diff options
| author |   jsing <jsing@openbsd.org> | 2015-09-12 15:03:39 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2015-09-12 15:03:39 +0000 |
| commit | 64d8ff80f9e1823c3d9e6c3b75994e29a4686ce9 (patch) | |
| tree | 9278833a6d02d2c39e41640040fa07a9a9fc8847 /lib/libssl/src/ssl/s3_both.c | |
| parent | ktrcsw(9) has been removed, so remove its man page too. (diff) | |
| download | wireguard-openbsd-64d8ff80f9e1823c3d9e6c3b75994e29a4686ce9.tar.xz wireguard-openbsd-64d8ff80f9e1823c3d9e6c3b75994e29a4686ce9.zip | |
Move handshake message header length determination into a separate
ssl3_handshake_msg_hdr_len() function. Use this to correct several places
that have magic numbers with header lengths hardcoded as '4'.
ok beck@
Diffstat (limited to 'lib/libssl/src/ssl/s3_both.c')
| -rw-r--r-- | lib/libssl/src/ssl/s3_both.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/lib/libssl/src/ssl/s3_both.c b/lib/libssl/src/ssl/s3_both.c index 49b1e506599..cfd0fb9b4bd 100644 --- a/lib/libssl/src/ssl/s3_both.c +++ b/lib/libssl/src/ssl/s3_both.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_both.c,v 1.47 2015/09/11 18:08:21 jsing Exp $ */ +/* $OpenBSD: s3_both.c,v 1.48 2015/09/12 15:03:39 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -326,6 +326,7 @@ ssl3_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x) SSLerr(SSL_F_SSL3_ADD_CERT_TO_BUF, ERR_R_BUF_LIB); return (-1); } + /* XXX */ p = (unsigned char *)&(buf->data[*l]); l2n3(n, p); i2d_X509(x, &p); @@ -338,10 +339,10 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x) { unsigned char *p; - int i; - unsigned long l = 7; + unsigned long l = ssl3_handshake_msg_hdr_len(s) + 3; BUF_MEM *buf; int no_chain; + int i; if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs) no_chain = 1; @@ -350,7 +351,7 @@ ssl3_output_cert_chain(SSL *s, X509 *x) /* TLSv1 sends a chain with nothing in it, instead of an alert */ buf = s->init_buf; - if (!BUF_MEM_grow_clean(buf, 10)) { + if (!BUF_MEM_grow_clean(buf, ssl3_handshake_msg_hdr_len(s) + 6)) { SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN, ERR_R_BUF_LIB); return (0); } @@ -388,14 +389,14 @@ ssl3_output_cert_chain(SSL *s, X509 *x) return (0); } - l -= 7; + l -= ssl3_handshake_msg_hdr_len(s) + 3; p = (unsigned char *)&(buf->data[4]); l2n3(l, p); l += 3; p = (unsigned char *)&(buf->data[0]); *(p++) = SSL3_MT_CERTIFICATE; l2n3(l, p); - l += 4; + l += 4; /* XXX */ return (l); } |