diff options
| author | jsing <> | 2014-10-05 14:56:32 +0000 |
|---|---|---|
| committer | jsing <> | 2014-10-05 14:56:32 +0000 |
| commit | 719b6382574a00fc4fb9b689469ee3b51ab4cc1e (patch) | |
| tree | 3b583e52c085d0fdf64f77901db5c9dcc44cc4da /src/lib | |
| parent | d24642d7673736de3fa3b45fdab6a34f879a60b5 (diff) | |
| download | openbsd-719b6382574a00fc4fb9b689469ee3b51ab4cc1e.tar.gz openbsd-719b6382574a00fc4fb9b689469ee3b51ab4cc1e.tar.bz2 openbsd-719b6382574a00fc4fb9b689469ee3b51ab4cc1e.zip | |
Use more specific curves/formats naming for local variables in
ssl_add_clienthello_tlsext() and ssl_add_serverhello_tlsext(), rather than
the current generic naming.
ok miod@
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/src/ssl/t1_lib.c | 58 | ||||
| -rw-r--r-- | src/lib/libssl/t1_lib.c | 58 |
2 files changed, 56 insertions, 60 deletions
diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c index ce827caae7..409da9b4bd 100644 --- a/src/lib/libssl/src/ssl/t1_lib.c +++ b/src/lib/libssl/src/ssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.62 2014/10/05 14:53:06 jsing Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.63 2014/10/05 14:56:32 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -713,61 +713,60 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 713 | } | 713 | } |
| 714 | 714 | ||
| 715 | if (using_ecc) { | 715 | if (using_ecc) { |
| 716 | const unsigned char *curves, *formats; | ||
| 717 | size_t curveslen, formatslen, lenmax; | ||
| 718 | |||
| 716 | /* | 719 | /* |
| 717 | * Add TLS extension ECPointFormats to the ClientHello message. | 720 | * Add TLS extension ECPointFormats to the ClientHello message. |
| 718 | */ | 721 | */ |
| 719 | const unsigned char *plist; | 722 | tls1_get_formatlist(s, 0, &formats, &formatslen); |
| 720 | size_t plistlen; | ||
| 721 | size_t lenmax; | ||
| 722 | |||
| 723 | tls1_get_formatlist(s, 0, &plist, &plistlen); | ||
| 724 | 723 | ||
| 725 | if ((size_t)(limit - ret) < 5) | 724 | if ((size_t)(limit - ret) < 5) |
| 726 | return NULL; | 725 | return NULL; |
| 727 | 726 | ||
| 728 | lenmax = limit - ret - 5; | 727 | lenmax = limit - ret - 5; |
| 729 | if (plistlen > lenmax) | 728 | if (formatslen > lenmax) |
| 730 | return NULL; | 729 | return NULL; |
| 731 | if (plistlen > 255) { | 730 | if (formatslen > 255) { |
| 732 | SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, | 731 | SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, |
| 733 | ERR_R_INTERNAL_ERROR); | 732 | ERR_R_INTERNAL_ERROR); |
| 734 | return NULL; | 733 | return NULL; |
| 735 | } | 734 | } |
| 736 | 735 | ||
| 737 | s2n(TLSEXT_TYPE_ec_point_formats, ret); | 736 | s2n(TLSEXT_TYPE_ec_point_formats, ret); |
| 738 | s2n(plistlen + 1, ret); | 737 | s2n(formatslen + 1, ret); |
| 739 | *(ret++) = (unsigned char)plistlen; | 738 | *(ret++) = (unsigned char)formatslen; |
| 740 | memcpy(ret, plist, plistlen); | 739 | memcpy(ret, formats, formatslen); |
| 741 | ret += plistlen; | 740 | ret += formatslen; |
| 742 | 741 | ||
| 743 | /* | 742 | /* |
| 744 | * Add TLS extension EllipticCurves to the ClientHello message. | 743 | * Add TLS extension EllipticCurves to the ClientHello message. |
| 745 | */ | 744 | */ |
| 746 | tls1_get_curvelist(s, 0, &plist, &plistlen); | 745 | tls1_get_curvelist(s, 0, &curves, &curveslen); |
