mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-24 16:15:32 +00:00
Move update of in_xxx fields outside of ssl_prepare_record_content()
Multiple record attributes such as content type and payload length may change during record decryption, and the legacy in_xxx fields in the SSL context therefore need to be updated after the record decryption routine ssl_decrypt_buf() has been called. After the previous commit has made ssl_prepare_record_content() independent of the in_xxx fields, setting them can be moved outside of ssl_prepare_record_content(), which is what this commit does.
This commit is contained in:
parent
106f3dab57
commit
bf256cdb0b
|
@ -5038,19 +5038,6 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl,
|
||||||
old_msg_type, rec->type ) );
|
old_msg_type, rec->type ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
/* The record content type may change during decryption,
|
|
||||||
* so re-read it. */
|
|
||||||
ssl->in_msgtype = rec->type;
|
|
||||||
/* Also update the input buffer, because unfortunately
|
|
||||||
* the server-side ssl_parse_client_hello() reparses the
|
|
||||||
* record header when receiving a ClientHello initiating
|
|
||||||
* a renegotiation. */
|
|
||||||
ssl->in_hdr[0] = rec->type;
|
|
||||||
ssl->in_msg = rec->buf + rec->data_offset;
|
|
||||||
ssl->in_msglen = rec->data_len;
|
|
||||||
ssl->in_len[0] = (unsigned char)( rec->data_len >> 8 );
|
|
||||||
ssl->in_len[1] = (unsigned char)( rec->data_len );
|
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_BUF( 4, "input payload after decrypt",
|
MBEDTLS_SSL_DEBUG_BUF( 4, "input payload after decrypt",
|
||||||
rec->buf + rec->data_offset, rec->data_len );
|
rec->buf + rec->data_offset, rec->data_len );
|
||||||
|
|
||||||
|
@ -6010,6 +5997,19 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl )
|
||||||
#endif /* MBEDTLS_SSL_PROTO_TLS */
|
#endif /* MBEDTLS_SSL_PROTO_TLS */
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* The record content type may change during decryption,
|
||||||
|
* so re-read it. */
|
||||||
|
ssl->in_msgtype = rec.type;
|
||||||
|
/* Also update the input buffer, because unfortunately
|
||||||
|
* the server-side ssl_parse_client_hello() reparses the
|
||||||
|
* record header when receiving a ClientHello initiating
|
||||||
|
* a renegotiation. */
|
||||||
|
ssl->in_hdr[0] = rec.type;
|
||||||
|
ssl->in_msg = rec.buf + rec.data_offset;
|
||||||
|
ssl->in_msglen = rec.data_len;
|
||||||
|
ssl->in_len[0] = (unsigned char)( rec.data_len >> 8 );
|
||||||
|
ssl->in_len[1] = (unsigned char)( rec.data_len );
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue