1 files changed, 81 insertions, 94 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index bcf5108975..8a4c54e7b7 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.112 2021/10/23 08:13:02 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.113 2021/10/23 08:34:36 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -779,16 +779,14 @@ ssl3_send_client_hello(SSL *s)
 int
 ssl3_get_dtls_hello_verify(SSL *s)
 {
-        long n;
+        CBS hello_verify_request, cookie;
-        int al, ok = 0;
        size_t cookie_len;
        uint16_t ssl_version;
-        CBS hello_verify_request, cookie;
+        int al, ret;
-        n = ssl3_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
+        if ((ret = ssl3_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
-            DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->internal->max_cert_list, &ok);
+            DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->internal->max_cert_list)) <= 0)
-        if (!ok)
+                return ret;
-                return ((int)n);
        if (S3I(s)->hs.tls12.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
                D1I(s)->send_cookie = 0;
@@ -796,10 +794,11 @@ ssl3_get_dtls_hello_verify(SSL *s)
                return (1);
        }
-        if (n < 0)
+        if (s->internal->init_num < 0)
                goto decode_err;
-        CBS_init(&hello_verify_request, s->internal->init_msg, n);
+        CBS_init(&hello_verify_request, s->internal->init_msg,
+            s->internal->init_num);
        if (!CBS_get_u16(&hello_verify_request, &ssl_version))
                goto decode_err;
@@ -848,20 +847,18 @@ ssl3_get_server_hello(SSL *s)
        const SSL_METHOD *method;
        unsigned long alg_k;
        size_t outlen;
-        int al, ok;
+        int al, ret;
-        long n;
        s->internal->first_packet = 1;
-        n = ssl3_get_message(s, SSL3_ST_CR_SRVR_HELLO_A,
+        if ((ret = ssl3_get_message(s, SSL3_ST_CR_SRVR_HELLO_A,
-            SSL3_ST_CR_SRVR_HELLO_B, -1, 20000, /* ?? */ &ok);
+            SSL3_ST_CR_SRVR_HELLO_B, -1, 20000 /* ?? */)) <= 0)
-        if (!ok)
+                return ret;
-                return ((int)n);
        s->internal->first_packet = 0;
-        if (n < 0)
+        if (s->internal->init_num < 0)
                goto decode_err;
-        CBS_init(&cbs, s->internal->init_msg, n);
+        CBS_init(&cbs, s->internal->init_msg, s->internal->init_num);
        if (SSL_is_dtls(s)) {
                if (S3I(s)->hs.tls12.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
@@ -1103,19 +1100,19 @@ ssl3_get_server_hello(SSL *s)
 int
 ssl3_get_server_certificate(SSL *s)
 {
-        int                      al, i, ok, ret = -1;
+        int al, i, ret;
-        long                     n;
+        CBS cbs, cert_list;
-        CBS                      cbs, cert_list;
+        X509 *x = NULL;
-        X509                    *x = NULL;
+        const unsigned char *q;
-        const unsigned char     *q;
+        STACK_OF(X509) *sk = NULL;
-        STACK_OF(X509)          *sk = NULL;
+        SESS_CERT *sc;
-        SESS_CERT               *sc;
+        EVP_PKEY *pkey = NULL;
-        EVP_PKEY                *pkey = NULL;
+        if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_A,
-        n = ssl3_get_message(s, SSL3_ST_CR_CERT_A,
+            SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list)) <= 0)
-            SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok);
+                return ret;
-        if (!ok)
-                return ((int)n);
+        ret = -1;
        if (S3I(s)->hs.tls12.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) {
                S3I(s)->hs.tls12.reuse_message = 1;
@@ -1128,16 +1125,15 @@ ssl3_get_server_certificate(SSL *s)
                goto fatal_err;
        }
        if ((sk = sk_X509_new_null()) == NULL) {
                SSLerror(s, ERR_R_MALLOC_FAILURE);
                goto err;
        }
-        if (n < 0)
+        if (s->internal->init_num < 0)
                goto decode_err;
-        CBS_init(&cbs, s->internal->init_msg, n);
+        CBS_init(&cbs, s->internal->init_msg, s->internal->init_num);
        if (CBS_len(&cbs) < 3)
                goto decode_err;
@@ -1463,9 +1459,9 @@ ssl3_get_server_key_exchange(SSL *s)
        EVP_PKEY *pkey = NULL;
        EVP_MD_CTX md_ctx;
        const unsigned char *param;
-        long n, alg_k, alg_a;
-        int al, ok;
        size_t param_len;
+        long alg_k, alg_a;
+        int al, ret;
        EVP_MD_CTX_init(&md_ctx);
@@ -1476,15 +1472,14 @@ ssl3_get_server_key_exchange(SSL *s)
         * Use same message size as in ssl3_get_certificate_request()
         * as ServerKeyExchange message may be skipped.
