diff options
| author | doug <> | 2015-07-24 02:39:43 +0000 |
|---|---|---|
| committer | doug <> | 2015-07-24 02:39:43 +0000 |
| commit | 02469b82fc01a40a1ac05c9550dc105c6ab371a1 (patch) | |
| tree | e4e09938092578b640038347bc2b7ce28f1ac436 | |
| parent | 2698305191cb9b697a2fb97fc0f71d1bef667af5 (diff) | |
| download | openbsd-02469b82fc01a40a1ac05c9550dc105c6ab371a1.tar.gz openbsd-02469b82fc01a40a1ac05c9550dc105c6ab371a1.tar.bz2 openbsd-02469b82fc01a40a1ac05c9550dc105c6ab371a1.zip | |
Convert ssl3_get_record to CBS.
ok miod@ jsing@
| -rw-r--r-- | src/lib/libssl/s3_pkt.c | 51 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_pkt.c | 51 |
2 files changed, 58 insertions, 44 deletions
diff --git a/src/lib/libssl/s3_pkt.c b/src/lib/libssl/s3_pkt.c index 1e94bf437e..33fee732d1 100644 --- a/src/lib/libssl/s3_pkt.c +++ b/src/lib/libssl/s3_pkt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_pkt.c,v 1.55 2015/07/18 19:41:54 doug Exp $ */ | 1 | /* $OpenBSD: s3_pkt.c,v 1.56 2015/07/24 02:39:43 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -117,6 +117,8 @@ | |||
| 117 | #include <openssl/buffer.h> | 117 | #include <openssl/buffer.h> |
| 118 | #include <openssl/evp.h> | 118 | #include <openssl/evp.h> |
| 119 | 119 | ||
| 120 | #include "bytestring.h" | ||
| 121 | |||
| 120 | static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, | 122 | static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, |
| 121 | unsigned int len, int create_empty_fragment); | 123 | unsigned int len, int create_empty_fragment); |
| 122 | static int ssl3_get_record(SSL *s); | 124 | static int ssl3_get_record(SSL *s); |
| @@ -276,13 +278,11 @@ ssl3_read_n(SSL *s, int n, int max, int extend) | |||
| 276 | static int | 278 | static int |
| 277 | ssl3_get_record(SSL *s) | 279 | ssl3_get_record(SSL *s) |
| 278 | { | 280 | { |
| 279 | int ssl_major, ssl_minor, al; | 281 | int al; |
| 280 | int enc_err, n, i, ret = -1; | 282 | int enc_err, n, i, ret = -1; |
| 281 | SSL3_RECORD *rr; | 283 | SSL3_RECORD *rr; |
| 282 | SSL_SESSION *sess; | 284 | SSL_SESSION *sess; |
| 283 | unsigned char *p; | ||
| 284 | unsigned char md[EVP_MAX_MD_SIZE]; | 285 | unsigned char md[EVP_MAX_MD_SIZE]; |
| 285 | short version; | ||
| 286 | unsigned mac_size, orig_len; | 286 | unsigned mac_size, orig_len; |
| 287 | 287 | ||
| 288 | rr = &(s->s3->rrec); | 288 | rr = &(s->s3->rrec); |
| @@ -292,35 +292,42 @@ again: | |||
| 292 | /* check if we have the header */ | 292 | /* check if we have the header */ |
| 293 | if ((s->rstate != SSL_ST_READ_BODY) || | 293 | if ((s->rstate != SSL_ST_READ_BODY) || |
| 294 | (s->packet_length < SSL3_RT_HEADER_LENGTH)) { | 294 | (s->packet_length < SSL3_RT_HEADER_LENGTH)) { |
| 295 | CBS header; | ||
| 296 | uint16_t len, ssl_version; | ||
| 297 | uint8_t type; | ||
| 298 | |||
| 295 | n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0); | 299 | n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0); |
| 296 | if (n <= 0) | 300 | if (n <= 0) |
| 297 | return(n); /* error or non-blocking */ | 301 | return(n); /* error or non-blocking */ |
| 298 | s->rstate = SSL_ST_READ_BODY; | 302 | s->rstate = SSL_ST_READ_BODY; |
| 299 | 303 | ||
| 300 | p = s->packet; | 304 | CBS_init(&header, s->packet, n); |
