Check whether `-fgnu89-inline' is supported before using it.
[gnutls.git] / lib / gnutls_record.c
blobca4aea7420cfffe9b36ec069109a55ea05f0f76b
1 /*
2 * Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation
4 * Author: Nikos Mavrogiannopoulos
6 * This file is part of GNUTLS.
8 * The GNUTLS library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 2.1 of
11 * the License, or (at your option) any later version.
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
21 * USA
25 /* Functions that are record layer specific, are included in this file.
28 #include "gnutls_int.h"
29 #include "gnutls_errors.h"
30 #include "debug.h"
31 #include "gnutls_compress.h"
32 #include "gnutls_cipher.h"
33 #include "gnutls_buffers.h"
34 #include "gnutls_handshake.h"
35 #include "gnutls_hash_int.h"
36 #include "gnutls_cipher_int.h"
37 #include "gnutls_algorithms.h"
38 #include "gnutls_db.h"
39 #include "gnutls_auth_int.h"
40 #include "gnutls_num.h"
41 #include "gnutls_record.h"
42 #include "gnutls_datum.h"
43 #include "ext_max_record.h"
44 #include <gnutls_state.h>
45 #include <gnutls_dh.h>
47 /**
48 * gnutls_protocol_get_version - Returns the version of the currently used protocol
49 * @session: is a #gnutls_session_t structure.
51 * Get TLS version, a #gnutls_protocol_t value.
53 * Returns: the version of the currently used protocol.
54 **/
55 gnutls_protocol_t
56 gnutls_protocol_get_version (gnutls_session_t session)
58 return session->security_parameters.version;
61 void
62 _gnutls_set_current_version (gnutls_session_t session,
63 gnutls_protocol_t version)
65 session->security_parameters.version = version;
68 /**
69 * gnutls_transport_set_lowat - Used to set the lowat value in order for select to check for pending data.
70 * @session: is a #gnutls_session_t structure.
71 * @num: is the low water value.
73 * Used to set the lowat value in order for select to check if there
74 * are pending data to socket buffer. Used only if you have changed
75 * the default low water value (default is 1). Normally you will not
76 * need that function. This function is only useful if using
77 * berkeley style sockets. Otherwise it must be called and set lowat
78 * to zero.
79 **/
80 void
81 gnutls_transport_set_lowat (gnutls_session_t session, int num)
83 session->internals.lowat = num;
86 /**
87 * gnutls_record_disable_padding - Used to disabled padding in TLS 1.0 and above
88 * @session: is a #gnutls_session_t structure.
90 * Used to disabled padding in TLS 1.0 and above. Normally you do
91 * not need to use this function, but there are buggy clients that
92 * complain if a server pads the encrypted data. This of course will
93 * disable protection against statistical attacks on the data.
95 * Normally only servers that require maximum compatibility with everything
96 * out there, need to call this function.
97 **/
98 void
99 gnutls_record_disable_padding (gnutls_session_t session)
101 session->internals.priorities.no_padding = 1;
105 * gnutls_transport_set_ptr - Used to set first argument of the transport functions
106 * @session: is a #gnutls_session_t structure.
107 * @ptr: is the value.
109 * Used to set the first argument of the transport function (like
110 * PUSH and PULL). In berkeley style sockets this function will set
111 * the connection handle.
113 void
114 gnutls_transport_set_ptr (gnutls_session_t session,
115 gnutls_transport_ptr_t ptr)
117 session->internals.transport_recv_ptr = ptr;
118 session->internals.transport_send_ptr = ptr;
123 * gnutls_transport_set_ptr2 - Used to set first argument of the transport functions
124 * @session: is a #gnutls_session_t structure.
125 * @recv_ptr: is the value for the pull function
126 * @send_ptr: is the value for the push function
128 * Used to set the first argument of the transport function (like
129 * PUSH and PULL). In berkeley style sockets this function will set
130 * the connection handle. With this function you can use two
131 * different pointers for receiving and sending.
133 void
134 gnutls_transport_set_ptr2 (gnutls_session_t session,
135 gnutls_transport_ptr_t recv_ptr,
136 gnutls_transport_ptr_t send_ptr)
138 session->internals.transport_send_ptr = send_ptr;
139 session->internals.transport_recv_ptr = recv_ptr;
143 * gnutls_transport_get_ptr - Used to return the first argument of the transport functions
144 * @session: is a #gnutls_session_t structure.
146 * Used to get the first argument of the transport function (like
147 * PUSH and PULL). This must have been set using
148 * gnutls_transport_set_ptr().
