mirror of
https://github.com/openssl/openssl.git
synced 2024-11-21 01:15:20 +08:00
Rename PACKETW to WPACKET
To avoid confusion with the read PACKET structure. Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
parent
2c7b4dbc1a
commit
ae2f7b37da
90
ssl/packet.c
90
ssl/packet.c
@ -10,10 +10,10 @@
|
||||
#include "packet_locl.h"
|
||||
|
||||
/*
|
||||
* Allocate bytes in the PACKETW_BUF for the output. This reserves the bytes
|
||||
* Allocate bytes in the WPACKET_BUF for the output. This reserves the bytes
|
||||
* and count them as "written", but doesn't actually do the writing.
|
||||
*/
|
||||
static unsigned char *PACKETW_BUF_allocate(PACKETW_BUF *wbuf, size_t len)
|
||||
static unsigned char *WPACKET_BUF_allocate(WPACKET_BUF *wbuf, size_t len)
|
||||
{
|
||||
unsigned char *ret = wbuf->curr;
|
||||
|
||||
@ -40,19 +40,19 @@ static unsigned char *PACKETW_BUF_allocate(PACKETW_BUF *wbuf, size_t len)
|
||||
}
|
||||
|
||||
/*
|
||||
* Initialise a PACKETW with the buffer in |buf|. The buffer must exist
|
||||
* for the whole time that the PACKETW is being used. Additionally |lenbytes| of
|
||||
* Initialise a WPACKET with the buffer in |buf|. The buffer must exist
|
||||
* for the whole time that the WPACKET is being used. Additionally |lenbytes| of
|
||||
* data is preallocated at the start of the buffer to store the length of the
|
||||
* PACKETW once we know it.
|
||||
* WPACKET once we know it.
|
||||
*/
|
||||
int PACKETW_init_len(PACKETW *pkt, BUF_MEM *buf, size_t lenbytes)
|
||||
int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes)
|
||||
{
|
||||
PACKETW_BUF *wbuf;
|
||||
WPACKET_BUF *wbuf;
|
||||
/* Sanity check */
|
||||
if (buf == NULL)
|
||||
return 0;
|
||||
|
||||
wbuf = OPENSSL_zalloc(sizeof(PACKETW_BUF));
|
||||
wbuf = OPENSSL_zalloc(sizeof(WPACKET_BUF));
|
||||
if (wbuf == NULL) {
|
||||
pkt->isclosed = 1;
|
||||
return 0;
|
||||
@ -75,7 +75,7 @@ int PACKETW_init_len(PACKETW *pkt, BUF_MEM *buf, size_t lenbytes)
|
||||
return 1;
|
||||
}
|
||||
|
||||
pkt->packet_len = PACKETW_BUF_allocate(wbuf, lenbytes);
|
||||
pkt->packet_len = WPACKET_BUF_allocate(wbuf, lenbytes);
|
||||
if (pkt->packet_len == NULL) {
|
||||
OPENSSL_free(wbuf);
|
||||
pkt->wbuf = NULL;
|
||||
@ -87,23 +87,23 @@ int PACKETW_init_len(PACKETW *pkt, BUF_MEM *buf, size_t lenbytes)
|
||||
}
|
||||
|
||||
/*
|
||||
* Same as PACKETW_init_len except there is no preallocation of the PACKETW
|
||||
* Same as WPACKET_init_len except there is no preallocation of the WPACKET
|
||||
* length.
|
||||
*/
|
||||
int PACKETW_init(PACKETW *pkt, BUF_MEM *buf)
|
||||
int WPACKET_init(WPACKET *pkt, BUF_MEM *buf)
|
||||
{
|
||||
return PACKETW_init_len(pkt, buf, 0);
|
||||
return WPACKET_init_len(pkt, buf, 0);
|
||||
}
|
||||
|
||||
/*
|
||||
* Set the PACKETW length, and the location for where we should write that
|
||||
* length. Normally this will be at the start of the PACKETW, and therefore
|
||||
* the PACKETW would have been initialised via PACKETW_init_len(). However there
|
||||
* Set the WPACKET length, and the location for where we should write that
|
||||
* length. Normally this will be at the start of the WPACKET, and therefore
|
||||
* the WPACKET would have been initialised via WPACKET_init_len(). However there
|
||||
* is the possibility that the length needs to be written to some other location
|
||||
* other than the start of the PACKETW. In that case init via PACKETW_init() and
|
||||
* other than the start of the WPACKET. In that case init via WPACKET_init() and
|
||||
* then set the location for the length using this function.
