Convert ssl3_send_change_cipher_spec() to use CBB and make it handle DTLS,

which allows us to drop dtls1_send_change_cipher_spec() entirely.

ok inoguchi@

6 files changed, 52 insertions, 57 deletions

diff --git a/lib/libssl/d1_both.c b/lib/libssl/d1_both.c
index 6b86cfc03e6..42f8cbd5370 100644
--- a/lib/libssl/d1_both.c
+++ b/lib/libssl/d1_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_both.c,v 1.51 2017/05/07 04:22:24 beck Exp $ */
+/* $OpenBSD: d1_both.c,v 1.52 2017/10/08 16:24:02 jsing Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -162,9 +162,6 @@ static unsigned int dtls1_guess_mtu(unsigned int curr_mtu);
 static void dtls1_fix_message_header(SSL *s, unsigned long frag_off,
     unsigned long frag_len);
 static unsigned char *dtls1_write_message_header(SSL *s, unsigned char *p);
-static void dtls1_set_message_header_int(SSL *s, unsigned char mt,
-    unsigned long len, unsigned short seq_num, unsigned long frag_off,
-    unsigned long frag_len);
 static long dtls1_get_message_fragment(SSL *s, int st1, int stn, long max,
     int *ok);
 
@@ -895,40 +892,6 @@ f_err:
 	return (-1);
 }
 
-/*
- * for these 2 messages, we need to
- * ssl->enc_read_ctx			re-init
- * ssl->s3->internal->read_sequence		zero
- * ssl->s3->internal->read_mac_secret		re-init
- * ssl->session->read_sym_enc		assign
- * ssl->session->read_hash		assign
- */
-int
-dtls1_send_change_cipher_spec(SSL *s, int a, int b)
-{
-	unsigned char *p;
-
-	if (S3I(s)->hs.state == a) {
-		p = (unsigned char *)s->internal->init_buf->data;
-		*p++=SSL3_MT_CCS;
-		D1I(s)->handshake_write_seq = D1I(s)->next_handshake_write_seq;
-		s->internal->init_num = DTLS1_CCS_HEADER_LENGTH;
-
-		s->internal->init_off = 0;
-
-		dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
-		    D1I(s)->handshake_write_seq, 0, 0);
-
-		/* buffer the message to handle re-xmits */
-		dtls1_buffer_message(s, 1);
-
-		S3I(s)->hs.state = b;
-	}
-
-	/* SSL3_ST_CW_CHANGE_B */
-	return (dtls1_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC));
-}
-
 int
 dtls1_read_failed(SSL *s, int code)
 {
@@ -1182,7 +1145,7 @@ dtls1_set_message_header(SSL *s, unsigned char mt, unsigned long len,
 }
 
 /* don't actually do the writing, wait till the MTU has been retrieved */
-static void
+void
 dtls1_set_message_header_int(SSL *s, unsigned char mt, unsigned long len,
     unsigned short seq_num, unsigned long frag_off, unsigned long frag_len)
 {
diff --git a/lib/libssl/d1_clnt.c b/lib/libssl/d1_clnt.c
index 3eebf984173..c9447138d5f 100644
--- a/lib/libssl/d1_clnt.c
+++ b/lib/libssl/d1_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_clnt.c,v 1.76 2017/05/07 04:22:24 beck Exp $ */
+/* $OpenBSD: d1_clnt.c,v 1.77 2017/10/08 16:24:02 jsing Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -427,7 +427,7 @@ dtls1_connect(SSL *s)
 		case SSL3_ST_CW_CHANGE_B:
 			if (!s->internal->hit)
 				dtls1_start_timer(s);
-			ret = dtls1_send_change_cipher_spec(s,
+			ret = ssl3_send_change_cipher_spec(s,
 			    SSL3_ST_CW_CHANGE_A, SSL3_ST_CW_CHANGE_B);
 			if (ret <= 0)
 				goto end;
diff --git a/lib/libssl/d1_srvr.c b/lib/libssl/d1_srvr.c
index ae90ee2093e..f0e59a8e003 100644
--- a/lib/libssl/d1_srvr.c
+++ b/lib/libssl/d1_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_srvr.c,v 1.88 2017/05/07 04:22:24 beck Exp $ */
+/* $OpenBSD: d1_srvr.c,v 1.89 2017/10/08 16:24:02 jsing Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -596,9 +596,8 @@ dtls1_accept(SSL *s)
 				goto end;
 			}
 
-			ret = dtls1_send_change_cipher_spec(s,
-			SSL3_ST_SW_CHANGE_A, SSL3_ST_SW_CHANGE_B);
-
+			ret = ssl3_send_change_cipher_spec(s,
+			    SSL3_ST_SW_CHANGE_A, SSL3_ST_SW_CHANGE_B);
 			if (ret <= 0)
 				goto end;
 
