fixed server buffer issue

git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@121 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
2025-04-21 10:26:06 +03:00 · 2007-09-05 13:44:56 +00:00 · 2007-09-05 13:44:56 +00:00 · b717f94bd0
commit b717f94bd0
parent 114fff4077
5 changed files with 84 additions and 7 deletions
--- a/ssl/test/header_issue.dat
+++ b/ssl/test/header_issue.dat
--- a/ssl/test/ssltest.c
+++ b/ssl/test/ssltest.c
@ -1718,6 +1718,64 @@ error:
 }
 #endif
 /**************************************************************************
 * Header issue
 *
 **************************************************************************/
 static void do_header_issue(void)
 {
    uint8_t axtls_buf[2048];
 #ifndef WIN32
    pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, NULL);
 #endif
    sprintf(axtls_buf, "./axssl s_client -connect localhost:%d", g_port);
    system(axtls_buf);
 }
 static int header_issue(void)
 {
    FILE *f = fopen("../ssl/test/header_issue.dat", "r");
    int server_fd, client_fd, ret = 1;
    uint8_t buf[2048];
    int size = 0;
    struct sockaddr_in client_addr;
    socklen_t clnt_len = sizeof(client_addr);
 #ifndef WIN32
    pthread_t thread;
 #endif
    if (f == NULL || (server_fd = server_socket_init(&g_port)) < 0)
        goto error;
 #ifndef WIN32
    pthread_create(&thread, NULL, 
                (void *(*)(void *))do_header_issue, NULL);
    pthread_detach(thread);
 #else
    CreateThread(NULL, 1024, (LPTHREAD_START_ROUTINE)do_header_issue, 
                NULL, 0, NULL);
 #endif
    if ((client_fd = accept(server_fd, 
                    (struct sockaddr *) &client_addr, &clnt_len)) < 0)
    {
        ret = SSL_ERROR_SOCK_SETUP_FAILURE;
        goto error;
    }
    size = fread(buf, 1, sizeof(buf), f);
    SOCKET_WRITE(client_fd, buf, size);
    usleep(200000);
    ret = 0;
 error:
    fclose(f);
    SOCKET_CLOSE(client_fd);
    SOCKET_CLOSE(server_fd);
    TTY_FLUSH();
    system("killall axssl");
    return ret;
 }
 /**************************************************************************
 * main()
 *
@ -1820,7 +1878,14 @@ int main(int argc, char *argv[])
    system("sh ../ssl/test/killopenssl.sh");
    if (header_issue())
    {
        printf("Header tests failed\n");
        goto cleanup;
    }
    ret = 0;        /* all ok */
    printf("**** ALL TESTS PASSED ****\n"); TTY_FLUSH();
 cleanup:
    if (ret)
--- a/ssl/tls1.c
+++ b/ssl/tls1.c
@ -1241,6 +1241,7 @@ int basic_read(SSL *ssl, uint8_t **in_data)
    switch (ssl->record_type)
    {
        case PT_HANDSHAKE_PROTOCOL:
            ssl->bm_proc_index = 0;
            ret = do_handshake(ssl, buf, read_len);
            break;
@ -1723,10 +1724,10 @@ EXP_FUNC int STDCALL ssl_verify_cert(const SSL *ssl)
 int process_certificate(SSL *ssl, X509_CTX **x509_ctx)
 {
    int ret = SSL_OK;
    uint8_t *buf = &ssl->bm_data[ssl->bm_proc_index];
    int pkt_size = ssl->bm_index;
    int cert_size, offset = 5;
-    int total_cert_size = (ssl->bm_data[offset]<<8) + 
+    int total_cert_size = (buf[offset]<<8) + buf[offset+1];
                ssl->bm_data[offset+1];
    int is_client = IS_SET_SSL_FLAG(SSL_IS_CLIENT);
    X509_CTX **chain = x509_ctx;
    offset += 2;
@ -1736,10 +1737,10 @@ int process_certificate(SSL *ssl, X509_CTX **x509_ctx)
    while (offset < total_cert_size)
    {
        offset++;       /* skip empty char */
-        cert_size = (ssl->bm_data[offset]<<8) + ssl->bm_data[offset+1];
+        cert_size = (buf[offset]<<8) + buf[offset+1];
        offset += 2;
-        if (x509_new(&ssl->bm_data[offset], NULL, chain))
+        if (x509_new(&buf[offset], NULL, chain))
        {
            ret = SSL_ERROR_BAD_CERTIFICATE;
            goto error;
@ -1759,6 +1760,7 @@ int process_certificate(SSL *ssl, X509_CTX **x509_ctx)
    DISPLAY_CERT(ssl, "process_certificate", *x509_ctx);
    ssl->next_state = is_client ? HS_SERVER_HELLO_DONE : HS_CLIENT_KEY_XCHG;
    ssl->bm_proc_index += offset;
 error:
    return ret;
 }
--- a/ssl/tls1.h
+++ b/ssl/tls1.h
@ -173,6 +173,7 @@ struct _SSL
    uint8_t *bm_data;
    uint16_t bm_index;
    uint16_t bm_read_index;
    uint16_t bm_proc_index;
    struct _SSL *next;                  /* doubly linked list */
    struct _SSL *prev;
    SSL_CERT *certs;
--- a/ssl/tls1_clnt.c
+++ b/ssl/tls1_clnt.c
@ -221,11 +221,10 @@ static int process_server_hello(SSL *ssl)
 {
    uint8_t *buf = ssl->bm_data;
    int pkt_size = ssl->bm_index;
    int offset;
    int version = (buf[4] << 4) + buf[5];
    int num_sessions = ssl->ssl_ctx->num_sessions;
    uint8_t sess_id_size;
-    int ret = SSL_OK;
+    int offset, ret = SSL_OK;
    /* check that we are talking to a TLSv1 server */
    if (version != 0x31)
@ -259,7 +258,9 @@ static int process_server_hello(SSL *ssl)
    ssl->next_state = IS_SET_SSL_FLAG(SSL_SESSION_RESUME) ? 
                                        HS_FINISHED : HS_CERTIFICATE;
    offset++;   // skip the compr
    PARANOIA_CHECK(pkt_size, offset);
    ssl->bm_proc_index = offset+1; 
 error:
    return ret;
@ -311,10 +312,18 @@ static int send_client_key_xchg(SSL *ssl)
 */
 static int process_cert_req(SSL *ssl)
 {
    uint8_t *buf = &ssl->bm_data[ssl->bm_proc_index];
    int ret = SSL_OK;
    int offset = (buf[2] << 4) + buf[3];
    int pkt_size = ssl->bm_index;
    /* don't do any processing - we will send back an RSA certificate anyway */
    ssl->next_state = HS_SERVER_HELLO_DONE;
    SET_SSL_FLAG(SSL_HAS_CERT_REQ);
-    return SSL_OK;
+    ssl->bm_proc_index += offset;
    PARANOIA_CHECK(pkt_size, offset);
 error:
    return ret;
 }
 /*