3 files changed, 21 insertions, 22 deletions
diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c
index 61dc47b4b7..4c014be6a9 100644
--- a/src/lib/libssl/d1_both.c
+++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_both.c,v 1.77 2021/07/19 08:42:24 jsing Exp $ */
+/* $OpenBSD: d1_both.c,v 1.78 2021/09/04 14:24:28 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -744,8 +744,9 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
 {
        unsigned char wire[DTLS1_HM_HEADER_LENGTH];
        unsigned long len, frag_off, frag_len;
-        int i, al;
        struct hm_header_st msg_hdr;
+        int i, al;
+        CBS cbs;
 again:
        /* see if we have the required fragment already */
@@ -758,16 +759,16 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok)
        /* read handshake message header */
        i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, wire,
            DTLS1_HM_HEADER_LENGTH, 0);
-        if (i <= 0)     /* nbio, or an error */
+        if (i <= 0) {
-        {
+                /* nbio, or an error */
                s->internal->rwstate = SSL_READING;
                *ok = 0;
                return i;
        }
-        /* Handshake fails if message header is incomplete */
-        if (i != DTLS1_HM_HEADER_LENGTH ||
+        CBS_init(&cbs, wire, i);
-            /* parse the message fragment header */
+        if (!dtls1_get_message_header(&cbs, &msg_hdr)) {
-            dtls1_get_message_header(wire, &msg_hdr) == 0) {
+                /* Handshake fails if message header is incomplete. */
                al = SSL_AD_UNEXPECTED_MESSAGE;
                SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
                goto fatal_err;
@@ -1172,26 +1173,23 @@ dtls1_guess_mtu(unsigned int curr_mtu)
 }
 int
-dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
+dtls1_get_message_header(CBS *header, struct hm_header_st *msg_hdr)
 {
-        CBS header;
        uint32_t msg_len, frag_off, frag_len;
        uint16_t seq;
        uint8_t type;
-        CBS_init(&header, data, sizeof(*msg_hdr));
        memset(msg_hdr, 0, sizeof(*msg_hdr));
-        if (!CBS_get_u8(&header, &type))
+        if (!CBS_get_u8(header, &type))
                return 0;
-        if (!CBS_get_u24(&header, &msg_len))
+        if (!CBS_get_u24(header, &msg_len))
                return 0;
-        if (!CBS_get_u16(&header, &seq))
+        if (!CBS_get_u16(header, &seq))
                return 0;
-        if (!CBS_get_u24(&header, &frag_off))
+        if (!CBS_get_u24(header, &frag_off))
                return 0;
-        if (!CBS_get_u24(&header, &frag_len))
+        if (!CBS_get_u24(header, &frag_len))
                return 0;
        msg_hdr->type = type;
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 11e6d7f8f8..0b952cf5f3 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.110 2021/09/04 14:15:52 jsing Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.111 2021/09/04 14:24:28 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -807,9 +807,11 @@ dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
            rr->length >= DTLS1_HM_HEADER_LENGTH && rr->off == 0 &&
            !s->internal->in_handshake) {
                struct hm_header_st msg_hdr;
+                CBS cbs;
                /* this may just be a stale retransmit */
-                if (!dtls1_get_message_header(rr->data, &msg_hdr))
