From: doug <doug@openbsd.org>
Date: Wed, 17 Jun 2015 07:36:30 +0000 (+0000)
Subject: Convert tls1_check_curve to CBS.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=b30173a76d86ce759d69b63e89ed3dbdc935f1d7;p=openbsd

Convert tls1_check_curve to CBS.

ok miod@ jsing@
---

diff --git a/lib/libssl/src/ssl/t1_lib.c b/lib/libssl/src/ssl/t1_lib.c
index 9b7f54682bc..145ebf27919 100644
--- a/lib/libssl/src/ssl/t1_lib.c
+++ b/lib/libssl/src/ssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.75 2015/03/02 13:43:09 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.76 2015/06/17 07:36:30 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -117,6 +117,7 @@
 #include <openssl/ocsp.h>
 
 #include "ssl_locl.h"
+#include "bytestring.h"
 
 static int tls_decrypt_ticket(SSL *s, const unsigned char *tick, int ticklen,
     const unsigned char *sess_id, int sesslen,
@@ -403,16 +404,21 @@ tls1_get_curvelist(SSL *s, int client_curves, const uint16_t **pcurves,
 int
 tls1_check_curve(SSL *s, const unsigned char *p, size_t len)
 {
+	CBS cbs;
 	const uint16_t *curves;
 	size_t curveslen, i;
+	uint8_t type;
 	uint16_t cid;
 
+	CBS_init(&cbs, p, len);
+
 	/* Only named curves are supported. */
-	if (len != 3 || p[0] != NAMED_CURVE_TYPE)
+	if (CBS_len(&cbs) != 3 ||
+	    !CBS_get_u8(&cbs, &type) ||
+	    type != NAMED_CURVE_TYPE ||
+	    !CBS_get_u16(&cbs, &cid))
 		return (0);
 
-	cid = (p[1] << 8) | p[2];
-
 	tls1_get_curvelist(s, 0, &curves, &curveslen);
 
 	for (i = 0; i < curveslen; i++) {
diff --git a/lib/libssl/t1_lib.c b/lib/libssl/t1_lib.c
index 9b7f54682bc..145ebf27919 100644
--- a/lib/libssl/t1_lib.c
+++ b/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.75 2015/03/02 13:43:09 jsing Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.76 2015/06/17 07:36:30 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -117,6 +117,7 @@
 #include <openssl/ocsp.h>
 
 #include "ssl_locl.h"
+#include "bytestring.h"
 
 static int tls_decrypt_ticket(SSL *s, const unsigned char *tick, int ticklen,
     const unsigned char *sess_id, int sesslen,
@@ -403,16 +404,21 @@ tls1_get_curvelist(SSL *s, int client_curves, const uint16_t **pcurves,
 int
 tls1_check_curve(SSL *s, const unsigned char *p, size_t len)
 {
+	CBS cbs;
 	const uint16_t *curves;
 	size_t curveslen, i;
+	uint8_t type;
 	uint16_t cid;
 
+	CBS_init(&cbs, p, len);
+
 	/* Only named curves are supported. */
-	if (len != 3 || p[0] != NAMED_CURVE_TYPE)
+	if (CBS_len(&cbs) != 3 ||
+	    !CBS_get_u8(&cbs, &type) ||
+	    type != NAMED_CURVE_TYPE ||
+	    !CBS_get_u16(&cbs, &cid))
 		return (0);
 
-	cid = (p[1] << 8) | p[2];
-
 	tls1_get_curvelist(s, 0, &curves, &curveslen);
 
 	for (i = 0; i < curveslen; i++) {