Convert ssl3_client_hello() to CBB.

As part of this, change ssl_cipher_list_to_bytes() to take a CBB argument, rather than a pointer/length. Some additional clean up/renames while here. Based on a diff from doug@
author: jsing <> 2017-10-11 17:35:00 +0000
committer: jsing <> 2017-10-11 17:35:00 +0000
commit: 4b096d9251fbf4f46e597bb2ac44a0829138544f (patch)
tree: ca9185a9b7de54d8df3855321c5771328e85f30b /src/lib
parent: e64dc34242390cd4a16eb683e606c5beccbb9aa7 (diff)
download: openbsd-4b096d9251fbf4f46e597bb2ac44a0829138544f.tar.gz
openbsd-4b096d9251fbf4f46e597bb2ac44a0829138544f.tar.bz2
openbsd-4b096d9251fbf4f46e597bb2ac44a0829138544f.zip
4 files changed, 64 insertions, 93 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 6343ec276d..33352705d1 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.20 2017/10/10 15:42:32 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.21 2017/10/11 17:35:00 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -170,6 +170,7 @@
 #endif
 #include "bytestring.h"
+#include "ssl_tlsext.h"
 static int ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b);
@@ -662,12 +663,12 @@ end:
 int
 ssl3_client_hello(SSL *s)
 {
-        unsigned char   *bufend, *p, *d;
+        CBB cbb, client_hello, session_id, cookie, cipher_suites;
-        uint16_t         max_version;
+        CBB compression_methods;
-        size_t           outlen;
+        uint16_t max_version;
-        int              i;
+        size_t sl;
-        bufend = (unsigned char *)s->internal->init_buf->data + SSL3_RT_MAX_PLAIN_LENGTH;
+        memset(&cbb, 0, sizeof(cbb));
        if (S3I(s)->hs.state == SSL3_ST_CW_CLNT_HELLO_A) {
                SSL_SESSION *sess = s->session;
@@ -695,7 +696,9 @@ ssl3_client_hello(SSL *s)
                if (!SSL_IS_DTLS(s) || D1I(s)->send_cookie == 0)
                        arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE);
-                d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO);
+                if (!ssl3_handshake_msg_start_cbb(s, &cbb, &client_hello,
+                    SSL3_MT_CLIENT_HELLO))
+                        goto err;
                /*
                 * Version indicates the negotiated version: for example from
@@ -727,27 +730,27 @@ ssl3_client_hello(SSL *s)
                 * client_version in client hello and not resetting it to
                 * the negotiated version.
                 */
+                if (!CBB_add_u16(&client_hello, s->client_version))
-                *(p++) = s->client_version >> 8;
+                        goto err;
-                *(p++) = s->client_version & 0xff;
                /* Random stuff */
-                memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
+                if (!CBB_add_bytes(&client_hello, s->s3->client_random,
-                p += SSL3_RANDOM_SIZE;
+                    sizeof(s->s3->client_random)))
+                        goto err;
                /* Session ID */
-                if (s->internal->new_session)
+                if (!CBB_add_u8_length_prefixed(&client_hello, &session_id))
-                        i = 0;
+                        goto err;
-                else
+                if (!s->internal->new_session &&
-                        i = s->session->session_id_length;
+                    s->session->session_id_length > 0) {
-                *(p++) = i;
+                        sl = s->session->session_id_length;
-                if (i != 0) {
+                        if (sl > sizeof(s->session->session_id)) {
-                        if (i > (int)sizeof(s->session->session_id)) {
                                SSLerror(s, ERR_R_INTERNAL_ERROR);
                                goto err;
                        }
-                        memcpy(p, s->session->session_id, i);
+                        if (!CBB_add_bytes(&session_id,
-                        p += i;
+                            s->session->session_id, sl))
+                                goto err;
                }
                /* DTLS Cookie. */
@@ -756,33 +759,37 @@ ssl3_client_hello(SSL *s)
                                SSLerror(s, ERR_R_INTERNAL_ERROR);
                                goto err;
                        }
-                        *(p++) = D1I(s)->cookie_len;
+                        if (!CBB_add_u8_length_prefixed(&client_hello, &cookie))
-                        memcpy(p, D1I(s)->cookie, D1I(s)->cookie_len);
+                                goto err;
-                        p += D1I(s)->cookie_len;
+                        if (!CBB_add_bytes(&cookie, D1I(s)->cookie,
