From 280075104e64a326985417c1e3f7dc4658586c8c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 09:46:44 +0100 Subject: [PATCH 01/28] DTLS Reordering: Improve doc of MBEDTLS_SSL_DTLS_MAX_BUFFERING --- include/mbedtls/config.h | 9 +++++++++ include/mbedtls/ssl.h | 6 +++++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 1cdff71f1..70770de43 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3015,6 +3015,15 @@ * Maximum number of heap-allocated bytes for the purpose of * DTLS handshake message reassembly and future message buffering. * + * This should be at least 9/8 * MBEDTLSSL_MAX_IN_CONTENT_LEN + * to account for a reassembled handshake message of maximum size, + * together with its reassembly bitmap. + * + * A value of 2 * MBEDTLS_SSL_MAX_IN_CONTENT_LEN (32768 by default) + * should be sufficient for all practical situations as it allows + * to reassembly a large handshake message (such as a certificate) + * while buffering multiple smaller handshake messages. + * */ //#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 39c7bfaa1..5de911cd5 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -243,8 +243,12 @@ #define MBEDTLS_SSL_OUT_CONTENT_LEN MBEDTLS_SSL_MAX_CONTENT_LEN #endif +/* + * Maximum number of heap-allocated bytes for the purpose of + * DTLS handshake message reassembly and future message buffering. + */ #if !defined(MBEDTLS_SSL_DTLS_MAX_BUFFERING) -#define MBEDTLS_SSL_DTLS_MAX_BUFFERING ( 2 * MBEDTLS_SSL_IN_CONTENT_LEN ) +#define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 #endif /* \} name SECTION: Module settings */ From 3f7b973e32dc659b7e0984ec4298e5d044bc0bbf Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 09:53:25 +0100 Subject: [PATCH 02/28] Correct typo in mbedtls_ssl_flight_transmit() --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index ccd73996d..ceea17fa3 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3037,7 +3037,7 @@ int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 ); - /* Copy the handshame message content and set records fields */ + /* Copy the handshake message content and set records fields */ memcpy( ssl->out_msg + 12, p, cur_hs_frag_len ); ssl->out_msglen = cur_hs_frag_len + 12; ssl->out_msgtype = cur->type; From ecbdf1c0481a2a9caeb9e32f1c8e80967457ed04 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 09:53:54 +0100 Subject: [PATCH 03/28] Style: Correct indentation of debug msgs in mbedtls_ssl_write_record --- library/ssl_tls.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index ceea17fa3..5f1ec0773 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3402,12 +3402,12 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) #endif /* MBEDTLS_SSL_PROTO_DTLS */ MBEDTLS_SSL_DEBUG_MSG( 3, ( "output record: msgtype = %d, " - "version = [%d:%d], msglen = %d", - ssl->out_hdr[0], ssl->out_hdr[1], ssl->out_hdr[2], len ) ); - + "version = [%d:%d], msglen = %d", + ssl->out_hdr[0], ssl->out_hdr[1], + ssl->out_hdr[2], len ) ); MBEDTLS_SSL_DEBUG_BUF( 4, "output record sent to network", - ssl->out_hdr, protected_record_size ); + ssl->out_hdr, protected_record_size ); ssl->out_left += protected_record_size; ssl->out_hdr += protected_record_size; From f0da6670dcf2485da3f6aa2e08eb679d5e509c7e Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 09:55:10 +0100 Subject: [PATCH 04/28] Style: Add braces around if-branch where else-branch has them --- library/ssl_tls.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 5f1ec0773..4cb543ca7 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3440,7 +3440,9 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush ) remaining = (size_t) ret; if( remaining == 0 ) + { flush = SSL_FORCE_FLUSH; + } else { MBEDTLS_SSL_DEBUG_MSG( 2, ( "Still %u bytes available in current datagram", (unsigned) remaining ) ); From b8f50147ee79024f07593542339330bef25a937f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 10:01:34 +0100 Subject: [PATCH 05/28] Add explicit MBEDTLS_DEBUG_C-guard around debugging code --- library/ssl_tls.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4cb543ca7..4777844c4 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4424,6 +4424,7 @@ static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ) goto exit; } +#if defined(MBEDTLS_DEBUG_C) /* Debug only */ { unsigned offset; @@ -4438,6 +4439,7 @@ static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ) } } } +#endif /* MBEDTLS_DEBUG_C */ /* Check if we have buffered and/or fully reassembled the * next handshake message. */ From 4f432ad44de7fadbf015d9576e3f657ef551faab Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 10:02:32 +0100 Subject: [PATCH 06/28] Style: Don't use abbreviations in comments --- library/ssl_tls.