3_get_finished(SSL *s, int a, int b) 210 { 211 int al, md_len, ret; 212 CBS cbs; 213 214 /* should actually be 36+4 :-) */ 215 if ((ret = ssl3_get_message(s, a, b, SSL3_MT_FINISHED, 64)) <= 0) 216 return ret; 217 218 /* If this occurs, we have missed a message */ 219 if (!s->s3->change_cipher_spec) { 220 al = SSL_AD_UNEXPECTED_MESSAGE; 221 SSLerror(s, SSL_R_GOT_A_FIN_BEFORE_A_CCS); 222 goto fatal_err; 223 } 224 s->s3->change_cipher_spec = 0; 225 226 md_len = TLS1_FINISH_MAC_LENGTH; 227 228 if (s->internal->init_num < 0) { 229 al = SSL_AD_DECODE_ERROR; 230 SSLerror(s, SSL_R_BAD_DIGEST_LENGTH); 231 goto fatal_err; 232 } 233 234 CBS_init(&cbs, s->internal->init_msg, s->internal->init_num); 235 236 if (s->s3->hs.peer_finished_len != md_len || 237 CBS_len(&cbs) != md_len) { 238 al = SSL_AD_DECODE_ERROR; 239 SSLerror(s, SSL_R_BAD_DIGEST_LENGTH); 240 goto fatal_err; 241 } 242 243 if (!CBS_mem_equal(&cbs, s->s3->hs.peer_finished, CBS_len(&cbs))) { 244 al = SSL_AD_DECRYPT_ERROR; 245 SSLerror(s, SSL_R_DIGEST_CHECK_FAILED); 246 goto fatal_err; 247 } 248 249 /* Copy finished so we can use it for renegotiation checks. */ 250 OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE); 251 if (s->server) { 252 memcpy(s->s3->previous_client_finished, 253 s->s3->hs.peer_finished, md_len); 254 s->s3->previous_client_finished_len = md_len; 255 } else { 256 memcpy(s->s3->previous_server_finished, 257 s->s3->hs.peer_finished, md_len); 258 s->s3->previous_server_finished_len = md_len; 259 } 260 261 return (1); 262 fatal_err: 263 ssl3_send_alert(s, SSL3_AL_FATAL, al); 264 return (0); 265 } 266 267 int 268 ssl3_send_change_cipher_spec(SSL *s, int a, int b) 269 { 270 size_t outlen; 271 CBB cbb; 272 273 memset(&cbb, 0, sizeof(cbb)); 274 275 if (s->s3->hs.state == a) { 276 if (!CBB_init_fixed(&cbb, s->internal->init_buf->data, 277 s->internal->init_buf->length)) 278 goto err; 279 if (!CBB_add_u8(&cbb, SSL3_MT_CCS)) 280 goto err; 281 if (!CBB_finish(&cbb, NULL, &outlen)) 282 goto err; 283 284 if (outlen > INT_MAX) 285 goto err; 286 287 s->internal->init_num = (int)outlen; 288 s->internal->init_off = 0; 289 290 if (SSL_is_dtls(s)) { 291 s->d1->handshake_write_seq = 292 s->d1->next_handshake_write_seq; 293 dtls1_set_message_header_int(s, SSL3_MT_CCS, 0, 294 s->d1->handshake_write_seq, 0, 0); 295 dtls1_buffer_message(s, 1); 296 } 297 298 s->s3->hs.state = b; 299 } 300 301 /* SSL3_ST_CW_CHANGE_B */ 302 return ssl3_record_write(s, SSL3_RT_CHANGE_CIPHER_SPEC); 303 304 err: 305 CBB_cleanup(&cbb); 306 307 return -1; 308 } 309 310 static int 311 ssl3_add_cert(CBB *cbb, X509 *x) 312 { 313 unsigned char *data; 314 int cert_len; 315 int ret = 0; 316 CBB cert; 317 318 if ((cert_len = i2d_X509(x, NULL)) < 0) 319 goto err; 320 321 if (!CBB_add_u24_length_prefixed(cbb, &cert)) 322 goto err; 323 if (!CBB_add_space(&cert, &data, cert_len)) 324 goto err; 325 if (i2d_X509(x, &data) < 0) 326 goto err; 327 if (!CBB_flush(cbb)) 328 goto err; 329 330 ret = 1; 331 332 err: 333 return (ret); 334 } 335 336 int 337 ssl3_output_cert_chain(SSL *s, CBB *cbb, SSL_CERT_PKEY *cpk) 338 { 339 X509_STORE_CTX *xs_ctx = NULL; 340 STACK_OF(X509) *chain; 341 CBB cert_list; 342 X509 *x; 343 int ret = 0; 344 int i; 345 346 if (!CBB_add_u24_length_prefixed(cbb, &cert_list)) 347 goto err; 348 349 /* Send an empty certificate list when no certificate is available. */ 350 if (cpk == NULL) 351 goto done; 352 353 if ((chain = cpk->chain) == NULL) 354 chain = s->ctx->extra_certs; 355 356 if (chain != NULL || (s->internal->mode & SSL_MODE_NO_AUTO_CHAIN)) { 357 if (!ssl3_add_cert(&cert_list, cpk->x509)) 358 goto err; 359 } else { 360 if ((xs_ctx = X509_STORE_CTX_new()) == NULL) 361 goto err; 362 if (!X509_STORE_CTX_init(xs_ctx, s->ctx->cert_store, 363 cpk->x509, NULL)) { 364 SSLerror(s, ERR_R_X509_LIB); 365 goto err; 366 } 367 X509_VERIFY_PARAM_set_flags(X509_STORE_CTX_get0_param(xs_ctx), 368 X509_V_FLAG_LEGACY_VERIFY); 369 X509_verify_cert(xs_ctx); 370 ERR_clear_error(); 371 chain = X509_STORE_CTX_get0_chain(xs_ctx); 372 } 373 374 for (i = 0; i < sk_X509_num(chain); i++) { 375 x = sk_X509_value(chain, i); 376 if (!ssl3_add_cert(&cert_list, x)) 377 goto err; 378 } 379 380 done: 381 if (!CBB_flush(cbb)) 382 goto err; 383 384 ret = 1; 385 386 err: 387 X509_STORE_CTX_free(xs_ctx); 388 389 return (ret); 390 } 391 392 /* 393 * Obtain handshake message of message type 'mt' (any if mt == -1), 394 * maximum acceptable body length 'max'. 395 * The first four bytes (msg_type and length) are read in state 'st1', 396 * the body is read in state 'stn'. 397 */ 398 int 399 ssl3_get_message(SSL *s, int st1, int stn, int mt, long max) 400 { 401 unsigned char *p; 402 uint32_t l; 403 long n; 404 int i, al; 405 CBS cbs; 406 uint8_t u8; 407 408 if (SSL_is_dtls(s)) 409 return dtls1_get_message(s, st1, stn, mt, max); 410 411 if (s->s3->hs.tls12.reuse_message) { 412 s->s3->hs.tls12.reuse_message = 0; 413 if ((mt >= 0) && (s->s3->hs.tls12.message_type != mt)) { 414 al = SSL_AD_UNEXPECTED_MESSAGE; 415 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE); 416 goto fatal_err; 417 } 418 s->internal->init_msg = s->internal->init_buf->data + 419 SSL3_HM_HEADER_LENGTH; 420 s->internal->init_num = (int)s->s3->hs.tls12.message_size; 421 return 1; 422 } 423 424 p = (unsigned char *)s->internal->init_buf->data; 425 426 if (s->s3->hs.state == st1) { 427 int skip_message; 428 429 do { 430 while (s->internal->init_num < SSL3_HM_HEADER_LENGTH) { 431 i = s->method->ssl_read_bytes(s, 432 SSL3_RT_HANDSHAKE, &p[s->internal->init_num], 433 SSL3_HM_HEADER_LENGTH - s->internal->init_num, 0); 434 if (i <= 0) { 435 s->internal->rwstate = SSL_READING; 436 return i; 437 } 438 s->internal->init_num += i; 439 } 440 441 skip_message = 0; 442 if (!s->server && p[0] == SSL3_MT_HELLO_REQUEST) { 443 /* 444 * The server may always send 'Hello Request' 445 * messages -- we are doing a handshake anyway 446 * now, so ignore them if their format is 447 * correct. Does not count for 'Finished' MAC. 448 */ 449 if (p[1] == 0 && p[2] == 0 &&p[3] == 0) { 450 s->internal->init_num = 0; 451 skip_message = 1; 452 453 ssl_msg_callback(s, 0, 454 SSL3_RT_HANDSHAKE, p, 455 SSL3_HM_HEADER_LENGTH); 456 } 457 } 458 } while (skip_message); 459 460 if ((mt >= 0) && (*p != mt)) { 461 al = SSL_AD_UNEXPECTED_MESSAGE; 462 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE); 463 goto fatal_err; 464 } 465 466 CBS_init(&cbs, p, SSL3_HM_HEADER_LENGTH); 467 if (!CBS_get_u8(&cbs, &u8) || 468 !CBS_get_u24(&cbs, &l)) { 469 SSLerror(s, ERR_R_BUF_LIB); 470 goto err; 471 } 472 s->s3->hs.tls12.message_type = u8; 473 474 if (l > (unsigned long)max) { 475 al = SSL_AD_ILLEGAL_PARAMETER; 476 SSLerror(s, SSL_R_EXCESSIVE_MESSAGE_SIZE); 477 goto fatal_err; 478 } 479 if (l && !BUF_MEM_grow_clean(s->internal->init_buf, 480 l + SSL3_HM_HEADER_LENGTH)) { 481 SSLerror(s, ERR_R_BUF_LIB); 482 goto err; 483 } 484 s->s3->hs.tls12.message_size = l; 485 s->s3->hs.state = stn; 486 487 s->internal->init_msg = s->internal->init_buf->data + 488 SSL3_HM_HEADER_LENGTH; 489 s->internal->init_num = 0; 490 } 491 492 /* next state (stn) */ 493 p = s->internal->init_msg; 494 n = s->s3->hs.tls12.message_size - s->internal->init_num; 495 while (n > 0) { 496 i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, 497 &p[s->internal->init_num], n, 0); 498 if (i <= 0) { 499 s->internal->rwstate = SSL_READING; 500 return i; 501 } 502 s->internal->init_num += i; 503 n -= i; 504 } 505 506 /* Feed this message into MAC computation. */ 507 if (s->internal->mac_packet) { 508 tls1_transcript_record(s, (unsigned char *)s->internal->init_buf->data, 509 s->internal->init_num + SSL3_HM_HEADER_LENGTH); 510 511 ssl_msg_callback(s, 0, SSL3_RT_HANDSHAKE, 512 s->internal->init_buf->data, 513 (size_t)s->internal->init_num + SSL3_HM_HEADER_LENGTH); 514 } 515 516 return 1; 517 518 fatal_err: 519 ssl3_send_alert(s, SSL3_AL_FATAL, al); 520 err: 521 return -1; 522 } 523 524 int 525 ssl_cert_type(EVP_PKEY *pkey) 526 { 527 if (pkey == NULL) 528 return -1; 529 530 switch (EVP_PKEY_id(pkey)) { 531 case EVP_PKEY_EC: 532 return SSL_PKEY_ECC; 533 case NID_id_GostR3410_2001: 534 case NID_id_GostR3410_2001_cc: 535 return SSL_PKEY_GOST01; 536 case EVP_PKEY_RSA: 537 return SSL_PKEY_RSA; 538 } 539 540 return -1; 541 } 542 543 int 544 ssl_verify_alarm_type(long type) 545 { 546 int al; 547 548 switch (type) { 549 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: 550 case X509_V_ERR_UNABLE_TO_GET_CRL: 551 case X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: 552 al = SSL_AD_UNKNOWN_CA; 553 break; 554 case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: 555 case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: 556 case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: 557 case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: 558 case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: 559 case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: 560 case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: 561 case X509_V_ERR_CERT_NOT_YET_VALID: 562 case X509_V_ERR_CRL_NOT_YET_VALID: 563 case X509_V_ERR_CERT_UNTRUSTED: 564 case X509_V_ERR_CERT_REJECTED: 565 al = SSL_AD_BAD_CERTIFICATE; 566 break; 567 case X509_V_ERR_CERT_SIGNATURE_FAILURE: 568 case X509_V_ERR_CRL_SIGNATURE_FAILURE: 569 al = SSL_AD_DECRYPT_ERROR; 570 break; 571 case X509_V_ERR_CERT_HAS_EXPIRED: 572 case X509_V_ERR_CRL_HAS_EXPIRED: 573 al = SSL_AD_CERTIFICATE_EXPIRED; 574 break; 575 case X509_V_ERR_CERT_REVOKED: 576 al = SSL_AD_CERTIFICATE_REVOKED; 577 break; 578 case X509_V_ERR_OUT_OF_MEM: 579 al = SSL_AD_INTERNAL_ERROR; 580 break; 581 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 582 