Replace the remaining uses of ssl3_put_cipher_by_char() with s2n and a

ssl3_cipher_get_value() helper function, which returns the cipher suite value for the given cipher. ok miod@
author: jsing <> 2014-08-24 14:36:46 +0000
committer: jsing <> 2014-08-24 14:36:46 +0000
commit: 15b6cd2e31b46d6dc4ad006b9dea11a3ea306237 (patch)
tree: f599b6e13899bf29a509aff654e05e7d7d92844d
parent: 897ca9ae7357e14cbf35168bbb3b29a9bc852a9b (diff)
download: openbsd-15b6cd2e31b46d6dc4ad006b9dea11a3ea306237.tar.gz
openbsd-15b6cd2e31b46d6dc4ad006b9dea11a3ea306237.tar.bz2
openbsd-15b6cd2e31b46d6dc4ad006b9dea11a3ea306237.zip
10 files changed, 38 insertions, 58 deletions
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index 9fdd025e2d..4532a07da5 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srvr.c,v 1.36 2014/08/10 14:42:56 jsing Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.37 2014/08/24 14:36:45 jsing Exp $ */
 /* 
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
@@ -898,7 +898,6 @@ dtls1_send_server_hello(SSL *s)
 {
        unsigned char *buf;
        unsigned char *p, *d;
-        int i;
        unsigned int sl;
        unsigned long l;
@@ -940,8 +939,7 @@ dtls1_send_server_hello(SSL *s)
                /* put the cipher */
                if (s->s3->tmp.new_cipher == NULL)
                        return -1;
-                i = ssl3_put_cipher_by_char(s->s3->tmp.new_cipher, p);
+                s2n(ssl3_cipher_get_value(s->s3->tmp.new_cipher), p);
-                p += i;
                /* put the compression method */
                *(p++) = 0;
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 9a25643070..8d03512a26 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.78 2014/08/23 15:37:38 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.79 2014/08/24 14:36:45 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1819,6 +1819,12 @@ ssl3_get_cipher_by_id(unsigned int id)
        return (NULL);
 }
+uint16_t
+ssl3_cipher_get_value(const SSL_CIPHER *c)
+{
+        return (c->id & SSL3_CK_VALUE_MASK);
+}
 int
 ssl3_pending(const SSL *s)
 {
@@ -2385,21 +2391,6 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
        return (1);
 }
-int
-ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
-{
-        long    l;
-        if (p != NULL) {
-                l = c->id;
-                if ((l & 0xff000000) != 0x03000000)
-                        return (0);
-                p[0] = ((unsigned char)(l >> 8L)) & 0xFF;
-                p[1] = ((unsigned char)(l)) & 0xFF;
-        }
-        return (2);
-}
 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
    STACK_OF(SSL_CIPHER) *srvr)
 {
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index 574910cda6..597ddd4310 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_srvr.c,v 1.81 2014/08/11 04:46:42 miod Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.82 2014/08/24 14:36:45 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1250,8 +1250,8 @@ ssl3_send_server_hello(SSL *s)
 {
        unsigned char *buf;
        unsigned char *p, *d;
-        int i, sl;
        unsigned long l;
+        int sl;
        if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
                buf = (unsigned char *)s->init_buf->data;
@@ -1298,8 +1298,7 @@ ssl3_send_server_hello(SSL *s)
                p += sl;
                /* put the cipher */
-                i = ssl3_put_cipher_by_char(s->s3->tmp.new_cipher, p);
+                s2n(ssl3_cipher_get_value(s->s3->tmp.new_cipher), p);
-                p += i;
                /* put the compression method */
                *(p++) = 0;
diff --git a/src/lib/libssl/src/ssl/d1_srvr.c b/src/lib/libssl/src/ssl/d1_srvr.c
index 9fdd025e2d..4532a07da5 100644
--- a/src/lib/libssl/src/ssl/d1_srvr.c
+++ b/src/lib/libssl/src/ssl/d1_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srvr.c,v 1.36 2014/08/10 14:42:56 jsing Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.37 2014/08/24 14:36:45 jsing Exp $ */
 /* 
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.  
