diff options
| author | jsing <> | 2014-06-21 14:45:22 +0000 |
|---|---|---|
| committer | jsing <> | 2014-06-21 14:45:22 +0000 |
| commit | 2d08baf1f13e9a34323dd72dcae81cfe808c1a49 (patch) | |
| tree | 9ce593c5604e2f9667d9d25a66f1c810f4806dab | |
| parent | b81c33f9ad3326037ca21055c274584d3a9c9233 (diff) | |
| download | openbsd-2d08baf1f13e9a34323dd72dcae81cfe808c1a49.tar.gz openbsd-2d08baf1f13e9a34323dd72dcae81cfe808c1a49.tar.bz2 openbsd-2d08baf1f13e9a34323dd72dcae81cfe808c1a49.zip | |
Pull out the sequence number selection and handle this up front. Also, the
correct record is already known, so avoid reassignment.
| -rw-r--r-- | src/lib/libssl/src/ssl/t1_enc.c | 15 | ||||
| -rw-r--r-- | src/lib/libssl/t1_enc.c | 15 |
2 files changed, 12 insertions, 18 deletions
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c index 6901ff54da..c4d53af556 100644 --- a/src/lib/libssl/src/ssl/t1_enc.c +++ b/src/lib/libssl/src/ssl/t1_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_enc.c,v 1.61 2014/06/21 14:06:36 jsing Exp $ */ | 1 | /* $OpenBSD: t1_enc.c,v 1.62 2014/06/21 14:45:22 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -775,24 +775,25 @@ tls1_enc(SSL *s, int send) | |||
| 775 | const EVP_CIPHER *enc; | 775 | const EVP_CIPHER *enc; |
| 776 | EVP_CIPHER_CTX *ds; | 776 | EVP_CIPHER_CTX *ds; |
| 777 | SSL3_RECORD *rec; | 777 | SSL3_RECORD *rec; |
| 778 | unsigned char *seq; | ||
| 778 | unsigned long l; | 779 | unsigned long l; |
| 779 | int bs, i, j, k, pad = 0, ret, mac_size = 0; | 780 | int bs, i, j, k, pad = 0, ret, mac_size = 0; |
| 780 | 781 | ||
| 781 | if (send) { | 782 | if (send) { |
| 782 | aead = s->aead_write_ctx; | 783 | aead = s->aead_write_ctx; |
| 783 | rec = &s->s3->wrec; | 784 | rec = &s->s3->wrec; |
| 785 | seq = s->s3->write_sequence; | ||
| 784 | } else { | 786 | } else { |
| 785 | aead = s->aead_read_ctx; | 787 | aead = s->aead_read_ctx; |
| 786 | rec = &s->s3->rrec; | 788 | rec = &s->s3->rrec; |
| 789 | seq = s->s3->read_sequence; | ||
| 787 | } | 790 | } |
| 788 | 791 | ||
| 789 | if (aead) { | 792 | if (aead) { |
| 790 | unsigned char ad[13], *seq, *in, *out, nonce[16]; | 793 | unsigned char ad[13], *in, *out, nonce[16]; |
| 791 | unsigned nonce_used; | 794 | unsigned nonce_used; |
| 792 | ssize_t n; | 795 | ssize_t n; |
| 793 | 796 | ||
| 794 | seq = send ? s->s3->write_sequence : s->s3->read_sequence; | ||
| 795 | |||
| 796 | if (SSL_IS_DTLS(s)) { | 797 | if (SSL_IS_DTLS(s)) { |
| 797 | unsigned char dtlsseq[9], *p = dtlsseq; | 798 | unsigned char dtlsseq[9], *p = dtlsseq; |
| 798 | 799 | ||
| @@ -903,7 +904,6 @@ tls1_enc(SSL *s, int send) | |||
| 903 | OPENSSL_assert(n >= 0); | 904 | OPENSSL_assert(n >= 0); |
| 904 | } | 905 | } |
| 905 | ds = s->enc_write_ctx; | 906 | ds = s->enc_write_ctx; |
| 906 | rec = &(s->s3->wrec); | ||
| 907 | if (s->enc_write_ctx == NULL) | 907 | if (s->enc_write_ctx == NULL) |
| 908 | enc = NULL; | 908 | enc = NULL; |
| 909 | else { | 909 | else { |
| @@ -930,7 +930,6 @@ tls1_enc(SSL *s, int send) | |||
| 930 | OPENSSL_assert(n >= 0); | 930 | OPENSSL_assert(n >= 0); |
| 931 | } | 931 | } |
| 932 | ds = s->enc_read_ctx; | 932 | ds = s->enc_read_ctx; |
| 933 | rec = &(s->s3->rrec); | ||
| 934 | if (s->enc_read_ctx == NULL) | 933 | if (s->enc_read_ctx == NULL) |
| 935 | enc = NULL; | 934 | enc = NULL; |
| 936 | else | 935 | else |
| @@ -946,9 +945,7 @@ tls1_enc(SSL *s, int send) | |||
| 946 | bs = EVP_CIPHER_block_size(ds->cipher); | 945 | bs = EVP_CIPHER_block_size(ds->cipher); |
| 947 | 946 | ||
