-/* $OpenBSD: s3_srvr.c,v 1.108 2015/06/18 22:51:05 doug Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.109 2015/06/20 17:04:07 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/x509.h>
+#include "bytestring.h"
+
static const SSL_METHOD *ssl3_get_server_method(int ver);
const SSL_METHOD SSLv3_server_method_data = {
int
ssl3_get_next_proto(SSL *s)
{
+ CBS cbs, proto, padding;
int ok;
- int proto_len, padding_len;
long n;
- const unsigned char *p;
+ size_t len;
/*
* Clients cannot send a NextProtocol message if we didn't see the
return (0);
/* The body must be > 1 bytes long */
- p = (unsigned char *)s->init_msg;
+ CBS_init(&cbs, s->init_msg, s->init_num);
/*
* The payload looks like:
* uint8 padding_len;
* uint8 padding[padding_len];
*/
- proto_len = p[0];
- if (proto_len + 2 > s->init_num)
- return (0);
- padding_len = p[proto_len + 1];
- if (proto_len + padding_len + 2 != s->init_num)
- return (0);
+ if (!CBS_get_u8_length_prefixed(&cbs, &proto) ||
+ !CBS_get_u8_length_prefixed(&cbs, &padding) ||
+ CBS_len(&cbs) != 0)
+ return 0;
+
+ /*
+ * XXX We should not NULL it, but this matches old behavior of not
+ * freeing before malloc.
+ */
+ s->next_proto_negotiated = NULL;
+ s->next_proto_negotiated_len = 0;
- s->next_proto_negotiated = malloc(proto_len);
- if (!s->next_proto_negotiated) {
+ if (!CBS_stow(&proto, &s->next_proto_negotiated, &len)) {
SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,
ERR_R_MALLOC_FAILURE);
return (0);
}
- memcpy(s->next_proto_negotiated, p + 1, proto_len);
- s->next_proto_negotiated_len = proto_len;
+ s->next_proto_negotiated_len = (uint8_t)len;
return (1);
}
-/* $OpenBSD: s3_srvr.c,v 1.108 2015/06/18 22:51:05 doug Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.109 2015/06/20 17:04:07 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
#include <openssl/objects.h>
#include <openssl/x509.h>
+#include "bytestring.h"
+
static const SSL_METHOD *ssl3_get_server_method(int ver);
const SSL_METHOD SSLv3_server_method_data = {
int
ssl3_get_next_proto(SSL *s)
{
+ CBS cbs, proto, padding;
int ok;
- int proto_len, padding_len;
long n;
- const unsigned char *p;
+ size_t len;
/*
* Clients cannot send a NextProtocol message if we didn't see the
return (0);
/* The body must be > 1 bytes long */
- p = (unsigned char *)s->init_msg;
+ CBS_init(&cbs, s->init_msg, s->init_num);
/*
* The payload looks like:
* uint8 padding_len;
* uint8 padding[padding_len];
*/
- proto_len = p[0];
- if (proto_len + 2 > s->init_num)
- return (0);
- padding_len = p[proto_len + 1];
- if (proto_len + padding_len + 2 != s->init_num)
- return (0);
+ if (!CBS_get_u8_length_prefixed(&cbs, &proto) ||
+ !CBS_get_u8_length_prefixed(&cbs, &padding) ||
+ CBS_len(&cbs) != 0)
+ return 0;
+
+ /*
+ * XXX We should not NULL it, but this matches old behavior of not
+ * freeing before malloc.
+ */
+ s->next_proto_negotiated = NULL;
+ s->next_proto_negotiated_len = 0;
- s->next_proto_negotiated = malloc(proto_len);
- if (!s->next_proto_negotiated) {
+ if (!CBS_stow(&proto, &s->next_proto_negotiated, &len)) {
SSLerr(SSL_F_SSL3_GET_NEXT_PROTO,
ERR_R_MALLOC_FAILURE);
return (0);
}
- memcpy(s->next_proto_negotiated, p + 1, proto_len);
- s->next_proto_negotiated_len = proto_len;
+ s->next_proto_negotiated_len = (uint8_t)len;
return (1);
}
projects / openbsd / commitdiff