Import OpenSSL 1.1.0i

2018-08-14 08:22:53 -07:00
parent 807cee26df
commit 6960e8d7c7
282 changed files with 5215 additions and 2261 deletions
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -1531,6 +1531,7 @@ int dtls1_get_record(SSL *s)
        p += 6;

        n2s(p, rr->length);
+        rr->read = 0;

        /*
         * Lets check the version. We tolerate alerts that don't have the exact
@@ -1540,6 +1541,7 @@ int dtls1_get_record(SSL *s)
            if (version != s->version) {
                /* unexpected version, silently discard */
                rr->length = 0;
+                rr->read = 1;
                RECORD_LAYER_reset_packet_length(&s->rlayer);
                goto again;
            }
@@ -1548,6 +1550,7 @@ int dtls1_get_record(SSL *s)
        if ((version & 0xff00) != (s->version & 0xff00)) {
            /* wrong version, silently discard record */
            rr->length = 0;
+            rr->read = 1;
            RECORD_LAYER_reset_packet_length(&s->rlayer);
            goto again;
        }
@@ -1555,10 +1558,10 @@ int dtls1_get_record(SSL *s)
        if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {
            /* record too long, silently discard it */
            rr->length = 0;
+            rr->read = 1;
            RECORD_LAYER_reset_packet_length(&s->rlayer);
            goto again;
        }
-
        /* now s->rlayer.rstate == SSL_ST_READ_BODY */
    }

@@ -1572,6 +1575,7 @@ int dtls1_get_record(SSL *s)
        /* this packet contained a partial record, dump it */
        if (n != i) {
            rr->length = 0;
+            rr->read = 1;
            RECORD_LAYER_reset_packet_length(&s->rlayer);
            goto again;
        }
@@ -1588,6 +1592,7 @@ int dtls1_get_record(SSL *s)
    bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch);
    if (bitmap == NULL) {
        rr->length = 0;
+        rr->read = 1;
        RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */
        goto again;             /* get another record */
    }
@@ -1602,6 +1607,7 @@ int dtls1_get_record(SSL *s)
         */
        if (!dtls1_record_replay_check(s, bitmap)) {
            rr->length = 0;
+            rr->read = 1;
            RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */
            goto again;         /* get another record */
        }
@@ -1610,8 +1616,10 @@ int dtls1_get_record(SSL *s)
 #endif

    /* just read a 0 length packet */
-    if (rr->length == 0)
+    if (rr->length == 0) {
+        rr->read = 1;
        goto again;
+    }

    /*
     * If this record is from the next epoch (either HM or ALERT), and a
@@ -1626,12 +1634,14 @@ int dtls1_get_record(SSL *s)
                return -1;
        }
        rr->length = 0;
+        rr->read = 1;
        RECORD_LAYER_reset_packet_length(&s->rlayer);
        goto again;
    }

    if (!dtls1_process_record(s, bitmap)) {
        rr->length = 0;
+        rr->read = 1;
        RECORD_LAYER_reset_packet_length(&s->rlayer); /* dump this record */
        goto again;             /* get another record */
    }