diff options
| author | doug <> | 2015-07-14 03:38:26 +0000 |
|---|---|---|
| committer | doug <> | 2015-07-14 03:38:26 +0000 |
| commit | b127caa4bc904d0640762fea9bab8484ab517c85 (patch) | |
| tree | f5059644fa2b5036ffaaa06fcdd146230002f031 /src/lib/libssl/d1_srtp.c | |
| parent | bcdb20158fefe3cccdac7449460a8cab650feded (diff) | |
| download | openbsd-b127caa4bc904d0640762fea9bab8484ab517c85.tar.gz openbsd-b127caa4bc904d0640762fea9bab8484ab517c85.tar.bz2 openbsd-b127caa4bc904d0640762fea9bab8484ab517c85.zip | |
Convert ssl_parse_clienthello_use_srtp_ext to CBS.
ok miod@ jsing@
Diffstat (limited to 'src/lib/libssl/d1_srtp.c')
| -rw-r--r-- | src/lib/libssl/d1_srtp.c | 63 |
1 files changed, 23 insertions, 40 deletions
diff --git a/src/lib/libssl/d1_srtp.c b/src/lib/libssl/d1_srtp.c index 7c426f1145..801eab1b76 100644 --- a/src/lib/libssl/d1_srtp.c +++ b/src/lib/libssl/d1_srtp.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_srtp.c,v 1.11 2014/12/14 15:30:50 jsing Exp $ */ | 1 | /* $OpenBSD: d1_srtp.c,v 1.12 2015/07/14 03:38:26 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -123,9 +123,9 @@ | |||
| 123 | 123 | ||
| 124 | #ifndef OPENSSL_NO_SRTP | 124 | #ifndef OPENSSL_NO_SRTP |
| 125 | 125 | ||
| 126 | #include "bytestring.h" | ||
| 126 | #include "srtp.h" | 127 | #include "srtp.h" |
| 127 | 128 | ||
| 128 | |||
| 129 | static SRTP_PROTECTION_PROFILE srtp_known_profiles[] = { | 129 | static SRTP_PROTECTION_PROFILE srtp_known_profiles[] = { |
| 130 | { | 130 | { |
| 131 | "SRTP_AES128_CM_SHA1_80", | 131 | "SRTP_AES128_CM_SHA1_80", |
| @@ -293,65 +293,48 @@ ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen) | |||
| 293 | 293 | ||
| 294 | 294 | ||
| 295 | int | 295 | int |
| 296 | ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len, int *al) | 296 | ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len, |
| 297 | int *al) | ||
| 297 | { | 298 | { |
| 298 | SRTP_PROTECTION_PROFILE *cprof, *sprof; | 299 | SRTP_PROTECTION_PROFILE *cprof, *sprof; |
| 299 | STACK_OF(SRTP_PROTECTION_PROFILE) *clnt = 0, *srvr; | 300 | STACK_OF(SRTP_PROTECTION_PROFILE) *clnt = 0, *srvr; |
| 300 | int ct; | ||
| 301 | int mki_len; | ||
| 302 | int i, j; | 301 | int i, j; |
| 303 | int id; | ||
| 304 | int ret = 1; | 302 | int ret = 1; |
| 303 | uint16_t id; | ||
| 304 | CBS cbs, ciphers, mki; | ||
| 305 | 305 | ||
| 306 | /* Length value + the MKI length */ | 306 | CBS_init(&cbs, d, len); |
| 307 | if (len < 3) { | ||
| 308 | SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, | ||
| 309 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); | ||
| 310 | *al = SSL_AD_DECODE_ERROR; | ||
| 311 | goto done; | ||
| 312 | } | ||
| 313 | |||
| 314 | /* Pull off the length of the cipher suite list */ | ||
| 315 | n2s(d, ct); | ||
| 316 | len -= 2; | ||
| 317 | |||
| 318 | /* Check that it is even */ | ||
| 319 | if (ct % 2) { | ||
| 320 | SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, | ||
| 321 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); | ||
| 322 | *al = SSL_AD_DECODE_ERROR; | ||
| 323 | goto done; | ||
| 324 | } | ||
| 325 | 307 | ||
| 326 | /* Check that lengths are consistent */ | 308 | /* Pull off the cipher suite list */ |
| 327 | if (len < (ct + 1)) { | 309 | if (len < 0 || |
| 310 | !CBS_get_u16_length_prefixed(&cbs, &ciphers) || | ||
| 311 | CBS_len(&ciphers) % 2 || | ||
| 312 | CBS_len(&cbs) != 0) { | ||
| 328 | SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, | 313 | SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, |
| 329 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); | 314 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); |
| 330 | *al = SSL_AD_DECODE_ERROR; | 315 | *al = SSL_AD_DECODE_ERROR; |
| 331 | goto done; | 316 | goto done; |
| 332 | } | 317 | } |
| 333 | 318 | ||
| 334 | |||
| 335 | clnt = sk_SRTP_PROTECTION_PROFILE_new_null(); | 319 | clnt = sk_SRTP_PROTECTION_PROFILE_new_null(); |
| 336 | 320 | ||
| 337 | while (ct) { | 321 | while (CBS_len(&ciphers) > 0) { |
| 338 | n2s(d, id); | 322 | if (!CBS_get_u16(&ciphers, &id)) { |
| 339 | ct -= 2; | 323 | SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, |
| 340 | len -= 2; | 324 | SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); |
| 325 | *al = SSL_AD_DECODE_ERROR; | ||
| 326 | goto done; | ||
| 327 | } | ||
| 341 | 328 | ||
| 342 | if (!find_profile_by_num(id, &cprof)) { | 329 | if (!find_profile_by_num(id, &cprof)) |
| 343 | sk_SRTP_PROTECTION_PROFILE_push(clnt, cprof); | 330 | sk_SRTP_PROTECTION_PROFILE_push(clnt, cprof); |
| 344 | } else { | 331 | else |
| 345 | ; /* Ignore */ | 332 | ; /* Ignore */ |
| 346 | } | ||
| 347 | } | 333 | } |
| 348 | 334 | ||
| 349 | /* Extract the MKI value as a sanity check, but discard it for now. */ | 335 | /* Extract the MKI value as a sanity check, but discard it for now. */ |
| 350 | mki_len = *d; | 336 | if (!CBS_get_u8_length_prefixed(&cbs, &mki) || |
| 351 | d++; | 337 | CBS_len(&cbs) != 0) { |
| 352 | len--; | ||
| 353 | |||
| 354 | if (mki_len != len) { | ||
| 355 | SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, | 338 | SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, |
| 356 | SSL_R_BAD_SRTP_MKI_VALUE); | 339 | SSL_R_BAD_SRTP_MKI_VALUE); |
| 357 | *al = SSL_AD_DECODE_ERROR; | 340 | *al = SSL_AD_DECODE_ERROR; |