|
||||
*/
|
||||
int PACKETW_set_packet_len(PACKETW *pkt, unsigned char *packet_len,
|
||||
int WPACKET_set_packet_len(WPACKET *pkt, unsigned char *packet_len,
|
||||
size_t lenbytes)
|
||||
{
|
||||
/* We only allow this to be set once */
|
||||
@ -116,7 +116,7 @@ int PACKETW_set_packet_len(PACKETW *pkt, unsigned char *packet_len,
|
||||
return 1;
|
||||
}
|
||||
|
||||
int PACKETW_set_flags(PACKETW *pkt, unsigned int flags)
|
||||
int WPACKET_set_flags(WPACKET *pkt, unsigned int flags)
|
||||
{
|
||||
pkt->flags = flags;
|
||||
|
||||
@ -124,12 +124,12 @@ int PACKETW_set_flags(PACKETW *pkt, unsigned int flags)
|
||||
}
|
||||
|
||||
/*
|
||||
* Closes the PACKETW and marks it as invalid for future writes. It also writes
|
||||
* Closes the WPACKET and marks it as invalid for future writes. It also writes
|
||||
* out the length of the packet to the required location (normally the start
|
||||
* of the PACKETW) if appropriate. A PACKETW cannot be closed if it has an
|
||||
* of the WPACKET) if appropriate. A WPACKET cannot be closed if it has an
|
||||
* active sub-packet.
|
||||
*/
|
||||
int PACKETW_close(PACKETW *pkt)
|
||||
int WPACKET_close(WPACKET *pkt)
|
||||
{
|
||||
size_t packlen;
|
||||
|
||||
@ -137,12 +137,12 @@ int PACKETW_close(PACKETW *pkt)
|
||||
return 0;
|
||||
|
||||
packlen = pkt->wbuf->written - pkt->pwritten;
|
||||
if (packlen == 0 && pkt->flags & OPENSSL_PACKETW_FLAGS_NON_ZERO_LENGTH)
|
||||
if (packlen == 0 && pkt->flags & OPENSSL_WPACKET_FLAGS_NON_ZERO_LENGTH)
|
||||
return 0;
|
||||
|
||||
if (packlen == 0
|
||||
&& pkt->flags & OPENSSL_PACKETW_FLAGS_ABANDON_ON_ZERO_LENGTH) {
|
||||
/* Deallocate any bytes allocated for the length of the PACKETW */
|
||||
&& pkt->flags & OPENSSL_WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) {
|
||||
/* Deallocate any bytes allocated for the length of the WPACKET */
|
||||
if ((pkt->wbuf->curr - pkt->lenbytes) == pkt->packet_len) {
|
||||
pkt->wbuf->written -= pkt->lenbytes;
|
||||
pkt->wbuf->curr -= pkt->lenbytes;
|
||||
@ -152,7 +152,7 @@ int PACKETW_close(PACKETW *pkt)
|
||||
pkt->packet_len = NULL;
|
||||
}
|
||||
|
||||
/* Write out the PACKETW length if needed */
|
||||
/* Write out the WPACKET length if needed */
|
||||
if (pkt->packet_len != NULL) {
|
||||
size_t lenbytes;
|
||||
|
||||
@ -189,7 +189,7 @@ int PACKETW_close(PACKETW *pkt)
|
||||
* Additionally |lenbytes| of data is preallocated at the start of the
|
||||
* sub-packet to store its length once we know it.
