Refactor tls1_change_cipher_state() and split the compression handling out

from the cipher and message digest handling, allowing for upcoming changes. Based on Adam Langley's chromium diffs. ok miod@
author: jsing <> 2014-05-28 13:29:18 +0000
committer: jsing <> 2014-05-28 13:29:18 +0000
commit: f817248b29e9b63b4187b2e5f775b9e6c815f3f3 (patch)
tree: 174b77dfa1642f077e16adc2c30b38f7a864266e /src
parent: 11b7ce9aaed6e67e7fb23fa5c3febf635a5e7c81 (diff)
download: openbsd-f817248b29e9b63b4187b2e5f775b9e6c815f3f3.tar.gz
openbsd-f817248b29e9b63b4187b2e5f775b9e6c815f3f3.tar.bz2
openbsd-f817248b29e9b63b4187b2e5f775b9e6c815f3f3.zip
2 files changed, 88 insertions, 64 deletions
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c
index 7b4afa4d27..f7fbf88f41 100644
--- a/src/lib/libssl/src/ssl/t1_enc.c
+++ b/src/lib/libssl/src/ssl/t1_enc.c
@@ -321,17 +321,57 @@ tls1_change_cipher_state(SSL *s, int which)
        EVP_PKEY *mac_key;
        int is_export, n, i, j, k, exp_label_len, cl;
        int reuse_dd = 0;
+        char is_read;
        is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
        c = s->s3->tmp.new_sym_enc;
        m = s->s3->tmp.new_hash;
        mac_type = s->s3->tmp.new_mac_pkey_type;
+        /*
+         * is_read is true if we have just read a ChangeCipherSpec message,
+         * that is we need to update the read cipherspec. Otherwise we have
+         * just written one.
+         */
+        is_read = (which & SSL3_CC_READ) != 0;
 #ifndef OPENSSL_NO_COMP
        comp = s->s3->tmp.new_compression;
+        if (is_read) {
+                if (s->compress != NULL) {
+                        COMP_CTX_free(s->compress);
+                        s->compress = NULL;
+                }
+                if (comp != NULL) {
+                        s->compress = COMP_CTX_new(comp->method);
+                        if (s->compress == NULL) {
+                                SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
+                                    SSL_R_COMPRESSION_LIBRARY_ERROR);
+                                goto err2;
+                        }
+                }
+        } else {
+                if (s->expand != NULL) {
+                        COMP_CTX_free(s->expand);
+                        s->expand = NULL;
+                }
+                if (comp != NULL) {
+                        s->expand = COMP_CTX_new(comp->method);
+                        if (s->expand == NULL) {
+                                SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
+                                    SSL_R_COMPRESSION_LIBRARY_ERROR);
+                                goto err2;
+                        }
+                        if (s->s3->rrec.comp == NULL)
+                                s->s3->rrec.comp =
+                                    malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
+                        if (s->s3->rrec.comp == NULL)
+                                goto err;
+                }
+        }
 #endif
+        if (is_read) {
-        if (which & SSL3_CC_READ) {
                if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
                        s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
                else
@@ -347,23 +387,7 @@ tls1_change_cipher_state(SSL *s, int which)
                }
                dd = s->enc_read_ctx;
                mac_ctx = ssl_replace_hash(&s->read_hash, NULL);
-#ifndef OPENSSL_NO_COMP
-                if (s->expand != NULL) {
-                        COMP_CTX_free(s->expand);
-                        s->expand = NULL;
-                }
-                if (comp != NULL) {
-                        s->expand = COMP_CTX_new(comp->method);
-                        if (s->expand == NULL) {
-                                SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, SSL_R_COMPRESSION_LIBRARY_ERROR);
-                                goto err2;
