SSL3_BUFFER *wb;
/*
- * We just use the application buffer directly, and don't use any WPACKET
+ * We just use the application buffer directly and don't use any WPACKET
* structures
*/
wb = &bufs[0];
/*
* ktls doesn't modify the buffer, but to avoid a warning we need
* to discard the const qualifier.
- * This doesn't leak memory because the buffers have been
- * released when switching to ktls.
+ * This doesn't leak memory because the buffers have never been allocated
+ * with KTLS
*/
SSL3_BUFFER_set_buf(wb, (unsigned char *)templates[0].buf);
SSL3_BUFFER_set_offset(wb, 0);
return 1;
}
+static int ktls_prepare_record_header(OSSL_RECORD_LAYER *rl,
+ WPACKET *thispkt,
+ OSSL_RECORD_TEMPLATE *templ,
+ unsigned int rectype,
+ unsigned char **recdata)
+{
+ /* The kernel writes the record header, so nothing to do */
+ *recdata = NULL;
+
+ return 1;
+}
+
static struct record_functions_st ossl_ktls_funcs = {
ktls_set_crypto_state,
ktls_cipher,
tls_write_records_default,
ktls_allocate_write_buffers,
ktls_initialise_write_packets,
- NULL
+ NULL,
+ ktls_prepare_record_header
};
const OSSL_RECORD_METHOD ossl_ktls_record_method = {
/* Get the actual record type to be used for a given template */
unsigned int (*get_record_type)(OSSL_RECORD_LAYER *rl,
OSSL_RECORD_TEMPLATE *template);
+
+ /* Write the record header data to the WPACKET */
+ int (*prepare_record_header)(OSSL_RECORD_LAYER *rl, WPACKET *thispkt,
+ OSSL_RECORD_TEMPLATE *templ,
+ unsigned int rectype,
+ unsigned char **recdata);
};
struct ossl_record_layer_st
size_t tls_get_max_records_default(OSSL_RECORD_LAYER *rl, int type, size_t len,
size_t maxfrag, size_t *preffrag);
+size_t tls_get_max_records_multiblock(OSSL_RECORD_LAYER *rl, int type,
+ size_t len, size_t maxfrag,
+ size_t *preffrag);
int tls_allocate_write_buffers_default(OSSL_RECORD_LAYER *rl,
OSSL_RECORD_TEMPLATE *templates,
size_t numtempl, size_t *prefix);
WPACKET *pkt,
SSL3_BUFFER *bufs,
size_t *wpinited);
-size_t tls_get_max_records_multiblock(OSSL_RECORD_LAYER *rl, int type,
- size_t len, size_t maxfrag,
- size_t *preffrag);
+int tls_prepare_record_header_default(OSSL_RECORD_LAYER *rl,
+ WPACKET *thispkt,
+ OSSL_RECORD_TEMPLATE *templ,
+ unsigned int rectype,
+ unsigned char **recdata);
int tls_write_records_default(OSSL_RECORD_LAYER *rl,
OSSL_RECORD_TEMPLATE *templates,
size_t numtempl);
/* These 2 functions are defined in tls1_meth.c */
tls1_allocate_write_buffers,
tls1_initialise_write_packets,
- NULL
+ NULL,
+ tls_prepare_record_header_default
};
tls_write_records_default,
tls_allocate_write_buffers_default,
tls_initialise_write_packets_default,
- tls13_get_record_type
+ tls13_get_record_type,
+ tls_prepare_record_header_default
};
tls_write_records_multiblock, /* Defined in tls_multib.c */
tls1_allocate_write_buffers,
tls1_initialise_write_packets,
- NULL
+ NULL,
+ tls_prepare_record_header_default
};
struct record_functions_st dtls_1_funcs = {
return 1;
}
+int tls_prepare_record_header_default(OSSL_RECORD_LAYER *rl,
+ WPACKET *thispkt,
+ OSSL_RECORD_TEMPLATE *templ,
+ unsigned int rectype,
+ unsigned char **recdata)
+{
+ size_t maxcomplen;
+
+ *recdata = NULL;
+
+ maxcomplen = templ->buflen;
+ if (rl->compctx != NULL)
+ maxcomplen += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
+
+ if (!WPACKET_put_bytes_u8(thispkt, rectype)
+ || !WPACKET_put_bytes_u16(thispkt, templ->version)
+ || !WPACKET_start_sub_packet_u16(thispkt)
+ || (rl->eivlen > 0
+ && !WPACKET_allocate_bytes(thispkt, rl->eivlen, NULL))
+ || (maxcomplen > 0
+ && !WPACKET_reserve_bytes(thispkt, maxcomplen,
+ recdata))) {
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+
+ return 1;
+}
+
int tls_write_records_default(OSSL_RECORD_LAYER *rl,
OSSL_RECORD_TEMPLATE *templates,
size_t numtempl)
memset(wr, 0, sizeof(wr));
for (j = 0; j < numtempl + prefix; j++) {
unsigned char *compressdata = NULL;
- size_t maxcomplen;
unsigned int rectype;
thispkt = &pkt[j];
SSL3_RECORD_set_type(thiswr, rectype);
SSL3_RECORD_set_rec_version(thiswr, thistempl->version);
- maxcomplen = thistempl->buflen;
- if (rl->compctx != NULL)
- maxcomplen += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
-
- /*
- * When using offload kernel will write the header.
- * Otherwise write the header now
- */
- if (!using_ktls
- && (!WPACKET_put_bytes_u8(thispkt, rectype)
- || !WPACKET_put_bytes_u16(thispkt, thistempl->version)
- || !WPACKET_start_sub_packet_u16(thispkt)
- || (rl->eivlen > 0
- && !WPACKET_allocate_bytes(thispkt, rl->eivlen, NULL))
- || (maxcomplen > 0
- && !WPACKET_reserve_bytes(thispkt, maxcomplen,
- &compressdata)))) {
+ if (!rl->funcs->prepare_record_header(rl, thispkt, thistempl, rectype,
+ &compressdata)) {
RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
goto err;
}
RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, SSL_R_COMPRESSION_FAILURE);
goto err;
}
- } else {
- if (using_ktls) {
- SSL3_RECORD_reset_data(&wr[j]);
- } else {
- if (!WPACKET_memcpy(thispkt, thiswr->input, thiswr->length)) {
- RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
- goto err;
- }
- SSL3_RECORD_reset_input(&wr[j]);
+ } else if (compressdata != NULL) {
+ if (!WPACKET_memcpy(thispkt, thiswr->input, thiswr->length)) {
+ RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
+ goto err;
}
+ SSL3_RECORD_reset_input(&wr[j]);
}
if (rl->version == TLS1_3_VERSION
tls_write_records_default,
tls_allocate_write_buffers_default,
tls_initialise_write_packets_default,
- NULL
+ NULL,
+ tls_prepare_record_header_default
};
static int dtls_any_set_protocol_version(OSSL_RECORD_LAYER *rl, int vers)
NULL,
NULL,
NULL,
+ NULL,
NULL
};
projects / thirdparty / openssl.git / commitdiff