|
||||
*/
|
||||
int PACKETW_get_sub_packet_len(PACKETW *pkt, PACKETW *subpkt, size_t lenbytes)
|
||||
int WPACKET_get_sub_packet_len(WPACKET *pkt, WPACKET *subpkt, size_t lenbytes)
|
||||
{
|
||||
if (pkt->isclosed || pkt->haschild || subpkt == NULL)
|
||||
return 0;
|
||||
@ -207,7 +207,7 @@ int PACKETW_get_sub_packet_len(PACKETW *pkt, PACKETW *subpkt, size_t lenbytes)
|
||||
return 1;
|
||||
}
|
||||
|
||||
subpkt->packet_len = PACKETW_BUF_allocate(pkt->wbuf, lenbytes);
|
||||
subpkt->packet_len = WPACKET_BUF_allocate(pkt->wbuf, lenbytes);
|
||||
if (subpkt->packet_len == NULL) {
|
||||
subpkt->isclosed = 1;
|
||||
return 0;
|
||||
@ -219,20 +219,20 @@ int PACKETW_get_sub_packet_len(PACKETW *pkt, PACKETW *subpkt, size_t lenbytes)
|
||||
}
|
||||
|
||||
/*
|
||||
* Same as PACKETW_get_sub_packet_len() except no bytes are pre-allocated for
|
||||
* Same as WPACKET_get_sub_packet_len() except no bytes are pre-allocated for
|
||||
* the sub-packet length.
|
||||
*/
|
||||
int PACKETW_get_sub_packet(PACKETW *pkt, PACKETW *subpkt)
|
||||
int WPACKET_get_sub_packet(WPACKET *pkt, WPACKET *subpkt)
|
||||
{
|
||||
return PACKETW_get_sub_packet_len(pkt, subpkt, 0);
|
||||
return WPACKET_get_sub_packet_len(pkt, subpkt, 0);
|
||||
}
|
||||
|
||||
/*
|
||||
* Allocate some bytes in the PACKETW for writing. That number of bytes is
|
||||
* Allocate some bytes in the WPACKET for writing. That number of bytes is
|
||||
* marked as having been written, and a pointer to their location is stored in
|
||||
* |*allocbytes|.
|
||||
*/
|
||||
int PACKETW_allocate_bytes(PACKETW *pkt, size_t bytes,
|
||||
int WPACKET_allocate_bytes(WPACKET *pkt, size_t bytes,
|
||||
unsigned char **allocbytes)
|
||||
{
|
||||
unsigned char *data;
|
||||
@ -240,7 +240,7 @@ int PACKETW_allocate_bytes(PACKETW *pkt, size_t bytes,
|
||||
if (pkt->isclosed || pkt->haschild || bytes == 0)
|
||||
return 0;
|
||||
|
||||
data = PACKETW_BUF_allocate(pkt->wbuf, bytes);
|
||||
data = WPACKET_BUF_allocate(pkt->wbuf, bytes);
|
||||
if (data == NULL)
|
||||
return 0;
|
||||
|
||||
@ -250,17 +250,17 @@ int PACKETW_allocate_bytes(PACKETW *pkt, size_t bytes,
|
||||
}
|
||||
|
||||
/*
|
||||
* Write the value stored in |val| into the PACKETW. The value will consome
|
||||
* Write the value stored in |val| into the WPACKET. The value will consome
|
||||
* |bytes| amount of storage. An error will occur if |val| cannot be accommdated
|
||||
* in |bytes| storage, e.g. attempting to write the value 256 into 1 byte will
|
||||
* fail.
|
||||
*/
|
||||
int PACKETW_put_bytes(PACKETW *pkt, unsigned int val, size_t bytes)
|
||||
int WPACKET_put_bytes(WPACKET *pkt, unsigned int val, size_t bytes)
|
||||
{
|
||||
unsigned char *data;
|
||||
|
||||
if (bytes > sizeof(unsigned int)
|
||||
|| !PACKETW_allocate_bytes(pkt, bytes, &data))
|
||||
|| !WPACKET_allocate_bytes(pkt, bytes, &data))
|
||||
return 0;
|
||||
|
||||
data += bytes - 1;
|
||||
@ -278,10 +278,10 @@ int PACKETW_put_bytes(PACKETW *pkt, unsigned int val, size_t bytes)
|
||||
}
|
||||
|
||||
/*
|
||||
* Set a maximum size that we will not allow the PACKETW to grow beyond. If not
|
||||
* Set a maximum size that we will not allow the WPACKET to grow beyond. If not
|
||||
* set then there is no maximum.
