Convert all of the straight forward client handshake handling code to use

the new handshake functions. ok miod@
author: jsing <> 2014-12-14 16:19:38 +0000
committer: jsing <> 2014-12-14 16:19:38 +0000
commit: 9d7627cb78b8d58f06310b08151767a7309504dc (patch)
tree: cbd847f515646f61373c178d71312104700ac3da /src/lib/libssl/s3_clnt.c
parent: 07ed3281a22942e6f12d90c428ffd29e5f4f1ddb (diff)
download: openbsd-9d7627cb78b8d58f06310b08151767a7309504dc.tar.gz
openbsd-9d7627cb78b8d58f06310b08151767a7309504dc.tar.bz2
openbsd-9d7627cb78b8d58f06310b08151767a7309504dc.zip
1 files changed, 43 insertions, 53 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index 8e7c19f2f0..47b6824533 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_clnt.c,v 1.101 2014/12/14 15:30:50 jsing Exp $ */
+/* $OpenBSD: s3_clnt.c,v 1.102 2014/12/14 16:19:38 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -642,14 +642,12 @@ end:
 int
 ssl3_client_hello(SSL *s)
 {
-        unsigned char   *buf;
+        unsigned char   *bufend, *p, *d;
-        unsigned char   *p, *d;
        int              i;
-        unsigned long    l;
-        buf = (unsigned char *)s->init_buf->data;
        if (s->state == SSL3_ST_CW_CLNT_HELLO_A) {
                SSL_SESSION *sess = s->session;
                if ((sess == NULL) ||
                    (sess->ssl_version != s->version) ||
                    (!sess->session_id_length && !sess->tlsext_tick) ||
@@ -661,8 +659,7 @@ ssl3_client_hello(SSL *s)
                arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE);
-                /* Do the message type and length last */
+                d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO);
-                d = p = &buf[4];
                /*
                 * Version indicates the negotiated version: for example from
@@ -747,26 +744,22 @@ ssl3_client_hello(SSL *s)
                            SSL_R_CLIENTHELLO_TLSEXT);
                        goto err;
                }
-                if ((p = ssl_add_clienthello_tlsext(s, p,
+                bufend = (unsigned char *)s->init_buf->data +
-                    buf + SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) {
+                    SSL3_RT_MAX_PLAIN_LENGTH;
+                if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) {
                        SSLerr(SSL_F_SSL3_CLIENT_HELLO,
                            ERR_R_INTERNAL_ERROR);
                        goto err;
                }
-                l = (p - d);
-                d = buf;
-                *(d++) = SSL3_MT_CLIENT_HELLO;
-                l2n3(l, d);
                s->state = SSL3_ST_CW_CLNT_HELLO_B;
-                /* number of bytes to write */
-                s->init_num = p - buf;
+                ssl3_handshake_msg_finish(s, p - d);
-                s->init_off = 0;
        }
        /* SSL3_ST_CW_CLNT_HELLO_B */
-        return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+        return (ssl3_handshake_write(s));
 err:
        return (-1);
 }
@@ -1884,10 +1877,9 @@ ssl3_get_server_done(SSL *s)
 int
 ssl3_send_client_key_exchange(SSL *s)
 {
-        unsigned char   *p, *d;
+        unsigned char   *p, *q;
        int              n;
        unsigned long    alg_k;
-        unsigned char   *q;
        EVP_PKEY        *pkey = NULL;
        EC_KEY          *clnt_ecdh = NULL;
        const EC_POINT  *srvr_ecpoint = NULL;
@@ -1897,8 +1889,7 @@ ssl3_send_client_key_exchange(SSL *s)
        BN_CTX          *bn_ctx = NULL;
        if (s->state == SSL3_ST_CW_KEY_EXCH_A) {
-                d = (unsigned char *)s->init_buf->data;
+                p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_KEY_EXCHANGE);
-                p = &(d[4]);
                alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
