From: Matt Caswell Date: Mon, 2 Feb 2015 16:02:55 +0000 (+0000) Subject: Make rrec, wrec, rbuf and wbuf fully private to the record layer. Also, clean X-Git-Tag: OpenSSL_1_1_0-pre1~1413 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=88c23039484522457abdf83db2c64e3af6d0d8ca;p=openssl Make rrec, wrec, rbuf and wbuf fully private to the record layer. Also, clean up some access to them. Now that various functions have been moved into the record layer they no longer need to use the accessor macros. Reviewed-by: Richard Levitte --- diff --git a/ssl/record/d1_pkt.c b/ssl/record/d1_pkt.c index 2f2417d7a3..f1772258af 100644 --- a/ssl/record/d1_pkt.c +++ b/ssl/record/d1_pkt.c @@ -191,14 +191,12 @@ static int dtls1_copy_record(SSL *s, pitem *item) rdata = (DTLS1_RECORD_DATA *)item->data; - SSL3_BUFFER_release(RECORD_LAYER_get_rbuf(&s->rlayer)); + SSL3_BUFFER_release(&s->rlayer.rbuf); s->packet = rdata->packet; s->packet_length = rdata->packet_length; - memcpy(RECORD_LAYER_get_rbuf(&s->rlayer), &(rdata->rbuf), - sizeof(SSL3_BUFFER)); - memcpy(RECORD_LAYER_get_rrec(&s->rlayer), &(rdata->rrec), - sizeof(SSL3_RECORD)); + memcpy(&s->rlayer.rbuf, &(rdata->rbuf), sizeof(SSL3_BUFFER)); + memcpy(&s->rlayer.rrec, &(rdata->rrec), sizeof(SSL3_RECORD)); /* Set proper sequence number for mac calculation */ memcpy(&(s->s3->read_sequence[2]), &(rdata->packet[5]), 6); @@ -230,10 +228,8 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) rdata->packet = s->packet; rdata->packet_length = s->packet_length; - memcpy(&(rdata->rbuf), RECORD_LAYER_get_rbuf(&s->rlayer), - sizeof(SSL3_BUFFER)); - memcpy(&(rdata->rrec), RECORD_LAYER_get_rrec(&s->rlayer), - sizeof(SSL3_RECORD)); + memcpy(&(rdata->rbuf), &s->rlayer.rbuf, sizeof(SSL3_BUFFER)); + memcpy(&(rdata->rrec), &s->rlayer.rrec, sizeof(SSL3_RECORD)); item->data = rdata; @@ -249,8 +245,8 @@ dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority) s->packet = NULL; s->packet_length = 0; - memset(RECORD_LAYER_get_rbuf(&s->rlayer), 0, sizeof(SSL3_BUFFER)); - memset(RECORD_LAYER_get_rrec(&s->rlayer), 0, sizeof(SSL3_RECORD)); + memset(&s->rlayer.rbuf, 0, sizeof(SSL3_BUFFER)); + memset(&s->rlayer.rrec, 0, sizeof(SSL3_RECORD)); if (!ssl3_setup_buffers(s)) { SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR); @@ -316,7 +312,7 @@ int dtls1_process_buffered_records(SSL *s) if (!dtls1_process_record(s)) return (0); if (dtls1_buffer_record(s, &(s->d1->processed_rcds), - SSL3_RECORD_get_seq_num(RECORD_LAYER_get_rrec(&s->rlayer))) < 0) + SSL3_RECORD_get_seq_num(&s->rlayer.rrec)) < 0) return -1; } } @@ -367,7 +363,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) SSL3_RECORD *rr; void (*cb) (const SSL *ssl, int type2, int val) = NULL; - if (!SSL3_BUFFER_is_initialised(RECORD_LAYER_get_rbuf(&s->rlayer))) { + if (!SSL3_BUFFER_is_initialised(&s->rlayer.rbuf)) { /* Not initialized yet */ if (!ssl3_setup_buffers(s)) return (-1); @@ -423,7 +419,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) * s->s3->rrec.off, - offset into 'data' for next read * s->s3->rrec.length, - number of bytes. */ - rr = RECORD_LAYER_get_rrec(&s->rlayer); + rr = &s->rlayer.rrec; /* * We are not handshaking and have no data yet, so process data buffered @@ -694,8 +690,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) } if (!(s->mode & SSL_MODE_AUTO_RETRY)) { - if (SSL3_BUFFER_get_left( - RECORD_LAYER_get_rbuf(&s->rlayer)) == 0) { + if (SSL3_BUFFER_get_left(&s->rlayer.rbuf) == 0) { /* no read-ahead left? */ BIO *bio; /* @@ -918,8 +913,7 @@ int dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) } if (!