diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/d1_pkt.c | 4 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/d1_pkt.c | 4 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_enc.c | 7 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/ssl_locl.h | 10 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/t1_enc.c | 24 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_locl.h | 10 | ||||
| -rw-r--r-- | src/lib/libssl/t1_enc.c | 24 |
7 files changed, 28 insertions, 55 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index 83d2d8900b..aa2185d2ed 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_pkt.c,v 1.28 2014/06/12 15:49:31 deraadt Exp $ */ | 1 | /* $OpenBSD: d1_pkt.c,v 1.29 2014/06/15 15:29:25 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -1433,7 +1433,7 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len) | |||
| 1433 | wr->type=type; /* not needed but helps for debugging */ | 1433 | wr->type=type; /* not needed but helps for debugging */ |
| 1434 | wr->length += DTLS1_RT_HEADER_LENGTH; | 1434 | wr->length += DTLS1_RT_HEADER_LENGTH; |
| 1435 | 1435 | ||
| 1436 | ssl3_record_sequence_update(&(s->s3->write_sequence[0])); | 1436 | ssl3_record_sequence_increment(s->s3->write_sequence); |
| 1437 | 1437 | ||
| 1438 | /* now let's set up wb */ | 1438 | /* now let's set up wb */ |
| 1439 | wb->left = prefix_len + wr->length; | 1439 | wb->left = prefix_len + wr->length; |
diff --git a/src/lib/libssl/src/ssl/d1_pkt.c b/src/lib/libssl/src/ssl/d1_pkt.c index 83d2d8900b..aa2185d2ed 100644 --- a/src/lib/libssl/src/ssl/d1_pkt.c +++ b/src/lib/libssl/src/ssl/d1_pkt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: d1_pkt.c,v 1.28 2014/06/12 15:49:31 deraadt Exp $ */ | 1 | /* $OpenBSD: d1_pkt.c,v 1.29 2014/06/15 15:29:25 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * DTLS implementation written by Nagendra Modadugu | 3 | * DTLS implementation written by Nagendra Modadugu |
| 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. | 4 | * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. |
| @@ -1433,7 +1433,7 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len) | |||
| 1433 | wr->type=type; /* not needed but helps for debugging */ | 1433 | wr->type=type; /* not needed but helps for debugging */ |
| 1434 | wr->length += DTLS1_RT_HEADER_LENGTH; | 1434 | wr->length += DTLS1_RT_HEADER_LENGTH; |
| 1435 | 1435 | ||
| 1436 | ssl3_record_sequence_update(&(s->s3->write_sequence[0])); | 1436 | ssl3_record_sequence_increment(s->s3->write_sequence); |
| 1437 | 1437 | ||
| 1438 | /* now let's set up wb */ | 1438 | /* now let's set up wb */ |
| 1439 | wb->left = prefix_len + wr->length; | 1439 | wb->left = prefix_len + wr->length; |
diff --git a/src/lib/libssl/src/ssl/s3_enc.c b/src/lib/libssl/src/ssl/s3_enc.c index c039e7ee71..6170b553f0 100644 --- a/src/lib/libssl/src/ssl/s3_enc.c +++ b/src/lib/libssl/src/ssl/s3_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_enc.c,v 1.48 2014/06/13 16:08:03 jsing Exp $ */ | 1 | /* $OpenBSD: s3_enc.c,v 1.49 2014/06/15 15:29:25 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -807,12 +807,13 @@ n_ssl3_mac(SSL *ssl, unsigned char *md, int send) | |||
| 807 | EVP_MD_CTX_cleanup(&md_ctx); | 807 | EVP_MD_CTX_cleanup(&md_ctx); |