@@ -898,7 +898,6 @@ dtls1_send_server_hello(SSL *s)
 {
        unsigned char *buf;
        unsigned char *p, *d;
-        int i;
        unsigned int sl;
        unsigned long l;
@@ -940,8 +939,7 @@ dtls1_send_server_hello(SSL *s)
                /* put the cipher */
                if (s->s3->tmp.new_cipher == NULL)
                        return -1;
-                i = ssl3_put_cipher_by_char(s->s3->tmp.new_cipher, p);
+                s2n(ssl3_cipher_get_value(s->s3->tmp.new_cipher), p);
-                p += i;
                /* put the compression method */
                *(p++) = 0;
diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c
index 9a25643070..8d03512a26 100644
--- a/src/lib/libssl/src/ssl/s3_lib.c
+++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.78 2014/08/23 15:37:38 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.79 2014/08/24 14:36:45 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1819,6 +1819,12 @@ ssl3_get_cipher_by_id(unsigned int id)
        return (NULL);
 }
+uint16_t
+ssl3_cipher_get_value(const SSL_CIPHER *c)
+{
+        return (c->id & SSL3_CK_VALUE_MASK);
+}
 int
 ssl3_pending(const SSL *s)
 {
@@ -2385,21 +2391,6 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
        return (1);
 }
-int
-ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
-{
-        long    l;
-        if (p != NULL) {
-                l = c->id;
-                if ((l & 0xff000000) != 0x03000000)
-                        return (0);
-                p[0] = ((unsigned char)(l >> 8L)) & 0xFF;
-                p[1] = ((unsigned char)(l)) & 0xFF;
-        }
-        return (2);
-}
 SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
    STACK_OF(SSL_CIPHER) *srvr)
 {
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
index 574910cda6..597ddd4310 100644
--- a/src/lib/libssl/src/ssl/s3_srvr.c
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_srvr.c,v 1.81 2014/08/11 04:46:42 miod Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.82 2014/08/24 14:36:45 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1250,8 +1250,8 @@ ssl3_send_server_hello(SSL *s)
 {
        unsigned char *buf;
        unsigned char *p, *d;
-        int i, sl;
        unsigned long l;
+        int sl;
        if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
                buf = (unsigned char *)s->init_buf->data;
@@ -1298,8 +1298,7 @@ ssl3_send_server_hello(SSL *s)
                p += sl;
                /* put the cipher */
-                i = ssl3_put_cipher_by_char(s->s3->tmp.new_cipher, p);
+                s2n(ssl3_cipher_get_value(s->s3->tmp.new_cipher), p);
-                p += i;
                /* put the compression method */
                *(p++) = 0;
diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c
index e5dedf0ba4..fad600a07e 100644
--- a/src/lib/libssl/src/ssl/ssl_lib.c
+++ b/src/lib/libssl/src/ssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.82 2014/08/23 14:52:41 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.83 2014/08/24 14:36:45 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1384,7 +1384,8 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p)
                if ((c->algorithm_ssl & SSL_TLSV1_2) &&
                    (TLS1_get_client_version(s) < TLS1_2_VERSION))
                        continue;
-                p += ssl3_put_cipher_by_char(c, p);
+                s2n(ssl3_cipher_get_value(c), p);
        }
        /*
@@ -1395,7 +1396,7 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p)
