diff options
| author | jsing <> | 2021-09-03 13:19:12 +0000 |
|---|---|---|
| committer | jsing <> | 2021-09-03 13:19:12 +0000 |
| commit | 489b9f5a66427f437eefa410f0ee51fab02516e6 (patch) | |
| tree | 0c97e68c34d41c432da74f47bb109831f62c7516 /src/lib | |
| parent | 149ab54a9d8d67404fd92901e45040db804e90d3 (diff) | |
| download | openbsd-489b9f5a66427f437eefa410f0ee51fab02516e6.tar.gz openbsd-489b9f5a66427f437eefa410f0ee51fab02516e6.tar.bz2 openbsd-489b9f5a66427f437eefa410f0ee51fab02516e6.zip | |
Use SSL3_HM_HEADER_LENGTH instead of the magic number 4.
ok beck@
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/ssl_both.c | 27 |
1 files changed, 14 insertions, 13 deletions
diff --git a/src/lib/libssl/ssl_both.c b/src/lib/libssl/ssl_both.c index e4834f23dc..f3d50d6f9c 100644 --- a/src/lib/libssl/ssl_both.c +++ b/src/lib/libssl/ssl_both.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_both.c,v 1.34 2021/08/30 19:25:43 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_both.c,v 1.35 2021/09/03 13:19:12 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -418,22 +418,22 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) | |||
| 418 | goto fatal_err; | 418 | goto fatal_err; |
| 419 | } | 419 | } |
| 420 | *ok = 1; | 420 | *ok = 1; |
| 421 | s->internal->init_msg = s->internal->init_buf->data + 4; | 421 | s->internal->init_msg = s->internal->init_buf->data + |
| 422 | SSL3_HM_HEADER_LENGTH; | ||
| 422 | s->internal->init_num = (int)S3I(s)->hs.tls12.message_size; | 423 | s->internal->init_num = (int)S3I(s)->hs.tls12.message_size; |
| 423 | return s->internal->init_num; | 424 | return s->internal->init_num; |
| 424 | } | 425 | } |
| 425 | 426 | ||
| 426 | p = (unsigned char *)s->internal->init_buf->data; | 427 | p = (unsigned char *)s->internal->init_buf->data; |
| 427 | 428 | ||
| 428 | /* s->internal->init_num < 4 */ | ||
| 429 | if (S3I(s)->hs.state == st1) { | 429 | if (S3I(s)->hs.state == st1) { |
| 430 | int skip_message; | 430 | int skip_message; |
| 431 | 431 | ||
| 432 | do { | 432 | do { |
| 433 | while (s->internal->init_num < 4) { | 433 | while (s->internal->init_num < SSL3_HM_HEADER_LENGTH) { |
| 434 | i = s->method->ssl_read_bytes(s, | 434 | i = s->method->ssl_read_bytes(s, |
| 435 | SSL3_RT_HANDSHAKE, &p[s->internal->init_num], | 435 | SSL3_RT_HANDSHAKE, &p[s->internal->init_num], |
| 436 | 4 - s->internal->init_num, 0); | 436 | SSL3_HM_HEADER_LENGTH - s->internal->init_num, 0); |
| 437 | if (i <= 0) { | 437 | if (i <= 0) { |
| 438 | s->internal->rwstate = SSL_READING; | 438 | s->internal->rwstate = SSL_READING; |
| 439 | *ok = 0; | 439 | *ok = 0; |
| @@ -455,20 +455,19 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) | |||
| 455 | skip_message = 1; | 455 | skip_message = 1; |
| 456 | 456 | ||
| 457 | ssl_msg_callback(s, 0, | 457 | ssl_msg_callback(s, 0, |
