summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorDoug Hogan <doug@cvs.openbsd.org>2015-07-14 05:26:33 +0000
committerDoug Hogan <doug@cvs.openbsd.org>2015-07-14 05:26:33 +0000
commit4cbfbe2fcd1b463f6c28f7812eddd9adbd68d8bb (patch)
tree0c0c857e0c861791b6e2be7f4d24733e22cef474 /lib
parent42c2ba106a36f62e1c265075da9b41ed9048ff42 (diff)
Convert dtls1_get_hello_verify to CBS.
ok miod@ jsing@
Diffstat (limited to 'lib')
-rw-r--r--lib/libssl/d1_clnt.c40
1 files changed, 23 insertions, 17 deletions
diff --git a/lib/libssl/d1_clnt.c b/lib/libssl/d1_clnt.c
index adde3cd39ee..261e4e996fd 100644
--- a/lib/libssl/d1_clnt.c
+++ b/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_clnt.c,v 1.45 2015/06/13 08:38:10 doug Exp $ */
+/* $OpenBSD: d1_clnt.c,v 1.46 2015/07/14 05:26:32 doug Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -113,6 +113,7 @@
* [including the GNU Public Licence.]
*/
+#include <limits.h>
#include <stdio.h>
#include "ssl_locl.h"
@@ -124,6 +125,8 @@
#include <openssl/md5.h>
#include <openssl/objects.h>
+#include "bytestring.h"
+
static const SSL_METHOD *dtls1_get_client_method(int ver);
static int dtls1_get_hello_verify(SSL *s);
@@ -697,9 +700,11 @@ err:
static int
dtls1_get_hello_verify(SSL *s)
{
- int n, al, ok = 0;
- unsigned char *data;
- unsigned int cookie_len;
+ long n;
+ int al, ok = 0;
+ size_t cookie_len;
+ uint16_t ssl_version;
+ CBS hello_verify_request, cookie;
n = s->method->ssl_get_message(s, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A,
DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, s->max_cert_list, &ok);
@@ -713,32 +718,33 @@ dtls1_get_hello_verify(SSL *s)
return (1);
}
- if (2 > n)
+ if (n < 0)
goto truncated;
- data = (unsigned char *)s->init_msg;
- if ((data[0] != (s->version >> 8)) || (data[1] != (s->version&0xff))) {
+ CBS_init(&hello_verify_request, s->init_msg, n);
+
+ if (!CBS_get_u16(&hello_verify_request, &ssl_version))
+ goto truncated;
+
+ if (ssl_version != s->version) {
SSLerr(SSL_F_DTLS1_GET_HELLO_VERIFY, SSL_R_WRONG_SSL_VERSION);
- s->version = (s->version & 0xff00) | data[1];
+ s->version = (s->version & 0xff00) | (ssl_version & 0xff);
al = SSL_AD_PROTOCOL_VERSION;
goto f_err;
}
- data += 2;
- if (2 + 1 > n)
- goto truncated;
- cookie_len = *(data++);
- if (2 + 1 + cookie_len > n)
+ if (!CBS_get_u8_length_prefixed(&hello_verify_request, &cookie))
goto truncated;
- if (cookie_len > sizeof(s->d1->cookie)) {
+
+ if (!CBS_write_bytes(&cookie, s->d1->cookie,
+ sizeof(s->d1->cookie), &cookie_len)) {
+ s->d1->cookie_len = 0;
al = SSL_AD_ILLEGAL_PARAMETER;
goto f_err;
}
-
- memcpy(s->d1->cookie, data, cookie_len);
s->d1->cookie_len = cookie_len;
-
s->d1->send_cookie = 1;
+
return 1;
truncated: