1 files changed, 72 insertions, 1 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index e66394a491..db9292172d 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.112 2016/11/06 13:11:40 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.113 2016/12/06 13:17:52 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -148,6 +148,7 @@
 * OTHERWISE.
 */
+#include <limits.h>
 #include <stdio.h>
 #include <openssl/dh.h>
@@ -1725,6 +1726,76 @@ ssl3_handshake_msg_finish(SSL *s, unsigned int len)
 }
 int
+ssl3_handshake_msg_start_cbb(SSL *s, CBB *handshake, CBB *body,
+    uint8_t msg_type)
+{
+        int ret = 0;
+        if (!CBB_init(handshake, SSL3_RT_MAX_PLAIN_LENGTH))
+                goto err;
+        if (!CBB_add_u8(handshake, msg_type))
+                goto err;
+        if (SSL_IS_DTLS(s)) {
+                unsigned char *data;
+                if (!CBB_add_space(handshake, &data, DTLS1_HM_HEADER_LENGTH -
+                    SSL3_HM_HEADER_LENGTH))
+                        goto err;
+        }
+        if (!CBB_add_u24_length_prefixed(handshake, body))
+                goto err;
+        ret = 1;
+ err:
+        return (ret);
+}
+int
+ssl3_handshake_msg_finish_cbb(SSL *s, CBB *handshake)
+{
+        unsigned char *data = NULL;
+        size_t outlen;
+        int ret = 0;
+        if (!CBB_finish(handshake, &data, &outlen))
+                goto err;
+        if (outlen > INT_MAX)
+                goto err;
+        if (!BUF_MEM_grow_clean(s->init_buf, outlen))
+                goto err;
+        memcpy(s->init_buf->data, data, outlen);
+        s->init_num = (int)outlen;
+        s->init_off = 0;
+        if (SSL_IS_DTLS(s)) {
+                unsigned long len;
+                uint8_t msg_type;
+                CBS cbs;
+                CBS_init(&cbs, data, outlen);
+                if (!CBS_get_u8(&cbs, &msg_type))
+                        goto err;
+                len = outlen - ssl3_handshake_msg_hdr_len(s);
+                dtls1_set_message_header(s, data, msg_type, len, 0, len);
+                dtls1_buffer_message(s, 0);
+        }
+        ret = 1;
+ err:
+        free(data);
+        return (ret);
+}
+int
 ssl3_handshake_write(SSL *s)
 {
        if (SSL_IS_DTLS(s))

diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index e66394a491..db9292172d 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_lib.c,v 1.112 2016/11/06 13:11:40 jsing Exp $ */	1	/* $OpenBSD: s3_lib.c,v 1.113 2016/12/06 13:17:52 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -148,6 +148,7 @@
148	* OTHERWISE.	148	* OTHERWISE.
149	*/	149	*/
150		150
		151	#include <limits.h>
151	#include <stdio.h>	152	#include <stdio.h>
152		153
153	#include <openssl/dh.h>	154	#include <openssl/dh.h>
@@ -1725,6 +1726,76 @@ ssl3_handshake_msg_finish(SSL *s, unsigned int len)
1725	}	1726	}
1726		1727
1727	int	1728	int
		1729	ssl3_handshake_msg_start_cbb(SSL s, CBB handshake, CBB *body,
		1730	uint8_t msg_type)
		1731	{
		1732	int ret = 0;
		1733
		1734	if (!CBB_init(handshake, SSL3_RT_MAX_PLAIN_LENGTH))
		1735	goto err;
		1736	if (!CBB_add_u8(handshake, msg_type))
		1737	goto err;
		1738	if (SSL_IS_DTLS(s)) {
		1739	unsigned char *data;
		1740
		1741	if (!CBB_add_space(handshake, &data, DTLS1_HM_HEADER_LENGTH -
		1742	SSL3_HM_HEADER_LENGTH))
		1743	goto err;
		1744	}
		1745	if (!CBB_add_u24_length_prefixed(handshake, body))
		1746	goto err;
		1747
		1748	ret = 1;
		1749
		1750	err:
		1751	return (ret);
		1752	}
		1753
		1754	int
		1755	ssl3_handshake_msg_finish_cbb(SSL s, CBB handshake)
		1756	{
		1757	unsigned char *data = NULL;
		1758	size_t outlen;
		1759	int ret = 0;
		1760
		1761	if (!CBB_finish(handshake, &data, &outlen))
		1762	goto err;
		1763
		1764	if (outlen > INT_MAX)
		1765	goto err;
		1766
		1767	if (!BUF_MEM_grow_clean(s->init_buf, outlen))
		1768	goto err;
		1769
		1770	memcpy(s->init_buf->data, data, outlen);
		1771
		1772	s->init_num = (int)outlen;
		1773	s->init_off = 0;
		1774
		1775	if (SSL_IS_DTLS(s)) {
		1776	unsigned long len;
		1777	uint8_t msg_type;
		1778	CBS cbs;
		1779
		1780	CBS_init(&cbs, data, outlen);
		1781	if (!CBS_get_u8(&cbs, &msg_type))
		1782	goto err;
		1783
		1784	len = outlen - ssl3_handshake_msg_hdr_len(s);
		1785
		1786	dtls1_set_message_header(s, data, msg_type, len, 0, len);
		1787	dtls1_buffer_message(s, 0);
		1788	}
		1789
		1790	ret = 1;
		1791
		1792	err:
		1793	free(data);
		1794
		1795	return (ret);
		1796	}
		1797
		1798	int
1728	ssl3_handshake_write(SSL *s)	1799	ssl3_handshake_write(SSL *s)
1729	{	1800	{
1730	if (SSL_IS_DTLS(s))	1801	if (SSL_IS_DTLS(s))