From 782e6af2c8cf001e1a3eef1d0acb0d16317e4464 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Sun, 4 Dec 2016 14:32:30 +0000 Subject: Convert ssl_cipher_list_to_bytes() to CBB, changing the function to return the number of bytes written via an explicit *outlen argument and retaining the return value to indicate success or failure. ok doug@ --- src/lib/libssl/s23_clnt.c | 16 +++++++++------- src/lib/libssl/s3_clnt.c | 17 ++++++++++------- src/lib/libssl/ssl_lib.c | 48 +++++++++++++++++++++++++++++++---------------- src/lib/libssl/ssl_locl.h | 4 ++-- 4 files changed, 53 insertions(+), 32 deletions(-) (limited to 'src') diff --git a/src/lib/libssl/s23_clnt.c b/src/lib/libssl/s23_clnt.c index c6920e2b34..8674cdf627 100644 --- a/src/lib/libssl/s23_clnt.c +++ b/src/lib/libssl/s23_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s23_clnt.c,v 1.46 2015/09/11 18:08:21 jsing Exp $ */ +/* $OpenBSD: s23_clnt.c,v 1.47 2016/12/04 14:32:30 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -230,11 +230,11 @@ ssl23_client_hello(SSL *s) { unsigned char *buf; unsigned char *p, *d; - int i; unsigned long l; int version = 0, version_major, version_minor; int ret; unsigned long mask, options = s->options; + size_t outlen; /* * SSL_OP_NO_X disables all protocols above X *if* there are @@ -294,14 +294,16 @@ ssl23_client_hello(SSL *s) *(p++) = 0; /* Ciphers supported (using SSL 3.0/TLS 1.0 format) */ - i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); - if (i == 0) { - SSLerr(SSL_F_SSL23_CLIENT_HELLO, + if (!ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2], + buf - &p[2] + SSL3_RT_MAX_PLAIN_LENGTH, &outlen)) + return -1; + if (outlen == 0) { + SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE); return -1; } - s2n(i, p); - p += i; + s2n(outlen, p); + p += outlen; /* add in (no) COMPRESSION */ *(p++) = 1; diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 7a327a76a3..f39ae7fab3 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_clnt.c,v 1.148 2016/12/04 14:25:44 jsing Exp $ */ +/* $OpenBSD: s3_clnt.c,v 1.149 2016/12/04 14:32:30 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -588,8 +588,11 @@ int ssl3_client_hello(SSL *s) { unsigned char *bufend, *p, *d; + size_t outlen; int i; + bufend = (unsigned char *)s->init_buf->data + SSL3_RT_MAX_PLAIN_LENGTH; + if (s->state == SSL3_ST_CW_CLNT_HELLO_A) { SSL_SESSION *sess = s->session; @@ -678,22 +681,22 @@ ssl3_client_hello(SSL *s) } /* Ciphers supported */ - i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); - if (i == 0) { + if (!ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2], + bufend - &p[2], &outlen)) + goto err; + if (outlen == 0) { SSLerr(SSL_F_SSL3_CLIENT_HELLO, SSL_R_NO_CIPHERS_AVAILABLE); goto err; } - s2n(i, p); - p += i; + s2n(outlen, p); + p += outlen; /* add in (no) COMPRESSION */ *(p++) = 1; *(p++) = 0; /* Add the NULL method */ /* TLS extensions*/ - bufend = (unsigned char *)s->init_buf->data + - SSL3_RT_MAX_PLAIN_LENGTH; if ((p = ssl_add_clienthello_tlsext(s, p, bufend)) == NULL) { SSLerr(SSL_F_SSL3_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index ebe78808c5..5d93a3bc13 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.121 2016/11/02 11:21:05 jsing Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.122 2016/12/04 14:32:30 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1363,35 +1363,51 @@ SSL_get_shared_ciphers(const SSL *s, char *buf, int len) } int -ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p) +ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, unsigned char *p, + size_t maxlen, size_t *outlen) { - int i; - SSL_CIPHER *c; - unsigned char *q; + SSL_CIPHER *cipher; + int ciphers = 0; + CBB cbb; + int i; + + *outlen = 0; if (sk == NULL) return (0); - q = p; + + if (!CBB_init_fixed(&cbb, p, maxlen)) + goto err; for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) { - c = sk_SSL_CIPHER_value(sk, i); + cipher = sk_SSL_CIPHER_value(sk, i); /* Skip TLS v1.2 only ciphersuites if lower than v1.2 */ - if ((c->algorithm_ssl & SSL_TLSV1_2) && + if ((cipher->algorithm_ssl & SSL_TLSV1_2) && (TLS1_get_client_version(s) < TLS1_2_VERSION)) continue; - s2n(ssl3_cipher_get_value(c), p); + if (!CBB_add_u16(&cbb, ssl3_cipher_get_value(cipher))) + goto err; + + ciphers++; } - /* - * If p == q, no ciphers and caller indicates an error. Otherwise - * add SCSV if not renegotiating. - */ - if (p != q && !s->renegotiate) - s2n(SSL3_CK_SCSV & SSL3_CK_VALUE_MASK, p); + /* Add SCSV if there are other ciphers and we're not renegotiating. */ + if (ciphers > 0 && !s->renegotiate) { + if (!CBB_add_u16(&cbb, SSL3_CK_SCSV & SSL3_CK_VALUE_MASK)) + goto err; + } + + if (!CBB_finish(&cbb, NULL, outlen)) + goto err; + + return 1; + + err: + CBB_cleanup(&cbb); - return (p - q); + return 0; } STACK_OF(SSL_CIPHER) * diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h index 6c36795b1d..c7ae289a3a 100644 --- a/src/lib/libssl/ssl_locl.h +++ b/src/lib/libssl/ssl_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_locl.h,v 1.136 2016/11/06 17:21:04 jsing Exp $ */ +/* $OpenBSD: ssl_locl.h,v 1.137 2016/12/04 14:32:30 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -569,7 +569,7 @@ int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, const unsigned char *p, int num); int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, - unsigned char *p); + unsigned char *p, size_t maxlen, size_t *outlen); STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *meth, STACK_OF(SSL_CIPHER) **pref, STACK_OF(SSL_CIPHER) **sorted, const char *rule_str); -- cgit v1.2.3-55-g6feb