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 4777844c4..425cdee93 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4505,9 +4505,9 @@ static int ssl_buffer_make_space( mbedtls_ssl_context *ssl, return( 0 ); } - /* We don't have enough space to buffer the next expected - * handshake message. Remove buffers used for future msgs - * to gain space, starting with the most distant one. */ + /* We don't have enough space to buffer the next expected handshake + * message. Remove buffers used for future messages to gain space, + * starting with the most distant one. */ for( offset = MBEDTLS_SSL_MAX_BUFFERED_HS - 1; offset >= 0; offset-- ) { From 360bef3fe39b5f0b2887db4d39ca7d2e1636ea56 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 10:04:33 +0100 Subject: [PATCH 07/28] Reordering: Document that only HS and CCS msgs are buffered --- library/ssl_tls.c | 1 + 1 file changed, 1 insertion(+) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 425cdee93..0703b6a7b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4710,6 +4710,7 @@ static int ssl_buffer_message( mbedtls_ssl_context *ssl ) } default: + /* We don't buffer other types of messages. */ break; } From d58477769d355fd753afef5dc77c5447b13cedd1 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 10:09:23 +0100 Subject: [PATCH 08/28] Style: Group buffering-related forward declarations in ssl_tls.c --- library/ssl_tls.c | 25 +++++++++++-------------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 0703b6a7b..38d9d0296 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -109,6 +109,17 @@ static void ssl_update_in_pointers( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_DTLS) +/* Forward declarations for functions related to message buffering. */ +static void ssl_buffering_free( mbedtls_ssl_context *ssl ); +static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, + uint8_t slot ); +static void ssl_free_buffered_record( mbedtls_ssl_context *ssl ); +static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ); +static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ); +static int ssl_buffer_message( mbedtls_ssl_context *ssl ); +static int ssl_buffer_future_record( mbedtls_ssl_context *ssl ); +static int ssl_another_record_in_datagram( mbedtls_ssl_context *ssl ); + static size_t ssl_get_current_mtu( const mbedtls_ssl_context *ssl ); static size_t ssl_get_maximum_datagram_size( mbedtls_ssl_context const *ssl ) { @@ -183,11 +194,6 @@ static int ssl_get_remaining_payload_in_datagram( mbedtls_ssl_context const *ssl return( (int) remaining ); } -static void ssl_buffering_free( mbedtls_ssl_context *ssl ); - -static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, - uint8_t slot ); - /* * Double the retransmit timeout value, within the allowed range, * returning -1 if the maximum value has already been reached. @@ -4287,14 +4293,6 @@ static int ssl_consume_current_message( mbedtls_ssl_context *ssl ); static int ssl_get_next_record( mbedtls_ssl_context *ssl ); static int ssl_record_is_in_progress( mbedtls_ssl_context *ssl ); -#if defined(MBEDTLS_SSL_PROTO_DTLS) -static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ); -static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ); -static int ssl_buffer_message( mbedtls_ssl_context *ssl ); -static int ssl_buffer_future_record( mbedtls_ssl_context *ssl ); -static int ssl_another_record_in_datagram( mbedtls_ssl_context *ssl ); -#endif /* MBEDTLS_SSL_PROTO_DTLS */ - int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, unsigned update_hs_digest ) { @@ -4485,7 +4483,6 @@ exit: return( ret ); } -static void ssl_free_buffered_record( mbedtls_ssl_context *ssl ); static int ssl_buffer_make_space( mbedtls_ssl_context *ssl, size_t desired ) { From cf469458caf74173c045e62b508a602016f02c9a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 10:09:47 +0100 Subject: [PATCH 09/28] Style: Add empty line before comment in UDP proxy code --- programs/test/udp_proxy.c | 1 + 1 file changed, 1 insertion(+) diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 258522003..46f7035b9 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -663,6 +663,7 @@ int handle_message( const char *way, delay_list = opt.delay_srv; delay_list_len = opt.delay_srv_cnt; } + /* Check if message type is in the list of messages * that should be delayed */ for( delay_idx = 0; delay_idx < delay_list_len; delay_idx++ ) From bc2498a9ffc3d80816cef82055309eb5ab4f915c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 10:13:29 +0100 Subject: [PATCH 10/28] Style: Add numerous comments indicating condition guarded by #endif --- include/mbedtls/ssl.h | 22 +++++++++++----------- library/ssl_cli.c | 4 ++-- library/ssl_srv.c | 6 +++--- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 5de911cd5..91101cd28 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1031,14 +1031,14 @@ struct mbedtls_ssl_context int renego_records_seen; /*!< Records since renego request, or with DTLS, number of retransmissions of request if renego_max_records is < 0 */ -#endif +#endif /* MBEDTLS_SSL_RENEGOTIATION */ int major_ver; /*!< equal to MBEDTLS_SSL_MAJOR_VERSION_3 */ int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */ #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) unsigned badmac_seen; /*!< records with a bad MAC received */ -#endif +#endif /* MBEDTLS_SSL_DTLS_BADMAC_LIMIT */ mbedtls_ssl_send_t *f_send; /*!