                static SSL_CIPHER scsv = {
                        0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
                };
-                p += ssl3_put_cipher_by_char(&scsv, p);
+                s2n(ssl3_cipher_get_value(&scsv), p);
        }
        return (p - q);
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h
index 1c823c046a..ec8f0fb722 100644
--- a/src/lib/libssl/src/ssl/ssl_locl.h
+++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.66 2014/08/23 14:52:41 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.67 2014/08/24 14:36:46 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -326,6 +326,7 @@
 #define SSL_MAX_DIGEST 6
 #define SSL3_CK_ID              0x03000000
+#define SSL3_CK_VALUE_MASK      0x0000ffff
 #define TLS1_PRF_DGST_MASK      (0xff << TLS1_PRF_DGST_SHIFT)
@@ -596,7 +597,6 @@ STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
 int ssl_verify_alarm_type(long type);
 void ssl_load_ciphers(void);
-int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
 void ssl3_init_finished_mac(SSL *s);
 int ssl3_send_server_certificate(SSL *s);
 int ssl3_send_newsession_ticket(SSL *s);
@@ -616,6 +616,7 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen);
 int ssl3_num_ciphers(void);
 const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
 const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);
+uint16_t ssl3_cipher_get_value(const SSL_CIPHER *c);
 int ssl3_renegotiate(SSL *ssl);
 int ssl3_renegotiate_check(SSL *ssl);
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index e5dedf0ba4..fad600a07e 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.82 2014/08/23 14:52:41 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.83 2014/08/24 14:36:45 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1384,7 +1384,8 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p)
                if ((c->algorithm_ssl & SSL_TLSV1_2) &&
                    (TLS1_get_client_version(s) < TLS1_2_VERSION))
                        continue;
-                p += ssl3_put_cipher_by_char(c, p);
+                s2n(ssl3_cipher_get_value(c), p);
        }
        /*
@@ -1395,7 +1396,7 @@ ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p)
                static SSL_CIPHER scsv = {
                        0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
                };
-                p += ssl3_put_cipher_by_char(&scsv, p);
+                s2n(ssl3_cipher_get_value(&scsv), p);
        }
        return (p - q);
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 1c823c046a..ec8f0fb722 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.66 2014/08/23 14:52:41 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.67 2014/08/24 14:36:46 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -326,6 +326,7 @@
 #define SSL_MAX_DIGEST 6
 #define SSL3_CK_ID              0x03000000
+#define SSL3_CK_VALUE_MASK      0x0000ffff
 #define TLS1_PRF_DGST_MASK      (0xff << TLS1_PRF_DGST_SHIFT)
@@ -596,7 +597,6 @@ STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
 int ssl_verify_alarm_type(long type);
 void ssl_load_ciphers(void);
-int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p);
 void ssl3_init_finished_mac(SSL *s);
 int ssl3_send_server_certificate(SSL *s);
 int ssl3_send_newsession_ticket(SSL *s);
@@ -616,6 +616,7 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen);
 int ssl3_num_ciphers(void);
 const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