@@ -1999,7 +1990,8 @@ ssl3_send_client_key_exchange(SSL *s)
                        /* Generate master key from the result. */
                        s->session->master_key_length =
                        s->method->ssl3_enc->generate_master_secret(s,
-                        s->session->master_key, p, n);
+                            s->session->master_key, p, n);
                        /* Clean up. */
                        memset(p, 0, n);
@@ -2299,26 +2291,21 @@ ssl3_send_client_key_exchange(SSL *s)
                            s->session->master_key, premaster_secret, 32);
                        EVP_PKEY_free(pub_key);
-                }
+                } else {
-                else {
                        ssl3_send_alert(s, SSL3_AL_FATAL,
-                        SSL_AD_HANDSHAKE_FAILURE);
+                            SSL_AD_HANDSHAKE_FAILURE);
                        SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
                        ERR_R_INTERNAL_ERROR);
                        goto err;
                }
-                *(d++) = SSL3_MT_CLIENT_KEY_EXCHANGE;
-                l2n3(n, d);
                s->state = SSL3_ST_CW_KEY_EXCH_B;
-                /* number of bytes to write */
-                s->init_num = n + 4;
+                ssl3_handshake_msg_finish(s, n);
-                s->init_off = 0;
        }
        /* SSL3_ST_CW_KEY_EXCH_B */
-        return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+        return (ssl3_handshake_write(s));
 err:
        BN_CTX_free(bn_ctx);
@@ -2331,7 +2318,7 @@ err:
 int
 ssl3_send_client_verify(SSL *s)
 {
-        unsigned char   *p, *d;
+        unsigned char   *p;
        unsigned char    data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
        EVP_PKEY        *pkey;
        EVP_PKEY_CTX    *pctx = NULL;
@@ -2343,13 +2330,13 @@ ssl3_send_client_verify(SSL *s)
        EVP_MD_CTX_init(&mctx);
        if (s->state == SSL3_ST_CW_CERT_VRFY_A) {
-                d = (unsigned char *)s->init_buf->data;
+                p = ssl3_handshake_msg_start(s, SSL3_MT_CERTIFICATE_VERIFY);
-                p = &(d[4]);
-                pkey = s->cert->key->privatekey;
                /*
                 * Create context from key and test if sha1 is allowed as
                 * digest.
                 */
+                pkey = s->cert->key->privatekey;
                pctx = EVP_PKEY_CTX_new(pkey, NULL);
                EVP_PKEY_sign_init(pctx);
                if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) > 0) {
@@ -2468,16 +2455,17 @@ ssl3_send_client_verify(SSL *s)
                            ERR_R_INTERNAL_ERROR);
                        goto err;
                }
-                *(d++) = SSL3_MT_CERTIFICATE_VERIFY;
-                l2n3(n, d);
                s->state = SSL3_ST_CW_CERT_VRFY_B;
-                s->init_num = (int)n + 4;
-                s->init_off = 0;
+                ssl3_handshake_msg_finish(s, n);
        }
        EVP_MD_CTX_cleanup(&mctx);
        EVP_PKEY_CTX_free(pctx);
-        return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+        return (ssl3_handshake_write(s));
 err:
        EVP_MD_CTX_cleanup(&mctx);
        EVP_PKEY_CTX_free(pctx);
@@ -2632,24 +2620,26 @@ int
 ssl3_send_next_proto(SSL *s)
 {
        unsigned int     len, padding_len;
-        unsigned char   *d;
+        unsigned char   *d, *p;
        if (s->state == SSL3_ST_CW_NEXT_PROTO_A) {
+                d = p = ssl3_handshake_msg_start(s, SSL3_MT_NEXT_PROTO);
                len = s->next_proto_negotiated_len;
                padding_len = 32 - ((len + 2) % 32);
-                d = (unsigned char *)s->init_buf->data;
+                *(p++) = len;
-                d[4] = len;
