s3 is never NULL since s2 (formerly used for SSLv2) does not exist, so there is

no need to check for it. Fixes COV-165788, identified with help from Alex Bumstead. ok jsing@
author: bcook <> 2019-05-15 09:13:16 +0000
committer: bcook <> 2019-05-15 09:13:16 +0000
commit: 3c8e40888023ea3a64023ce924efeff05ee35993 (patch)
tree: ad1d469b4bc74c5769f8f42265d35aea8d753ad3 /src
parent: 2c2c35c0049fbdfba552a1b37df4e879e2a30af3 (diff)
download: openbsd-3c8e40888023ea3a64023ce924efeff05ee35993.tar.gz
openbsd-3c8e40888023ea3a64023ce924efeff05ee35993.tar.bz2
openbsd-3c8e40888023ea3a64023ce924efeff05ee35993.zip
3 files changed, 20 insertions, 29 deletions
diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
index 4641ac92d0..af8ef329b4 100644
--- a/src/lib/libssl/ssl_cert.c
+++ b/src/lib/libssl/ssl_cert.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_cert.c,v 1.75 2019/04/13 18:04:05 tb Exp $ */
+/* $OpenBSD: ssl_cert.c,v 1.76 2019/05/15 09:13:16 bcook Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -508,8 +508,7 @@ SSL_get_client_CA_list(const SSL *s)
 {
        if (s->internal->type == SSL_ST_CONNECT) {
                /* We are in the client. */
-                if (((s->version >> 8) == SSL3_VERSION_MAJOR) &&
+                if ((s->version >> 8) == SSL3_VERSION_MAJOR)
-                    (s->s3 != NULL))
                        return (S3I(s)->tmp.ca_names);
                else
                        return (NULL);
diff --git a/src/lib/libssl/ssl_ciphers.c b/src/lib/libssl/ssl_ciphers.c
index 374cb6684e..3abed60b5b 100644
--- a/src/lib/libssl/ssl_ciphers.c
+++ b/src/lib/libssl/ssl_ciphers.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: ssl_ciphers.c,v 1.2 2019/01/21 14:12:13 tb Exp $ */
+/*      $OpenBSD: ssl_ciphers.c,v 1.3 2019/05/15 09:13:16 bcook Exp $ */
 /*
 * Copyright (c) 2015-2017 Doug Hogan <doug@openbsd.org>
 * Copyright (c) 2015-2018 Joel Sing <jsing@openbsd.org>
@@ -95,8 +95,7 @@ ssl_bytes_to_cipher_list(SSL *s, CBS *cbs)
        uint16_t cipher_value, max_version;
        unsigned long cipher_id;
-        if (s->s3 != NULL)
+        S3I(s)->send_connection_binding = 0;
-                S3I(s)->send_connection_binding = 0;
        if ((ciphers = sk_SSL_CIPHER_new_null()) == NULL) {
                SSLerror(s, ERR_R_MALLOC_FAILURE);
@@ -111,7 +110,7 @@ ssl_bytes_to_cipher_list(SSL *s, CBS *cbs)
                cipher_id = SSL3_CK_ID | cipher_value;
-                if (s->s3 != NULL && cipher_id == SSL3_CK_SCSV) {
+                if (cipher_id == SSL3_CK_SCSV) {
                        /*
                         * TLS_EMPTY_RENEGOTIATION_INFO_SCSV is fatal if
                         * renegotiating.
@@ -137,9 +136,8 @@ ssl_bytes_to_cipher_list(SSL *s, CBS *cbs)
                        max_version = ssl_max_server_version(s);
                        if (max_version == 0 || s->version < max_version) {
                                SSLerror(s, SSL_R_INAPPROPRIATE_FALLBACK);
-                                if (s->s3 != NULL)
+                                ssl3_send_alert(s, SSL3_AL_FATAL,
-                                        ssl3_send_alert(s, SSL3_AL_FATAL,
+                                        SSL_AD_INAPPROPRIATE_FALLBACK);
-                                            SSL_AD_INAPPROPRIATE_FALLBACK);
                                goto err;
                        }
                        continue;
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index adcaa1b3cc..bf370cbfb2 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.204 2019/03/25 17:33:26 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.205 2019/05/15 09:13:16 bcook Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -696,14 +696,12 @@ err:
 size_t
 SSL_get_finished(const SSL *s, void *buf, size_t count)
 {
-        size_t  ret = 0;
+        size_t  ret;
-        if (s->s3 != NULL) {
+        ret = S3I(s)->tmp.finish_md_len;
-                ret = S3I(s)->tmp.finish_md_len;
+        if (count > ret)
-                if (count > ret)
+                count = ret;
-                        count = ret;
+        memcpy(buf, S3I(s)->tmp.finish_md, count);
-                memcpy(buf, S3I(s)->tmp.finish_md, count);
-        }
        return (ret);
 }
@@ -711,14 +709,12 @@ SSL_get_finished(const SSL *s, void *buf, size_t count)
 size_t
 SSL_get_peer_finished(const SSL *s, void *buf, size_t count)
 {
-        size_t  ret = 0;
+        size_t  ret;
-        if (s->s3 != NULL) {
+        ret = S3I(s)->tmp.peer_finish_md_len;
-                ret = S3I(s)->tmp.peer_finish_md_len;
+        if (count > ret)
-                if (count > ret)
+                count = ret;
-                        count = ret;
+        memcpy(buf, S3I(s)->tmp.peer_finish_md, count);
-                memcpy(buf, S3I(s)->tmp.peer_finish_md, count);
-        }
        return (ret);
 }
@@ -1637,10 +1633,8 @@ SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
        *data = NULL;
        *len = 0;
-        if (ssl->s3 != NULL) {
+        *data = ssl->s3->internal->alpn_selected;
-                *data = ssl->s3->internal->alpn_selected;
+        *len = ssl->s3->internal->alpn_selected_len;
-                *len = ssl->s3->internal->alpn_selected_len;
-        }
 }
 int
author	bcook <>	2019-05-15 09:13:16 +0000
committer	bcook <>	2019-05-15 09:13:16 +0000
commit	3c8e40888023ea3a64023ce924efeff05ee35993 (patch)
tree	ad1d469b4bc74c5769f8f42265d35aea8d753ad3 /src
parent	2c2c35c0049fbdfba552a1b37df4e879e2a30af3 (diff)
download	openbsd-3c8e40888023ea3a64023ce924efeff05ee35993.tar.gz openbsd-3c8e40888023ea3a64023ce924efeff05ee35993.tar.bz2 openbsd-3c8e40888023ea3a64023ce924efeff05ee35993.zip