| 808 | } | 808 | } |
| 809 | 809 | ||
| 810 | ssl3_record_sequence_update(seq); | 810 | ssl3_record_sequence_increment(seq); |
| 811 | |||
| 811 | return (md_size); | 812 | return (md_size); |
| 812 | } | 813 | } |
| 813 | 814 | ||
| 814 | void | 815 | void |
| 815 | ssl3_record_sequence_update(unsigned char *seq) | 816 | ssl3_record_sequence_increment(unsigned char *seq) |
| 816 | { | 817 | { |
| 817 | int i; | 818 | int i; |
| 818 | 819 | ||
diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h index 6ce2e17a15..e7fdda69a9 100644 --- a/src/lib/libssl/src/ssl/ssl_locl.h +++ b/src/lib/libssl/src/ssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.51 2014/06/13 13:28:53 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.52 2014/06/15 15:29:25 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -721,18 +721,18 @@ long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void)); | |||
| 721 | long ssl3_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp)(void)); | 721 | long ssl3_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp)(void)); |
| 722 | int ssl3_pending(const SSL *s); | 722 | int ssl3_pending(const SSL *s); |
| 723 | 723 | ||
| 724 | void ssl3_record_sequence_update(unsigned char *seq); | 724 | void ssl3_record_sequence_increment(unsigned char *seq); |
| 725 | int ssl3_do_change_cipher_spec(SSL *ssl); | 725 | int ssl3_do_change_cipher_spec(SSL *ssl); |
| 726 | long ssl3_default_timeout(void ); | 726 | long ssl3_default_timeout(void); |
| 727 | 727 | ||
| 728 | int ssl23_num_ciphers(void ); | 728 | int ssl23_num_ciphers(void); |
| 729 | const SSL_CIPHER *ssl23_get_cipher(unsigned int u); | 729 | const SSL_CIPHER *ssl23_get_cipher(unsigned int u); |
| 730 | int ssl23_read(SSL *s, void *buf, int len); | 730 | int ssl23_read(SSL *s, void *buf, int len); |
| 731 | int ssl23_peek(SSL *s, void *buf, int len); | 731 | int ssl23_peek(SSL *s, void *buf, int len); |
| 732 | int ssl23_write(SSL *s, const void *buf, int len); | 732 | int ssl23_write(SSL *s, const void *buf, int len); |
| 733 | int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p); | 733 | int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p); |
| 734 | const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p); | 734 | const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p); |
| 735 | long ssl23_default_timeout(void ); | 735 | long ssl23_default_timeout(void); |
| 736 | 736 | ||
| 737 | long tls1_default_timeout(void); | 737 | long tls1_default_timeout(void); |
| 738 | int dtls1_do_write(SSL *s, int type); | 738 | int dtls1_do_write(SSL *s, int type); |
diff --git a/src/lib/libssl/src/ssl/t1_enc.c b/src/lib/libssl/src/ssl/t1_enc.c index fe8ccab23e..c8fed159e7 100644 --- a/src/lib/libssl/src/ssl/t1_enc.c +++ b/src/lib/libssl/src/ssl/t1_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_enc.c,v 1.59 2014/06/13 16:09:15 jsing Exp $ */ | 1 | /* $OpenBSD: t1_enc.c,v 1.60 2014/06/15 15:29:25 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -803,11 +803,7 @@ tls1_enc(SSL *s, int send) | |||
| 803 | memcpy(ad, dtlsseq, 8); | 803 | memcpy(ad, dtlsseq, 8); |
| 804 | } else { | 804 | } else { |
| 805 | memcpy(ad, seq, SSL3_SEQUENCE_SIZE); | 805 | memcpy(ad, seq, SSL3_SEQUENCE_SIZE); |