         */
-        n = ssl3_get_message(s, SSL3_ST_CR_KEY_EXCH_A,
+        if ((ret = ssl3_get_message(s, SSL3_ST_CR_KEY_EXCH_A,
-            SSL3_ST_CR_KEY_EXCH_B, -1, s->internal->max_cert_list, &ok);
+            SSL3_ST_CR_KEY_EXCH_B, -1, s->internal->max_cert_list)) <= 0)
-        if (!ok)
+                return ret;
-                return ((int)n);
-        if (n < 0)
+        if (s->internal->init_num < 0)
                goto err;
-        CBS_init(&cbs, s->internal->init_msg, n);
+        CBS_init(&cbs, s->internal->init_msg, s->internal->init_num);
        if (S3I(s)->hs.tls12.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {
                /*
@@ -1617,17 +1612,17 @@ ssl3_get_server_key_exchange(SSL *s)
 int
 ssl3_get_certificate_request(SSL *s)
 {
-        int                      ok, ret = 0;
+        CBS cert_request, cert_types, rdn_list;
-        long                     n;
+        X509_NAME *xn = NULL;
-        CBS                      cert_request, cert_types, rdn_list;
+        const unsigned char *q;
-        X509_NAME               *xn = NULL;
+        STACK_OF(X509_NAME) *ca_sk = NULL;
-        const unsigned char     *q;
+        int ret;
-        STACK_OF(X509_NAME)     *ca_sk = NULL;
+        if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_REQ_A,
-        n = ssl3_get_message(s, SSL3_ST_CR_CERT_REQ_A,
+            SSL3_ST_CR_CERT_REQ_B, -1, s->internal->max_cert_list)) <= 0)
-            SSL3_ST_CR_CERT_REQ_B, -1, s->internal->max_cert_list, &ok);
+                return ret;
-        if (!ok)
-                return ((int)n);
+        ret = 0;
        S3I(s)->hs.tls12.cert_request = 0;
@@ -1654,9 +1649,9 @@ ssl3_get_certificate_request(SSL *s)
                goto err;
        }
-        if (n < 0)
+        if (s->internal->init_num < 0)
                goto decode_err;
-        CBS_init(&cert_request, s->internal->init_msg, n);
+        CBS_init(&cert_request, s->internal->init_msg, s->internal->init_num);
        if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {
                SSLerror(s, ERR_R_MALLOC_FAILURE);
@@ -1761,15 +1756,15 @@ ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b)
 int
 ssl3_get_new_session_ticket(SSL *s)
 {
-        int                      ok, al, ret = 0;
+        uint32_t lifetime_hint;
-        uint32_t                 lifetime_hint;
+        CBS cbs, session_ticket;
-        long                     n;
+        int al, ret;
-        CBS                      cbs, session_ticket;
+        if ((ret = ssl3_get_message(s, SSL3_ST_CR_SESSION_TICKET_A,
+            SSL3_ST_CR_SESSION_TICKET_B, -1, 16384)) <= 0)
+                return ret;
-        n = ssl3_get_message(s, SSL3_ST_CR_SESSION_TICKET_A,
+        ret = 0;
-            SSL3_ST_CR_SESSION_TICKET_B, -1, 16384, &ok);
-        if (!ok)
-                return ((int)n);
        if (S3I(s)->hs.tls12.message_type == SSL3_MT_FINISHED) {
                S3I(s)->hs.tls12.reuse_message = 1;
@@ -1781,13 +1776,13 @@ ssl3_get_new_session_ticket(SSL *s)
                goto fatal_err;
        }
-        if (n < 0) {
+        if (s->internal->init_num < 0) {
                al = SSL_AD_DECODE_ERROR;