< Callback for network send */ mbedtls_ssl_recv_t *f_recv; /*!< Callback for network receive */ @@ -1094,11 +1094,11 @@ struct mbedtls_ssl_context uint16_t in_epoch; /*!< DTLS epoch for incoming records */ size_t next_record_offset; /*!< offset of the next record in datagram (equal to in_left if none) */ -#endif +#endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) uint64_t in_window_top; /*!< last validated record seq_num */ uint64_t in_window; /*!< bitmask for replay detection */ -#endif +#endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */ size_t in_hslen; /*!< current handshake message length, including the handshake header */ @@ -1130,14 +1130,14 @@ struct mbedtls_ssl_context #if defined(MBEDTLS_SSL_PROTO_DTLS) uint16_t mtu; /*!< path mtu, used to fragment outgoing messages */ -#endif +#endif /* MBEDTLS_SSL_PROTO_DTLS */ #if defined(MBEDTLS_ZLIB_SUPPORT) unsigned char *compress_buf; /*!< zlib data buffer */ -#endif +#endif /* MBEDTLS_ZLIB_SUPPORT */ #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) signed char split_done; /*!< current record already splitted? */ -#endif +#endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ /* * PKI layer @@ -1150,11 +1150,11 @@ struct mbedtls_ssl_context #if defined(MBEDTLS_X509_CRT_PARSE_C) char *hostname; /*!< expected peer CN for verification (and SNI if available) */ -#endif +#endif /* MBEDTLS_X509_CRT_PARSE_C */ #if defined(MBEDTLS_SSL_ALPN) const char *alpn_chosen; /*!< negotiated protocol */ -#endif +#endif /* MBEDTLS_SSL_ALPN */ /* * Information for DTLS hello verify @@ -1162,7 +1162,7 @@ struct mbedtls_ssl_context #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C) unsigned char *cli_id; /*!< transport-level ID of the client */ size_t cli_id_len; /*!< length of cli_id */ -#endif +#endif /* MBEDTLS_SSL_DTLS_HELLO_VERIFY && MBEDTLS_SSL_SRV_C */ /* * Secure renegotiation @@ -1174,7 +1174,7 @@ struct mbedtls_ssl_context size_t verify_data_len; /*!< length of verify data stored */ char own_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ char peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ -#endif +#endif /* MBEDTLS_SSL_RENEGOTIATION */ }; #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index d160c42d0..2c325aab6 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1101,7 +1101,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); return( ret ); } -#endif +#endif /* MBEDTLS_SSL_PROTO_DTLS */ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); @@ -3414,7 +3414,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl ) if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) return( ret ); } -#endif +#endif /* MBEDTLS_SSL_PROTO_DTLS */ /* Change state now, so that it is right in mbedtls_ssl_read_record(), used * by DTLS for dropping out-of-sequence ChangeCipherSpec records */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 84c83e330..36ca0d69f 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2397,7 +2397,7 @@ static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); return( ret ); } -#endif +#endif /* MBEDTLS_SSL_PROTO_DTLS */ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write hello verify request" ) ); @@ -3385,7 +3385,7 @@ static int ssl_write_server_hello_done( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_flight_transmit", ret ); return( ret ); } -#endif +#endif /* MBEDTLS_SSL_PROTO_DTLS */ MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write server hello done" ) ); @@ -4264,7 +4264,7 @@ int mbedtls_ssl_handshake_server_step( mbedtls_ssl_context *ssl ) if( ( ret = mbedtls_ssl_flight_transmit( ssl ) ) != 0 ) return( ret ); } -#endif +#endif /* MBEDTLS_SSL_PROTO_DTLS */ switch( ssl->state ) { From b9a0086975fa966bf113db2d853bd978c4498475 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 10:20:22 +0100 Subject: [PATCH 11/28] ssl-opt.sh: Explain use of --insecure in GnuTLS client tests --- tests/ssl-opt.sh | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index ff36e6c57..01867e1fd 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5535,6 +5535,13 @@ run_test "DTLS fragmenting: gnutls server, DTLS 1.0" \ -c "fragmenting handshake message" \ -C "error" +# We use --insecure for the GnuTLS client because it expects +# the hostname / IP it connects to to be the name used in the +# certificate obtained from the server. Here, however, it +# connects to 127.0.0.1 while our test certificates use 'localhost' +# as the server name in the certificate. This will make the +# certifiate validation fail, but passing --insecure makes +# GnuTLS continue the connection nonetheless. requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C @@ -5549,6 +5556,7 @@ run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \ 0 \ -s "fragmenting handshake message" +# See previous test for the reason to use --insecure requires_config_enabled MBEDTLS_SSL_PROTO_DTLS requires_config_enabled MBEDTLS_RSA_C requires_config_enabled MBEDTLS_ECDSA_C From 3b8b40c16dbfb3df1c33025bd08c6d9bcf15a147 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 