xref: /freebsd/crypto/openssl/ssl/record/ssl3_buffer.c (revision 5ca8e32633c4ffbbcd6762e5888b6a4ba0708c6c)
1 /*
2  * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include "../ssl_local.h"
11 #include "record_local.h"
12 
13 void SSL3_BUFFER_set_data(SSL3_BUFFER *b, const unsigned char *d, size_t n)
14 {
15     if (d != NULL)
16         memcpy(b->buf, d, n);
17     b->left = n;
18     b->offset = 0;
19 }
20 
21 /*
22  * Clear the contents of an SSL3_BUFFER but retain any memory allocated. Also
23  * retains the default_len setting
24  */
25 void SSL3_BUFFER_clear(SSL3_BUFFER *b)
26 {
27     b->offset = 0;
28     b->left = 0;
29 }
30 
31 void SSL3_BUFFER_release(SSL3_BUFFER *b)
32 {
33     OPENSSL_free(b->buf);
34     b->buf = NULL;
35 }
36 
37 int ssl3_setup_read_buffer(SSL *s)
38 {
39     unsigned char *p;
40     size_t len, align = 0, headerlen;
41     SSL3_BUFFER *b;
42 
43     b = RECORD_LAYER_get_rbuf(&s->rlayer);
44 
45     if (SSL_IS_DTLS(s))
46         headerlen = DTLS1_RT_HEADER_LENGTH;
47     else
48         headerlen = SSL3_RT_HEADER_LENGTH;
49 
50 #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
51     align = (-SSL3_RT_HEADER_LENGTH) & (SSL3_ALIGN_PAYLOAD - 1);
52 #endif
53 
54     if (b->buf == NULL) {
55         len = SSL3_RT_MAX_PLAIN_LENGTH
56             + SSL3_RT_MAX_ENCRYPTED_OVERHEAD + headerlen + align;
57 #ifndef OPENSSL_NO_COMP
58         if (ssl_allow_compression(s))
59             len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
60 #endif
61 
62         /* Ensure our buffer is large enough to support all our pipelines */
63         if (s->max_pipelines > 1)
64             len *= s->max_pipelines;
65 
66         if (b->default_len > len)
67             len = b->default_len;
68         if ((p = OPENSSL_malloc(len)) == NULL) {
69             /*
70              * We've got a malloc failure, and we're still initialising buffers.
71              * We assume we're so doomed that we won't even be able to send an
72              * alert.
73              */
74             SSLfatal(s, SSL_AD_NO_ALERT, ERR_R_MALLOC_FAILURE);
75             return 0;
76         }
77         b->buf = p;
78         b->len = len;
79     }
80 
81     return 1;
82 }
83 
84 int ssl3_setup_write_buffer(SSL *s, size_t numwpipes, size_t len)
85 {
86     unsigned char *p;
87     size_t align = 0, headerlen;
88     SSL3_BUFFER *wb;
89     size_t currpipe;
90 
91     s->rlayer.numwpipes = numwpipes;
92 
93     if (len == 0) {
94         if (SSL_IS_DTLS(s))
95             headerlen = DTLS1_RT_HEADER_LENGTH + 1;
96         else
97             headerlen = SSL3_RT_HEADER_LENGTH;
98 
99 #if defined(SSL3_ALIGN_PAYLOAD) && SSL3_ALIGN_PAYLOAD!=0
100         align = SSL3_ALIGN_PAYLOAD - 1;
101 #endif
102 
103         len = ssl_get_max_send_fragment(s)
104             + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD + headerlen + align
105             + SSL_RT_MAX_CIPHER_BLOCK_SIZE /* Explicit IV allowance */;
106 #ifndef OPENSSL_NO_COMP
107         if (ssl_allow_compression(s))
108             len += SSL3_RT_MAX_COMPRESSED_OVERHEAD;
109 #endif
110         /*
111          * We don't need to add an allowance for eivlen here since empty
112          * fragments only occur when we don't have an explicit IV
113          */
114         if (!(s->options & SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS))
115             len += headerlen + align + SSL3_RT_SEND_MAX_ENCRYPTED_OVERHEAD;
116     }
117 
118     wb = RECORD_LAYER_get_wbuf(&s->rlayer);
119     for (currpipe = 0; currpipe < numwpipes; currpipe++) {
120         SSL3_BUFFER *thiswb = &wb[currpipe];
121 
122         if (thiswb->len != len) {
123             OPENSSL_free(thiswb->buf);
124             thiswb->buf = NULL;         /* force reallocation */
125         }
126 
127         if (thiswb->buf == NULL) {
128             if (s->wbio == NULL || !BIO_get_ktls_send(s->wbio)) {
129                 p = OPENSSL_malloc(len);
130                 if (p == NULL) {
131                     s->rlayer.numwpipes = currpipe;
132                     /*
133                      * We've got a malloc failure, and we're still initialising
134                      * buffers. We assume we're so doomed that we won't even be able
135                      * to send an alert.
136                      */
137                     SSLfatal(s, SSL_AD_NO_ALERT, ERR_R_MALLOC_FAILURE);
138                     return 0;
139                 }
140             } else {
141                 p = NULL;
142             }
143             memset(thiswb, 0, sizeof(SSL3_BUFFER));
144             thiswb->buf = p;
145             thiswb->len = len;
146         }
147     }
148 
149     return 1;
150 }
151 
152 int ssl3_setup_buffers(SSL *s)
153 {
154     if (!ssl3_setup_read_buffer(s)) {
155         /* SSLfatal() already called */
156         return 0;
157     }
158     if (!ssl3_setup_write_buffer(s, 1, 0)) {
159         /* SSLfatal() already called */
160         return 0;
161     }
162     return 1;
163 }
164 
165 int ssl3_release_write_buffer(SSL *s)
166 {
167     SSL3_BUFFER *wb;
168     size_t pipes;
169 
170     pipes = s->rlayer.numwpipes;
171     while (pipes > 0) {
172         wb = &RECORD_LAYER_get_wbuf(&s->rlayer)[pipes - 1];
173 
174         if (SSL3_BUFFER_is_app_buffer(wb))
175             SSL3_BUFFER_set_app_buffer(wb, 0);
176         else
177             OPENSSL_free(wb->buf);
178         wb->buf = NULL;
179         pipes--;
180     }
181     s->rlayer.numwpipes = 0;
182     return 1;
183 }
184 
185 int ssl3_release_read_buffer(SSL *s)
186 {
187     SSL3_BUFFER *b;
188 
189     b = RECORD_LAYER_get_rbuf(&s->rlayer);
190     if (s->options & SSL_OP_CLEANSE_PLAINTEXT)
191         OPENSSL_cleanse(b->buf, b->len);
192     OPENSSL_free(b->buf);
193     b->buf = NULL;
194     return 1;
195 }
196