                SSLerror(s, SSL_R_LENGTH_MISMATCH);
                goto fatal_err;
        }
-        CBS_init(&cbs, s->internal->init_msg, n);
+        CBS_init(&cbs, s->internal->init_msg, s->internal->init_num);
        if (!CBS_get_u32(&cbs, &lifetime_hint) ||
            !CBS_get_u16_length_prefixed(&cbs, &session_ticket) ||
            CBS_len(&cbs) != 0) {
@@ -1833,15 +1828,13 @@ ssl3_get_new_session_ticket(SSL *s)
 int
 ssl3_get_cert_status(SSL *s)
 {
-        CBS                      cert_status, response;
+        CBS cert_status, response;
-        int                      ok, al;
+        uint8_t status_type;
-        long                     n;
+        int al, ret;
-        uint8_t                  status_type;
-        n = ssl3_get_message(s, SSL3_ST_CR_CERT_STATUS_A,
+        if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_STATUS_A,
-            SSL3_ST_CR_CERT_STATUS_B, -1, 16384, &ok);
+            SSL3_ST_CR_CERT_STATUS_B, -1, 16384)) <= 0)
-        if (!ok)
+                return ret;
-                return ((int)n);
        if (S3I(s)->hs.tls12.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) {
                /*
@@ -1849,8 +1842,6 @@ ssl3_get_cert_status(SSL *s)
                 * response, and has decided to head directly to key exchange.
                 */
                if (s->ctx->internal->tlsext_status_cb) {
-                        int ret;
                        free(s->internal->tlsext_ocsp_resp);
                        s->internal->tlsext_ocsp_resp = NULL;
                        s->internal->tlsext_ocsp_resp_len = 0;
@@ -1879,14 +1870,14 @@ ssl3_get_cert_status(SSL *s)
                goto fatal_err;
        }
-        if (n < 0) {
+        if (s->internal->init_num < 0) {
                /* need at least status type + length */
                al = SSL_AD_DECODE_ERROR;
                SSLerror(s, SSL_R_LENGTH_MISMATCH);
                goto fatal_err;
        }
-        CBS_init(&cert_status, s->internal->init_msg, n);
+        CBS_init(&cert_status, s->internal->init_msg, s->internal->init_num);
        if (!CBS_get_u8(&cert_status, &status_type) ||
            CBS_len(&cert_status) < 3) {
                /* need at least status type + length */
@@ -1939,23 +1930,21 @@ ssl3_get_cert_status(SSL *s)
 int
 ssl3_get_server_done(SSL *s)
 {
-        int     ok, ret = 0;
+        int ret;
-        long    n;
-        n = ssl3_get_message(s, SSL3_ST_CR_SRVR_DONE_A,
+        if ((ret = ssl3_get_message(s, SSL3_ST_CR_SRVR_DONE_A,
-            SSL3_ST_CR_SRVR_DONE_B, SSL3_MT_SERVER_DONE,
+            SSL3_ST_CR_SRVR_DONE_B, SSL3_MT_SERVER_DONE, 
-            30, /* should be very small, like 0 :-) */ &ok);
+            30 /* should be very small, like 0 :-) */)) <= 0)
-        if (!ok)
+                return ret;
-                return ((int)n);
-        if (n > 0) {
+        if (s->internal->init_num != 0) {
                /* should contain no data */
                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
                SSLerror(s, SSL_R_LENGTH_MISMATCH);
-                return (-1);
+                return -1;
        }
-        ret = 1;
-        return (ret);
+        return 1;
 }
 static int
@@ -2756,18 +2745,16 @@ ssl3_check_cert_and_algorithm(SSL *s)
 int
 ssl3_check_finished(SSL *s)
 {
-        int     ok;
+        int ret;
-        long    n;
        /* If we have no ticket it cannot be a resumed session. */
        if (!s->session->tlsext_tick)
                return (1);
        /* this function is called when we really expect a Certificate
         * message, so permit appropriate message length */
-        n = ssl3_get_message(s, SSL3_ST_CR_CERT_A,
+        if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_A,
-            SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok);
+            SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list)) <= 0)
-        if (!ok)
+                return ret;
-                return ((int)n);
        S3I(s)->hs.tls12.reuse_message = 1;
        if ((S3I(s)->hs.tls12.message_type == SSL3_MT_FINISHED) ||

diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index bcf5108975..8a4c54e7b7 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_clnt.c,v 1.112 2021/10/23 08:13:02 jsing Exp $ */	1	/* $OpenBSD: ssl_clnt.c,v 1.113 2021/10/23 08:34:36 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -779,16 +779,14 @@ ssl3_send_client_hello(SSL *s)
779	int	779	int
780	ssl3_get_dtls_hello_verify(SSL *s)	780	ssl3_get_dtls_hello_verify(SSL *s)
781	{	781	{
782	long n;	782	CBS hello_verify_request, cookie;
783	int al, ok = 0;
784	size_t cookie_len;	783	size_t cookie_len;
785	uint16_t ssl_version;	784	uint16_t ssl_version;
786	CBS hello_verify_request, cookie;	785	int al, ret;
787		786
788	n = ssl3_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,	787	if ((ret = ssl3_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
789	DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->internal->max_cert_list, &ok);	788	DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->internal->max_cert_list)) <= 0)
790	if (!ok)	789	return ret;
791	return ((int)n);
792		790
793	if (S3I(s)->hs.tls12.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {	791	if (S3I(s)->hs.tls12.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
794	D1I(s)->send_cookie = 0;	792	D1I(s)->send_cookie = 0;
@@ -796,10 +794,11 @@ ssl3_get_dtls_hello_verify(SSL *s)
796	return (1);	794	return (1);
797	}	795	}
798		796
799	if (n < 0)	797	if (s->internal->init_num < 0)
800	goto decode_err;	798	goto decode_err;
801		799
802	CBS_init(&hello_verify_request, s->internal->init_msg, n);	800	CBS_init(&hello_verify_request, s->internal->init_msg,
		801	s->internal->init_num);
803		802
804	if (!CBS_get_u16(&hello_verify_request, &ssl_version))	803	if (!CBS_get_u16(&hello_verify_request, &ssl_version))
805	goto decode_err;	804	goto decode_err;
@@ -848,20 +847,18 @@ ssl3_get_server_hello(SSL *s)
848	const SSL_METHOD *method;	847	const SSL_METHOD *method;
849	unsigned long alg_k;	848	unsigned long alg_k;
850	size_t outlen;	849	size_t outlen;
851	int al, ok;	850	int al, ret;
852	long n;
853		851
854	s->internal->first_packet = 1;	852	s->internal->first_packet = 1;
855	n = ssl3_get_message(s, SSL3_ST_CR_SRVR_HELLO_A,	853	if ((ret = ssl3_get_message(s, SSL3_ST_CR_SRVR_HELLO_A,