| 806 | for (i = 7; i >= 0; i--) { | 806 | ssl3_record_sequence_increment(seq); |
| 807 | ++seq[i]; | ||
| 808 | if (seq[i] != 0) | ||
| 809 | break; | ||
| 810 | } | ||
| 811 | } | 807 | } |
| 812 | 808 | ||
| 813 | ad[8] = rec->type; | 809 | ad[8] = rec->type; |
| @@ -964,11 +960,7 @@ tls1_enc(SSL *s, int send) | |||
| 964 | memcpy(buf, dtlsseq, 8); | 960 | memcpy(buf, dtlsseq, 8); |
| 965 | } else { | 961 | } else { |
| 966 | memcpy(buf, seq, SSL3_SEQUENCE_SIZE); | 962 | memcpy(buf, seq, SSL3_SEQUENCE_SIZE); |
| 967 | for (i = 7; i >= 0; i--) { /* increment */ | 963 | ssl3_record_sequence_increment(seq); |
| 968 | ++seq[i]; | ||
| 969 | if (seq[i] != 0) | ||
| 970 | break; | ||
| 971 | } | ||
| 972 | } | 964 | } |
| 973 | 965 | ||
| 974 | buf[8] = rec->type; | 966 | buf[8] = rec->type; |
| @@ -1117,7 +1109,6 @@ tls1_mac(SSL *ssl, unsigned char *md, int send) | |||
| 1117 | unsigned char *seq; | 1109 | unsigned char *seq; |
| 1118 | EVP_MD_CTX *hash; | 1110 | EVP_MD_CTX *hash; |
| 1119 | size_t md_size, orig_len; | 1111 | size_t md_size, orig_len; |
| 1120 | int i; | ||
| 1121 | EVP_MD_CTX hmac, *mac_ctx; | 1112 | EVP_MD_CTX hmac, *mac_ctx; |
| 1122 | unsigned char header[13]; | 1113 | unsigned char header[13]; |
| 1123 | int stream_mac = (send ? | 1114 | int stream_mac = (send ? |
| @@ -1191,13 +1182,8 @@ tls1_mac(SSL *ssl, unsigned char *md, int send) | |||
| 1191 | if (!stream_mac) | 1182 | if (!stream_mac) |
| 1192 | EVP_MD_CTX_cleanup(&hmac); | 1183 | EVP_MD_CTX_cleanup(&hmac); |
| 1193 | 1184 | ||
| 1194 | if (!SSL_IS_DTLS(ssl)) { | 1185 | if (!SSL_IS_DTLS(ssl)) |
| 1195 | for (i = 7; i >= 0; i--) { | 1186 | ssl3_record_sequence_increment(seq); |
| 1196 | ++seq[i]; | ||
| 1197 | if (seq[i] != 0) | ||
| 1198 | break; | ||
| 1199 | } | ||
| 1200 | } | ||
| 1201 | 1187 | ||
| 1202 | return (md_size); | 1188 | return (md_size); |
| 1203 | } | 1189 | } |
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 6ce2e17a15..e7fdda69a9 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_locl.h,v 1.51 2014/06/13 13:28:53 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_locl.h,v 1.52 2014/06/15 15:29:25 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -721,18 +721,18 @@ long ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void)); | |||
| 721 | long ssl3_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp)(void)); | 721 | long ssl3_ctx_callback_ctrl(SSL_CTX *s, int cmd, void (*fp)(void)); |
| 722 | int ssl3_pending(const SSL *s); | 722 | int ssl3_pending(const SSL *s); |
| 723 | 723 | ||
| 724 | void ssl3_record_sequence_update(unsigned char *seq); | 724 | void ssl3_record_sequence_increment(unsigned char *seq); |
| 725 | int ssl3_do_change_cipher_spec(SSL *ssl); | 725 | int ssl3_do_change_cipher_spec(SSL *ssl); |
| 726 | long ssl3_default_timeout(void ); | 726 | long ssl3_default_timeout(void); |
| 727 | 727 | ||
| 728 | int ssl23_num_ciphers(void ); | 728 | int ssl23_num_ciphers(void); |
| 729 | const SSL_CIPHER *ssl23_get_cipher(unsigned int u); | 729 | const SSL_CIPHER *ssl23_get_cipher(unsigned int u); |
| 730 | int ssl23_read(SSL *s, void *buf, int len); | 730 | int ssl23_read(SSL *s, void *buf, int len); |
| 731 | int ssl23_peek(SSL *s, void *buf, int len); | 731 | int ssl23_peek(SSL *s, void *buf, int len); |