+                            D1I(s)->cookie_len))
+                                goto err;
                }
                /* Ciphers supported */
-                if (!ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2],
+                if (!CBB_add_u16_length_prefixed(&client_hello, &cipher_suites))
-                    bufend - &p[2], &outlen))
+                        return 0;
-                        goto err;
+                if (!ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s),
-                if (outlen == 0) {
+                    &cipher_suites)) {
                        SSLerror(s, SSL_R_NO_CIPHERS_AVAILABLE);
                        goto err;
                }
-                s2n(outlen, p);
-                p += outlen;
-                /* add in (no) COMPRESSION */
+                /* Add in compression methods (null) */
-                *(p++) = 1;
+                if (!CBB_add_u8_length_prefixed(&client_hello,
-                *(p++) = 0; /* Add the NULL method */
+                    &compression_methods))
+                        goto err;
+                if (!CBB_add_u8(&compression_methods, 0))
+                        goto err;
-                /* TLS extensions*/
+                /* TLS extensions */
-                if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) {
+                if (!tlsext_clienthello_build(s, &client_hello)) {
                        SSLerror(s, ERR_R_INTERNAL_ERROR);
                        goto err;
                }
-                ssl3_handshake_msg_finish(s, p - d);
+                if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
+                        goto err;
                S3I(s)->hs.state = SSL3_ST_CW_CLNT_HELLO_B;
        }
@@ -791,6 +798,8 @@ ssl3_client_hello(SSL *s)
        return (ssl3_handshake_write(s));
 err:
+        CBB_cleanup(&cbb);
        return (-1);
 }
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index b91ba7f0f3..c7ae2a9631 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.171 2017/10/10 16:51:38 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.172 2017/10/11 17:35:00 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1380,51 +1380,40 @@ SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
 }
 int
-ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p,
+ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb)
-    size_t maxlen, size_t *outlen)
 {
        SSL_CIPHER *cipher;
-        int ciphers = 0;
+        int num_ciphers = 0;
-        CBB cbb;
        int i;
-        *outlen = 0;
+        if (ciphers == NULL)
+                return 0;
-        if (sk == NULL)
-                return (0);
-        if (!CBB_init_fixed(&cbb, p, maxlen))
-                goto err;
-        for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
+        for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
-                cipher = sk_SSL_CIPHER_value(sk, i);
+                if ((cipher = sk_SSL_CIPHER_value(ciphers, i)) == NULL)
+                        return 0;
                /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
                if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&
                    (TLS1_get_client_version(s) < TLS1_2_VERSION))
                        continue;
-                if (!CBB_add_u16(&cbb, ssl3_cipher_get_value(cipher)))
+                if (!CBB_add_u16(cbb, ssl3_cipher_get_value(cipher)))
-                        goto err;
+                        return 0;
-                ciphers++;
+                num_ciphers++;
        }
        /* Add SCSV if there are other ciphers and we're not renegotiating. */
-        if (ciphers > 0 && !s->internal->renegotiate) {
+        if (num_ciphers > 0 && !s->internal->renegotiate) {
-                if (!CBB_add_u16(&cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK))
+                if (!CBB_add_u16(cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK))
-                        goto err;
+                        return 0;
        }
-        if (!CBB_finish(&cbb, NULL, outlen))
+        if (!CBB_flush(cbb))
-                goto err;
+                return 0;
        return 1;
- err:
-        CBB_cleanup(&cbb);
-        return 0;
 }
 STACK_OF(SSL_CIPHER) *
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 2ce4b05600..92667ec125 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.197 2017/10/11 16:51:39 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.198 2017/10/11 17:35:00 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1064,9 +1064,8 @@ int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b);
