yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-22 22:55:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix mbedtls_ssl_read

Browse Source 
Don't fetch a new record in mbedtls_ssl_read_record_layer as long as
an application data record is being processed.
This commit is contained in:
Hanno Becker 2017-06-08 15:56:50 +01:00
parent 10699cc96c
commit d37839e3fa
2 changed files with 63 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
library/ssl_cli.c
View File

@ -1195,6 +1195,8 @@ static int ssl_parse_server_hello( ssl_context *ssl )
} }
SSL_DEBUG_MSG( 1, ( "non-handshake message during renego" ) ); SSL_DEBUG_MSG( 1, ( "non-handshake message during renego" ) );
ssl->keep_current_message = 1;
return( POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO ); return( POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO );
} }
#endif /* POLARSSL_SSL_RENEGOTIATION */ #endif /* POLARSSL_SSL_RENEGOTIATION */

112
library/ssl_tls.c
View File

@ -2178,47 +2178,67 @@ int ssl_read_record( ssl_context *ssl )
return( 0 ); return( 0 );
} }
if( ssl->in_hslen != 0 && if( ssl->in_hslen != 0 )
ssl->in_hslen < ssl->in_msglen )
{ {
/* /*
* Get next Handshake message in the current record * Get next Handshake message in the current record
*/ */
ssl->in_msglen -= ssl->in_hslen;
memmove( ssl->in_msg, ssl->in_msg + ssl->in_hslen, if( ssl->in_hslen < ssl->in_msglen )
ssl->in_msglen );
ssl->in_hslen = 4;
ssl->in_hslen += ( ssl->in_msg[2] << 8 ) | ssl->in_msg[3];
SSL_DEBUG_MSG( 3, ( "handshake message: msglen ="
" %d, type = %d, hslen = %d",
ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) );
if( ssl->in_msglen < 4 || ssl->in_msg[1] != 0 )
{ {
SSL_DEBUG_MSG( 1, ( "bad handshake length" ) ); ssl->in_msglen -= ssl->in_hslen;
return( POLARSSL_ERR_SSL_INVALID_RECORD ); memmove( ssl->in_msg, ssl->in_msg + ssl->in_hslen,
ssl->in_msglen );
ssl->in_hslen = 4;
ssl->in_hslen += ( ssl->in_msg[2] << 8 ) | ssl->in_msg[3];
SSL_DEBUG_MSG( 3, ( "handshake message: msglen ="
" %d, type = %d, hslen = %d",
ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) );
if( ssl->in_msglen < 4 || ssl->in_msg[1] != 0 )
{
SSL_DEBUG_MSG( 1, ( "bad handshake length" ) );
return( POLARSSL_ERR_SSL_INVALID_RECORD );
}
if( ssl->in_msglen < ssl->in_hslen )
{
SSL_DEBUG_MSG( 1, ( "bad handshake length" ) );
return( POLARSSL_ERR_SSL_INVALID_RECORD );
}
if( ssl->state != SSL_HANDSHAKE_OVER )
ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen );
return( 0 );
} }
if( ssl->in_msglen < ssl->in_hslen ) ssl->in_msglen = 0;
{ ssl->in_hslen = 0;
SSL_DEBUG_MSG( 1, ( "bad handshake length" ) ); }
return( POLARSSL_ERR_SSL_INVALID_RECORD ); else if( ssl->in_offt != NULL )
} {
return( 0 );
}
else
{
ssl->in_msglen = 0;
}
if( ssl->state != SSL_HANDSHAKE_OVER ) /*
ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen ); * Fetch and decode new record if current one is fully consumed.
*/
if( ssl->in_msglen > 0 )
{
/* There's something left to be processed in the current record. */
return( 0 ); return( 0 );
} }
ssl->in_hslen = 0; /* Need to fetch a new record */
/*
* Read the record header and validate it
*/
read_record_header: read_record_header:
if( ( ret = ssl_fetch_input( ssl, 5 ) ) != 0 ) if( ( ret = ssl_fetch_input( ssl, 5 ) ) != 0 )
{ {
@ -4651,13 +4671,15 @@ static int ssl_check_ctr_renegotiate( ssl_context *ssl )
*/ */
int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len ) int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len )
{ {
int ret, record_read = 0; int ret;
size_t n; size_t n;
SSL_DEBUG_MSG( 2, ( "=> read" ) ); SSL_DEBUG_MSG( 2, ( "=> read" ) );
#if defined(POLARSSL_SSL_RENEGOTIATION) #if defined(POLARSSL_SSL_RENEGOTIATION)
if( ( ret = ssl_check_ctr_renegotiate( ssl ) ) != 0 ) ret = ssl_check_ctr_renegotiate( ssl );
if( ret != POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO &&
ret != 0 )
{ {
SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret ); SSL_DEBUG_RET( 1, "ssl_check_ctr_renegotiate", ret );
return( ret ); return( ret );
@ -4667,11 +4689,8 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len )
if( ssl->state != SSL_HANDSHAKE_OVER ) if( ssl->state != SSL_HANDSHAKE_OVER )
{ {
ret = ssl_handshake( ssl ); ret = ssl_handshake( ssl );
if( ret == POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO ) if( ret != POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO &&
{ ret != 0 )
record_read = 1;
}
else if( ret != 0 )
{ {
SSL_DEBUG_RET( 1, "ssl_handshake", ret ); SSL_DEBUG_RET( 1, "ssl_handshake", ret );
return( ret ); return( ret );
@ -4680,16 +4699,13 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len )
if( ssl->in_offt == NULL ) if( ssl->in_offt == NULL )
{ {
if( ! record_read ) if( ( ret = ssl_read_record( ssl ) ) != 0 )
{ {
if( ( ret = ssl_read_record( ssl ) ) != 0 ) if( ret == POLARSSL_ERR_SSL_CONN_EOF )
{ return( 0 );
if( ret == POLARSSL_ERR_SSL_CONN_EOF )
return( 0 );
SSL_DEBUG_RET( 1, "ssl_read_record", ret ); SSL_DEBUG_RET( 1, "ssl_read_record", ret );
return( ret ); return( ret );
}
} }
if( ssl->in_msglen == 0 && if( ssl->in_msglen == 0 &&
@ -4763,21 +4779,15 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len )
else else
{ {
ret = ssl_start_renegotiation( ssl ); ret = ssl_start_renegotiation( ssl );
if( ret == POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO ) if( ret != POLARSSL_ERR_SSL_WAITING_SERVER_HELLO_RENEGO &&
{ ret != 0 )
record_read = 1;
}
else if( ret != 0 )
{ {
SSL_DEBUG_RET( 1, "ssl_start_renegotiation", ret ); SSL_DEBUG_RET( 1, "ssl_start_renegotiation", ret );
return( ret ); return( ret );
} }
} }
/* If a non-handshake record was read during renego, fallthrough, return( POLARSSL_ERR_NET_WANT_READ );
* else tell the user they should call ssl_read() again */
if( ! record_read )
return( POLARSSL_ERR_NET_WANT_READ );
} }
else if( ssl->renegotiation == SSL_RENEGOTIATION_PENDING ) else if( ssl->renegotiation == SSL_RENEGOTIATION_PENDING )
{ {