150 * Returns: first argument of the transport function.
152 gnutls_transport_ptr_t
153 gnutls_transport_get_ptr (gnutls_session_t session)
155 return session->internals.transport_recv_ptr;
159 * gnutls_transport_get_ptr2 - Used to return the first argument of the transport functions
160 * @session: is a #gnutls_session_t structure.
161 * @recv_ptr: will hold the value for the pull function
162 * @send_ptr: will hold the value for the push function
164 * Used to get the arguments of the transport functions (like PUSH
165 * and PULL). These should have been set using
166 * gnutls_transport_set_ptr2().
168 void
169 gnutls_transport_get_ptr2 (gnutls_session_t session,
170 gnutls_transport_ptr_t * recv_ptr,
171 gnutls_transport_ptr_t * send_ptr)
174 *recv_ptr = session->internals.transport_recv_ptr;
175 *send_ptr = session->internals.transport_send_ptr;
179 * gnutls_bye - terminate the current TLS/SSL connection.
180 * @session: is a #gnutls_session_t structure.
181 * @how: is an integer
183 * Terminates the current TLS/SSL connection. The connection should
184 * have been initiated using gnutls_handshake(). @how should be one
185 * of %GNUTLS_SHUT_RDWR, %GNUTLS_SHUT_WR.
187 * In case of %GNUTLS_SHUT_RDWR then the TLS connection gets
188 * terminated and further receives and sends will be disallowed. If
189 * the return value is zero you may continue using the connection.
190 * %GNUTLS_SHUT_RDWR actually sends an alert containing a close
191 * request and waits for the peer to reply with the same message.
193 * In case of %GNUTLS_SHUT_WR then the TLS connection gets terminated
194 * and further sends will be disallowed. In order to reuse the
195 * connection you should wait for an EOF from the peer.
196 * %GNUTLS_SHUT_WR sends an alert containing a close request.
198 * Note that not all implementations will properly terminate a TLS
199 * connection. Some of them, usually for performance reasons, will
200 * terminate only the underlying transport layer, thus causing a
201 * transmission error to the peer. This error cannot be
202 * distinguished from a malicious party prematurely terminating the
203 * session, thus this behavior is not recommended.
205 * This function may also return %GNUTLS_E_AGAIN or
206 * %GNUTLS_E_INTERRUPTED; cf. gnutls_record_get_direction().
208 * Returns: %GNUTLS_E_SUCCESS on success, or an error code, see
209 * function documentation for entire semantics.
212 gnutls_bye (gnutls_session_t session, gnutls_close_request_t how)
214 int ret = 0;
216 switch (STATE)
218 case STATE0:
219 case STATE60:
220 ret = _gnutls_io_write_flush (session);
221 STATE = STATE60;
222 if (ret < 0)
224 gnutls_assert ();
225 return ret;
228 case STATE61:
229 ret =
230 gnutls_alert_send (session, GNUTLS_AL_WARNING, GNUTLS_A_CLOSE_NOTIFY);
231 STATE = STATE61;
232 if (ret < 0)
234 gnutls_assert ();
235 return ret;
238 case STATE62:
239 STATE = STATE62;
240 if (how == GNUTLS_SHUT_RDWR)
244 _gnutls_io_clear_peeked_data (session);
245 ret = _gnutls_recv_int (session, GNUTLS_ALERT, -1, NULL, 0);
247 while (ret == GNUTLS_E_GOT_APPLICATION_DATA);
249 if (ret >= 0)
250 session->internals.may_not_read = 1;
252 if (ret < 0)
254 gnutls_assert ();
255 return ret;
258 STATE = STATE62;
260 break;
261 default:
262 gnutls_assert ();
263 return GNUTLS_E_INTERNAL_ERROR;
266 STATE = STATE0;
268 session->internals.may_not_write = 1;
269 return 0;
272 inline static void
273 session_invalidate (gnutls_session_t session)
275 session->internals.valid_connection = VALID_FALSE;
279 inline static void
280 session_unresumable (gnutls_session_t session)
282 session->internals.resumable = RESUME_FALSE;
285 /* returns 0 if session is valid
287 inline static int
288 session_is_valid (gnutls_session_t session)
290 if (session->internals.valid_connection == VALID_FALSE)
291 return GNUTLS_E_INVALID_SESSION;
293 return 0;
296 /* Copies the record version into the headers. The
297 * version must have 2 bytes at least.