 SSL_CIPHER *OBJ_bsearch_ssl_cipher_id(SSL_CIPHER *key, SSL_CIPHER const *base, int num);
 int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
    const SSL_CIPHER * const *bp);
+int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *ciphers, CBB *cbb);
 STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, CBS *cbs);
-int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
-    unsigned char *p, size_t maxlen, size_t *outlen);
 STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth,
    STACK_OF(SSL_CIPHER) **pref, STACK_OF(SSL_CIPHER) **sorted,
    const char *rule_str);
@@ -1286,9 +1285,6 @@ uint16_t tls1_ec_nid2curve_id(const int nid);
 int tls1_check_curve(SSL *s, const uint16_t curve_id);
 int tls1_get_shared_curve(SSL *s);
-unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p,
-    unsigned char *limit);
 int ssl_parse_clienthello_tlsext(SSL *s, unsigned char **data,
    unsigned char *d, int n, int *al);
 int ssl_parse_serverhello_tlsext(SSL *s, unsigned char **data,
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 8526ca167b..1cef08d094 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.138 2017/10/11 16:51:39 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.139 2017/10/11 17:35:00 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -661,29 +661,6 @@ tls12_get_req_sig_algs(SSL *s, unsigned char **sigalgs, size_t *sigalgs_len)
        *sigalgs_len = sizeof(tls12_sigalgs);
 }
-unsigned char *
-ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit)
-{
-        size_t len;
-        CBB cbb;
-        if (p >= limit)
-                return NULL;
-        if (!CBB_init_fixed(&cbb, p, limit - p))
-                return NULL;
-        if (!tlsext_clienthello_build(s, &cbb)) {
-                CBB_cleanup(&cbb);
-                return NULL;
-        }
-        if (!CBB_finish(&cbb, NULL, &len)) {
-                CBB_cleanup(&cbb);
-                return NULL;
-        }
-        return (p + len);
-}
 int
 ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d,
    int n, int *al)
author	jsing <>	2017-10-11 17:35:00 +0000
committer	jsing <>	2017-10-11 17:35:00 +0000
commit	4b096d9251fbf4f46e597bb2ac44a0829138544f (patch)
tree	ca9185a9b7de54d8df3855321c5771328e85f30b /src/lib
parent	e64dc34242390cd4a16eb683e606c5beccbb9aa7 (diff)
download	openbsd-4b096d9251fbf4f46e597bb2ac44a0829138544f.tar.gz openbsd-4b096d9251fbf4f46e597bb2ac44a0829138544f.tar.bz2 openbsd-4b096d9251fbf4f46e597bb2ac44a0829138544f.zip

diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 6343ec276d..33352705d1 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_clnt.c,v 1.20 2017/10/10 15:42:32 jsing Exp $ */	1	/* $OpenBSD: ssl_clnt.c,v 1.21 2017/10/11 17:35:00 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -170,6 +170,7 @@
170	#endif	170	#endif
171		171
172	#include "bytestring.h"	172	#include "bytestring.h"
		173	#include "ssl_tlsext.h"
173		174
174	static int ca_dn_cmp(const X509_NAME * const a, const X509_NAME const *b);	175	static int ca_dn_cmp(const X509_NAME * const a, const X509_NAME const *b);
175		176
@@ -662,12 +663,12 @@ end:
662	int	663	int
663	ssl3_client_hello(SSL *s)	664	ssl3_client_hello(SSL *s)
664	{	665	{
665	unsigned char bufend, p, *d;	666	CBB cbb, client_hello, session_id, cookie, cipher_suites;
666	uint16_t max_version;	667	CBB compression_methods;
667	size_t outlen;	668	uint16_t max_version;
668	int i;	669	size_t sl;
669		670
670	bufend = (unsigned char *)s->internal->init_buf->data + SSL3_RT_MAX_PLAIN_LENGTH;	671	memset(&cbb, 0, sizeof(cbb));
671		672
672	if (S3I(s)->hs.state == SSL3_ST_CW_CLNT_HELLO_A) {	673	if (S3I(s)->hs.state == SSL3_ST_CW_CLNT_HELLO_A) {
673	SSL_SESSION *sess = s->session;	674	SSL_SESSION *sess = s->session;
@@ -695,7 +696,9 @@ ssl3_client_hello(SSL *s)
695	if (!SSL_IS_DTLS(s) \|\| D1I(s)->send_cookie == 0)	696	if (!SSL_IS_DTLS(s) \|\| D1I(s)->send_cookie == 0)
696	arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE);	697	arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE);
697		698
698	d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO);	699	if (!ssl3_handshake_msg_start_cbb(s, &cbb, &client_hello,
		700	SSL3_MT_CLIENT_HELLO))
		701	goto err;
699		702
700	/*	703	/*
701	* Version indicates the negotiated version: for example from	704	* Version indicates the negotiated version: for example from
@@ -727,27 +730,27 @@ ssl3_client_hello(SSL *s)
727	* client_version in client hello and not resetting it to	730	* client_version in client hello and not resetting it to
728	* the negotiated version.	731	* the negotiated version.
