summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjsing <>2014-09-22 13:18:50 +0000
committerjsing <>2014-09-22 13:18:50 +0000
commit93a144bf193161ecec0ea955305c15f5f141bd08 (patch)
treeb63cda226d6277c3da1374722c5104d68c4f6081
parentf0cda88b271cabe457d56240d785628f22bb3992 (diff)
downloadopenbsd-93a144bf193161ecec0ea955305c15f5f141bd08.tar.gz
openbsd-93a144bf193161ecec0ea955305c15f5f141bd08.tar.bz2
openbsd-93a144bf193161ecec0ea955305c15f5f141bd08.zip
Also check the result from final_finish_mac() against finish_mac_length in
ssl3_send_finished(). While this previously checked against a zero return value (which could occur on failure), we may as well test against the expected length, since we already know what that is.
Diffstat
-rw-r--r--src/lib/libssl/s3_both.c36
-rw-r--r--src/lib/libssl/src/ssl/s3_both.c36
2 files changed, 34 insertions, 38 deletions
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c
index 17368f1107..6d108c295b 100644
--- a/src/lib/libssl/s3_both.c
+++ b/src/lib/libssl/s3_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_both.c,v 1.29 2014/09/22 12:36:06 jsing Exp $ */ 1/* $OpenBSD: s3_both.c,v 1.30 2014/09/22 13:18:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -153,34 +153,32 @@ int
153ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) 153ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
154{ 154{
155 unsigned char *p, *d; 155 unsigned char *p, *d;
156 int i;
157 unsigned long l; 156 unsigned long l;
157 int md_len;
158 158
159 if (s->state == a) { 159 if (s->state == a) {
160 d = (unsigned char *)s->init_buf->data; 160 d = (unsigned char *)s->init_buf->data;
161 p = &(d[4]); 161 p = &(d[4]);
162 162
163 i = s->method->ssl3_enc->final_finish_mac(s, 163 md_len = s->method->ssl3_enc->finish_mac_length;
164 sender, slen, s->s3->tmp.finish_md); 164 if (s->method->ssl3_enc->final_finish_mac(s, sender, slen,
165 if (i == 0) 165 s->s3->tmp.finish_md) != md_len)
166 return 0; 166 return (0);
167 s->s3->tmp.finish_md_len = i; 167 s->s3->tmp.finish_md_len = md_len;
168 memcpy(p, s->s3->tmp.finish_md, i); 168 memcpy(p, s->s3->tmp.finish_md, md_len);
169 p += i; 169 p += md_len;
170 l = i; 170 l = md_len;
171 171
172 /* Copy the finished so we can use it for 172 /* Copy finished so we can use it for renegotiation checks. */
173 renegotiation checks */ 173 OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);
174 if (s->type == SSL_ST_CONNECT) { 174 if (s->type == SSL_ST_CONNECT) {
175 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
176 memcpy(s->s3->previous_client_finished, 175 memcpy(s->s3->previous_client_finished,
177 s->s3->tmp.finish_md, i); 176 s->s3->tmp.finish_md, md_len);
178 s->s3->previous_client_finished_len = i; 177 s->s3->previous_client_finished_len = md_len;
179 } else { 178 } else {
180 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
181 memcpy(s->s3->previous_server_finished, 179 memcpy(s->s3->previous_server_finished,
182 s->s3->tmp.finish_md, i); 180 s->s3->tmp.finish_md, md_len);
183 s->s3->previous_server_finished_len = i; 181 s->s3->previous_server_finished_len = md_len;
184 } 182 }
185 183
186 *(d++) = SSL3_MT_FINISHED; 184 *(d++) = SSL3_MT_FINISHED;
diff --git a/src/lib/libssl/src/ssl/s3_both.c b/src/lib/libssl/src/ssl/s3_both.c
index 17368f1107..6d108c295b 100644
--- a/src/lib/libssl/src/ssl/s3_both.c
+++ b/src/lib/libssl/src/ssl/s3_both.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_both.c,v 1.29 2014/09/22 12:36:06 jsing Exp $ */ 1/* $OpenBSD: s3_both.c,v 1.30 2014/09/22 13:18:50 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -153,34 +153,32 @@ int
153ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen) 153ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
154{ 154{
155 unsigned char *p, *d; 155 unsigned char *p, *d;
156 int i;
157 unsigned long l; 156 unsigned long l;
157 int md_len;
158 158
159 if (s->state == a) { 159 if (s->state == a) {
160 d = (unsigned char *)s->init_buf->data; 160 d = (unsigned char *)s->init_buf->data;
161 p = &(d[4]); 161 p = &(d[4]);
162 162
163 i = s->method->ssl3_enc->final_finish_mac(s, 163 md_len = s->method->ssl3_enc->finish_mac_length;
164 sender, slen, s->s3->tmp.finish_md); 164 if (s->method->ssl3_enc->final_finish_mac(s, sender, slen,
165 if (i == 0) 165 s->s3->tmp.finish_md) != md_len)
166 return 0; 166 return (0);
167 s->s3->tmp.finish_md_len = i; 167 s->s3->tmp.finish_md_len = md_len;
168 memcpy(p, s->s3->tmp.finish_md, i); 168 memcpy(p, s->s3->tmp.finish_md, md_len);
169 p += i; 169 p += md_len;
170 l = i; 170 l = md_len;
171 171
172 /* Copy the finished so we can use it for 172 /* Copy finished so we can use it for renegotiation checks. */
173 renegotiation checks */ 173 OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);
174 if (s->type == SSL_ST_CONNECT) { 174 if (s->type == SSL_ST_CONNECT) {
175 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
176 memcpy(s->s3->previous_client_finished, 175 memcpy(s->s3->previous_client_finished,
177 s->s3->tmp.finish_md, i); 176 s->s3->tmp.finish_md, md_len);
178 s->s3->previous_client_finished_len = i; 177 s->s3->previous_client_finished_len = md_len;
179 } else { 178 } else {
180 OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
181 memcpy(s->s3->previous_server_finished, 179 memcpy(s->s3->previous_server_finished,
182 s->s3->tmp.finish_md, i); 180 s->s3->tmp.finish_md, md_len);
183 s->s3->previous_server_finished_len = i; 181 s->s3->previous_server_finished_len = md_len;
184 } 182 }
185 183
186 *(d++) = SSL3_MT_FINISHED; 184 *(d++) = SSL3_MT_FINISHED;
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 14:39:25 +0000