diff options
| author | jsing <> | 2014-06-07 15:23:48 +0000 |
|---|---|---|
| committer | jsing <> | 2014-06-07 15:23:48 +0000 |
| commit | be87c66b077143932acac714aba190ca4a70bc75 (patch) | |
| tree | 814a87922ce72ada7fd2eb39130f7b0a76b13521 /src | |
| parent | acc9efcd81c21f083ddd54c813e692ffd635cc6a (diff) | |
| download | openbsd-be87c66b077143932acac714aba190ca4a70bc75.tar.gz openbsd-be87c66b077143932acac714aba190ca4a70bc75.tar.bz2 openbsd-be87c66b077143932acac714aba190ca4a70bc75.zip | |
Further clean up of context handling in tls1_change_cipher_state().
Rather than doing a complex dance to figure out if we should reuse the
cipher context and clean it later on, just free it and allocate a new one.
This simplifies the code path, especially in the write case where special
handling is required for DTLS.
Also, calling EVP_CIPHER_CTX_init() for a newly created cipher context is
unnecessary, since EVP_CIPHER_CTX_new() already does this (not to mention
that it was already missing from the write case).
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/src/ssl/t1_enc.c | 38 | ||||
| -rw-r--r-- | src/lib/libssl/t1_enc.c | 38 |
2 files changed, 34 insertions, 42 deletions
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c index 497b767d57..87e241edca 100644 --- a/src/lib/libssl/src/ssl/t1_enc.c +++ b/src/lib/libssl/src/ssl/t1_enc.c | |||
| @@ -324,7 +324,6 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 324 | EVP_PKEY *mac_key; | 324 | EVP_PKEY *mac_key; |
| 325 | int is_export, exp_label_len; | 325 | int is_export, exp_label_len; |
| 326 | char is_read, use_client_keys; | 326 | char is_read, use_client_keys; |
| 327 | int reuse_dd = 0; | ||
| 328 | 327 | ||
| 329 | is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher); | 328 | is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher); |
| 330 | cipher = s->s3->tmp.new_sym_enc; | 329 | cipher = s->s3->tmp.new_sym_enc; |
| @@ -388,17 +387,14 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 388 | else | 387 | else |
| 389 | s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM; | 388 | s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM; |
| 390 | 389 | ||
| 391 | if (s->enc_read_ctx != NULL) | 390 | EVP_CIPHER_CTX_free(s->enc_read_ctx); |
| 392 | reuse_dd = 1; | 391 | s->enc_read_ctx = NULL; |
| 393 | else if ((s->enc_read_ctx = malloc(sizeof(EVP_CIPHER_CTX))) == NULL) | 392 | EVP_MD_CTX_destroy(s->read_hash); |
| 394 | goto err; | 393 | s->read_hash = NULL; |
| 395 | else { | ||
| 396 | /* make sure it's intialized in case we exit later with an error */ | ||
| 397 | EVP_CIPHER_CTX_init(s->enc_read_ctx); | ||
| 398 | } | ||
| 399 | cipher_ctx = s->enc_read_ctx; | ||
| 400 | 394 | ||
| 401 | ssl_clear_hash_ctx(&s->read_hash); | 395 | if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL) |
| 396 | goto err; | ||
| 397 | s->enc_read_ctx = cipher_ctx; | ||
| 402 | if ((mac_ctx = EVP_MD_CTX_create()) == NULL) | 398 | if ((mac_ctx = EVP_MD_CTX_create()) == NULL) |
| 403 | goto err; | 399 | goto err; |
| 404 | s->read_hash = mac_ctx; | 400 | s->read_hash = mac_ctx; |
| @@ -411,11 +407,6 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 411 | s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM; | 407 | s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM; |
| 412 | else | 408 | else |
| 413 | s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM; | 409 | s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM; |
| 414 | if (s->enc_write_ctx != NULL && !SSL_IS_DTLS(s)) | ||
| 415 | reuse_dd = 1; | ||
| 416 | else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL) | ||
| 417 | goto err; | ||
