diff options
| author | jsing <> | 2014-06-21 17:02:25 +0000 |
|---|---|---|
| committer | jsing <> | 2014-06-21 17:02:25 +0000 |
| commit | 840f85a4ae7fc3a3cf71d93ab17fbab37c2cc3fc (patch) | |
| tree | f082331208091f9dab5ae7971f7bcd9d557ce5ea /src/lib/libssl/t1_enc.c | |
| parent | 01ebd0cfc6bad80679edbaa1924e5d9323c29b2e (diff) | |
| download | openbsd-840f85a4ae7fc3a3cf71d93ab17fbab37c2cc3fc.tar.gz openbsd-840f85a4ae7fc3a3cf71d93ab17fbab37c2cc3fc.tar.bz2 openbsd-840f85a4ae7fc3a3cf71d93ab17fbab37c2cc3fc.zip | |
Pull the code that builds a DTLS sequence number out into its own function
to avoid duplication. Also use fewer magic numbers.
ok miod@
Diffstat (limited to 'src/lib/libssl/t1_enc.c')
| -rw-r--r-- | src/lib/libssl/t1_enc.c | 30 |
1 files changed, 10 insertions, 20 deletions
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index c4d53af556..373c2d0060 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_enc.c,v 1.62 2014/06/21 14:45:22 jsing Exp $ */ | 1 | /* $OpenBSD: t1_enc.c,v 1.63 2014/06/21 17:02:25 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -795,11 +795,8 @@ tls1_enc(SSL *s, int send) | |||
| 795 | ssize_t n; | 795 | ssize_t n; |
| 796 | 796 | ||
| 797 | if (SSL_IS_DTLS(s)) { | 797 | if (SSL_IS_DTLS(s)) { |
| 798 | unsigned char dtlsseq[9], *p = dtlsseq; | 798 | dtls1_build_sequence_number(ad, seq, |
| 799 | 799 | send ? s->d1->w_epoch : s->d1->r_epoch); | |
| 800 | s2n(send ? s->d1->w_epoch : s->d1->r_epoch, p); | ||
| 801 | memcpy(p, &seq[2], 6); | ||
| 802 | memcpy(ad, dtlsseq, 8); | ||
| 803 | } else { | 800 | } else { |
| 804 | memcpy(ad, seq, SSL3_SEQUENCE_SIZE); | 801 | memcpy(ad, seq, SSL3_SEQUENCE_SIZE); |
| 805 | ssl3_record_sequence_increment(seq); | 802 | ssl3_record_sequence_increment(seq); |
| @@ -948,11 +945,8 @@ tls1_enc(SSL *s, int send) | |||
| 948 | unsigned char buf[13]; | 945 | unsigned char buf[13]; |
| 949 | 946 | ||
| 950 | if (SSL_IS_DTLS(s)) { | 947 | if (SSL_IS_DTLS(s)) { |
| 951 | unsigned char dtlsseq[9], *p = dtlsseq; | 948 | dtls1_build_sequence_number(buf, seq, |
| 952 | 949 | send ? s->d1->w_epoch : s->d1->r_epoch); | |
| 953 | s2n(send ? s->d1->w_epoch : s->d1->r_epoch, p); | ||
| 954 | memcpy(p, &seq[2], 6); | ||
| 955 | memcpy(buf, dtlsseq, 8); | ||
| 956 | } else { | 950 | } else { |
| 957 | memcpy(buf, seq, SSL3_SEQUENCE_SIZE); | 951 | memcpy(buf, seq, SSL3_SEQUENCE_SIZE); |
| 958 | ssl3_record_sequence_increment(seq); | 952 | ssl3_record_sequence_increment(seq); |
| @@ -1131,15 +1125,11 @@ tls1_mac(SSL *ssl, unsigned char *md, int send) | |||
| 1131 | mac_ctx = &hmac; | 1125 | mac_ctx = &hmac; |
| 1132 | } | 1126 | } |
| 1133 | 1127 | ||
| 1134 | if (SSL_IS_DTLS(ssl)) { | 1128 | if (SSL_IS_DTLS(ssl)) |
| 1135 | unsigned char dtlsseq[8], *p = dtlsseq; | 1129 | dtls1_build_sequence_number(header, seq, |
| 1136 | 1130 | send ? ssl->d1->w_epoch : ssl->d1->r_epoch); | |
| 1137 | s2n(send ? ssl->d1->w_epoch : ssl->d1->r_epoch, p); | 1131 | else |
| 1138 | memcpy(p, &seq[2], 6); | 1132 | memcpy(header, seq, SSL3_SEQUENCE_SIZE); |
| 1139 | |||
| 1140 | memcpy(header, dtlsseq, 8); | ||
| 1141 | } else | ||
| 1142 | memcpy(header, seq, 8); | ||
| 1143 | 1133 | ||
| 1144 | /* kludge: tls1_cbc_remove_padding passes padding length in rec->type */ | 1134 | /* kludge: tls1_cbc_remove_padding passes padding length in rec->type */ |
| 1145 | orig_len = rec->length + md_size + ((unsigned int)rec->type >> 8); | 1135 | orig_len = rec->length + md_size + ((unsigned int)rec->type >> 8); |