| 732 | int ssl23_write(SSL *s, const void *buf, int len); | 732 | int ssl23_write(SSL *s, const void *buf, int len); |
| 733 | int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p); | 733 | int ssl23_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p); |
| 734 | const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p); | 734 | const SSL_CIPHER *ssl23_get_cipher_by_char(const unsigned char *p); |
| 735 | long ssl23_default_timeout(void ); | 735 | long ssl23_default_timeout(void); |
| 736 | 736 | ||
| 737 | long tls1_default_timeout(void); | 737 | long tls1_default_timeout(void); |
| 738 | int dtls1_do_write(SSL *s, int type); | 738 | int dtls1_do_write(SSL *s, int type); |
diff --git a/src/lib/libssl/t1_enc.c b/src/lib/libssl/t1_enc.c index fe8ccab23e..c8fed159e7 100644 --- a/src/lib/libssl/t1_enc.c +++ b/src/lib/libssl/t1_enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: t1_enc.c,v 1.59 2014/06/13 16:09:15 jsing Exp $ */ | 1 | /* $OpenBSD: t1_enc.c,v 1.60 2014/06/15 15:29:25 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -803,11 +803,7 @@ tls1_enc(SSL *s, int send) | |||
| 803 | memcpy(ad, dtlsseq, 8); | 803 | memcpy(ad, dtlsseq, 8); |
| 804 | } else { | 804 | } else { |
| 805 | memcpy(ad, seq, SSL3_SEQUENCE_SIZE); | 805 | memcpy(ad, seq, SSL3_SEQUENCE_SIZE); |
| 806 | for (i = 7; i >= 0; i--) { | 806 | ssl3_record_sequence_increment(seq); |
| 807 | ++seq[i]; | ||
| 808 | if (seq[i] != 0) | ||
| 809 | break; | ||
| 810 | } | ||
| 811 | } | 807 | } |
| 812 | 808 | ||
| 813 | ad[8] = rec->type; | 809 | ad[8] = rec->type; |
| @@ -964,11 +960,7 @@ tls1_enc(SSL *s, int send) | |||
| 964 | memcpy(buf, dtlsseq, 8); | 960 | memcpy(buf, dtlsseq, 8); |
| 965 | } else { | 961 | } else { |
| 966 | memcpy(buf, seq, SSL3_SEQUENCE_SIZE); | 962 | memcpy(buf, seq, SSL3_SEQUENCE_SIZE); |
| 967 | for (i = 7; i >= 0; i--) { /* increment */ | 963 | ssl3_record_sequence_increment(seq); |
| 968 | ++seq[i]; | ||
| 969 | if (seq[i] != 0) | ||
| 970 | break; | ||
| 971 | } | ||
| 972 | } | 964 | } |
| 973 | 965 | ||
| 974 | buf[8] = rec->type; | 966 | buf[8] = rec->type; |
| @@ -1117,7 +1109,6 @@ tls1_mac(SSL *ssl, unsigned char *md, int send) | |||
| 1117 | unsigned char *seq; | 1109 | unsigned char *seq; |
| 1118 | EVP_MD_CTX *hash; | 1110 | EVP_MD_CTX *hash; |
| 1119 | size_t md_size, orig_len; | 1111 | size_t md_size, orig_len; |
| 1120 | int i; | ||
| 1121 | EVP_MD_CTX hmac, *mac_ctx; | 1112 | EVP_MD_CTX hmac, *mac_ctx; |
| 1122 | unsigned char header[13]; | 1113 | unsigned char header[13]; |
| 1123 | int stream_mac = (send ? | 1114 | int stream_mac = (send ? |
| @@ -1191,13 +1182,8 @@ tls1_mac(SSL *ssl, unsigned char *md, int send) | |||
| 1191 | if (!stream_mac) | 1182 | if (!stream_mac) |
| 1192 | EVP_MD_CTX_cleanup(&hmac); | 1183 | EVP_MD_CTX_cleanup(&hmac); |
| 1193 | 1184 | ||
| 1194 | if (!SSL_IS_DTLS(ssl)) { | 1185 | if (!SSL_IS_DTLS(ssl)) |
| 1195 | for (i = 7; i >= 0; i--) { | 1186 | ssl3_record_sequence_increment(seq); |
| 1196 | ++seq[i]; | ||
| 1197 | if (seq[i] != 0) | ||
| 1198 | break; | ||
| 1199 | } | ||
| 1200 | } | ||
| 1201 | 1187 | ||
| 1202 | return (md_size); | 1188 | return (md_size); |
| 1203 | } | 1189 | } |