Convert various handshake message generation functions to CBB.

ok beck@ inoguchi@
author: jsing <> 2017-03-05 14:24:12 +0000
committer: jsing <> 2017-03-05 14:24:12 +0000
commit: b7e97f3829f43765f12691c1665b5e6017d75d28 (patch)
tree: 6fbb1cdc98eee28de2283fa4a24cba271159b124
parent: 09f0e9b21348ea5dac5102d84e10045c88358c5c (diff)
download: openbsd-b7e97f3829f43765f12691c1665b5e6017d75d28.tar.gz
openbsd-b7e97f3829f43765f12691c1665b5e6017d75d28.tar.bz2
openbsd-b7e97f3829f43765f12691c1665b5e6017d75d28.zip
4 files changed, 113 insertions, 56 deletions
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index 860a5fc4e3..508e131730 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srvr.c,v 1.84 2017/02/07 02:08:38 beck Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.85 2017/03/05 14:24:12 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -693,31 +693,38 @@ end:
 int
 dtls1_send_hello_verify_request(SSL *s)
 {
-        unsigned char *d, *p;
+        CBB cbb, verify, cookie;
-        if (s->internal->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {
+        memset(&cbb, 0, sizeof(cbb));
-                d = p = ssl3_handshake_msg_start(s,
-                    DTLS1_MT_HELLO_VERIFY_REQUEST);
-                *(p++) = s->version >> 8;
-                *(p++) = s->version & 0xFF;
+        if (s->internal->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {
                if (s->ctx->internal->app_gen_cookie_cb == NULL ||
-                    s->ctx->internal->app_gen_cookie_cb(s,
+                    s->ctx->internal->app_gen_cookie_cb(s, D1I(s)->cookie,
-                        D1I(s)->cookie, &(D1I(s)->cookie_len)) == 0) {
+                        &(D1I(s)->cookie_len)) == 0) {
                        SSLerror(s, ERR_R_INTERNAL_ERROR);
                        return 0;
                }
-                *(p++) = (unsigned char) D1I(s)->cookie_len;
+                if (!ssl3_handshake_msg_start_cbb(s, &cbb, &verify,
-                memcpy(p, D1I(s)->cookie, D1I(s)->cookie_len);
+                    DTLS1_MT_HELLO_VERIFY_REQUEST))
-                p += D1I(s)->cookie_len;
+                        goto err;
+                if (!CBB_add_u16(&verify, s->version))
-                ssl3_handshake_msg_finish(s, p - d);
+                        goto err;
+                if (!CBB_add_u8_length_prefixed(&verify, &cookie))
+                        goto err;
+                if (!CBB_add_bytes(&cookie, D1I(s)->cookie, D1I(s)->cookie_len))
+                        goto err;
+                if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
+                        goto err;
                s->internal->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;
        }
        /* s->internal->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
        return (ssl3_handshake_write(s));
+ err:
+        CBB_cleanup(&cbb);
+        return (-1);
 }
diff --git a/src/lib/libssl/ssl_both.c b/src/lib/libssl/ssl_both.c
index 14fd121d53..d1a0879b72 100644
--- a/src/lib/libssl/ssl_both.c
+++ b/src/lib/libssl/ssl_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_both.c,v 1.6 2017/02/07 02:08:38 beck Exp $ */
+/* $OpenBSD: ssl_both.c,v 1.7 2017/03/05 14:24:12 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -166,9 +166,11 @@ ssl3_do_write(SSL *s, int type)
 int
 ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
 {
-        unsigned char *p;
+        CBB cbb, finished;
        int md_len;
+        memset(&cbb, 0, sizeof(cbb));
        if (s->internal->state == a) {
                md_len = TLS1_FINISH_MAC_LENGTH;
                OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);
@@ -189,14 +191,23 @@ ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
                        S3I(s)->previous_server_finished_len = md_len;
                }
-                p = ssl3_handshake_msg_start(s, SSL3_MT_FINISHED);
+                if (!ssl3_handshake_msg_start_cbb(s, &cbb, &finished,
-                memcpy(p, S3I(s)->tmp.finish_md, md_len);
+                    SSL3_MT_FINISHED))
-                ssl3_handshake_msg_finish(s, md_len);
+                        goto err;
+                if (!CBB_add_bytes(&finished, S3I(s)->tmp.finish_md, md_len))
+                        goto err;
+                if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
+                        goto err;
                s->internal->state = b;
        }
        return (ssl3_handshake_write(s));
+ err:
+        CBB_cleanup(&cbb);
+        return (-1);
 }
 /*
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 65939141a2..f46b66c372 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.8 2017/03/04 16:15:02 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.9 2017/03/05 14:24:12 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -2619,27 +2619,40 @@ err:
 int
 ssl3_send_next_proto(SSL *s)
 {
-        unsigned int     len, padding_len;
+        CBB cbb, nextproto, npn, padding;
-        unsigned char   *d, *p;
+        size_t pad_len;
+        uint8_t *pad;
-        if (s->internal->state == SSL3_ST_CW_NEXT_PROTO_A) {
+        memset(&cbb, 0, sizeof(cbb));
-                d = p = ssl3_handshake_msg_start(s, SSL3_MT_NEXT_PROTO);
-                len = s->internal->next_proto_negotiated_len;
+        if (s->internal->state == SSL3_ST_CW_NEXT_PROTO_A) {
-                padding_len = 32 - ((len + 2) % 32);
+                pad_len = 32 - ((s->internal->next_proto_negotiated_len + 2) % 32);
-                *(p++) = len;
-                memcpy(p, s->internal->next_proto_negotiated, len);
-                p += len;
-                *(p++) = padding_len;
-                memset(p, 0, padding_len);
-                p += padding_len;
-                ssl3_handshake_msg_finish(s, p - d);
+                if (!ssl3_handshake_msg_start_cbb(s, &cbb, &nextproto,
+                    SSL3_MT_NEXT_PROTO))
+                        goto err;
+                if (!CBB_add_u8_length_prefixed(&nextproto, &npn))
+                        goto err;
+                if (!CBB_add_bytes(&npn, s->internal->next_proto_negotiated,
+                    s->internal->next_proto_negotiated_len))
+                        goto err;
+                if (!CBB_add_u8_length_prefixed(&nextproto, &padding))
+                        goto err;
+                if (!CBB_add_space(&padding, &pad, pad_len))
+                        goto err;
+                memset(pad, 0, pad_len);
+                if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
+                        goto err;
                s->internal->state = SSL3_ST_CW_NEXT_PROTO_B;
        }
        return (ssl3_handshake_write(s));
+ err:
+        CBB_cleanup(&cbb);
+        return (-1);
 }
 /*
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index ddf8755707..09ea657174 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.8 2017/03/01 14:01:24 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.9 2017/03/05 14:24:12 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -705,15 +705,27 @@ end:
 int
 ssl3_send_hello_request(SSL *s)
 {
+        CBB cbb, hello;
+        memset(&cbb, 0, sizeof(cbb));
