diff options
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/bs_cbb.c | 16 | ||||
| -rw-r--r-- | src/lib/libssl/bytestring.h | 8 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_tlsext.c | 14 |
3 files changed, 35 insertions, 3 deletions
diff --git a/src/lib/libssl/bs_cbb.c b/src/lib/libssl/bs_cbb.c index 9de75fbb02..1c02eaf0be 100644 --- a/src/lib/libssl/bs_cbb.c +++ b/src/lib/libssl/bs_cbb.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bs_cbb.c,v 1.17 2017/08/12 02:50:05 jsing Exp $ */ | 1 | /* $OpenBSD: bs_cbb.c,v 1.17.4.1 2017/12/09 13:43:25 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014, Google Inc. | 3 | * Copyright (c) 2014, Google Inc. |
| 4 | * | 4 | * |
| @@ -271,6 +271,20 @@ CBB_flush(CBB *cbb) | |||
| 271 | return 1; | 271 | return 1; |
| 272 | } | 272 | } |
| 273 | 273 | ||
| 274 | void | ||
| 275 | CBB_discard_child(CBB *cbb) | ||
| 276 | { | ||
| 277 | if (cbb->child == NULL) | ||
| 278 | return; | ||
| 279 | |||
| 280 | cbb->base->len = cbb->offset; | ||
| 281 | |||
| 282 | cbb->child->base = NULL; | ||
| 283 | cbb->child = NULL; | ||
| 284 | cbb->pending_len_len = 0; | ||
| 285 | cbb->pending_is_asn1 = 0; | ||
| 286 | cbb->offset = 0; | ||
| 287 | } | ||
| 274 | 288 | ||
| 275 | static int | 289 | static int |
| 276 | cbb_add_length_prefixed(CBB *cbb, CBB *out_contents, size_t len_len) | 290 | cbb_add_length_prefixed(CBB *cbb, CBB *out_contents, size_t len_len) |
diff --git a/src/lib/libssl/bytestring.h b/src/lib/libssl/bytestring.h index d8c8e6ada6..42d3d5d6d1 100644 --- a/src/lib/libssl/bytestring.h +++ b/src/lib/libssl/bytestring.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: bytestring.h,v 1.15 2016/11/04 18:28:58 guenther Exp $ */ | 1 | /* $OpenBSD: bytestring.h,v 1.15.6.1 2017/12/09 13:43:25 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2014, Google Inc. | 3 | * Copyright (c) 2014, Google Inc. |
| 4 | * | 4 | * |
| @@ -394,6 +394,12 @@ int CBB_finish(CBB *cbb, uint8_t **out_data, size_t *out_len); | |||
| 394 | int CBB_flush(CBB *cbb); | 394 | int CBB_flush(CBB *cbb); |
| 395 | 395 | ||
| 396 | /* | 396 | /* |
| 397 | * CBB_discard_child discards the current unflushed child of |cbb|. Neither the | ||
| 398 | * child's contents nor the length prefix will be included in the output. | ||
| 399 | */ | ||
| 400 | void CBB_discard_child(CBB *cbb); | ||
| 401 | |||
| 402 | /* | ||
| 397 | * CBB_add_u8_length_prefixed sets |*out_contents| to a new child of |cbb|. The | 403 | * CBB_add_u8_length_prefixed sets |*out_contents| to a new child of |cbb|. The |
| 398 | * data written to |*out_contents| will be prefixed in |cbb| with an 8-bit | 404 | * data written to |*out_contents| will be prefixed in |cbb| with an 8-bit |
| 399 | * length. It returns one on success or zero on error. | 405 | * length. It returns one on success or zero on error. |
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index 835c413478..2abfa723d8 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_tlsext.c,v 1.17 2017/09/25 18:02:27 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_tlsext.c,v 1.17.4.1 2017/12/09 13:43:25 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| @@ -1296,6 +1296,7 @@ tlsext_clienthello_build(SSL *s, CBB *cbb) | |||
| 1296 | { | 1296 | { |
| 1297 | CBB extensions, extension_data; | 1297 | CBB extensions, extension_data; |
| 1298 | struct tls_extension *tlsext; | 1298 | struct tls_extension *tlsext; |
| 1299 | int extensions_present = 0; | ||
| 1299 | size_t i; | 1300 | size_t i; |
| 1300 | 1301 | ||
| 1301 | if (!CBB_add_u16_length_prefixed(cbb, &extensions)) | 1302 | if (!CBB_add_u16_length_prefixed(cbb, &extensions)) |
| @@ -1313,8 +1314,13 @@ tlsext_clienthello_build(SSL *s, CBB *cbb) | |||
| 1313 | return 0; | 1314 | return 0; |
| 1314 | if (!tls_extensions[i].clienthello_build(s, &extension_data)) | 1315 | if (!tls_extensions[i].clienthello_build(s, &extension_data)) |
| 1315 | return 0; | 1316 | return 0; |
| 1317 | |||
| 1318 | extensions_present = 1; | ||
| 1316 | } | 1319 | } |
| 1317 | 1320 | ||
| 1321 | if (!extensions_present) | ||
| 1322 | CBB_discard_child(cbb); | ||
| 1323 | |||
| 1318 | if (!CBB_flush(cbb)) | 1324 | if (!CBB_flush(cbb)) |
| 1319 | return 0; | 1325 | return 0; |
| 1320 | 1326 | ||
| @@ -1351,6 +1357,7 @@ tlsext_serverhello_build(SSL *s, CBB *cbb) | |||
| 1351 | { | 1357 | { |
| 1352 | CBB extensions, extension_data; | 1358 | CBB extensions, extension_data; |
| 1353 | struct tls_extension *tlsext; | 1359 | struct tls_extension *tlsext; |
| 1360 | int extensions_present = 0; | ||
| 1354 | size_t i; | 1361 | size_t i; |
| 1355 | 1362 | ||
| 1356 | if (!CBB_add_u16_length_prefixed(cbb, &extensions)) | 1363 | if (!CBB_add_u16_length_prefixed(cbb, &extensions)) |
| @@ -1368,8 +1375,13 @@ tlsext_serverhello_build(SSL *s, CBB *cbb) | |||
| 1368 | return 0; | 1375 | return 0; |
| 1369 | if (!tlsext->serverhello_build(s, &extension_data)) | 1376 | if (!tlsext->serverhello_build(s, &extension_data)) |
| 1370 | return 0; | 1377 | return 0; |
| 1378 | |||
| 1379 | extensions_present = 1; | ||
| 1371 | } | 1380 | } |
| 1372 | 1381 | ||
| 1382 | if (!extensions_present) | ||
| 1383 | CBB_discard_child(cbb); | ||
| 1384 | |||
| 1373 | if (!CBB_flush(cbb)) | 1385 | if (!CBB_flush(cbb)) |
| 1374 | return 0; | 1386 | return 0; |
| 1375 | 1387 | ||