+                CBS_init(&cbs, rr->data, rr->length);
+                if (!dtls1_get_message_header(&cbs, &msg_hdr))
                        return -1;
                if (rr->epoch != tls12_record_layer_read_epoch(s->internal->rl)) {
                        rr->length = 0;
diff --git a/src/lib/libssl/dtls_locl.h b/src/lib/libssl/dtls_locl.h
index 502b42dcdd..4cf8827ec3 100644
--- a/src/lib/libssl/dtls_locl.h
+++ b/src/lib/libssl/dtls_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: dtls_locl.h,v 1.6 2021/08/31 13:34:55 jsing Exp $ */
+/* $OpenBSD: dtls_locl.h,v 1.7 2021/09/04 14:24:28 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -206,8 +206,7 @@ int dtls1_retransmit_message(SSL *s, unsigned short seq,
 int dtls1_get_queue_priority(unsigned short seq, int is_ccs);
 int dtls1_retransmit_buffered_messages(SSL *s);
 void dtls1_clear_record_buffer(SSL *s);
-int dtls1_get_message_header(unsigned char *data,
+int dtls1_get_message_header(CBS *header, struct hm_header_st *msg_hdr);
-    struct hm_header_st *msg_hdr);
 void dtls1_reset_read_seq_numbers(SSL *s);
 struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft);
 int dtls1_check_timeout_num(SSL *s);

diff --git a/src/lib/libssl/d1_both.c b/src/lib/libssl/d1_both.c index 61dc47b4b7..4c014be6a9 100644 --- a/src/lib/libssl/d1_both.c +++ b/src/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_both.c,v 1.77 2021/07/19 08:42:24 jsing Exp $ */	1	/* $OpenBSD: d1_both.c,v 1.78 2021/09/04 14:24:28 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -744,8 +744,9 @@ dtls1_get_message_fragment(SSL s, int st1, int stn, long max, int ok)
744	{	744	{
745	unsigned char wire[DTLS1_HM_HEADER_LENGTH];	745	unsigned char wire[DTLS1_HM_HEADER_LENGTH];
746	unsigned long len, frag_off, frag_len;	746	unsigned long len, frag_off, frag_len;
747	int i, al;
748	struct hm_header_st msg_hdr;	747	struct hm_header_st msg_hdr;
		748	int i, al;
		749	CBS cbs;
749		750
750	again:	751	again:
751	/* see if we have the required fragment already */	752	/* see if we have the required fragment already */
@@ -758,16 +759,16 @@ dtls1_get_message_fragment(SSL s, int st1, int stn, long max, int ok)
758	/* read handshake message header */	759	/* read handshake message header */
759	i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, wire,	760	i = s->method->ssl_read_bytes(s, SSL3_RT_HANDSHAKE, wire,
760	DTLS1_HM_HEADER_LENGTH, 0);	761	DTLS1_HM_HEADER_LENGTH, 0);
761	if (i <= 0) /* nbio, or an error */	762	if (i <= 0) {
762	{	763	/* nbio, or an error */
763	s->internal->rwstate = SSL_READING;	764	s->internal->rwstate = SSL_READING;
764	*ok = 0;	765	*ok = 0;
765	return i;	766	return i;
766	}	767	}
767	/* Handshake fails if message header is incomplete */	768
768	if (i != DTLS1_HM_HEADER_LENGTH \|\|	769	CBS_init(&cbs, wire, i);
769	/* parse the message fragment header */	770	if (!dtls1_get_message_header(&cbs, &msg_hdr)) {
770	dtls1_get_message_header(wire, &msg_hdr) == 0) {	771	/* Handshake fails if message header is incomplete. */
771	al = SSL_AD_UNEXPECTED_MESSAGE;	772	al = SSL_AD_UNEXPECTED_MESSAGE;
772	SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);	773	SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
773	goto fatal_err;	774	goto fatal_err;
@@ -1172,26 +1173,23 @@ dtls1_guess_mtu(unsigned int curr_mtu)
1172	}	1173	}
1173		1174
1174	int	1175	int
1175	dtls1_get_message_header(unsigned char data, struct hm_header_st msg_hdr)	1176	dtls1_get_message_header(CBS header, struct hm_header_st msg_hdr)