10:25:41 +0100 Subject: [PATCH 12/28] ssl-opt.sh: Add function to skip next test --- tests/ssl-opt.sh | 105 +++++++++++++++++++++++++---------------------- 1 file changed, 57 insertions(+), 48 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 01867e1fd..852597d9d 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -142,6 +142,14 @@ get_options() { done } +# Skip next test; use this macro to skip tests which are legitimate +# in theory and expected to be re-introduced at some point, but +# aren't expected to succeed at the moment due to problems outside +# our control (such as bugs in other TLS implementations). +skip_next_test() { + SKIP_NEXT="YES" +} + # skip next test if the flag is not enabled in config.h requires_config_enabled() { if grep "^#define $1" $CONFIG_H > /dev/null; then :; else @@ -5668,38 +5676,39 @@ run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.0" \ ## https://gitlab.com/gnutls/gnutls/issues/543 ## We can re-enable them when a fixed version fo GnuTLS is available ## and installed in our CI system. -## -## requires_gnutls -## requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -## requires_config_enabled MBEDTLS_RSA_C -## requires_config_enabled MBEDTLS_ECDSA_C -## requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -## client_needs_more_time 4 -## run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \ -## -p "$P_PXY drop=8 delay=8 duplicate=8" \ -## "$P_SRV dtls=1 debug_level=2 \ -## crt_file=data_files/server7_int-ca.crt \ -## key_file=data_files/server7.key \ -## hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ -## "$G_CLI -u --insecure 127.0.0.1" \ -## 0 \ -## -s "fragmenting handshake message" -## -## requires_gnutls -## requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -## requires_config_enabled MBEDTLS_RSA_C -## requires_config_enabled MBEDTLS_ECDSA_C -## requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 -## client_needs_more_time 4 -## run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.0" \ -## -p "$P_PXY drop=8 delay=8 duplicate=8" \ -## "$P_SRV dtls=1 debug_level=2 \ -## crt_file=data_files/server7_int-ca.crt \ -## key_file=data_files/server7.key \ -## hs_timeout=250-60000 mtu=512 force_version=dtls1" \ -## "$G_CLI -u --insecure 127.0.0.1" \ -## 0 \ -## -s "fragmenting handshake message" +skip_next_test +requires_gnutls +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +client_needs_more_time 4 +run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \ + -p "$P_PXY drop=8 delay=8 duplicate=8" \ + "$P_SRV dtls=1 debug_level=2 \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ + "$G_CLI -u --insecure 127.0.0.1" \ + 0 \ + -s "fragmenting handshake message" + +skip_next_test +requires_gnutls +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1 +client_needs_more_time 4 +run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.0" \ + -p "$P_PXY drop=8 delay=8 duplicate=8" \ + "$P_SRV dtls=1 debug_level=2 \ + crt_file=data_files/server7_int-ca.crt \ + key_file=data_files/server7.key \ + hs_timeout=250-60000 mtu=512 force_version=dtls1" \ + "$G_CLI -u --insecure 127.0.0.1" \ + 0 \ + -s "fragmenting handshake message" ## Interop test with OpenSSL might triger a bug in recent versions (that ## probably won't be fixed before 1.1.1X), so we use an old version that @@ -5708,22 +5717,22 @@ run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.0" \ ## Bug report: https://github.com/openssl/openssl/issues/6902 ## They should be re-enabled (and the DTLS 1.0 switched back to a non-legacy ## version of OpenSSL once a fixed version of OpenSSL is available) -## -## requires_config_enabled MBEDTLS_SSL_PROTO_DTLS -## requires_config_enabled MBEDTLS_RSA_C -## requires_config_enabled MBEDTLS_ECDSA_C -## requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 -## client_needs_more_time 4 -## run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \ -## -p "$P_PXY drop=8 delay=8 duplicate=8" \ -## "$O_SRV -dtls1_2 -verify 10" \ -## "$P_CLI dtls=1 debug_level=2 \ -## crt_file=data_files/server8_int-ca2.crt \ -## key_file=data_files/server8.key \ -## hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ -## 0 \ -## -c "fragmenting handshake message" \ -## -C "error" +skip_next_test +requires_config_enabled MBEDTLS_SSL_PROTO_DTLS +requires_config_enabled MBEDTLS_RSA_C +requires_config_enabled MBEDTLS_ECDSA_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +client_needs_more_time 4 +run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \ + -p "$P_PXY drop=8 delay=8 duplicate=8" \ + "$O_SRV -dtls1_2 -verify 10" \ + "$P_CLI dtls=1 debug_level=2 \ + crt_file=data_files/server8_int-ca2.crt \ + key_file=data_files/server8.key \ + hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \ + 0 \ + -c "fragmenting handshake message" \ + -C "error" requires_openssl_legacy requires_config_enabled MBEDTLS_SSL_PROTO_DTLS From b841b4f107aa3368ade353de8845b10858aeaee8 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 10:25:51 +0100 Subject: [PATCH 13/28] ssl-opt.sh: