1 files changed, 62 insertions, 47 deletions
diff --git a/security/nss/lib/ssl/ssl3gthr.c b/security/nss/lib/ssl/ssl3gthr.c
index 8b323bb05..5ea7cc249 100644
--- a/security/nss/lib/ssl/ssl3gthr.c
+++ b/security/nss/lib/ssl/ssl3gthr.c
@@ -158,6 +158,7 @@ ssl3_GatherData(sslSocket *ss, sslGather *gs, int flags, ssl2Gather *ssl2gs)
                      * the length of the following encrypted data, and then
                      * read in the rest of the record into gs->inbuf. */
                     gs->remainder = (gs->hdr[3] << 8) | gs->hdr[4];
+                    gs->hdrLen = SSL3_RECORD_HEADER_LENGTH;
                 } else {
                     /* Probably an SSLv2 record header. No need to handle any
                      * security escapes (gs->hdr[0] & 0x40) as we wouldn't get
@@ -264,8 +265,9 @@ static int
 dtls_GatherData(sslSocket *ss, sslGather *gs, int flags)
 {
     int nb;
-    int err;
-    int rv = 1;
+    PRUint8 contentType;
+    unsigned int headerLen;
+    SECStatus rv;
 
     SSL_TRC(30, ("dtls_GatherData"));
 
@@ -285,81 +287,97 @@ dtls_GatherData(sslSocket *ss, sslGather *gs, int flags)
         ** to 13 (the size of the record header).
         */
         if (gs->dtlsPacket.space < MAX_FRAGMENT_LENGTH + 2048 + 13) {
-            err = sslBuffer_Grow(&gs->dtlsPacket,
-                                 MAX_FRAGMENT_LENGTH + 2048 + 13);
-            if (err) { /* realloc has set error code to no mem. */
-                return err;
+            rv = sslBuffer_Grow(&gs->dtlsPacket,
+                                MAX_FRAGMENT_LENGTH + 2048 + 13);
+            if (rv != SECSuccess) {
+                return -1; /* Code already set. */
             }
         }
 
         /* recv() needs to read a full datagram at a time */
         nb = ssl_DefRecv(ss, gs->dtlsPacket.buf, gs->dtlsPacket.space, flags);
-
         if (nb > 0) {
             PRINT_BUF(60, (ss, "raw gather data:", gs->dtlsPacket.buf, nb));
         } else if (nb == 0) {
             /* EOF */
             SSL_TRC(30, ("%d: SSL3[%d]: EOF", SSL_GETPID(), ss->fd));
-            rv = 0;
-            return rv;
+            return 0;
         } else /* if (nb < 0) */ {
             SSL_DBG(("%d: SSL3[%d]: recv error %d", SSL_GETPID(), ss->fd,
                      PR_GetError()));
-            rv = SECFailure;
-            return rv;
+            return -1;
         }
 
         gs->dtlsPacket.len = nb;
     }
 
+    contentType = gs->dtlsPacket.buf[gs->dtlsPacketOffset];
+    if (dtls_IsLongHeader(ss->version, contentType)) {
+        headerLen = 13;
+    } else if (contentType == content_application_data) {
+        headerLen = 7;
+    } else if ((contentType & 0xe0) == 0x20) {
+        headerLen = 2;
+    } else {
+        SSL_DBG(("%d: SSL3[%d]: invalid first octet (%d) for DTLS",
+                 SSL_GETPID(), ss->fd, contentType));
+        PORT_SetError(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE);
+        gs->dtlsPacketOffset = 0;
+        gs->dtlsPacket.len = 0;
+        return -1;
+    }
+
     /* At this point we should have >=1 complete records lined up in
      * dtlsPacket. Read off the header.
      */
-    if ((gs->dtlsPacket.len - gs->dtlsPacketOffset) < 13) {
+    if ((gs->dtlsPacket.len - gs->dtlsPacketOffset) < headerLen) {
         SSL_DBG(("%d: SSL3[%d]: rest of DTLS packet "
                  "too short to contain header",
                  SSL_GETPID(), ss->fd));
-        PR_SetError(PR_WOULD_BLOCK_ERROR, 0);
+        PORT_SetError(PR_WOULD_BLOCK_ERROR);
         gs->dtlsPacketOffset = 0;
         gs->dtlsPacket.len = 0;
-        rv = SECFailure;
-        return rv;
+        return -1;
     }
-    memcpy(gs->hdr, gs->dtlsPacket.buf + gs->dtlsPacketOffset, 13);
-    gs->dtlsPacketOffset += 13;
+    memcpy(gs->hdr, SSL_BUFFER_BASE(&gs->dtlsPacket) + gs->dtlsPacketOffset,
+           headerLen);
+    gs->hdrLen = headerLen;
+    gs->dtlsPacketOffset += headerLen;
 
