1 files changed, 32 insertions, 16 deletions
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index ebe78808c5..5d93a3bc13 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.121 2016/11/02 11:21:05 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.122 2016/12/04 14:32:30 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1363,35 +1363,51 @@ SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
 }
 int
-ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p)
+ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p,
+    size_t maxlen, size_t *outlen)
 {
-        int              i;
+        SSL_CIPHER *cipher;
-        SSL_CIPHER      *c;
+        int ciphers = 0;
-        unsigned char   *q;
+        CBB cbb;
+        int i;
+        *outlen = 0;
        if (sk == NULL)
                return (0);
-        q = p;
+        if (!CBB_init_fixed(&cbb, p, maxlen))
+                goto err;
        for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
-                c = sk_SSL_CIPHER_value(sk, i);
+                cipher = sk_SSL_CIPHER_value(sk, i);
                /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
-                if ((c->algorithm_ssl & SSL_TLSV1_2) &&
+                if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&
                    (TLS1_get_client_version(s) < TLS1_2_VERSION))
                        continue;
-                s2n(ssl3_cipher_get_value(c), p);
+                if (!CBB_add_u16(&cbb, ssl3_cipher_get_value(cipher)))
+                        goto err;
+                ciphers++;
        }
-        /*
+        /* Add SCSV if there are other ciphers and we're not renegotiating. */
-         * If p == q, no ciphers and caller indicates an error. Otherwise
+        if (ciphers > 0 && !s->renegotiate) {
-         * add SCSV if not renegotiating.
+                if (!CBB_add_u16(&cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK))
-         */
+                        goto err;
-        if (p != q && !s->renegotiate)
+        }
-                s2n(SSL3_CK_SCSV & SSL3_CK_VALUE_MASK, p);
+        if (!CBB_finish(&cbb, NULL, outlen))
+                goto err;
+        return 1;
+ err:
+        CBB_cleanup(&cbb);
-        return (p - q);
+        return 0;
 }
 STACK_OF(SSL_CIPHER) *

diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index ebe78808c5..5d93a3bc13 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_lib.c,v 1.121 2016/11/02 11:21:05 jsing Exp $ */	1	/* $OpenBSD: ssl_lib.c,v 1.122 2016/12/04 14:32:30 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1363,35 +1363,51 @@ SSL_get_shared_ciphers(const SSL s, char buf, int len)
1363	}	1363	}
1364		1364
1365	int	1365	int
1366	ssl_cipher_list_to_bytes(SSL s, STACK_OF(SSL_CIPHER) sk, unsigned char *p)	1366	ssl_cipher_list_to_bytes(SSL s, STACK_OF(SSL_CIPHER) sk, unsigned char *p,
		1367	size_t maxlen, size_t *outlen)
1367	{	1368	{
1368	int i;	1369	SSL_CIPHER *cipher;
1369	SSL_CIPHER *c;	1370	int ciphers = 0;
1370	unsigned char *q;	1371	CBB cbb;
		1372	int i;
		1373
		1374	*outlen = 0;
1371		1375
1372	if (sk == NULL)	1376	if (sk == NULL)
1373	return (0);	1377	return (0);
1374	q = p;	1378
		1379	if (!CBB_init_fixed(&cbb, p, maxlen))
		1380	goto err;
1375		1381
1376	for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {	1382	for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
1377	c = sk_SSL_CIPHER_value(sk, i);	1383	cipher = sk_SSL_CIPHER_value(sk, i);
1378		1384
1379	/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */	1385	/* Skip TLS v1.2 only ciphersuites if lower than v1.2 */
1380	if ((c->algorithm_ssl & SSL_TLSV1_2) &&	1386	if ((cipher->algorithm_ssl & SSL_TLSV1_2) &&
1381	(TLS1_get_client_version(s) < TLS1_2_VERSION))	1387	(TLS1_get_client_version(s) < TLS1_2_VERSION))
1382	continue;	1388	continue;
1383		1389
1384	s2n(ssl3_cipher_get_value(c), p);	1390	if (!CBB_add_u16(&cbb, ssl3_cipher_get_value(cipher)))
		1391	goto err;
		1392
		1393	ciphers++;
1385	}	1394	}
1386		1395
1387	/*	1396	/* Add SCSV if there are other ciphers and we're not renegotiating. */
1388	* If p == q, no ciphers and caller indicates an error. Otherwise	1397	if (ciphers > 0 && !s->renegotiate) {
1389	* add SCSV if not renegotiating.	1398	if (!CBB_add_u16(&cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK))
1390	*/	1399	goto err;
1391	if (p != q && !s->renegotiate)	1400	}
1392	s2n(SSL3_CK_SCSV & SSL3_CK_VALUE_MASK, p);	1401
		1402	if (!CBB_finish(&cbb, NULL, outlen))
		1403	goto err;
		1404
		1405	return 1;
		1406
		1407	err:
		1408	CBB_cleanup(&cbb);
1393		1409
1394	return (p - q);	1410	return 0;
1395	}	1411	}
1396		1412
1397	STACK_OF(SSL_CIPHER) *	1413	STACK_OF(SSL_CIPHER) *