From 88ad978f659044d33591365be40627a0caf4d314 Mon Sep 17 00:00:00 2001 From: doug <> Date: Fri, 17 Jul 2015 17:36:24 +0000 Subject: Convert ssl_parse_serverhello_use_srtp_ext to CBS. ok miod@ jsing@ --- src/lib/libssl/d1_srtp.c | 25 +++++++++++++++---------- src/lib/libssl/src/ssl/d1_srtp.c | 25 +++++++++++++++---------- src/lib/libssl/src/ssl/ssl_locl.h | 4 ++-- src/lib/libssl/ssl_locl.h | 4 ++-- 4 files changed, 34 insertions(+), 24 deletions(-) diff --git a/src/lib/libssl/d1_srtp.c b/src/lib/libssl/d1_srtp.c index 8f05c4abc8..2974691e3c 100644 --- a/src/lib/libssl/d1_srtp.c +++ b/src/lib/libssl/d1_srtp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_srtp.c,v 1.13 2015/07/15 21:52:02 beck Exp $ */ +/* $OpenBSD: d1_srtp.c,v 1.14 2015/07/17 17:36:24 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -404,32 +404,37 @@ ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen) int -ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len, int *al) +ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int *al) { STACK_OF(SRTP_PROTECTION_PROFILE) *clnt; SRTP_PROTECTION_PROFILE *prof; - unsigned id; int i; - int ct; + uint16_t id; + CBS cbs, profile_ids, mki; - if (len != 5) { + if (len < 0) { SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *al = SSL_AD_DECODE_ERROR; return 1; } - n2s(d, ct); - if (ct != 2) { + CBS_init(&cbs, d, len); + + /* + * As per RFC 5764 section 4.1.1, server response MUST be a single + * profile id. + */ + if (!CBS_get_u16_length_prefixed(&cbs, &profile_ids) || + !CBS_get_u16(&profile_ids, &id) || CBS_len(&profile_ids) != 0) { SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *al = SSL_AD_DECODE_ERROR; return 1; } - n2s(d, id); - if (*d) { - /* Must be no MKI, since we never offer one. */ + /* Must be no MKI, since we never offer one. */ + if (!CBS_get_u8_length_prefixed(&cbs, &mki) || CBS_len(&mki) != 0) { SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT, SSL_R_BAD_SRTP_MKI_VALUE); *al = SSL_AD_ILLEGAL_PARAMETER; diff --git a/src/lib/libssl/src/ssl/d1_srtp.c b/src/lib/libssl/src/ssl/d1_srtp.c index 8f05c4abc8..2974691e3c 100644 --- a/src/lib/libssl/src/ssl/d1_srtp.c +++ b/src/lib/libssl/src/ssl/d1_srtp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_srtp.c,v 1.13 2015/07/15 21:52:02 beck Exp $ */ +/* $OpenBSD: d1_srtp.c,v 1.14 2015/07/17 17:36:24 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -404,32 +404,37 @@ ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen) int -ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len, int *al) +ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int *al) { STACK_OF(SRTP_PROTECTION_PROFILE) *clnt; SRTP_PROTECTION_PROFILE *prof; - unsigned id; int i; - int ct; + uint16_t id; + CBS cbs, profile_ids, mki; - if (len != 5) { + if (len < 0) { SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *al = SSL_AD_DECODE_ERROR; return 1; } - n2s(d, ct); - if (ct != 2) { + CBS_init(&cbs, d, len); + + /* + * As per RFC 5764 section 4.1.1, server response MUST be a single + * profile id. + */ + if (!CBS_get_u16_length_prefixed(&cbs, &profile_ids) || + !CBS_get_u16(&profile_ids, &id) || CBS_len(&profile_ids) != 0) { SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *al = SSL_AD_DECODE_ERROR; return 1; } - n2s(d, id); - if (*d) { - /* Must be no MKI, since we never offer one. */ + /* Must be no MKI, since we never offer one. */ + if (!CBS_get_u8_length_prefixed(&cbs, &mki) || CBS_len(&mki) != 0) { SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT, SSL_R_BAD_SRTP_MKI_VALUE); *al = SSL_AD_ILLEGAL_PARAMETER; diff --git a/src/lib/libssl/src/ssl/ssl_locl.h b/src/lib/libssl/src/ssl/ssl_locl.h index 0056daa155..3256354463 100644 --- a/src/lib/libssl/src/ssl/ssl_locl.h +++ b/src/lib/libssl/src/ssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.95 2015/07/14 03:38:26 doug Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.96 2015/07/17 17:36:24 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -854,7 +854,7 @@ int ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int *al); int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen); -int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, +int ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int *al); /* s3_cbc.c */ diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 0056daa155..3256354463 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.95 2015/07/14 03:38:26 doug Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.96 2015/07/17 17:36:24 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -854,7 +854,7 @@ int ssl_parse_clienthello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int *al); int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, int maxlen); -int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, +int ssl_parse_serverhello_use_srtp_ext(SSL *s, const unsigned char *d, int len, int *al); /* s3_cbc.c */ -- cgit v1.2.3-55-g6feb