diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/tls13_legacy.c | 36 |
1 files changed, 27 insertions, 9 deletions
diff --git a/src/lib/libssl/tls13_legacy.c b/src/lib/libssl/tls13_legacy.c index 317a1cb0f5..a26afeeeb9 100644 --- a/src/lib/libssl/tls13_legacy.c +++ b/src/lib/libssl/tls13_legacy.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_legacy.c,v 1.13 2020/09/13 15:04:35 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_legacy.c,v 1.14 2020/10/07 07:46:18 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -297,22 +297,35 @@ static int | |||
| 297 | tls13_use_legacy_stack(struct tls13_ctx *ctx) | 297 | tls13_use_legacy_stack(struct tls13_ctx *ctx) |
| 298 | { | 298 | { |
| 299 | SSL *s = ctx->ssl; | 299 | SSL *s = ctx->ssl; |
| 300 | CBB cbb, fragment; | ||
| 300 | CBS cbs; | 301 | CBS cbs; |
| 301 | 302 | ||
| 303 | memset(&cbb, 0, sizeof(cbb)); | ||
| 304 | |||
| 302 | if (!ssl3_setup_init_buffer(s)) | 305 | if (!ssl3_setup_init_buffer(s)) |
| 303 | return 0; | 306 | goto err; |
| 304 | if (!ssl3_setup_buffers(s)) | 307 | if (!ssl3_setup_buffers(s)) |
| 305 | return 0; | 308 | goto err; |
| 306 | if (!ssl_init_wbio_buffer(s, 1)) | 309 | if (!ssl_init_wbio_buffer(s, 1)) |
| 307 | return 0; | 310 | goto err; |
| 308 | 311 | ||
| 309 | /* Stash any unprocessed data from the last record. */ | 312 | /* Stash any unprocessed data from the last record. */ |
| 310 | tls13_record_layer_rbuf(ctx->rl, &cbs); | 313 | tls13_record_layer_rbuf(ctx->rl, &cbs); |
| 311 | if (CBS_len(&cbs) > 0) { | 314 | if (CBS_len(&cbs) > 0) { |
| 312 | if (!CBS_write_bytes(&cbs, | 315 | if (!CBB_init_fixed(&cbb, S3I(s)->rbuf.buf, |
| 313 | S3I(s)->rbuf.buf + SSL3_RT_HEADER_LENGTH, | 316 | S3I(s)->rbuf.len)) |
| 314 | S3I(s)->rbuf.len - SSL3_RT_HEADER_LENGTH, NULL)) | 317 | goto err; |
| 315 | return 0; | 318 | if (!CBB_add_u8(&cbb, SSL3_RT_HANDSHAKE)) |
| 319 | goto err; | ||
| 320 | if (!CBB_add_u16(&cbb, TLS1_2_VERSION)) | ||
| 321 | goto err; | ||
| 322 | if (!CBB_add_u16_length_prefixed(&cbb, &fragment)) | ||
| 323 | goto err; | ||
| 324 | if (!CBB_add_bytes(&fragment, CBS_data(&cbs), | ||
| 325 | CBS_len(&cbs))) | ||
| 326 | goto err; | ||
| 327 | if (!CBB_finish(&cbb, NULL, NULL)) | ||
| 328 | goto err; | ||
| 316 | 329 | ||
| 317 | S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH; | 330 | S3I(s)->rbuf.offset = SSL3_RT_HEADER_LENGTH; |
| 318 | S3I(s)->rbuf.left = CBS_len(&cbs); | 331 | S3I(s)->rbuf.left = CBS_len(&cbs); |
| @@ -328,13 +341,18 @@ tls13_use_legacy_stack(struct tls13_ctx *ctx) | |||
| 328 | tls13_handshake_msg_data(ctx->hs_msg, &cbs); | 341 | tls13_handshake_msg_data(ctx->hs_msg, &cbs); |
| 329 | if (!CBS_write_bytes(&cbs, s->internal->init_buf->data, | 342 | if (!CBS_write_bytes(&cbs, s->internal->init_buf->data, |
| 330 | s->internal->init_buf->length, NULL)) | 343 | s->internal->init_buf->length, NULL)) |
| 331 | return 0; | 344 | goto err; |
| 332 | 345 | ||
| 333 | S3I(s)->tmp.reuse_message = 1; | 346 | S3I(s)->tmp.reuse_message = 1; |
| 334 | S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg); | 347 | S3I(s)->tmp.message_type = tls13_handshake_msg_type(ctx->hs_msg); |
| 335 | S3I(s)->tmp.message_size = CBS_len(&cbs); | 348 | S3I(s)->tmp.message_size = CBS_len(&cbs); |
| 336 | 349 | ||
| 337 | return 1; | 350 | return 1; |
| 351 | |||
| 352 | err: | ||
| 353 | CBB_cleanup(&cbb); | ||
| 354 | |||
| 355 | return 0; | ||
| 338 | } | 356 | } |
| 339 | 357 | ||
| 340 | int | 358 | int |