856	SSL3_ST_CR_SRVR_HELLO_B, -1, 20000, /* ?? */ &ok);	854	SSL3_ST_CR_SRVR_HELLO_B, -1, 20000 /* ?? */)) <= 0)
857	if (!ok)	855	return ret;
858	return ((int)n);
859	s->internal->first_packet = 0;	856	s->internal->first_packet = 0;
860		857
861	if (n < 0)	858	if (s->internal->init_num < 0)
862	goto decode_err;	859	goto decode_err;
863		860
864	CBS_init(&cbs, s->internal->init_msg, n);	861	CBS_init(&cbs, s->internal->init_msg, s->internal->init_num);
865		862
866	if (SSL_is_dtls(s)) {	863	if (SSL_is_dtls(s)) {
867	if (S3I(s)->hs.tls12.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {	864	if (S3I(s)->hs.tls12.message_type == DTLS1_MT_HELLO_VERIFY_REQUEST) {
@@ -1103,19 +1100,19 @@ ssl3_get_server_hello(SSL *s)
1103	int	1100	int
1104	ssl3_get_server_certificate(SSL *s)	1101	ssl3_get_server_certificate(SSL *s)
1105	{	1102	{
1106	int al, i, ok, ret = -1;	1103	int al, i, ret;
1107	long n;	1104	CBS cbs, cert_list;
1108	CBS cbs, cert_list;	1105	X509 *x = NULL;
1109	X509 *x = NULL;	1106	const unsigned char *q;
1110	const unsigned char *q;	1107	STACK_OF(X509) *sk = NULL;
1111	STACK_OF(X509) *sk = NULL;	1108	SESS_CERT *sc;
1112	SESS_CERT *sc;	1109	EVP_PKEY *pkey = NULL;
1113	EVP_PKEY *pkey = NULL;	1110
1114		1111	if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_A,
1115	n = ssl3_get_message(s, SSL3_ST_CR_CERT_A,	1112	SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list)) <= 0)
1116	SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok);	1113	return ret;
1117	if (!ok)	1114
1118	return ((int)n);	1115	ret = -1;
1119		1116
1120	if (S3I(s)->hs.tls12.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) {	1117	if (S3I(s)->hs.tls12.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) {
1121	S3I(s)->hs.tls12.reuse_message = 1;	1118	S3I(s)->hs.tls12.reuse_message = 1;
@@ -1128,16 +1125,15 @@ ssl3_get_server_certificate(SSL *s)
1128	goto fatal_err;	1125	goto fatal_err;
1129	}	1126	}
1130		1127
1131
1132	if ((sk = sk_X509_new_null()) == NULL) {	1128	if ((sk = sk_X509_new_null()) == NULL) {
1133	SSLerror(s, ERR_R_MALLOC_FAILURE);	1129	SSLerror(s, ERR_R_MALLOC_FAILURE);
1134	goto err;	1130	goto err;
1135	}	1131	}
1136		1132
1137	if (n < 0)	1133	if (s->internal->init_num < 0)
1138	goto decode_err;	1134	goto decode_err;
1139		1135
1140	CBS_init(&cbs, s->internal->init_msg, n);	1136	CBS_init(&cbs, s->internal->init_msg, s->internal->init_num);
1141	if (CBS_len(&cbs) < 3)	1137	if (CBS_len(&cbs) < 3)
1142	goto decode_err;	1138	goto decode_err;
1143		1139
@@ -1463,9 +1459,9 @@ ssl3_get_server_key_exchange(SSL *s)
1463	EVP_PKEY *pkey = NULL;	1459	EVP_PKEY *pkey = NULL;
1464	EVP_MD_CTX md_ctx;	1460	EVP_MD_CTX md_ctx;
1465	const unsigned char *param;	1461	const unsigned char *param;
1466	long n, alg_k, alg_a;
1467	int al, ok;
1468	size_t param_len;	1462	size_t param_len;
		1463	long alg_k, alg_a;
		1464	int al, ret;
1469		1465
1470	EVP_MD_CTX_init(&md_ctx);	1466	EVP_MD_CTX_init(&md_ctx);
1471		1467
@@ -1476,15 +1472,14 @@ ssl3_get_server_key_exchange(SSL *s)
1476	* Use same message size as in ssl3_get_certificate_request()	1472	* Use same message size as in ssl3_get_certificate_request()
1477	* as ServerKeyExchange message may be skipped.	1473	* as ServerKeyExchange message may be skipped.