| 418 | cipher_ctx = s->enc_write_ctx; | ||
| 419 | 410 | ||
| 420 | /* | 411 | /* |
| 421 | * DTLS fragments retain a pointer to the compression, cipher | 412 | * DTLS fragments retain a pointer to the compression, cipher |
| @@ -424,8 +415,15 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 424 | * contexts that are used for DTLS - these are instead freed | 415 | * contexts that are used for DTLS - these are instead freed |
| 425 | * by DTLS when its frees a ChangeCipherSpec fragment. | 416 | * by DTLS when its frees a ChangeCipherSpec fragment. |
| 426 | */ | 417 | */ |
| 427 | if (!SSL_IS_DTLS(s)) | 418 | if (!SSL_IS_DTLS(s)) { |
| 428 | ssl_clear_hash_ctx(&s->write_hash); | 419 | EVP_CIPHER_CTX_free(s->enc_write_ctx); |
| 420 | s->enc_write_ctx = NULL; | ||
| 421 | EVP_MD_CTX_destroy(s->write_hash); | ||
| 422 | s->write_hash = NULL; | ||
| 423 | } | ||
| 424 | if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL) | ||
| 425 | goto err; | ||
| 426 | s->enc_write_ctx = cipher_ctx; | ||
| 429 | if ((mac_ctx = EVP_MD_CTX_create()) == NULL) | 427 | if ((mac_ctx = EVP_MD_CTX_create()) == NULL) |
| 430 | goto err; | 428 | goto err; |
| 431 | s->write_hash = mac_ctx; | 429 | s->write_hash = mac_ctx; |
| @@ -435,9 +433,6 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 435 | memset(&(s->s3->write_sequence[0]), 0, 8); | 433 | memset(&(s->s3->write_sequence[0]), 0, 8); |
| 436 | } | 434 | } |
| 437 | 435 | ||
| 438 | if (reuse_dd) | ||
| 439 | EVP_CIPHER_CTX_cleanup(cipher_ctx); | ||
| 440 | |||
| 441 | key_len = EVP_CIPHER_key_length(cipher); | 436 | key_len = EVP_CIPHER_key_length(cipher); |
| 442 | if (is_export) { | 437 | if (is_export) { |
| 443 | if (key_len > SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) | 438 | if (key_len > SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) |
| @@ -499,6 +494,7 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 499 | EVP_DigestSignInit(mac_ctx, NULL, mac, NULL, mac_key); | 494 | EVP_DigestSignInit(mac_ctx, NULL, mac, NULL, mac_key); |
| 500 | EVP_PKEY_free(mac_key); | 495 | EVP_PKEY_free(mac_key); |
| 501 | } | 496 | } |
| 497 | |||
| 502 | if (is_export) { | 498 | if (is_export) { |
| 503 | /* In here I set both the read and write key/iv to the | 499 | /* In here I set both the read and write key/iv to the |
| 504 | * same value since only the correct one will be used :-). | 500 | * same value since only the correct one will be used :-). |
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 497b767d57..87e241edca 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -324,7 +324,6 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 324 | EVP_PKEY *mac_key; | 324 | EVP_PKEY *mac_key; |
| 325 | int is_export, exp_label_len; | 325 | int is_export, exp_label_len; |
| 326 | char is_read, use_client_keys; | 326 | char is_read, use_client_keys; |
| 327 | int reuse_dd = 0; | ||
| 328 | 327 | ||
| 329 | is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher); | 328 | is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher); |
| 330 | cipher = s->s3->tmp.new_sym_enc; | 329 | cipher = s->s3->tmp.new_sym_enc; |
| @@ -388,17 +387,14 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 388 | else | 387 | else |
| 389 | s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM; | 388 | s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_STREAM; |
| 390 | 389 | ||
| 391 | if (s->enc_read_ctx != NULL) | 390 | EVP_CIPHER_CTX_free(s->enc_read_ctx); |
| 392 | reuse_dd = 1; | 391 | s->enc_read_ctx = NULL; |
| 393 | else if ((s->enc_read_ctx = malloc(sizeof(EVP_CIPHER_CTX))) == NULL) | 392 | EVP_MD_CTX_destroy(s->read_hash); |
