From 6d3c7d8c59b9b7a26ab20a5f163f7d4077ed8686 Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 20 Jul 2012 13:04:03 -0700 Subject: [PATCH 1/2] allow bigger MTU record for sniffer --- cyassl/internal.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cyassl/internal.h b/cyassl/internal.h index 2cb84df92..1828da6c5 100644 --- a/cyassl/internal.h +++ b/cyassl/internal.h @@ -510,9 +510,9 @@ enum { #define COMP_EXTRA 0 #endif -/* only the sniffer needs space in the buffer for an extra MTU record */ +/* only the sniffer needs space in the buffer for extra MTU record(s) */ #ifdef CYASSL_SNIFFER - #define MTU_EXTRA MAX_MTU + #define MTU_EXTRA MAX_MTU * 3 #else #define MTU_EXTRA 0 #endif From aa164e5266c3d167de87ff9a43b3607c2ccbb666 Mon Sep 17 00:00:00 2001 From: toddouska Date: Mon, 23 Jul 2012 13:47:30 -0700 Subject: [PATCH 2/2] make compression more standard, no size prefix, default zlib comp, check verify before overwrite w/ decomp... still needs FIN and ALERT processing --- src/internal.c | 27 +++++++++------------------ 1 file changed, 9 insertions(+), 18 deletions(-) diff --git a/src/internal.c b/src/internal.c index 9b25d09b8..00f6e3093 100644 --- a/src/internal.c +++ b/src/internal.c @@ -239,7 +239,8 @@ static INLINE void ato32(const byte* c, word32* u32) ssl->c_stream.zfree = (free_func)myFree; ssl->c_stream.opaque = (voidpf)ssl->heap; - if (deflateInit(&ssl->c_stream, 8) != Z_OK) return ZLIB_INIT_ERROR; + if (deflateInit(&ssl->c_stream, Z_DEFAULT_COMPRESSION) != Z_OK) + return ZLIB_INIT_ERROR; ssl->didStreamInit = 1; @@ -268,11 +269,6 @@ static INLINE void ato32(const byte* c, word32* u32) int err; int currTotal = ssl->c_stream.total_out; - /* put size in front of compression */ - c16toa((word16)inSz, out); - out += 2; - outSz -= 2; - ssl->c_stream.next_in = in; ssl->c_stream.avail_in = inSz; ssl->c_stream.next_out = out; @@ -281,7 +277,7 @@ static INLINE void ato32(const byte* c, word32* u32) err = deflate(&ssl->c_stream, Z_SYNC_FLUSH); if (err != Z_OK && err != Z_STREAM_END) return ZLIB_COMPRESS_ERROR; - return ssl->c_stream.total_out - currTotal + sizeof(word16); + return ssl->c_stream.total_out - currTotal; } @@ -290,12 +286,6 @@ static INLINE void ato32(const byte* c, word32* u32) { int err; int currTotal = ssl->d_stream.total_out; - word16 len; - - /* find size in front of compression */ - ato16(in, &len); - in += 2; - inSz -= 2; ssl->d_stream.next_in = in; ssl->d_stream.avail_in = inSz; @@ -2244,11 +2234,6 @@ int DoApplicationData(CYASSL* ssl, byte* input, word32* inOutIdx) if (padByte) idx++; -#ifdef HAVE_LIBZ - if (ssl->options.usingCompression) - XMEMMOVE(rawData, decomp, dataSz); -#endif - /* verify */ if (dataSz) { if (XMEMCMP(mac, verify, digestSz)) { @@ -2259,6 +2244,12 @@ int DoApplicationData(CYASSL* ssl, byte* input, word32* inOutIdx) else GetSEQIncrement(ssl, 1); /* even though no data, increment verify */ +#ifdef HAVE_LIBZ + /* decompress could be bigger, overwrite after verify */ + if (ssl->options.usingCompression) + XMEMMOVE(rawData, decomp, dataSz); +#endif + *inOutIdx = idx; return 0; }