     /* Have received SSL3 record header in gs->hdr. */
-    gs->remainder = (gs->hdr[11] << 8) | gs->hdr[12];
+    if (headerLen == 13) {
+        gs->remainder = (gs->hdr[11] << 8) | gs->hdr[12];
+    } else if (headerLen == 7) {
+        gs->remainder = (gs->hdr[5] << 8) | gs->hdr[6];
+    } else {
+        PORT_Assert(headerLen == 2);
+        gs->remainder = gs->dtlsPacket.len - gs->dtlsPacketOffset;
+    }
 
     if ((gs->dtlsPacket.len - gs->dtlsPacketOffset) < gs->remainder) {
         SSL_DBG(("%d: SSL3[%d]: rest of DTLS packet too short "
                  "to contain rest of body",
                  SSL_GETPID(), ss->fd));
-        PR_SetError(PR_WOULD_BLOCK_ERROR, 0);
+        PORT_SetError(PR_WOULD_BLOCK_ERROR);
         gs->dtlsPacketOffset = 0;
         gs->dtlsPacket.len = 0;
-        rv = SECFailure;
-        return rv;
+        return -1;
     }
 
     /* OK, we have at least one complete packet, copy into inbuf */
-    if (gs->remainder > gs->inbuf.space) {
-        err = sslBuffer_Grow(&gs->inbuf, gs->remainder);
-        if (err) { /* realloc has set error code to no mem. */
-            return err;
-        }
+    gs->inbuf.len = 0;
+    rv = sslBuffer_Append(&gs->inbuf,
+                          SSL_BUFFER_BASE(&gs->dtlsPacket) + gs->dtlsPacketOffset,
+                          gs->remainder);
+    if (rv != SECSuccess) {
+        return -1; /* code already set. */
     }
-
-    SSL_TRC(20, ("%d: SSL3[%d]: dtls gathered record type=%d len=%d",
-                 SSL_GETPID(), ss->fd, gs->hdr[0], gs->inbuf.len));
-
-    memcpy(gs->inbuf.buf, gs->dtlsPacket.buf + gs->dtlsPacketOffset,
-           gs->remainder);
-    gs->inbuf.len = gs->remainder;
     gs->offset = gs->remainder;
     gs->dtlsPacketOffset += gs->remainder;
     gs->state = GS_INIT;
 
+    SSL_TRC(20, ("%d: SSL3[%d]: dtls gathered record type=%d len=%d",
+                 SSL_GETPID(), ss->fd, contentType, gs->inbuf.len));
     return 1;
 }
 
@@ -442,7 +460,11 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
              * We need to process it now before we overwrite it with the next
              * handshake record.
              */
-            rv = ssl3_HandleRecord(ss, NULL, &ss->gs.buf);
+            SSL_DBG(("%d: SSL3[%d]: resuming handshake",
+                     SSL_GETPID(), ss->fd));
+            PORT_Assert(!IS_DTLS(ss));
+            rv = ssl3_HandleNonApplicationData(ss, content_handshake,
+                                               0, 0, &ss->gs.buf);
         } else {
             /* State for SSLv2 client hello support. */
             ssl2Gather ssl2gs = { PR_FALSE, 0 };
@@ -495,20 +517,14 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
                  * If it's application data, ss->gs.buf will not be empty upon return.
                  * If it's a change cipher spec, alert, or handshake message,
                  * ss->gs.buf.len will be 0 when ssl3_HandleRecord returns SECSuccess.
+                 *
+                 * cText only needs to be valid for this next function call, so
+                 * it can borrow gs.hdr.
                  */
-                cText.type = (SSL3ContentType)ss->gs.hdr[0];
-                cText.version = (ss->gs.hdr[1] << 8) | ss->gs.hdr[2];
-
-                if (IS_DTLS(ss)) {
-                    sslSequenceNumber seq_num;
-
-                    /* DTLS sequence number */
-                    PORT_Memcpy(&seq_num, &ss->gs.hdr[3], sizeof(seq_num));
-                    cText.seq_num = PR_ntohll(seq_num);
-                }
-
+                cText.hdr = ss->gs.hdr;
+                cText.hdrLen = ss->gs.hdrLen;
                 cText.buf = &ss->gs.inbuf;
-                rv = ssl3_HandleRecord(ss, &cText, &ss->gs.buf);
+                rv = ssl3_HandleRecord(ss, &cText);
             }
         }
         if (rv < 0) {
@@ -520,7 +536,6 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
              * completing any renegotiation handshake we may be doing.
              */
             PORT_Assert(ss->firstHsDone);
-            PORT_Assert(cText.type == content_application_data);
             break;
         }