1 files changed, 6 insertions, 99 deletions
diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c
index b087535ce1..23d6b372c9 100644
--- a/src/lib/libssl/d1_clnt.c
+++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_clnt.c,v 1.47 2015/07/15 18:35:34 beck Exp $ */
+/* $OpenBSD: d1_clnt.c,v 1.48 2015/09/02 17:59:15 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -263,7 +263,7 @@ dtls1_connect(SSL *s)
                        }
                        dtls1_start_timer(s);
-                        ret = dtls1_client_hello(s);
+                        ret = ssl3_client_hello(s);
                        if (ret <= 0)
                                goto end;
@@ -275,9 +275,10 @@ dtls1_connect(SSL *s)
                        s->init_num = 0;
-                                /* turn on buffering for the next lot of output */
+                        /* turn on buffering for the next lot of output */
-                                if (s->bbio != s->wbio)
+                        if (s->bbio != s->wbio)
-                                        s->wbio = BIO_push(s->bbio, s->wbio);
+                                s->wbio = BIO_push(s->bbio, s->wbio);
                        break;
                case SSL3_ST_CR_SRVR_HELLO_A:
@@ -603,100 +604,6 @@ end:
        return (ret);
 }
-int
-dtls1_client_hello(SSL *s)
-{
-        unsigned char *bufend, *d, *p;
-        unsigned int i;
-        if (s->state == SSL3_ST_CW_CLNT_HELLO_A) {
-                SSL_SESSION *sess = s->session;
-                if ((s->session == NULL) ||
-                    (s->session->ssl_version != s->version) ||
-                    (!sess->session_id_length && !sess->tlsext_tick) ||
-                    (s->session->not_resumable)) {
-                        if (!ssl_get_new_session(s, 0))
-                                goto err;
-                }
-                /* else use the pre-loaded session */
-                p = s->s3->client_random;
-                /* if client_random is initialized, reuse it, we are
-                 * required to use same upon reply to HelloVerify */
-                for (i = 0; p[i]=='\0' && i < sizeof(s->s3->client_random); i++)
-                        ;
-                if (i == sizeof(s->s3->client_random))
-                        arc4random_buf(p, sizeof(s->s3->client_random));
-                d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO);
-                *(p++) = s->version >> 8;
-                *(p++) = s->version&0xff;
-                s->client_version = s->version;
-                /* Random stuff */
-                memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
-                p += SSL3_RANDOM_SIZE;
-                /* Session ID */
-                if (s->new_session)
-                        i = 0;
-                else
-                        i = s->session->session_id_length;
-                *(p++) = i;
-                if (i != 0) {
-                        if (i > sizeof s->session->session_id) {
-                                SSLerr(SSL_F_DTLS1_CLIENT_HELLO,
-                                    ERR_R_INTERNAL_ERROR);
-                                goto err;
-                        }
-                        memcpy(p, s->session->session_id, i);
-                        p += i;
-                }
-                /* cookie stuff */
-                if (s->d1->cookie_len > sizeof(s->d1->cookie)) {
-                        SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-                        goto err;
-                }
-                *(p++) = s->d1->cookie_len;
-                memcpy(p, s->d1->cookie, s->d1->cookie_len);
-                p += s->d1->cookie_len;
-                /* Ciphers supported */
-                i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]);
-                if (i == 0) {
-                        SSLerr(SSL_F_DTLS1_CLIENT_HELLO,
-                            SSL_R_NO_CIPHERS_AVAILABLE);
-                        goto err;
-                }
-                s2n(i, p);
-                p += i;
-                /* add in (no) COMPRESSION */
-                *(p++) = 1;
-                *(p++) = 0; /* Add the NULL method */
-                bufend = (unsigned char *)s->init_buf->data +