(s->mode & SSL_MODE_AUTO_RETRY)) { - if (SSL3_BUFFER_get_left( - RECORD_LAYER_get_rbuf(&s->rlayer)) == 0) { + if (SSL3_BUFFER_get_left(&s->rlayer.rbuf) == 0) { /* no read-ahead left? */ BIO *bio; /* @@ -1052,7 +1046,7 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, SSL3_BUFFER *wb; SSL_SESSION *sess; - wb = RECORD_LAYER_get_wbuf(&s->rlayer); + wb = &s->rlayer.wbuf; /* * first check if there is a SSL3_BUFFER still being written out. This @@ -1074,7 +1068,7 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, if (len == 0 && !create_empty_fragment) return 0; - wr = RECORD_LAYER_get_wrec(&s->rlayer); + wr = &s->rlayer.wrec; sess = s->session; if ((sess == NULL) || @@ -1237,7 +1231,7 @@ int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap) cmp = satsub64be(seq, bitmap->max_seq_num); if (cmp > 0) { - SSL3_RECORD_set_seq_num(RECORD_LAYER_get_rrec(&s->rlayer), seq); + SSL3_RECORD_set_seq_num(&s->rlayer.rrec, seq); return 1; /* this record in new */ } shift = -cmp; @@ -1246,7 +1240,7 @@ int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap) else if (bitmap->map & (1UL << shift)) return 0; /* record previously received */ - SSL3_RECORD_set_seq_num(RECORD_LAYER_get_rrec(&s->rlayer), seq); + SSL3_RECORD_set_seq_num(&s->rlayer.rrec, seq); return 1; } diff --git a/ssl/record/rec_layer.h b/ssl/record/rec_layer.h index 110bed24a2..8b529b75c3 100644 --- a/ssl/record/rec_layer.h +++ b/ssl/record/rec_layer.h @@ -160,10 +160,6 @@ typedef struct record_layer_st { #define RECORD_LAYER_set_read_ahead(rl, ra) ((rl)->read_ahead = (ra)) #define RECORD_LAYER_get_read_ahead(rl) ((rl)->read_ahead) -#define RECORD_LAYER_get_rbuf(rl) (&(rl)->rbuf) -#define RECORD_LAYER_get_wbuf(rl) (&(rl)->wbuf) -#define RECORD_LAYER_get_rrec(rl) (&(rl)->rrec) -#define RECORD_LAYER_get_wrec(rl) (&(rl)->wrec) #define RECORD_LAYER_setup_comp_buffer(rl) (SSL3_RECORD_setup(&(rl)->rrec)) void RECORD_LAYER_init(RECORD_LAYER *rl, SSL *s); @@ -188,11 +184,16 @@ void dtls1_reset_seq_numbers(SSL *s, int rw); /***************************************************************************** * * - * The following functions are private to the record layer. They should not * - * be used outside of the record layer. * + * The following macros/functions are private to the record layer. They * + * should not be used outside of the record layer. * * * *****************************************************************************/ +#define RECORD_LAYER_get_rbuf(rl) (&(rl)->rbuf) +#define RECORD_LAYER_get_wbuf(rl) (&(rl)->wbuf) +#define RECORD_LAYER_get_rrec(rl) (&(rl)->rrec) +#define RECORD_LAYER_get_wrec(rl) (&(rl)->wrec) + __owur int ssl3_read_n(SSL *s, int n, int max, int extend); __owur int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, unsigned int len); diff --git a/ssl/record/s3_pkt.c b/ssl/record/s3_pkt.c index 61288f21ed..8b360d6382 100644 --- a/ssl/record/s3_pkt.c +++ b/ssl/record/s3_pkt.c @@ -227,7 +227,7 @@ int ssl3_read_n(SSL *s, int n, int max, int extend) if (n <= 0) return n; - rb = RECORD_LAYER_get_rbuf(&s->rlayer); + rb = &s->rlayer.rbuf; if (rb->buf == NULL) if (!ssl3_setup_read_buffer(s)) return -1; @@ -372,7 +372,7 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) #if !defined(OPENSSL_NO_MULTIBLOCK) && EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK unsigned int max_send_fragment; #endif - SSL3_BUFFER *wb = RECORD_LAYER_get_wbuf(&s->rlayer); + SSL3_BUFFER *wb = &s->rlayer.wbuf; int