diff options
| -rw-r--r-- | src/lib/libssl/d1_both.c | 60 |
1 files changed, 35 insertions, 25 deletions
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c index 42f8cbd537..074702153c 100644 --- a/src/lib/libssl/d1_both.c +++ b/src/lib/libssl/d1_both.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_both.c,v 1.52 2017/10/08 16:24:02 jsing Exp $ */ | 1 | /* $OpenBSD: d1_both.c,v 1.53 2018/08/27 16:56:46 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -161,7 +161,8 @@ static unsigned int g_probable_mtu[] = {1500 - 28, 512 - 28, 256 - 28}; | |||
| 161 | static unsigned int dtls1_guess_mtu(unsigned int curr_mtu); | 161 | static unsigned int dtls1_guess_mtu(unsigned int curr_mtu); |
| 162 | static void dtls1_fix_message_header(SSL *s, unsigned long frag_off, | 162 | static void dtls1_fix_message_header(SSL *s, unsigned long frag_off, |
| 163 | unsigned long frag_len); | 163 | unsigned long frag_len); |
| 164 | static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p); | 164 | static int dtls1_write_message_header(const struct hm_header_st *msg_hdr, |
| 165 | unsigned long frag_off, unsigned long frag_len, unsigned char *p); | ||
| 165 | static long dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, | 166 | static long dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, |
| 166 | int *ok); | 167 | int *ok); |
| 167 | 168 | ||
| @@ -301,8 +302,10 @@ dtls1_do_write(SSL *s, int type) | |||
| 301 | dtls1_fix_message_header(s, frag_off, | 302 | dtls1_fix_message_header(s, frag_off, |
| 302 | len - DTLS1_HM_HEADER_LENGTH); | 303 | len - DTLS1_HM_HEADER_LENGTH); |
| 303 | 304 | ||
| 304 | dtls1_write_message_header(s, | 305 | if (!dtls1_write_message_header(&D1I(s)->w_msg_hdr, |
| 305 | (unsigned char *)&s->internal->init_buf->data[s->internal->init_off]); | 306 | D1I(s)->w_msg_hdr.frag_off, D1I(s)->w_msg_hdr.frag_len, |
| 307 | (unsigned char *)&s->internal->init_buf->data[s->internal->init_off])) | ||
| 308 | return -1; | ||
| 306 | 309 | ||
| 307 | OPENSSL_assert(len >= DTLS1_HM_HEADER_LENGTH); | 310 | OPENSSL_assert(len >= DTLS1_HM_HEADER_LENGTH); |
| 308 | } | 311 | } |
| @@ -348,12 +351,9 @@ dtls1_do_write(SSL *s, int type) | |||
| 348 | * Reconstruct message header is if it | 351 | * Reconstruct message header is if it |
| 349 | * is being sent in single fragment | 352 | * is being sent in single fragment |
| 350 | */ | 353 | */ |
| 351 | *p++ = msg_hdr->type; | 354 | if (!dtls1_write_message_header(msg_hdr, |
| 352 | l2n3(msg_hdr->msg_len, p); | 355 | 0, msg_hdr->msg_len, p)) |
| 353 | s2n (msg_hdr->seq, p); | 356 | return (-1); |
| 354 | l2n3(0, p); | ||
| 355 | l2n3(msg_hdr->msg_len, p); | ||
| 356 | p -= DTLS1_HM_HEADER_LENGTH; | ||
| 357 | xlen = ret; | 357 | xlen = ret; |
| 358 | } else { | 358 | } else { |
| 359 | p += DTLS1_HM_HEADER_LENGTH; | 359 | p += DTLS1_HM_HEADER_LENGTH; |
| @@ -431,13 +431,9 @@ again: | |||
| 431 | msg_len = msg_hdr->msg_len; | 431 | msg_len = msg_hdr->msg_len; |
| 432 | 432 | ||
| 433 | /* reconstruct message header */ | 433 | /* reconstruct message header */ |
| 434 | *(p++) = msg_hdr->type; | 434 | if (!dtls1_write_message_header(msg_hdr, 0, msg_len, p)) |
| 435 | l2n3(msg_len, p); | 435 | return -1; |
| 436 | s2n (msg_hdr->seq, p); | ||
| 437 | l2n3(0, p); | ||
| 438 | l2n3(msg_len, p); | ||
| 439 | 436 | ||
| 440 | p -= DTLS1_HM_HEADER_LENGTH; | ||
| 441 | msg_len += DTLS1_HM_HEADER_LENGTH; | 437 | msg_len += DTLS1_HM_HEADER_LENGTH; |
| 442 | 438 | ||
| 443 | tls1_finish_mac(s, p, msg_len); | 439 | tls1_finish_mac(s, p, msg_len); |
| @@ -1167,19 +1163,33 @@ dtls1_fix_message_header(SSL *s, unsigned long frag_off, unsigned long frag_len) | |||
| 1167 | msg_hdr->frag_len = frag_len; | 1163 | msg_hdr->frag_len = frag_len; |
| 1168 | } | 1164 | } |
| 1169 | 1165 | ||
| 1170 | static unsigned char * | 1166 | static int |
| 1171 | dtls1_write_message_header(SSL *s, unsigned char *p) | 1167 | dtls1_write_message_header(const struct hm_header_st *msg_hdr, |
| 1168 | unsigned long frag_off, unsigned long frag_len, unsigned char *p) | ||
| 1172 | { | 1169 | { |
| 1173 | struct hm_header_st *msg_hdr = &D1I(s)->w_msg_hdr; | 1170 | CBB cbb; |
| 1174 | 1171 | ||
| 1175 | *p++ = msg_hdr->type; | 1172 | /* We assume DTLS1_HM_HEADER_LENGTH bytes are available for now... */ |
| 1176 | l2n3(msg_hdr->msg_len, p); | 1173 | if (!CBB_init_fixed(&cbb, p, DTLS1_HM_HEADER_LENGTH)) |
| 1174 | return 0; | ||
| 1175 | if (!CBB_add_u8(&cbb, msg_hdr->type)) | ||
| 1176 | goto err; | ||
| 1177 | if (!CBB_add_u24(&cbb, msg_hdr->msg_len)) | ||
| 1178 | goto err; | ||
| 1179 | if (!CBB_add_u16(&cbb, msg_hdr->seq)) | ||
| 1180 | goto err; | ||
| 1181 | if (!CBB_add_u24(&cbb, frag_off)) | ||
| 1182 | goto err; | ||
| 1183 | if (!CBB_add_u24(&cbb, frag_len)) | ||
| 1184 | goto err; | ||
| 1185 | if (!CBB_finish(&cbb, NULL, NULL)) | ||
| 1186 | goto err; | ||
| 1177 | 1187 | ||
| 1178 | s2n(msg_hdr->seq, p); | 1188 | return 1; |
| 1179 | l2n3(msg_hdr->frag_off, p); | ||
| 1180 | l2n3(msg_hdr->frag_len, p); | ||
| 1181 | 1189 | ||
| 1182 | return p; | 1190 | err: |
| 1191 | CBB_cleanup(&cbb); | ||
| 1192 | return 0; | ||
| 1183 | } | 1193 | } |
| 1184 | 1194 | ||
| 1185 | unsigned int | 1195 | unsigned int |