diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/s3_both.c | 15 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_both.c | 15 |
2 files changed, 18 insertions, 12 deletions
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c index d9484d77d8..63fea5217d 100644 --- a/src/lib/libssl/s3_both.c +++ b/src/lib/libssl/s3_both.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_both.c,v 1.39 2015/06/18 22:51:05 doug Exp $ */ | 1 | /* $OpenBSD: s3_both.c,v 1.40 2015/07/14 03:47:38 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -125,6 +125,8 @@ | |||
| 125 | #include <openssl/objects.h> | 125 | #include <openssl/objects.h> |
| 126 | #include <openssl/x509.h> | 126 | #include <openssl/x509.h> |
| 127 | 127 | ||
| 128 | #include "bytestring.h" | ||
| 129 | |||
| 128 | /* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */ | 130 | /* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */ |
| 129 | int | 131 | int |
| 130 | ssl3_do_write(SSL *s, int type) | 132 | ssl3_do_write(SSL *s, int type) |
| @@ -222,8 +224,7 @@ ssl3_get_finished(SSL *s, int a, int b) | |||
| 222 | { | 224 | { |
| 223 | int al, ok, md_len; | 225 | int al, ok, md_len; |
| 224 | long n; | 226 | long n; |
| 225 | unsigned char *p; | 227 | CBS cbs; |
| 226 | |||
| 227 | 228 | ||
| 228 | n = s->method->ssl_get_message(s, a, b, SSL3_MT_FINISHED, | 229 | n = s->method->ssl_get_message(s, a, b, SSL3_MT_FINISHED, |
| 229 | 64, /* should actually be 36+4 :-) */ &ok); | 230 | 64, /* should actually be 36+4 :-) */ &ok); |
| @@ -240,15 +241,17 @@ ssl3_get_finished(SSL *s, int a, int b) | |||
| 240 | s->s3->change_cipher_spec = 0; | 241 | s->s3->change_cipher_spec = 0; |
| 241 | 242 | ||
| 242 | md_len = s->method->ssl3_enc->finish_mac_length; | 243 | md_len = s->method->ssl3_enc->finish_mac_length; |
| 243 | p = (unsigned char *)s->init_msg; | ||
| 244 | 244 | ||
| 245 | if (s->s3->tmp.peer_finish_md_len != md_len || n != md_len) { | 245 | CBS_init(&cbs, s->init_msg, n); |
| 246 | |||
| 247 | if (n < 0 || s->s3->tmp.peer_finish_md_len != md_len || | ||
| 248 | CBS_len(&cbs) != md_len) { | ||
| 246 | al = SSL_AD_DECODE_ERROR; | 249 | al = SSL_AD_DECODE_ERROR; |
| 247 | SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH); | 250 | SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH); |
| 248 | goto f_err; | 251 | goto f_err; |
| 249 | } | 252 | } |
| 250 | 253 | ||
| 251 | if (timingsafe_memcmp(p, s->s3->tmp.peer_finish_md, md_len) != 0) { | 254 | if (!CBS_mem_equal(&cbs, s->s3->tmp.peer_finish_md, CBS_len(&cbs))) { |
| 252 | al = SSL_AD_DECRYPT_ERROR; | 255 | al = SSL_AD_DECRYPT_ERROR; |
| 253 | SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_DIGEST_CHECK_FAILED); | 256 | SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_DIGEST_CHECK_FAILED); |
| 254 | goto f_err; | 257 | goto f_err; |
diff --git a/src/lib/libssl/src/ssl/s3_both.c b/src/lib/libssl/src/ssl/s3_both.c index d9484d77d8..63fea5217d 100644 --- a/src/lib/libssl/src/ssl/s3_both.c +++ b/src/lib/libssl/src/ssl/s3_both.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_both.c,v 1.39 2015/06/18 22:51:05 doug Exp $ */ | 1 | /* $OpenBSD: s3_both.c,v 1.40 2015/07/14 03:47:38 doug Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -125,6 +125,8 @@ | |||
| 125 | #include <openssl/objects.h> | 125 | #include <openssl/objects.h> |
| 126 | #include <openssl/x509.h> | 126 | #include <openssl/x509.h> |
| 127 | 127 | ||
| 128 | #include "bytestring.h" | ||
| 129 | |||
| 128 | /* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */ | 130 | /* send s->init_buf in records of type 'type' (SSL3_RT_HANDSHAKE or SSL3_RT_CHANGE_CIPHER_SPEC) */ |
| 129 | int | 131 | int |
| 130 | ssl3_do_write(SSL *s, int type) | 132 | ssl3_do_write(SSL *s, int type) |
| @@ -222,8 +224,7 @@ ssl3_get_finished(SSL *s, int a, int b) | |||
| 222 | { | 224 | { |
| 223 | int al, ok, md_len; | 225 | int al, ok, md_len; |
| 224 | long n; | 226 | long n; |
| 225 | unsigned char *p; | 227 | CBS cbs; |
| 226 | |||
| 227 | 228 | ||
| 228 | n = s->method->ssl_get_message(s, a, b, SSL3_MT_FINISHED, | 229 | n = s->method->ssl_get_message(s, a, b, SSL3_MT_FINISHED, |
| 229 | 64, /* should actually be 36+4 :-) */ &ok); | 230 | 64, /* should actually be 36+4 :-) */ &ok); |
| @@ -240,15 +241,17 @@ ssl3_get_finished(SSL *s, int a, int b) | |||
| 240 | s->s3->change_cipher_spec = 0; | 241 | s->s3->change_cipher_spec = 0; |
| 241 | 242 | ||
| 242 | md_len = s->method->ssl3_enc->finish_mac_length; | 243 | md_len = s->method->ssl3_enc->finish_mac_length; |
| 243 | p = (unsigned char *)s->init_msg; | ||
| 244 | 244 | ||
| 245 | if (s->s3->tmp.peer_finish_md_len != md_len || n != md_len) { | 245 | CBS_init(&cbs, s->init_msg, n); |
| 246 | |||
| 247 | if (n < 0 || s->s3->tmp.peer_finish_md_len != md_len || | ||
| 248 | CBS_len(&cbs) != md_len) { | ||
| 246 | al = SSL_AD_DECODE_ERROR; | 249 | al = SSL_AD_DECODE_ERROR; |
| 247 | SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH); | 250 | SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH); |
| 248 | goto f_err; | 251 | goto f_err; |
| 249 | } | 252 | } |
| 250 | 253 | ||
| 251 | if (timingsafe_memcmp(p, s->s3->tmp.peer_finish_md, md_len) != 0) { | 254 | if (!CBS_mem_equal(&cbs, s->s3->tmp.peer_finish_md, CBS_len(&cbs))) { |
| 252 | al = SSL_AD_DECRYPT_ERROR; | 255 | al = SSL_AD_DECRYPT_ERROR; |
| 253 | SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_DIGEST_CHECK_FAILED); | 256 | SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_DIGEST_CHECK_FAILED); |
| 254 | goto f_err; | 257 | goto f_err; |