299 inline static void
300 copy_record_version (gnutls_session_t session,
301 gnutls_handshake_description_t htype, opaque version[2])
303 gnutls_protocol_t lver;
305 if (htype != GNUTLS_HANDSHAKE_CLIENT_HELLO
306 || session->internals.default_record_version[0] == 0)
308 lver = gnutls_protocol_get_version (session);
310 version[0] = _gnutls_version_get_major (lver);
311 version[1] = _gnutls_version_get_minor (lver);
313 else
315 version[0] = session->internals.default_record_version[0];
316 version[1] = session->internals.default_record_version[1];
320 /* This function behaves exactly like write(). The only difference is
321 * that it accepts, the gnutls_session_t and the content_type_t of data to
322 * send (if called by the user the Content is specific)
323 * It is intended to transfer data, under the current session.
325 * Oct 30 2001: Removed capability to send data more than MAX_RECORD_SIZE.
326 * This makes the function much easier to read, and more error resistant
327 * (there were cases were the old function could mess everything up).
328 * --nmav
330 * This function may accept a NULL pointer for data, and 0 for size, if
331 * and only if the previous send was interrupted for some reason.
334 ssize_t
335 _gnutls_send_int (gnutls_session_t session, content_type_t type,
336 gnutls_handshake_description_t htype, const void *_data,
337 size_t sizeofdata)
339 uint8_t *cipher;
340 int cipher_size;
341 int retval, ret;
342 int data2send_size;
343 uint8_t headers[5];
344 const uint8_t *data = _data;
346 /* Do not allow null pointer if the send buffer is empty.
347 * If the previous send was interrupted then a null pointer is
348 * ok, and means to resume.
350 if (session->internals.record_send_buffer.length == 0 &&
351 (sizeofdata == 0 && _data == NULL))
353 gnutls_assert ();
354 return GNUTLS_E_INVALID_REQUEST;
357 if (type != GNUTLS_ALERT) /* alert messages are sent anyway */
358 if (session_is_valid (session) || session->internals.may_not_write != 0)
360 gnutls_assert ();
361 return GNUTLS_E_INVALID_SESSION;
364 headers[0] = type;
366 /* Use the default record version, if it is
367 * set.
369 copy_record_version (session, htype, &headers[1]);
372 _gnutls_record_log
373 ("REC[%x]: Sending Packet[%d] %s(%d) with length: %d\n", session,
374 (int) _gnutls_uint64touint32 (&session->connection_state.
375 write_sequence_number),
376 _gnutls_packet2str (type), type, sizeofdata);
378 if (sizeofdata > MAX_RECORD_SEND_SIZE)
379 data2send_size = MAX_RECORD_SEND_SIZE;
380 else
381 data2send_size = sizeofdata;
383 /* Only encrypt if we don't have data to send
384 * from the previous run. - probably interrupted.
386 if (session->internals.record_send_buffer.length > 0)
388 ret = _gnutls_io_write_flush (session);
389 if (ret > 0)
390 cipher_size = ret;
391 else
392 cipher_size = 0;
394 cipher = NULL;
396 retval = session->internals.record_send_buffer_user_size;
398 else
401 /* now proceed to packet encryption
403 cipher_size = data2send_size + MAX_RECORD_OVERHEAD;
404 cipher = gnutls_malloc (cipher_size);
405 if (cipher == NULL)
407 gnutls_assert ();
408 return GNUTLS_E_MEMORY_ERROR;
411 cipher_size =
412 _gnutls_encrypt (session, headers, RECORD_HEADER_SIZE, data,
413 data2send_size, cipher, cipher_size, type, (session->internals.priorities.no_padding==0)?1:0);
414 if (cipher_size <= 0)
416 gnutls_assert ();
417 if (cipher_size == 0)
418 cipher_size = GNUTLS_E_ENCRYPTION_FAILED;
419 gnutls_free (cipher);
420 return cipher_size; /* error */
423 retval = data2send_size;
424 session->internals.record_send_buffer_user_size = data2send_size;
426 /* increase sequence number
428 if (_gnutls_uint64pp
429 (&session->connection_state.write_sequence_number) != 0)
431 session_invalidate (session);
432 gnutls_assert ();
433 gnutls_free (cipher);
434 return GNUTLS_E_RECORD_LIMIT_REACHED;
437 ret =
438 _gnutls_io_write_buffered (session, cipher, cipher_size);
439 gnutls_free (cipher);
442 if (ret != cipher_size)
444 if (ret < 0 && gnutls_error_is_fatal (ret) == 0)
446 /* If we have sent any data then just return
447 * the error value. Do not invalidate the session.