|
||||
*/
|
||||
int PACKETW_set_max_size(PACKETW *pkt, size_t maxsize)
|
||||
int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize)
|
||||
{
|
||||
pkt->wbuf->maxsize = maxsize;
|
||||
|
||||
@ -289,16 +289,16 @@ int PACKETW_set_max_size(PACKETW *pkt, size_t maxsize)
|
||||
}
|
||||
|
||||
/*
|
||||
* Copy |len| bytes of data from |*src| into the PACKETW.
|
||||
* Copy |len| bytes of data from |*src| into the WPACKET.
|
||||
*/
|
||||
int PACKETW_memcpy(PACKETW *pkt, const void *src, size_t len)
|
||||
int WPACKET_memcpy(WPACKET *pkt, const void *src, size_t len)
|
||||
{
|
||||
unsigned char *dest;
|
||||
|
||||
if (len == 0)
|
||||
return 1;
|
||||
|
||||
if (!PACKETW_allocate_bytes(pkt, len, &dest))
|
||||
if (!WPACKET_allocate_bytes(pkt, len, &dest))
|
||||
return 0;
|
||||
|
||||
memcpy(dest, src, len);
|
||||
@ -308,9 +308,9 @@ int PACKETW_memcpy(PACKETW *pkt, const void *src, size_t len)
|
||||
|
||||
/*
|
||||
* Return the total number of bytes written so far to the underlying buffer.
|
||||
* This might includes bytes written by a parent PACKETW.
|
||||
* This might includes bytes written by a parent WPACKET.
|
||||
*/
|
||||
int PACKETW_get_total_written(PACKETW *pkt, size_t *written)
|
||||
int WPACKET_get_total_written(WPACKET *pkt, size_t *written)
|
||||
{
|
||||
if (pkt->isclosed || written == NULL)
|
||||
return 0;
|
||||
@ -321,10 +321,10 @@ int PACKETW_get_total_written(PACKETW *pkt, size_t *written)
|
||||
}
|
||||
|
||||
/*
|
||||
* Returns the length of this PACKETW so far. This excludes any bytes allocated
|
||||
* Returns the length of this WPACKET so far. This excludes any bytes allocated
|
||||
* for the length itself.
|
||||
*/
|
||||
int PACKETW_get_length(PACKETW *pkt, size_t *len)
|
||||
int WPACKET_get_length(WPACKET *pkt, size_t *len)
|
||||
{
|
||||
if (pkt->isclosed || len == NULL)
|
||||
return 0;
|
||||
|
@ -562,25 +562,25 @@ typedef struct packetw_buf {
|
||||
size_t written;
|
||||
|
||||
/*
|
||||
* Maximum number of bytes we will allow to be written to this PACKETW. Zero
|
||||
* Maximum number of bytes we will allow to be written to this WPACKET. Zero
|
||||
* if no maximum
|
||||
*/
|
||||
size_t maxsize;
|
||||
} PACKETW_BUF;
|
||||
} WPACKET_BUF;
|
||||
|
||||
typedef struct packetw_st PACKETW;
|
||||
typedef struct packetw_st WPACKET;
|
||||
struct packetw_st {
|
||||
/* The parent PACKETW if we have one or NULL otherwise */
|
||||
PACKETW *parent;
|
||||
/* The parent WPACKET if we have one or NULL otherwise */
|
||||
WPACKET *parent;
|
||||
|
||||
/* The actual buffer - shared with sub-packets */
|
||||
PACKETW_BUF *wbuf;
|
||||
WPACKET_BUF *wbuf;
|
||||
|
||||
/* Flags for this PACKETW */
|
||||
/* Flags for this WPACKET */
|
||||
unsigned int flags;
|
||||
|
||||
/*
|
||||
* Pointer to where the length of this PACKETW goes (or NULL if we don't
|
||||
* Pointer to where the length of this WPACKET goes (or NULL if we don't
|
||||
* write the length)
|
||||
*/
|
||||
unsigned char *packet_len;
|
||||
@ -594,35 +594,35 @@ struct packetw_st {
|
||||
/* True if we have an active sub-packet or false otherwise */
|
||||
int haschild;
|
||||
|
||||