| 301 | 305 | ||
| 302 | /* Pull apart the header into the SSL3_RECORD */ | 306 | /* Pull apart the header into the SSL3_RECORD */ |
| 303 | rr->type= *(p++); | 307 | if (!CBS_get_u8(&header, &type) || |
| 304 | ssl_major= *(p++); | 308 | !CBS_get_u16(&header, &ssl_version) || |
| 305 | ssl_minor= *(p++); | 309 | !CBS_get_u16(&header, &len)) { |
| 306 | version = (ssl_major << 8)|ssl_minor; | 310 | SSLerr(SSL_F_SSL3_GET_RECORD, |
| 307 | n2s(p, rr->length); | 311 | SSL_R_BAD_PACKET_LENGTH); |
| 312 | goto err; | ||
| 313 | } | ||
| 314 | |||
| 315 | rr->type = type; | ||
| 316 | rr->length = len; | ||
| 308 | 317 | ||
| 309 | /* Lets check version */ | 318 | /* Lets check version */ |
| 310 | if (!s->first_packet) { | 319 | if (!s->first_packet && ssl_version != s->version) { |
| 311 | if (version != s->version) { | 320 | SSLerr(SSL_F_SSL3_GET_RECORD, |
| 312 | SSLerr(SSL_F_SSL3_GET_RECORD, | 321 | SSL_R_WRONG_VERSION_NUMBER); |
| 313 | SSL_R_WRONG_VERSION_NUMBER); | 322 | if ((s->version & 0xFF00) == (ssl_version & 0xFF00) && |
| 314 | if ((s->version & 0xFF00) == (version & 0xFF00) && | 323 | !s->enc_write_ctx && !s->write_hash) |
| 315 | !s->enc_write_ctx && !s->write_hash) | 324 | /* Send back error using their minor version number :-) */ |
| 316 | /* Send back error using their minor version number :-) */ | 325 | s->version = ssl_version; |
| 317 | s->version = (unsigned short)version; | 326 | al = SSL_AD_PROTOCOL_VERSION; |
| 318 | al = SSL_AD_PROTOCOL_VERSION; | 327 | goto f_err; |
| 319 | goto f_err; | ||
| 320 | } | ||
| 321 | } | 328 | } |
| 322 | 329 | ||
| 323 | if ((version >> 8) != SSL3_VERSION_MAJOR) { | 330 | if ((ssl_version >> 8) != SSL3_VERSION_MAJOR) { |
| 324 | SSLerr(SSL_F_SSL3_GET_RECORD, | 331 | SSLerr(SSL_F_SSL3_GET_RECORD, |
| 325 | SSL_R_WRONG_VERSION_NUMBER); | 332 | SSL_R_WRONG_VERSION_NUMBER); |
| 326 | goto err; | 333 | goto err; |
diff --git a/src/lib/libssl/src/ssl/s3_pkt.c b/src/lib/libssl/src/ssl/s3_pkt.c index 1e94bf437e..33fee732d1 100644 --- a/src/lib/libssl/src/ssl/s3_pkt.c +++ b/src/lib/libssl/src/ssl/s3_pkt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_pkt.c,v 1.55 2015/07/18 19:41:54 doug Exp $ */ | 1 | /* $OpenBSD: s3_pkt.c,v 1.56 2015/07/24 02:39:43 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -117,6 +117,8 @@ | |||
| 117 | #include <openssl/buffer.h> | 117 | #include <openssl/buffer.h> |
| 118 | #include <openssl/evp.h> | 118 | #include <openssl/evp.h> |
| 119 | 119 | ||
| 120 | #include "bytestring.h" | ||
| 121 | |||
| 120 | static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, | 122 | static int do_ssl3_write(SSL *s, int type, const unsigned char *buf, |
| 121 | unsigned int len, int create_empty_fragment); | 123 | unsigned int len, int create_empty_fragment); |
| 122 | static int ssl3_get_record(SSL *s); | 124 | static int ssl3_get_record(SSL *s); |
| @@ -276,13 +278,11 @@ ssl3_read_n(SSL *s, int n, int max, int extend) | |||
| 276 | static int | 278 | static int |
| 277 | ssl3_get_record(SSL *s) | 279 | ssl3_get_record(SSL *s) |
| 278 | { | 280 | { |
| 279 | int ssl_major, ssl_minor, al; | 281 | int al; |
| 280 | int enc_err, n, i, ret = -1; | 282 | int enc_err, n, i, ret = -1; |
