From 9d67ecf4c90ec22967a3567548dcdcd75a595535 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Sun, 21 Apr 2019 14:38:32 +0000 Subject: Cleanup more of tls_decrypt_ticket(). Separate the malloc() check and EVP_DecryptUpdate() - the malloc() failure is fatal while a EVP_DecryptUpdate() is a decryption failure. Also ensure that we clear the error stack in all cases where we are indicating a failure to decrypt or decode the ticket - otherwise SSL_error() while later return failure when it should not. ok tb@ --- src/lib/libssl/t1_lib.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'src') diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 2147908819..2421227c8a 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_lib.c,v 1.155 2019/04/21 10:17:25 jsing Exp $ */ +/* $OpenBSD: t1_lib.c,v 1.156 2019/04/21 14:38:32 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -955,12 +955,14 @@ tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, /* Move p after IV to start of encrypted ticket, update length */ p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx); eticklen -= 16 + EVP_CIPHER_CTX_iv_length(&ctx); - sdec = malloc(eticklen); - if (sdec == NULL || - EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen) <= 0) { + if ((sdec = malloc(eticklen)) == NULL) { ret = -1; goto done; } + if (EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen) <= 0) { + ret = 2; + goto done; + } if (EVP_DecryptFinal_ex(&ctx, sdec + slen, &mlen) <= 0) { ret = 2; goto done; @@ -973,7 +975,6 @@ tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, * For session parse failure, indicate that we need to send a * new ticket. */ - ERR_clear_error(); ret = 2; goto done; } @@ -1002,5 +1003,8 @@ tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen, HMAC_CTX_cleanup(&hctx); EVP_CIPHER_CTX_cleanup(&ctx); + if (ret == 2) + ERR_clear_error(); + return ret; } -- cgit v1.2.3-55-g6feb