        if (s->internal->state == SSL3_ST_SW_HELLO_REQ_A) {
-                ssl3_handshake_msg_start(s, SSL3_MT_HELLO_REQUEST);
+                if (!ssl3_handshake_msg_start_cbb(s, &cbb, &hello,
-                ssl3_handshake_msg_finish(s, 0);
+                    SSL3_MT_HELLO_REQUEST))
+                        goto err;
+                if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
+                        goto err;
                s->internal->state = SSL3_ST_SW_HELLO_REQ_B;
        }
        /* SSL3_ST_SW_HELLO_REQ_B */
        return (ssl3_handshake_write(s));
+ err:
+        CBB_cleanup(&cbb);
+        return (-1);
 }
 int
@@ -1166,15 +1178,27 @@ ssl3_send_server_hello(SSL *s)
 int
 ssl3_send_server_done(SSL *s)
 {
+        CBB cbb, done;
+        memset(&cbb, 0, sizeof(cbb));
        if (s->internal->state == SSL3_ST_SW_SRVR_DONE_A) {
-                ssl3_handshake_msg_start(s, SSL3_MT_SERVER_DONE);
+                if (!ssl3_handshake_msg_start_cbb(s, &cbb, &done,
-                ssl3_handshake_msg_finish(s, 0);
+                    SSL3_MT_SERVER_DONE))
+                        goto err;
+                if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
+                        goto err;
                s->internal->state = SSL3_ST_SW_SRVR_DONE_B;
        }
        /* SSL3_ST_SW_SRVR_DONE_B */
        return (ssl3_handshake_write(s));
+ err:
+        CBB_cleanup(&cbb);
+        return (-1);
 }
 int
@@ -2718,32 +2742,34 @@ ssl3_send_newsession_ticket(SSL *s)
 int
 ssl3_send_cert_status(SSL *s)
 {
-        unsigned char *p;
+        CBB cbb, certstatus, ocspresp;
+        memset(&cbb, 0, sizeof(cbb));
        if (s->internal->state == SSL3_ST_SW_CERT_STATUS_A) {
-                /*
+                if (!ssl3_handshake_msg_start_cbb(s, &cbb, &certstatus,
-                 * Grow buffer if need be: the length calculation is as
+                    SSL3_MT_CERTIFICATE_STATUS))
-                 * follows 1 (message type) + 3 (message length) +
+                        goto err;
-                 * 1 (ocsp response type) + 3 (ocsp response length)
+                if (!CBB_add_u8(&certstatus, s->tlsext_status_type))
-                 * + (ocsp response)
+                        goto err;
-                 */
+                if (!CBB_add_u24_length_prefixed(&certstatus, &ocspresp))
-                if (!BUF_MEM_grow(s->internal->init_buf, SSL3_HM_HEADER_LENGTH + 4 +
+                        goto err;
+                if (!CBB_add_bytes(&ocspresp, s->internal->tlsext_ocsp_resp,
                    s->internal->tlsext_ocsp_resplen))
-                        return (-1);
+                        goto err;
+                if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
-                p = ssl3_handshake_msg_start(s, SSL3_MT_CERTIFICATE_STATUS);
+                        goto err;
-                *(p++) = s->tlsext_status_type;
-                l2n3(s->internal->tlsext_ocsp_resplen, p);
-                memcpy(p, s->internal->tlsext_ocsp_resp, s->internal->tlsext_ocsp_resplen);
-                ssl3_handshake_msg_finish(s, s->internal->tlsext_ocsp_resplen + 4);
                s->internal->state = SSL3_ST_SW_CERT_STATUS_B;
        }
        /* SSL3_ST_SW_CERT_STATUS_B */
        return (ssl3_handshake_write(s));
+ err:
+        CBB_cleanup(&cbb);
+        return (-1);
 }
 /*
author	jsing <>	2017-03-05 14:24:12 +0000
committer	jsing <>	2017-03-05 14:24:12 +0000
commit	b7e97f3829f43765f12691c1665b5e6017d75d28 (patch)
tree	6fbb1cdc98eee28de2283fa4a24cba271159b124
