summaryrefslogtreecommitdiff
path: root/src/lib/libssl/t1_lib.c
diff options
context:
space:
mode:
authorjsing <>2017-08-30 16:44:37 +0000
committerjsing <>2017-08-30 16:44:37 +0000
commita1e52c53539972675487f29fed3f02106fd1be64 (patch)
tree3acf5f0d7689b144b0903b95043b87844d147ed7 /src/lib/libssl/t1_lib.c
parent6d77941ef30dc628bccd79f321a73668f2c02945 (diff)
downloadopenbsd-a1e52c53539972675487f29fed3f02106fd1be64.tar.gz
openbsd-a1e52c53539972675487f29fed3f02106fd1be64.tar.bz2
openbsd-a1e52c53539972675487f29fed3f02106fd1be64.zip
Move the full extension building into tlsext_{client,server}hello_build(),
leaving ssl_add_{client,server}hello_tlsext() as pointer to CBB wrappers. ok doug@
Diffstat (limited to 'src/lib/libssl/t1_lib.c')
-rw-r--r--src/lib/libssl/t1_lib.c43
1 files changed, 9 insertions, 34 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index a9f10166fe..0d03b45a97 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_lib.c,v 1.136 2017/08/27 02:58:04 doug Exp $ */ 1/* $OpenBSD: t1_lib.c,v 1.137 2017/08/30 16:44:37 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -664,16 +664,13 @@ tls12_get_req_sig_algs(SSL *s, unsigned char **sigalgs, size_t *sigalgs_len)
664unsigned char * 664unsigned char *
665ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) 665ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
666{ 666{
667 int extdatalen = 0;
668 unsigned char *ret = p;
669 size_t len; 667 size_t len;
670 CBB cbb; 668 CBB cbb;
671 669
672 ret += 2; 670 if (p >= limit)
673 if (ret >= limit) 671 return NULL;
674 return NULL; /* this really never occurs, but ... */
675 672
676 if (!CBB_init_fixed(&cbb, ret, limit - ret)) 673 if (!CBB_init_fixed(&cbb, p, limit - p))
677 return NULL; 674 return NULL;
678 if (!tlsext_clienthello_build(s, &cbb)) { 675 if (!tlsext_clienthello_build(s, &cbb)) {
679 CBB_cleanup(&cbb); 676 CBB_cleanup(&cbb);
@@ -683,30 +680,20 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
683 CBB_cleanup(&cbb); 680 CBB_cleanup(&cbb);
684 return NULL; 681 return NULL;
685 } 682 }
686 if (len > (limit - ret))
687 return NULL;
688 ret += len;
689
690 if ((extdatalen = ret - p - 2) == 0)
691 return p;
692 683
693 s2n(extdatalen, p); 684 return (p + len);
694 return ret;
695} 685}
696 686
697unsigned char * 687unsigned char *
698ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) 688ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
699{ 689{
700 int extdatalen = 0;
701 unsigned char *ret = p;
702 size_t len; 690 size_t len;
703 CBB cbb; 691 CBB cbb;
704 692
705 ret += 2; 693 if (p >= limit)
706 if (ret >= limit) 694 return NULL;
707 return NULL; /* this really never occurs, but ... */
708 695
709 if (!CBB_init_fixed(&cbb, ret, limit - ret)) 696 if (!CBB_init_fixed(&cbb, p, limit - p))
710 return NULL; 697 return NULL;
711 if (!tlsext_serverhello_build(s, &cbb)) { 698 if (!tlsext_serverhello_build(s, &cbb)) {
712 CBB_cleanup(&cbb); 699 CBB_cleanup(&cbb);
@@ -716,20 +703,8 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
716 CBB_cleanup(&cbb); 703 CBB_cleanup(&cbb);
717 return NULL; 704 return NULL;
718 } 705 }
719 if (len > (limit - ret))
720 return NULL;
721 ret += len;
722
723 /*
724 * Currently the server should not respond with a SupportedCurves
725 * extension.
726 */
727
728 if ((extdatalen = ret - p - 2) == 0)
729 return p;
730 706
731 s2n(extdatalen, p); 707 return (p + len);
732 return ret;
733} 708}
734 709
735int 710int
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-22 22:05:50 +0000