diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2021-07-19 08:42:25 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2021-07-19 08:42:25 +0000 |
| commit | 73f598c35fe35faed4f52b5988c403dd20978248 (patch) | |
| tree | 4f767e46d353375edd71cab9304574db1e120310 /lib/libssl | |
| parent | 3b39938ee9030ed211d57467de9b9cd7f95c1109 (diff) | |
Mop up dtls1_get_ccs_header() and struct ccs_header_st.
All this code does is read one byte from memory with an unknown length,
potentially being a one byte overread... and then nothing is actually done
with the value.
ok tb@
Diffstat (limited to 'lib/libssl')
| -rw-r--r-- | lib/libssl/d1_both.c | 10 | ||||
| -rw-r--r-- | lib/libssl/d1_pkt.c | 6 | ||||
| -rw-r--r-- | lib/libssl/dtls_locl.h | 8 |
3 files changed, 3 insertions, 21 deletions
diff --git a/lib/libssl/d1_both.c b/lib/libssl/d1_both.c index 2e5e86641c0..61dc47b4b74 100644 --- a/lib/libssl/d1_both.c +++ b/lib/libssl/d1_both.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_both.c,v 1.76 2021/07/01 17:53:39 jsing Exp $ */ +/* $OpenBSD: d1_both.c,v 1.77 2021/07/19 08:42:24 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -1202,11 +1202,3 @@ dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr) return 1; } - -void -dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr) -{ - memset(ccs_hdr, 0, sizeof(struct ccs_header_st)); - - ccs_hdr->type = *(data++); -} diff --git a/lib/libssl/d1_pkt.c b/lib/libssl/d1_pkt.c index 36dd2557227..2610206797d 100644 --- a/lib/libssl/d1_pkt.c +++ b/lib/libssl/d1_pkt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: d1_pkt.c,v 1.100 2021/07/19 08:39:28 jsing Exp $ */ +/* $OpenBSD: d1_pkt.c,v 1.101 2021/07/19 08:42:24 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -835,10 +835,6 @@ dtls1_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek) } if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC) { - struct ccs_header_st ccs_hdr; - - dtls1_get_ccs_header(rr->data, &ccs_hdr); - /* 'Change Cipher Spec' is just a single byte, so we know * exactly what the record payload has to look like */ /* XDTLS: check that epoch is consistent */ diff --git a/lib/libssl/dtls_locl.h b/lib/libssl/dtls_locl.h index 9bf1fe66617..9e0699d0986 100644 --- a/lib/libssl/dtls_locl.h +++ b/lib/libssl/dtls_locl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: dtls_locl.h,v 1.1 2021/05/16 13:56:30 jsing Exp $ */ +/* $OpenBSD: dtls_locl.h,v 1.2 2021/07/19 08:42:24 jsing Exp $ */ /* * DTLS implementation written by Nagendra Modadugu * (nagendra@cs.stanford.edu) for the OpenSSL project 2005. @@ -93,11 +93,6 @@ struct hm_header_st { struct dtls1_retransmit_state saved_retransmit_state; }; -struct ccs_header_st { - unsigned char type; - unsigned short seq; -}; - struct dtls1_timeout_st { /* Number of read timeouts so far */ unsigned int read_timeouts; @@ -225,7 +220,6 @@ int dtls1_retransmit_buffered_messages(SSL *s); void dtls1_clear_record_buffer(SSL *s); int dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr); -void dtls1_get_ccs_header(unsigned char *data, struct ccs_header_st *ccs_hdr); void dtls1_reset_read_seq_numbers(SSL *s); struct timeval* dtls1_get_timeout(SSL *s, struct timeval* timeleft); int dtls1_check_timeout_num(SSL *s); |