1478	*/	1474	*/
1479	n = ssl3_get_message(s, SSL3_ST_CR_KEY_EXCH_A,	1475	if ((ret = ssl3_get_message(s, SSL3_ST_CR_KEY_EXCH_A,
1480	SSL3_ST_CR_KEY_EXCH_B, -1, s->internal->max_cert_list, &ok);	1476	SSL3_ST_CR_KEY_EXCH_B, -1, s->internal->max_cert_list)) <= 0)
1481	if (!ok)	1477	return ret;
1482	return ((int)n);
1483		1478
1484	if (n < 0)	1479	if (s->internal->init_num < 0)
1485	goto err;	1480	goto err;
1486		1481
1487	CBS_init(&cbs, s->internal->init_msg, n);	1482	CBS_init(&cbs, s->internal->init_msg, s->internal->init_num);
1488		1483
1489	if (S3I(s)->hs.tls12.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {	1484	if (S3I(s)->hs.tls12.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {
1490	/*	1485	/*
@@ -1617,17 +1612,17 @@ ssl3_get_server_key_exchange(SSL *s)
1617	int	1612	int
1618	ssl3_get_certificate_request(SSL *s)	1613	ssl3_get_certificate_request(SSL *s)
1619	{	1614	{
1620	int ok, ret = 0;	1615	CBS cert_request, cert_types, rdn_list;
1621	long n;	1616	X509_NAME *xn = NULL;
1622	CBS cert_request, cert_types, rdn_list;	1617	const unsigned char *q;
1623	X509_NAME *xn = NULL;	1618	STACK_OF(X509_NAME) *ca_sk = NULL;
1624	const unsigned char *q;	1619	int ret;
1625	STACK_OF(X509_NAME) *ca_sk = NULL;	1620
1626		1621	if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_REQ_A,
1627	n = ssl3_get_message(s, SSL3_ST_CR_CERT_REQ_A,	1622	SSL3_ST_CR_CERT_REQ_B, -1, s->internal->max_cert_list)) <= 0)
1628	SSL3_ST_CR_CERT_REQ_B, -1, s->internal->max_cert_list, &ok);	1623	return ret;
1629	if (!ok)	1624
1630	return ((int)n);	1625	ret = 0;
1631		1626
1632	S3I(s)->hs.tls12.cert_request = 0;	1627	S3I(s)->hs.tls12.cert_request = 0;
1633		1628
@@ -1654,9 +1649,9 @@ ssl3_get_certificate_request(SSL *s)
1654	goto err;	1649	goto err;
1655	}	1650	}
1656		1651
1657	if (n < 0)	1652	if (s->internal->init_num < 0)
1658	goto decode_err;	1653	goto decode_err;
1659	CBS_init(&cert_request, s->internal->init_msg, n);	1654	CBS_init(&cert_request, s->internal->init_msg, s->internal->init_num);
1660		1655
1661	if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {	1656	if ((ca_sk = sk_X509_NAME_new(ca_dn_cmp)) == NULL) {
1662	SSLerror(s, ERR_R_MALLOC_FAILURE);	1657	SSLerror(s, ERR_R_MALLOC_FAILURE);
@@ -1761,15 +1756,15 @@ ca_dn_cmp(const X509_NAME * const a, const X509_NAME const *b)
1761	int	1756	int
1762	ssl3_get_new_session_ticket(SSL *s)	1757	ssl3_get_new_session_ticket(SSL *s)
1763	{	1758	{
