Make mbedtls_ssl_in_hdr_len() CID-unaware

The function mbedtls_ssl_in_hdr_len() is supposed to return the length of the record header of the current incoming record. With the advent of the DTLS Connection ID, this length is only known at runtime and hence so far needed to be derived from the internal in_iv pointer pointing to the beginning of the payload of the current incooing record. By now, however, those uses of mbedtls_ssl_in_hdr_len() where the presence of a CID would need to be detected have been removed (specifically, ssl_parse_record_header() doesn't use it anymore when checking that the current datagram is large enough to hold the record header, including the CID), and it's sufficient to statically return the default record header sizes of 5 / 13 Bytes for TLS / DTLS.
2019-07-12 09:55:46 +01:00 · 2019-07-12 09:55:46 +01:00 · 47be7686ab
commit 47be7686ab
parent b0fe0eedce
1 changed files with 14 additions and 1 deletions
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@ -941,7 +941,20 @@ void mbedtls_ssl_read_version( int *major, int *minor, int transport,

 static inline size_t mbedtls_ssl_in_hdr_len( const mbedtls_ssl_context *ssl )
 {
-    return( (size_t) ( ssl->in_iv - ssl->in_hdr ) );
+#if !defined(MBEDTLS_SSL_PROTO_DTLS)
+    ((void) ssl);
+#endif
+
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
+    if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
+    {
+        return( 13 );
+    }
+    else
+#endif /* MBEDTLS_SSL_PROTO_DTLS */
+    {
+        return( 5 );
+    }
 }

 static inline size_t mbedtls_ssl_out_hdr_len( const mbedtls_ssl_context *ssl )