-                        }
-                        if (s->s3->rrec.comp == NULL)
-                                s->s3->rrec.comp = malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
-                        if (s->s3->rrec.comp == NULL)
-                                goto err;
-                }
-#endif
                /* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
                if (s->version != DTLS1_VERSION)
                        memset(&(s->s3->read_sequence[0]), 0, 8);
@@ -386,19 +410,7 @@ tls1_change_cipher_state(SSL *s, int which)
                        s->write_hash = mac_ctx;
                } else
                        mac_ctx = ssl_replace_hash(&s->write_hash, NULL);
-#ifndef OPENSSL_NO_COMP
-                if (s->compress != NULL) {
-                        COMP_CTX_free(s->compress);
-                        s->compress = NULL;
-                }
-                if (comp != NULL) {
-                        s->compress = COMP_CTX_new(comp->method);
-                        if (s->compress == NULL) {
-                                SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, SSL_R_COMPRESSION_LIBRARY_ERROR);
-                                goto err2;
-                        }
-                }
-#endif
                /* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
                if (s->version != DTLS1_VERSION)
                        memset(&(s->s3->write_sequence[0]), 0, 8);
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c
index 7b4afa4d27..f7fbf88f41 100644
--- a/src/lib/libssl/t1_enc.c
+++ b/src/lib/libssl/t1_enc.c
@@ -321,17 +321,57 @@ tls1_change_cipher_state(SSL *s, int which)
        EVP_PKEY *mac_key;
        int is_export, n, i, j, k, exp_label_len, cl;
        int reuse_dd = 0;
+        char is_read;
        is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
        c = s->s3->tmp.new_sym_enc;
        m = s->s3->tmp.new_hash;
        mac_type = s->s3->tmp.new_mac_pkey_type;
+        /*
+         * is_read is true if we have just read a ChangeCipherSpec message,
+         * that is we need to update the read cipherspec. Otherwise we have
+         * just written one.
+         */
+        is_read = (which & SSL3_CC_READ) != 0;
 #ifndef OPENSSL_NO_COMP
        comp = s->s3->tmp.new_compression;
+        if (is_read) {
+                if (s->compress != NULL) {
+                        COMP_CTX_free(s->compress);
+                        s->compress = NULL;
+                }
+                if (comp != NULL) {
+                        s->compress = COMP_CTX_new(comp->method);
+                        if (s->compress == NULL) {
+                                SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
+                                    SSL_R_COMPRESSION_LIBRARY_ERROR);
+                                goto err2;
+                        }
+                }
+        } else {
+                if (s->expand != NULL) {
+                        COMP_CTX_free(s->expand);
+                        s->expand = NULL;
+                }
+                if (comp != NULL) {
+                        s->expand = COMP_CTX_new(comp->method);
+                        if (s->expand == NULL) {
+                                SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
+                                    SSL_R_COMPRESSION_LIBRARY_ERROR);
+                                goto err2;
+                        }
+                        if (s->s3->rrec.comp == NULL)
+                                s->s3->rrec.comp =
+                                    malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
+                        if (s->s3->rrec.comp == NULL)
+                                goto err;
+                }
+        }
 #endif
+        if (is_read) {
-        if (which & SSL3_CC_READ) {
                if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
