From d8bf8ceeb43d4f79a31f0b95af76a57f985cd6e4 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 12 Jul 2019 09:23:47 +0100 Subject: [PATCH] Move ssl_update_in_pointers() to after record hdr parsing Previously, ssl_update_in_pointers() ensured that the in_xxx pointers in the SSL context are set to their default state so that the record header parsing function ssl_parse_record_header() could make use of them. By now, the latter is independent of these pointers, so they don't need to be setup before calling ssl_parse_record_header() anymore. However, other parts of the messaging stack might still depend on it (to be studied), and hence this commit does not yet reomve ssl_update_in_pointers() entirely. --- library/ssl_tls.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index d200304f4a..128a40e135 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5994,11 +5994,6 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) return( ret ); #endif /* MBEDTLS_SSL_PROTO_DTLS */ - /* Reset in pointers to default state for TLS/DTLS records, - * assuming no CID and no offset between record content and - * record plaintext. */ - ssl_update_in_pointers( ssl ); - /* Ensure that we have enough space available for the default form * of TLS / DTLS record headers (5 Bytes for TLS, 13 Bytes for DTLS, * with no space for CIDs counted in). */ @@ -6028,6 +6023,11 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) if( ret == MBEDTLS_ERR_SSL_UNEXPECTED_RECORD ) { #if defined(MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE) && defined(MBEDTLS_SSL_SRV_C) + /* Reset in pointers to default state for TLS/DTLS records, + * assuming no CID and no offset between record content and + * record plaintext. */ + ssl_update_in_pointers( ssl ); + /* Setup internal message pointers from record structure. */ ssl->in_msgtype = rec.type; #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) @@ -6067,6 +6067,11 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl ) } } + /* Reset in pointers to default state for TLS/DTLS records, + * assuming no CID and no offset between record content and + * record plaintext. */ + ssl_update_in_pointers( ssl ); + /* Setup internal message pointers from record structure. */ ssl->in_msgtype = rec.type; #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)