Remove reference to Github issue --- tests/ssl-opt.sh | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 852597d9d..17629b41f 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5289,9 +5289,8 @@ run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio" \ -c "found fragmented DTLS handshake message" \ -C "error" -# This ensures things still work after session_reset(), -# for example it would have caught #1941. -# It also exercises the "resumed hanshake" flow. +# This ensures things still work after session_reset(). +# It also exercises the "resumed handshake" flow. # Since we don't support reading fragmented ClientHello yet, # up the MTU to 1450 (larger than ClientHello with session ticket, # but still smaller than client's Certificate to ensure fragmentation). From 0207e533b21776e304c99b6bb9e2a2826cf2d421 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 10:28:28 +0100 Subject: [PATCH 14/28] Style: Correct typo in ssl-tls.c --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 38d9d0296..c123c7a32 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3280,7 +3280,7 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_PROTO_DTLS */ - /* Update running hashes of hanshake messages seen */ + /* Update running hashes of handshake messages seen */ if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST ) ssl->handshake->update_checksum( ssl, ssl->out_msg, ssl->out_msglen ); } From eefe084f7299959b5138a80709aa1dc6f05f4885 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 10:29:17 +0100 Subject: [PATCH 15/28] Style: Spell out PMTU in ssl.h --- include/mbedtls/ssl.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 91101cd28..83849a564 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1409,8 +1409,9 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, * encapsulation and encryption/authentication if any. * * \note This can be called at any point during the connection, for - * example when a PMTU estimate becomes available from other - * sources, such as lower (or higher) protocol layers. + * example when a Path Maximum Transfer Unit (PMTU) + * estimate becomes available from other sources, + * such as lower (or higher) protocol layers. * * \note This setting only controls the size of the packets we send, * and does not restrict the size of the datagrams we're From 41038108e93f1176e7e62a67059e6dd816e484ac Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 11:15:32 +0100 Subject: [PATCH 16/28] Style: Correct indentation in UDP proxy code --- programs/test/udp_proxy.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 46f7035b9..0165d3f6a 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -152,10 +152,10 @@ static struct options int delay; /* delay 1 packet in N (none if 0) */ int delay_ccs; /* delay ChangeCipherSpec */ char* delay_cli[MAX_DELAYED_HS]; /* handshake types of messages from - * client that should be delayed. */ + * client that should be delayed. */ uint8_t delay_cli_cnt; /* Number of entries in delay_cli. */ char* delay_srv[MAX_DELAYED_HS]; /* handshake types of messages from - * server that should be delayed. */ + * server that should be delayed. */ uint8_t delay_srv_cnt; /* Number of entries in delay_srv. */ int drop; /* drop 1 packet in N (none if 0) */ int mtu; /* drop packets larger than this */ From e604556febc8dd666f34e200b7ebc22061bfc6ce Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 11:24:55 +0100 Subject: [PATCH 17/28] ssl-opt.sh: Don't hardcode varname in requires_config_value_xxx() --- tests/ssl-opt.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 17629b41f..86bede893 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -166,7 +166,7 @@ requires_config_disabled() { requires_config_value_at_least() { NAME="$1" - DEF_VAL=$( grep ".*#define.*MBEDTLS_SSL_DTLS_MAX_BUFFERING" ../include/mbedtls/config.h | + DEF_VAL=$( grep ".*#define.*${NAME}" ../include/mbedtls/config.h | sed 's/^.*\s\([0-9]*\)$/\1/' ) VAL=$( ../scripts/config.pl get $NAME || echo "$DEF_VAL" ) if [ "$VAL" -lt "$2" ]; then @@ -176,7 +176,7 @@ requires_config_value_at_least() { requires_config_value_at_most() { NAME="$1" - DEF_VAL=$( grep ".*#define.*MBEDTLS_SSL_DTLS_MAX_BUFFERING" ../include/mbedtls/config.h | + DEF_VAL=$( grep ".*#define.*${NAME}" ../include/mbedtls/config.h | sed 's/^.*\s\([0-9]*\)$/\1/' ) VAL=$( ../scripts/config.pl get $NAME || echo "$DEF_VAL" ) if [ "$VAL" -gt "$2" ]; then From 02f6f5af2641ff1d1505fa3f3626583d0e08bfe5 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 12:54:27 +0100 Subject: [PATCH 18/28] Adapt ChangeLog Make explicit that buffering support is about DTLS. --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index a97bfaa89..b9b873be8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -12,7 +12,7 @@ Features last paragraph). * Add support for packing multiple records within a single datagram, enabled by default. - * Add support for buffering out-of-order handshake messages. + * Add support for buffering out-of-order handshake messages in DTLS. The maximum amount of RAM used for this can be controlled by the compile-time constant MBEDTLS_SSL_DTLS_MAX_BUFFERING defined in mbedtls/config.h. From 97a1c134b232b9a2145c1e1482548a6808f370c2 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 14:42:15 +0100 Subject: [PATCH 19/28] Correct typo in documentation of MBEDTLS_SSL_DTLS_MAX_BUFFERING --- include/mbedtls/config.