-/* $OpenBSD: d1_both.c,v 1.24 2014/07/10 08:51:14 tedu Exp $ */
+/* $OpenBSD: d1_both.c,v 1.25 2014/08/07 19:46:31 miod Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
i = s->method->ssl3_enc->final_finish_mac(s, sender, slen,
s->s3->tmp.finish_md);
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
s->s3->tmp.finish_md_len = i;
memcpy(p, s->s3->tmp.finish_md, i);
p += i;
* renegotiation checks
*/
if (s->type == SSL_ST_CONNECT) {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_client_finished,
s->s3->tmp.finish_md, i);
s->s3->previous_client_finished_len = i;
} else {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_server_finished,
s->s3->tmp.finish_md, i);
s->s3->previous_server_finished_len = i;
-/* $OpenBSD: d1_clnt.c,v 1.31 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: d1_clnt.c,v 1.32 2014/08/07 19:46:31 miod Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
/* if client_random is initialized, reuse it, we are
* required to use same upon reply to HelloVerify */
- for (i = 0; p[i]=='\0' && i < sizeof(s->s3->client_random); i++)
- ;
+ for (i = 0; i < sizeof(s->s3->client_random); i++)
+ if (p[i] != '\0')
+ break;
if (i == sizeof(s->s3->client_random))
RAND_pseudo_bytes(p, sizeof(s->s3->client_random));
/* If we get an error, we need to
* ssl->rwstate=SSL_X509_LOOKUP; return(-1);
* We then get retied later */
- i = 0;
i = ssl_do_client_cert_cb(s, &x509, &pkey);
if (i < 0) {
s->rwstate = SSL_X509_LOOKUP;
-/* $OpenBSD: d1_pkt.c,v 1.32 2014/07/10 08:51:14 tedu Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.33 2014/08/07 19:46:31 miod Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
}
i = s->method->ssl3_enc->mac(s, md, 0 /* not send */);
- if (i < 0 || mac == NULL || timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
+ if (i < 0 || mac == NULL ||
+ timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
enc_err = -1;
if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
enc_err = -1;
+ OPENSSL_cleanse(&md, sizeof md);
}
if (enc_err < 0) {
-/* $OpenBSD: s23_srvr.c,v 1.32 2014/08/07 04:49:53 deraadt Exp $ */
+/* $OpenBSD: s23_srvr.c,v 1.33 2014/08/07 19:46:31 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
}
j = ssl23_read_bytes(s, n + 2);
- /* We previously read 11 bytes, so if j > 0, we must have
- * j == n+2 == s->packet_length. We have at least 11 valid
- * packet bytes. */
- if (j <= 0)
- return (j);
+ if (j != n + 2)
+ return -1;
ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2);
if (s->msg_callback)
-/* $OpenBSD: s3_both.c,v 1.26 2014/07/10 08:51:14 tedu Exp $ */
+/* $OpenBSD: s3_both.c,v 1.27 2014/08/07 19:46:31 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
p = &(d[4]);
i = s->method->ssl3_enc->final_finish_mac(s,
- sender, slen, s->s3->tmp.finish_md);
+ sender, slen, s->s3->tmp.finish_md);
if (i == 0)
return 0;
s->s3->tmp.finish_md_len = i;
/* Copy the finished so we can use it for
renegotiation checks */
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
if (s->type == SSL_ST_CONNECT) {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_client_finished,
- s->s3->tmp.finish_md, i);
+ s->s3->tmp.finish_md, i);
s->s3->previous_client_finished_len = i;
} else {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_server_finished,
- s->s3->tmp.finish_md, i);
+ s->s3->tmp.finish_md, i);
s->s3->previous_server_finished_len = i;
}
}
s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
- sender, slen, s->s3->tmp.peer_finish_md);
+ sender, slen, s->s3->tmp.peer_finish_md);
}
#endif
p = (unsigned char *)s->init_msg;
i = s->s3->tmp.peer_finish_md_len;
- if (i != n) {
+ if (i != n || i > EVP_MAX_MD_SIZE) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
goto f_err;
/* Copy the finished so we can use it for
renegotiation checks */