729	*/	732	*/
730		733	if (!CBB_add_u16(&client_hello, s->client_version))
731	*(p++) = s->client_version >> 8;	734	goto err;
732	*(p++) = s->client_version & 0xff;
733		735
734	/* Random stuff */	736	/* Random stuff */
735	memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);	737	if (!CBB_add_bytes(&client_hello, s->s3->client_random,
736	p += SSL3_RANDOM_SIZE;	738	sizeof(s->s3->client_random)))
		739	goto err;
737		740
738	/* Session ID */	741	/* Session ID */
739	if (s->internal->new_session)	742	if (!CBB_add_u8_length_prefixed(&client_hello, &session_id))
740	i = 0;	743	goto err;
741	else	744	if (!s->internal->new_session &&
742	i = s->session->session_id_length;	745	s->session->session_id_length > 0) {
743	*(p++) = i;	746	sl = s->session->session_id_length;
744	if (i != 0) {	747	if (sl > sizeof(s->session->session_id)) {
745	if (i > (int)sizeof(s->session->session_id)) {
746	SSLerror(s, ERR_R_INTERNAL_ERROR);	748	SSLerror(s, ERR_R_INTERNAL_ERROR);
747	goto err;	749	goto err;
748	}	750	}
749	memcpy(p, s->session->session_id, i);	751	if (!CBB_add_bytes(&session_id,
750	p += i;	752	s->session->session_id, sl))
		753	goto err;
751	}	754	}
752		755
753	/* DTLS Cookie. */	756	/* DTLS Cookie. */
@@ -756,33 +759,37 @@ ssl3_client_hello(SSL *s)
756	SSLerror(s, ERR_R_INTERNAL_ERROR);	759	SSLerror(s, ERR_R_INTERNAL_ERROR);
757	goto err;	760	goto err;
758	}	761	}
759	*(p++) = D1I(s)->cookie_len;	762	if (!CBB_add_u8_length_prefixed(&client_hello, &cookie))
760	memcpy(p, D1I(s)->cookie, D1I(s)->cookie_len);	763	goto err;
761	p += D1I(s)->cookie_len;	764	if (!CBB_add_bytes(&cookie, D1I(s)->cookie,
		765	D1I(s)->cookie_len))
		766	goto err;
762	}	767	}
763		768
764	/* Ciphers supported */	769	/* Ciphers supported */
765	if (!ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2],	770	if (!CBB_add_u16_length_prefixed(&client_hello, &cipher_suites))
766	bufend - &p[2], &outlen))	771	return 0;
767	goto err;	772	if (!ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s),
768	if (outlen == 0) {	773	&cipher_suites)) {
769	SSLerror(s, SSL_R_NO_CIPHERS_AVAILABLE);	774	SSLerror(s, SSL_R_NO_CIPHERS_AVAILABLE);
770	goto err;	775	goto err;
771	}	776	}
772	s2n(outlen, p);
773	p += outlen;
774		777
775	/* add in (no) COMPRESSION */	778	/* Add in compression methods (null) */
776	*(p++) = 1;	779	if (!CBB_add_u8_length_prefixed(&client_hello,
777	(p++) = 0; / Add the NULL method */	780	&compression_methods))
		781	goto err;
		782	if (!CBB_add_u8(&compression_methods, 0))
		783	goto err;
778		784
779	/* TLS extensions*/	785	/* TLS extensions */
780	if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) {	786	if (!tlsext_clienthello_build(s, &client_hello)) {
781	SSLerror(s, ERR_R_INTERNAL_ERROR);	787	SSLerror(s, ERR_R_INTERNAL_ERROR);
782	goto err;	788	goto err;
783	}	789	}
784		790
785	ssl3_handshake_msg_finish(s, p - d);	791	if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
		792	goto err;
786		793
787	S3I(s)->hs.state = SSL3_ST_CW_CLNT_HELLO_B;	794	S3I(s)->hs.state = SSL3_ST_CW_CLNT_HELLO_B;
788	}	795	}
