artulab
projects / openbsd / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 622f173)
Remove tls_buffer_set_data() and remove/revise callers.
authorjsing <jsing@openbsd.org>
Wed, 20 Jul 2022 06:32:24 +0000 (06:32 +0000)
committerjsing <jsing@openbsd.org>
Wed, 20 Jul 2022 06:32:24 +0000 (06:32 +0000)
There is no way that tls_buffer_set_data() can currently work in
conjunction with tls_buffer_expand(). This fact is currently hidden by the
way that PHH works, which reads the same data from the record layer (which
it needs to do anyway, since we may not have all of the handshake message
in a single record).

Since this is broken, mop it up and change the PHH callback to not provide
the record data.

ok beck@ tb@

lib/libssl/tls13_handshake_msg.c patch | blob | history
lib/libssl/tls13_internal.h patch | blob | history
lib/libssl/tls13_lib.c patch | blob | history
lib/libssl/tls13_record_layer.c patch | blob | history
lib/libssl/tls_buffer.c patch | blob | history
lib/libssl/tls_internal.h patch | blob | history

diff --git a/lib/libssl/tls13_handshake_msg.c b/lib/libssl/tls13_handshake_msg.c
index 67eab31..946ccac 100644 (file)
--- a/lib/libssl/tls13_handshake_msg.c
+++ b/lib/libssl/tls13_handshake_msg.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_handshake_msg.c,v 1.4 2021/10/23 13:12:14 jsing Exp $ */
+/* $OpenBSD: tls13_handshake_msg.c,v 1.5 2022/07/20 06:32:24 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -71,12 +71,6 @@ tls13_handshake_msg_data(struct tls13_handshake_msg *msg, CBS *cbs)
        CBS_init(cbs, msg->data, msg->data_len);
 }
 
-int
-tls13_handshake_msg_set_buffer(struct tls13_handshake_msg *msg, CBS *cbs)
-{
-       return tls_buffer_set_data(msg->buf, cbs);
-}
-
 uint8_t
 tls13_handshake_msg_type(struct tls13_handshake_msg *msg)
 {
diff --git a/lib/libssl/tls13_internal.h b/lib/libssl/tls13_internal.h
index 555dd42..599eb20 100644 (file)
--- a/lib/libssl/tls13_internal.h
+++ b/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.98 2022/07/17 15:49:20 jsing Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.99 2022/07/20 06:32:24 jsing Exp $ */
 /*
  * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
  * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -88,7 +88,7 @@ __BEGIN_HIDDEN_DECLS
 #define TLS13_INFO_CONNECT_EXIT                                SSL_CB_CONNECT_EXIT
 
 typedef void (*tls13_alert_cb)(uint8_t _alert_desc, void *_cb_arg);
-typedef ssize_t (*tls13_phh_recv_cb)(void *_cb_arg, CBS *_cbs);
+typedef ssize_t (*tls13_phh_recv_cb)(void *_cb_arg);
 typedef void (*tls13_phh_sent_cb)(void *_cb_arg);
 typedef void (*tls13_handshake_message_cb)(void *_cb_arg);
 typedef void (*tls13_info_cb)(void *_cb_arg, int _state, int _ret);
@@ -226,7 +226,6 @@ struct tls13_handshake_msg;
 struct tls13_handshake_msg *tls13_handshake_msg_new(void);
 void tls13_handshake_msg_free(struct tls13_handshake_msg *msg);
 void tls13_handshake_msg_data(struct tls13_handshake_msg *msg, CBS *cbs);
-int tls13_handshake_msg_set_buffer(struct tls13_handshake_msg *msg, CBS *cbs);
 uint8_t tls13_handshake_msg_type(struct tls13_handshake_msg *msg);
 int tls13_handshake_msg_content(struct tls13_handshake_msg *msg, CBS *cbs);
 int tls13_handshake_msg_start(struct tls13_handshake_msg *msg, CBB *body,
diff --git a/lib/libssl/tls13_lib.c b/lib/libssl/tls13_lib.c
index 8b28bf5..8d0e030 100644 (file)
--- a/lib/libssl/tls13_lib.c
+++ b/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: tls13_lib.c,v 1.66 2022/07/20 06:20:44 jsing Exp $ */
+/*     $OpenBSD: tls13_lib.c,v 1.67 2022/07/20 06:32:24 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -338,11 +338,11 @@ tls13_phh_done_cb(void *cb_arg)
 }
 
 static ssize_t
-tls13_phh_received_cb(void *cb_arg, CBS *cbs)
+tls13_phh_received_cb(void *cb_arg)
 {
        ssize_t ret = TLS13_IO_FAILURE;
        struct tls13_ctx *ctx = cb_arg;
-       CBS phh_cbs;
+       CBS cbs;
 
        if (!tls13_phh_limit_check(ctx))
                return tls13_send_alert(ctx->rl, TLS13_ALERT_UNEXPECTED_MESSAGE);
@@ -351,19 +351,16 @@ tls13_phh_received_cb(void *cb_arg, CBS *cbs)
            ((ctx->hs_msg = tls13_handshake_msg_new()) == NULL))
                return TLS13_IO_FAILURE;
 