| 394 | goto err; | 393 | s->read_hash = NULL; |
| 395 | else { | ||
| 396 | /* make sure it's intialized in case we exit later with an error */ | ||
| 397 | EVP_CIPHER_CTX_init(s->enc_read_ctx); | ||
| 398 | } | ||
| 399 | cipher_ctx = s->enc_read_ctx; | ||
| 400 | 394 | ||
| 401 | ssl_clear_hash_ctx(&s->read_hash); | 395 | if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL) |
| 396 | goto err; | ||
| 397 | s->enc_read_ctx = cipher_ctx; | ||
| 402 | if ((mac_ctx = EVP_MD_CTX_create()) == NULL) | 398 | if ((mac_ctx = EVP_MD_CTX_create()) == NULL) |
| 403 | goto err; | 399 | goto err; |
| 404 | s->read_hash = mac_ctx; | 400 | s->read_hash = mac_ctx; |
| @@ -411,11 +407,6 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 411 | s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM; | 407 | s->mac_flags |= SSL_MAC_FLAG_WRITE_MAC_STREAM; |
| 412 | else | 408 | else |
| 413 | s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM; | 409 | s->mac_flags &= ~SSL_MAC_FLAG_WRITE_MAC_STREAM; |
| 414 | if (s->enc_write_ctx != NULL && !SSL_IS_DTLS(s)) | ||
| 415 | reuse_dd = 1; | ||
| 416 | else if ((s->enc_write_ctx = EVP_CIPHER_CTX_new()) == NULL) | ||
| 417 | goto err; | ||
| 418 | cipher_ctx = s->enc_write_ctx; | ||
| 419 | 410 | ||
| 420 | /* | 411 | /* |
| 421 | * DTLS fragments retain a pointer to the compression, cipher | 412 | * DTLS fragments retain a pointer to the compression, cipher |
| @@ -424,8 +415,15 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 424 | * contexts that are used for DTLS - these are instead freed | 415 | * contexts that are used for DTLS - these are instead freed |
| 425 | * by DTLS when its frees a ChangeCipherSpec fragment. | 416 | * by DTLS when its frees a ChangeCipherSpec fragment. |
| 426 | */ | 417 | */ |
| 427 | if (!SSL_IS_DTLS(s)) | 418 | if (!SSL_IS_DTLS(s)) { |
| 428 | ssl_clear_hash_ctx(&s->write_hash); | 419 | EVP_CIPHER_CTX_free(s->enc_write_ctx); |
| 420 | s->enc_write_ctx = NULL; | ||
| 421 | EVP_MD_CTX_destroy(s->write_hash); | ||
| 422 | s->write_hash = NULL; | ||
| 423 | } | ||
| 424 | if ((cipher_ctx = EVP_CIPHER_CTX_new()) == NULL) | ||
| 425 | goto err; | ||
| 426 | s->enc_write_ctx = cipher_ctx; | ||
| 429 | if ((mac_ctx = EVP_MD_CTX_create()) == NULL) | 427 | if ((mac_ctx = EVP_MD_CTX_create()) == NULL) |
| 430 | goto err; | 428 | goto err; |
| 431 | s->write_hash = mac_ctx; | 429 | s->write_hash = mac_ctx; |
| @@ -435,9 +433,6 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 435 | memset(&(s->s3->write_sequence[0]), 0, 8); | 433 | memset(&(s->s3->write_sequence[0]), 0, 8); |
| 436 | } | 434 | } |
| 437 | 435 | ||
| 438 | if (reuse_dd) | ||
| 439 | EVP_CIPHER_CTX_cleanup(cipher_ctx); | ||
| 440 | |||
| 441 | key_len = EVP_CIPHER_key_length(cipher); | 436 | key_len = EVP_CIPHER_key_length(cipher); |
| 442 | if (is_export) { | 437 | if (is_export) { |
| 443 | if (key_len > SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) | 438 | if (key_len > SSL_C_EXPORT_KEYLENGTH(s->s3->tmp.new_cipher)) |
| @@ -499,6 +494,7 @@ tls1_change_cipher_state(SSL *s, int which) | |||
| 499 | EVP_DigestSignInit(mac_ctx, NULL, mac, NULL, mac_key); | 494 | EVP_DigestSignInit(mac_ctx, NULL, mac, NULL, mac_key); |
| 500 | EVP_PKEY_free(mac_key); | 495 | EVP_PKEY_free(mac_key); |
| 501 | } | 496 | } |
| 497 | |||
| 502 | if (is_export) { | 498 | if (is_export) { |
| 503 | /* In here I set both the read and write key/iv to the | 499 | /* In here I set both the read and write key/iv to the |
| 504 | * same value since only the correct one will be used :-). | 500 | * same value since only the correct one will be used :-). |