From bf256cdb0b88c374f335c128c3c922d4d5d00856 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 12 Jul 2019 09:37:30 +0100 Subject: [PATCH] Move update of in_xxx fields outside of ssl_prepare_record_content() Multiple record attributes such as content type and payload length may change during record decryption, and the legacy in_xxx fields in the SSL context therefore need to be updated after the record decryption routine ssl_decrypt_buf() has been called. After the previous commit has made ssl_prepare_record_content() independent of the in_xxx fields, setting them can be moved outside of ssl_prepare_record_content(), which is what this commit does. --- library/ssl_tls.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 00182f0a2..49a009dca 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5038,19 +5038,6 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl, old_msg_type, rec->type ) ); } - /* The record content type may change during decryption, - * so re-read it. */ - ssl->in_msgtype = rec->type; - /* Also update the input buffer, because unfortunately - * the server-side ssl_parse_client_hello() reparses the - * record header when receiving a ClientHello initiating - * a renegotiation. */ - ssl->in_hdr[0] = rec->type; - ssl->in_msg = rec->buf + rec->data_offset; - ssl->in_msglen = rec->data_len; - ssl->in_len[0] = (unsigned char)( rec->data_len >> 8 ); - ssl->in_len[1] = (unsigned char)( rec->data_len ); - MBEDTLS_SSL_DEBUG_BUF( 4, "input payload after decrypt", rec->buf + rec->data_offset, rec->data_len ); @@ -6010,6 +5997,19 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_PROTO_TLS */ } + /* The record content type may change during decryption, + * so re-read it. */ + ssl->in_msgtype = rec.type; + /* Also update the input buffer, because unfortunately + * the server-side ssl_parse_client_hello() reparses the + * record header when receiving a ClientHello initiating + * a renegotiation. */ + ssl->in_hdr[0] = rec.type; + ssl->in_msg = rec.buf + rec.data_offset; + ssl->in_msglen = rec.data_len; + ssl->in_len[0] = (unsigned char)( rec.data_len >> 8 ); + ssl->in_len[1] = (unsigned char)( rec.data_len ); + return( 0 ); }