6 files changed, 52 insertions, 57 deletions
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index 6b86cfc03e..42f8cbd537 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_both.c,v 1.51 2017/05/07 04:22:24 beck Exp $ */
+/* $OpenBSD: d1_both.c,v 1.52 2017/10/08 16:24:02 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -162,9 +162,6 @@ static unsigned int dtls1_guess_mtu(unsigned int curr_mtu);
 static void dtls1_fix_message_header(SSL *s, unsigned long frag_off,
    unsigned long frag_len);
 static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p);
-static void dtls1_set_message_header_int(SSL *s, unsigned char mt,
-    unsigned long len, unsigned short seq_num, unsigned long frag_off,
-    unsigned long frag_len);
 static long dtls1_get_message_fragment(SSL *s, int st1, int stn, long max,
    int *ok);
@@ -895,40 +892,6 @@ f_err:
        return (-1);
 }
-/*
- * for these 2 messages, we need to
- * ssl->enc_read_ctx                    re-init
- * ssl->s3->internal->read_sequence             zero
- * ssl->s3->internal->read_mac_secret           re-init
- * ssl->session->read_sym_enc           assign
- * ssl->session->read_hash              assign
- */
-int
-dtls1_send_change_cipher_spec(SSL *s, int a, int b)
-{
-        unsigned char *p;
-        if (S3I(s)->hs.state == a) {
-                p = (unsigned char *)s->internal->init_buf->data;
-                *p++=SSL3_MT_CCS;
-                D1I(s)->handshake_write_seq = D1I(s)->next_handshake_write_seq;
-                s->internal->init_num = DTLS1_CCS_HEADER_LENGTH;
-                s->internal->init_off = 0;
-                dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
-                    D1I(s)->handshake_write_seq, 0, 0);
-                /* buffer the message to handle re-xmits */
-                dtls1_buffer_message(s, 1);
-                S3I(s)->hs.state = b;
-        }
-        /* SSL3_ST_CW_CHANGE_B */
-        return (dtls1_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC));
-}
 int
 dtls1_read_failed(SSL *s, int code)
 {
@@ -1182,7 +1145,7 @@ dtls1_set_message_header(SSL *s, unsigned char mt, unsigned long len,
 }
 /* don't actually do the writing, wait till the MTU has been retrieved */
-static void
+void
 dtls1_set_message_header_int(SSL *s, unsigned char mt, unsigned long len,
    unsigned short seq_num, unsigned long frag_off, unsigned long frag_len)
 {
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index 3eebf98417..c9447138d5 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_clnt.c,v 1.76 2017/05/07 04:22:24 beck Exp $ */
+/* $OpenBSD: d1_clnt.c,v 1.77 2017/10/08 16:24:02 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -427,7 +427,7 @@ dtls1_connect(SSL *s)
                case SSL3_ST_CW_CHANGE_B:
                        if (!s->internal->hit)
                                dtls1_start_timer(s);
-                        ret = dtls1_send_change_cipher_spec(s,
+                        ret = ssl3_send_change_cipher_spec(s,
                            SSL3_ST_CW_CHANGE_A, SSL3_ST_CW_CHANGE_B);
                        if (ret <= 0)
                                goto end;
diff --git a/src/lib/libssl/d1_srvr.c b/src/lib/libssl/d1_srvr.c
index ae90ee2093..f0e59a8e00 100644
--- a/src/lib/libssl/d1_srvr.c
+++ b/src/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srvr.c,v 1.88 2017/05/07 04:22:24 beck Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.89 2017/10/08 16:24:02 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -596,9 +596,8 @@ dtls1_accept(SSL *s)
                                goto end;
                        }
-                        ret = dtls1_send_change_cipher_spec(s,
+                        ret = ssl3_send_change_cipher_spec(s,
-                        SSL3_ST_SW_CHANGE_A, SSL3_ST_SW_CHANGE_B);
+                            SSL3_ST_SW_CHANGE_A, SSL3_ST_SW_CHANGE_B);
                        if (ret <= 0)
                                goto end;