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 70770de43..052aed0d3 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3015,11 +3015,11 @@ * Maximum number of heap-allocated bytes for the purpose of * DTLS handshake message reassembly and future message buffering. * - * This should be at least 9/8 * MBEDTLSSL_MAX_IN_CONTENT_LEN + * This should be at least 9/8 * MBEDTLSSL_IN_CONTENT_LEN * to account for a reassembled handshake message of maximum size, * together with its reassembly bitmap. * - * A value of 2 * MBEDTLS_SSL_MAX_IN_CONTENT_LEN (32768 by default) + * A value of 2 * MBEDTLS_SSL_IN_CONTENT_LEN (32768 by default) * should be sufficient for all practical situations as it allows * to reassembly a large handshake message (such as a certificate) * while buffering multiple smaller handshake messages. From dc1e95017048dbd2a5a242632ce6fa48e6dbb47f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 16:02:33 +0100 Subject: [PATCH 20/28] DTLS reordering: Add test for buffering a proper fragment This commit adds a test to ssl-opt.sh which exercises the behavior of the library in the situation where a single proper fragment of a future handshake message is received prior to the next expected handshake message (concretely, the client receives the first fragment of the server's Certificate message prior to the server's ServerHello). --- tests/ssl-opt.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 86bede893..7ea924567 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5920,6 +5920,22 @@ run_test "DTLS reordering: Buffer out-of-order handshake message on client" \ -S "Inject buffered CCS message" \ -S "Remember CCS message" +run_test "DTLS reordering: Buffer out-of-order handshake message fragment on client" \ + -p "$P_PXY delay_srv=ServerHello" \ + "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2" \ + "$P_CLI dgram_packing=0 dtls=1 debug_level=2" \ + 0 \ + -c "Buffering HS message" \ + -c "found fragmented DTLS handshake message"\ + -c "Next handshake message 1 not or only partially bufffered" \ + -c "Next handshake message has been buffered - load"\ + -S "Buffering HS message" \ + -S "Next handshake message has been buffered - load"\ + -C "Inject buffered CCS message" \ + -C "Remember CCS message" \ + -S "Inject buffered CCS message" \ + -S "Remember CCS message" + # The client buffers the ServerKeyExchange before receiving the fragmented # Certificate message; at the time of writing, together these are aroudn 1200b # in size, so that the bound below ensures that the certificate can be reassembled From 7c48dd11dbee505e8bab82b2d5941cd3c190243e Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 16:09:22 +0100 Subject: [PATCH 21/28] ssl-opt.sh: Add function extracting val or default val from config.h --- tests/ssl-opt.sh | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 7ea924567..b0ee3d47e 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -164,21 +164,22 @@ requires_config_disabled() { fi } -requires_config_value_at_least() { +get_config_value_or_default() { NAME="$1" DEF_VAL=$( grep ".*#define.*${NAME}" ../include/mbedtls/config.h | sed 's/^.*\s\([0-9]*\)$/\1/' ) - VAL=$( ../scripts/config.pl get $NAME || echo "$DEF_VAL" ) + ../scripts/config.pl get $NAME || echo "$DEF_VAL" +} + +requires_config_value_at_least() { + VAL=$( get_config_value_or_default "$1" ) if [ "$VAL" -lt "$2" ]; then SKIP_NEXT="YES" fi } requires_config_value_at_most() { - NAME="$1" - DEF_VAL=$( grep ".*#define.*${NAME}" ../include/mbedtls/config.h | - sed 's/^.*\s\([0-9]*\)$/\1/' ) - VAL=$( ../scripts/config.pl get $NAME || echo "$DEF_VAL" ) + VAL=$( get_config_value_or_default "$1" ) if [ "$VAL" -gt "$2" ]; then SKIP_NEXT="YES" fi From c573ac33dd2c74e706b80d05a665e3f7d18e035c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 17:15:25 +0100 Subject: [PATCH 22/28] Fix typos in debug message and comment in ssl-tls.c --- library/ssl_tls.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index c123c7a32..7386fdd6e 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4331,7 +4331,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, if( ret != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, ( "mbedtls_ssl_read_record_layer" ), ret ); + MBEDTLS_SSL_DEBUG_RET( 1, ( "ssl_get_next_record" ), ret ); return( ret ); } } @@ -7725,7 +7725,7 @@ int mbedtls_ssl_check_pending( const mbedtls_ssl_context *ssl ) /* * In all other cases, the rest of the message can be dropped. - * As in ssl_read_record_layer, this needs to be adapted if + * As in ssl_get_next_record, this needs to be adapted if * we implement support for multiple alerts in single records. */ From ef7afdfa5a8c0bd95d38091a722e826f9e35997c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 17:16:31 +0100 Subject: [PATCH 23/28] Rename another_record_in_datagram to next_record_is_in_datagram --- library/ssl_tls.