diff options
| author |   doug <doug@openbsd.org> | 2015-07-24 07:57:48 +0000 |
|---|---|---|
| committer | doug <doug@openbsd.org> | 2015-07-24 07:57:48 +0000 |
| commit | 941bb241150fea2ba8d7e77b972d6342b314007f (patch) | |
| tree | 2eff8337c59d9fcaa28c11a1fcd6c9becc3779b1 /lib/libssl/src/ssl/t1_lib.c | |
| parent | Further improve syntax error reporting in doas: (diff) | |
| download | wireguard-openbsd-941bb241150fea2ba8d7e77b972d6342b314007f.tar.xz wireguard-openbsd-941bb241150fea2ba8d7e77b972d6342b314007f.zip | |
Convert tls1_process_ticket to CBS.
ok miod@ jsing@
Diffstat (limited to 'lib/libssl/src/ssl/t1_lib.c')
| -rw-r--r-- | lib/libssl/src/ssl/t1_lib.c | 64 |
1 files changed, 36 insertions, 28 deletions
diff --git a/lib/libssl/src/ssl/t1_lib.c b/lib/libssl/src/ssl/t1_lib.c index 2481a71f841..9ee495c7908 100644 --- a/lib/libssl/src/ssl/t1_lib.c +++ b/lib/libssl/src/ssl/t1_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_lib.c,v 1.81 2015/07/24 03:50:12 doug Exp $ */ +/* $OpenBSD: t1_lib.c,v 1.82 2015/07/24 07:57:48 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2046,12 +2046,11 @@ ssl_check_serverhello_tlsext(SSL *s) * Otherwise, s->tlsext_ticket_expected is set to 0. */ int -tls1_process_ticket(SSL *s, unsigned char *session_id, int len, +tls1_process_ticket(SSL *s, const unsigned char *session, int session_len, const unsigned char *limit, SSL_SESSION **ret) { /* Point after session ID in client hello */ - const unsigned char *p = session_id + len; - unsigned short i; + CBS session_id, cookie, cipher_list, compress_algo, extensions; *ret = NULL; s->tlsext_ticket_expected = 0; @@ -2061,40 +2060,47 @@ tls1_process_ticket(SSL *s, unsigned char *session_id, int len, */ if (SSL_get_options(s) & SSL_OP_NO_TICKET) return 0; - if ((s->version <= SSL3_VERSION) || !limit) + if (s->version <= SSL3_VERSION || !limit) return 0; - if (p >= limit) + + if (limit < session) return -1; + + CBS_init(&session_id, session, limit - session); + + /* Skip past the session id */ + if (!CBS_skip(&session_id, session_len)) + return -1; + /* Skip past DTLS cookie */ if (SSL_IS_DTLS(s)) { - i = *(p++); - p += i; - if (p >= limit) + if (!CBS_get_u8_length_prefixed(&session_id, &cookie)) return -1; } + /* Skip past cipher list */ - n2s(p, i); - p += i; - if (p >= limit) + if (!CBS_get_u16_length_prefixed(&session_id, &cipher_list)) return -1; + /* Skip past compression algorithm list */ - i = *(p++); - p += i; - if (p > limit) + if (!CBS_get_u8_length_prefixed(&session_id, &compress_algo)) return -1; + /* Now at start of extensions */ - if ((p + 2) >= limit) - return 0; - n2s(p, i); - while ((p + 4) <= limit) { - unsigned short type, size; - n2s(p, type); - n2s(p, size); - if (p + size > limit) - return 0; - if (type == TLSEXT_TYPE_session_ticket) { + if (!CBS_get_u16_length_prefixed(&session_id, &extensions)) + return -1; + + while (CBS_len(&extensions) > 0) { + CBS ext_data; + uint16_t ext_type; + + if (!CBS_get_u16(&extensions, &ext_type) || + !CBS_get_u16_length_prefixed(&extensions, &ext_data)) + return -1; + + if (ext_type == TLSEXT_TYPE_session_ticket) { int r; - if (size == 0) { + if (CBS_len(&ext_data) == 0) { /* The client will accept a ticket but doesn't * currently have one. */ s->tlsext_ticket_expected = 1; @@ -2108,7 +2114,10 @@ tls1_process_ticket(SSL *s, unsigned char *session_id, int len, * calculate the master secret later. */ return 2; } - r = tls_decrypt_ticket(s, p, size, session_id, len, ret); + + r = tls_decrypt_ticket(s, CBS_data(&ext_data), + CBS_len(&ext_data), session, session_len, ret); + switch (r) { case 2: /* ticket couldn't be decrypted */ s->tlsext_ticket_expected = 1; @@ -2122,7 +2131,6 @@ tls1_process_ticket(SSL *s, unsigned char *session_id, int len, return -1; } } - p += size; } return 0; } |