449 gnutls_assert ();
450 return ret;
453 if (ret > 0)
455 gnutls_assert ();
456 ret = GNUTLS_E_INTERNAL_ERROR;
458 session_unresumable (session);
459 session->internals.may_not_write = 1;
460 gnutls_assert ();
461 return ret;
464 session->internals.record_send_buffer_user_size = 0;
466 _gnutls_record_log ("REC[%x]: Sent Packet[%d] %s(%d) with length: %d\n",
467 session,
468 (int) _gnutls_uint64touint32 (&session->
469 connection_state.
470 write_sequence_number),
471 _gnutls_packet2str (type), type, cipher_size);
473 return retval;
476 /* This function is to be called if the handshake was successfully
477 * completed. This sends a Change Cipher Spec packet to the peer.
479 ssize_t
480 _gnutls_send_change_cipher_spec (gnutls_session_t session, int again)
482 static const opaque data[1] = { GNUTLS_TYPE_CHANGE_CIPHER_SPEC };
484 _gnutls_handshake_log ("REC[%x]: Sent ChangeCipherSpec\n", session);
486 if (again == 0)
487 return _gnutls_send_int (session, GNUTLS_CHANGE_CIPHER_SPEC, -1, data, 1);
488 else
490 return _gnutls_io_write_flush (session);
494 inline static int
495 check_recv_type (content_type_t recv_type)
497 switch (recv_type)
499 case GNUTLS_CHANGE_CIPHER_SPEC:
500 case GNUTLS_ALERT:
501 case GNUTLS_HANDSHAKE:
502 case GNUTLS_APPLICATION_DATA:
503 case GNUTLS_INNER_APPLICATION:
504 return 0;
505 default:
506 gnutls_assert ();
507 return GNUTLS_A_UNEXPECTED_MESSAGE;
513 /* Checks if there are pending data in the record buffers. If there are
514 * then it copies the data.
516 static int
517 check_buffers (gnutls_session_t session, content_type_t type,
518 opaque * data, int sizeofdata)
520 if ((type == GNUTLS_APPLICATION_DATA ||
521 type == GNUTLS_HANDSHAKE ||
522 type == GNUTLS_INNER_APPLICATION)
523 && _gnutls_record_buffer_get_size (type, session) > 0)
525 int ret, ret2;
526 ret = _gnutls_record_buffer_get (type, session, data, sizeofdata);
527 if (ret < 0)
529 gnutls_assert ();
530 return ret;
533 /* if the buffer just got empty */
534 if (_gnutls_record_buffer_get_size (type, session) == 0)
536 if ((ret2 = _gnutls_io_clear_peeked_data (session)) < 0)
538 gnutls_assert ();
539 return ret2;
543 return ret;
546 return 0;
550 /* Checks the record headers and returns the length, version and
551 * content type.
553 static int
554 record_check_headers (gnutls_session_t session,
555 uint8_t headers[RECORD_HEADER_SIZE],
556 content_type_t type,
557 gnutls_handshake_description_t htype,
558 /*output */ content_type_t * recv_type,
559 opaque version[2], uint16_t * length,
560 uint16_t * header_size)
563 /* Read the first two bytes to determine if this is a
564 * version 2 message
567 if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO && type == GNUTLS_HANDSHAKE
568 && headers[0] > 127)
571 /* if msb set and expecting handshake message
572 * it should be SSL 2 hello
574 version[0] = 3; /* assume SSL 3.0 */
575 version[1] = 0;
577 *length = (((headers[0] & 0x7f) << 8)) | headers[1];
579 /* SSL 2.0 headers */
580 *header_size = 2;
581 *recv_type = GNUTLS_HANDSHAKE; /* we accept only v2 client hello
584 /* in order to assist the handshake protocol.
585 * V2 compatibility is a mess.
587 session->internals.v2_hello = *length;
589 _gnutls_record_log ("REC[%x]: V2 packet received. Length: %d\n",
590 session, *length);
593 else
595 /* version 3.x
597 *recv_type = headers[0];
598 version[0] = headers[1];
599 version[1] = headers[2];
601 /* No DECR_LEN, since headers has enough size.
603 *length = _gnutls_read_uint16 (&headers[3]);
606 return 0;
609 /* Here we check if the advertized version is the one we
610 * negotiated in the handshake.
612 inline static int
613 record_check_version (gnutls_session_t session,
614 gnutls_handshake_description_t htype, opaque version[2])
616 if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO)
618 /* Reject hello packets with major version higher than 3.