parent	09f0e9b21348ea5dac5102d84e10045c88358c5c (diff)
download	openbsd-b7e97f3829f43765f12691c1665b5e6017d75d28.tar.gz openbsd-b7e97f3829f43765f12691c1665b5e6017d75d28.tar.bz2 openbsd-b7e97f3829f43765f12691c1665b5e6017d75d28.zip

diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c index 860a5fc4e3..508e131730 100644 --- a/src/lib/libssl/d1_srvr.c +++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_srvr.c,v 1.84 2017/02/07 02:08:38 beck Exp $ */	1	/* $OpenBSD: d1_srvr.c,v 1.85 2017/03/05 14:24:12 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -693,31 +693,38 @@ end:
693	int	693	int
694	dtls1_send_hello_verify_request(SSL *s)	694	dtls1_send_hello_verify_request(SSL *s)
695	{	695	{
696	unsigned char d, p;	696	CBB cbb, verify, cookie;
697		697
698	if (s->internal->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {	698	memset(&cbb, 0, sizeof(cbb));
699	d = p = ssl3_handshake_msg_start(s,
700	DTLS1_MT_HELLO_VERIFY_REQUEST);
701
702	*(p++) = s->version >> 8;
703	*(p++) = s->version & 0xFF;
704		699
		700	if (s->internal->state == DTLS1_ST_SW_HELLO_VERIFY_REQUEST_A) {
705	if (s->ctx->internal->app_gen_cookie_cb == NULL \|\|	701	if (s->ctx->internal->app_gen_cookie_cb == NULL \|\|
706	s->ctx->internal->app_gen_cookie_cb(s,	702	s->ctx->internal->app_gen_cookie_cb(s, D1I(s)->cookie,
707	D1I(s)->cookie, &(D1I(s)->cookie_len)) == 0) {	703	&(D1I(s)->cookie_len)) == 0) {
708	SSLerror(s, ERR_R_INTERNAL_ERROR);	704	SSLerror(s, ERR_R_INTERNAL_ERROR);
709	return 0;	705	return 0;
710	}	706	}
711		707
712	*(p++) = (unsigned char) D1I(s)->cookie_len;	708	if (!ssl3_handshake_msg_start_cbb(s, &cbb, &verify,
713	memcpy(p, D1I(s)->cookie, D1I(s)->cookie_len);	709	DTLS1_MT_HELLO_VERIFY_REQUEST))
714	p += D1I(s)->cookie_len;	710	goto err;
715		711	if (!CBB_add_u16(&verify, s->version))
716	ssl3_handshake_msg_finish(s, p - d);	712	goto err;
		713	if (!CBB_add_u8_length_prefixed(&verify, &cookie))
		714	goto err;
		715	if (!CBB_add_bytes(&cookie, D1I(s)->cookie, D1I(s)->cookie_len))
		716	goto err;
		717	if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
		718	goto err;
717		719
718	s->internal->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;	720	s->internal->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B;
719	}	721	}
720		722
721	/* s->internal->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */	723	/* s->internal->state = DTLS1_ST_SW_HELLO_VERIFY_REQUEST_B */
722	return (ssl3_handshake_write(s));	724	return (ssl3_handshake_write(s));
		725
		726	err:
		727	CBB_cleanup(&cbb);
		728
		729	return (-1);
723	}	730	}


diff --git a/src/lib/libssl/ssl_both.c b/src/lib/libssl/ssl_both.c index 14fd121d53..d1a0879b72 100644 --- a/src/lib/libssl/ssl_both.c +++ b/src/lib/libssl/ssl_both.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_both.c,v 1.6 2017/02/07 02:08:38 beck Exp $ */	1	/* $OpenBSD: ssl_both.c,v 1.7 2017/03/05 14:24:12 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -166,9 +166,11 @@ ssl3_do_write(SSL *s, int type)
166	int	166	int
167	ssl3_send_finished(SSL s, int a, int b, const char sender, int slen)	167	ssl3_send_finished(SSL s, int a, int b, const char sender, int slen)
168	{	168	{
169	unsigned char *p;	169	CBB cbb, finished;
170	int md_len;	170	int md_len;
171		171
		172	memset(&cbb, 0, sizeof(cbb));
		173
172	if (s->internal->state == a) {	174	if (s->internal->state == a) {
173	md_len = TLS1_FINISH_MAC_LENGTH;	175	md_len = TLS1_FINISH_MAC_LENGTH;
174	OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);	176	OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);