+                memcpy(p, s->next_proto_negotiated, len);
-                memcpy(d + 5, s->next_proto_negotiated, len);
+                p += len;
-                d[5 + len] = padding_len;
+                *(p++) = padding_len;
-                memset(d + 6 + len, 0, padding_len);
+                memset(p, 0, padding_len);
-                *(d++) = SSL3_MT_NEXT_PROTO;
+                p += padding_len;
-                l2n3(2 + len + padding_len, d);
+                ssl3_handshake_msg_finish(s, p - d);
                s->state = SSL3_ST_CW_NEXT_PROTO_B;
-                s->init_num = 4 + 2 + len + padding_len;
-                s->init_off = 0;
        }
-        return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+        return (ssl3_handshake_write(s));
 }
 /*
author	jsing <>	2014-12-14 16:19:38 +0000
committer	jsing <>	2014-12-14 16:19:38 +0000
commit	9d7627cb78b8d58f06310b08151767a7309504dc (patch)
tree	cbd847f515646f61373c178d71312104700ac3da /src/lib/libssl/s3_clnt.c
parent	07ed3281a22942e6f12d90c428ffd29e5f4f1ddb (diff)
download	openbsd-9d7627cb78b8d58f06310b08151767a7309504dc.tar.gz openbsd-9d7627cb78b8d58f06310b08151767a7309504dc.tar.bz2 openbsd-9d7627cb78b8d58f06310b08151767a7309504dc.zip

diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 8e7c19f2f0..47b6824533 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_clnt.c,v 1.101 2014/12/14 15:30:50 jsing Exp $ */	1	/* $OpenBSD: s3_clnt.c,v 1.102 2014/12/14 16:19:38 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -642,14 +642,12 @@ end:
642	int	642	int
643	ssl3_client_hello(SSL *s)	643	ssl3_client_hello(SSL *s)
644	{	644	{
645	unsigned char *buf;	645	unsigned char bufend, p, *d;
646	unsigned char p, d;
647	int i;	646	int i;
648	unsigned long l;
649		647
650	buf = (unsigned char *)s->init_buf->data;
651	if (s->state == SSL3_ST_CW_CLNT_HELLO_A) {	648	if (s->state == SSL3_ST_CW_CLNT_HELLO_A) {
652	SSL_SESSION *sess = s->session;	649	SSL_SESSION *sess = s->session;
		650
653	if ((sess == NULL) \|\|	651	if ((sess == NULL) \|\|
654	(sess->ssl_version != s->version) \|\|	652	(sess->ssl_version != s->version) \|\|
655	(!sess->session_id_length && !sess->tlsext_tick) \|\|	653	(!sess->session_id_length && !sess->tlsext_tick) \|\|
@@ -661,8 +659,7 @@ ssl3_client_hello(SSL *s)
661		659
662	arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE);	660	arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE);
663		661
664	/* Do the message type and length last */	662	d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO);
665	d = p = &buf[4];
666		663
667	/*	664	/*
668	* Version indicates the negotiated version: for example from	665	* Version indicates the negotiated version: for example from
@@ -747,26 +744,22 @@ ssl3_client_hello(SSL *s)
747	SSL_R_CLIENTHELLO_TLSEXT);	744	SSL_R_CLIENTHELLO_TLSEXT);
748	goto err;	745	goto err;
749	}	746	}
750	if ((p = ssl_add_clienthello_tlsext(s, p,	747	bufend = (unsigned char *)s->init_buf->data +
751	buf + SSL3_RT_MAX_PLAIN_LENGTH)) == NULL) {	748	SSL3_RT_MAX_PLAIN_LENGTH;
		749	if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) {
752	SSLerr(SSL_F_SSL3_CLIENT_HELLO,	750	SSLerr(SSL_F_SSL3_CLIENT_HELLO,
753	ERR_R_INTERNAL_ERROR);	751	ERR_R_INTERNAL_ERROR);
754	goto err;	752	goto err;
755	}	753	}
756		754
757	l = (p - d);
758	d = buf;
759	*(d++) = SSL3_MT_CLIENT_HELLO;
760	l2n3(l, d);
761
762	s->state = SSL3_ST_CW_CLNT_HELLO_B;	755	s->state = SSL3_ST_CW_CLNT_HELLO_B;
763	/* number of bytes to write */	756
764	s->init_num = p - buf;	757	ssl3_handshake_msg_finish(s, p - d);
765	s->init_off = 0;
766	}	758	}
767		759
768	/* SSL3_ST_CW_CLNT_HELLO_B */	760	/* SSL3_ST_CW_CLNT_HELLO_B */
769	return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));	761	return (ssl3_handshake_write(s));
		762
770	err:	763	err:
