1 files changed, 58 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index f11dcaa107..3d11aaaf36 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.73 2020/09/24 18:12:00 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.74 2020/10/03 18:01:55 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -318,7 +318,7 @@ ssl3_connect(SSL *s)
                case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
                case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
-                        ret = dtls1_get_hello_verify(s);
+                        ret = ssl3_get_dtls_hello_verify(s);
                        if (ret <= 0)
                                goto end;
                        dtls1_stop_timer(s);
@@ -794,6 +794,62 @@ err:
 }
 int
+ssl3_get_dtls_hello_verify(SSL *s)
+{
+        long n;
+        int al, ok = 0;
+        size_t cookie_len;
+        uint16_t ssl_version;
+        CBS hello_verify_request, cookie;
+        n = ssl3_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
+            DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->internal->max_cert_list, &ok);
+        if (!ok)
+                return ((int)n);
+        if (S3I(s)->tmp.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
+                D1I(s)->send_cookie = 0;
+                S3I(s)->tmp.reuse_message = 1;
+                return (1);
+        }
+        if (n < 0)
+                goto truncated;
+        CBS_init(&hello_verify_request, s->internal->init_msg, n);
+        if (!CBS_get_u16(&hello_verify_request, &ssl_version))
+                goto truncated;
+        if (ssl_version != s->version) {
+                SSLerror(s, SSL_R_WRONG_SSL_VERSION);
+                s->version = (s->version & 0xff00) | (ssl_version & 0xff);
+                al = SSL_AD_PROTOCOL_VERSION;
+                goto f_err;
+        }
+        if (!CBS_get_u8_length_prefixed(&hello_verify_request, &cookie))
+                goto truncated;
+        if (!CBS_write_bytes(&cookie, D1I(s)->cookie,
+            sizeof(D1I(s)->cookie), &cookie_len)) {
+                D1I(s)->cookie_len = 0;
+                al = SSL_AD_ILLEGAL_PARAMETER;
+                goto f_err;
+        }
+        D1I(s)->cookie_len = cookie_len;
+        D1I(s)->send_cookie = 1;
+        return 1;
+truncated:
+        al = SSL_AD_DECODE_ERROR;
+f_err:
+        ssl3_send_alert(s, SSL3_AL_FATAL, al);
+        return -1;
+}
+int
 ssl3_get_server_hello(SSL *s)
 {
        CBS cbs, server_random, session_id;

diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index f11dcaa107..3d11aaaf36 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_clnt.c,v 1.73 2020/09/24 18:12:00 jsing Exp $ */	1	/* $OpenBSD: ssl_clnt.c,v 1.74 2020/10/03 18:01:55 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -318,7 +318,7 @@ ssl3_connect(SSL *s)
318		318
319	case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:	319	case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A:
320	case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:	320	case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B:
321	ret = dtls1_get_hello_verify(s);	321	ret = ssl3_get_dtls_hello_verify(s);
322	if (ret <= 0)	322	if (ret <= 0)
323	goto end;	323	goto end;
324	dtls1_stop_timer(s);	324	dtls1_stop_timer(s);
@@ -794,6 +794,62 @@ err:
794	}	794	}
795		795
796	int	796	int
		797	ssl3_get_dtls_hello_verify(SSL *s)
		798	{
		799	long n;
		800	int al, ok = 0;
		801	size_t cookie_len;
		802	uint16_t ssl_version;
		803	CBS hello_verify_request, cookie;
		804
		805	n = ssl3_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
		806	DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->internal->max_cert_list, &ok);
		807	if (!ok)
		808	return ((int)n);
		809
		810	if (S3I(s)->tmp.message_type != DTLS1_MT_HELLO_VERIFY_REQUEST) {
		811	D1I(s)->send_cookie = 0;
		812	S3I(s)->tmp.reuse_message = 1;
		813	return (1);
		814	}
		815
		816	if (n < 0)
		817	goto truncated;
		818
		819	CBS_init(&hello_verify_request, s->internal->init_msg, n);
		820
		821	if (!CBS_get_u16(&hello_verify_request, &ssl_version))
		822	goto truncated;
		823
		824	if (ssl_version != s->version) {
		825	SSLerror(s, SSL_R_WRONG_SSL_VERSION);
		826	s->version = (s->version & 0xff00) \| (ssl_version & 0xff);
		827	al = SSL_AD_PROTOCOL_VERSION;
		828	goto f_err;
		829	}
		830
		831	if (!CBS_get_u8_length_prefixed(&hello_verify_request, &cookie))
		832	goto truncated;
		833
		834	if (!CBS_write_bytes(&cookie, D1I(s)->cookie,
		835	sizeof(D1I(s)->cookie), &cookie_len)) {
		836	D1I(s)->cookie_len = 0;
		837	al = SSL_AD_ILLEGAL_PARAMETER;
		838	goto f_err;
		839	}
		840	D1I(s)->cookie_len = cookie_len;
		841	D1I(s)->send_cookie = 1;
		842
		843	return 1;
		844
		845	truncated:
		846	al = SSL_AD_DECODE_ERROR;
		847	f_err:
		848	ssl3_send_alert(s, SSL3_AL_FATAL, al);
		849	return -1;
		850	}
		851
		852	int
797	ssl3_get_server_hello(SSL *s)	853	ssl3_get_server_hello(SSL *s)
798	{	854	{
799	CBS cbs, server_random, session_id;	855	CBS cbs, server_random, session_id;