From: jsing Date: Mon, 26 Jul 2021 03:17:38 +0000 (+0000) Subject: Dedup dtls1_dispatch_alert()/ssl3_dispatch_alert(). X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=e3dbb073b25060ac8b7195211e31d70b2546951f;p=openbsd Dedup dtls1_dispatch_alert()/ssl3_dispatch_alert(). The code for dtls1_dispatch_alert() and ssl3_dispatch_alert() is largely identical - with a bit of reshuffling we can use ssl3_dispatch_alert() for both protocols and remove the ssl_dispatch_alert function pointer. ok inoguchi@ tb@ --- diff --git a/lib/libssl/d1_pkt.c b/lib/libssl/d1_pkt.c index 0416ee9c593..acd66e622cc 100644 --- a/lib/libssl/d1_pkt.c +++ b/lib/libssl/d1_pkt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_pkt.c,v 1.103 2021/07/21 08:42:14 jsing Exp $ */ +/* $OpenBSD: d1_pkt.c,v 1.104 2021/07/26 03:17:38 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -126,10 +126,6 @@ #include "pqueue.h" #include "ssl_locl.h" -static int do_dtls1_write(SSL *s, int type, const unsigned char *buf, - unsigned int len); - - /* mod 128 saturating subtract of two 64-bit values in big-endian order */ static int satsub64be(const unsigned char *v1, const unsigned char *v2) @@ -1057,7 +1053,7 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len) /* If we have an alert to send, let's send it */ if (S3I(s)->alert_dispatch) { - if ((ret = s->method->ssl_dispatch_alert(s)) <= 0) + if ((ret = ssl3_dispatch_alert(s)) <= 0) return (ret); /* If it went, fall through and send more stuff. */ } @@ -1139,38 +1135,6 @@ dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap, } } -int -dtls1_dispatch_alert(SSL *s) -{ - int i, j; - void (*cb)(const SSL *ssl, int type, int val) = NULL; - - S3I(s)->alert_dispatch = 0; - - i = do_dtls1_write(s, SSL3_RT_ALERT, &S3I(s)->send_alert[0], 2); - if (i <= 0) { - S3I(s)->alert_dispatch = 1; - } else { - if (S3I(s)->send_alert[0] == SSL3_AL_FATAL) - (void)BIO_flush(s->wbio); - - if (s->internal->msg_callback) - s->internal->msg_callback(1, s->version, SSL3_RT_ALERT, - S3I(s)->send_alert, 2, s, s->internal->msg_callback_arg); - - if (s->internal->info_callback != NULL) - cb = s->internal->info_callback; - else if (s->ctx->internal->info_callback != NULL) - cb = s->ctx->internal->info_callback; - - if (cb != NULL) { - j = (S3I(s)->send_alert[0]<<8)|S3I(s)->send_alert[1]; - cb(s, SSL_CB_WRITE_ALERT, j); - } - } - return (i); -} - static DTLS1_BITMAP * dtls1_get_bitmap(SSL *s, SSL3_RECORD_INTERNAL *rr, unsigned int *is_next_epoch) { diff --git a/lib/libssl/dtls_locl.h b/lib/libssl/dtls_locl.h index bc28ce85599..97f05b26bd1 100644 --- a/lib/libssl/dtls_locl.h +++ b/lib/libssl/dtls_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dtls_locl.h,v 1.3 2021/07/21 08:42:14 jsing Exp $ */ +/* $OpenBSD: dtls_locl.h,v 1.4 2021/07/26 03:17:38 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -207,6 +207,9 @@ void dtls1_set_message_header_int(SSL *s, unsigned char mt, unsigned long len, unsigned short seq_num, unsigned long frag_off, unsigned long frag_len); +int do_dtls1_write(SSL *s, int type, const unsigned char *buf, + unsigned int len); + int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len); int dtls1_write_bytes(SSL *s, int type, const void *buf, int len); @@ -237,7 +240,6 @@ long dtls1_ctrl(SSL *s, int cmd, long larg, void *parg); long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok); int dtls1_get_record(SSL *s); -int dtls1_dispatch_alert(SSL *s); __END_HIDDEN_DECLS diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c index b2d94629c22..6400454f1b3 100644 --- a/lib/libssl/s3_lib.c +++ b/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.213 2021/07/03 16:06:44 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.214 2021/07/26 03:17:38 