                        s->mac_flags |= SSL_MAC_FLAG_READ_MAC_STREAM;
                else
@@ -347,23 +387,7 @@ tls1_change_cipher_state(SSL *s, int which)
                }
                dd = s->enc_read_ctx;
                mac_ctx = ssl_replace_hash(&s->read_hash, NULL);
-#ifndef OPENSSL_NO_COMP
-                if (s->expand != NULL) {
-                        COMP_CTX_free(s->expand);
-                        s->expand = NULL;
-                }
-                if (comp != NULL) {
-                        s->expand = COMP_CTX_new(comp->method);
-                        if (s->expand == NULL) {
-                                SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, SSL_R_COMPRESSION_LIBRARY_ERROR);
-                                goto err2;
-                        }
-                        if (s->s3->rrec.comp == NULL)
-                                s->s3->rrec.comp = malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
-                        if (s->s3->rrec.comp == NULL)
-                                goto err;
-                }
-#endif
                /* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
                if (s->version != DTLS1_VERSION)
                        memset(&(s->s3->read_sequence[0]), 0, 8);
@@ -386,19 +410,7 @@ tls1_change_cipher_state(SSL *s, int which)
                        s->write_hash = mac_ctx;
                } else
                        mac_ctx = ssl_replace_hash(&s->write_hash, NULL);
-#ifndef OPENSSL_NO_COMP
-                if (s->compress != NULL) {
-                        COMP_CTX_free(s->compress);
-                        s->compress = NULL;
-                }
-                if (comp != NULL) {
-                        s->compress = COMP_CTX_new(comp->method);
-                        if (s->compress == NULL) {
-                                SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, SSL_R_COMPRESSION_LIBRARY_ERROR);
-                                goto err2;
-                        }
-                }
-#endif
                /* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
                if (s->version != DTLS1_VERSION)
                        memset(&(s->s3->write_sequence[0]), 0, 8);
author	jsing <>	2014-05-28 13:29:18 +0000
committer	jsing <>	2014-05-28 13:29:18 +0000
commit	f817248b29e9b63b4187b2e5f775b9e6c815f3f3 (patch)
tree	174b77dfa1642f077e16adc2c30b38f7a864266e /src
parent	11b7ce9aaed6e67e7fb23fa5c3febf635a5e7c81 (diff)
download	openbsd-f817248b29e9b63b4187b2e5f775b9e6c815f3f3.tar.gz openbsd-f817248b29e9b63b4187b2e5f775b9e6c815f3f3.tar.bz2 openbsd-f817248b29e9b63b4187b2e5f775b9e6c815f3f3.zip

diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c index 7b4afa4d27..f7fbf88f41 100644 --- a/src/lib/libssl/src/ssl/t1_enc.c +++ b/src/lib/libssl/src/ssl/t1_enc.c
@@ -321,17 +321,57 @@ tls1_change_cipher_state(SSL *s, int which)
321	EVP_PKEY *mac_key;	321	EVP_PKEY *mac_key;
322	int is_export, n, i, j, k, exp_label_len, cl;	322	int is_export, n, i, j, k, exp_label_len, cl;
323	int reuse_dd = 0;	323	int reuse_dd = 0;
		324	char is_read;
324		325
325	is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);	326	is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
326	c = s->s3->tmp.new_sym_enc;	327	c = s->s3->tmp.new_sym_enc;
327	m = s->s3->tmp.new_hash;	328	m = s->s3->tmp.new_hash;
328	mac_type = s->s3->tmp.new_mac_pkey_type;	329	mac_type = s->s3->tmp.new_mac_pkey_type;
		330
		331	/*
		332	* is_read is true if we have just read a ChangeCipherSpec message,
		333	* that is we need to update the read cipherspec. Otherwise we have
		334	* just written one.
		335	*/
		336	is_read = (which & SSL3_CC_READ) != 0;
		337
329	#ifndef OPENSSL_NO_COMP	338	#ifndef OPENSSL_NO_COMP
330	comp = s->s3->tmp.new_compression;	339	comp = s->s3->tmp.new_compression;
		340	if (is_read) {
		341	if (s->compress != NULL) {
		342	COMP_CTX_free(s->compress);
		343	s->compress = NULL;
		344	}
		345	if (comp != NULL) {
