diff options
| author | jsing <> | 2015-09-02 17:59:15 +0000 |
|---|---|---|
| committer | jsing <> | 2015-09-02 17:59:15 +0000 |
| commit | 6979bbfe4fd79a2951b19171936b69968db66c1e (patch) | |
| tree | 5ed4d431f7e35e43a4977f14c4711fe9c9af39e0 /src/lib/libssl/s3_clnt.c | |
| parent | 7a0325c92218252068766465cba0cc0eb35d0c93 (diff) | |
| download | openbsd-6979bbfe4fd79a2951b19171936b69968db66c1e.tar.gz openbsd-6979bbfe4fd79a2951b19171936b69968db66c1e.tar.bz2 openbsd-6979bbfe4fd79a2951b19171936b69968db66c1e.zip | |
Replace dtls1_client_hello() with ssl3_client_hello() - both are basically
the same code, with two slight differences for DTLS handling.
Also, make use of send_cookie to determine if the client random needs to
be preserved, rather than testing if it is zeroed (hopefully your random
number generator never returned all zeros, since the existing code would
break). Inspired by BoringSSL.
ok doug@
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/s3_clnt.c | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 5b9af06aa5..1d1a0c77f0 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_clnt.c,v 1.124 2015/09/01 13:38:27 jsing Exp $ */ | 1 | /* $OpenBSD: s3_clnt.c,v 1.125 2015/09/02 17:59:15 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -584,7 +584,6 @@ end: | |||
| 584 | return (ret); | 584 | return (ret); |
| 585 | } | 585 | } |
| 586 | 586 | ||
| 587 | |||
| 588 | int | 587 | int |
| 589 | ssl3_client_hello(SSL *s) | 588 | ssl3_client_hello(SSL *s) |
| 590 | { | 589 | { |
| @@ -603,7 +602,13 @@ ssl3_client_hello(SSL *s) | |||
| 603 | } | 602 | } |
| 604 | /* else use the pre-loaded session */ | 603 | /* else use the pre-loaded session */ |
| 605 | 604 | ||
| 606 | arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE); | 605 | /* |
| 606 | * If a DTLS ClientHello message is being resent after a | ||
| 607 | * HelloVerifyRequest, we must retain the original client | ||
| 608 | * random value. | ||
| 609 | */ | ||
| 610 | if (!SSL_IS_DTLS(s) || s->d1->send_cookie == 0) | ||
| 611 | arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE); | ||
| 607 | 612 | ||
| 608 | d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO); | 613 | d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO); |
| 609 | 614 | ||
| @@ -660,6 +665,18 @@ ssl3_client_hello(SSL *s) | |||
| 660 | p += i; | 665 | p += i; |
| 661 | } | 666 | } |
| 662 | 667 | ||
| 668 | /* DTLS Cookie. */ | ||
| 669 | if (SSL_IS_DTLS(s)) { | ||
| 670 | if (s->d1->cookie_len > sizeof(s->d1->cookie)) { | ||
| 671 | SSLerr(SSL_F_DTLS1_CLIENT_HELLO, | ||
| 672 | ERR_R_INTERNAL_ERROR); | ||
| 673 | goto err; | ||
| 674 | } | ||
| 675 | *(p++) = s->d1->cookie_len; | ||
| 676 | memcpy(p, s->d1->cookie, s->d1->cookie_len); | ||
| 677 | p += s->d1->cookie_len; | ||
| 678 | } | ||
| 679 | |||
| 663 | /* Ciphers supported */ | 680 | /* Ciphers supported */ |
| 664 | i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); | 681 | i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); |
| 665 | if (i == 0) { | 682 | if (i == 0) { |
| @@ -683,9 +700,9 @@ ssl3_client_hello(SSL *s) | |||
| 683 | goto err; | 700 | goto err; |
| 684 | } | 701 | } |
| 685 | 702 | ||
| 686 | s->state = SSL3_ST_CW_CLNT_HELLO_B; | ||
| 687 | |||
| 688 | ssl3_handshake_msg_finish(s, p - d); | 703 | ssl3_handshake_msg_finish(s, p - d); |
| 704 | |||
| 705 | s->state = SSL3_ST_CW_CLNT_HELLO_B; | ||
| 689 | } | 706 | } |
| 690 | 707 | ||
| 691 | /* SSL3_ST_CW_CLNT_HELLO_B */ | 708 | /* SSL3_ST_CW_CLNT_HELLO_B */ |