Mop up part of dtls1_dispatch_alert().

The original DTLS code had some strange alert handling code (basically one
type of alert included extra data) - a few years later this was "fixed",
however the rest of the code was left as is.

This means that rather than sending the alert data from send_alert
(like ssl3_dispatch_alert() does), we have a local buffer on the stack,
which we memset, copy the send_alert bytes into, then send from.

ok inoguchi@ tb@

diff --git a/lib/libssl/d1_pkt.c b/lib/libssl/d1_pkt.c
index 504044d..11735f0 100644 (file)
--- a/lib/libssl/d1_pkt.c
+++ b/lib/libssl/d1_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: d1_pkt.c,v 1.97 2021/06/11 11:13:53 jsing Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.98 2021/06/15 19:09:03 jsing Exp $ */
 /*
  * DTLS implementation written by Nagendra Modadugu
  * (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
@@ -1160,19 +1160,12 @@ dtls1_dispatch_alert(SSL *s)
 {
        int i, j;
        void (*cb)(const SSL *ssl, int type, int val) = NULL;
-       unsigned char buf[DTLS1_AL_HEADER_LENGTH];
-       unsigned char *ptr = &buf[0];
 
        S3I(s)->alert_dispatch = 0;
 
-       memset(buf, 0, sizeof(buf));
-       *ptr++ = S3I(s)->send_alert[0];
-       *ptr++ = S3I(s)->send_alert[1];
-
-       i = do_dtls1_write(s, SSL3_RT_ALERT, &buf[0], sizeof(buf));
+       i = do_dtls1_write(s, SSL3_RT_ALERT, &S3I(s)->send_alert[0], 2);
        if (i <= 0) {
                S3I(s)->alert_dispatch = 1;
-               /* fprintf( stderr, "not done with alert\n" ); */
        } else {
                if (S3I(s)->send_alert[0] == SSL3_AL_FATAL)
                        (void)BIO_flush(s->wbio);