		346	s->compress = COMP_CTX_new(comp->method);
		347	if (s->compress == NULL) {
		348	SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
		349	SSL_R_COMPRESSION_LIBRARY_ERROR);
		350	goto err2;
		351	}
		352	}
		353	} else {
		354	if (s->expand != NULL) {
		355	COMP_CTX_free(s->expand);
		356	s->expand = NULL;
		357	}
		358	if (comp != NULL) {
		359	s->expand = COMP_CTX_new(comp->method);
		360	if (s->expand == NULL) {
		361	SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
		362	SSL_R_COMPRESSION_LIBRARY_ERROR);
		363	goto err2;
		364	}
		365	if (s->s3->rrec.comp == NULL)
		366	s->s3->rrec.comp =
		367	malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
		368	if (s->s3->rrec.comp == NULL)
		369	goto err;
		370	}
		371	}
331	#endif	372	#endif
332		373
333		374	if (is_read) {
334	if (which & SSL3_CC_READ) {
335	if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)	375	if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
336	s->mac_flags \|= SSL_MAC_FLAG_READ_MAC_STREAM;	376	s->mac_flags \|= SSL_MAC_FLAG_READ_MAC_STREAM;
337	else	377	else
@@ -347,23 +387,7 @@ tls1_change_cipher_state(SSL *s, int which)
347	}	387	}
348	dd = s->enc_read_ctx;	388	dd = s->enc_read_ctx;
349	mac_ctx = ssl_replace_hash(&s->read_hash, NULL);	389	mac_ctx = ssl_replace_hash(&s->read_hash, NULL);
350	#ifndef OPENSSL_NO_COMP	390
351	if (s->expand != NULL) {
352	COMP_CTX_free(s->expand);
353	s->expand = NULL;
354	}
355	if (comp != NULL) {
356	s->expand = COMP_CTX_new(comp->method);
357	if (s->expand == NULL) {
358	SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, SSL_R_COMPRESSION_LIBRARY_ERROR);
359	goto err2;
360	}
361	if (s->s3->rrec.comp == NULL)
362	s->s3->rrec.comp = malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
363	if (s->s3->rrec.comp == NULL)
364	goto err;
365	}
366	#endif
367	/* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */	391	/* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
368	if (s->version != DTLS1_VERSION)	392	if (s->version != DTLS1_VERSION)
369	memset(&(s->s3->read_sequence[0]), 0, 8);	393	memset(&(s->s3->read_sequence[0]), 0, 8);
@@ -386,19 +410,7 @@ tls1_change_cipher_state(SSL *s, int which)
386	s->write_hash = mac_ctx;	410	s->write_hash = mac_ctx;
387	} else	411	} else
388	mac_ctx = ssl_replace_hash(&s->write_hash, NULL);	412	mac_ctx = ssl_replace_hash(&s->write_hash, NULL);
389	#ifndef OPENSSL_NO_COMP	413
390	if (s->compress != NULL) {
391	COMP_CTX_free(s->compress);
392	s->compress = NULL;
393	}
394	if (comp != NULL) {
395	s->compress = COMP_CTX_new(comp->method);
396	if (s->compress == NULL) {
397	SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, SSL_R_COMPRESSION_LIBRARY_ERROR);
398	goto err2;
399	}
400	}
401	#endif
402	/* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */	414	/* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
403	if (s->version != DTLS1_VERSION)	415	if (s->version != DTLS1_VERSION)
404	memset(&(s->s3->write_sequence[0]), 0, 8);	416	memset(&(s->s3->write_sequence[0]), 0, 8);


diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index 7b4afa4d27..f7fbf88f41 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c
@@ -321,17 +321,57 @@ tls1_change_cipher_state(SSL *s, int which)
321	EVP_PKEY *mac_key;	321	EVP_PKEY *mac_key;
322	int is_export, n, i, j, k, exp_label_len, cl;	322	int is_export, n, i, j, k, exp_label_len, cl;
323	int reuse_dd = 0;	323	int reuse_dd = 0;
		324	char is_read;
324		325
325	is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);	326	is_export = SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
326	c = s->s3->tmp.new_sym_enc;	327	c = s->s3->tmp.new_sym_enc;
327	m = s->s3->tmp.new_hash;	328	m = s->s3->tmp.new_hash;
328	mac_type = s->s3->tmp.new_mac_pkey_type;	329	mac_type = s->s3->tmp.new_mac_pkey_type;
		330
		331	/*
		332	* is_read is true if we have just read a ChangeCipherSpec message,
		333	* that is we need to update the read cipherspec. Otherwise we have
		334	* just written one.