| 747 | 746 | ||
| 748 | if ((size_t)(limit - ret) < 6) | 747 | if ((size_t)(limit - ret) < 6) |
| 749 | return NULL; | 748 | return NULL; |
| 750 | 749 | ||
| 751 | lenmax = limit - ret - 6; | 750 | lenmax = limit - ret - 6; |
| 752 | if (plistlen > lenmax) | 751 | if (curveslen > lenmax) |
| 753 | return NULL; | 752 | return NULL; |
| 754 | if (plistlen > 65532) { | 753 | if (curveslen > 65532) { |
| 755 | SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, | 754 | SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, |
| 756 | ERR_R_INTERNAL_ERROR); | 755 | ERR_R_INTERNAL_ERROR); |
| 757 | return NULL; | 756 | return NULL; |
| 758 | } | 757 | } |
| 759 | 758 | ||
| 760 | s2n(TLSEXT_TYPE_elliptic_curves, ret); | 759 | s2n(TLSEXT_TYPE_elliptic_curves, ret); |
| 761 | s2n(plistlen + 2, ret); | 760 | s2n(curveslen + 2, ret); |
| 762 | 761 | ||
| 763 | /* NB: draft-ietf-tls-ecc-12.txt uses a one-byte prefix for | 762 | /* NB: draft-ietf-tls-ecc-12.txt uses a one-byte prefix for |
| 764 | * elliptic_curve_list, but the examples use two bytes. | 763 | * elliptic_curve_list, but the examples use two bytes. |
| 765 | * http://www1.ietf.org/mail-archive/web/tls/current/msg00538.html | 764 | * http://www1.ietf.org/mail-archive/web/tls/current/msg00538.html |
| 766 | * resolves this to two bytes. | 765 | * resolves this to two bytes. |
| 767 | */ | 766 | */ |
| 768 | s2n(plistlen, ret); | 767 | s2n(curveslen, ret); |
| 769 | memcpy(ret, plist, plistlen); | 768 | memcpy(ret, curves, curveslen); |
| 770 | ret += plistlen; | 769 | ret += curveslen; |
| 771 | } | 770 | } |
| 772 | 771 | ||
| 773 | if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) { | 772 | if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) { |
| @@ -990,32 +989,31 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 990 | } | 989 | } |
| 991 | 990 | ||
| 992 | if (using_ecc && s->version != DTLS1_VERSION) { | 991 | if (using_ecc && s->version != DTLS1_VERSION) { |
| 992 | const unsigned char *formats; | ||
| 993 | size_t formatslen, lenmax; | ||
| 994 | |||
| 993 | /* | 995 | /* |
| 994 | * Add TLS extension ECPointFormats to the ServerHello message. | 996 | * Add TLS extension ECPointFormats to the ServerHello message. |
| 995 | */ | 997 | */ |
| 996 | const unsigned char *plist; | 998 | tls1_get_formatlist(s, 0, &formats, &formatslen); |
| 997 | size_t plistlen; | ||
| 998 | size_t lenmax; | ||
| 999 | |||
| 1000 | tls1_get_formatlist(s, 0, &plist, &plistlen); | ||
| 1001 | 999 | ||
| 1002 | if ((size_t)(limit - ret) < 5) | 1000 | if ((size_t)(limit - ret) < 5) |
| 1003 | return NULL; | 1001 | return NULL; |
| 1004 | 1002 | ||
| 1005 | lenmax = limit - ret - 5; | 1003 | lenmax = limit - ret - 5; |
| 1006 | if (plistlen > lenmax) | 1004 | if (formatslen > lenmax) |
| 1007 | return NULL; | 1005 | return NULL; |
| 1008 | if (plistlen > 255) { | 1006 | if (formatslen > 255) { |
| 1009 | SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, | 1007 | SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, |
| 1010 | ERR_R_INTERNAL_ERROR); | 1008 | ERR_R_INTERNAL_ERROR); |
| 1011 | return NULL; | 1009 | return NULL; |
| 1012 | } | 1010 | } |
| 1013 | 1011 | ||