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2631,7 +2631,7 @@ ssl3_shutdown(SSL *s) return(-1); /* return WANT_WRITE */ } else if (S3I(s)->alert_dispatch) { /* resend it if not sent */ - ret = s->method->ssl_dispatch_alert(s); + ret = ssl3_dispatch_alert(s); if (ret == -1) { /* * We only get to return -1 here the 2nd/Nth diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h index 677feca157e..f3650f238e1 100644 --- a/lib/libssl/ssl_locl.h +++ b/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.355 2021/07/03 16:06:45 jsing Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.356 2021/07/26 03:17:38 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -402,7 +402,6 @@ struct ssl_method_st { int peek); int (*ssl_write_bytes)(SSL *s, int type, const void *buf_, int len); - int (*ssl_dispatch_alert)(SSL *s); const SSL_CIPHER *(*get_cipher)(unsigned int ncipher); unsigned int enc_flags; /* SSL_ENC_FLAG_* */ diff --git a/lib/libssl/ssl_methods.c b/lib/libssl/ssl_methods.c index b9b8a95e569..d8ffbb7b518 100644 --- a/lib/libssl/ssl_methods.c +++ b/lib/libssl/ssl_methods.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_methods.c,v 1.27 2021/07/03 16:06:45 jsing Exp $ */ +/* $OpenBSD: ssl_methods.c,v 1.28 2021/07/26 03:17:38 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -77,7 +77,6 @@ static const SSL_METHOD DTLS_method_data = { .ssl_pending = ssl3_pending, .ssl_read_bytes = dtls1_read_bytes, .ssl_write_bytes = dtls1_write_app_data_bytes, - .ssl_dispatch_alert = dtls1_dispatch_alert, .get_cipher = dtls1_get_cipher, .enc_flags = TLSV1_2_ENC_FLAGS, }; @@ -99,7 +98,6 @@ static const SSL_METHOD DTLS_client_method_data = { .ssl_pending = ssl3_pending, .ssl_read_bytes = dtls1_read_bytes, .ssl_write_bytes = dtls1_write_app_data_bytes, - .ssl_dispatch_alert = dtls1_dispatch_alert, .get_cipher = dtls1_get_cipher, .enc_flags = TLSV1_2_ENC_FLAGS, }; @@ -121,7 +119,6 @@ static const SSL_METHOD DTLSv1_method_data = { .ssl_pending = ssl3_pending, .ssl_read_bytes = dtls1_read_bytes, .ssl_write_bytes = dtls1_write_app_data_bytes, - .ssl_dispatch_alert = dtls1_dispatch_alert, .get_cipher = dtls1_get_cipher, .enc_flags = TLSV1_1_ENC_FLAGS, }; @@ -143,7 +140,6 @@ static const SSL_METHOD DTLSv1_client_method_data = { .ssl_pending = ssl3_pending, .ssl_read_bytes = dtls1_read_bytes, .ssl_write_bytes = dtls1_write_app_data_bytes, - .ssl_dispatch_alert = dtls1_dispatch_alert, .get_cipher = dtls1_get_cipher, .enc_flags = TLSV1_1_ENC_FLAGS, }; @@ -165,7 +161,6 @@ static const SSL_METHOD DTLSv1_2_method_data = { .ssl_pending = ssl3_pending, .ssl_read_bytes = dtls1_read_bytes, .ssl_write_bytes = dtls1_write_app_data_bytes, - .ssl_dispatch_alert = dtls1_dispatch_alert, .get_cipher = dtls1_get_cipher, .enc_flags = TLSV1_2_ENC_FLAGS, }; @@ -187,7 +182,6 @@ static const SSL_METHOD DTLSv1_2_client_method_data = { .ssl_pending = ssl3_pending, .ssl_read_bytes = dtls1_read_bytes, .ssl_write_bytes = dtls1_write_app_data_bytes, - .ssl_dispatch_alert = dtls1_dispatch_alert, .get_cipher = dtls1_get_cipher, .enc_flags = TLSV1_2_ENC_FLAGS, }; @@ -264,7 +258,6 @@ static const SSL_METHOD TLS_method_data = { .ssl_pending = tls13_legacy_pending, .ssl_read_bytes = tls13_legacy_read_bytes, .ssl_write_bytes = tls13_legacy_write_bytes, - .ssl_dispatch_alert = ssl3_dispatch_alert, .get_cipher = ssl3_get_cipher, .enc_flags = TLSV1_3_ENC_FLAGS, }; @@ -287,7 +280,6 @@ static const SSL_METHOD TLS_legacy_method_data = { .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, - .ssl_dispatch_alert = ssl3_dispatch_alert, .get_cipher = ssl3_get_cipher, .enc_flags = TLSV1_2_ENC_FLAGS, }; @@ -310,7 +302,6 @@ static const SSL_METHOD TLS_client_method_data = { .ssl_pending = tls13_legacy_pending, .ssl_read_bytes = tls13_legacy_read_bytes, .ssl_write_bytes = tls13_legacy_write_bytes, - .ssl_dispatch_alert = ssl3_dispatch_alert, .get_cipher = ssl3_get_cipher, .enc_flags = TLSV1_3_ENC_FLAGS, }; @@ -334,7 +325,6 @@ static const SSL_METHOD TLS_legacy_client_method_data = { .