diff options
| author | jsing <> | 2016-12-13 16:10:21 +0000 |
|---|---|---|
| committer | jsing <> | 2016-12-13 16:10:21 +0000 |
| commit | e69633978b48bb77d90ccb78a8a7d673ca47e4ab (patch) | |
| tree | 3a605e4707cf44ca850f279899b31ee08741f5c2 /src/lib | |
| parent | 92997cec5c4d33e0d4e9a1ac02d614de826b28b0 (diff) | |
| download | openbsd-e69633978b48bb77d90ccb78a8a7d673ca47e4ab.tar.gz openbsd-e69633978b48bb77d90ccb78a8a7d673ca47e4ab.tar.bz2 openbsd-e69633978b48bb77d90ccb78a8a7d673ca47e4ab.zip | |
Complete the CBB conversion and cleanup of send_client_key_exchange().
ok doug@
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/s3_clnt.c | 54 |
1 files changed, 12 insertions, 42 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 68d6b1a9cf..6c9639bbdd 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_clnt.c,v 1.154 2016/12/13 16:07:00 jsing Exp $ */ | 1 | /* $OpenBSD: s3_clnt.c,v 1.155 2016/12/13 16:10:21 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2223,18 +2223,11 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 2223 | { | 2223 | { |
| 2224 | SESS_CERT *sess_cert; | 2224 | SESS_CERT *sess_cert; |
| 2225 | unsigned long alg_k; | 2225 | unsigned long alg_k; |
| 2226 | unsigned char *bufend, *p; | 2226 | CBB cbb, kex; |
| 2227 | size_t outlen; | ||
| 2228 | int n = 0; | ||
| 2229 | CBB cbb; | ||
| 2230 | 2227 | ||
| 2231 | memset(&cbb, 0, sizeof(cbb)); | 2228 | memset(&cbb, 0, sizeof(cbb)); |
| 2232 | 2229 | ||
| 2233 | bufend = (unsigned char *)s->init_buf->data + s->init_buf->max; | ||
| 2234 | |||
| 2235 | if (s->state == SSL3_ST_CW_KEY_EXCH_A) { | 2230 | if (s->state == SSL3_ST_CW_KEY_EXCH_A) { |
| 2236 | p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_KEY_EXCHANGE); | ||
| 2237 | |||
| 2238 | alg_k = s->s3->tmp.new_cipher->algorithm_mkey; | 2231 | alg_k = s->s3->tmp.new_cipher->algorithm_mkey; |
| 2239 | 2232 | ||
| 2240 | if ((sess_cert = s->session->sess_cert) == NULL) { | 2233 | if ((sess_cert = s->session->sess_cert) == NULL) { |
| @@ -2245,46 +2238,22 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 2245 | goto err; | 2238 | goto err; |
| 2246 | } | 2239 | } |
| 2247 | 2240 | ||
| 2241 | if (!ssl3_handshake_msg_start_cbb(s, &cbb, &kex, | ||
| 2242 | SSL3_MT_CLIENT_KEY_EXCHANGE)) | ||
| 2243 | goto err; | ||
| 2244 | |||
| 2248 | if (alg_k & SSL_kRSA) { | 2245 | if (alg_k & SSL_kRSA) { |
| 2249 | if (!CBB_init_fixed(&cbb, p, bufend - p)) | 2246 | if (ssl3_send_client_kex_rsa(s, sess_cert, &kex) != 1) |
| 2250 | goto err; | ||
| 2251 | if (ssl3_send_client_kex_rsa(s, sess_cert, &cbb) != 1) | ||
| 2252 | goto err; | 2247 | goto err; |
| 2253 | if (!CBB_finish(&cbb, NULL, &outlen)) | ||
| 2254 | goto err; | ||
| 2255 | if (outlen > INT_MAX) | ||
| 2256 | goto err; | ||
| 2257 | n = (int)outlen; | ||
| 2258 | } else if (alg_k & SSL_kDHE) { | 2248 | } else if (alg_k & SSL_kDHE) { |
| 2259 | if (!CBB_init_fixed(&cbb, p, bufend - p)) | 2249 | if (ssl3_send_client_kex_dhe(s, sess_cert, &kex) != 1) |
| 2260 | goto err; | ||
| 2261 | if (ssl3_send_client_kex_dhe(s, sess_cert, &cbb) != 1) | ||
| 2262 | goto err; | ||
| 2263 | if (!CBB_finish(&cbb, NULL, &outlen)) | ||
| 2264 | goto err; | ||
| 2265 | if (outlen > INT_MAX) | ||
| 2266 | goto err; | 2250 | goto err; |
| 2267 | n = (int)outlen; | ||
| 2268 | } else if (alg_k & SSL_kECDHE) { | 2251 | } else if (alg_k & SSL_kECDHE) { |
| 2269 | if (!CBB_init_fixed(&cbb, p, bufend - p)) | 2252 | if (ssl3_send_client_kex_ecdhe(s, sess_cert, &kex) != 1) |
| 2270 | goto err; | 2253 | goto err; |
| 2271 | if (ssl3_send_client_kex_ecdhe(s, sess_cert, &cbb) != 1) | ||
| 2272 | goto err; | ||
| 2273 | if (!CBB_finish(&cbb, NULL, &outlen)) | ||
| 2274 | goto err; | ||
| 2275 | if (outlen > INT_MAX) | ||
| 2276 | goto err; | ||
| 2277 | n = (int)outlen; | ||
| 2278 | } else if (alg_k & SSL_kGOST) { | 2254 | } else if (alg_k & SSL_kGOST) { |
| 2279 | if (!CBB_init_fixed(&cbb, p, bufend - p)) | 2255 | if (ssl3_send_client_kex_gost(s, sess_cert, &kex) != 1) |
| 2280 | goto err; | ||
| 2281 | if (ssl3_send_client_kex_gost(s, sess_cert, &cbb) != 1) | ||
| 2282 | goto err; | ||
| 2283 | if (!CBB_finish(&cbb, NULL, &outlen)) | ||
| 2284 | goto err; | 2256 | goto err; |
| 2285 | if (outlen > INT_MAX) | ||
| 2286 | goto err; | ||
| 2287 | n = (int)outlen; | ||
| 2288 | } else { | 2257 | } else { |
| 2289 | ssl3_send_alert(s, SSL3_AL_FATAL, | 2258 | ssl3_send_alert(s, SSL3_AL_FATAL, |
| 2290 | SSL_AD_HANDSHAKE_FAILURE); | 2259 | SSL_AD_HANDSHAKE_FAILURE); |
| @@ -2293,7 +2262,8 @@ ssl3_send_client_key_exchange(SSL *s) | |||
| 2293 | goto err; | 2262 | goto err; |
| 2294 | } | 2263 | } |
| 2295 | 2264 | ||
| 2296 | ssl3_handshake_msg_finish(s, n); | 2265 | if (!ssl3_handshake_msg_finish_cbb(s, &cbb)) |
| 2266 | goto err; | ||
| 2297 | 2267 | ||
| 2298 | s->state = SSL3_ST_CW_KEY_EXCH_B; | 2268 | s->state = SSL3_ST_CW_KEY_EXCH_B; |
| 2299 | } | 2269 | } |