| 1014 | s2n(TLSEXT_TYPE_ec_point_formats, ret); | 1012 | s2n(TLSEXT_TYPE_ec_point_formats, ret); |
| 1015 | s2n(plistlen + 1, ret); | 1013 | s2n(formatslen + 1, ret); |
| 1016 | *(ret++) = (unsigned char)plistlen; | 1014 | *(ret++) = (unsigned char)formatslen; |
| 1017 | memcpy(ret, plist, plistlen); | 1015 | memcpy(ret, formats, formatslen); |
| 1018 | ret += plistlen; | 1016 | ret += formatslen; |
| 1019 | } | 1017 | } |
| 1020 | 1018 | ||
| 1021 | /* | 1019 | /* |
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index ce827caae7..409da9b4bd 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_lib.c,v 1.62 2014/10/05 14:53:06 jsing Exp $ */ | 1 | /* $OpenBSD: t1_lib.c,v 1.63 2014/10/05 14:56:32 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -713,61 +713,60 @@ ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 713 | } | 713 | } |
| 714 | 714 | ||
| 715 | if (using_ecc) { | 715 | if (using_ecc) { |
| 716 | const unsigned char *curves, *formats; | ||
| 717 | size_t curveslen, formatslen, lenmax; | ||
| 718 | |||
| 716 | /* | 719 | /* |
| 717 | * Add TLS extension ECPointFormats to the ClientHello message. | 720 | * Add TLS extension ECPointFormats to the ClientHello message. |
| 718 | */ | 721 | */ |
| 719 | const unsigned char *plist; | 722 | tls1_get_formatlist(s, 0, &formats, &formatslen); |
| 720 | size_t plistlen; | ||
| 721 | size_t lenmax; | ||
| 722 | |||
| 723 | tls1_get_formatlist(s, 0, &plist, &plistlen); | ||
| 724 | 723 | ||
| 725 | if ((size_t)(limit - ret) < 5) | 724 | if ((size_t)(limit - ret) < 5) |
| 726 | return NULL; | 725 | return NULL; |
| 727 | 726 | ||
| 728 | lenmax = limit - ret - 5; | 727 | lenmax = limit - ret - 5; |
| 729 | if (plistlen > lenmax) | 728 | if (formatslen > lenmax) |
| 730 | return NULL; | 729 | return NULL; |
| 731 | if (plistlen > 255) { | 730 | if (formatslen > 255) { |
| 732 | SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, | 731 | SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, |
| 733 | ERR_R_INTERNAL_ERROR); | 732 | ERR_R_INTERNAL_ERROR); |
| 734 | return NULL; | 733 | return NULL; |
| 735 | } | 734 | } |
| 736 | 735 | ||
| 737 | s2n(TLSEXT_TYPE_ec_point_formats, ret); | 736 | s2n(TLSEXT_TYPE_ec_point_formats, ret); |
| 738 | s2n(plistlen + 1, ret); | 737 | s2n(formatslen + 1, ret); |
| 739 | *(ret++) = (unsigned char)plistlen; | 738 | *(ret++) = (unsigned char)formatslen; |
| 740 | memcpy(ret, plist, plistlen); | 739 | memcpy(ret, formats, formatslen); |
| 741 | ret += plistlen; | 740 | ret += formatslen; |
| 742 | 741 | ||
| 743 | /* | 742 | /* |
| 744 | * Add TLS extension EllipticCurves to the ClientHello message. | 743 | * Add TLS extension EllipticCurves to the ClientHello message. |
| 745 | */ | 744 | */ |
| 746 | tls1_get_curvelist(s, 0, &plist, &plistlen); | 745 | tls1_get_curvelist(s, 0, &curves, &curveslen); |
| 747 | 746 | ||
| 748 | if ((size_t)(limit - ret) < 6) | 747 | if ((size_t)(limit - ret) < 6) |
| 749 | return NULL; | 748 | return NULL; |
| 750 | 749 | ||
| 751 | lenmax = limit - ret - 6; | 750 | lenmax = limit - ret - 6; |
| 752 | if (plistlen > lenmax) | 751 | if (curveslen > lenmax) |
| 753 | return NULL; | 752 | return NULL; |
| 754 | if (plistlen > 65532) { | 753 | if (curveslen > 65532) { |