 const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);
+uint16_t ssl3_cipher_get_value(const SSL_CIPHER *c);
 int ssl3_renegotiate(SSL *ssl);
 int ssl3_renegotiate_check(SSL *ssl);
author	jsing <>	2014-08-24 14:36:46 +0000
committer	jsing <>	2014-08-24 14:36:46 +0000
commit	15b6cd2e31b46d6dc4ad006b9dea11a3ea306237 (patch)
tree	f599b6e13899bf29a509aff654e05e7d7d92844d
parent	897ca9ae7357e14cbf35168bbb3b29a9bc852a9b (diff)
download	openbsd-15b6cd2e31b46d6dc4ad006b9dea11a3ea306237.tar.gz openbsd-15b6cd2e31b46d6dc4ad006b9dea11a3ea306237.tar.bz2 openbsd-15b6cd2e31b46d6dc4ad006b9dea11a3ea306237.zip

diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c index 9fdd025e2d..4532a07da5 100644 --- a/src/lib/libssl/d1_srvr.c +++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_srvr.c,v 1.36 2014/08/10 14:42:56 jsing Exp $ */	1	/* $OpenBSD: d1_srvr.c,v 1.37 2014/08/24 14:36:45 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -898,7 +898,6 @@ dtls1_send_server_hello(SSL *s)
898	{	898	{
899	unsigned char *buf;	899	unsigned char *buf;
900	unsigned char p, d;	900	unsigned char p, d;
901	int i;
902	unsigned int sl;	901	unsigned int sl;
903	unsigned long l;	902	unsigned long l;
904		903
@@ -940,8 +939,7 @@ dtls1_send_server_hello(SSL *s)
940	/* put the cipher */	939	/* put the cipher */
941	if (s->s3->tmp.new_cipher == NULL)	940	if (s->s3->tmp.new_cipher == NULL)
942	return -1;	941	return -1;
943	i = ssl3_put_cipher_by_char(s->s3->tmp.new_cipher, p);	942	s2n(ssl3_cipher_get_value(s->s3->tmp.new_cipher), p);
944	p += i;
945		943
946	/* put the compression method */	944	/* put the compression method */
947	*(p++) = 0;	945	*(p++) = 0;


diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index 9a25643070..8d03512a26 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_lib.c,v 1.78 2014/08/23 15:37:38 jsing Exp $ */	1	/* $OpenBSD: s3_lib.c,v 1.79 2014/08/24 14:36:45 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1819,6 +1819,12 @@ ssl3_get_cipher_by_id(unsigned int id)
1819	return (NULL);	1819	return (NULL);
1820	}	1820	}
1821		1821
		1822	uint16_t
		1823	ssl3_cipher_get_value(const SSL_CIPHER *c)
		1824	{
		1825	return (c->id & SSL3_CK_VALUE_MASK);
		1826	}
		1827
1822	int	1828	int
1823	ssl3_pending(const SSL *s)	1829	ssl3_pending(const SSL *s)
1824	{	1830	{
@@ -2385,21 +2391,6 @@ ssl3_ctx_callback_ctrl(SSL_CTX ctx, int cmd, void (fp)(void))
2385	return (1);	2391	return (1);
2386	}	2392	}
2387		2393
2388	int
2389	ssl3_put_cipher_by_char(const SSL_CIPHER c, unsigned char p)
2390	{
2391	long l;
2392
2393	if (p != NULL) {
2394	l = c->id;
2395	if ((l & 0xff000000) != 0x03000000)
2396	return (0);
2397	p[0] = ((unsigned char)(l >> 8L)) & 0xFF;
2398	p[1] = ((unsigned char)(l)) & 0xFF;
2399	}
2400	return (2);
2401	}
2402
2403	SSL_CIPHER ssl3_choose_cipher(SSL s, STACK_OF(SSL_CIPHER) *clnt,	2394	SSL_CIPHER ssl3_choose_cipher(SSL s, STACK_OF(SSL_CIPHER) *clnt,
2404	STACK_OF(SSL_CIPHER) *srvr)	2395	STACK_OF(SSL_CIPHER) *srvr)
2405	{	2396	{


diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index 574910cda6..597ddd4310 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_srvr.c,v 1.81 2014/08/11 04:46:42 miod Exp $ */	1	/* $OpenBSD: s3_srvr.c,v 1.82 2014/08/24 14:36:45 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1250,8 +1250,8 @@ ssl3_send_server_hello(SSL *s)
1250	{	1250	{
1251	unsigned char *buf;	1251	unsigned char *buf;
1252	unsigned char p, d;	1252	unsigned char p, d;
1253	int i, sl;
1254	unsigned long l;	1253	unsigned long l;
		1254	int sl;
1255		1255
