From 535016d160aca944406b1b7d4f12b3edb05d2bf1 Mon Sep 17 00:00:00 2001 From: jsing Date: Sun, 11 Sep 2022 13:51:25 +0000 Subject: [PATCH] Use CBS when procesing a CCS message in the legacy stack. ok tb@ --- lib/libssl/ssl_pkt.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/lib/libssl/ssl_pkt.c b/lib/libssl/ssl_pkt.c index 4ec22f7d53d..d9f5a0d0577 100644 --- a/lib/libssl/ssl_pkt.c +++ b/lib/libssl/ssl_pkt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_pkt.c,v 1.59 2022/09/10 15:37:13 jsing Exp $ */ +/* $OpenBSD: ssl_pkt.c,v 1.60 2022/09/11 13:51:25 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -762,17 +762,20 @@ int ssl3_read_change_cipher_spec(SSL *s) { SSL3_RECORD_INTERNAL *rr = &s->s3->rrec; + const uint8_t ccs[] = { SSL3_MT_CCS }; + CBS cbs; /* * 'Change Cipher Spec' is just a single byte, so we know exactly what * the record payload has to look like. */ - if (rr->length != 1 || rr->off != 0) { + CBS_init(&cbs, rr->data, rr->length); + if (rr->off != 0 || CBS_len(&cbs) != sizeof(ccs)) { SSLerror(s, SSL_R_BAD_CHANGE_CIPHER_SPEC); ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR); return -1; } - if (rr->data[0] != SSL3_MT_CCS) { + if (!CBS_mem_equal(&cbs, ccs, sizeof(ccs))) { SSLerror(s, SSL_R_BAD_CHANGE_CIPHER_SPEC); ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER); return -1; @@ -780,7 +783,7 @@ ssl3_read_change_cipher_spec(SSL *s) /* XDTLS: check that epoch is consistent */ - ssl_msg_callback(s, 0, SSL3_RT_CHANGE_CIPHER_SPEC, rr->data, 1); + ssl_msg_callback_cbs(s, 0, SSL3_RT_CHANGE_CIPHER_SPEC, &cbs); /* Check that we have a cipher to change to. */ if (s->s3->hs.cipher == NULL) { -- 2.20.1