Move the TLS vs DTLS header length adjustment into ssl_add_clienthello_tlsext. This makes calls to ssl_add_clienthello_tlsext a hair easier. Also we only apply the [256, 511) compatibility hack to TLS, so we can just use a constant. Bug: 275 Change-Id: Ia2b5192aeef0cd8848ecfa1ea3b89a0a7382ff1a Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/47996 Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/handshake_client.cc b/ssl/handshake_client.cc index e2c3dd9..1d6bc0a 100644 --- a/ssl/handshake_client.cc +++ b/ssl/handshake_client.cc
@@ -308,14 +308,12 @@ } } - size_t header_len = - SSL_is_dtls(ssl) ? DTLS1_HM_HEADER_LENGTH : SSL3_HM_HEADER_LENGTH; bool needs_psk_binder; if (!ssl_write_client_cipher_list(hs, &body) || !CBB_add_u8(&body, 1 /* one compression method */) || !CBB_add_u8(&body, 0 /* null compression */) || !ssl_add_clienthello_tlsext(hs, &body, &needs_psk_binder, - header_len + CBB_len(&body))) { + CBB_len(&body))) { return false; }
diff --git a/ssl/internal.h b/ssl/internal.h index 250beb1..72e1fba 100644 --- a/ssl/internal.h +++ b/ssl/internal.h
@@ -3163,7 +3163,7 @@ // ssl_add_clienthello_tlsext writes ClientHello extensions to |out|. It returns // true on success and false on failure. The |header_len| argument is the length // of the ClientHello written so far and is used to compute the padding length. -// (It does not include the record header.) On success, if +// (It does not include the record header or handshake headers.) On success, if // |*out_needs_psk_binder| is true, the last ClientHello extension was the // pre_shared_key extension and needs a PSK binder filled in. bool ssl_add_clienthello_tlsext(SSL_HANDSHAKE *hs, CBB *out,
diff --git a/ssl/t1_lib.cc b/ssl/t1_lib.cc index e780677..da89afb 100644 --- a/ssl/t1_lib.cc +++ b/ssl/t1_lib.cc
@@ -3311,7 +3311,8 @@ if (!SSL_is_dtls(ssl) && !ssl->quic_method) { size_t psk_extension_len = ext_pre_shared_key_clienthello_length(hs); - header_len += 2 + CBB_len(&extensions) + psk_extension_len; + header_len += + SSL3_HM_HEADER_LENGTH + 2 + CBB_len(&extensions) + psk_extension_len; size_t padding_len = 0; // The final extension must be non-empty. WebSphere Application