620 if (version[0] > 3)
622 gnutls_assert ();
623 _gnutls_record_log
624 ("REC[%x]: INVALID VERSION PACKET: (%d) %d.%d\n", session,
625 htype, version[0], version[1]);
626 return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;
629 else if (htype != GNUTLS_HANDSHAKE_SERVER_HELLO &&
630 gnutls_protocol_get_version (session) !=
631 _gnutls_version_get (version[0], version[1]))
633 /* Reject record packets that have a different version than the
634 * one negotiated. Note that this version is not protected by any
635 * mac. I don't really think that this check serves any purpose.
637 gnutls_assert ();
638 _gnutls_record_log ("REC[%x]: INVALID VERSION PACKET: (%d) %d.%d\n",
639 session, htype, version[0], version[1]);
641 return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;
644 return 0;
647 /* This function will check if the received record type is
648 * the one we actually expect.
650 static int
651 record_check_type (gnutls_session_t session,
652 content_type_t recv_type, content_type_t type,
653 gnutls_handshake_description_t htype, opaque * data,
654 int data_size)
657 int ret;
659 if ((recv_type == type)
660 && (type == GNUTLS_APPLICATION_DATA ||
661 type == GNUTLS_HANDSHAKE || type == GNUTLS_INNER_APPLICATION))
663 _gnutls_record_buffer_put (type, session, (void *) data, data_size);
665 else
667 switch (recv_type)
669 case GNUTLS_ALERT:
671 _gnutls_record_log
672 ("REC[%x]: Alert[%d|%d] - %s - was received\n", session,
673 data[0], data[1], gnutls_alert_get_name ((int) data[1]));
675 session->internals.last_alert = data[1];
677 /* if close notify is received and
678 * the alert is not fatal
680 if (data[1] == GNUTLS_A_CLOSE_NOTIFY && data[0] != GNUTLS_AL_FATAL)
682 /* If we have been expecting for an alert do
684 session->internals.read_eof = 1;
685 return GNUTLS_E_INT_RET_0; /* EOF */
687 else
690 /* if the alert is FATAL or WARNING
691 * return the apropriate message
694 gnutls_assert ();
695 ret = GNUTLS_E_WARNING_ALERT_RECEIVED;
696 if (data[0] == GNUTLS_AL_FATAL)
698 session_unresumable (session);
699 session_invalidate (session);
700 ret = GNUTLS_E_FATAL_ALERT_RECEIVED;
703 return ret;
705 break;
707 case GNUTLS_CHANGE_CIPHER_SPEC:
708 /* this packet is now handled in the recv_int()
709 * function
711 gnutls_assert ();
713 return GNUTLS_E_UNEXPECTED_PACKET;
715 case GNUTLS_APPLICATION_DATA:
716 /* even if data is unexpected put it into the buffer */
717 if ((ret =
718 _gnutls_record_buffer_put (recv_type, session,
719 (void *) data, data_size)) < 0)
721 gnutls_assert ();
722 return ret;
725 /* the got_application data is only returned
726 * if expecting client hello (for rehandshake
727 * reasons). Otherwise it is an unexpected packet
729 if (type == GNUTLS_ALERT || (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO
730 && type == GNUTLS_HANDSHAKE))
731 return GNUTLS_E_GOT_APPLICATION_DATA;
732 else
734 gnutls_assert ();
735 return GNUTLS_E_UNEXPECTED_PACKET;
738 break;
739 case GNUTLS_HANDSHAKE:
740 /* This is legal if HELLO_REQUEST is received - and we are a client.
741 * If we are a server, a client may initiate a renegotiation at any time.
743 if (session->security_parameters.entity == GNUTLS_SERVER)
745 gnutls_assert ();
746 return GNUTLS_E_REHANDSHAKE;
749 /* If we are already in a handshake then a Hello
750 * Request is illegal. But here we don't really care
751 * since this message will never make it up here.
754 /* So we accept it */
755 return _gnutls_recv_hello_request (session, data, data_size);
757 break;
758 case GNUTLS_INNER_APPLICATION:
759 /* even if data is unexpected put it into the buffer */
760 if ((ret = _gnutls_record_buffer_put (recv_type, session,
761 (void *) data,
762 data_size)) < 0)
764 gnutls_assert ();
765 return ret;
767 gnutls_assert ();
768 return GNUTLS_E_UNEXPECTED_PACKET;
769 break;
770 default:
772 _gnutls_record_log
773 ("REC[%x]: Received Unknown packet %d expecting %d\n",
774 session, recv_type, type);
776 gnutls_assert ();
777 return GNUTLS_E_INTERNAL_ERROR;
781 return 0;
786 /* This function will return the internal (per session) temporary
787 * recv buffer. If the buffer was not initialized before it will
788 * also initialize it.