771	return (-1);	764	return (-1);
772	}	765	}
@@ -1884,10 +1877,9 @@ ssl3_get_server_done(SSL *s)
1884	int	1877	int
1885	ssl3_send_client_key_exchange(SSL *s)	1878	ssl3_send_client_key_exchange(SSL *s)
1886	{	1879	{
1887	unsigned char p, d;	1880	unsigned char p, q;
1888	int n;	1881	int n;
1889	unsigned long alg_k;	1882	unsigned long alg_k;
1890	unsigned char *q;
1891	EVP_PKEY *pkey = NULL;	1883	EVP_PKEY *pkey = NULL;
1892	EC_KEY *clnt_ecdh = NULL;	1884	EC_KEY *clnt_ecdh = NULL;
1893	const EC_POINT *srvr_ecpoint = NULL;	1885	const EC_POINT *srvr_ecpoint = NULL;
@@ -1897,8 +1889,7 @@ ssl3_send_client_key_exchange(SSL *s)
1897	BN_CTX *bn_ctx = NULL;	1889	BN_CTX *bn_ctx = NULL;
1898		1890
1899	if (s->state == SSL3_ST_CW_KEY_EXCH_A) {	1891	if (s->state == SSL3_ST_CW_KEY_EXCH_A) {
1900	d = (unsigned char *)s->init_buf->data;	1892	p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_KEY_EXCHANGE);
1901	p = &(d[4]);
1902		1893
1903	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;	1894	alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
1904		1895
@@ -1999,7 +1990,8 @@ ssl3_send_client_key_exchange(SSL *s)
1999	/* Generate master key from the result. */	1990	/* Generate master key from the result. */
2000	s->session->master_key_length =	1991	s->session->master_key_length =
2001	s->method->ssl3_enc->generate_master_secret(s,	1992	s->method->ssl3_enc->generate_master_secret(s,
2002	s->session->master_key, p, n);	1993	s->session->master_key, p, n);
		1994
2003	/* Clean up. */	1995	/* Clean up. */
2004	memset(p, 0, n);	1996	memset(p, 0, n);
2005		1997
@@ -2299,26 +2291,21 @@ ssl3_send_client_key_exchange(SSL *s)
2299	s->session->master_key, premaster_secret, 32);	2291	s->session->master_key, premaster_secret, 32);
2300	EVP_PKEY_free(pub_key);	2292	EVP_PKEY_free(pub_key);
2301		2293
2302	}	2294	} else {
2303	else {
2304	ssl3_send_alert(s, SSL3_AL_FATAL,	2295	ssl3_send_alert(s, SSL3_AL_FATAL,
2305	SSL_AD_HANDSHAKE_FAILURE);	2296	SSL_AD_HANDSHAKE_FAILURE);
2306	SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,	2297	SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
2307	ERR_R_INTERNAL_ERROR);	2298	ERR_R_INTERNAL_ERROR);
2308	goto err;	2299	goto err;
2309	}	2300	}
2310		2301
2311	*(d++) = SSL3_MT_CLIENT_KEY_EXCHANGE;
2312	l2n3(n, d);
2313
2314	s->state = SSL3_ST_CW_KEY_EXCH_B;	2302	s->state = SSL3_ST_CW_KEY_EXCH_B;
2315	/* number of bytes to write */	2303
2316	s->init_num = n + 4;	2304	ssl3_handshake_msg_finish(s, n);
2317	s->init_off = 0;
2318	}	2305	}
2319		2306
2320	/* SSL3_ST_CW_KEY_EXCH_B */	2307	/* SSL3_ST_CW_KEY_EXCH_B */
2321	return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));	2308	return (ssl3_handshake_write(s));
2322		2309
2323	err:	2310	err:
2324	BN_CTX_free(bn_ctx);	2311	BN_CTX_free(bn_ctx);
@@ -2331,7 +2318,7 @@ err:
2331	int	2318	int
2332	ssl3_send_client_verify(SSL *s)	2319	ssl3_send_client_verify(SSL *s)
2333	{	2320	{
2334	unsigned char p, d;	2321	unsigned char *p;
2335	unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];	2322	unsigned char data[MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH];
2336	EVP_PKEY *pkey;	2323	EVP_PKEY *pkey;
2337	EVP_PKEY_CTX *pctx = NULL;	2324	EVP_PKEY_CTX *pctx = NULL;
@@ -2343,13 +2330,13 @@ ssl3_send_client_verify(SSL *s)
2343	EVP_MD_CTX_init(&mctx);	2330	EVP_MD_CTX_init(&mctx);
2344		2331
2345	if (s->state == SSL3_ST_CW_CERT_VRFY_A) {	2332	if (s->state == SSL3_ST_CW_CERT_VRFY_A) {
2346	d = (unsigned char *)s->init_buf->data;	2333	p = ssl3_handshake_msg_start(s, SSL3_MT_CERTIFICATE_VERIFY);
2347	p = &(d[4]);	2334
2348	pkey = s->cert->key->privatekey;
2349	/*	2335	/*
2350	* Create context from key and test if sha1 is allowed as	2336	* Create context from key and test if sha1 is allowed as
2351	* digest.	2337	* digest.