1256	if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {	1256	if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
1257	buf = (unsigned char *)s->init_buf->data;	1257	buf = (unsigned char *)s->init_buf->data;
@@ -1298,8 +1298,7 @@ ssl3_send_server_hello(SSL *s)
1298	p += sl;	1298	p += sl;
1299		1299
1300	/* put the cipher */	1300	/* put the cipher */
1301	i = ssl3_put_cipher_by_char(s->s3->tmp.new_cipher, p);	1301	s2n(ssl3_cipher_get_value(s->s3->tmp.new_cipher), p);
1302	p += i;
1303		1302
1304	/* put the compression method */	1303	/* put the compression method */
1305	*(p++) = 0;	1304	*(p++) = 0;


diff --git a/src/lib/libssl/src/ssl/d1_srvr.c b/src/lib/libssl/src/ssl/d1_srvr.c index 9fdd025e2d..4532a07da5 100644 --- a/src/lib/libssl/src/ssl/d1_srvr.c +++ b/src/lib/libssl/src/ssl/d1_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_srvr.c,v 1.36 2014/08/10 14:42:56 jsing Exp $ */	1	/* $OpenBSD: d1_srvr.c,v 1.37 2014/08/24 14:36:45 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -898,7 +898,6 @@ dtls1_send_server_hello(SSL *s)
898	{	898	{
899	unsigned char *buf;	899	unsigned char *buf;
900	unsigned char p, d;	900	unsigned char p, d;
901	int i;
902	unsigned int sl;	901	unsigned int sl;
903	unsigned long l;	902	unsigned long l;
904		903
@@ -940,8 +939,7 @@ dtls1_send_server_hello(SSL *s)
940	/* put the cipher */	939	/* put the cipher */
941	if (s->s3->tmp.new_cipher == NULL)	940	if (s->s3->tmp.new_cipher == NULL)
942	return -1;	941	return -1;
943	i = ssl3_put_cipher_by_char(s->s3->tmp.new_cipher, p);	942	s2n(ssl3_cipher_get_value(s->s3->tmp.new_cipher), p);
944	p += i;
945		943
946	/* put the compression method */	944	/* put the compression method */
947	*(p++) = 0;	945	*(p++) = 0;


diff --git a/src/lib/libssl/src/ssl/s3_lib.c b/src/lib/libssl/src/ssl/s3_lib.c index 9a25643070..8d03512a26 100644 --- a/src/lib/libssl/src/ssl/s3_lib.c +++ b/src/lib/libssl/src/ssl/s3_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_lib.c,v 1.78 2014/08/23 15:37:38 jsing Exp $ */	1	/* $OpenBSD: s3_lib.c,v 1.79 2014/08/24 14:36:45 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1819,6 +1819,12 @@ ssl3_get_cipher_by_id(unsigned int id)
1819	return (NULL);	1819	return (NULL);
1820	}	1820	}
1821		1821
		1822	uint16_t
		1823	ssl3_cipher_get_value(const SSL_CIPHER *c)
		1824	{
		1825	return (c->id & SSL3_CK_VALUE_MASK);
		1826	}
		1827
1822	int	1828	int
1823	ssl3_pending(const SSL *s)	1829	ssl3_pending(const SSL *s)
1824	{	1830	{
@@ -2385,21 +2391,6 @@ ssl3_ctx_callback_ctrl(SSL_CTX ctx, int cmd, void (fp)(void))
2385	return (1);	2391	return (1);
2386	}	2392	}
2387		2393
2388	int
2389	ssl3_put_cipher_by_char(const SSL_CIPHER c, unsigned char p)
2390	{
2391	long l;
2392
2393	if (p != NULL) {
2394	l = c->id;
2395	if ((l & 0xff000000) != 0x03000000)
2396	return (0);
2397	p[0] = ((unsigned char)(l >> 8L)) & 0xFF;
2398	p[1] = ((unsigned char)(l)) & 0xFF;
2399	}
2400	return (2);
2401	}
2402
2403	SSL_CIPHER ssl3_choose_cipher(SSL s, STACK_OF(SSL_CIPHER) *clnt,	2394	SSL_CIPHER ssl3_choose_cipher(SSL s, STACK_OF(SSL_CIPHER) *clnt,
2404	STACK_OF(SSL_CIPHER) *srvr)	2395	STACK_OF(SSL_CIPHER) *srvr)
2405	{	2396	{


diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c index 574910cda6..597ddd4310 100644 --- a/src/lib/libssl/src/ssl/s3_srvr.c +++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_srvr.c,v 1.81 2014/08/11 04:46:42 miod Exp $ */	1	/* $OpenBSD: s3_srvr.c,v 1.82 2014/08/24 14:36:45 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1250,8 +1250,8 @@ ssl3_send_server_hello(SSL *s)