| 755 | SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, | 754 | SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, |
| 756 | ERR_R_INTERNAL_ERROR); | 755 | ERR_R_INTERNAL_ERROR); |
| 757 | return NULL; | 756 | return NULL; |
| 758 | } | 757 | } |
| 759 | 758 | ||
| 760 | s2n(TLSEXT_TYPE_elliptic_curves, ret); | 759 | s2n(TLSEXT_TYPE_elliptic_curves, ret); |
| 761 | s2n(plistlen + 2, ret); | 760 | s2n(curveslen + 2, ret); |
| 762 | 761 | ||
| 763 | /* NB: draft-ietf-tls-ecc-12.txt uses a one-byte prefix for | 762 | /* NB: draft-ietf-tls-ecc-12.txt uses a one-byte prefix for |
| 764 | * elliptic_curve_list, but the examples use two bytes. | 763 | * elliptic_curve_list, but the examples use two bytes. |
| 765 | * http://www1.ietf.org/mail-archive/web/tls/current/msg00538.html | 764 | * http://www1.ietf.org/mail-archive/web/tls/current/msg00538.html |
| 766 | * resolves this to two bytes. | 765 | * resolves this to two bytes. |
| 767 | */ | 766 | */ |
| 768 | s2n(plistlen, ret); | 767 | s2n(curveslen, ret); |
| 769 | memcpy(ret, plist, plistlen); | 768 | memcpy(ret, curves, curveslen); |
| 770 | ret += plistlen; | 769 | ret += curveslen; |
| 771 | } | 770 | } |
| 772 | 771 | ||
| 773 | if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) { | 772 | if (!(SSL_get_options(s) & SSL_OP_NO_TICKET)) { |
| @@ -990,32 +989,31 @@ ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned char *limit) | |||
| 990 | } | 989 | } |
| 991 | 990 | ||
| 992 | if (using_ecc && s->version != DTLS1_VERSION) { | 991 | if (using_ecc && s->version != DTLS1_VERSION) { |
| 992 | const unsigned char *formats; | ||
| 993 | size_t formatslen, lenmax; | ||
| 994 | |||
| 993 | /* | 995 | /* |
| 994 | * Add TLS extension ECPointFormats to the ServerHello message. | 996 | * Add TLS extension ECPointFormats to the ServerHello message. |
| 995 | */ | 997 | */ |
| 996 | const unsigned char *plist; | 998 | tls1_get_formatlist(s, 0, &formats, &formatslen); |
| 997 | size_t plistlen; | ||
| 998 | size_t lenmax; | ||
| 999 | |||
| 1000 | tls1_get_formatlist(s, 0, &plist, &plistlen); | ||
| 1001 | 999 | ||
| 1002 | if ((size_t)(limit - ret) < 5) | 1000 | if ((size_t)(limit - ret) < 5) |
| 1003 | return NULL; | 1001 | return NULL; |
| 1004 | 1002 | ||
| 1005 | lenmax = limit - ret - 5; | 1003 | lenmax = limit - ret - 5; |
| 1006 | if (plistlen > lenmax) | 1004 | if (formatslen > lenmax) |
| 1007 | return NULL; | 1005 | return NULL; |
| 1008 | if (plistlen > 255) { | 1006 | if (formatslen > 255) { |
| 1009 | SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, | 1007 | SSLerr(SSL_F_SSL_ADD_SERVERHELLO_TLSEXT, |
| 1010 | ERR_R_INTERNAL_ERROR); | 1008 | ERR_R_INTERNAL_ERROR); |
| 1011 | return NULL; | 1009 | return NULL; |
| 1012 | } | 1010 | } |
| 1013 | 1011 | ||
| 1014 | s2n(TLSEXT_TYPE_ec_point_formats, ret); | 1012 | s2n(TLSEXT_TYPE_ec_point_formats, ret); |
| 1015 | s2n(plistlen + 1, ret); | 1013 | s2n(formatslen + 1, ret); |
| 1016 | *(ret++) = (unsigned char)plistlen; | 1014 | *(ret++) = (unsigned char)formatslen; |
| 1017 | memcpy(ret, plist, plistlen); | 1015 | memcpy(ret, formats, formatslen); |
| 1018 | ret += plistlen; | 1016 | ret += formatslen; |
| 1019 | } | 1017 | } |
| 1020 | 1018 | ||
| 1021 | /* | 1019 | /* |