Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / boringssl / ae1abf960be4d4a40ea2699f1373506023d4e207^! / . / src / ssl / s3_both.cc
commitae1abf960be4d4a40ea2699f1373506023d4e207[log] [tgz]
authorRobert Sloan <varomodt@google.com>Thu Oct 05 12:50:08 2017 -0700
committerRobert Sloan <varomodt@google.com>Thu Oct 05 15:14:20 2017 -0700
tree9c5cc61d9912303d762abd978afae2bc91eb295e
parentc9df3a1ff1d0cddebf2fc32ad8a03a429c0e834c [diff] [blame]
external/boringssl: Sync to 392cedd0a28f15b693c81c8b877ee3d74c122d42.

... b/c OPENSSL_VERSION_NUMBER was messed up in the previous sync.

This includes the following changes:

https://boringssl.googlesource.com/boringssl/+log/575334657fcb66a4861c9d125430b2aef60476a6..392cedd0a28f15b693c81c8b877ee3d74c122d42

Test: BoringSSL CTS Presubmits.
Change-Id: I7fedea67d6bb3e50aeebaf2d7183ea69dfc7b79f

diff --git a/src/ssl/s3_both.cc b/src/ssl/s3_both.cc
index f63ed26..65e2089 100644
--- a/src/ssl/s3_both.cc
+++ b/src/ssl/s3_both.cc

@@ -132,8 +132,8 @@
 
 namespace bssl {
 
-static int add_record_to_flight(SSL *ssl, uint8_t type, const uint8_t *in,
-                                size_t in_len) {
+static int add_record_to_flight(SSL *ssl, uint8_t type,
+                                Span<const uint8_t> in) {
   // We'll never add a flight while in the process of writing it out.
   assert(ssl->s3->pending_flight_offset == 0);
 
@@ -144,18 +144,19 @@
     }
   }
 
-  size_t max_out = in_len + SSL_max_seal_overhead(ssl);
+  size_t max_out = in.size() + SSL_max_seal_overhead(ssl);
   size_t new_cap = ssl->s3->pending_flight->length + max_out;
-  if (max_out < in_len || new_cap < max_out) {
+  if (max_out < in.size() || new_cap < max_out) {
     OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
     return 0;
   }
 
   size_t len;
   if (!BUF_MEM_reserve(ssl->s3->pending_flight, new_cap) ||
-      !tls_seal_record(ssl, (uint8_t *)ssl->s3->pending_flight->data +
-                                ssl->s3->pending_flight->length,
-                       &len, max_out, type, in, in_len)) {
+      !tls_seal_record(ssl,
+                       (uint8_t *)ssl->s3->pending_flight->data +
+                           ssl->s3->pending_flight->length,
+                       &len, max_out, type, in.data(), in.size())) {
     return 0;
   }
 
@@ -183,26 +184,15 @@
 int ssl3_add_message(SSL *ssl, Array<uint8_t> msg) {
   // Add the message to the current flight, splitting into several records if
   // needed.
-  size_t added = 0;
+  Span<const uint8_t> rest = msg;
   do {
-    size_t todo = msg.size() - added;
-    if (todo > ssl->max_send_fragment) {
-      todo = ssl->max_send_fragment;
-    }
+    Span<const uint8_t> chunk = rest.subspan(0, ssl->max_send_fragment);
+    rest = rest.subspan(chunk.size());
 
-    uint8_t type = SSL3_RT_HANDSHAKE;
-    if (ssl->server &&
-        ssl->s3->have_version &&
-        ssl->version == TLS1_3_RECORD_TYPE_EXPERIMENT_VERSION &&
-        ssl->s3->aead_write_ctx->is_null_cipher()) {
-      type = SSL3_RT_PLAINTEXT_HANDSHAKE;
-    }
-
-    if (!add_record_to_flight(ssl, type, msg.data() + added, todo)) {
+    if (!add_record_to_flight(ssl, SSL3_RT_HANDSHAKE, chunk)) {
       return 0;
     }
-    added += todo;
-  } while (added < msg.size());
+  } while (!rest.empty());
 
   ssl_do_msg_callback(ssl, 1 /* write */, SSL3_RT_HANDSHAKE, msg.data(),
                       msg.size());
@@ -218,8 +208,8 @@
 int ssl3_add_change_cipher_spec(SSL *ssl) {
   static const uint8_t kChangeCipherSpec[1] = {SSL3_MT_CCS};
 
-  if (!add_record_to_flight(ssl, SSL3_RT_CHANGE_CIPHER_SPEC, kChangeCipherSpec,
-                            sizeof(kChangeCipherSpec))) {
+  if (!add_record_to_flight(ssl, SSL3_RT_CHANGE_CIPHER_SPEC,
+                            kChangeCipherSpec)) {
     return 0;
   }
 
@@ -230,7 +220,7 @@
 
 int ssl3_add_alert(SSL *ssl, uint8_t level, uint8_t desc) {
   uint8_t alert[2] = {level, desc};
-  if (!add_record_to_flight(ssl, SSL3_RT_ALERT, alert, sizeof(alert))) {
+  if (!add_record_to_flight(ssl, SSL3_RT_ALERT, alert)) {
     return 0;
   }