1176	{	1177	{
1177	CBS header;
1178	uint32_t msg_len, frag_off, frag_len;	1178	uint32_t msg_len, frag_off, frag_len;
1179	uint16_t seq;	1179	uint16_t seq;
1180	uint8_t type;	1180	uint8_t type;
1181		1181
1182	CBS_init(&header, data, sizeof(*msg_hdr));
1183
1184	memset(msg_hdr, 0, sizeof(*msg_hdr));	1182	memset(msg_hdr, 0, sizeof(*msg_hdr));
1185		1183
1186	if (!CBS_get_u8(&header, &type))	1184	if (!CBS_get_u8(header, &type))
1187	return 0;	1185	return 0;
1188	if (!CBS_get_u24(&header, &msg_len))	1186	if (!CBS_get_u24(header, &msg_len))
1189	return 0;	1187	return 0;
1190	if (!CBS_get_u16(&header, &seq))	1188	if (!CBS_get_u16(header, &seq))
1191	return 0;	1189	return 0;
1192	if (!CBS_get_u24(&header, &frag_off))	1190	if (!CBS_get_u24(header, &frag_off))
1193	return 0;	1191	return 0;
1194	if (!CBS_get_u24(&header, &frag_len))	1192	if (!CBS_get_u24(header, &frag_len))
1195	return 0;	1193	return 0;
1196		1194
1197	msg_hdr->type = type;	1195	msg_hdr->type = type;


diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index 11e6d7f8f8..0b952cf5f3 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_pkt.c,v 1.110 2021/09/04 14:15:52 jsing Exp $ */	1	/* $OpenBSD: d1_pkt.c,v 1.111 2021/09/04 14:24:28 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -807,9 +807,11 @@ dtls1_read_bytes(SSL s, int type, unsigned char buf, int len, int peek)
807	rr->length >= DTLS1_HM_HEADER_LENGTH && rr->off == 0 &&	807	rr->length >= DTLS1_HM_HEADER_LENGTH && rr->off == 0 &&
808	!s->internal->in_handshake) {	808	!s->internal->in_handshake) {
809	struct hm_header_st msg_hdr;	809	struct hm_header_st msg_hdr;
		810	CBS cbs;
810		811
811	/* this may just be a stale retransmit */	812	/* this may just be a stale retransmit */
812	if (!dtls1_get_message_header(rr->data, &msg_hdr))	813	CBS_init(&cbs, rr->data, rr->length);
		814	if (!dtls1_get_message_header(&cbs, &msg_hdr))
813	return -1;	815	return -1;
814	if (rr->epoch != tls12_record_layer_read_epoch(s->internal->rl)) {	816	if (rr->epoch != tls12_record_layer_read_epoch(s->internal->rl)) {
815	rr->length = 0;	817	rr->length = 0;


diff --git a/src/lib/libssl/dtls_locl.h b/src/lib/libssl/dtls_locl.h index 502b42dcdd..4cf8827ec3 100644 --- a/src/lib/libssl/dtls_locl.h +++ b/src/lib/libssl/dtls_locl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: dtls_locl.h,v 1.6 2021/08/31 13:34:55 jsing Exp $ */	1	/* $OpenBSD: dtls_locl.h,v 1.7 2021/09/04 14:24:28 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -206,8 +206,7 @@ int dtls1_retransmit_message(SSL *s, unsigned short seq,
206	int dtls1_get_queue_priority(unsigned short seq, int is_ccs);	206	int dtls1_get_queue_priority(unsigned short seq, int is_ccs);
207	int dtls1_retransmit_buffered_messages(SSL *s);	207	int dtls1_retransmit_buffered_messages(SSL *s);
208	void dtls1_clear_record_buffer(SSL *s);	208	void dtls1_clear_record_buffer(SSL *s);
209	int dtls1_get_message_header(unsigned char *data,	209	int dtls1_get_message_header(CBS header, struct hm_header_st msg_hdr);
210	struct hm_header_st *msg_hdr);
211	void dtls1_reset_read_seq_numbers(SSL *s);	210	void dtls1_reset_read_seq_numbers(SSL *s);
212	struct timeval* dtls1_get_timeout(SSL s, struct timeval timeleft);	211	struct timeval* dtls1_get_timeout(SSL s, struct timeval timeleft);
213	int dtls1_check_timeout_num(SSL *s);	212	int dtls1_check_timeout_num(SSL *s);