/* True if PACKETW_close() has been called on this PACKETW */
|
||||
/* True if WPACKET_close() has been called on this WPACKET */
|
||||
int isclosed;
|
||||
};
|
||||
|
||||
/* Flags */
|
||||
#define OPENSSL_PACKETW_FLAGS_NONE 0
|
||||
/* Error on PACKETW_close() if no data written to the PACKETW */
|
||||
#define OPENSSL_PACKETW_FLAGS_NON_ZERO_LENGTH 1
|
||||
#define OPENSSL_WPACKET_FLAGS_NONE 0
|
||||
/* Error on WPACKET_close() if no data written to the WPACKET */
|
||||
#define OPENSSL_WPACKET_FLAGS_NON_ZERO_LENGTH 1
|
||||
/*
|
||||
* Abandon all changes on PACKETW_close() if no data written to the PACKETW,
|
||||
* Abandon all changes on WPACKET_close() if no data written to the WPACKET,
|
||||
* i.e. this does not write out a zero packet length
|
||||
*/
|
||||
#define OPENSSL_PACKETW_FLAGS_ABANDON_ON_ZERO_LENGTH 2
|
||||
#define OPENSSL_WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH 2
|
||||
|
||||
int PACKETW_init_len(PACKETW *pkt, BUF_MEM *buf, size_t lenbytes);
|
||||
int PACKETW_init(PACKETW *pkt, BUF_MEM *buf);
|
||||
int PACKETW_set_flags(PACKETW *pkt, unsigned int flags);
|
||||
int PACKETW_set_packet_len(PACKETW *pkt, unsigned char *packet_len,
|
||||
int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes);
|
||||
int WPACKET_init(WPACKET *pkt, BUF_MEM *buf);
|
||||
int WPACKET_set_flags(WPACKET *pkt, unsigned int flags);
|
||||
int WPACKET_set_packet_len(WPACKET *pkt, unsigned char *packet_len,
|
||||
size_t lenbytes);
|
||||
int PACKETW_close(PACKETW *pkt);
|
||||
int PACKETW_get_sub_packet_len(PACKETW *pkt, PACKETW *subpkt, size_t lenbytes);
|
||||
int PACKETW_get_sub_packet(PACKETW *pkt, PACKETW *subpkt);
|
||||
int PACKETW_allocate_bytes(PACKETW *pkt, size_t bytes,
|
||||
int WPACKET_close(WPACKET *pkt);
|
||||
int WPACKET_get_sub_packet_len(WPACKET *pkt, WPACKET *subpkt, size_t lenbytes);
|
||||
int WPACKET_get_sub_packet(WPACKET *pkt, WPACKET *subpkt);
|
||||
int WPACKET_allocate_bytes(WPACKET *pkt, size_t bytes,
|
||||
unsigned char **allocbytes);
|
||||
int PACKETW_put_bytes(PACKETW *pkt, unsigned int val, size_t bytes);
|
||||
int PACKETW_set_max_size(PACKETW *pkt, size_t maxsize);
|
||||
int PACKETW_memcpy(PACKETW *pkt, const void *src, size_t len);
|
||||
int PACKETW_get_total_written(PACKETW *pkt, size_t *written);
|
||||
int PACKETW_get_length(PACKETW *pkt, size_t *len);
|
||||
int WPACKET_put_bytes(WPACKET *pkt, unsigned int val, size_t bytes);
|
||||
int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize);
|
||||
int WPACKET_memcpy(WPACKET *pkt, const void *src, size_t len);
|
||||
int WPACKET_get_total_written(WPACKET *pkt, size_t *written);
|
||||
int WPACKET_get_length(WPACKET *pkt, size_t *len);
|
||||
|
||||
# ifdef __cplusplus
|
||||
}
|
||||
|
14
ssl/s3_lib.c
14
ssl/s3_lib.c
@ -2790,16 +2790,16 @@ int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len)
|
||||
}
|
||||
|
||||
/*
|
||||
* Temporary name. To be renamed ssl3_set_handshake_header() once all PACKETW
|
||||
* Temporary name. To be renamed ssl3_set_handshake_header() once all WPACKET
|
||||
* conversion is complete. The old ssl3_set_handshake_heder() can be deleted
|
||||
* at that point.
