diff options
| author | jsing <> | 2016-12-04 14:20:13 +0000 |
|---|---|---|
| committer | jsing <> | 2016-12-04 14:20:13 +0000 |
| commit | e7683d50eff2e1aefa31cab62a549eedbdcef5a1 (patch) | |
| tree | 0bb8957c845f87a2c84962886488a1f799644c58 /src | |
| parent | 9c689104c231dec85c07b58d09492daf475c4906 (diff) | |
| download | openbsd-e7683d50eff2e1aefa31cab62a549eedbdcef5a1.tar.gz openbsd-e7683d50eff2e1aefa31cab62a549eedbdcef5a1.tar.bz2 openbsd-e7683d50eff2e1aefa31cab62a549eedbdcef5a1.zip | |
Convert ssl3_send_server_hello() to CBB.
ok beck@ doug@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/s3_srvr.c | 56 |
1 files changed, 38 insertions, 18 deletions
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index 0873437fcb..cbdc7bc6bc 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_srvr.c,v 1.134 2016/12/03 12:34:35 jsing Exp $ */ | 1 | /* $OpenBSD: s3_srvr.c,v 1.135 2016/12/04 14:20:13 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -1090,17 +1090,25 @@ ssl3_send_server_hello(SSL *s) | |||
| 1090 | { | 1090 | { |
| 1091 | unsigned char *bufend; | 1091 | unsigned char *bufend; |
| 1092 | unsigned char *p, *d; | 1092 | unsigned char *p, *d; |
| 1093 | CBB cbb, session_id; | ||
| 1094 | size_t outlen; | ||
| 1093 | int sl; | 1095 | int sl; |
| 1094 | 1096 | ||
| 1097 | memset(&cbb, 0, sizeof(cbb)); | ||
| 1098 | |||
| 1099 | bufend = (unsigned char *)s->init_buf->data + SSL3_RT_MAX_PLAIN_LENGTH; | ||
| 1100 | |||
| 1095 | if (s->state == SSL3_ST_SW_SRVR_HELLO_A) { | 1101 | if (s->state == SSL3_ST_SW_SRVR_HELLO_A) { |
| 1096 | d = p = ssl3_handshake_msg_start(s, SSL3_MT_SERVER_HELLO); | 1102 | d = p = ssl3_handshake_msg_start(s, SSL3_MT_SERVER_HELLO); |
| 1097 | 1103 | ||
| 1098 | *(p++) = s->version >> 8; | 1104 | if (!CBB_init_fixed(&cbb, p, bufend - p)) |
| 1099 | *(p++) = s->version & 0xff; | 1105 | goto err; |
| 1100 | 1106 | ||
| 1101 | /* Random stuff */ | 1107 | if (!CBB_add_u16(&cbb, s->version)) |
| 1102 | memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE); | 1108 | goto err; |
| 1103 | p += SSL3_RANDOM_SIZE; | 1109 | if (!CBB_add_bytes(&cbb, s->s3->server_random, |
| 1110 | sizeof(s->s3->server_random))) | ||
| 1111 | goto err; | ||
| 1104 | 1112 | ||
| 1105 | /* | 1113 | /* |
| 1106 | * There are several cases for the session ID to send | 1114 | * There are several cases for the session ID to send |
| @@ -1128,24 +1136,31 @@ ssl3_send_server_hello(SSL *s) | |||
| 1128 | if (sl > (int)sizeof(s->session->session_id)) { | 1136 | if (sl > (int)sizeof(s->session->session_id)) { |
| 1129 | SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, | 1137 | SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, |
| 1130 | ERR_R_INTERNAL_ERROR); | 1138 | ERR_R_INTERNAL_ERROR); |
| 1131 | return (-1); | 1139 | goto err; |
| 1132 | } | 1140 | } |
| 1133 | *(p++) = sl; | ||
| 1134 | memcpy(p, s->session->session_id, sl); | ||
| 1135 | p += sl; | ||
| 1136 | 1141 | ||
| 1137 | /* put the cipher */ | 1142 | if (!CBB_add_u8_length_prefixed(&cbb, &session_id)) |
| 1138 | s2n(ssl3_cipher_get_value(s->s3->tmp.new_cipher), p); | 1143 | goto err; |
| 1144 | if (!CBB_add_bytes(&session_id, s->session->session_id, sl)) | ||
| 1145 | goto err; | ||
| 1146 | |||
| 1147 | /* Cipher suite. */ | ||
| 1148 | if (!CBB_add_u16(&cbb, | ||
| 1149 | ssl3_cipher_get_value(s->s3->tmp.new_cipher))) | ||
| 1150 | goto err; | ||
| 1151 | |||
| 1152 | /* Compression method. */ | ||
| 1153 | if (!CBB_add_u8(&cbb, 0)) | ||
| 1154 | goto err; | ||
| 1139 | 1155 | ||
| 1140 | /* put the compression method */ | 1156 | if (!CBB_finish(&cbb, NULL, &outlen)) |
| 1141 | *(p++) = 0; | 1157 | goto err; |
| 1142 | 1158 | ||
| 1143 | bufend = (unsigned char *)s->init_buf->data + | 1159 | if ((p = ssl_add_serverhello_tlsext(s, p + outlen, |
| 1144 | SSL3_RT_MAX_PLAIN_LENGTH; | 1160 | bufend)) == NULL) { |
| 1145 | if ((p = ssl_add_serverhello_tlsext(s, p, bufend)) == NULL) { | ||
| 1146 | SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, | 1161 | SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, |
| 1147 | ERR_R_INTERNAL_ERROR); | 1162 | ERR_R_INTERNAL_ERROR); |
| 1148 | return (-1); | 1163 | goto err; |
| 1149 | } | 1164 | } |
| 1150 | 1165 | ||
| 1151 | ssl3_handshake_msg_finish(s, p - d); | 1166 | ssl3_handshake_msg_finish(s, p - d); |
| @@ -1153,6 +1168,11 @@ ssl3_send_server_hello(SSL *s) | |||
| 1153 | 1168 | ||
| 1154 | /* SSL3_ST_SW_SRVR_HELLO_B */ | 1169 | /* SSL3_ST_SW_SRVR_HELLO_B */ |
| 1155 | return (ssl3_handshake_write(s)); | 1170 | return (ssl3_handshake_write(s)); |
| 1171 | |||
| 1172 | err: | ||
| 1173 | CBB_cleanup(&cbb); | ||
| 1174 | |||
| 1175 | return (-1); | ||
| 1156 | } | 1176 | } |
| 1157 | 1177 | ||
| 1158 | int | 1178 | int |