790 inline static int
791 get_temp_recv_buffer (gnutls_session_t session, gnutls_datum_t * tmp)
793 size_t max_record_size;
795 if (gnutls_compression_get(session) != GNUTLS_COMP_NULL)
796 max_record_size = MAX_RECORD_RECV_SIZE + EXTRA_COMP_SIZE;
797 else
798 max_record_size = MAX_RECORD_RECV_SIZE;
800 /* We allocate MAX_RECORD_RECV_SIZE length
801 * because we cannot predict the output data by the record
802 * packet length (due to compression).
805 if (max_record_size > session->internals.recv_buffer.size ||
806 session->internals.recv_buffer.data == NULL)
809 /* Initialize the internal buffer.
811 session->internals.recv_buffer.data =
812 gnutls_realloc (session->internals.recv_buffer.data,
813 max_record_size);
815 if (session->internals.recv_buffer.data == NULL)
817 gnutls_assert ();
818 return GNUTLS_E_MEMORY_ERROR;
821 session->internals.recv_buffer.size = max_record_size;
824 tmp->data = session->internals.recv_buffer.data;
825 tmp->size = session->internals.recv_buffer.size;
827 return 0;
831 #define MAX_EMPTY_PACKETS_SEQUENCE 4
833 /* This function behaves exactly like read(). The only difference is
834 * that it accepts the gnutls_session_t and the content_type_t of data to
835 * receive (if called by the user the Content is Userdata only)
836 * It is intended to receive data, under the current session.
838 * The gnutls_handshake_description_t was introduced to support SSL V2.0 client hellos.
840 ssize_t
841 _gnutls_recv_int (gnutls_session_t session, content_type_t type,
842 gnutls_handshake_description_t htype, opaque * data,
843 size_t sizeofdata)
845 gnutls_datum_t tmp;
846 int decrypted_length;
847 opaque version[2];
848 uint8_t *headers;
849 content_type_t recv_type;
850 uint16_t length;
851 uint8_t *ciphertext;
852 uint8_t *recv_data;
853 int ret, ret2;
854 uint16_t header_size;
855 int empty_packet = 0;
857 if (type != GNUTLS_ALERT && (sizeofdata == 0 || data == NULL))
859 return GNUTLS_E_INVALID_REQUEST;
862 begin:
864 if (empty_packet > MAX_EMPTY_PACKETS_SEQUENCE)
866 gnutls_assert ();
867 return GNUTLS_E_TOO_MANY_EMPTY_PACKETS;
870 if (session->internals.read_eof != 0)
872 /* if we have already read an EOF
874 return 0;
876 else if (session_is_valid (session) != 0
877 || session->internals.may_not_read != 0)
879 gnutls_assert ();
880 return GNUTLS_E_INVALID_SESSION;
883 /* If we have enough data in the cache do not bother receiving
884 * a new packet. (in order to flush the cache)
886 ret = check_buffers (session, type, data, sizeofdata);
887 if (ret != 0)
888 return ret;
891 /* default headers for TLS 1.0
893 header_size = RECORD_HEADER_SIZE;
895 if ((ret =
896 _gnutls_io_read_buffered (session, &headers, header_size,
897 -1)) != header_size)
899 if (ret < 0 && gnutls_error_is_fatal (ret) == 0)
900 return ret;
902 session_invalidate (session);
903 if (type == GNUTLS_ALERT)
905 gnutls_assert ();
906 return 0; /* we were expecting close notify */
908 session_unresumable (session);
909 gnutls_assert ();
910 return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
913 if ((ret =
914 record_check_headers (session, headers, type, htype, &recv_type,
915 version, &length, &header_size)) < 0)
917 gnutls_assert ();
918 return ret;
921 /* Here we check if the Type of the received packet is
922 * ok.
924 if ((ret = check_recv_type (recv_type)) < 0)
926 gnutls_assert ();
927 return ret;
930 /* Here we check if the advertized version is the one we
931 * negotiated in the handshake.
933 if ((ret = record_check_version (session, htype, version)) < 0)
935 gnutls_assert ();
936 session_invalidate (session);
937 return ret;
940 _gnutls_record_log
941 ("REC[%x]: Expected Packet[%d] %s(%d) with length: %d\n", session,
942 (int) _gnutls_uint64touint32 (&session->connection_state.