| 948 | if (EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) { | 947 | if (EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) { |
| 949 | unsigned char buf[13], *seq; | 948 | unsigned char buf[13]; |
| 950 | |||
| 951 | seq = send ? s->s3->write_sequence : s->s3->read_sequence; | ||
| 952 | 949 | ||
| 953 | if (SSL_IS_DTLS(s)) { | 950 | if (SSL_IS_DTLS(s)) { |
| 954 | unsigned char dtlsseq[9], *p = dtlsseq; | 951 | unsigned char dtlsseq[9], *p = dtlsseq; |
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 6901ff54da..c4d53af556 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_enc.c,v 1.61 2014/06/21 14:06:36 jsing Exp $ */ | 1 | /* $OpenBSD: t1_enc.c,v 1.62 2014/06/21 14:45:22 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -775,24 +775,25 @@ tls1_enc(SSL *s, int send) | |||
| 775 | const EVP_CIPHER *enc; | 775 | const EVP_CIPHER *enc; |
| 776 | EVP_CIPHER_CTX *ds; | 776 | EVP_CIPHER_CTX *ds; |
| 777 | SSL3_RECORD *rec; | 777 | SSL3_RECORD *rec; |
| 778 | unsigned char *seq; | ||
| 778 | unsigned long l; | 779 | unsigned long l; |
| 779 | int bs, i, j, k, pad = 0, ret, mac_size = 0; | 780 | int bs, i, j, k, pad = 0, ret, mac_size = 0; |
| 780 | 781 | ||
| 781 | if (send) { | 782 | if (send) { |
| 782 | aead = s->aead_write_ctx; | 783 | aead = s->aead_write_ctx; |
| 783 | rec = &s->s3->wrec; | 784 | rec = &s->s3->wrec; |
| 785 | seq = s->s3->write_sequence; | ||
| 784 | } else { | 786 | } else { |
| 785 | aead = s->aead_read_ctx; | 787 | aead = s->aead_read_ctx; |
| 786 | rec = &s->s3->rrec; | 788 | rec = &s->s3->rrec; |
| 789 | seq = s->s3->read_sequence; | ||
| 787 | } | 790 | } |
| 788 | 791 | ||
| 789 | if (aead) { | 792 | if (aead) { |
| 790 | unsigned char ad[13], *seq, *in, *out, nonce[16]; | 793 | unsigned char ad[13], *in, *out, nonce[16]; |
| 791 | unsigned nonce_used; | 794 | unsigned nonce_used; |
| 792 | ssize_t n; | 795 | ssize_t n; |
| 793 | 796 | ||
| 794 | seq = send ? s->s3->write_sequence : s->s3->read_sequence; | ||
| 795 | |||
| 796 | if (SSL_IS_DTLS(s)) { | 797 | if (SSL_IS_DTLS(s)) { |
| 797 | unsigned char dtlsseq[9], *p = dtlsseq; | 798 | unsigned char dtlsseq[9], *p = dtlsseq; |
| 798 | 799 | ||
| @@ -903,7 +904,6 @@ tls1_enc(SSL *s, int send) | |||
| 903 | OPENSSL_assert(n >= 0); | 904 | OPENSSL_assert(n >= 0); |
| 904 | } | 905 | } |
| 905 | ds = s->enc_write_ctx; | 906 | ds = s->enc_write_ctx; |
| 906 | rec = &(s->s3->wrec); | ||
| 907 | if (s->enc_write_ctx == NULL) | 907 | if (s->enc_write_ctx == NULL) |
| 908 | enc = NULL; | 908 | enc = NULL; |
| 909 | else { | 909 | else { |
| @@ -930,7 +930,6 @@ tls1_enc(SSL *s, int send) | |||
| 930 | OPENSSL_assert(n >= 0); | 930 | OPENSSL_assert(n >= 0); |
| 931 | } | 931 | } |
| 932 | ds = s->enc_read_ctx; | 932 | ds = s->enc_read_ctx; |
| 933 | rec = &(s->s3->rrec); | ||
| 934 | if (s->enc_read_ctx == NULL) | 933 | if (s->enc_read_ctx == NULL) |
| 935 | enc = NULL; | 934 | enc = NULL; |
| 936 | else | 935 | else |
| @@ -946,9 +945,7 @@ tls1_enc(SSL *s, int send) | |||
| 946 | bs = EVP_CIPHER_block_size(ds->cipher); | 945 | bs = EVP_CIPHER_block_size(ds->cipher); |
| 947 | 946 | ||
| 948 | if (EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) { | 947 | if (EVP_CIPHER_flags(ds->cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) { |
| 949 | unsigned char buf[13], *seq; | 948 | unsigned char buf[13]; |
| 950 | |||
| 951 | seq = send ? s->s3->write_sequence : s->s3->read_sequence; | ||
| 952 | 949 | ||
| 953 | if (SSL_IS_DTLS(s)) { | 950 | if (SSL_IS_DTLS(s)) { |
| 954 | unsigned char dtlsseq[9], *p = dtlsseq; | 951 | unsigned char dtlsseq[9], *p = dtlsseq; |