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 7386fdd6e..f7663c700 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -118,7 +118,7 @@ static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ); static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ); static int ssl_buffer_message( mbedtls_ssl_context *ssl ); static int ssl_buffer_future_record( mbedtls_ssl_context *ssl ); -static int ssl_another_record_in_datagram( mbedtls_ssl_context *ssl ); +static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ); static size_t ssl_get_current_mtu( const mbedtls_ssl_context *ssl ); static size_t ssl_get_maximum_datagram_size( mbedtls_ssl_context const *ssl ) @@ -4316,7 +4316,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, /* We only check for buffered messages if the * current datagram is fully consumed. */ if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - ssl_another_record_in_datagram( ssl ) == 0 ) + ssl_next_record_is_in_datagram( ssl ) == 0 ) { if( ssl_load_buffered_message( ssl ) == 0 ) have_buffered = 1; @@ -4378,7 +4378,7 @@ int mbedtls_ssl_read_record( mbedtls_ssl_context *ssl, } #if defined(MBEDTLS_SSL_PROTO_DTLS) -static int ssl_another_record_in_datagram( mbedtls_ssl_context *ssl ) +static int ssl_next_record_is_in_datagram( mbedtls_ssl_context *ssl ) { if( ssl->in_left > ssl->next_record_offset ) return( 1 ); @@ -4853,7 +4853,7 @@ static int ssl_load_buffered_record( mbedtls_ssl_context *ssl ) /* Only consider loading future records if the * input buffer is empty. */ - if( ssl_another_record_in_datagram( ssl ) == 1 ) + if( ssl_next_record_is_in_datagram( ssl ) == 1 ) return( 0 ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> ssl_load_buffered_record" ) ); From 39b8bc9aef62d3672203b6edd0ea7ecaef7ffbed Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 17:17:13 +0100 Subject: [PATCH 24/28] Change wording of debug message --- library/ssl_tls.c | 2 +- tests/ssl-opt.sh | 28 ++++++++++++++-------------- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index f7663c700..6fa32418f 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4409,7 +4409,7 @@ static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ) goto exit; } - MBEDTLS_SSL_DEBUG_MSG( 2, ( "Inject buffered CCS message" ) ); + MBEDTLS_SSL_DEBUG_MSG( 2, ( "Injecting buffered CCS message" ) ); ssl->in_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC; ssl->in_msglen = 1; ssl->in_msg[0] = 1; diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index b0ee3d47e..3575429df 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5916,9 +5916,9 @@ run_test "DTLS reordering: Buffer out-of-order handshake message on client" \ -c "Next handshake message has been buffered - load"\ -S "Buffering HS message" \ -S "Next handshake message has been buffered - load"\ - -C "Inject buffered CCS message" \ + -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ - -S "Inject buffered CCS message" \ + -S "Injecting buffered CCS message" \ -S "Remember CCS message" run_test "DTLS reordering: Buffer out-of-order handshake message fragment on client" \ @@ -5932,9 +5932,9 @@ run_test "DTLS reordering: Buffer out-of-order handshake message fragment on -c "Next handshake message has been buffered - load"\ -S "Buffering HS message" \ -S "Next handshake message has been buffered - load"\ - -C "Inject buffered CCS message" \ + -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ - -S "Inject buffered CCS message" \ + -S "Injecting buffered CCS message" \ -S "Remember CCS message" # The client buffers the ServerKeyExchange before receiving the fragmented @@ -5952,9 +5952,9 @@ run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling nex -C "attempt to make space by freeing buffered messages" \ -S "Buffering HS message" \ -S "Next handshake message has been buffered - load"\ - -C "Inject buffered CCS message" \ + -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ - -S "Inject buffered CCS message" \ + -S "Injecting buffered CCS message" \ -S "Remember CCS message" # The size constraints ensure that the delayed certificate message can't @@ -5972,9 +5972,9 @@ run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling nex -c "Enough space available after freeing buffered HS messages" \ -S "Buffering HS message" \ -S "Next handshake message has been buffered - load"\ - -C "Inject buffered CCS message" \ + -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ - -S "Inject buffered CCS message" \ + -S "Injecting buffered CCS message" \ -S "Remember CCS message" run_test "DTLS reordering: Buffer out-of-order handshake message on server" \ @@ -5986,9 +5986,9 @@ run_test "DTLS reordering: Buffer out-of-order handshake message on server" \ -C "Next handshake message has been buffered - load"\ -s "Buffering HS message" \ -s "Next handshake message has been buffered - load" \ - -C "Inject buffered CCS