if (s->type == SSL_ST_ACCEPT) {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_client_finished,
- s->s3->tmp.peer_finish_md, i);
+ s->s3->tmp.peer_finish_md, i);
s->s3->previous_client_finished_len = i;
} else {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_server_finished,
- s->s3->tmp.peer_finish_md, i);
+ s->s3->tmp.peer_finish_md, i);
s->s3->previous_server_finished_len = i;
}
-/* $OpenBSD: s3_lib.c,v 1.71 2014/07/13 16:03:10 beck Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.72 2014/08/07 19:46:31 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
SSL3_STATE *s3;
if ((s3 = calloc(1, sizeof *s3)) == NULL)
- goto err;
+ return 0;
memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
s->method->ssl_clear(s);
return (1);
-err:
- return (0);
}
void
-/* $OpenBSD: d1_both.c,v 1.24 2014/07/10 08:51:14 tedu Exp $ */
+/* $OpenBSD: d1_both.c,v 1.25 2014/08/07 19:46:31 miod Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
i = s->method->ssl3_enc->final_finish_mac(s, sender, slen,
s->s3->tmp.finish_md);
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
s->s3->tmp.finish_md_len = i;
memcpy(p, s->s3->tmp.finish_md, i);
p += i;
* renegotiation checks
*/
if (s->type == SSL_ST_CONNECT) {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_client_finished,
s->s3->tmp.finish_md, i);
s->s3->previous_client_finished_len = i;
} else {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_server_finished,
s->s3->tmp.finish_md, i);
s->s3->previous_server_finished_len = i;
-/* $OpenBSD: d1_clnt.c,v 1.31 2014/07/12 22:33:39 jsing Exp $ */
+/* $OpenBSD: d1_clnt.c,v 1.32 2014/08/07 19:46:31 miod Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
/* if client_random is initialized, reuse it, we are
* required to use same upon reply to HelloVerify */
- for (i = 0; p[i]=='\0' && i < sizeof(s->s3->client_random); i++)
- ;
+ for (i = 0; i < sizeof(s->s3->client_random); i++)
+ if (p[i] != '\0')
+ break;
if (i == sizeof(s->s3->client_random))
RAND_pseudo_bytes(p, sizeof(s->s3->client_random));
/* If we get an error, we need to
* ssl->rwstate=SSL_X509_LOOKUP; return(-1);
* We then get retied later */
- i = 0;
i = ssl_do_client_cert_cb(s, &x509, &pkey);
if (i < 0) {
s->rwstate = SSL_X509_LOOKUP;
-/* $OpenBSD: d1_pkt.c,v 1.32 2014/07/10 08:51:14 tedu Exp $ */
+/* $OpenBSD: d1_pkt.c,v 1.33 2014/08/07 19:46:31 miod Exp $ */
/*
* DTLS implementation written by Nagendra Modadugu
* (nagendra@cs.stanford.edu) for the OpenSSL project 2005.
}
i = s->method->ssl3_enc->mac(s, md, 0 /* not send */);
- if (i < 0 || mac == NULL || timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
+ if (i < 0 || mac == NULL ||
+ timingsafe_memcmp(md, mac, (size_t)mac_size) != 0)
enc_err = -1;
if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)
enc_err = -1;
+ OPENSSL_cleanse(&md, sizeof md);
}
if (enc_err < 0) {
-/* $OpenBSD: s23_srvr.c,v 1.32 2014/08/07 04:49:53 deraadt Exp $ */
+/* $OpenBSD: s23_srvr.c,v 1.33 2014/08/07 19:46:31 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
}
j = ssl23_read_bytes(s, n + 2);
- /* We previously read 11 bytes, so if j > 0, we must have
- * j == n+2 == s->packet_length. We have at least 11 valid
- * packet bytes. */
- if (j <= 0)
- return (j);
+ if (j != n + 2)
+ return -1;
ssl3_finish_mac(s, s->packet + 2, s->packet_length - 2);
if (s->msg_callback)
-/* $OpenBSD: s3_both.c,v 1.26 2014/07/10 08:51:14 tedu Exp $ */
+/* $OpenBSD: s3_both.c,v 1.27 2014/08/07 19:46:31 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
p = &(d[4]);
i = s->method->ssl3_enc->final_finish_mac(s,
- sender, slen, s->s3->tmp.finish_md);
+ sender, slen, s->s3->tmp.finish_md);
if (i == 0)
return 0;
s->s3->tmp.finish_md_len = i;
/* Copy the finished so we can use it for
renegotiation checks */
+ OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
