diff --git a/lib/std/crypto/tls/Client.zig b/lib/std/crypto/tls/Client.zig index 6d5bb86fed0a..74dff13c70a3 100644 --- a/lib/std/crypto/tls/Client.zig +++ b/lib/std/crypto/tls/Client.zig @@ -140,7 +140,7 @@ pub fn InitError(comptime Stream: type) type { /// /// `host` is only borrowed during this function call. pub fn init(stream: anytype, ca_bundle: Certificate.Bundle, host: []const u8) InitError(@TypeOf(stream))!Client { - const host_len = @as(u16, @intCast(host.len)); + const host_len: u16 = @intCast(host.len); var random_buffer: [128]u8 = undefined; crypto.random.bytes(&random_buffer); @@ -194,7 +194,7 @@ pub fn init(stream: anytype, ca_bundle: Certificate.Bundle, host: []const u8) In int2(host_len); const extensions_header = - int2(@as(u16, @intCast(extensions_payload.len + host_len))) ++ + int2(@intCast(extensions_payload.len + host_len)) ++ extensions_payload; const legacy_compression_methods = 0x0100; @@ -209,13 +209,13 @@ pub fn init(stream: anytype, ca_bundle: Certificate.Bundle, host: []const u8) In const out_handshake = [_]u8{@intFromEnum(tls.HandshakeType.client_hello)} ++ - int3(@as(u24, @intCast(client_hello.len + host_len))) ++ + int3(@intCast(client_hello.len + host_len)) ++ client_hello; const plaintext_header = [_]u8{ @intFromEnum(tls.ContentType.handshake), 0x03, 0x01, // legacy_record_version - } ++ int2(@as(u16, @intCast(out_handshake.len + host_len))) ++ out_handshake; + } ++ int2(@intCast(out_handshake.len + host_len)) ++ out_handshake; { var iovecs = [_]std.os.iovec_const{ @@ -466,7 +466,7 @@ pub fn init(stream: anytype, ca_bundle: Certificate.Bundle, host: []const u8) In }, }; - const inner_ct = @as(tls.ContentType, @enumFromInt(cleartext[cleartext.len - 1])); + const inner_ct: tls.ContentType = @enumFromInt(cleartext[cleartext.len - 1]); if (inner_ct != .handshake) return error.TlsUnexpectedMessage; var ctd = tls.Decoder.fromTheirSlice(cleartext[0 .. cleartext.len - 1]); @@ -520,7 +520,7 @@ pub fn init(stream: anytype, ca_bundle: Certificate.Bundle, host: []const u8) In const subject_cert: Certificate = .{ .buffer = certd.buf, - .index = @as(u32, @intCast(certd.idx)), + .index = @intCast(certd.idx), }; const subject = try subject_cert.parse(); if (cert_index == 0) { @@ -534,7 +534,7 @@ pub fn init(stream: anytype, ca_bundle: Certificate.Bundle, host: []const u8) In if (pub_key.len > main_cert_pub_key_buf.len) return error.CertificatePublicKeyInvalid; @memcpy(main_cert_pub_key_buf[0..pub_key.len], pub_key); - main_cert_pub_key_len = @as(@TypeOf(main_cert_pub_key_len), @intCast(pub_key.len)); + main_cert_pub_key_len = @intCast(pub_key.len); } else { try prev_cert.verify(subject, now_sec); } @@ -679,7 +679,7 @@ pub fn init(stream: anytype, ca_bundle: Certificate.Bundle, host: []const u8) In .write_seq = 0, .partial_cleartext_idx = 0, .partial_ciphertext_idx = 0, - .partial_ciphertext_end = @as(u15, @intCast(leftover.len)), + .partial_ciphertext_end = @intCast(leftover.len), .received_close_notify = false, .application_cipher = app_cipher, .partially_read_buffer = undefined, @@ -797,11 +797,11 @@ fn prepareCiphertextRecord( const overhead_len = tls.record_header_len + P.AEAD.tag_length + 1; const close_notify_alert_reserved = tls.close_notify_alert.len + overhead_len; while (true) { - const encrypted_content_len = @as(u16, @intCast(@min( + const encrypted_content_len: u16 = @intCast(@min( @min(bytes.len - bytes_i, max_ciphertext_len - 1), ciphertext_buf.len - close_notify_alert_reserved - overhead_len - ciphertext_end, - ))); + )); if (encrypted_content_len == 0) return .