-                    SSL3_RT_MAX_PLAIN_LENGTH;
-                if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) {
-                        SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-                        goto err;
-                }
-                ssl3_handshake_msg_finish(s, p - d);
-                s->state = SSL3_ST_CW_CLNT_HELLO_B;
-        }
-        /* SSL3_ST_CW_CLNT_HELLO_B */
-        return (ssl3_handshake_write(s));
-err:
-        return (-1);
-}
 static int
 dtls1_get_hello_verify(SSL *s)
 {

diff --git a/src/lib/libssl/d1_clnt.c b/src/lib/libssl/d1_clnt.c index b087535ce1..23d6b372c9 100644 --- a/src/lib/libssl/d1_clnt.c +++ b/src/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_clnt.c,v 1.47 2015/07/15 18:35:34 beck Exp $ */	1	/* $OpenBSD: d1_clnt.c,v 1.48 2015/09/02 17:59:15 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -263,7 +263,7 @@ dtls1_connect(SSL *s)
263	}	263	}
264		264
265	dtls1_start_timer(s);	265	dtls1_start_timer(s);
266	ret = dtls1_client_hello(s);	266	ret = ssl3_client_hello(s);
267	if (ret <= 0)	267	if (ret <= 0)
268	goto end;	268	goto end;
269		269
@@ -275,9 +275,10 @@ dtls1_connect(SSL *s)
275		275
276	s->init_num = 0;	276	s->init_num = 0;
277		277
278	/* turn on buffering for the next lot of output */	278	/* turn on buffering for the next lot of output */
279	if (s->bbio != s->wbio)	279	if (s->bbio != s->wbio)
280	s->wbio = BIO_push(s->bbio, s->wbio);	280	s->wbio = BIO_push(s->bbio, s->wbio);
		281
281	break;	282	break;
282		283
283	case SSL3_ST_CR_SRVR_HELLO_A:	284	case SSL3_ST_CR_SRVR_HELLO_A:
@@ -603,100 +604,6 @@ end:
603	return (ret);	604	return (ret);
604	}	605	}
605		606
606	int
607	dtls1_client_hello(SSL *s)
608	{
609	unsigned char bufend, d, *p;
610	unsigned int i;
611
612	if (s->state == SSL3_ST_CW_CLNT_HELLO_A) {
613	SSL_SESSION *sess = s->session;
614
615	if ((s->session == NULL) \|\|
616	(s->session->ssl_version != s->version) \|\|
617	(!sess->session_id_length && !sess->tlsext_tick) \|\|
618	(s->session->not_resumable)) {
619	if (!ssl_get_new_session(s, 0))
620	goto err;
621	}
622	/* else use the pre-loaded session */
623
624	p = s->s3->client_random;
625
626	/* if client_random is initialized, reuse it, we are
627	* required to use same upon reply to HelloVerify */
628	for (i = 0; p[i]=='\0' && i < sizeof(s->s3->client_random); i++)
629	;
630	if (i == sizeof(s->s3->client_random))
631	arc4random_buf(p, sizeof(s->s3->client_random));
632
633	d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO);
634
635	*(p++) = s->version >> 8;
636	*(p++) = s->version&0xff;
637	s->client_version = s->version;
638
639	/* Random stuff */
640	memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
641	p += SSL3_RANDOM_SIZE;
642
643	/* Session ID */
644	if (s->new_session)
645	i = 0;
646	else
647	i = s->session->session_id_length;
648	*(p++) = i;
649	if (i != 0) {
650	if (i > sizeof s->session->session_id) {
651	SSLerr(SSL_F_DTLS1_CLIENT_HELLO,
652	ERR_R_INTERNAL_ERROR);
653	goto err;
654	}
655	memcpy(p, s->session->session_id, i);
656	p += i;
657	}
658
659	/* cookie stuff */
660	if (s->d1->cookie_len > sizeof(s->d1->cookie)) {
661	SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
662	goto err;
663	}
664	*(p++) = s->d1->cookie_len;
665	memcpy(p, s->d1->cookie, s->d1->cookie_len);
666	p += s->d1->cookie_len;
667
668	/* Ciphers supported */
669	i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]);
670	if (i == 0) {
671	SSLerr(SSL_F_DTLS1_CLIENT_HELLO,
672	SSL_R_NO_CIPHERS_AVAILABLE);
673	goto err;
674	}
675	s2n(i, p);
676	p += i;
677
678	/* add in (no) COMPRESSION */
679	*(p++) = 1;
680	(p++) = 0; / Add the NULL method */
681
682	bufend = (unsigned char *)s->init_buf->data +
683	SSL3_RT_MAX_PLAIN_LENGTH;
684	if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) {
685	SSLerr(SSL_F_DTLS1_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
686	goto err;
687	}
688
689	ssl3_handshake_msg_finish(s, p - d);
690
691	s->state = SSL3_ST_CW_CLNT_HELLO_B;
692	}
693
694	/* SSL3_ST_CW_CLNT_HELLO_B */
695	return (ssl3_handshake_write(s));
696	err:
697	return (-1);
698	}
699
700	static int	607	static int
701	dtls1_get_hello_verify(SSL *s)	608	dtls1_get_hello_verify(SSL *s)
702	{	609	{