1 files changed, 11 insertions, 13 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 90aa80f522..22e02735c8 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.61 2019/03/31 15:49:03 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.62 2020/01/23 10:48:37 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -811,7 +811,7 @@ ssl3_get_server_hello(SSL *s)
        long n;
        s->internal->first_packet = 1;
-        n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_SRVR_HELLO_A,
+        n = ssl3_get_message(s, SSL3_ST_CR_SRVR_HELLO_A,
            SSL3_ST_CR_SRVR_HELLO_B, -1, 20000, /* ?? */ &ok);
        if (!ok)
                return ((int)n);
@@ -1048,9 +1048,8 @@ ssl3_get_server_certificate(SSL *s)
        SESS_CERT               *sc;
        EVP_PKEY                *pkey = NULL;
-        n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_CERT_A,
+        n = ssl3_get_message(s, SSL3_ST_CR_CERT_A,
            SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok);
        if (!ok)
                return ((int)n);
@@ -1443,7 +1442,7 @@ ssl3_get_server_key_exchange(SSL *s)
         * Use same message size as in ssl3_get_certificate_request()
         * as ServerKeyExchange message may be skipped.
         */
-        n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_KEY_EXCH_A,
+        n = ssl3_get_message(s, SSL3_ST_CR_KEY_EXCH_A,
            SSL3_ST_CR_KEY_EXCH_B, -1, s->internal->max_cert_list, &ok);
        if (!ok)
                return ((int)n);
@@ -1611,9 +1610,8 @@ ssl3_get_certificate_request(SSL *s)
        const unsigned char     *q;
        STACK_OF(X509_NAME)     *ca_sk = NULL;
-        n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_CERT_REQ_A,
+        n = ssl3_get_message(s, SSL3_ST_CR_CERT_REQ_A,
            SSL3_ST_CR_CERT_REQ_B, -1, s->internal->max_cert_list, &ok);
        if (!ok)
                return ((int)n);
@@ -1765,7 +1763,7 @@ ssl3_get_new_session_ticket(SSL *s)
        long                     n;
        CBS                      cbs, session_ticket;
-        n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_SESSION_TICKET_A,
+        n = ssl3_get_message(s, SSL3_ST_CR_SESSION_TICKET_A,
            SSL3_ST_CR_SESSION_TICKET_B, -1, 16384, &ok);
        if (!ok)
                return ((int)n);
@@ -1841,10 +1839,9 @@ ssl3_get_cert_status(SSL *s)
        long                     n;
        uint8_t                  status_type;
-        n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_CERT_STATUS_A,
+        n = ssl3_get_message(s, SSL3_ST_CR_CERT_STATUS_A,
            SSL3_ST_CR_CERT_STATUS_B, SSL3_MT_CERTIFICATE_STATUS,
            16384, &ok);
        if (!ok)
                return ((int)n);
@@ -1913,12 +1910,12 @@ ssl3_get_server_done(SSL *s)
        int     ok, ret = 0;
        long    n;
-        n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_SRVR_DONE_A,
+        n = ssl3_get_message(s, SSL3_ST_CR_SRVR_DONE_A,
            SSL3_ST_CR_SRVR_DONE_B, SSL3_MT_SERVER_DONE,
            30, /* should be very small, like 0 :-) */ &ok);
        if (!ok)
                return ((int)n);
        if (n > 0) {
                /* should contain no data */
                ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
@@ -2796,10 +2793,11 @@ ssl3_check_finished(SSL *s)
                return (1);
        /* this function is called when we really expect a Certificate
         * message, so permit appropriate message length */
-        n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_CERT_A,
+        n = ssl3_get_message(s, SSL3_ST_CR_CERT_A,
            SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok);
        if (!ok)
                return ((int)n);
        S3I(s)->tmp.reuse_message = 1;
        if ((S3I(s)->tmp.message_type == SSL3_MT_FINISHED) ||
            (S3I(s)->tmp.message_type == SSL3_MT_NEWSESSION_TICKET))

diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 90aa80f522..22e02735c8 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_clnt.c,v 1.61 2019/03/31 15:49:03 jsing Exp $ */	1	/* $OpenBSD: ssl_clnt.c,v 1.62 2020/01/23 10:48:37 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -811,7 +811,7 @@ ssl3_get_server_hello(SSL *s)
811	long n;	811	long n;
812		812
813	s->internal->first_packet = 1;	813	s->internal->first_packet = 1;
814	n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_SRVR_HELLO_A,	814	n = ssl3_get_message(s, SSL3_ST_CR_SRVR_HELLO_A,
815	SSL3_ST_CR_SRVR_HELLO_B, -1, 20000, /* ?? */ &ok);	815	SSL3_ST_CR_SRVR_HELLO_B, -1, 20000, /* ?? */ &ok);
816	if (!ok)	816	if (!ok)
817	return ((int)n);	817	return ((int)n);
@@ -1048,9 +1048,8 @@ ssl3_get_server_certificate(SSL *s)
1048	SESS_CERT *sc;	1048	SESS_CERT *sc;
1049	EVP_PKEY *pkey = NULL;	1049	EVP_PKEY *pkey = NULL;
1050		1050
1051	n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_CERT_A,	1051	n = ssl3_get_message(s, SSL3_ST_CR_CERT_A,
1052	SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok);	1052	SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok);
1053
1054	if (!ok)	1053	if (!ok)
1055	return ((int)n);	1054	return ((int)n);
1056		1055
@@ -1443,7 +1442,7 @@ ssl3_get_server_key_exchange(SSL *s)
1443	* Use same message size as in ssl3_get_certificate_request()	1442	* Use same message size as in ssl3_get_certificate_request()
1444	* as ServerKeyExchange message may be skipped.	1443	* as ServerKeyExchange message may be skipped.
