summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_srvr.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/ssl_srvr.c42
1 files changed, 17 insertions, 25 deletions
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 723d82fc82..5e10fa01f4 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_srvr.c,v 1.24 2017/10/10 16:51:38 jsing Exp $ */ 1/* $OpenBSD: ssl_srvr.c,v 1.25 2017/10/11 16:51:39 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -166,6 +166,7 @@
166#include <openssl/x509.h> 166#include <openssl/x509.h>
167 167
168#include "bytestring.h" 168#include "bytestring.h"
169#include "ssl_tlsext.h"
169 170
170int 171int
171ssl3_accept(SSL *s) 172ssl3_accept(SSL *s)
@@ -1046,25 +1047,19 @@ err:
1046int 1047int
1047ssl3_send_server_hello(SSL *s) 1048ssl3_send_server_hello(SSL *s)
1048{ 1049{
1049 unsigned char *bufend; 1050 CBB cbb, server_hello, session_id;
1050 unsigned char *p, *d; 1051 size_t sl;
1051 CBB cbb, session_id;
1052 size_t outlen;
1053 int sl;
1054 1052
1055 memset(&cbb, 0, sizeof(cbb)); 1053 memset(&cbb, 0, sizeof(cbb));
1056 1054
1057 bufend = (unsigned char *)s->internal->init_buf->data + SSL3_RT_MAX_PLAIN_LENGTH;
1058
1059 if (S3I(s)->hs.state == SSL3_ST_SW_SRVR_HELLO_A) { 1055 if (S3I(s)->hs.state == SSL3_ST_SW_SRVR_HELLO_A) {
1060 d = p = ssl3_handshake_msg_start(s, SSL3_MT_SERVER_HELLO); 1056 if (!ssl3_handshake_msg_start_cbb(s, &cbb, &server_hello,
1061 1057 SSL3_MT_SERVER_HELLO))
1062 if (!CBB_init_fixed(&cbb, p, bufend - p))
1063 goto err; 1058 goto err;
1064 1059
1065 if (!CBB_add_u16(&cbb, s->version)) 1060 if (!CBB_add_u16(&server_hello, s->version))
1066 goto err; 1061 goto err;
1067 if (!CBB_add_bytes(&cbb, s->s3->server_random, 1062 if (!CBB_add_bytes(&server_hello, s->s3->server_random,
1068 sizeof(s->s3->server_random))) 1063 sizeof(s->s3->server_random)))
1069 goto err; 1064 goto err;
1070 1065
@@ -1091,35 +1086,32 @@ ssl3_send_server_hello(SSL *s)
1091 s->session->session_id_length = 0; 1086 s->session->session_id_length = 0;
1092 1087
1093 sl = s->session->session_id_length; 1088 sl = s->session->session_id_length;
1094 if (sl > (int)sizeof(s->session->session_id)) { 1089 if (sl > sizeof(s->session->session_id)) {
1095 SSLerror(s, ERR_R_INTERNAL_ERROR); 1090 SSLerror(s, ERR_R_INTERNAL_ERROR);
1096 goto err; 1091 goto err;
1097 } 1092 }
1098 1093 if (!CBB_add_u8_length_prefixed(&server_hello, &session_id))
1099 if (!CBB_add_u8_length_prefixed(&cbb, &session_id))
1100 goto err; 1094 goto err;
1101 if (!CBB_add_bytes(&session_id, s->session->session_id, sl)) 1095 if (!CBB_add_bytes(&session_id, s->session->session_id, sl))
1102 goto err; 1096 goto err;
1103 1097
1104 /* Cipher suite. */ 1098 /* Cipher suite. */
1105 if (!CBB_add_u16(&cbb, 1099 if (!CBB_add_u16(&server_hello,
1106 ssl3_cipher_get_value(S3I(s)->hs.new_cipher))) 1100 ssl3_cipher_get_value(S3I(s)->hs.new_cipher)))
1107 goto err; 1101 goto err;
1108 1102
1109 /* Compression method. */ 1103 /* Compression method (null). */
1110 if (!CBB_add_u8(&cbb, 0)) 1104 if (!CBB_add_u8(&server_hello, 0))
1111 goto err; 1105 goto err;
1112 1106
1113 if (!CBB_finish(&cbb, NULL, &outlen)) 1107 /* TLS extensions */
1114 goto err; 1108 if (!tlsext_serverhello_build(s, &server_hello)) {
1115
1116 if ((p = ssl_add_serverhello_tlsext(s, p + outlen,
1117 bufend)) == NULL) {
1118 SSLerror(s, ERR_R_INTERNAL_ERROR); 1109 SSLerror(s, ERR_R_INTERNAL_ERROR);
1119 goto err; 1110 goto err;
1120 } 1111 }
1121 1112
1122 ssl3_handshake_msg_finish(s, p - d); 1113 if (!ssl3_handshake_msg_finish_cbb(s, &cbb))
1114 goto err;
1123 } 1115 }
1124 1116
1125 /* SSL3_ST_SW_SRVR_HELLO_B */ 1117 /* SSL3_ST_SW_SRVR_HELLO_B */
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-24 23:12:54 +0000