2352	*/	2338	*/
		2339	pkey = s->cert->key->privatekey;
2353	pctx = EVP_PKEY_CTX_new(pkey, NULL);	2340	pctx = EVP_PKEY_CTX_new(pkey, NULL);
2354	EVP_PKEY_sign_init(pctx);	2341	EVP_PKEY_sign_init(pctx);
2355	if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) > 0) {	2342	if (EVP_PKEY_CTX_set_signature_md(pctx, EVP_sha1()) > 0) {
@@ -2468,16 +2455,17 @@ ssl3_send_client_verify(SSL *s)
2468	ERR_R_INTERNAL_ERROR);	2455	ERR_R_INTERNAL_ERROR);
2469	goto err;	2456	goto err;
2470	}	2457	}
2471	*(d++) = SSL3_MT_CERTIFICATE_VERIFY;
2472	l2n3(n, d);
2473		2458
2474	s->state = SSL3_ST_CW_CERT_VRFY_B;	2459	s->state = SSL3_ST_CW_CERT_VRFY_B;
2475	s->init_num = (int)n + 4;	2460
2476	s->init_off = 0;	2461	ssl3_handshake_msg_finish(s, n);
2477	}	2462	}
		2463
2478	EVP_MD_CTX_cleanup(&mctx);	2464	EVP_MD_CTX_cleanup(&mctx);
2479	EVP_PKEY_CTX_free(pctx);	2465	EVP_PKEY_CTX_free(pctx);
2480	return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));	2466
		2467	return (ssl3_handshake_write(s));
		2468
2481	err:	2469	err:
2482	EVP_MD_CTX_cleanup(&mctx);	2470	EVP_MD_CTX_cleanup(&mctx);
2483	EVP_PKEY_CTX_free(pctx);	2471	EVP_PKEY_CTX_free(pctx);
@@ -2632,24 +2620,26 @@ int
2632	ssl3_send_next_proto(SSL *s)	2620	ssl3_send_next_proto(SSL *s)
2633	{	2621	{
2634	unsigned int len, padding_len;	2622	unsigned int len, padding_len;
2635	unsigned char *d;	2623	unsigned char d, p;
2636		2624
2637	if (s->state == SSL3_ST_CW_NEXT_PROTO_A) {	2625	if (s->state == SSL3_ST_CW_NEXT_PROTO_A) {
		2626	d = p = ssl3_handshake_msg_start(s, SSL3_MT_NEXT_PROTO);
		2627
2638	len = s->next_proto_negotiated_len;	2628	len = s->next_proto_negotiated_len;
2639	padding_len = 32 - ((len + 2) % 32);	2629	padding_len = 32 - ((len + 2) % 32);
2640	d = (unsigned char *)s->init_buf->data;	2630	*(p++) = len;
2641	d[4] = len;	2631	memcpy(p, s->next_proto_negotiated, len);
2642	memcpy(d + 5, s->next_proto_negotiated, len);	2632	p += len;
2643	d[5 + len] = padding_len;	2633	*(p++) = padding_len;
2644	memset(d + 6 + len, 0, padding_len);	2634	memset(p, 0, padding_len);
2645	*(d++) = SSL3_MT_NEXT_PROTO;	2635	p += padding_len;
2646	l2n3(2 + len + padding_len, d);	2636
		2637	ssl3_handshake_msg_finish(s, p - d);
		2638
2647	s->state = SSL3_ST_CW_NEXT_PROTO_B;	2639	s->state = SSL3_ST_CW_NEXT_PROTO_B;
2648	s->init_num = 4 + 2 + len + padding_len;
2649	s->init_off = 0;
2650	}	2640	}
2651		2641
2652	return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));	2642	return (ssl3_handshake_write(s));
2653	}	2643	}
2654		2644
2655	/*	2645	/*