From ccb4f685d743447d79e76e1380f93ba28b5b8e1e Mon Sep 17 00:00:00 2001 From: jsing <> Date: Wed, 20 Jul 2022 06:32:24 +0000 Subject: Remove tls_buffer_set_data() and remove/revise callers. There is no way that tls_buffer_set_data() can currently work in conjunction with tls_buffer_expand(). This fact is currently hidden by the way that PHH works, which reads the same data from the record layer (which it needs to do anyway, since we may not have all of the handshake message in a single record). Since this is broken, mop it up and change the PHH callback to not provide the record data. ok beck@ tb@ --- src/lib/libssl/tls13_lib.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) (limited to 'src/lib/libssl/tls13_lib.c') diff --git a/src/lib/libssl/tls13_lib.c b/src/lib/libssl/tls13_lib.c index 8b28bf55a4..8d0e030b5a 100644 --- a/src/lib/libssl/tls13_lib.c +++ b/src/lib/libssl/tls13_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_lib.c,v 1.66 2022/07/20 06:20:44 jsing Exp $ */ +/* $OpenBSD: tls13_lib.c,v 1.67 2022/07/20 06:32:24 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * Copyright (c) 2019 Bob Beck @@ -338,11 +338,11 @@ tls13_phh_done_cb(void *cb_arg) } static ssize_t -tls13_phh_received_cb(void *cb_arg, CBS *cbs) +tls13_phh_received_cb(void *cb_arg) { ssize_t ret = TLS13_IO_FAILURE; struct tls13_ctx *ctx = cb_arg; - CBS phh_cbs; + CBS cbs; if (!tls13_phh_limit_check(ctx)) return tls13_send_alert(ctx->rl, TLS13_ALERT_UNEXPECTED_MESSAGE); @@ -351,19 +351,16 @@ tls13_phh_received_cb(void *cb_arg, CBS *cbs) ((ctx->hs_msg = tls13_handshake_msg_new()) == NULL)) return TLS13_IO_FAILURE; - if (!tls13_handshake_msg_set_buffer(ctx->hs_msg, cbs)) - return TLS13_IO_FAILURE; - - if ((ret = tls13_handshake_msg_recv(ctx->hs_msg, ctx->rl)) - != TLS13_IO_SUCCESS) + if ((ret = tls13_handshake_msg_recv(ctx->hs_msg, ctx->rl)) != + TLS13_IO_SUCCESS) return ret; - if (!tls13_handshake_msg_content(ctx->hs_msg, &phh_cbs)) + if (!tls13_handshake_msg_content(ctx->hs_msg, &cbs)) return TLS13_IO_FAILURE; switch(tls13_handshake_msg_type(ctx->hs_msg)) { case TLS13_MT_KEY_UPDATE: - ret = tls13_key_update_recv(ctx, &phh_cbs); + ret = tls13_key_update_recv(ctx, &cbs); break; case TLS13_MT_NEW_SESSION_TICKET: /* XXX do nothing for now and ignore this */ -- cgit v1.2.3-55-g6feb