Rewrite SSL{_CTX,}_set_alpn_protos() using CBS

This simplifies the freeing, assigning and copying of the passed protocols by replacing all that code with a pair of CBS_init() and CBS_stow(). In addition, this aligns the behavior with OpenSSL, which no longer errors on NULL proto or 0 proto_len since 86a90dc7. ok jsing
author: tb <> 2022-07-20 13:57:49 +0000
committer: tb <> 2022-07-20 13:57:49 +0000
commit: df5b87a6315647dfbae35072a0026034ebe03891 (patch)
tree: 15ebc0e59a4355b624daccaf387b866227e7c53f /src/lib/libssl/ssl_lib.c
parent: 080a39ab960b9c2cb0fe8a86d83c309d1c31ff57 (diff)
download: openbsd-df5b87a6315647dfbae35072a0026034ebe03891.tar.gz
openbsd-df5b87a6315647dfbae35072a0026034ebe03891.tar.bz2
openbsd-df5b87a6315647dfbae35072a0026034ebe03891.zip
1 files changed, 15 insertions, 23 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index 860a58ddd1..08f2f74097 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.296 2022/07/17 14:49:01 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.297 2022/07/20 13:57:49 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1763,27 +1763,23 @@ int
 SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
    unsigned int protos_len)
 {
+        CBS cbs;
        int failed = 1;
-        if (protos == NULL || protos_len == 0)
+        if (protos == NULL)
-                goto err;
+                protos_len = 0;
-        free(ctx->internal->alpn_client_proto_list);
+        CBS_init(&cbs, protos, protos_len);
-        ctx->internal->alpn_client_proto_list = NULL;
-        ctx->internal->alpn_client_proto_list_len = 0;
-        if ((ctx->internal->alpn_client_proto_list = malloc(protos_len))
+        if (!CBS_stow(&cbs, &ctx->internal->alpn_client_proto_list,
-            == NULL)
+            &ctx->internal->alpn_client_proto_list_len))
                goto err;
-        ctx->internal->alpn_client_proto_list_len = protos_len;
-        memcpy(ctx->internal->alpn_client_proto_list, protos, protos_len);
        failed = 0;
 err:
        /* NOTE: Return values are the reverse of what you expect. */
-        return (failed);
+        return failed;
 }
 /*
@@ -1795,27 +1791,23 @@ int
 SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
    unsigned int protos_len)
 {
+        CBS cbs;
        int failed = 1;
-        if (protos == NULL || protos_len == 0)
+        if (protos == NULL)
-                goto err;
+                protos_len = 0;
-        free(ssl->internal->alpn_client_proto_list);
+        CBS_init(&cbs, protos, protos_len);
-        ssl->internal->alpn_client_proto_list = NULL;
-        ssl->internal->alpn_client_proto_list_len = 0;
-        if ((ssl->internal->alpn_client_proto_list = malloc(protos_len))
+        if (!CBS_stow(&cbs, &ssl->internal->alpn_client_proto_list,
-            == NULL)
+            &ssl->internal->alpn_client_proto_list_len))
                goto err;
-        ssl->internal->alpn_client_proto_list_len = protos_len;
-        memcpy(ssl->internal->alpn_client_proto_list, protos, protos_len);
        failed = 0;
 err:
        /* NOTE: Return values are the reverse of what you expect. */
-        return (failed);
+        return failed;
 }
 /*
author	tb <>	2022-07-20 13:57:49 +0000
committer	tb <>	2022-07-20 13:57:49 +0000
commit	df5b87a6315647dfbae35072a0026034ebe03891 (patch)
tree	15ebc0e59a4355b624daccaf387b866227e7c53f /src/lib/libssl/ssl_lib.c
parent	080a39ab960b9c2cb0fe8a86d83c309d1c31ff57 (diff)
download	openbsd-df5b87a6315647dfbae35072a0026034ebe03891.tar.gz openbsd-df5b87a6315647dfbae35072a0026034ebe03891.tar.bz2 openbsd-df5b87a6315647dfbae35072a0026034ebe03891.zip