Merge pull request #4164 from dgarske/async_frag

Fix for async with fragmented packets
2025-07-29 18:27:29 +02:00 · 2021-06-25 08:33:50 -07:00
parent 74b9b5a8cd 45ef68d5c7
commit 5437883da7
1 changed files with 21 additions and 11 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -13698,8 +13698,15 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
        if (inputLength > pendSz)
            inputLength = pendSz;

-        XMEMCPY(ssl->arrays->pendingMsg + ssl->arrays->pendingMsgOffset,
-                input + *inOutIdx, inputLength);
+    #ifdef WOLFSSL_ASYNC_CRYPT
+        if (ssl->error != WC_PENDING_E)
+    #endif
+        {
+            /* for async this copy was already done, do not replace, since
+             * conents may have been changed for inline operations */
+            XMEMCPY(ssl->arrays->pendingMsg + ssl->arrays->pendingMsgOffset,
+                    input + *inOutIdx, inputLength);
+        }
        ssl->arrays->pendingMsgOffset += inputLength;
        *inOutIdx += inputLength;

@ -25774,6 +25781,12 @@ int SendCertificateVerify(WOLFSSL* ssl)
                        args->sigAlgo, ssl->suites->hashAlgo, key,
                        ssl->buffers.key
                    );
+
+                    /* free temporary buffer now */
+                    if (ret != WC_PENDING_E) {
+                        XFREE(args->verifySig, ssl->heap, DYNAMIC_TYPE_SIGNATURE);
+                        args->verifySig = NULL;
+                    }
                    break;
                }
            #endif /* !NO_RSA */
@ -25806,8 +25819,9 @@ int SendCertificateVerify(WOLFSSL* ssl)

        case TLS_ASYNC_END:
        {
-            ret = SendHandshakeMsg(ssl, args->output, (word32)args->length + args->extraSz +
-                    VERIFY_HEADER, certificate_verify, "CertificateVerify");
+            ret = SendHandshakeMsg(ssl, args->output,
+                (word32)args->length + args->extraSz + VERIFY_HEADER,
+                certificate_verify, "CertificateVerify");
            if (ret != 0)
                goto exit_scv;

@ -29364,14 +29378,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                        else
                    #endif
                        {
-                        #ifdef WOLFSSL_SMALL_STACK
-                            byte* encodedSig;
-                        #else
+                        #ifndef WOLFSSL_SMALL_STACK
                            byte  encodedSig[MAX_ENCODED_SIG_SZ];
-                        #endif
-
-                        #ifdef WOLFSSL_SMALL_STACK
-                            encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ,
+                        #else
+                            byte* encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ,
                                             ssl->heap, DYNAMIC_TYPE_SIGNATURE);
                            if (encodedSig == NULL) {
                                ERROR_OUT(MEMORY_E, exit_dcv);