if (s->type == SSL_ST_CONNECT) {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_client_finished,
- s->s3->tmp.finish_md, i);
+ s->s3->tmp.finish_md, i);
s->s3->previous_client_finished_len = i;
} else {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_server_finished,
- s->s3->tmp.finish_md, i);
+ s->s3->tmp.finish_md, i);
s->s3->previous_server_finished_len = i;
}
}
s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
- sender, slen, s->s3->tmp.peer_finish_md);
+ sender, slen, s->s3->tmp.peer_finish_md);
}
#endif
p = (unsigned char *)s->init_msg;
i = s->s3->tmp.peer_finish_md_len;
- if (i != n) {
+ if (i != n || i > EVP_MAX_MD_SIZE) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_SSL3_GET_FINISHED, SSL_R_BAD_DIGEST_LENGTH);
goto f_err;
/* Copy the finished so we can use it for
renegotiation checks */
if (s->type == SSL_ST_ACCEPT) {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_client_finished,
- s->s3->tmp.peer_finish_md, i);
+ s->s3->tmp.peer_finish_md, i);
s->s3->previous_client_finished_len = i;
} else {
- OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_server_finished,
- s->s3->tmp.peer_finish_md, i);
+ s->s3->tmp.peer_finish_md, i);
s->s3->previous_server_finished_len = i;
}
-/* $OpenBSD: s3_enc.c,v 1.52 2014/07/10 08:51:14 tedu Exp $ */
+/* $OpenBSD: s3_enc.c,v 1.53 2014/08/07 19:46:31 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
if (!EVP_MD_CTX_copy_ex(&ctx, d))
return 0;
n = EVP_MD_CTX_size(&ctx);
- if (n < 0)
+ if (n <= 0)
return 0;
npad = (48 / n) * n;
}
t = EVP_MD_CTX_size(hash);
- if (t < 0)
+ if (t <= 0)
return -1;
md_size = t;
npad = (48 / md_size) * md_size;
-/* $OpenBSD: s3_lib.c,v 1.71 2014/07/13 16:03:10 beck Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.72 2014/08/07 19:46:31 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
SSL3_STATE *s3;
if ((s3 = calloc(1, sizeof *s3)) == NULL)
- goto err;
+ return 0;
memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num));
memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
s->method->ssl_clear(s);
return (1);
-err:
- return (0);
}
void
-/* $OpenBSD: t1_enc.c,v 1.67 2014/07/10 10:09:54 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.68 2014/08/07 19:46:31 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
static int
tls1_change_cipher_state_aead(SSL *s, char is_read, const unsigned char *key,
- unsigned key_len, const unsigned char *iv, unsigned iv_len)
+ unsigned int key_len, const unsigned char *iv, unsigned int iv_len)
{
const EVP_AEAD *aead = s->s3->tmp.new_aead;
SSL_AEAD_CTX *aead_ctx;
rec->length += pad;
}
} else if ((bs != 1) && send) {
+ /* XXX divide by zero if bs == 0 (should not happen) */
i = bs - ((int)l % bs);
/* Add weird padding of upto 256 bytes */
currentvalpos++;
val[currentvalpos] = contextlen & 0xff;
currentvalpos++;
- if ((contextlen > 0) || (context != NULL)) {
+ if (contextlen != 0 && context != NULL) {
memcpy(val + currentvalpos, context, contextlen);
}
}
-/* $OpenBSD: t1_enc.c,v 1.67 2014/07/10 10:09:54 jsing Exp $ */
+/* $OpenBSD: t1_enc.c,v 1.68 2014/08/07 19:46:31 miod Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
static int
tls1_change_cipher_state_aead(SSL *s, char is_read, const unsigned char *key,
- unsigned key_len, const unsigned char *iv, unsigned iv_len)
+ unsigned int key_len, const unsigned char *iv, unsigned int iv_len)
{
const EVP_AEAD *aead = s->s3->tmp.new_aead;
SSL_AEAD_CTX *aead_ctx;
rec->length += pad;
}
} else if ((bs != 1) && send) {
+ /* XXX divide by zero if bs == 0 (should not happen) */
i = bs - ((int)l % bs);
/* Add weird padding of upto 256 bytes */
currentvalpos++;
val[currentvalpos] = contextlen & 0xff;
currentvalpos++;
- if ((contextlen > 0) || (context != NULL)) {
+ if (contextlen != 0 && context != NULL) {
memcpy(val + currentvalpos, context, contextlen);
}
}
projects / openbsd / commitdiff