Reverted commit 186751d9dd28082d4b19e69a2c15fd432d366133 and made out_hdr and out_msg back-to-back again
diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h
index 9746e27..b0f31ab 100644
--- a/include/polarssl/ssl.h
+++ b/include/polarssl/ssl.h
@@ -463,7 +463,7 @@
*/
unsigned char *out_ctr; /*!< 64-bit outgoing message counter */
unsigned char *out_hdr; /*!< 5-byte record header (out_ctr+8) */
- unsigned char *out_msg; /*!< the message contents (out_hdr+32)*/
+ unsigned char *out_msg; /*!< the message contents (out_hdr+5) */
int out_msgtype; /*!< record header: message type */
size_t out_msglen; /*!< record header: message length */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index dde0155..1baa527 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -917,30 +917,21 @@
{
if( ssl->transform_out->maclen == 16 )
{
- md5_context ctx;
- md5_hmac_starts( &ctx, ssl->transform_out->mac_enc, 16 );
- md5_hmac_update( &ctx, ssl->out_ctr, 13 );
- md5_hmac_update( &ctx, ssl->out_msg, ssl->out_msglen );
- md5_hmac_finish( &ctx, ssl->out_msg + ssl->out_msglen );
- memset( &ctx, 0, sizeof(md5_context));
+ md5_hmac( ssl->transform_out->mac_enc, 16,
+ ssl->out_ctr, ssl->out_msglen + 13,
+ ssl->out_msg + ssl->out_msglen );
}
else if( ssl->transform_out->maclen == 20 )
{
- sha1_context ctx;
- sha1_hmac_starts( &ctx, ssl->transform_out->mac_enc, 20 );
- sha1_hmac_update( &ctx, ssl->out_ctr, 13 );
- sha1_hmac_update( &ctx, ssl->out_msg, ssl->out_msglen );
- sha1_hmac_finish( &ctx, ssl->out_msg + ssl->out_msglen );
- memset( &ctx, 0, sizeof(sha1_context));
+ sha1_hmac( ssl->transform_out->mac_enc, 20,
+ ssl->out_ctr, ssl->out_msglen + 13,
+ ssl->out_msg + ssl->out_msglen );
}
else if( ssl->transform_out->maclen == 32 )
{
- sha2_context ctx;
- sha2_hmac_starts( &ctx, ssl->transform_out->mac_enc, 32, 0 );
- sha2_hmac_update( &ctx, ssl->out_ctr, 13 );
- sha2_hmac_update( &ctx, ssl->out_msg, ssl->out_msglen );
- sha2_hmac_finish( &ctx, ssl->out_msg + ssl->out_msglen );
- memset( &ctx, 0, sizeof(sha2_context));
+ sha2_hmac( ssl->transform_out->mac_enc, 32,
+ ssl->out_ctr, ssl->out_msglen + 13,
+ ssl->out_msg + ssl->out_msglen, 0 );
}
else if( ssl->transform_out->maclen != 0 )
{
@@ -1742,22 +1733,7 @@
SSL_DEBUG_MSG( 2, ( "message length: %d, out_left: %d",
5 + ssl->out_msglen, ssl->out_left ) );
- if( ssl->out_msglen < ssl->out_left )
- {
- size_t header_left = ssl->out_left - ssl->out_msglen;
-
- buf = ssl->out_hdr + 5 - header_left;
- ret = ssl->f_send( ssl->p_send, buf, header_left );
-
- SSL_DEBUG_RET( 2, "ssl->f_send (header)", ret );
-
- if( ret <= 0 )
- return( ret );
-
- ssl->out_left -= ret;
- }
-
- buf = ssl->out_msg + ssl->out_msglen - ssl->out_left;
+ buf = ssl->out_hdr + 5 + ssl->out_msglen - ssl->out_left;
ret = ssl->f_send( ssl->p_send, buf, ssl->out_left );
SSL_DEBUG_RET( 2, "ssl->f_send", ret );
@@ -1848,10 +1824,8 @@
ssl->out_hdr[0], ssl->out_hdr[1], ssl->out_hdr[2],
( ssl->out_hdr[3] << 8 ) | ssl->out_hdr[4] ) );
- SSL_DEBUG_BUF( 4, "output record header sent to network",
- ssl->out_hdr, 5 );
SSL_DEBUG_BUF( 4, "output record sent to network",
- ssl->out_hdr + 32, ssl->out_msglen );
+ ssl->out_hdr, 5 + ssl->out_msglen );
}
if( ( ret = ssl_flush_output( ssl ) ) != 0 )
@@ -2980,7 +2954,7 @@
ssl->out_ctr = (unsigned char *) malloc( len );
ssl->out_hdr = ssl->out_ctr + 8;
- ssl->out_msg = ssl->out_ctr + 40;
+ ssl->out_msg = ssl->out_ctr + 13;
if( ssl->out_ctr == NULL )
{