| 281 | SSL3_RECORD *rr; | 283 | SSL3_RECORD *rr; |
| 282 | SSL_SESSION *sess; | 284 | SSL_SESSION *sess; |
| 283 | unsigned char *p; | ||
| 284 | unsigned char md[EVP_MAX_MD_SIZE]; | 285 | unsigned char md[EVP_MAX_MD_SIZE]; |
| 285 | short version; | ||
| 286 | unsigned mac_size, orig_len; | 286 | unsigned mac_size, orig_len; |
| 287 | 287 | ||
| 288 | rr = &(s->s3->rrec); | 288 | rr = &(s->s3->rrec); |
| @@ -292,35 +292,42 @@ again: | |||
| 292 | /* check if we have the header */ | 292 | /* check if we have the header */ |
| 293 | if ((s->rstate != SSL_ST_READ_BODY) || | 293 | if ((s->rstate != SSL_ST_READ_BODY) || |
| 294 | (s->packet_length < SSL3_RT_HEADER_LENGTH)) { | 294 | (s->packet_length < SSL3_RT_HEADER_LENGTH)) { |
| 295 | CBS header; | ||
| 296 | uint16_t len, ssl_version; | ||
| 297 | uint8_t type; | ||
| 298 | |||
| 295 | n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0); | 299 | n = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, s->s3->rbuf.len, 0); |
| 296 | if (n <= 0) | 300 | if (n <= 0) |
| 297 | return(n); /* error or non-blocking */ | 301 | return(n); /* error or non-blocking */ |
| 298 | s->rstate = SSL_ST_READ_BODY; | 302 | s->rstate = SSL_ST_READ_BODY; |
| 299 | 303 | ||
| 300 | p = s->packet; | 304 | CBS_init(&header, s->packet, n); |
| 301 | 305 | ||
| 302 | /* Pull apart the header into the SSL3_RECORD */ | 306 | /* Pull apart the header into the SSL3_RECORD */ |
| 303 | rr->type= *(p++); | 307 | if (!CBS_get_u8(&header, &type) || |
| 304 | ssl_major= *(p++); | 308 | !CBS_get_u16(&header, &ssl_version) || |
| 305 | ssl_minor= *(p++); | 309 | !CBS_get_u16(&header, &len)) { |
| 306 | version = (ssl_major << 8)|ssl_minor; | 310 | SSLerr(SSL_F_SSL3_GET_RECORD, |
| 307 | n2s(p, rr->length); | 311 | SSL_R_BAD_PACKET_LENGTH); |
| 312 | goto err; | ||
| 313 | } | ||
| 314 | |||
| 315 | rr->type = type; | ||
| 316 | rr->length = len; | ||
| 308 | 317 | ||
| 309 | /* Lets check version */ | 318 | /* Lets check version */ |
| 310 | if (!s->first_packet) { | 319 | if (!s->first_packet && ssl_version != s->version) { |
| 311 | if (version != s->version) { | 320 | SSLerr(SSL_F_SSL3_GET_RECORD, |
| 312 | SSLerr(SSL_F_SSL3_GET_RECORD, | 321 | SSL_R_WRONG_VERSION_NUMBER); |
| 313 | SSL_R_WRONG_VERSION_NUMBER); | 322 | if ((s->version & 0xFF00) == (ssl_version & 0xFF00) && |
| 314 | if ((s->version & 0xFF00) == (version & 0xFF00) && | 323 | !s->enc_write_ctx && !s->write_hash) |
| 315 | !s->enc_write_ctx && !s->write_hash) | 324 | /* Send back error using their minor version number :-) */ |
| 316 | /* Send back error using their minor version number :-) */ | 325 | s->version = ssl_version; |
| 317 | s->version = (unsigned short)version; | 326 | al = SSL_AD_PROTOCOL_VERSION; |
| 318 | al = SSL_AD_PROTOCOL_VERSION; | 327 | goto f_err; |
| 319 | goto f_err; | ||
| 320 | } | ||
| 321 | } | 328 | } |
| 322 | 329 | ||
| 323 | if ((version >> 8) != SSL3_VERSION_MAJOR) { | 330 | if ((ssl_version >> 8) != SSL3_VERSION_MAJOR) { |
| 324 | SSLerr(SSL_F_SSL3_GET_RECORD, | 331 | SSLerr(SSL_F_SSL3_GET_RECORD, |
| 325 | SSL_R_WRONG_VERSION_NUMBER); | 332 | SSL_R_WRONG_VERSION_NUMBER); |
| 326 | goto err; | 333 | goto err; |