@@ -791,6 +798,8 @@ ssl3_client_hello(SSL *s)
791	return (ssl3_handshake_write(s));	798	return (ssl3_handshake_write(s));
792		799
793	err:	800	err:
		801	CBB_cleanup(&cbb);
		802
794	return (-1);	803	return (-1);
795	}	804	}
796		805


diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index b91ba7f0f3..c7ae2a9631 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_lib.c,v 1.171 2017/10/10 16:51:38 jsing Exp $ */	1	/* $OpenBSD: ssl_lib.c,v 1.172 2017/10/11 17:35:00 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1380,51 +1380,40 @@ SSL_get_shared_ciphers(const SSL s, char buf, int len)
1380	}	1380	}
1381		1381
1382	int	1382	int
1383	ssl_cipher_list_to_bytes(SSL s, STACK_OF(SSL_CIPHER) sk, unsigned char *p,	1383	ssl_cipher_list_to_bytes(SSL s, STACK_OF(SSL_CIPHER) ciphers, CBB *cbb)
1384	size_t maxlen, size_t *outlen)
1385	{	1384	{
1386	SSL_CIPHER *cipher;	1385	SSL_CIPHER *cipher;
1387	int ciphers = 0;	1386	int num_ciphers = 0;
1388	CBB cbb;
1389	int i;	1387	int i;
1390		1388
1391	*outlen = 0;	1389	if (ciphers == NULL)
1392		1390	return 0;
1393	if (sk == NULL)
1394	return (0);
1395
1396	if (!CBB_init_fixed(&cbb, p, maxlen))
1397	goto err;
1398		1391
1399	for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {	1392	for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) {
1400	cipher = sk_SSL_CIPHER_value(sk, i);	1393	if ((cipher = sk_SSL_CIPHER_value(ciphers, i)) == NULL)
		1394	return 0;
1401		1395
1402	/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */	1396	/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
1403	if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&	1397	if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&
1404	(TLS1_get_client_version(s) < TLS1_2_VERSION))	1398	(TLS1_get_client_version(s) < TLS1_2_VERSION))
1405	continue;	1399	continue;
1406		1400
1407	if (!CBB_add_u16(&cbb, ssl3_cipher_get_value(cipher)))	1401	if (!CBB_add_u16(cbb, ssl3_cipher_get_value(cipher)))
1408	goto err;	1402	return 0;
1409		1403
1410	ciphers++;	1404	num_ciphers++;
1411	}	1405	}
1412		1406
1413	/* Add SCSV if there are other ciphers and we're not renegotiating. */	1407	/* Add SCSV if there are other ciphers and we're not renegotiating. */
1414	if (ciphers > 0 && !s->internal->renegotiate) {	1408	if (num_ciphers > 0 && !s->internal->renegotiate) {
1415	if (!CBB_add_u16(&cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK))	1409	if (!CBB_add_u16(cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK))
1416	goto err;	1410	return 0;
1417	}	1411	}
1418		1412
1419	if (!CBB_finish(&cbb, NULL, outlen))	1413	if (!CBB_flush(cbb))
1420	goto err;	1414	return 0;
1421		1415
1422	return 1;	1416	return 1;
1423
1424	err:
1425	CBB_cleanup(&cbb);
1426
1427	return 0;
1428	}	1417	}
1429		1418
1430	STACK_OF(SSL_CIPHER) *	1419	STACK_OF(SSL_CIPHER) *


diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 2ce4b05600..92667ec125 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_locl.h,v 1.197 2017/10/11 16:51:39 jsing Exp $ */	1	/* $OpenBSD: ssl_locl.h,v 1.198 2017/10/11 17:35:00 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1064,9 +1064,8 @@ int ssl_cipher_id_cmp(const SSL_CIPHER a, const SSL_CIPHER b);
