// Send a record (datagram version, accepts all record types, handles encryption and authentication).
static bool send_record_priv_datagram(sptps_t *s, uint8_t type, const void *data, uint16_t len) {
- char buffer[len + 21UL];
+ char buffer[len + SPTPS_DATAGRAM_OVERHEAD];
// Create header with sequence number, length and record type
uint32_t seqno = s->outseqno++;
if(s->outstate) {
// If first handshake has finished, encrypt and HMAC
chacha_poly1305_encrypt(s->outcipher, seqno, buffer + 4, len + 1, buffer + 4, NULL);
- return s->send_data(s->handle, type, buffer, len + 21UL);
+ return s->send_data(s->handle, type, buffer, len + SPTPS_DATAGRAM_OVERHEAD);
} else {
// Otherwise send as plaintext
return s->send_data(s->handle, type, buffer, len + 5UL);
return send_record_priv_datagram(s, type, data, len);
}
- char buffer[len + 19UL];
+ char buffer[len + SPTPS_OVERHEAD];
// Create header with sequence number, length and record type
uint32_t seqno = s->outseqno++;
if(s->outstate) {
// If first handshake has finished, encrypt and HMAC
chacha_poly1305_encrypt(s->outcipher, seqno, buffer + 2, len + 1, buffer + 2, NULL);
- return s->send_data(s->handle, type, buffer, len + 19UL);
+ return s->send_data(s->handle, type, buffer, len + SPTPS_OVERHEAD);
} else {
// Otherwise send as plaintext
return s->send_data(s->handle, type, buffer, len + 3UL);
// Force another Key EXchange (for testing purposes).
bool sptps_force_kex(sptps_t *s) {
- if(!s->outstate || s->state != SPTPS_SECONDARY_KEX) {
+ if(!s->outstate) {
return error(s, EINVAL, "Cannot force KEX in current state");
}
+ if(s->state != SPTPS_SECONDARY_KEX) {
+ // We are already in the middle of a key exchange
+ return true;
+ }
+
s->state = SPTPS_KEX;
return send_kex(s);
}
return error(s, EIO, "SPTPS state not ready to verify this datagram");
}
- if(len < 21) {
+ if(len < SPTPS_DATAGRAM_OVERHEAD) {
return error(s, EIO, "Received short packet in sptps_verify_datagram");
}
static bool sptps_receive_data_datagram(sptps_t *s, const void *vdata, size_t len) {
const char *data = vdata;
- if(len < (s->instate ? 21 : 5)) {
+ if(len < (s->instate ? SPTPS_DATAGRAM_OVERHEAD : 5)) {
return error(s, EIO, "Received short packet in sptps_receive_data_datagram");
}
return error(s, EIO, "Application record received before handshake finished");
}
- if(!s->receive_record(s->handle, type, s->decrypted_buffer + 1, len - 21)) {
+ if(!s->receive_record(s->handle, type, s->decrypted_buffer + 1, len - SPTPS_DATAGRAM_OVERHEAD)) {
abort();
}
} else if(type == SPTPS_HANDSHAKE) {
- if(!receive_handshake(s, s->decrypted_buffer + 1, len - 21)) {
+ if(!receive_handshake(s, s->decrypted_buffer + 1, len - SPTPS_DATAGRAM_OVERHEAD)) {
abort();
}
} else {
s->reclen = ntohs(s->reclen);
// If we have the length bytes, ensure our buffer can hold the whole request.
- s->inbuf = realloc(s->inbuf, s->reclen + 19UL);
+ s->inbuf = realloc(s->inbuf, s->reclen + SPTPS_OVERHEAD);
if(!s->inbuf) {
return error(s, errno, strerror(errno));
}
// Read up to the end of the record.
- size_t toread = s->reclen + (s->instate ? 19UL : 3UL) - s->buflen;
+ size_t toread = s->reclen + (s->instate ? SPTPS_OVERHEAD : 3UL) - s->buflen;
if(toread > len) {
toread = len;
ptr += toread;
// If we don't have a whole record, exit.
- if(s->buflen < s->reclen + (s->instate ? 19UL : 3UL)) {
+ if(s->buflen < s->reclen + (s->instate ? SPTPS_OVERHEAD : 3UL)) {
return true;
}