From fc718d1d888c5fb1425013853bfa64794fdcb8ad Mon Sep 17 00:00:00 2001 From: jsing Date: Wed, 20 Jul 2022 06:32:24 +0000 Subject: [PATCH] Remove tls_buffer_set_data() and remove/revise callers. There is no way that tls_buffer_set_data() can currently work in conjunction with tls_buffer_expand(). This fact is currently hidden by the way that PHH works, which reads the same data from the record layer (which it needs to do anyway, since we may not have all of the handshake message in a single record). Since this is broken, mop it up and change the PHH callback to not provide the record data. ok beck@ tb@ --- lib/libssl/tls13_handshake_msg.c | 8 +------- lib/libssl/tls13_internal.h | 5 ++--- lib/libssl/tls13_lib.c | 17 +++++++---------- lib/libssl/tls13_record_layer.c | 4 ++-- lib/libssl/tls_buffer.c | 11 +---------- lib/libssl/tls_internal.h | 3 +-- 6 files changed, 14 insertions(+), 34 deletions(-) diff --git a/lib/libssl/tls13_handshake_msg.c b/lib/libssl/tls13_handshake_msg.c index 67eab3152fb..946ccaccd6f 100644 --- a/lib/libssl/tls13_handshake_msg.c +++ b/lib/libssl/tls13_handshake_msg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_handshake_msg.c,v 1.4 2021/10/23 13:12:14 jsing Exp $ */ +/* $OpenBSD: tls13_handshake_msg.c,v 1.5 2022/07/20 06:32:24 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -71,12 +71,6 @@ tls13_handshake_msg_data(struct tls13_handshake_msg *msg, CBS *cbs) CBS_init(cbs, msg->data, msg->data_len); } -int -tls13_handshake_msg_set_buffer(struct tls13_handshake_msg *msg, CBS *cbs) -{ - return tls_buffer_set_data(msg->buf, cbs); -} - uint8_t tls13_handshake_msg_type(struct tls13_handshake_msg *msg) { diff --git a/lib/libssl/tls13_internal.h b/lib/libssl/tls13_internal.h index 555dd4262e5..599eb200cbc 100644 --- a/lib/libssl/tls13_internal.h +++ b/lib/libssl/tls13_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_internal.h,v 1.98 2022/07/17 15:49:20 jsing Exp $ */ +/* $OpenBSD: tls13_internal.h,v 1.99 2022/07/20 06:32:24 jsing Exp $ */ /* * Copyright (c) 2018 Bob Beck * Copyright (c) 2018 Theo Buehler @@ -88,7 +88,7 @@ __BEGIN_HIDDEN_DECLS #define TLS13_INFO_CONNECT_EXIT SSL_CB_CONNECT_EXIT typedef void (*tls13_alert_cb)(uint8_t _alert_desc, void *_cb_arg); -typedef ssize_t (*tls13_phh_recv_cb)(void *_cb_arg, CBS *_cbs); +typedef ssize_t (*tls13_phh_recv_cb)(void *_cb_arg); typedef void (*tls13_phh_sent_cb)(void *_cb_arg); typedef void (*tls13_handshake_message_cb)(void *_cb_arg); typedef void (*tls13_info_cb)(void *_cb_arg, int _state, int _ret); @@ -226,7 +226,6 @@ struct tls13_handshake_msg; struct tls13_handshake_msg *tls13_handshake_msg_new(void); void tls13_handshake_msg_free(struct tls13_handshake_msg *msg); void tls13_handshake_msg_data(struct tls13_handshake_msg *msg, CBS *cbs); -int tls13_handshake_msg_set_buffer(struct tls13_handshake_msg *msg, CBS *cbs); uint8_t tls13_handshake_msg_type(struct tls13_handshake_msg *msg); int tls13_handshake_msg_content(struct tls13_handshake_msg *msg, CBS *cbs); int tls13_handshake_msg_start(struct tls13_handshake_msg *msg, CBB *body, diff --git a/lib/libssl/tls13_lib.c b/lib/libssl/tls13_lib.c index 8b28bf55a45..8d0e030b5a2 100644 --- a/lib/libssl/tls13_lib.c +++ b/lib/libssl/tls13_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_lib.c,v 1.66 2022/07/20 06:20:44 jsing Exp $ */ +/* $OpenBSD: tls13_lib.c,v 1.67 2022/07/20 06:32:24 