| 458 | SSL3_RT_HANDSHAKE, p, 4); | 458 | SSL3_RT_HANDSHAKE, p, |
| 459 | SSL3_HM_HEADER_LENGTH); | ||
| 459 | } | 460 | } |
| 460 | } | 461 | } |
| 461 | } while (skip_message); | 462 | } while (skip_message); |
| 462 | 463 | ||
| 463 | /* s->internal->init_num == 4 */ | ||
| 464 | |||
| 465 | if ((mt >= 0) && (*p != mt)) { | 464 | if ((mt >= 0) && (*p != mt)) { |
| 466 | al = SSL_AD_UNEXPECTED_MESSAGE; | 465 | al = SSL_AD_UNEXPECTED_MESSAGE; |
| 467 | SSLerror(s, SSL_R_UNEXPECTED_MESSAGE); | 466 | SSLerror(s, SSL_R_UNEXPECTED_MESSAGE); |
| 468 | goto fatal_err; | 467 | goto fatal_err; |
| 469 | } | 468 | } |
| 470 | 469 | ||
| 471 | CBS_init(&cbs, p, 4); | 470 | CBS_init(&cbs, p, SSL3_HM_HEADER_LENGTH); |
| 472 | if (!CBS_get_u8(&cbs, &u8) || | 471 | if (!CBS_get_u8(&cbs, &u8) || |
| 473 | !CBS_get_u24(&cbs, &l)) { | 472 | !CBS_get_u24(&cbs, &l)) { |
| 474 | SSLerror(s, ERR_R_BUF_LIB); | 473 | SSLerror(s, ERR_R_BUF_LIB); |
| @@ -481,14 +480,16 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) | |||
| 481 | SSLerror(s, SSL_R_EXCESSIVE_MESSAGE_SIZE); | 480 | SSLerror(s, SSL_R_EXCESSIVE_MESSAGE_SIZE); |
| 482 | goto fatal_err; | 481 | goto fatal_err; |
| 483 | } | 482 | } |
| 484 | if (l && !BUF_MEM_grow_clean(s->internal->init_buf, l + 4)) { | 483 | if (l && !BUF_MEM_grow_clean(s->internal->init_buf, |
| 484 | l + SSL3_HM_HEADER_LENGTH)) { | ||
| 485 | SSLerror(s, ERR_R_BUF_LIB); | 485 | SSLerror(s, ERR_R_BUF_LIB); |
| 486 | goto err; | 486 | goto err; |
| 487 | } | 487 | } |
| 488 | S3I(s)->hs.tls12.message_size = l; | 488 | S3I(s)->hs.tls12.message_size = l; |
| 489 | S3I(s)->hs.state = stn; | 489 | S3I(s)->hs.state = stn; |
| 490 | 490 | ||
| 491 | s->internal->init_msg = s->internal->init_buf->data + 4; | 491 | s->internal->init_msg = s->internal->init_buf->data + |
| 492 | SSL3_HM_HEADER_LENGTH; | ||
| 492 | s->internal->init_num = 0; | 493 | s->internal->init_num = 0; |
| 493 | } | 494 | } |
| 494 | 495 | ||
| @@ -510,11 +511,11 @@ ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) | |||
| 510 | /* Feed this message into MAC computation. */ | 511 | /* Feed this message into MAC computation. */ |
| 511 | if (s->internal->mac_packet) { | 512 | if (s->internal->mac_packet) { |
| 512 | tls1_transcript_record(s, (unsigned char *)s->internal->init_buf->data, | 513 | tls1_transcript_record(s, (unsigned char *)s->internal->init_buf->data, |
| 513 | s->internal->init_num + 4); | 514 | s->internal->init_num + SSL3_HM_HEADER_LENGTH); |
| 514 | 515 | ||
| 515 | ssl_msg_callback(s, 0, SSL3_RT_HANDSHAKE, | 516 | ssl_msg_callback(s, 0, SSL3_RT_HANDSHAKE, |
| 516 | s->internal->init_buf->data, | 517 | s->internal->init_buf->data, |
| 517 | (size_t)s->internal->init_num + 4); | 518 | (size_t)s->internal->init_num + SSL3_HM_HEADER_LENGTH); |
| 518 | } | 519 | } |
| 519 | 520 | ||
| 520 | *ok = 1; | 521 | *ok = 1; |