i; unsigned int u_len = (unsigned int)len; @@ -602,7 +602,7 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, int eivlen; long align = 0; SSL3_RECORD *wr; - SSL3_BUFFER *wb = RECORD_LAYER_get_wbuf(&s->rlayer); + SSL3_BUFFER *wb = &s->rlayer.wbuf; SSL_SESSION *sess; /* @@ -627,7 +627,7 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, if (len == 0 && !create_empty_fragment) return 0; - wr = RECORD_LAYER_get_wrec(&s->rlayer); + wr = &s->rlayer.wrec; sess = s->session; if ((sess == NULL) || @@ -827,7 +827,7 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf, unsigned int len) { int i; - SSL3_BUFFER *wb = RECORD_LAYER_get_wbuf(&s->rlayer); + SSL3_BUFFER *wb = &s->rlayer.wbuf; /* XXXX */ if ((s->s3->wpend_tot > (int)len) @@ -904,7 +904,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) SSL3_RECORD *rr; void (*cb) (const SSL *ssl, int type2, int val) = NULL; - if (!SSL3_BUFFER_is_initialised(RECORD_LAYER_get_rbuf(&s->rlayer))) { + if (!SSL3_BUFFER_is_initialised(&s->rlayer.rbuf)) { /* Not initialized yet */ if (!ssl3_setup_read_buffer(s)) return (-1); @@ -962,7 +962,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) * s->s3->rrec.off, - offset into 'data' for next read * s->s3->rrec.length, - number of bytes. */ - rr = RECORD_LAYER_get_rrec(&s->rlayer); + rr = &s->rlayer.rrec; /* get new packet if necessary */ if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY)) { @@ -1020,8 +1020,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) s->rstate = SSL_ST_READ_HEADER; rr->off = 0; if (s->mode & SSL_MODE_RELEASE_BUFFERS - && SSL3_BUFFER_get_left( - RECORD_LAYER_get_rbuf(&s->rlayer)) == 0) + && SSL3_BUFFER_get_left(&s->rlayer.rbuf) == 0) ssl3_release_read_buffer(s); } } @@ -1125,8 +1124,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) } if (!(s->mode & SSL_MODE_AUTO_RETRY)) { - if (SSL3_BUFFER_get_left( - RECORD_LAYER_get_rbuf(&s->rlayer)) == 0) { + if (SSL3_BUFFER_get_left(&s->rlayer.rbuf) == 0) { /* no read-ahead left? */ BIO *bio; /* @@ -1299,7 +1297,7 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) } if (!(s->mode & SSL_MODE_AUTO_RETRY)) { - if (SSL3_BUFFER_get_left(RECORD_LAYER_get_rbuf(&s->rlayer)) == 0) { + if (SSL3_BUFFER_get_left(&s->rlayer.rbuf) == 0) { /* no read-ahead left? */ BIO *bio; /* diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c index 33feb01c57..5975a33c47 100644 --- a/ssl/record/ssl3_record.c +++ b/ssl/record/ssl3_record.c @@ -210,7 +210,7 @@ int ssl3_get_record(SSL *s) if ((s->rstate != SSL_ST_READ_BODY) || (s->packet_length < SSL3_RT_HEADER_LENGTH)) { n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, - SSL3_BUFFER_get_len(RECORD_LAYER_get_rbuf(&s->rlayer)), 0); + SSL3_BUFFER_get_len(&s->rlayer.rbuf), 0); if (n <= 0) return (n); /* error or non-blocking */ s->rstate = SSL_ST_READ_BODY; @@ -248,7 +248,7 @@ int ssl3_get_record(SSL *s) } if (rr->length > - SSL3_BUFFER_get_len(RECORD_LAYER_get_rbuf(&s->rlayer)) + SSL3_BUFFER_get_len(&s->rlayer.rbuf) - SSL3_RT_HEADER_LENGTH) { al = SSL_AD_RECORD_OVERFLOW; SSLerr(SSL_F_SSL3_GET_RECORD, SSL_R_PACKET_LENGTH_TOO_LONG); @@ -1401,7 +1401,7 @@ int dtls1_get_record(SSL *s) if ((s->rstate != SSL_ST_READ_BODY) || (s->packet_length < DTLS1_RT_HEADER_LENGTH)) { n = ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, - SSL3_BUFFER_get_len(RECORD_LAYER_get_rbuf(&s->rlayer)), 0); + SSL3_BUFFER_get_len(&s->rlayer.rbuf), 0); /* read timeout is handled by dtls1_read_bytes */ if (n <= 0) return (n); /* error or non-blocking */