1064	SSL_CIPHER OBJ_bsearch_ssl_cipher_id(SSL_CIPHER key, SSL_CIPHER const *base, int num);	1064	SSL_CIPHER OBJ_bsearch_ssl_cipher_id(SSL_CIPHER key, SSL_CIPHER const *base, int num);
1065	int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,	1065	int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap,
1066	const SSL_CIPHER * const *bp);	1066	const SSL_CIPHER * const *bp);
		1067	int ssl_cipher_list_to_bytes(SSL s, STACK_OF(SSL_CIPHER) ciphers, CBB *cbb);
1067	STACK_OF(SSL_CIPHER) ssl_bytes_to_cipher_list(SSL s, CBS *cbs);	1068	STACK_OF(SSL_CIPHER) ssl_bytes_to_cipher_list(SSL s, CBS *cbs);
1068	int ssl_cipher_list_to_bytes(SSL s, STACK_OF(SSL_CIPHER) sk,
1069	unsigned char p, size_t maxlen, size_t outlen);
1070	STACK_OF(SSL_CIPHER) ssl_create_cipher_list(const SSL_METHOD meth,	1069	STACK_OF(SSL_CIPHER) ssl_create_cipher_list(const SSL_METHOD meth,
1071	STACK_OF(SSL_CIPHER) pref, STACK_OF(SSL_CIPHER) sorted,	1070	STACK_OF(SSL_CIPHER) pref, STACK_OF(SSL_CIPHER) sorted,
1072	const char *rule_str);	1071	const char *rule_str);
@@ -1286,9 +1285,6 @@ uint16_t tls1_ec_nid2curve_id(const int nid);
1286	int tls1_check_curve(SSL *s, const uint16_t curve_id);	1285	int tls1_check_curve(SSL *s, const uint16_t curve_id);
1287	int tls1_get_shared_curve(SSL *s);	1286	int tls1_get_shared_curve(SSL *s);
1288		1287
1289	unsigned char ssl_add_clienthello_tlsext(SSL s, unsigned char *p,
1290	unsigned char *limit);
1291
1292	int ssl_parse_clienthello_tlsext(SSL s, unsigned char *data,	1288	int ssl_parse_clienthello_tlsext(SSL s, unsigned char *data,
1293	unsigned char d, int n, int al);	1289	unsigned char d, int n, int al);
1294	int ssl_parse_serverhello_tlsext(SSL s, unsigned char *data,	1290	int ssl_parse_serverhello_tlsext(SSL s, unsigned char *data,


diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 8526ca167b..1cef08d094 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_lib.c,v 1.138 2017/10/11 16:51:39 jsing Exp $ */	1	/* $OpenBSD: t1_lib.c,v 1.139 2017/10/11 17:35:00 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -661,29 +661,6 @@ tls12_get_req_sig_algs(SSL s, unsigned char sigalgs, size_t sigalgs_len)
661	*sigalgs_len = sizeof(tls12_sigalgs);	661	*sigalgs_len = sizeof(tls12_sigalgs);
662	}	662	}
663		663
664	unsigned char *
665	ssl_add_clienthello_tlsext(SSL s, unsigned char p, unsigned char *limit)
666	{
667	size_t len;
668	CBB cbb;
669
670	if (p >= limit)
671	return NULL;
672
673	if (!CBB_init_fixed(&cbb, p, limit - p))
674	return NULL;
675	if (!tlsext_clienthello_build(s, &cbb)) {
676	CBB_cleanup(&cbb);
677	return NULL;
678	}
679	if (!CBB_finish(&cbb, NULL, &len)) {
680	CBB_cleanup(&cbb);
681	return NULL;
682	}
683
684	return (p + len);
685	}
686
687	int	664	int
688	ssl_parse_clienthello_tlsext(SSL s, unsigned char p, unsigned char d,	665	ssl_parse_clienthello_tlsext(SSL s, unsigned char p, unsigned char d,
689	int n, int *al)	666	int n, int *al)