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * Copyright (c) 2019 Bob Beck @@ -338,11 +338,11 @@ tls13_phh_done_cb(void *cb_arg) } static ssize_t -tls13_phh_received_cb(void *cb_arg, CBS *cbs) +tls13_phh_received_cb(void *cb_arg) { ssize_t ret = TLS13_IO_FAILURE; struct tls13_ctx *ctx = cb_arg; - CBS phh_cbs; + CBS cbs; if (!tls13_phh_limit_check(ctx)) return tls13_send_alert(ctx->rl, TLS13_ALERT_UNEXPECTED_MESSAGE); @@ -351,19 +351,16 @@ tls13_phh_received_cb(void *cb_arg, CBS *cbs) ((ctx->hs_msg = tls13_handshake_msg_new()) == NULL)) return TLS13_IO_FAILURE; - if (!tls13_handshake_msg_set_buffer(ctx->hs_msg, cbs)) - return TLS13_IO_FAILURE; - - if ((ret = tls13_handshake_msg_recv(ctx->hs_msg, ctx->rl)) - != TLS13_IO_SUCCESS) + if ((ret = tls13_handshake_msg_recv(ctx->hs_msg, ctx->rl)) != + TLS13_IO_SUCCESS) return ret; - if (!tls13_handshake_msg_content(ctx->hs_msg, &phh_cbs)) + if (!tls13_handshake_msg_content(ctx->hs_msg, &cbs)) return TLS13_IO_FAILURE; switch(tls13_handshake_msg_type(ctx->hs_msg)) { case TLS13_MT_KEY_UPDATE: - ret = tls13_key_update_recv(ctx, &phh_cbs); + ret = tls13_key_update_recv(ctx, &cbs); break; case TLS13_MT_NEW_SESSION_TICKET: /* XXX do nothing for now and ignore this */ diff --git a/lib/libssl/tls13_record_layer.c b/lib/libssl/tls13_record_layer.c index c68ee3b3a5c..2b7052c30e9 100644 --- a/lib/libssl/tls13_record_layer.c +++ b/lib/libssl/tls13_record_layer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_record_layer.c,v 1.67 2022/01/14 09:12:15 tb Exp $ */ +/* $OpenBSD: tls13_record_layer.c,v 1.68 2022/07/20 06:32:24 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -909,7 +909,7 @@ tls13_record_layer_recv_phh(struct tls13_record_layer *rl) * TLS13_IO_FAILURE something broke. */ if (rl->cb.phh_recv != NULL) - ret = rl->cb.phh_recv(rl->cb_arg, tls_content_cbs(rl->rcontent)); + ret = rl->cb.phh_recv(rl->cb_arg); tls_content_clear(rl->rcontent); diff --git a/lib/libssl/tls_buffer.c b/lib/libssl/tls_buffer.c index 5c0ca7e40eb..9bb6b62e511 100644 --- a/lib/libssl/tls_buffer.c +++ b/lib/libssl/tls_buffer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_buffer.c,v 1.1 2021/10/23 13:12:14 jsing Exp $ */ +/* $OpenBSD: tls_buffer.c,v 1.2 2022/07/20 06:32:24 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -76,15 +76,6 @@ tls_buffer_resize(struct tls_buffer *buf, size_t capacity) return 1; } -int -tls_buffer_set_data(struct tls_buffer *buf, CBS *data) -{ - if (!tls_buffer_resize(buf, CBS_len(data))) - return 0; - memcpy(buf->data, CBS_data(data), CBS_len(data)); - return 1; -} - ssize_t tls_buffer_extend(struct tls_buffer *buf, size_t len, tls_read_cb read_cb, void *cb_arg) diff --git a/lib/libssl/tls_internal.h b/lib/libssl/tls_internal.h index 0065f0f39f7..ac2d14da48d 100644 --- a/lib/libssl/tls_internal.h +++ b/lib/libssl/tls_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls_internal.h,v 1.6 2022/06/29 08:27:51 tb Exp $ */ +/* $OpenBSD: tls_internal.h,v 1.7 2022/07/20 06:32:24 jsing Exp $ */ /* * Copyright (c) 2018, 2019, 2021 Joel Sing * @@ -47,7 +47,6 @@ typedef ssize_t (*tls_flush_cb)(void *_cb_arg); struct tls_buffer; struct tls_buffer *tls_buffer_new(size_t init_size); -int tls_buffer_set_data(struct tls_buffer *buf, CBS *data); void tls_buffer_free(struct tls_buffer *buf); ssize_t tls_buffer_extend(struct tls_buffer *buf, size_t len, tls_read_cb read_cb, void *cb_arg); -- 2.20.1