Use CBS when procesing a CCS message in the legacy stack.

ok tb@

1 files changed, 7 insertions, 4 deletions

diff --git a/src/lib/libssl/ssl_pkt.c b/src/lib/libssl/ssl_pkt.c
index 4ec22f7d53..d9f5a0d057 100644
--- a/src/lib/libssl/ssl_pkt.c
+++ b/src/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_pkt.c,v 1.59 2022/09/10 15:37:13 jsing Exp $ */
+/* $OpenBSD: ssl_pkt.c,v 1.60 2022/09/11 13:51:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -762,17 +762,20 @@ int
 ssl3_read_change_cipher_spec(SSL *s)
 {
         SSL3_RECORD_INTERNAL *rr = &s->s3->rrec;
+        const uint8_t ccs[] = { SSL3_MT_CCS };
+        CBS cbs;
 
         /*
          * 'Change Cipher Spec' is just a single byte, so we know exactly what
          * the record payload has to look like.
          */
-        if (rr->length != 1 || rr->off != 0) {
+        CBS_init(&cbs, rr->data, rr->length);
+        if (rr->off != 0 || CBS_len(&cbs) != sizeof(ccs)) {
                 SSLerror(s, SSL_R_BAD_CHANGE_CIPHER_SPEC);
                 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
                 return -1;
         }
-        if (rr->data[0] != SSL3_MT_CCS) {
+        if (!CBS_mem_equal(&cbs, ccs, sizeof(ccs))) {
                 SSLerror(s, SSL_R_BAD_CHANGE_CIPHER_SPEC);
                 ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
                 return -1;
@@ -780,7 +783,7 @@ ssl3_read_change_cipher_spec(SSL *s)
 
         /* XDTLS: check that epoch is consistent */
 
-        ssl_msg_callback(s, 0, SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1);
+        ssl_msg_callback_cbs(s, 0, SSL3_RT_CHANGE_CIPHER_SPEC, &cbs);
 
         /* Check that we have a cipher to change to. */
         if (s->s3->hs.cipher == NULL) {