case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: 583 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: 584 case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: 585 case X509_V_ERR_CERT_CHAIN_TOO_LONG: 586 case X509_V_ERR_PATH_LENGTH_EXCEEDED: 587 case X509_V_ERR_INVALID_CA: 588 al = SSL_AD_UNKNOWN_CA; 589 break; 590 case X509_V_ERR_APPLICATION_VERIFICATION: 591 al = SSL_AD_HANDSHAKE_FAILURE; 592 break; 593 case X509_V_ERR_INVALID_PURPOSE: 594 al = SSL_AD_UNSUPPORTED_CERTIFICATE; 595 break; 596 default: 597 al = SSL_AD_CERTIFICATE_UNKNOWN; 598 break; 599 } 600 return (al); 601 } 602 603 int 604 ssl3_setup_init_buffer(SSL *s) 605 { 606 BUF_MEM *buf = NULL; 607 608 if (s->internal->init_buf != NULL) 609 return (1); 610 611 if ((buf = BUF_MEM_new()) == NULL) 612 goto err; 613 if (!BUF_MEM_grow(buf, SSL3_RT_MAX_PLAIN_LENGTH)) 614 goto err; 615 616 s->internal->init_buf = buf; 617 return (1); 618 619 err: 620 BUF_MEM_free(buf); 621 return (0); 622 } 623 624 void 625 ssl3_release_init_buffer(SSL *s) 626 { 627 BUF_MEM_free(s->internal->init_buf); 628 s->internal->init_buf = NULL; 629 s->internal->init_msg = NULL; 630 s->internal->init_num = 0; 631 s->internal->init_off = 0; 632 } 633 634 int 635 ssl3_setup_read_buffer(SSL *s) 636 { 637 unsigned char *p; 638 size_t len, align, headerlen; 639 640 if (SSL_is_dtls(s)) 641 headerlen = DTLS1_RT_HEADER_LENGTH; 642 else 643 headerlen = SSL3_RT_HEADER_LENGTH; 644 645 align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1); 646 647 if (s->s3->rbuf.buf == NULL) { 648 len = SSL3_RT_MAX_PLAIN_LENGTH + 649 SSL3_RT_MAX_ENCRYPTED_OVERHEAD + headerlen + align; 650 if ((p = calloc(1, len)) == NULL) 651 goto err; 652 s->s3->rbuf.buf = p; 653 s->s3->rbuf.len = len; 654 } 655 656 s->internal->packet = s->s3->rbuf.buf; 657 return 1; 658 659 err: 660 SSLerror(s, ERR_R_MALLOC_FAILURE); 661 return 0; 662 } 663 664 int 665 ssl3_setup_write_buffer(SSL *s) 666 { 667 unsigned char *p; 668 size_t len, align, headerlen; 669 670 if (SSL_is_dtls(s)) 671 headerlen = DTLS1_RT_HEADER_LENGTH + 1; 672 else 673 headerlen = SSL3_RT_HEADER_LENGTH; 674 675 align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1); 676 677 if (s->s3->wbuf.buf == NULL) { 678 len = s->max_send_fragment + 679 SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + headerlen + align; 680 if (!(s->internal->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS)) 681 len += headerlen + align + 682 SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD; 683 684 if ((p = calloc(1, len)) == NULL) 685 goto err; 686 s->s3->wbuf.buf = p; 687 s->s3->wbuf.len = len; 688 } 689 690 return 1; 691 692 err: 693 SSLerror(s, ERR_R_MALLOC_FAILURE); 694 return 0; 695 } 696 697 int 698 ssl3_setup_buffers(SSL *s) 699 { 700 if (!ssl3_setup_read_buffer(s)) 701 return 0; 702 if (!ssl3_setup_write_buffer(s)) 703 return 0; 704 return 1; 705 } 706 707 void 708 ssl3_release_buffer(SSL3_BUFFER_INTERNAL *b) 709 { 710 freezero(b->buf, b->len); 711 b->buf = NULL; 712 b->len = 0; 713 } 714 715 void 716 ssl3_release_read_buffer(SSL *s) 717 { 718 ssl3_release_buffer(&s->s3->rbuf); 719 } 720 721 void 722 ssl3_release_write_buffer(SSL *s) 723 { 724 ssl3_release_buffer(&s->s3->wbuf); 725 } 726