1250	{	1250	{
1251	unsigned char *buf;	1251	unsigned char *buf;
1252	unsigned char p, d;	1252	unsigned char p, d;
1253	int i, sl;
1254	unsigned long l;	1253	unsigned long l;
		1254	int sl;
1255		1255
1256	if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {	1256	if (s->state == SSL3_ST_SW_SRVR_HELLO_A) {
1257	buf = (unsigned char *)s->init_buf->data;	1257	buf = (unsigned char *)s->init_buf->data;
@@ -1298,8 +1298,7 @@ ssl3_send_server_hello(SSL *s)
1298	p += sl;	1298	p += sl;
1299		1299
1300	/* put the cipher */	1300	/* put the cipher */
1301	i = ssl3_put_cipher_by_char(s->s3->tmp.new_cipher, p);	1301	s2n(ssl3_cipher_get_value(s->s3->tmp.new_cipher), p);
1302	p += i;
1303		1302
1304	/* put the compression method */	1303	/* put the compression method */
1305	*(p++) = 0;	1304	*(p++) = 0;


diff --git a/src/lib/libssl/src/ssl/ssl_lib.c b/src/lib/libssl/src/ssl/ssl_lib.c index e5dedf0ba4..fad600a07e 100644 --- a/src/lib/libssl/src/ssl/ssl_lib.c +++ b/src/lib/libssl/src/ssl/ssl_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_lib.c,v 1.82 2014/08/23 14:52:41 jsing Exp $ */	1	/* $OpenBSD: ssl_lib.c,v 1.83 2014/08/24 14:36:45 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1384,7 +1384,8 @@ ssl_cipher_list_to_bytes(SSL s, STACK_OF(SSL_CIPHER) sk, unsigned char *p)
1384	if ((c->algorithm_ssl & SSL_TLSV1_2) &&	1384	if ((c->algorithm_ssl & SSL_TLSV1_2) &&
1385	(TLS1_get_client_version(s) < TLS1_2_VERSION))	1385	(TLS1_get_client_version(s) < TLS1_2_VERSION))
1386	continue;	1386	continue;
1387	p += ssl3_put_cipher_by_char(c, p);	1387
		1388	s2n(ssl3_cipher_get_value(c), p);
1388	}	1389	}
1389		1390
1390	/*	1391	/*
@@ -1395,7 +1396,7 @@ ssl_cipher_list_to_bytes(SSL s, STACK_OF(SSL_CIPHER) sk, unsigned char *p)
1395	static SSL_CIPHER scsv = {	1396	static SSL_CIPHER scsv = {
1396	0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0	1397	0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
1397	};	1398	};
1398	p += ssl3_put_cipher_by_char(&scsv, p);	1399	s2n(ssl3_cipher_get_value(&scsv), p);
1399	}	1400	}
1400		1401
1401	return (p - q);	1402	return (p - q);


diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h index 1c823c046a..ec8f0fb722 100644 --- a/src/lib/libssl/src/ssl/ssl_locl.h +++ b/src/lib/libssl/src/ssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.66 2014/08/23 14:52:41 jsing Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.67 2014/08/24 14:36:46 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -326,6 +326,7 @@
326	#define SSL_MAX_DIGEST 6	326	#define SSL_MAX_DIGEST 6
327		327
328	#define SSL3_CK_ID 0x03000000	328	#define SSL3_CK_ID 0x03000000
		329	#define SSL3_CK_VALUE_MASK 0x0000ffff
329		330
330	#define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT)	331	#define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT)
331		332
@@ -596,7 +597,6 @@ STACK_OF(SSL_CIPHER) ssl_get_ciphers_by_id(SSL s);
596	int ssl_verify_alarm_type(long type);	597	int ssl_verify_alarm_type(long type);
597	void ssl_load_ciphers(void);	598	void ssl_load_ciphers(void);
598		599
599	int ssl3_put_cipher_by_char(const SSL_CIPHER c, unsigned char p);
600	void ssl3_init_finished_mac(SSL *s);	600	void ssl3_init_finished_mac(SSL *s);
601	int ssl3_send_server_certificate(SSL *s);	601	int ssl3_send_server_certificate(SSL *s);
602	int ssl3_send_newsession_ticket(SSL *s);	602	int ssl3_send_newsession_ticket(SSL *s);
@@ -616,6 +616,7 @@ int ssl3_send_finished(SSL s, int a, int b, const char sender, int slen);
