diff options
| author |   jsing <jsing@openbsd.org> | 2015-09-02 17:59:15 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2015-09-02 17:59:15 +0000 |
| commit | cc072064d5df2144856c8f9a6aed054ab6ac7c68 (patch) | |
| tree | c40af75ff95a64efc8d88378306cfb2fb5075934 /lib/libssl/s3_clnt.c | |
| parent | Fewer magic numbers - we already have defines for the header lengths, so (diff) | |
| download | wireguard-openbsd-cc072064d5df2144856c8f9a6aed054ab6ac7c68.tar.xz wireguard-openbsd-cc072064d5df2144856c8f9a6aed054ab6ac7c68.zip | |
Replace dtls1_client_hello() with ssl3_client_hello() - both are basically
the same code, with two slight differences for DTLS handling.
Also, make use of send_cookie to determine if the client random needs to
be preserved, rather than testing if it is zeroed (hopefully your random
number generator never returned all zeros, since the existing code would
break). Inspired by BoringSSL.
ok doug@
Diffstat (limited to 'lib/libssl/s3_clnt.c')
| -rw-r--r-- | lib/libssl/s3_clnt.c | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/lib/libssl/s3_clnt.c b/lib/libssl/s3_clnt.c index 5b9af06aa5e..1d1a0c77f0b 100644 --- a/lib/libssl/s3_clnt.c +++ b/lib/libssl/s3_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_clnt.c,v 1.124 2015/09/01 13:38:27 jsing Exp $ */ +/* $OpenBSD: s3_clnt.c,v 1.125 2015/09/02 17:59:15 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -584,7 +584,6 @@ end: return (ret); } - int ssl3_client_hello(SSL *s) { @@ -603,7 +602,13 @@ ssl3_client_hello(SSL *s) } /* else use the pre-loaded session */ - arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE); + /* + * If a DTLS ClientHello message is being resent after a + * HelloVerifyRequest, we must retain the original client + * random value. + */ + if (!SSL_IS_DTLS(s) || s->d1->send_cookie == 0) + arc4random_buf(s->s3->client_random, SSL3_RANDOM_SIZE); d = p = ssl3_handshake_msg_start(s, SSL3_MT_CLIENT_HELLO); @@ -660,6 +665,18 @@ ssl3_client_hello(SSL *s) p += i; } + /* DTLS Cookie. */ + if (SSL_IS_DTLS(s)) { + if (s->d1->cookie_len > sizeof(s->d1->cookie)) { + SSLerr(SSL_F_DTLS1_CLIENT_HELLO, + ERR_R_INTERNAL_ERROR); + goto err; + } + *(p++) = s->d1->cookie_len; + memcpy(p, s->d1->cookie, s->d1->cookie_len); + p += s->d1->cookie_len; + } + /* Ciphers supported */ i = ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &p[2]); if (i == 0) { @@ -683,9 +700,9 @@ ssl3_client_hello(SSL *s) goto err; } - s->state = SSL3_ST_CW_CLNT_HELLO_B; - ssl3_handshake_msg_finish(s, p - d); + + s->state = SSL3_ST_CW_CLNT_HELLO_B; } /* SSL3_ST_CW_CLNT_HELLO_B */ |