Fix "Not enough space to hold server hello message" error message

This patch merges the Ssl::ClientBio and Ssl::ServerBio read buffering code
to the Ssl::Bio::readAndBuffer method and uses the MemBuf::potentialSpaceSize
instead of MemBuf::spaceSize to check space size for SSL hello messages buffer,
to take in account available space after a possible buffer grow.

This is a Measurement Factory project

diff --git a/src/ssl/bio.cc b/src/ssl/bio.cc
index 564229e0a3654b85d08d709684e70f7823f92354..b107f2a95cebedf630b809ba2345361e5e325322 100644 (file)
--- a/src/ssl/bio.cc
+++ b/src/ssl/bio.cc
@@ -130,6 +130,28 @@ Ssl::Bio::read(char *buf, int size, BIO *table)
     return result;
 }
 
+int
+Ssl::Bio::readAndBuffer(char *buf, int size, BIO *table, const char *description)
+{
+    prepReadBuf();
+
+    size = min((int)rbuf.potentialSpaceSize(), size);
+    if (size <= 0) {
+        debugs(83, DBG_IMPORTANT, "Not enough space to hold " <<
+               rbuf.contentSize() << "+ byte " << description);
+        return -1;
+    }
+
+    const int bytes = Ssl::Bio::read(buf, size, table);
+    debugs(83, 5, "read " << bytes << " out of " << size << " bytes"); // move to Ssl::Bio::read()
+
+    if (bytes > 0) {
+        rbuf.append(buf, bytes);
+        debugs(83, 5, "recorded " << bytes << " bytes of " << description);
+    }
+    return bytes;
+}
+
 /// Called whenever the SSL connection state changes, an alert appears, or an
 /// error occurs. See SSL_set_info_callback().
 void
@@ -203,20 +225,9 @@ int
 Ssl::ClientBio::read(char *buf, int size, BIO *table)
 {
     if (helloState < atHelloReceived) {
-        prepReadBuf();
-
-        size = rbuf.spaceSize() > size ? size : rbuf.spaceSize();
-
-        if (!size) {
-            debugs(83, DBG_IMPORTANT, "Not enough space to hold client SSL hello message");
-            return -1;
-        }
-
-        int bytes = Ssl::Bio::read(buf, size, table);
+        int bytes = readAndBuffer(buf, size, table, "TLS client Hello");
         if (bytes <= 0)
             return bytes;
-        rbuf.append(buf, bytes);
-        debugs(83, 7, "rbuf size: " << rbuf.contentSize());
     }
 
     if (helloState == atHelloNone) {
@@ -279,21 +290,8 @@ Ssl::ServerBio::setClientFeatures(const Ssl::Bio::sslFeatures &features)
 int
 Ssl::ServerBio::read(char *buf, int size, BIO *table)
 {
-    int bytes = Ssl::Bio::read(buf, size, table);
-
-    if (bytes > 0 && record_) {
-        prepReadBuf();
-
-        if (rbuf.spaceSize() < bytes) {
-            debugs(83, DBG_IMPORTANT, "Not enough space to hold server hello message");
-            return -1;
-        }
-
-        rbuf.append(buf, bytes);
-        debugs(83, 5, "Record is enabled store " << bytes << " bytes");
-    }
-    debugs(83, 5, "Read " << bytes << " from " << size << " bytes");
-    return bytes;
+    return record_ ?
+           readAndBuffer(buf, size, table, "TLS server Hello") : Ssl::Bio::read(buf, size, table);
 }
 
 // This function makes the required checks to examine if the client hello

diff --git a/src/ssl/bio.h b/src/ssl/bio.h
index b6c14e6cddb1ba065cd5d4a7e78c4e051c1eb152..372411dc240bc2c9133762c2b899b327331e8aed 100644 (file)
--- a/src/ssl/bio.h
+++ b/src/ssl/bio.h
@@ -113,6 +113,9 @@ public:
     /// Prepare the rbuf buffer to accept hello data
     void prepReadBuf();
 
+    /// Reads data from socket and record them to a buffer
+    int readAndBuffer(char *buf, int size, BIO *table, const char *description);
+
     const MemBuf &rBufData() {return rbuf;}
 protected:
     const int fd_; ///< the SSL socket we are reading and writing