		335	*/
		336	is_read = (which & SSL3_CC_READ) != 0;
		337
329	#ifndef OPENSSL_NO_COMP	338	#ifndef OPENSSL_NO_COMP
330	comp = s->s3->tmp.new_compression;	339	comp = s->s3->tmp.new_compression;
		340	if (is_read) {
		341	if (s->compress != NULL) {
		342	COMP_CTX_free(s->compress);
		343	s->compress = NULL;
		344	}
		345	if (comp != NULL) {
		346	s->compress = COMP_CTX_new(comp->method);
		347	if (s->compress == NULL) {
		348	SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
		349	SSL_R_COMPRESSION_LIBRARY_ERROR);
		350	goto err2;
		351	}
		352	}
		353	} else {
		354	if (s->expand != NULL) {
		355	COMP_CTX_free(s->expand);
		356	s->expand = NULL;
		357	}
		358	if (comp != NULL) {
		359	s->expand = COMP_CTX_new(comp->method);
		360	if (s->expand == NULL) {
		361	SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE,
		362	SSL_R_COMPRESSION_LIBRARY_ERROR);
		363	goto err2;
		364	}
		365	if (s->s3->rrec.comp == NULL)
		366	s->s3->rrec.comp =
		367	malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
		368	if (s->s3->rrec.comp == NULL)
		369	goto err;
		370	}
		371	}
331	#endif	372	#endif
332		373
333		374	if (is_read) {
334	if (which & SSL3_CC_READ) {
335	if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)	375	if (s->s3->tmp.new_cipher->algorithm2 & TLS1_STREAM_MAC)
336	s->mac_flags \|= SSL_MAC_FLAG_READ_MAC_STREAM;	376	s->mac_flags \|= SSL_MAC_FLAG_READ_MAC_STREAM;
337	else	377	else
@@ -347,23 +387,7 @@ tls1_change_cipher_state(SSL *s, int which)
347	}	387	}
348	dd = s->enc_read_ctx;	388	dd = s->enc_read_ctx;
349	mac_ctx = ssl_replace_hash(&s->read_hash, NULL);	389	mac_ctx = ssl_replace_hash(&s->read_hash, NULL);
350	#ifndef OPENSSL_NO_COMP	390
351	if (s->expand != NULL) {
352	COMP_CTX_free(s->expand);
353	s->expand = NULL;
354	}
355	if (comp != NULL) {
356	s->expand = COMP_CTX_new(comp->method);
357	if (s->expand == NULL) {
358	SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, SSL_R_COMPRESSION_LIBRARY_ERROR);
359	goto err2;
360	}
361	if (s->s3->rrec.comp == NULL)
362	s->s3->rrec.comp = malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH);
363	if (s->s3->rrec.comp == NULL)
364	goto err;
365	}
366	#endif
367	/* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */	391	/* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
368	if (s->version != DTLS1_VERSION)	392	if (s->version != DTLS1_VERSION)
369	memset(&(s->s3->read_sequence[0]), 0, 8);	393	memset(&(s->s3->read_sequence[0]), 0, 8);
@@ -386,19 +410,7 @@ tls1_change_cipher_state(SSL *s, int which)
386	s->write_hash = mac_ctx;	410	s->write_hash = mac_ctx;
387	} else	411	} else
388	mac_ctx = ssl_replace_hash(&s->write_hash, NULL);	412	mac_ctx = ssl_replace_hash(&s->write_hash, NULL);
389	#ifndef OPENSSL_NO_COMP	413
390	if (s->compress != NULL) {
391	COMP_CTX_free(s->compress);
392	s->compress = NULL;
393	}
394	if (comp != NULL) {
395	s->compress = COMP_CTX_new(comp->method);
396	if (s->compress == NULL) {
397	SSLerr(SSL_F_TLS1_CHANGE_CIPHER_STATE, SSL_R_COMPRESSION_LIBRARY_ERROR);
398	goto err2;
399	}
400	}
401	#endif
402	/* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */	414	/* this is done by dtls1_reset_seq_numbers for DTLS1_VERSION */
403	if (s->version != DTLS1_VERSION)	415	if (s->version != DTLS1_VERSION)
404	memset(&(s->s3->write_sequence[0]), 0, 8);	416	memset(&(s->s3->write_sequence[0]), 0, 8);