message" \ + -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ - -S "Inject buffered CCS message" \ + -S "Injecting buffered CCS message" \ -S "Remember CCS message" run_test "DTLS reordering: Buffer out-of-order CCS message on client"\ @@ -6000,9 +6000,9 @@ run_test "DTLS reordering: Buffer out-of-order CCS message on client"\ -C "Next handshake message has been buffered - load"\ -S "Buffering HS message" \ -S "Next handshake message has been buffered - load" \ - -c "Inject buffered CCS message" \ + -c "Injecting buffered CCS message" \ -c "Remember CCS message" \ - -S "Inject buffered CCS message" \ + -S "Injecting buffered CCS message" \ -S "Remember CCS message" run_test "DTLS reordering: Buffer out-of-order CCS message on server"\ @@ -6014,9 +6014,9 @@ run_test "DTLS reordering: Buffer out-of-order CCS message on server"\ -C "Next handshake message has been buffered - load"\ -S "Buffering HS message" \ -S "Next handshake message has been buffered - load" \ - -C "Inject buffered CCS message" \ + -C "Injecting buffered CCS message" \ -C "Remember CCS message" \ - -s "Inject buffered CCS message" \ + -s "Injecting buffered CCS message" \ -s "Remember CCS message" run_test "DTLS reordering: Buffer encrypted Finished message" \ From cd9dcda0a0f47b556d0d0e6796cd97d49dfe1bca Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 17:18:56 +0100 Subject: [PATCH 25/28] Add const qualifier to handshake header reading functions --- library/ssl_tls.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 6fa32418f..15e4aa6bc 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -55,7 +55,7 @@ #endif static void ssl_reset_in_out_pointers( mbedtls_ssl_context *ssl ); -static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context *ssl ); +static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl ); /* Length of the "epoch" field in the record header */ static inline size_t ssl_ep_len( const mbedtls_ssl_context *ssl ) @@ -3481,21 +3481,21 @@ static int ssl_hs_is_proper_fragment( mbedtls_ssl_context *ssl ) return( 0 ); } -static uint32_t ssl_get_hs_frag_len( mbedtls_ssl_context *ssl ) +static uint32_t ssl_get_hs_frag_len( mbedtls_ssl_context const *ssl ) { return( ( ssl->in_msg[9] << 16 ) | ( ssl->in_msg[10] << 8 ) | ssl->in_msg[11] ); } -static uint32_t ssl_get_hs_frag_off( mbedtls_ssl_context *ssl ) +static uint32_t ssl_get_hs_frag_off( mbedtls_ssl_context const *ssl ) { return( ( ssl->in_msg[6] << 16 ) | ( ssl->in_msg[7] << 8 ) | ssl->in_msg[8] ); } -static int ssl_check_hs_header( mbedtls_ssl_context *ssl ) +static int ssl_check_hs_header( mbedtls_ssl_context const *ssl ) { uint32_t msg_len, frag_off, frag_len; @@ -3593,7 +3593,7 @@ static size_t ssl_get_reassembly_buffer_size( size_t msg_len, #endif /* MBEDTLS_SSL_PROTO_DTLS */ -static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context *ssl ) +static uint32_t ssl_get_hs_total_len( mbedtls_ssl_context const *ssl ) { return( ( ssl->in_msg[1] << 16 ) | ( ssl->in_msg[2] << 8 ) | From 83ab41c665611fbb75e08b521f6fcae0aaf37101 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 17:19:38 +0100 Subject: [PATCH 26/28] Correct typo in comment --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 15e4aa6bc..125f6bca9 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -3672,7 +3672,7 @@ int mbedtls_ssl_prepare_handshake_record( mbedtls_ssl_context *ssl ) /* Message reassembly is handled alongside buffering of future * messages; the commonality is that both handshake fragments and - * future messages cannot be forwarded immediately to the handshake + * future messages cannot be forwarded immediately to the * handshake logic layer. */ if( ssl_hs_is_proper_fragment( ssl ) == 1 ) { From a591c48302977592b4c31148c36ec5c51cfb8a55 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 17:20:00 +0100 Subject: [PATCH 27/28] Correct typo in debug message --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 125f6bca9..1354442f1 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4433,7 +4433,7 @@ static int ssl_load_buffered_message( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 2, ( "Future message with sequence number %u %s buffered.", hs->in_msg_seq + offset, - hs_buf->is_complete ? "fully" : "partitially" ) ); + hs_buf->is_complete ? "fully" : "partially" ) ); } } } From f34a4c176c19f68d2dd2e3513e9805bd0433f53c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 28 Aug 2018 17:22:26 +0100 Subject: [PATCH 28/28] UDP proxy: Correct debug output for delay_srv option --- programs/test/udp_proxy.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/test/udp_proxy.c b/programs/test/udp_proxy.c index 0165d3f6a..41739d057 100644 --- a/programs/test/udp_proxy.c +++ b/programs/test/udp_proxy.c @@ -249,8 +249,8 @@ static void get_options( int argc, char *argv[] ) if( *delay_cnt == MAX_DELAYED_HS ) { - mbedtls_printf( " maximally %d uses of delay_cli argument allowed\n", - MAX_DELAYED_HS ); + mbedtls_printf( " too many uses of %s: only %d allowed\n", + p, MAX_DELAYED_HS ); exit_usage( p, NULL ); }