943 read_sequence_number),
944 _gnutls_packet2str (type), type, sizeofdata);
945 _gnutls_record_log
946 ("REC[%x]: Received Packet[%d] %s(%d) with length: %d\n", session,
947 (int) _gnutls_uint64touint32 (&session->connection_state.
948 read_sequence_number),
949 _gnutls_packet2str (recv_type), recv_type, length);
951 if (length > MAX_RECV_SIZE)
953 _gnutls_record_log
954 ("REC[%x]: FATAL ERROR: Received packet with length: %d\n",
955 session, length);
957 session_unresumable (session);
958 session_invalidate (session);
959 gnutls_assert ();
960 return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
963 /* check if we have that data into buffer.
965 if ((ret =
966 _gnutls_io_read_buffered (session, &recv_data,
967 header_size + length,
968 recv_type)) != header_size + length)
970 if (ret < 0 && gnutls_error_is_fatal (ret) == 0)
971 return ret;
973 session_unresumable (session);
974 session_invalidate (session);
975 gnutls_assert ();
976 return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
979 /* ok now we are sure that we can read all the data - so
980 * move on !
982 _gnutls_io_clear_read_buffer (session);
983 ciphertext = &recv_data[header_size];
985 ret = get_temp_recv_buffer (session, &tmp);
986 if (ret < 0)
988 gnutls_assert ();
989 return ret;
992 /* decrypt the data we got.
994 ret =
995 _gnutls_decrypt (session, ciphertext, length, tmp.data, tmp.size,
996 recv_type);
997 if (ret < 0)
999 session_unresumable (session);
1000 session_invalidate (session);
1001 gnutls_assert ();
1002 return ret;
1004 decrypted_length = ret;
1006 /* Check if this is a CHANGE_CIPHER_SPEC
1008 if (type == GNUTLS_CHANGE_CIPHER_SPEC &&
1009 recv_type == GNUTLS_CHANGE_CIPHER_SPEC)
1012 _gnutls_record_log
1013 ("REC[%x]: ChangeCipherSpec Packet was received\n", session);
1015 if ((size_t) ret != sizeofdata)
1016 { /* sizeofdata should be 1 */
1017 gnutls_assert ();
1018 return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
1020 memcpy (data, tmp.data, sizeofdata);
1022 return ret;
1025 _gnutls_record_log
1026 ("REC[%x]: Decrypted Packet[%d] %s(%d) with length: %d\n", session,
1027 (int) _gnutls_uint64touint32 (&session->connection_state.
1028 read_sequence_number),
1029 _gnutls_packet2str (recv_type), recv_type, decrypted_length);
1031 /* increase sequence number
1033 if (_gnutls_uint64pp (&session->connection_state.read_sequence_number) != 0)
1035 session_invalidate (session);
1036 gnutls_assert ();
1037 return GNUTLS_E_RECORD_LIMIT_REACHED;
1040 ret =
1041 record_check_type (session, recv_type, type, htype, tmp.data,
1042 decrypted_length);
1043 if (ret < 0)
1045 if (ret == GNUTLS_E_INT_RET_0)
1046 return 0;
1047 gnutls_assert ();
1048 return ret;
1051 /* Get Application data from buffer
1053 if ((recv_type == type) &&
1054 (type == GNUTLS_APPLICATION_DATA ||
1055 type == GNUTLS_HANDSHAKE || type == GNUTLS_INNER_APPLICATION))
1058 ret = _gnutls_record_buffer_get (type, session, data, sizeofdata);
1059 if (ret < 0)
1061 gnutls_assert ();
1062 return ret;
1065 /* if the buffer just got empty
1067 if (_gnutls_record_buffer_get_size (type, session) == 0)
1069 if ((ret2 = _gnutls_io_clear_peeked_data (session)) < 0)
1071 gnutls_assert ();
1072 return ret2;
1076 else
1078 gnutls_assert ();
1079 return GNUTLS_E_UNEXPECTED_PACKET;
1080 /* we didn't get what we wanted to
1084 /* (originally for) TLS 1.0 CBC protection.
1085 * Actually this code is called if we just received
1086 * an empty packet. An empty TLS packet is usually
1087 * sent to protect some vulnerabilities in the CBC mode.
1088 * In that case we go to the beginning and start reading
1089 * the next packet.
1091 if (ret == 0)
1093 empty_packet++;
1094 goto begin;
1097 return ret;
1102 * gnutls_record_send - sends to the peer the specified data
1103 * @session: is a #gnutls_session_t structure.
1104 * @data: contains the data to send
1105 * @sizeofdata: is the length of the data
1107 * This function has the similar semantics with send(). The only
1108 * difference is that is accepts a GNUTLS session, and uses different
1109 * error codes.