616	int ssl3_num_ciphers(void);	616	int ssl3_num_ciphers(void);
617	const SSL_CIPHER *ssl3_get_cipher(unsigned int u);	617	const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
618	const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);	618	const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);
		619	uint16_t ssl3_cipher_get_value(const SSL_CIPHER *c);
619	int ssl3_renegotiate(SSL *ssl);	620	int ssl3_renegotiate(SSL *ssl);
620		621
621	int ssl3_renegotiate_check(SSL *ssl);	622	int ssl3_renegotiate_check(SSL *ssl);


diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index e5dedf0ba4..fad600a07e 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_lib.c,v 1.82 2014/08/23 14:52:41 jsing Exp $ */	1	/* $OpenBSD: ssl_lib.c,v 1.83 2014/08/24 14:36:45 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1384,7 +1384,8 @@ ssl_cipher_list_to_bytes(SSL s, STACK_OF(SSL_CIPHER) sk, unsigned char *p)
1384	if ((c->algorithm_ssl & SSL_TLSV1_2) &&	1384	if ((c->algorithm_ssl & SSL_TLSV1_2) &&
1385	(TLS1_get_client_version(s) < TLS1_2_VERSION))	1385	(TLS1_get_client_version(s) < TLS1_2_VERSION))
1386	continue;	1386	continue;
1387	p += ssl3_put_cipher_by_char(c, p);	1387
		1388	s2n(ssl3_cipher_get_value(c), p);
1388	}	1389	}
1389		1390
1390	/*	1391	/*
@@ -1395,7 +1396,7 @@ ssl_cipher_list_to_bytes(SSL s, STACK_OF(SSL_CIPHER) sk, unsigned char *p)
1395	static SSL_CIPHER scsv = {	1396	static SSL_CIPHER scsv = {
1396	0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0	1397	0, NULL, SSL3_CK_SCSV, 0, 0, 0, 0, 0, 0, 0, 0, 0
1397	};	1398	};
1398	p += ssl3_put_cipher_by_char(&scsv, p);	1399	s2n(ssl3_cipher_get_value(&scsv), p);
1399	}	1400	}
1400		1401
1401	return (p - q);	1402	return (p - q);


diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 1c823c046a..ec8f0fb722 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.66 2014/08/23 14:52:41 jsing Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.67 2014/08/24 14:36:46 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -326,6 +326,7 @@
326	#define SSL_MAX_DIGEST 6	326	#define SSL_MAX_DIGEST 6
327		327
328	#define SSL3_CK_ID 0x03000000	328	#define SSL3_CK_ID 0x03000000
		329	#define SSL3_CK_VALUE_MASK 0x0000ffff
329		330
330	#define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT)	331	#define TLS1_PRF_DGST_MASK (0xff << TLS1_PRF_DGST_SHIFT)
331		332
@@ -596,7 +597,6 @@ STACK_OF(SSL_CIPHER) ssl_get_ciphers_by_id(SSL s);
596	int ssl_verify_alarm_type(long type);	597	int ssl_verify_alarm_type(long type);
597	void ssl_load_ciphers(void);	598	void ssl_load_ciphers(void);
598		599
599	int ssl3_put_cipher_by_char(const SSL_CIPHER c, unsigned char p);
600	void ssl3_init_finished_mac(SSL *s);	600	void ssl3_init_finished_mac(SSL *s);
601	int ssl3_send_server_certificate(SSL *s);	601	int ssl3_send_server_certificate(SSL *s);
602	int ssl3_send_newsession_ticket(SSL *s);	602	int ssl3_send_newsession_ticket(SSL *s);
@@ -616,6 +616,7 @@ int ssl3_send_finished(SSL s, int a, int b, const char sender, int slen);
616	int ssl3_num_ciphers(void);	616	int ssl3_num_ciphers(void);
617	const SSL_CIPHER *ssl3_get_cipher(unsigned int u);	617	const SSL_CIPHER *ssl3_get_cipher(unsigned int u);
618	const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);	618	const SSL_CIPHER *ssl3_get_cipher_by_id(unsigned int id);
		619	uint16_t ssl3_cipher_get_value(const SSL_CIPHER *c);
619	int ssl3_renegotiate(SSL *ssl);	620	int ssl3_renegotiate(SSL *ssl);
620		621
621	int ssl3_renegotiate_check(SSL *ssl);	622	int ssl3_renegotiate_check(SSL *ssl);