1 files changed, 1 insertions, 74 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index fbd79431db..d92fd70f5b 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.140 2018/01/27 15:30:05 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.141 2018/02/08 11:30:30 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -662,79 +662,6 @@ tls12_get_req_sig_algs(SSL *s, unsigned char **sigalgs, size_t *sigalgs_len)
 }
 int
-ssl_parse_serverhello_tlsext(SSL *s, unsigned char **p, size_t n, int *al)
-{
-        unsigned short type;
-        unsigned short size;
-        unsigned short len;
-        unsigned char *data = *p;
-        unsigned char *end = *p + n;
-        CBS cbs;
-        S3I(s)->renegotiate_seen = 0;
-        free(S3I(s)->alpn_selected);
-        S3I(s)->alpn_selected = NULL;
-        if (data == end)
-                goto ri_check;
-        if (end - data < 2)
-                goto err;
-        n2s(data, len);
-        if (end - data != len)
-                goto err;
-        while (end - data >= 4) {
-                n2s(data, type);
-                n2s(data, size);
-                if (end - data < size)
-                        goto err;
-                if (s->internal->tlsext_debug_cb)
-                        s->internal->tlsext_debug_cb(s, 1, type, data, size,
-                            s->internal->tlsext_debug_arg);
-                CBS_init(&cbs, data, size);
-                if (!tlsext_serverhello_parse_one(s, &cbs, type, al))
-                        return 0;
-                data += size;
-        }
-        if (data != end) {
-                *al = SSL_AD_DECODE_ERROR;
-                return 0;
-        }
-        *p = data;
-ri_check:
-        /* Determine if we need to see RI. Strictly speaking if we want to
-         * avoid an attack we should *always* see RI even on initial server
-         * hello because the client doesn't see any renegotiation during an
-         * attack. However this would mean we could not connect to any server
-         * which doesn't support RI so for the immediate future tolerate RI
-         * absence on initial connect only.
-         */
-        if (!S3I(s)->renegotiate_seen &&
-            !(s->internal->options & SSL_OP_LEGACY_SERVER_CONNECT)) {
-                *al = SSL_AD_HANDSHAKE_FAILURE;
-                SSLerror(s, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
-                return 0;
-        }
-        return 1;
-err:
-        *al = SSL_AD_DECODE_ERROR;
-        return 0;
-}
-int
 ssl_check_clienthello_tlsext_early(SSL *s)
 {
        int ret = SSL_TLSEXT_ERR_NOACK;

diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index fbd79431db..d92fd70f5b 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_lib.c,v 1.140 2018/01/27 15:30:05 jsing Exp $ */	1	/* $OpenBSD: t1_lib.c,v 1.141 2018/02/08 11:30:30 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -662,79 +662,6 @@ tls12_get_req_sig_algs(SSL s, unsigned char sigalgs, size_t sigalgs_len)
662	}	662	}
663		663
664	int	664	int
665	ssl_parse_serverhello_tlsext(SSL s, unsigned char p, size_t n, int al)
666	{
667	unsigned short type;
668	unsigned short size;
669	unsigned short len;
670	unsigned char data = p;
671	unsigned char end = p + n;
672	CBS cbs;
673
674	S3I(s)->renegotiate_seen = 0;
675	free(S3I(s)->alpn_selected);
676	S3I(s)->alpn_selected = NULL;
677
678	if (data == end)
679	goto ri_check;
680
681	if (end - data < 2)
682	goto err;
683	n2s(data, len);
684
685	if (end - data != len)
686	goto err;
687
688	while (end - data >= 4) {
689	n2s(data, type);
690	n2s(data, size);
691
692	if (end - data < size)
693	goto err;
694
695	if (s->internal->tlsext_debug_cb)
696	s->internal->tlsext_debug_cb(s, 1, type, data, size,
697	s->internal->tlsext_debug_arg);
698
699	CBS_init(&cbs, data, size);
700	if (!tlsext_serverhello_parse_one(s, &cbs, type, al))
701	return 0;
702
703	data += size;
704
705	}
706
707	if (data != end) {
708	*al = SSL_AD_DECODE_ERROR;
709	return 0;
710	}
711
712	*p = data;
713
714	ri_check:
715
716	/* Determine if we need to see RI. Strictly speaking if we want to
717	* avoid an attack we should always see RI even on initial server
718	* hello because the client doesn't see any renegotiation during an
719	* attack. However this would mean we could not connect to any server
720	* which doesn't support RI so for the immediate future tolerate RI
721	* absence on initial connect only.
722	*/
723	if (!S3I(s)->renegotiate_seen &&
724	!(s->internal->options & SSL_OP_LEGACY_SERVER_CONNECT)) {
725	*al = SSL_AD_HANDSHAKE_FAILURE;
726	SSLerror(s, SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED);
727	return 0;
728	}
729
730	return 1;
731
732	err:
733	*al = SSL_AD_DECODE_ERROR;
734	return 0;
735	}
736
737	int
738	ssl_check_clienthello_tlsext_early(SSL *s)	665	ssl_check_clienthello_tlsext_early(SSL *s)
739	{	666	{
740	int ret = SSL_TLSEXT_ERR_NOACK;	667	int ret = SSL_TLSEXT_ERR_NOACK;