mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-22 19:41:09 +00:00
Clarify code a bit in write_handshake_msg()
- take advantage of the fact that we're only called for first send - put all sanity checks at the top - rename and constify shortcut variables - improve comments
This commit is contained in:
parent
31c1586893
commit
9c3a8caa92
|
@ -2938,6 +2938,8 @@ void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl )
|
||||||
* - DTLS: save message for resending
|
* - DTLS: save message for resending
|
||||||
* - then pass to the record layer
|
* - then pass to the record layer
|
||||||
*
|
*
|
||||||
|
* DTLS: only used when first writing the message, not for resending.
|
||||||
|
*
|
||||||
* Inputs:
|
* Inputs:
|
||||||
* - ssl->out_msglen: 4 + actual handshake message len
|
* - ssl->out_msglen: 4 + actual handshake message len
|
||||||
* (4 is the size of handshake headers for TLS)
|
* (4 is the size of handshake headers for TLS)
|
||||||
|
@ -2951,11 +2953,15 @@ void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl )
|
||||||
*/
|
*/
|
||||||
int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
|
int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
|
||||||
{
|
{
|
||||||
int ret, out_msg_type;
|
int ret;
|
||||||
size_t len = ssl->out_msglen;
|
const size_t hs_len = ssl->out_msglen - 4;
|
||||||
|
const unsigned char hs_type = ssl->out_msg[0];
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write handshake message" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write handshake message" ) );
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Sanity checks
|
||||||
|
*/
|
||||||
if( ssl->out_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE &&
|
if( ssl->out_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE &&
|
||||||
ssl->out_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC )
|
ssl->out_msgtype != MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC )
|
||||||
{
|
{
|
||||||
|
@ -2963,29 +2969,32 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
|
||||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE &&
|
||||||
|
hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST &&
|
||||||
|
ssl->handshake == NULL )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||||
|
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||||
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||||
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
|
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
|
||||||
ssl->handshake != NULL &&
|
ssl->handshake != NULL &&
|
||||||
ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
|
ssl->handshake->retransmit_state == MBEDTLS_SSL_RETRANS_SENDING )
|
||||||
{
|
{
|
||||||
; /* Skip special handshake treatment when resending */
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||||
|
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
||||||
}
|
}
|
||||||
else
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Fill handshake headers
|
||||||
|
*/
|
||||||
if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
|
if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
|
||||||
{
|
{
|
||||||
out_msg_type = ssl->out_msg[0];
|
ssl->out_msg[1] = (unsigned char)( hs_len >> 16 );
|
||||||
|
ssl->out_msg[2] = (unsigned char)( hs_len >> 8 );
|
||||||
if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST &&
|
ssl->out_msg[3] = (unsigned char)( hs_len );
|
||||||
ssl->handshake == NULL )
|
|
||||||
{
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
|
||||||
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
|
|
||||||
}
|
|
||||||
|
|
||||||
ssl->out_msg[1] = (unsigned char)( ( len - 4 ) >> 16 );
|
|
||||||
ssl->out_msg[2] = (unsigned char)( ( len - 4 ) >> 8 );
|
|
||||||
ssl->out_msg[3] = (unsigned char)( ( len - 4 ) );
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* DTLS has additional fields in the Handshake layer,
|
* DTLS has additional fields in the Handshake layer,
|
||||||
|
@ -3002,17 +3011,16 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS handshake message too large: "
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "DTLS handshake message too large: "
|
||||||
"size %u, maximum %u",
|
"size %u, maximum %u",
|
||||||
(unsigned) ( ssl->in_hslen - 4 ),
|
(unsigned) ( hs_len ),
|
||||||
(unsigned) ( MBEDTLS_SSL_OUT_CONTENT_LEN - 12 ) ) );
|
(unsigned) ( MBEDTLS_SSL_OUT_CONTENT_LEN - 12 ) ) );
|
||||||
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
|
||||||
}
|
}
|
||||||
|
|
||||||
memmove( ssl->out_msg + 12, ssl->out_msg + 4, len - 4 );
|
memmove( ssl->out_msg + 12, ssl->out_msg + 4, hs_len );
|
||||||
ssl->out_msglen += 8;
|
ssl->out_msglen += 8;
|
||||||
len += 8;
|
|
||||||
|
|
||||||
/* Write message_seq and update it, except for HelloRequest */
|
/* Write message_seq and update it, except for HelloRequest */
|
||||||
if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
|
if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
|
||||||
{
|
{
|
||||||
ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF;
|
ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF;
|
||||||
ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF;
|
ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF;
|
||||||
|
@ -3024,23 +3032,22 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
|
||||||
ssl->out_msg[5] = 0;
|
ssl->out_msg[5] = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* We don't fragment, so frag_offset = 0 and frag_len = len */
|
/* Handshake hashes are computed without fragmentation,
|
||||||
|
* so set frag_offset = 0 and frag_len = hs_len for now */
|
||||||
memset( ssl->out_msg + 6, 0x00, 3 );
|
memset( ssl->out_msg + 6, 0x00, 3 );
|
||||||
memcpy( ssl->out_msg + 9, ssl->out_msg + 1, 3 );
|
memcpy( ssl->out_msg + 9, ssl->out_msg + 1, 3 );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_PROTO_DTLS */
|
#endif /* MBEDTLS_SSL_PROTO_DTLS */
|
||||||
|
|
||||||
if( out_msg_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
|
/* Update running hashes of hanshake messages seen */
|
||||||
ssl->handshake->update_checksum( ssl, ssl->out_msg, len );
|
if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
|
||||||
|
ssl->handshake->update_checksum( ssl, ssl->out_msg, ssl->out_msglen );
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Save handshake and CCS messages for resending */
|
/* Save for resending */
|
||||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||||
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
|
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
|
||||||
ssl->handshake != NULL &&
|
hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
|
||||||
ssl->handshake->retransmit_state != MBEDTLS_SSL_RETRANS_SENDING &&
|
|
||||||
( ssl->out_msgtype == MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC ||
|
|
||||||
ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE ) )
|
|
||||||
{
|
{
|
||||||
if( ( ret = ssl_flight_append( ssl ) ) != 0 )
|
if( ( ret = ssl_flight_append( ssl ) ) != 0 )
|
||||||
{
|
{
|
||||||
|
@ -3050,6 +3057,7 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Actually send out */
|
||||||
ret = mbedtls_ssl_write_record( ssl );
|
ret = mbedtls_ssl_write_record( ssl );
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write handshake message" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write handshake message" ) );
|
||||||
|
|
Loading…
Reference in a new issue