Mop up dtls1_get_ccs_header() and struct ccs_header_st.

All this code does is read one byte from memory with an unknown length, potentially being a one byte overread... and then nothing is actually done with the value. ok tb@
author: jsing <> 2021-07-19 08:42:24 +0000
committer: jsing <> 2021-07-19 08:42:24 +0000
commit: 55a704a90e9e377c223d07834fbadb44be0ab0a2 (patch)
tree: fcdf7be991a935818048c885037a88e82337072d
parent: 4de658e74ecddfe0253c2d0c886a1e9a75a076cf (diff)
download: openbsd-55a704a90e9e377c223d07834fbadb44be0ab0a2.tar.gz
openbsd-55a704a90e9e377c223d07834fbadb44be0ab0a2.tar.bz2
openbsd-55a704a90e9e377c223d07834fbadb44be0ab0a2.zip
3 files changed, 3 insertions, 21 deletions
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index 2e5e86641c..61dc47b4b7 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_both.c,v 1.76 2021/07/01 17:53:39 jsing Exp $ */
+/* $OpenBSD: d1_both.c,v 1.77 2021/07/19 08:42:24 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -1202,11 +1202,3 @@ dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
        return 1;
 }
-void
-dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr)
-{
-        memset(ccs_hdr, 0, sizeof(struct ccs_header_st));
-        ccs_hdr->type = *(data++);
-}
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 36dd255722..2610206797 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.100 2021/07/19 08:39:28 jsing Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.101 2021/07/19 08:42:24 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -835,10 +835,6 @@ dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
        }
        if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) {
-                struct ccs_header_st ccs_hdr;
-                dtls1_get_ccs_header(rr->data, &ccs_hdr);
                /* 'Change Cipher Spec' is just a single byte, so we know
                 * exactly what the record payload has to look like */
                /* XDTLS: check that epoch is consistent */
diff --git a/src/lib/libssl/dtls_locl.h b/src/lib/libssl/dtls_locl.h
index 9bf1fe6661..9e0699d098 100644
--- a/src/lib/libssl/dtls_locl.h
+++ b/src/lib/libssl/dtls_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dtls_locl.h,v 1.1 2021/05/16 13:56:30 jsing Exp $ */
+/* $OpenBSD: dtls_locl.h,v 1.2 2021/07/19 08:42:24 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -93,11 +93,6 @@ struct hm_header_st {
        struct dtls1_retransmit_state saved_retransmit_state;
 };
-struct ccs_header_st {
-        unsigned char type;
-        unsigned short seq;
-};
 struct dtls1_timeout_st {
        /* Number of read timeouts so far */
        unsigned int read_timeouts;
@@ -225,7 +220,6 @@ int dtls1_retransmit_buffered_messages(SSL *s);
 void dtls1_clear_record_buffer(SSL *s);
 int dtls1_get_message_header(unsigned char *data,
    struct hm_header_st *msg_hdr);
-void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr);
 void dtls1_reset_read_seq_numbers(SSL *s);
 struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft);
 int dtls1_check_timeout_num(SSL *s);
author	jsing <>	2021-07-19 08:42:24 +0000
committer	jsing <>	2021-07-19 08:42:24 +0000
commit	55a704a90e9e377c223d07834fbadb44be0ab0a2 (patch)
tree	fcdf7be991a935818048c885037a88e82337072d
parent	4de658e74ecddfe0253c2d0c886a1e9a75a076cf (diff)
download	openbsd-55a704a90e9e377c223d07834fbadb44be0ab0a2.tar.gz openbsd-55a704a90e9e377c223d07834fbadb44be0ab0a2.tar.bz2 openbsd-55a704a90e9e377c223d07834fbadb44be0ab0a2.zip