1764	int ok, al, ret = 0;	1759	uint32_t lifetime_hint;
1765	uint32_t lifetime_hint;	1760	CBS cbs, session_ticket;
1766	long n;	1761	int al, ret;
1767	CBS cbs, session_ticket;	1762
		1763	if ((ret = ssl3_get_message(s, SSL3_ST_CR_SESSION_TICKET_A,
		1764	SSL3_ST_CR_SESSION_TICKET_B, -1, 16384)) <= 0)
		1765	return ret;
1768		1766
1769	n = ssl3_get_message(s, SSL3_ST_CR_SESSION_TICKET_A,	1767	ret = 0;
1770	SSL3_ST_CR_SESSION_TICKET_B, -1, 16384, &ok);
1771	if (!ok)
1772	return ((int)n);
1773		1768
1774	if (S3I(s)->hs.tls12.message_type == SSL3_MT_FINISHED) {	1769	if (S3I(s)->hs.tls12.message_type == SSL3_MT_FINISHED) {
1775	S3I(s)->hs.tls12.reuse_message = 1;	1770	S3I(s)->hs.tls12.reuse_message = 1;
@@ -1781,13 +1776,13 @@ ssl3_get_new_session_ticket(SSL *s)
1781	goto fatal_err;	1776	goto fatal_err;
1782	}	1777	}
1783		1778
1784	if (n < 0) {	1779	if (s->internal->init_num < 0) {
1785	al = SSL_AD_DECODE_ERROR;	1780	al = SSL_AD_DECODE_ERROR;
1786	SSLerror(s, SSL_R_LENGTH_MISMATCH);	1781	SSLerror(s, SSL_R_LENGTH_MISMATCH);
1787	goto fatal_err;	1782	goto fatal_err;
1788	}	1783	}
1789		1784
1790	CBS_init(&cbs, s->internal->init_msg, n);	1785	CBS_init(&cbs, s->internal->init_msg, s->internal->init_num);
1791	if (!CBS_get_u32(&cbs, &lifetime_hint) \|\|	1786	if (!CBS_get_u32(&cbs, &lifetime_hint) \|\|
1792	!CBS_get_u16_length_prefixed(&cbs, &session_ticket) \|\|	1787	!CBS_get_u16_length_prefixed(&cbs, &session_ticket) \|\|
1793	CBS_len(&cbs) != 0) {	1788	CBS_len(&cbs) != 0) {
@@ -1833,15 +1828,13 @@ ssl3_get_new_session_ticket(SSL *s)
1833	int	1828	int
1834	ssl3_get_cert_status(SSL *s)	1829	ssl3_get_cert_status(SSL *s)
1835	{	1830	{
1836	CBS cert_status, response;	1831	CBS cert_status, response;
1837	int ok, al;	1832	uint8_t status_type;
1838	long n;	1833	int al, ret;
1839	uint8_t status_type;
1840		1834
1841	n = ssl3_get_message(s, SSL3_ST_CR_CERT_STATUS_A,	1835	if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_STATUS_A,
1842	SSL3_ST_CR_CERT_STATUS_B, -1, 16384, &ok);	1836	SSL3_ST_CR_CERT_STATUS_B, -1, 16384)) <= 0)
1843	if (!ok)	1837	return ret;
1844	return ((int)n);
1845		1838
1846	if (S3I(s)->hs.tls12.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) {	1839	if (S3I(s)->hs.tls12.message_type == SSL3_MT_SERVER_KEY_EXCHANGE) {
1847	/*	1840	/*
@@ -1849,8 +1842,6 @@ ssl3_get_cert_status(SSL *s)
1849	* response, and has decided to head directly to key exchange.	1842	* response, and has decided to head directly to key exchange.
