1 files changed, 27 insertions, 20 deletions
diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c
index 5558c0e872..2cb2d089c8 100644
--- a/src/lib/libssl/d1_pkt.c
+++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.68 2020/02/21 16:13:16 jsing Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.69 2020/02/21 16:15:56 jsing Exp $ */
 /*
 * DTLS implementation written by Nagendra Modadugu
 * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -1178,12 +1178,15 @@ dtls1_write_bytes(SSL *s, int type, const void *buf, int len)
 int
 do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
 {
-        unsigned char *p, *pseq;
+        unsigned char *p;
        int i, mac_size, clear = 0;
        SSL3_RECORD *wr;
        SSL3_BUFFER *wb;
        SSL_SESSION *sess;
        int bs;
+        CBB cbb;
+        memset(&cbb, 0, sizeof(cbb));
        /* first check if there is a SSL3_BUFFER still being written
         * out.  This will happen with non blocking IO */
@@ -1223,18 +1226,20 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
        p = wb->buf;
-        /* write the header */
+        if (!CBB_init_fixed(&cbb, p, DTLS1_RT_HEADER_LENGTH))
+                goto err;
-        *(p++) = type&0xff;
-        wr->type = type;
-        *(p++) = (s->version >> 8);
-        *(p++) = s->version&0xff;
-        /* field where we are to write out packet epoch, seq num and len */
+        /* Write the header. */
-        pseq = p;
+        if (!CBB_add_u8(&cbb, type))
+                goto err;
+        if (!CBB_add_u16(&cbb, s->version))
+                goto err;
+        if (!CBB_add_u16(&cbb, D1I(s)->w_epoch))
+                goto err;
+        if (!CBB_add_bytes(&cbb, &(S3I(s)->write_sequence[2]), 6))
+                goto err;
-        p += 10;
+        p += DTLS1_RT_HEADER_LENGTH;
        /* lets setup the record stuff. */
@@ -1247,6 +1252,7 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
        else
                bs = 0;
+        wr->type = type;
        wr->data = p + bs;
        /* make room for IV in case of CBC */
        wr->length = (int)len;
@@ -1283,17 +1289,15 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
        /* ssl3_enc can only have an error on read */
        s->method->internal->ssl3_enc->enc(s, 1);
-        s2n(D1I(s)->w_epoch, pseq);
+        if (!CBB_add_u16(&cbb, wr->length))
-        memcpy(pseq, &(S3I(s)->write_sequence[2]), 6);
+                goto err;
-        pseq += 6;
+        if (!CBB_finish(&cbb, NULL, NULL))
+                goto err;
-        /* record length after mac and block padding */
-        s2n(wr->length, pseq);
        /* we should now have
         * wr->data pointing to the encrypted data, which is
         * wr->length long */
-        wr->type=type; /* not needed but helps for debugging */
+        wr->type = type; /* not needed but helps for debugging */
        wr->length += DTLS1_RT_HEADER_LENGTH;
        tls1_record_sequence_increment(S3I(s)->write_sequence);
@@ -1310,7 +1314,10 @@ do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len)
        /* we now just need to write the buffer */
        return ssl3_write_pending(s, type, buf, len);
-err:
+ err:
+        CBB_cleanup(&cbb);
        return -1;
 }

diff --git a/src/lib/libssl/d1_pkt.c b/src/lib/libssl/d1_pkt.c index 5558c0e872..2cb2d089c8 100644 --- a/src/lib/libssl/d1_pkt.c +++ b/src/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: d1_pkt.c,v 1.68 2020/02/21 16:13:16 jsing Exp $ */	1	/* $OpenBSD: d1_pkt.c,v 1.69 2020/02/21 16:15:56 jsing Exp $ */
2	/*	2	/*
3	* DTLS implementation written by Nagendra Modadugu	3	* DTLS implementation written by Nagendra Modadugu
4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.	4	* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -1178,12 +1178,15 @@ dtls1_write_bytes(SSL s, int type, const void buf, int len)
