summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authordoug <>2015-06-17 07:52:22 +0000
committerdoug <>2015-06-17 07:52:22 +0000
commit7f54ef182a55704066a35b2b36cfa1eb82dc9a9d (patch)
tree793174392fb7dde0c9035b6cb51ae04b19c11427 /src
parent03017600728d38864a54f4e47cbda48894eae835 (diff)
downloadopenbsd-7f54ef182a55704066a35b2b36cfa1eb82dc9a9d.tar.gz
openbsd-7f54ef182a55704066a35b2b36cfa1eb82dc9a9d.tar.bz2
openbsd-7f54ef182a55704066a35b2b36cfa1eb82dc9a9d.zip
Convert ssl_next_proto_validate to CBS.
ok miod@, tweak + ok jsing@
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/src/ssl/t1_lib.c23
-rw-r--r--src/lib/libssl/t1_lib.c23
2 files changed, 24 insertions, 22 deletions
diff --git a/src/lib/libssl/src/ssl/t1_lib.c b/src/lib/libssl/src/ssl/t1_lib.c
index 145ebf2791..fd423a9135 100644
--- a/src/lib/libssl/src/ssl/t1_lib.c
+++ b/src/lib/libssl/src/ssl/t1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_lib.c,v 1.76 2015/06/17 07:36:30 doug Exp $ */ 1/* $OpenBSD: t1_lib.c,v 1.77 2015/06/17 07:52:22 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1672,22 +1672,23 @@ ri_check:
1672 return 1; 1672 return 1;
1673} 1673}
1674 1674
1675/* ssl_next_proto_validate validates a Next Protocol Negotiation block. No 1675/*
1676 * ssl_next_proto_validate validates a Next Protocol Negotiation block. No
1676 * elements of zero length are allowed and the set of elements must exactly fill 1677 * elements of zero length are allowed and the set of elements must exactly fill
1677 * the length of the block. */ 1678 * the length of the block.
1679 */
1678static char 1680static char
1679ssl_next_proto_validate(unsigned char *d, unsigned len) 1681ssl_next_proto_validate(const unsigned char *d, unsigned int len)
1680{ 1682{
1681 unsigned int off = 0; 1683 CBS npn, value;
1682 1684
1683 while (off < len) { 1685 CBS_init(&npn, d, len);
1684 if (d[off] == 0) 1686 while (CBS_len(&npn) > 0) {
1687 if (!CBS_get_u8_length_prefixed(&npn, &value) ||
1688 CBS_len(&value) == 0)
1685 return 0; 1689 return 0;
1686 off += d[off];
1687 off++;
1688 } 1690 }
1689 1691 return 1;
1690 return off == len;
1691} 1692}
1692 1693
1693int 1694int
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 145ebf2791..fd423a9135 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: t1_lib.c,v 1.76 2015/06/17 07:36:30 doug Exp $ */ 1/* $OpenBSD: t1_lib.c,v 1.77 2015/06/17 07:52:22 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1672,22 +1672,23 @@ ri_check:
1672 return 1; 1672 return 1;
1673} 1673}
1674 1674
1675/* ssl_next_proto_validate validates a Next Protocol Negotiation block. No 1675/*
1676 * ssl_next_proto_validate validates a Next Protocol Negotiation block. No
1676 * elements of zero length are allowed and the set of elements must exactly fill 1677 * elements of zero length are allowed and the set of elements must exactly fill
1677 * the length of the block. */ 1678 * the length of the block.
1679 */
1678static char 1680static char
1679ssl_next_proto_validate(unsigned char *d, unsigned len) 1681ssl_next_proto_validate(const unsigned char *d, unsigned int len)
1680{ 1682{
1681 unsigned int off = 0; 1683 CBS npn, value;
1682 1684
1683 while (off < len) { 1685 CBS_init(&npn, d, len);
1684 if (d[off] == 0) 1686 while (CBS_len(&npn) > 0) {
1687 if (!CBS_get_u8_length_prefixed(&npn, &value) ||
1688 CBS_len(&value) == 0)
1685 return 0; 1689 return 0;
1686 off += d[off];
1687 off++;
1688 } 1690 }
1689 1691 return 1;
1690 return off == len;
1691} 1692}
1692 1693
1693int 1694int
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-01 04:24:07 +0000