@@ -189,14 +191,23 @@ ssl3_send_finished(SSL s, int a, int b, const char sender, int slen)
189	S3I(s)->previous_server_finished_len = md_len;	191	S3I(s)->previous_server_finished_len = md_len;
190	}	192	}
191		193
192	p = ssl3_handshake_msg_start(s, SSL3_MT_FINISHED);	194	if (!ssl3_handshake_msg_start_cbb(s, &cbb, &finished,
193	memcpy(p, S3I(s)->tmp.finish_md, md_len);	195	SSL3_MT_FINISHED))
194	ssl3_handshake_msg_finish(s, md_len);	196	goto err;
		197	if (!CBB_add_bytes(&finished, S3I(s)->tmp.finish_md, md_len))
		198	goto err;
		199	if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
		200	goto err;
195		201
196	s->internal->state = b;	202	s->internal->state = b;
197	}	203	}
198		204
199	return (ssl3_handshake_write(s));	205	return (ssl3_handshake_write(s));
		206
		207	err:
		208	CBB_cleanup(&cbb);
		209
		210	return (-1);
200	}	211	}
201		212
202	/*	213	/*


diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 65939141a2..f46b66c372 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_clnt.c,v 1.8 2017/03/04 16:15:02 jsing Exp $ */	1	/* $OpenBSD: ssl_clnt.c,v 1.9 2017/03/05 14:24:12 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -2619,27 +2619,40 @@ err:
2619	int	2619	int
2620	ssl3_send_next_proto(SSL *s)	2620	ssl3_send_next_proto(SSL *s)
2621	{	2621	{
2622	unsigned int len, padding_len;	2622	CBB cbb, nextproto, npn, padding;
2623	unsigned char d, p;	2623	size_t pad_len;
		2624	uint8_t *pad;
2624		2625
2625	if (s->internal->state == SSL3_ST_CW_NEXT_PROTO_A) {	2626	memset(&cbb, 0, sizeof(cbb));
2626	d = p = ssl3_handshake_msg_start(s, SSL3_MT_NEXT_PROTO);
2627		2627
2628	len = s->internal->next_proto_negotiated_len;	2628	if (s->internal->state == SSL3_ST_CW_NEXT_PROTO_A) {
2629	padding_len = 32 - ((len + 2) % 32);	2629	pad_len = 32 - ((s->internal->next_proto_negotiated_len + 2) % 32);
2630	*(p++) = len;
2631	memcpy(p, s->internal->next_proto_negotiated, len);
2632	p += len;
2633	*(p++) = padding_len;
2634	memset(p, 0, padding_len);
2635	p += padding_len;
2636		2630
2637	ssl3_handshake_msg_finish(s, p - d);	2631	if (!ssl3_handshake_msg_start_cbb(s, &cbb, &nextproto,
		2632	SSL3_MT_NEXT_PROTO))
		2633	goto err;
		2634	if (!CBB_add_u8_length_prefixed(&nextproto, &npn))
		2635	goto err;
		2636	if (!CBB_add_bytes(&npn, s->internal->next_proto_negotiated,
		2637	s->internal->next_proto_negotiated_len))
		2638	goto err;
		2639	if (!CBB_add_u8_length_prefixed(&nextproto, &padding))
		2640	goto err;
		2641	if (!CBB_add_space(&padding, &pad, pad_len))
		2642	goto err;
		2643	memset(pad, 0, pad_len);
		2644	if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
		2645	goto err;
2638		2646
2639	s->internal->state = SSL3_ST_CW_NEXT_PROTO_B;	2647	s->internal->state = SSL3_ST_CW_NEXT_PROTO_B;
2640	}	2648	}
2641		2649
2642	return (ssl3_handshake_write(s));	2650	return (ssl3_handshake_write(s));
		2651
		2652	err:
		2653	CBB_cleanup(&cbb);
		2654
		2655	return (-1);
2643	}	2656	}
2644		2657
2645	/*	2658	/*


diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index ddf8755707..09ea657174 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_srvr.c,v 1.8 2017/03/01 14:01:24 jsing Exp $ */	1	/* $OpenBSD: ssl_srvr.c,v 1.9 2017/03/05 14:24:12 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -705,15 +705,27 @@ end:
705	int	705	int
706	ssl3_send_hello_request(SSL *s)	706	ssl3_send_hello_request(SSL *s)
707	{	707	{
		708	CBB cbb, hello;
		709
		710	memset(&cbb, 0, sizeof(cbb));
		711
708	if (s->internal->state == SSL3_ST_SW_HELLO_REQ_A) {	712	if (s->internal->state == SSL3_ST_SW_HELLO_REQ_A) {
