PR: 2006
authorDr. Stephen Henson <steve@openssl.org>
Wed, 26 Aug 2009 11:51:57 +0000 (11:51 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 26 Aug 2009 11:51:57 +0000 (11:51 +0000)
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Do not use multiple DTLS records for a single user message

ssl/d1_pkt.c
ssl/ssl.h
ssl/ssl_err.c

index 0664636b521a3ccf810a952abccb1faf18a88f18..355d5ed9cdcbeedc59bbe83855cb02a77cbccecf 100644 (file)
@@ -1257,7 +1257,6 @@ err:
 int
 dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len)
        {
-       unsigned int n,tot;
        int i;
 
        if (SSL_in_init(s) && !s->in_handshake)
@@ -1271,31 +1270,14 @@ dtls1_write_app_data_bytes(SSL *s, int type, const void *buf_, int len)
                        }
                }
 
-       tot = s->s3->wnum;
-       n = len - tot;
-
-       while( n)
+       if (len > SSL3_RT_MAX_PLAIN_LENGTH)
                {
-               /* dtls1_write_bytes sends one record at a time, sized according to 
-                * the currently known MTU */
-               i = dtls1_write_bytes(s, type, buf_, len);
-               if (i <= 0) return i;
-               
-               if ((i == (int)n) ||
-                       (type == SSL3_RT_APPLICATION_DATA &&
-                               (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE)))
-                       {
-                       /* next chunk of data should get another prepended empty fragment
-                        * in ciphersuites with known-IV weakness: */
-                       s->s3->empty_fragment_done = 0;
-                       return tot+i;
-                       }
-
-               tot += i;
-               n-=i;
+                       SSLerr(SSL_F_DTLS1_WRITE_APP_DATA_BYTES,SSL_R_DTLS_MESSAGE_TOO_BIG);
+                       return -1;
                }
 
-       return tot;
+       i = dtls1_write_bytes(s, type, buf_, len);
+       return i;
        }
 
 
@@ -1336,46 +1318,13 @@ have_handshake_fragment(SSL *s, int type, unsigned char *buf,
 /* Call this to write data in records of type 'type'
  * It will return <= 0 if not all data has been sent or non-blocking IO.
  */
-int dtls1_write_bytes(SSL *s, int type, const void *buf_, int len)
+int dtls1_write_bytes(SSL *s, int type, const void *buf, int len)
        {
-       const unsigned char *buf=buf_;
-       unsigned int tot,n,nw;
        int i;
-       unsigned int mtu;
 
+       OPENSSL_assert(len <= SSL3_RT_MAX_PLAIN_LENGTH);
        s->rwstate=SSL_NOTHING;
-       tot=s->s3->wnum;
-
-       n=(len-tot);
-
-       /* handshake layer figures out MTU for itself, but data records
-        * are also sent through this interface, so need to figure out MTU */
-#if 0
-       mtu = BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_GET_MTU, 0, NULL);
-       mtu += DTLS1_HM_HEADER_LENGTH;  /* HM already inserted */
-#endif
-       mtu = s->d1->mtu;
-
-       if (mtu > SSL3_RT_MAX_PLAIN_LENGTH)
-               mtu = SSL3_RT_MAX_PLAIN_LENGTH;
-
-       if (n > mtu)
-               nw=mtu;
-       else
-               nw=n;
-       
-       i=do_dtls1_write(s, type, &(buf[tot]), nw, 0);
-       if (i <= 0)
-               {
-               s->s3->wnum=tot;
-               return i;
-               }
-
-       if ( (int)s->s3->wnum + i == len)
-               s->s3->wnum = 0;
-       else 
-               s->s3->wnum += i;
-
+       i=do_dtls1_write(s, type, buf, len, 0);
        return i;
        }
 
index fd7226298e512b81169b23b5d3dddfc3c41c2fc0..2c760b34ebf9e62a65ba579a9908a97e782bafd9 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -2211,6 +2211,7 @@ void ERR_load_SSL_strings(void);
 #define SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE            1111
 #define SSL_R_TLSV1_UNRECOGNIZED_NAME                   1112
 #define SSL_R_TLSV1_UNSUPPORTED_EXTENSION               1110
+#define SSL_R_DTLS_MESSAGE_TOO_BIG                      1200
 #define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER      232
 #define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST            157
 #define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
index e647e107d18dd55f4176c195e3d78b81e89dd675..9d43453ddf284cfb755ad0c3f35e0ded193aa777 100644 (file)
@@ -490,6 +490,7 @@ static ERR_STRING_DATA SSL_str_reasons[]=
 {ERR_REASON(SSL_R_TLSV1_CERTIFICATE_UNOBTAINABLE),"tlsv1 certificate unobtainable"},
 {ERR_REASON(SSL_R_TLSV1_UNRECOGNIZED_NAME),"tlsv1 unrecognized name"},
 {ERR_REASON(SSL_R_TLSV1_UNSUPPORTED_EXTENSION),"tlsv1 unsupported extension"},
+{ERR_REASON(SSL_R_DTLS_MESSAGE_TOO_BIG),"dtls message too big"},
 {ERR_REASON(SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER),"tls client cert req with anon cipher"},
 {ERR_REASON(SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST),"tls invalid ecpointformat list"},
 {ERR_REASON(SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST),"tls peer did not respond with certificate list"},