-       if (!tls13_handshake_msg_set_buffer(ctx->hs_msg, cbs))
-               return TLS13_IO_FAILURE;
-
-       if ((ret = tls13_handshake_msg_recv(ctx->hs_msg, ctx->rl))
-           != TLS13_IO_SUCCESS)
+       if ((ret = tls13_handshake_msg_recv(ctx->hs_msg, ctx->rl)) !=
+           TLS13_IO_SUCCESS)
                return ret;
 
-       if (!tls13_handshake_msg_content(ctx->hs_msg, &phh_cbs))
+       if (!tls13_handshake_msg_content(ctx->hs_msg, &cbs))
                return TLS13_IO_FAILURE;
 
        switch(tls13_handshake_msg_type(ctx->hs_msg)) {
        case TLS13_MT_KEY_UPDATE:
-               ret = tls13_key_update_recv(ctx, &phh_cbs);
+               ret = tls13_key_update_recv(ctx, &cbs);
                break;
        case TLS13_MT_NEW_SESSION_TICKET:
                /* XXX do nothing for now and ignore this */
diff --git a/lib/libssl/tls13_record_layer.c b/lib/libssl/tls13_record_layer.c
index c68ee3b..2b7052c 100644 (file)
--- a/lib/libssl/tls13_record_layer.c
+++ b/lib/libssl/tls13_record_layer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record_layer.c,v 1.67 2022/01/14 09:12:15 tb Exp $ */
+/* $OpenBSD: tls13_record_layer.c,v 1.68 2022/07/20 06:32:24 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -909,7 +909,7 @@ tls13_record_layer_recv_phh(struct tls13_record_layer *rl)
         * TLS13_IO_FAILURE      something broke.
         */
        if (rl->cb.phh_recv != NULL)
-               ret = rl->cb.phh_recv(rl->cb_arg, tls_content_cbs(rl->rcontent));
+               ret = rl->cb.phh_recv(rl->cb_arg);
 
        tls_content_clear(rl->rcontent);
 
diff --git a/lib/libssl/tls_buffer.c b/lib/libssl/tls_buffer.c
index 5c0ca7e..9bb6b62 100644 (file)
--- a/lib/libssl/tls_buffer.c
+++ b/lib/libssl/tls_buffer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_buffer.c,v 1.1 2021/10/23 13:12:14 jsing Exp $ */
+/* $OpenBSD: tls_buffer.c,v 1.2 2022/07/20 06:32:24 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -76,15 +76,6 @@ tls_buffer_resize(struct tls_buffer *buf, size_t capacity)
        return 1;
 }
 
-int
-tls_buffer_set_data(struct tls_buffer *buf, CBS *data)
-{
-       if (!tls_buffer_resize(buf, CBS_len(data)))
-               return 0;
-       memcpy(buf->data, CBS_data(data), CBS_len(data));
-       return 1;
-}
-
 ssize_t
 tls_buffer_extend(struct tls_buffer *buf, size_t len,
     tls_read_cb read_cb, void *cb_arg)
diff --git a/lib/libssl/tls_internal.h b/lib/libssl/tls_internal.h
index 0065f0f..ac2d14d 100644 (file)
--- a/lib/libssl/tls_internal.h
+++ b/lib/libssl/tls_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_internal.h,v 1.6 2022/06/29 08:27:51 tb Exp $ */
+/* $OpenBSD: tls_internal.h,v 1.7 2022/07/20 06:32:24 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019, 2021 Joel Sing <jsing@openbsd.org>
  *
@@ -47,7 +47,6 @@ typedef ssize_t (*tls_flush_cb)(void *_cb_arg);
 struct tls_buffer;
 
 struct tls_buffer *tls_buffer_new(size_t init_size);
-int tls_buffer_set_data(struct tls_buffer *buf, CBS *data);
 void tls_buffer_free(struct tls_buffer *buf);
 ssize_t tls_buffer_extend(struct tls_buffer *buf, size_t len,
     tls_read_cb read_cb, void *cb_arg);
OpenBSD src
by Ahmet Artu Yildirim