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index a05116cb8f..89af1ef3bf 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.161 2017/09/25 18:04:08 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.162 2017/10/08 16:24:02 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1553,10 +1553,16 @@ ssl3_handshake_msg_finish_cbb(SSL *s, CBB *handshake)
 int
 ssl3_handshake_write(SSL *s)
 {
+        return ssl3_record_write(s, SSL3_RT_HANDSHAKE);
+}
+int
+ssl3_record_write(SSL *s, int type)
+{
        if (SSL_IS_DTLS(s))
-                return dtls1_do_write(s, SSL3_RT_HANDSHAKE);
+                return dtls1_do_write(s, type);
-        return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
+        return ssl3_do_write(s, type);
 }
 int
diff --git a/src/lib/libssl/ssl_both.c b/src/lib/libssl/ssl_both.c
index 17f93f551b..03f95977f7 100644
--- a/src/lib/libssl/ssl_both.c
+++ b/src/lib/libssl/ssl_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_both.c,v 1.10 2017/08/12 02:55:22 jsing Exp $ */
+/* $OpenBSD: ssl_both.c,v 1.11 2017/10/08 16:24:02 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -311,19 +311,44 @@ f_err:
 int
 ssl3_send_change_cipher_spec(SSL *s, int a, int b)
 {
-        unsigned char *p;
+        size_t outlen;
+        CBB cbb;
+        memset(&cbb, 0, sizeof(cbb));
        if (S3I(s)->hs.state == a) {
-                p = (unsigned char *)s->internal->init_buf->data;
+                if (!CBB_init_fixed(&cbb, s->internal->init_buf->data,
-                *p = SSL3_MT_CCS;
+                    s->internal->init_buf->length))
-                s->internal->init_num = 1;
+                        goto err;
+                if (!CBB_add_u8(&cbb, SSL3_MT_CCS))
+                        goto err;
+                if (!CBB_finish(&cbb, NULL, &outlen))
+                        goto err;
+                if (outlen > INT_MAX)
+                        goto err;
+                s->internal->init_num = (int)outlen;
                s->internal->init_off = 0;
+                if (SSL_IS_DTLS(s)) {
+                        D1I(s)->handshake_write_seq =
+                            D1I(s)->next_handshake_write_seq;
+                        dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
+                            D1I(s)->handshake_write_seq, 0, 0);
+                        dtls1_buffer_message(s, 1);
+                }
                S3I(s)->hs.state = b;
        }
        /* SSL3_ST_CW_CHANGE_B */
-        return (ssl3_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC));
+        return ssl3_record_write(s, SSL3_RT_CHANGE_CIPHER_SPEC);
+ err:
+        CBB_cleanup(&cbb);
+        return -1;
 }
 static int
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 17a4a0d4f6..2fec36fba9 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.193 2017/08/28 16:37:04 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.194 2017/10/08 16:24:02 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1147,6 +1147,7 @@ int ssl3_handshake_msg_start_cbb(SSL *s, CBB *handshake, CBB *body,
    uint8_t msg_type);
 int ssl3_handshake_msg_finish_cbb(SSL *s, CBB *handshake);
 int ssl3_handshake_write(SSL *s);
+int ssl3_record_write(SSL *s, int type);
 void tls1_record_sequence_increment(unsigned char *seq);
 int ssl3_do_change_cipher_spec(SSL *ssl);
@@ -1166,12 +1167,13 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
    unsigned int len);
 void dtls1_set_message_header(SSL *s, unsigned char mt, unsigned long len,
    unsigned long frag_off, unsigned long frag_len);
+void dtls1_set_message_header_int(SSL *s, unsigned char mt,
+    unsigned long len, unsigned short seq_num, unsigned long frag_off,
+    unsigned long frag_len);
 int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len);
 int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
-int dtls1_send_change_cipher_spec(SSL *s, int a, int b);
-unsigned long dtls1_output_cert_chain(SSL *s, X509 *x);
 int dtls1_read_failed(SSL *s, int code);
 int dtls1_buffer_message(SSL *s, int ccs);
 int dtls1_retransmit_message(SSL *s, unsigned short seq,