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, - .ssl_dispatch_alert = ssl3_dispatch_alert, .get_cipher = ssl3_get_cipher, .enc_flags = TLSV1_2_ENC_FLAGS, }; @@ -357,7 +347,6 @@ static const SSL_METHOD TLSv1_method_data = { .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, - .ssl_dispatch_alert = ssl3_dispatch_alert, .get_cipher = ssl3_get_cipher, .enc_flags = TLSV1_ENC_FLAGS, }; @@ -379,7 +368,6 @@ static const SSL_METHOD TLSv1_client_method_data = { .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, - .ssl_dispatch_alert = ssl3_dispatch_alert, .get_cipher = ssl3_get_cipher, .enc_flags = TLSV1_ENC_FLAGS, }; @@ -401,7 +389,6 @@ static const SSL_METHOD TLSv1_1_method_data = { .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, - .ssl_dispatch_alert = ssl3_dispatch_alert, .get_cipher = ssl3_get_cipher, .enc_flags = TLSV1_1_ENC_FLAGS, }; @@ -423,7 +410,6 @@ static const SSL_METHOD TLSv1_1_client_method_data = { .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, - .ssl_dispatch_alert = ssl3_dispatch_alert, .get_cipher = ssl3_get_cipher, .enc_flags = TLSV1_1_ENC_FLAGS, }; @@ -445,7 +431,6 @@ static const SSL_METHOD TLSv1_2_method_data = { .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, - .ssl_dispatch_alert = ssl3_dispatch_alert, .get_cipher = ssl3_get_cipher, .enc_flags = TLSV1_2_ENC_FLAGS, }; @@ -467,7 +452,6 @@ static const SSL_METHOD TLSv1_2_client_method_data = { .ssl_pending = ssl3_pending, .ssl_read_bytes = ssl3_read_bytes, .ssl_write_bytes = ssl3_write_bytes, - .ssl_dispatch_alert = ssl3_dispatch_alert, .get_cipher = ssl3_get_cipher, .enc_flags = TLSV1_2_ENC_FLAGS, }; diff --git a/lib/libssl/ssl_pkt.c b/lib/libssl/ssl_pkt.c index 7f655adfe62..c3fd4a73652 100644 --- a/lib/libssl/ssl_pkt.c +++ b/lib/libssl/ssl_pkt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_pkt.c,v 1.45 2021/06/29 18:43:49 jsing Exp $ */ +/* $OpenBSD: ssl_pkt.c,v 1.46 2021/07/26 03:17:38 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -116,6 +116,7 @@ #include #include "bytestring.h" +#include "dtls_locl.h" #include "ssl_locl.h" static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, @@ -552,7 +553,7 @@ do_ssl3_write(SSL *s, int type, const unsigned char *buf, unsigned int len) /* If we have an alert to send, let's send it. */ if (S3I(s)->alert_dispatch) { - if ((ret = s->method->ssl_dispatch_alert(s)) <= 0) + if ((ret = ssl3_dispatch_alert(s)) <= 0) return (ret); /* If it went, fall through and send more stuff. */ @@ -1188,6 +1189,17 @@ ssl3_do_change_cipher_spec(SSL *s) return (1); } +static int +ssl3_write_alert(SSL *s) +{ + if (SSL_is_dtls(s)) + return do_dtls1_write(s, SSL3_RT_ALERT, S3I(s)->send_alert, + sizeof(S3I(s)->send_alert)); + + return do_ssl3_write(s, SSL3_RT_ALERT, S3I(s)->send_alert, + sizeof(S3I(s)->send_alert)); +} + int ssl3_send_alert(SSL *s, int level, int desc) { @@ -1199,7 +1211,7 @@ ssl3_send_alert(SSL *s, int level, int desc) S3I(s)->send_alert[0] = level; S3I(s)->send_alert[1] = desc; if (S3I(s)->wbuf.left == 0) /* data still being written out? */ - return s->method->ssl_dispatch_alert(s); + return ssl3_dispatch_alert(s); /* else data is still being written out, we will get written * some time in the future */ @@ -1213,7 +1225,7 @@ ssl3_dispatch_alert(SSL *s) void (*cb)(const SSL *ssl, int type, int val) = NULL; S3I(s)->alert_dispatch = 0; - i = do_ssl3_write(s, SSL3_RT_ALERT, &S3I(s)->send_alert[0], 2); + i = ssl3_write_alert(s); if (i <= 0) { S3I(s)->alert_dispatch = 1; } else {