1111 * Note that if the send buffer is full, send() will block this
1112 * function. See the send() documentation for full information. You
1113 * can replace the default push function by using
1114 * gnutls_transport_set_ptr2() with a call to send() with a
1115 * MSG_DONTWAIT flag if blocking is a problem.
1117 * If the EINTR is returned by the internal push function (the
1118 * default is send()} then %GNUTLS_E_INTERRUPTED will be returned. If
1119 * %GNUTLS_E_INTERRUPTED or %GNUTLS_E_AGAIN is returned, you must
1120 * call this function again, with the same parameters; alternatively
1121 * you could provide a %NULL pointer for data, and 0 for
1122 * size. cf. gnutls_record_get_direction().
1124 * Returns: the number of bytes sent, or a negative error code. The
1125 * number of bytes sent might be less than @sizeofdata. The maximum
1126 * number of bytes this function can send in a single call depends on
1127 * the negotiated maximum record size.
1129 ssize_t
1130 gnutls_record_send (gnutls_session_t session, const void *data,
1131 size_t sizeofdata)
1133 return _gnutls_send_int (session, GNUTLS_APPLICATION_DATA, -1, data,
1134 sizeofdata);
1138 * gnutls_record_recv - reads data from the TLS record protocol
1139 * @session: is a #gnutls_session_t structure.
1140 * @data: the buffer that the data will be read into
1141 * @sizeofdata: the number of requested bytes
1143 * This function has the similar semantics with recv(). The only
1144 * difference is that is accepts a GNUTLS session, and uses different
1145 * error codes.
1147 * In the special case that a server requests a renegotiation, the
1148 * client may receive an error code of %GNUTLS_E_REHANDSHAKE. This
1149 * message may be simply ignored, replied with an alert containing
1150 * NO_RENEGOTIATION, or replied with a new handshake, depending on
1151 * the client's will.
1153 * If %EINTR is returned by the internal push function (the default
1154 * is recv()) then %GNUTLS_E_INTERRUPTED will be returned. If
1155 * %GNUTLS_E_INTERRUPTED or %GNUTLS_E_AGAIN is returned, you must
1156 * call this function again to get the data. See also
1157 * gnutls_record_get_direction().
1159 * A server may also receive %GNUTLS_E_REHANDSHAKE when a client has
1160 * initiated a handshake. In that case the server can only initiate a
1161 * handshake or terminate the connection.
1163 * Returns: the number of bytes received and zero on EOF. A negative
1164 * error code is returned in case of an error. The number of bytes
1165 * received might be less than @sizeofdata.
1167 ssize_t
1168 gnutls_record_recv (gnutls_session_t session, void *data, size_t sizeofdata)
1170 return _gnutls_recv_int (session, GNUTLS_APPLICATION_DATA, -1, data,
1171 sizeofdata);
1175 * gnutls_record_get_max_size - returns the maximum record size
1176 * @session: is a #gnutls_session_t structure.
1178 * This function returns the maximum record packet size in this
1179 * connection. The maximum record size is negotiated by the client
1180 * after the first handshake message.
1182 size_t
1183 gnutls_record_get_max_size (gnutls_session_t session)
1185 /* Recv will hold the negotiated max record size
1186 * always.
1188 return session->security_parameters.max_record_recv_size;
1193 * gnutls_record_set_max_size - sets the maximum record size
1194 * @session: is a #gnutls_session_t structure.
1195 * @size: is the new size
1197 * This function sets the maximum record packet size in this
1198 * connection. This property can only be set to clients. The server
1199 * may choose not to accept the requested size.
1201 * Acceptable values are 512(=2^9), 1024(=2^10), 2048(=2^11) and
1202 * 4096(=2^12). Returns 0 on success. The requested record size does
1203 * get in effect immediately only while sending data. The receive
1204 * part will take effect after a successful handshake.
1206 * This function uses a TLS extension called 'max record size'. Not
1207 * all TLS implementations use or even understand this extension.
1209 ssize_t
1210 gnutls_record_set_max_size (gnutls_session_t session, size_t size)
1212 ssize_t new_size;
1214 if (session->security_parameters.entity == GNUTLS_SERVER)
1215 return GNUTLS_E_INVALID_REQUEST;
1217 new_size = _gnutls_mre_record2num (size);
1219 if (new_size < 0)
1221 gnutls_assert ();
1222 return new_size;
1225 session->security_parameters.max_record_send_size = size;
1227 session->internals.proposed_record_size = size;
1229 return 0;