1850	*/	1843	*/
1851	if (s->ctx->internal->tlsext_status_cb) {	1844	if (s->ctx->internal->tlsext_status_cb) {
1852	int ret;
1853
1854	free(s->internal->tlsext_ocsp_resp);	1845	free(s->internal->tlsext_ocsp_resp);
1855	s->internal->tlsext_ocsp_resp = NULL;	1846	s->internal->tlsext_ocsp_resp = NULL;
1856	s->internal->tlsext_ocsp_resp_len = 0;	1847	s->internal->tlsext_ocsp_resp_len = 0;
@@ -1879,14 +1870,14 @@ ssl3_get_cert_status(SSL *s)
1879	goto fatal_err;	1870	goto fatal_err;
1880	}	1871	}
1881		1872
1882	if (n < 0) {	1873	if (s->internal->init_num < 0) {
1883	/* need at least status type + length */	1874	/* need at least status type + length */
1884	al = SSL_AD_DECODE_ERROR;	1875	al = SSL_AD_DECODE_ERROR;
1885	SSLerror(s, SSL_R_LENGTH_MISMATCH);	1876	SSLerror(s, SSL_R_LENGTH_MISMATCH);
1886	goto fatal_err;	1877	goto fatal_err;
1887	}	1878	}
1888		1879
1889	CBS_init(&cert_status, s->internal->init_msg, n);	1880	CBS_init(&cert_status, s->internal->init_msg, s->internal->init_num);
1890	if (!CBS_get_u8(&cert_status, &status_type) \|\|	1881	if (!CBS_get_u8(&cert_status, &status_type) \|\|
1891	CBS_len(&cert_status) < 3) {	1882	CBS_len(&cert_status) < 3) {
1892	/* need at least status type + length */	1883	/* need at least status type + length */
@@ -1939,23 +1930,21 @@ ssl3_get_cert_status(SSL *s)
1939	int	1930	int
1940	ssl3_get_server_done(SSL *s)	1931	ssl3_get_server_done(SSL *s)
1941	{	1932	{
1942	int ok, ret = 0;	1933	int ret;
1943	long n;
1944		1934
1945	n = ssl3_get_message(s, SSL3_ST_CR_SRVR_DONE_A,	1935	if ((ret = ssl3_get_message(s, SSL3_ST_CR_SRVR_DONE_A,
1946	SSL3_ST_CR_SRVR_DONE_B, SSL3_MT_SERVER_DONE,	1936	SSL3_ST_CR_SRVR_DONE_B, SSL3_MT_SERVER_DONE,
1947	30, /* should be very small, like 0 :-) */ &ok);	1937	30 /* should be very small, like 0 :-) */)) <= 0)
1948	if (!ok)	1938	return ret;
1949	return ((int)n);
1950		1939
1951	if (n > 0) {	1940	if (s->internal->init_num != 0) {
1952	/* should contain no data */	1941	/* should contain no data */
1953	ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);	1942	ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
1954	SSLerror(s, SSL_R_LENGTH_MISMATCH);	1943	SSLerror(s, SSL_R_LENGTH_MISMATCH);
1955	return (-1);	1944	return -1;
1956	}	1945	}
1957	ret = 1;	1946
1958	return (ret);	1947	return 1;
1959	}	1948	}
1960		1949
1961	static int	1950	static int
@@ -2756,18 +2745,16 @@ ssl3_check_cert_and_algorithm(SSL *s)
2756	int	2745	int
2757	ssl3_check_finished(SSL *s)	2746	ssl3_check_finished(SSL *s)
2758	{	2747	{
2759	int ok;	2748	int ret;
2760	long n;
2761		2749
2762	/* If we have no ticket it cannot be a resumed session. */	2750	/* If we have no ticket it cannot be a resumed session. */
2763	if (!s->session->tlsext_tick)	2751	if (!s->session->tlsext_tick)
2764	return (1);	2752	return (1);
2765	/* this function is called when we really expect a Certificate	2753	/* this function is called when we really expect a Certificate
2766	* message, so permit appropriate message length */	2754	* message, so permit appropriate message length */
2767	n = ssl3_get_message(s, SSL3_ST_CR_CERT_A,	2755	if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_A,
2768	SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok);	2756	SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list)) <= 0)
2769	if (!ok)	2757	return ret;
2770	return ((int)n);
2771		2758
2772	S3I(s)->hs.tls12.reuse_message = 1;	2759	S3I(s)->hs.tls12.reuse_message = 1;
2773	if ((S3I(s)->hs.tls12.message_type == SSL3_MT_FINISHED) \|\|	2760	if ((S3I(s)->hs.tls12.message_type == SSL3_MT_FINISHED) \|\|