709	ssl3_handshake_msg_start(s, SSL3_MT_HELLO_REQUEST);	713	if (!ssl3_handshake_msg_start_cbb(s, &cbb, &hello,
710	ssl3_handshake_msg_finish(s, 0);	714	SSL3_MT_HELLO_REQUEST))
		715	goto err;
		716	if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
		717	goto err;
711		718
712	s->internal->state = SSL3_ST_SW_HELLO_REQ_B;	719	s->internal->state = SSL3_ST_SW_HELLO_REQ_B;
713	}	720	}
714		721
715	/* SSL3_ST_SW_HELLO_REQ_B */	722	/* SSL3_ST_SW_HELLO_REQ_B */
716	return (ssl3_handshake_write(s));	723	return (ssl3_handshake_write(s));
		724
		725	err:
		726	CBB_cleanup(&cbb);
		727
		728	return (-1);
717	}	729	}
718		730
719	int	731	int
@@ -1166,15 +1178,27 @@ ssl3_send_server_hello(SSL *s)
1166	int	1178	int
1167	ssl3_send_server_done(SSL *s)	1179	ssl3_send_server_done(SSL *s)
1168	{	1180	{
		1181	CBB cbb, done;
		1182
		1183	memset(&cbb, 0, sizeof(cbb));
		1184
1169	if (s->internal->state == SSL3_ST_SW_SRVR_DONE_A) {	1185	if (s->internal->state == SSL3_ST_SW_SRVR_DONE_A) {
1170	ssl3_handshake_msg_start(s, SSL3_MT_SERVER_DONE);	1186	if (!ssl3_handshake_msg_start_cbb(s, &cbb, &done,
1171	ssl3_handshake_msg_finish(s, 0);	1187	SSL3_MT_SERVER_DONE))
		1188	goto err;
		1189	if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
		1190	goto err;
1172		1191
1173	s->internal->state = SSL3_ST_SW_SRVR_DONE_B;	1192	s->internal->state = SSL3_ST_SW_SRVR_DONE_B;
1174	}	1193	}
1175		1194
1176	/* SSL3_ST_SW_SRVR_DONE_B */	1195	/* SSL3_ST_SW_SRVR_DONE_B */
1177	return (ssl3_handshake_write(s));	1196	return (ssl3_handshake_write(s));
		1197
		1198	err:
		1199	CBB_cleanup(&cbb);
		1200
		1201	return (-1);
1178	}	1202	}
1179		1203
1180	int	1204	int
@@ -2718,32 +2742,34 @@ ssl3_send_newsession_ticket(SSL *s)
2718	int	2742	int
2719	ssl3_send_cert_status(SSL *s)	2743	ssl3_send_cert_status(SSL *s)
2720	{	2744	{
2721	unsigned char *p;	2745	CBB cbb, certstatus, ocspresp;
		2746
		2747	memset(&cbb, 0, sizeof(cbb));
2722		2748
2723	if (s->internal->state == SSL3_ST_SW_CERT_STATUS_A) {	2749	if (s->internal->state == SSL3_ST_SW_CERT_STATUS_A) {
2724	/*	2750	if (!ssl3_handshake_msg_start_cbb(s, &cbb, &certstatus,
2725	* Grow buffer if need be: the length calculation is as	2751	SSL3_MT_CERTIFICATE_STATUS))
2726	* follows 1 (message type) + 3 (message length) +	2752	goto err;
2727	* 1 (ocsp response type) + 3 (ocsp response length)	2753	if (!CBB_add_u8(&certstatus, s->tlsext_status_type))
2728	* + (ocsp response)	2754	goto err;
2729	*/	2755	if (!CBB_add_u24_length_prefixed(&certstatus, &ocspresp))
2730	if (!BUF_MEM_grow(s->internal->init_buf, SSL3_HM_HEADER_LENGTH + 4 +	2756	goto err;
		2757	if (!CBB_add_bytes(&ocspresp, s->internal->tlsext_ocsp_resp,
2731	s->internal->tlsext_ocsp_resplen))	2758	s->internal->tlsext_ocsp_resplen))
2732	return (-1);	2759	goto err;
2733		2760	if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
2734	p = ssl3_handshake_msg_start(s, SSL3_MT_CERTIFICATE_STATUS);	2761	goto err;
2735
2736	*(p++) = s->tlsext_status_type;
2737	l2n3(s->internal->tlsext_ocsp_resplen, p);
2738	memcpy(p, s->internal->tlsext_ocsp_resp, s->internal->tlsext_ocsp_resplen);
2739
2740	ssl3_handshake_msg_finish(s, s->internal->tlsext_ocsp_resplen + 4);
2741		2762
2742	s->internal->state = SSL3_ST_SW_CERT_STATUS_B;	2763	s->internal->state = SSL3_ST_SW_CERT_STATUS_B;
2743	}	2764	}
2744		2765
2745	/* SSL3_ST_SW_CERT_STATUS_B */	2766	/* SSL3_ST_SW_CERT_STATUS_B */
2746	return (ssl3_handshake_write(s));	2767	return (ssl3_handshake_write(s));
		2768
		2769	err:
		2770	CBB_cleanup(&cbb);
		2771
		2772	return (-1);
2747	}	2773	}
2748		2774
2749	/*	2775	/*