1178	int	1178	int
1179	do_dtls1_write(SSL s, int type, const unsigned char buf, unsigned int len)	1179	do_dtls1_write(SSL s, int type, const unsigned char buf, unsigned int len)
1180	{	1180	{
1181	unsigned char p, pseq;	1181	unsigned char *p;
1182	int i, mac_size, clear = 0;	1182	int i, mac_size, clear = 0;
1183	SSL3_RECORD *wr;	1183	SSL3_RECORD *wr;
1184	SSL3_BUFFER *wb;	1184	SSL3_BUFFER *wb;
1185	SSL_SESSION *sess;	1185	SSL_SESSION *sess;
1186	int bs;	1186	int bs;
		1187	CBB cbb;
		1188
		1189	memset(&cbb, 0, sizeof(cbb));
1187		1190
1188	/* first check if there is a SSL3_BUFFER still being written	1191	/* first check if there is a SSL3_BUFFER still being written
1189	* out. This will happen with non blocking IO */	1192	* out. This will happen with non blocking IO */
@@ -1223,18 +1226,20 @@ do_dtls1_write(SSL s, int type, const unsigned char buf, unsigned int len)
1223		1226
1224	p = wb->buf;	1227	p = wb->buf;
1225		1228
1226	/* write the header */	1229	if (!CBB_init_fixed(&cbb, p, DTLS1_RT_HEADER_LENGTH))
1227		1230	goto err;
1228	*(p++) = type&0xff;
1229	wr->type = type;
1230
1231	*(p++) = (s->version >> 8);
1232	*(p++) = s->version&0xff;
1233		1231
1234	/* field where we are to write out packet epoch, seq num and len */	1232	/* Write the header. */
1235	pseq = p;	1233	if (!CBB_add_u8(&cbb, type))
		1234	goto err;
		1235	if (!CBB_add_u16(&cbb, s->version))
		1236	goto err;
		1237	if (!CBB_add_u16(&cbb, D1I(s)->w_epoch))
		1238	goto err;
		1239	if (!CBB_add_bytes(&cbb, &(S3I(s)->write_sequence[2]), 6))
		1240	goto err;
1236		1241
1237	p += 10;	1242	p += DTLS1_RT_HEADER_LENGTH;
1238		1243
1239	/* lets setup the record stuff. */	1244	/* lets setup the record stuff. */
1240		1245
@@ -1247,6 +1252,7 @@ do_dtls1_write(SSL s, int type, const unsigned char buf, unsigned int len)
1247	else	1252	else
1248	bs = 0;	1253	bs = 0;
1249		1254
		1255	wr->type = type;
1250	wr->data = p + bs;	1256	wr->data = p + bs;
1251	/* make room for IV in case of CBC */	1257	/* make room for IV in case of CBC */
1252	wr->length = (int)len;	1258	wr->length = (int)len;
@@ -1283,17 +1289,15 @@ do_dtls1_write(SSL s, int type, const unsigned char buf, unsigned int len)
1283	/* ssl3_enc can only have an error on read */	1289	/* ssl3_enc can only have an error on read */
1284	s->method->internal->ssl3_enc->enc(s, 1);	1290	s->method->internal->ssl3_enc->enc(s, 1);
1285		1291
1286	s2n(D1I(s)->w_epoch, pseq);	1292	if (!CBB_add_u16(&cbb, wr->length))
1287	memcpy(pseq, &(S3I(s)->write_sequence[2]), 6);	1293	goto err;
1288	pseq += 6;	1294	if (!CBB_finish(&cbb, NULL, NULL))
1289		1295	goto err;
1290	/* record length after mac and block padding */
1291	s2n(wr->length, pseq);
1292		1296
1293	/* we should now have	1297	/* we should now have
1294	* wr->data pointing to the encrypted data, which is	1298	* wr->data pointing to the encrypted data, which is
1295	* wr->length long */	1299	* wr->length long */
1296	wr->type=type; /* not needed but helps for debugging */	1300	wr->type = type; /* not needed but helps for debugging */
1297	wr->length += DTLS1_RT_HEADER_LENGTH;	1301	wr->length += DTLS1_RT_HEADER_LENGTH;
1298		1302
1299	tls1_record_sequence_increment(S3I(s)->write_sequence);	1303	tls1_record_sequence_increment(S3I(s)->write_sequence);
@@ -1310,7 +1314,10 @@ do_dtls1_write(SSL s, int type, const unsigned char buf, unsigned int len)
1310		1314
1311	/* we now just need to write the buffer */	1315	/* we now just need to write the buffer */
1312	return ssl3_write_pending(s, type, buf, len);	1316	return ssl3_write_pending(s, type, buf, len);
1313	err:	1317
		1318	err:
		1319	CBB_cleanup(&cbb);
		1320
1314	return -1;	1321	return -1;
1315	}	1322	}
1316		1323