xref: /netbsd-src/crypto/external/bsd/openssl.old/dist/ssl/record/ssl3_buffer.c (revision 4724848cf0da353df257f730694b7882798e5daf) 
1 /*
2  * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the OpenSSL license (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include "../ssl_local.h"
11 #include "record_local.h"
12 
SSL3_BUFFER_set_data(SSL3_BUFFER * b,const unsigned char * d,size_t n)13 void SSL3_BUFFER_set_data(SSL3_BUFFER *b, const unsigned char *d, size_t n)
14 {
15     if (d != NULL)
16         memcpy(b->buf, d, n);
17     b->left = n;
18     b->offset = 0;
19 }
20 
21 /*
22  * Clear the contents of an SSL3_BUFFER but retain any memory allocated. Also
23  * retains the default_len setting
24  */
SSL3_BUFFER_clear(SSL3_BUFFER * b)25 void SSL3_BUFFER_clear(SSL3_BUFFER *b)
26 {
27     b->offset = 0;
28     b->left = 0;
29 }
30 
SSL3_BUFFER_release(SSL3_BUFFER * b)31 void SSL3_BUFFER_release(SSL3_BUFFER *b)
32 {
33     OPENSSL_free(b->buf);
34     b->buf = NULL;
35 }
36 
ssl3_setup_read_buffer(SSL * s)37 int ssl3_setup_read_buffer(SSL *s)
38 {
39     unsigned char *p;
40     size_t len, align = 0, headerlen;
41     SSL3_BUFFER *b;
42 
43     b = RECORD_LAYER_get_rbuf(&s->rlayer);
44 
45     if (SSL_IS_DTLS(s))
46         headerlen = DTLS1_RT_HEADER_LENGTH;
47     else
48         headerlen = SSL3_RT_HEADER_LENGTH;
49 
50 #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
51     align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
52 #endif
53 
54     if (b->buf == NULL) {
55         len = SSL3_RT_MAX_PLAIN_LENGTH
56             + SSL3_RT_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
57 #ifndef OPENSSL_NO_COMP
58         if (ssl_allow_compression(s))
59             len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
60 #endif
61         if (b->default_len > len)
62             len = b->default_len;
63         if ((p = OPENSSL_malloc(len)) == NULL) {
64             /*
65              * We've got a malloc failure, and we're still initialising buffers.
66              * We assume we're so doomed that we won't even be able to send an
67              * alert.
68              */
69             SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_SSL3_SETUP_READ_BUFFER,
70                      ERR_R_MALLOC_FAILURE);
71             return 0;
72         }
73         b->buf = p;
74         b->len = len;
75     }
76 
77     return 1;
78 }
79 
ssl3_setup_write_buffer(SSL * s,size_t numwpipes,size_t len)80 int ssl3_setup_write_buffer(SSL *s, size_t numwpipes, size_t len)
81 {
82     unsigned char *p;
83     size_t align = 0, headerlen;
84     SSL3_BUFFER *wb;
85     size_t currpipe;
86 
87     s->rlayer.numwpipes = numwpipes;
88 
89     if (len == 0) {
90         if (SSL_IS_DTLS(s))
91             headerlen = DTLS1_RT_HEADER_LENGTH + 1;
92         else
93             headerlen = SSL3_RT_HEADER_LENGTH;
94 
95 #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
96         align = SSL3_ALIGN_PAYLOAD - 1;
97 #endif
98 
99         len = ssl_get_max_send_fragment(s)
100             + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + headerlen + align
101             + SSL_RT_MAX_CIPHER_BLOCK_SIZE /* Explicit IV allowance */;
102 #ifndef OPENSSL_NO_COMP
103         if (ssl_allow_compression(s))
104             len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
105 #endif
106         /*
107          * We don't need to add an allowance for eivlen here since empty
108          * fragments only occur when we don't have an explicit IV
109          */
110         if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
111             len += headerlen + align + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
112     }
113 
114     wb = RECORD_LAYER_get_wbuf(&s->rlayer);
115     for (currpipe = 0; currpipe < numwpipes; currpipe++) {
116         SSL3_BUFFER *thiswb = &wb[currpipe];
117 
118         if (thiswb->buf != NULL && thiswb->len != len) {
119             OPENSSL_free(thiswb->buf);
120             thiswb->buf = NULL;         /* force reallocation */
121         }
122 
123         if (thiswb->buf == NULL) {
124             p = OPENSSL_malloc(len);
125             if (p == NULL) {
126                 s->rlayer.numwpipes = currpipe;
127                 /*
128                  * We've got a malloc failure, and we're still initialising
129                  * buffers. We assume we're so doomed that we won't even be able
130                  * to send an alert.
131                  */
132                 SSLfatal(s, SSL_AD_NO_ALERT,
133                          SSL_F_SSL3_SETUP_WRITE_BUFFER, ERR_R_MALLOC_FAILURE);
134                 return 0;
135             }
136             memset(thiswb, 0, sizeof(SSL3_BUFFER));
137             thiswb->buf = p;
138             thiswb->len = len;
139         }
140     }
141 
142     return 1;
143 }
144 
ssl3_setup_buffers(SSL * s)145 int ssl3_setup_buffers(SSL *s)
146 {
147     if (!ssl3_setup_read_buffer(s)) {
148         /* SSLfatal() already called */
149         return 0;
150     }
151     if (!ssl3_setup_write_buffer(s, 1, 0)) {
152         /* SSLfatal() already called */
153         return 0;
154     }
155     return 1;
156 }
157 
ssl3_release_write_buffer(SSL * s)158 int ssl3_release_write_buffer(SSL *s)
159 {
160     SSL3_BUFFER *wb;
161     size_t pipes;
162 
163     pipes = s->rlayer.numwpipes;
164     while (pipes > 0) {
165         wb = &RECORD_LAYER_get_wbuf(&s->rlayer)[pipes - 1];
166 
167         OPENSSL_free(wb->buf);
168         wb->buf = NULL;
169         pipes--;
170     }
171     s->rlayer.numwpipes = 0;
172     return 1;
173 }
174 
ssl3_release_read_buffer(SSL * s)175 int ssl3_release_read_buffer(SSL *s)
176 {
177     SSL3_BUFFER *b;
178 
179     b = RECORD_LAYER_get_rbuf(&s->rlayer);
180     OPENSSL_free(b->buf);
181     b->buf = NULL;
182     return 1;
183 }
184