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index a05116cb8f2..89af1ef3bf3 100644
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.161 2017/09/25 18:04:08 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.162 2017/10/08 16:24:02 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1553,10 +1553,16 @@ ssl3_handshake_msg_finish_cbb(SSL *s, CBB *handshake)
 int
 ssl3_handshake_write(SSL *s)
 {
+	return ssl3_record_write(s, SSL3_RT_HANDSHAKE);
+}
+
+int
+ssl3_record_write(SSL *s, int type)
+{
 	if (SSL_IS_DTLS(s))
-		return dtls1_do_write(s, SSL3_RT_HANDSHAKE);
+		return dtls1_do_write(s, type);
 
-	return ssl3_do_write(s, SSL3_RT_HANDSHAKE);
+	return ssl3_do_write(s, type);
 }
 
 int
diff --git a/lib/libssl/ssl_both.c b/lib/libssl/ssl_both.c
index 17f93f551be..03f95977f75 100644
--- a/lib/libssl/ssl_both.c
+++ b/lib/libssl/ssl_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_both.c,v 1.10 2017/08/12 02:55:22 jsing Exp $ */
+/* $OpenBSD: ssl_both.c,v 1.11 2017/10/08 16:24:02 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -311,19 +311,44 @@ f_err:
 int
 ssl3_send_change_cipher_spec(SSL *s, int a, int b)
 {
-	unsigned char *p;
+	size_t outlen;
+	CBB cbb;
+
+	memset(&cbb, 0, sizeof(cbb));
 
 	if (S3I(s)->hs.state == a) {
-		p = (unsigned char *)s->internal->init_buf->data;
-		*p = SSL3_MT_CCS;
-		s->internal->init_num = 1;
+		if (!CBB_init_fixed(&cbb, s->internal->init_buf->data,
+		    s->internal->init_buf->length))
+			goto err;
+		if (!CBB_add_u8(&cbb, SSL3_MT_CCS))
+			goto err;
+		if (!CBB_finish(&cbb, NULL, &outlen))
+			goto err;
+
+		if (outlen > INT_MAX)
+			goto err;
+
+		s->internal->init_num = (int)outlen;
 		s->internal->init_off = 0;
 
+		if (SSL_IS_DTLS(s)) {
+			D1I(s)->handshake_write_seq =
+			    D1I(s)->next_handshake_write_seq;
+			dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
+			    D1I(s)->handshake_write_seq, 0, 0);
+			dtls1_buffer_message(s, 1);
+		}
+
 		S3I(s)->hs.state = b;
 	}
 
 	/* SSL3_ST_CW_CHANGE_B */
-	return (ssl3_do_write(s, SSL3_RT_CHANGE_CIPHER_SPEC));
+	return ssl3_record_write(s, SSL3_RT_CHANGE_CIPHER_SPEC);
+
+ err:
+	CBB_cleanup(&cbb);
+
+	return -1;
 }
 
 static int
diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h
index 17a4a0d4f68..2fec36fba9a 100644
--- a/lib/libssl/ssl_locl.h
+++ b/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.193 2017/08/28 16:37:04 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.194 2017/10/08 16:24:02 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1147,6 +1147,7 @@ int ssl3_handshake_msg_start_cbb(SSL *s, CBB *handshake, CBB *body,
     uint8_t msg_type);
 int ssl3_handshake_msg_finish_cbb(SSL *s, CBB *handshake);
 int ssl3_handshake_write(SSL *s);
+int ssl3_record_write(SSL *s, int type);
 
 void tls1_record_sequence_increment(unsigned char *seq);
 int ssl3_do_change_cipher_spec(SSL *ssl);
@@ -1166,12 +1167,13 @@ int ssl3_write_pending(SSL *s, int type, const unsigned char *buf,
     unsigned int len);
 void dtls1_set_message_header(SSL *s, unsigned char mt, unsigned long len,
     unsigned long frag_off, unsigned long frag_len);
+void dtls1_set_message_header_int(SSL *s, unsigned char mt,
+    unsigned long len, unsigned short seq_num, unsigned long frag_off,
+    unsigned long frag_len);
 
 int dtls1_write_app_data_bytes(SSL *s, int type, const void *buf, int len);
 int dtls1_write_bytes(SSL *s, int type, const void *buf, int len);
 
-int dtls1_send_change_cipher_spec(SSL *s, int a, int b);
-unsigned long dtls1_output_cert_chain(SSL *s, X509 *x);
 int dtls1_read_failed(SSL *s, int code);
 int dtls1_buffer_message(SSL *s, int ccs);
 int dtls1_retransmit_message(SSL *s, unsigned short seq,