1445	*/	1444	*/
1446	n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_KEY_EXCH_A,	1445	n = ssl3_get_message(s, SSL3_ST_CR_KEY_EXCH_A,
1447	SSL3_ST_CR_KEY_EXCH_B, -1, s->internal->max_cert_list, &ok);	1446	SSL3_ST_CR_KEY_EXCH_B, -1, s->internal->max_cert_list, &ok);
1448	if (!ok)	1447	if (!ok)
1449	return ((int)n);	1448	return ((int)n);
@@ -1611,9 +1610,8 @@ ssl3_get_certificate_request(SSL *s)
1611	const unsigned char *q;	1610	const unsigned char *q;
1612	STACK_OF(X509_NAME) *ca_sk = NULL;	1611	STACK_OF(X509_NAME) *ca_sk = NULL;
1613		1612
1614	n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_CERT_REQ_A,	1613	n = ssl3_get_message(s, SSL3_ST_CR_CERT_REQ_A,
1615	SSL3_ST_CR_CERT_REQ_B, -1, s->internal->max_cert_list, &ok);	1614	SSL3_ST_CR_CERT_REQ_B, -1, s->internal->max_cert_list, &ok);
1616
1617	if (!ok)	1615	if (!ok)
1618	return ((int)n);	1616	return ((int)n);
1619		1617
@@ -1765,7 +1763,7 @@ ssl3_get_new_session_ticket(SSL *s)
1765	long n;	1763	long n;
1766	CBS cbs, session_ticket;	1764	CBS cbs, session_ticket;
1767		1765
1768	n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_SESSION_TICKET_A,	1766	n = ssl3_get_message(s, SSL3_ST_CR_SESSION_TICKET_A,
1769	SSL3_ST_CR_SESSION_TICKET_B, -1, 16384, &ok);	1767	SSL3_ST_CR_SESSION_TICKET_B, -1, 16384, &ok);
1770	if (!ok)	1768	if (!ok)
1771	return ((int)n);	1769	return ((int)n);
@@ -1841,10 +1839,9 @@ ssl3_get_cert_status(SSL *s)
1841	long n;	1839	long n;
1842	uint8_t status_type;	1840	uint8_t status_type;
1843		1841
1844	n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_CERT_STATUS_A,	1842	n = ssl3_get_message(s, SSL3_ST_CR_CERT_STATUS_A,
1845	SSL3_ST_CR_CERT_STATUS_B, SSL3_MT_CERTIFICATE_STATUS,	1843	SSL3_ST_CR_CERT_STATUS_B, SSL3_MT_CERTIFICATE_STATUS,
1846	16384, &ok);	1844	16384, &ok);
1847
1848	if (!ok)	1845	if (!ok)
1849	return ((int)n);	1846	return ((int)n);
1850		1847
@@ -1913,12 +1910,12 @@ ssl3_get_server_done(SSL *s)
1913	int ok, ret = 0;	1910	int ok, ret = 0;
1914	long n;	1911	long n;
1915		1912
1916	n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_SRVR_DONE_A,	1913	n = ssl3_get_message(s, SSL3_ST_CR_SRVR_DONE_A,
1917	SSL3_ST_CR_SRVR_DONE_B, SSL3_MT_SERVER_DONE,	1914	SSL3_ST_CR_SRVR_DONE_B, SSL3_MT_SERVER_DONE,
1918	30, /* should be very small, like 0 :-) */ &ok);	1915	30, /* should be very small, like 0 :-) */ &ok);
1919
1920	if (!ok)	1916	if (!ok)
1921	return ((int)n);	1917	return ((int)n);
		1918
1922	if (n > 0) {	1919	if (n > 0) {
1923	/* should contain no data */	1920	/* should contain no data */
1924	ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);	1921	ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
@@ -2796,10 +2793,11 @@ ssl3_check_finished(SSL *s)
2796	return (1);	2793	return (1);
2797	/* this function is called when we really expect a Certificate	2794	/* this function is called when we really expect a Certificate
2798	* message, so permit appropriate message length */	2795	* message, so permit appropriate message length */
2799	n = s->method->internal->ssl_get_message(s, SSL3_ST_CR_CERT_A,	2796	n = ssl3_get_message(s, SSL3_ST_CR_CERT_A,
2800	SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok);	2797	SSL3_ST_CR_CERT_B, -1, s->internal->max_cert_list, &ok);
2801	if (!ok)	2798	if (!ok)
2802	return ((int)n);	2799	return ((int)n);
		2800
2803	S3I(s)->tmp.reuse_message = 1;	2801	S3I(s)->tmp.reuse_message = 1;
2804	if ((S3I(s)->tmp.message_type == SSL3_MT_FINISHED) \|\|	2802	if ((S3I(s)->tmp.message_type == SSL3_MT_FINISHED) \|\|
2805	(S3I(s)->tmp.message_type == SSL3_MT_NEWSESSION_TICKET))	2803	(S3I(s)->tmp.message_type == SSL3_MT_NEWSESSION_TICKET))