summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2020-03-12 17:09:03 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2020-03-12 17:09:03 +0000
commitadc27f131f95263b124f6ac3f1799700c58cee6a (patch)
treecdf3df1a516829399e0db47b43613566f42d12aa
parent823ce3cc01283dacc9083213bfd751006b11c88b (diff)
Stop overloading the record type for padding length.
Currently the CBC related code stuffs the padding length in the upper bits of the type field... stop doing that and add a padding_length field to the record struct instead. ok inoguchi@ tb@
-rw-r--r--lib/libssl/d1_pkt.c5
-rw-r--r--lib/libssl/s3_cbc.c4
-rw-r--r--lib/libssl/ssl_locl.h3
-rw-r--r--lib/libssl/ssl_pkt.c5
-rw-r--r--lib/libssl/t1_enc.c6
5 files changed, 10 insertions, 13 deletions
diff --git a/lib/libssl/d1_pkt.c b/lib/libssl/d1_pkt.c
index 31415b7c3a4..524cfc33510 100644
--- a/lib/libssl/d1_pkt.c
+++ b/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.71 2020/03/12 17:01:53 jsing Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.72 2020/03/12 17:09:02 jsing Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -380,8 +380,7 @@ dtls1_process_record(SSL *s)
mac_size = EVP_MD_CTX_size(s->read_hash);
OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
- /* kludge: *_cbc_remove_padding passes padding length in rr->type */
- orig_len = rr->length + ((unsigned int)rr->type >> 8);
+ orig_len = rr->length + rr->padding_length;
/* orig_len is the length of the record before any padding was
* removed. This is public information, as is the MAC in use,
diff --git a/lib/libssl/s3_cbc.c b/lib/libssl/s3_cbc.c
index 371c68cfcc3..8ae87d73030 100644
--- a/lib/libssl/s3_cbc.c
+++ b/lib/libssl/s3_cbc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_cbc.c,v 1.19 2020/03/12 17:01:53 jsing Exp $ */
+/* $OpenBSD: s3_cbc.c,v 1.20 2020/03/12 17:09:02 jsing Exp $ */
/* ====================================================================
* Copyright (c) 2012 The OpenSSL Project. All rights reserved.
*
@@ -169,7 +169,7 @@ tls1_cbc_remove_padding(const SSL* s, SSL3_RECORD_INTERNAL *rec,
padding_length = good & (padding_length + 1);
rec->length -= padding_length;
- rec->type |= padding_length<<8; /* kludge: pass padding length */
+ rec->padding_length = padding_length;
return (int)((good & 1) | (~good & -1));
}
diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h
index a696ef99b10..6604768485f 100644
--- a/lib/libssl/ssl_locl.h
+++ b/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.268 2020/03/12 17:01:53 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.269 2020/03/12 17:09:02 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -779,6 +779,7 @@ typedef struct ssl_internal_st {
typedef struct ssl3_record_internal_st {
int type; /* type of record */
unsigned int length; /* How many bytes available */
+ unsigned int padding_length; /* Number of padding bytes. */
unsigned int off; /* read/write offset into 'buf' */
unsigned char *data; /* pointer to the record data */
unsigned char *input; /* where the decode bytes are */
diff --git a/lib/libssl/ssl_pkt.c b/lib/libssl/ssl_pkt.c
index 4302794d942..0d1d4f78c78 100644
--- a/lib/libssl/ssl_pkt.c
+++ b/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_pkt.c,v 1.22 2020/03/12 17:01:53 jsing Exp $ */
+/* $OpenBSD: ssl_pkt.c,v 1.23 2020/03/12 17:09:02 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -451,8 +451,7 @@ ssl3_get_record(SSL *s)
mac_size = EVP_MD_CTX_size(s->read_hash);
OPENSSL_assert(mac_size <= EVP_MAX_MD_SIZE);
- /* kludge: *_cbc_remove_padding passes padding length in rr->type */
- orig_len = rr->length + ((unsigned int)rr->type >> 8);
+ orig_len = rr->length + rr->padding_length;
/* orig_len is the length of the record before any padding was
* removed. This is public information, as is the MAC in use,
diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c
index b399f2bd3ce..347d34d4550 100644
--- a/lib/libssl/t1_enc.c
+++ b/lib/libssl/t1_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_enc.c,v 1.119 2020/03/12 17:01:53 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.120 2020/03/12 17:09:02 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -971,9 +971,7 @@ tls1_mac(SSL *ssl, unsigned char *md, int send)
else
memcpy(header, seq, SSL3_SEQUENCE_SIZE);
- /* kludge: tls1_cbc_remove_padding passes padding length in rec->type */
- orig_len = rec->length + md_size + ((unsigned int)rec->type >> 8);
- rec->type &= 0xff;
+ orig_len = rec->length + md_size + rec->padding_length;
header[8] = rec->type;
header[9] = (unsigned char)(ssl->version >> 8);