{ .iovec_end = iovec_end, .ciphertext_end = ciphertext_end, @@ -920,7 +920,7 @@ pub fn readvAdvanced(c: *Client, stream: anytype, iovecs: []const std.os.iovec) // Give away the buffered cleartext we have, if any. const partial_cleartext = c.partially_read_buffer[c.partial_cleartext_idx..c.partial_ciphertext_idx]; if (partial_cleartext.len > 0) { - const amt = @as(u15, @intCast(vp.put(partial_cleartext))); + const amt: u15 = @intCast(vp.put(partial_cleartext)); c.partial_cleartext_idx += amt; if (c.partial_cleartext_idx == c.partial_ciphertext_idx and @@ -958,6 +958,13 @@ pub fn readvAdvanced(c: *Client, stream: anytype, iovecs: []const std.os.iovec) // The amount of the user's buffer that will be used to give cleartext. The // beginning of the buffer will be used for such purposes. const cleartext_buf_len = free_size - ciphertext_buf_len; + + // Recoup `partially_read_buffer space`. This is necessary because it is assumed + // below that `frag0` is big enough to hold at least one record. + limitedOverlapCopy(c.partially_read_buffer[0..c.partial_ciphertext_end], c.partial_ciphertext_idx); + c.partial_ciphertext_end -= c.partial_ciphertext_idx; + c.partial_ciphertext_idx = 0; + c.partial_cleartext_idx = 0; const first_iov = c.partially_read_buffer[c.partial_ciphertext_end..]; var ask_iovecs_buf: [2]std.os.iovec = .{ @@ -1037,7 +1044,7 @@ pub fn readvAdvanced(c: *Client, stream: anytype, iovecs: []const std.os.iovec) in = 0; continue; } - const ct = @as(tls.ContentType, @enumFromInt(frag[in])); + const ct: tls.ContentType = @enumFromInt(frag[in]); in += 1; const legacy_version = mem.readIntBig(u16, frag[in..][0..2]); in += 2; @@ -1070,8 +1077,8 @@ pub fn readvAdvanced(c: *Client, stream: anytype, iovecs: []const std.os.iovec) switch (ct) { .alert => { if (in + 2 > frag.len) return error.TlsDecodeError; - const level = @as(tls.AlertLevel, @enumFromInt(frag[in])); - const desc = @as(tls.AlertDescription, @enumFromInt(frag[in + 1])); + const level: tls.AlertLevel = @enumFromInt(frag[in]); + const desc: tls.AlertDescription = @enumFromInt(frag[in + 1]); _ = level; try desc.toError(); @@ -1105,11 +1112,11 @@ pub fn readvAdvanced(c: *Client, stream: anytype, iovecs: []const std.os.iovec) c.read_seq = try std.math.add(u64, c.read_seq, 1); - const inner_ct = @as(tls.ContentType, @enumFromInt(cleartext[cleartext.len - 1])); + const inner_ct: tls.ContentType = @enumFromInt(cleartext[cleartext.len - 1]); switch (inner_ct) { .alert => { - const level = @as(tls.AlertLevel, @enumFromInt(cleartext[0])); - const desc = @as(tls.AlertDescription, @enumFromInt(cleartext[1])); + const level: tls.AlertLevel = @enumFromInt(cleartext[0]); + const desc: tls.AlertDescription = @enumFromInt(cleartext[1]); if (desc == .close_notify) { c.received_close_notify = true; c.partial_ciphertext_end = c.partial_ciphertext_idx; @@ -1124,7 +1131,7 @@ pub fn readvAdvanced(c: *Client, stream: anytype, iovecs: []const std.os.iovec) .handshake => { var ct_i: usize = 0; while (true) { - const handshake_type = @as(tls.HandshakeType, @enumFromInt(cleartext[ct_i])); + const handshake_type: tls.HandshakeType = @enumFromInt(cleartext[ct_i]); ct_i += 1; const handshake_len = mem.readIntBig(u24, cleartext[ct_i..][0..3]); ct_i += 3; @@ -1186,13 +1193,13 @@ pub fn readvAdvanced(c: *Client, stream: anytype, iovecs: []const std.os.iovec) c.partially_read_buffer[c.partial_ciphertext_idx..][0..msg.len], msg, ); - c.partial_ciphertext_idx = @as(@TypeOf(c.partial_ciphertext_idx), @intCast(c.partial_ciphertext_idx + msg.len)); + c.partial_ciphertext_idx = @intCast(c.partial_ciphertext_idx + msg.len); } else { const amt = vp.put(msg); if (amt < msg.len) { const rest = msg[amt..]; c.partial_cleartext_idx = 0; - c.partial_ciphertext_idx = @as(@TypeOf(c.partial_ciphertext_idx), @intCast(rest.len)); + c.partial_ciphertext_idx = @intCast(rest.len); @memcpy(c.partially_read_buffer[0..rest.len], rest); } } @@ -1220,12 +1227,12 @@ fn finishRead(c: *Client, frag: []const u8, in: usize, out: usize) usize { const saved_buf = frag[in..]; if (c.partial_ciphertext_idx > c.partial_cleartext_idx) { // There is cleartext at the beginning already which we need to preserve. - c.partial_ciphertext_end = @as(@TypeOf(c.partial_ciphertext_end), @intCast(c.partial_ciphertext_idx + saved_buf.len)); + c.partial_ciphertext_end = @intCast(c.partial_ciphertext_idx + saved_buf.len); @memcpy(c.partially_read_buffer[c.partial_ciphertext_idx..][0..saved_buf.len], saved_buf); } else { c.partial_cleartext_idx = 0; c.partial_ciphertext_idx = 0; - c.partial_ciphertext_end = @as(@TypeOf(c.partial_ciphertext_end), @intCast(saved_buf.len)); + c.partial_ciphertext_end = @intCast(saved_buf.len); @memcpy(c.partially_read_buffer[0..saved_buf.len], saved_buf); } return out; @@ -1235,14 +1242,14 @@ fn finishRead(c: *Client, frag: []const u8, in: usize, out: usize) usize { fn finishRead2(c: *Client, first: []const u8, frag1: []const u8, out: usize) usize { if (c.partial_ciphertext_idx > c.partial_cleartext_idx) { // There is cleartext at the beginning already which we need to preserve. - c.partial_ciphertext_end = @as(@TypeOf(c.partial_ciphertext_end), @intCast(c.partial_ciphertext_idx + first.len + frag1.len)); + c.partial_ciphertext_end = @intCast(c.partial_ciphertext_idx + first.len + frag1.len); // TODO: eliminate this call to copyForwards std.mem.copyForwards(u8, c.partially_read_buffer[c.partial_ciphertext_idx..][0..first.len], first); @memcpy(c.partially_read_buffer[c.partial_ciphertext_idx + first.len ..][0..frag1.len], frag1); } else { c.partial_cleartext_idx = 0; c.partial_ciphertext_idx = 0; - c.partial_ciphertext_end = @as(@TypeOf(c.partial_ciphertext_end), @intCast(first.len + frag1.len)); + c.partial_ciphertext_end = @intCast(first.len + frag1.len); // TODO: eliminate this call to copyForwards std.mem.copyForwards(u8, c.partially_read_buffer[0..first.len], first); @memcpy(c.partially_read_buffer[first.len..][0..frag1.len], frag1);