|
||||
* TODO - RENAME ME
|
||||
*/
|
||||
int ssl3_set_handshake_header2(SSL *s, PACKETW *pkt, PACKETW *body, int htype)
|
||||
int ssl3_set_handshake_header2(SSL *s, WPACKET *pkt, WPACKET *body, int htype)
|
||||
{
|
||||
/* Set the content type and 3 bytes for the message len */
|
||||
if (!PACKETW_put_bytes(pkt, htype, 1)
|
||||
|| !PACKETW_get_sub_packet_len(pkt, body, 3))
|
||||
if (!WPACKET_put_bytes(pkt, htype, 1)
|
||||
|| !WPACKET_get_sub_packet_len(pkt, body, 3))
|
||||
return 0;
|
||||
|
||||
return 1;
|
||||
@ -3573,7 +3573,7 @@ const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p)
|
||||
|
||||
/*
|
||||
* Old version of the ssl3_put_cipher_by_char function used by code that has not
|
||||
* yet been converted to PACKETW yet. It will be deleted once PACKETW conversion
|
||||
* yet been converted to WPACKET yet. It will be deleted once WPACKET conversion
|
||||
* is complete.
|
||||
* TODO - DELETE ME
|
||||
*/
|
||||
@ -3591,14 +3591,14 @@ int ssl3_put_cipher_by_char_old(const SSL_CIPHER *c, unsigned char *p)
|
||||
return (2);
|
||||
}
|
||||
|
||||
int ssl3_put_cipher_by_char(const SSL_CIPHER *c, PACKETW *pkt, size_t *len)
|
||||
int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len)
|
||||
{
|
||||
if ((c->id & 0xff000000) != 0x03000000) {
|
||||
*len = 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (!PACKETW_put_bytes(pkt, c->id & 0xffff, 2))
|
||||
if (!WPACKET_put_bytes(pkt, c->id & 0xffff, 2))
|
||||
return 0;
|
||||
|
||||
*len = 2;
|
||||
|
@ -457,7 +457,7 @@ struct ssl_method_st {
|
||||
long (*ssl_ctrl) (SSL *s, int cmd, long larg, void *parg);
|
||||
long (*ssl_ctx_ctrl) (SSL_CTX *ctx, int cmd, long larg, void *parg);
|
||||
const SSL_CIPHER *(*get_cipher_by_char) (const unsigned char *ptr);
|
||||
int (*put_cipher_by_char) (const SSL_CIPHER *cipher, PACKETW *pkt,
|
||||
int (*put_cipher_by_char) (const SSL_CIPHER *cipher, WPACKET *pkt,
|
||||
size_t *len);
|
||||
int (*ssl_pending) (const SSL *s);
|
||||
int (*num_ciphers) (void);
|
||||
@ -1586,10 +1586,10 @@ typedef struct ssl3_enc_method {
|
||||
/* Set the handshake header */
|
||||
int (*set_handshake_header) (SSL *s, int type, unsigned long len);
|
||||
/* Set the handshake header */
|
||||
int (*set_handshake_header2) (SSL *s, PACKETW *pkt, PACKETW *body,
|
||||
int (*set_handshake_header2) (SSL *s, WPACKET *pkt, WPACKET *body,
|
||||
int type);
|
||||
/* Close construction of the handshake message */
|
||||
int (*close_construct_packet) (SSL *s, PACKETW *pkt);
|
||||
int (*close_construct_packet) (SSL *s, WPACKET *pkt);
|
||||
/* Write out handshake message */
|
||||
int (*do_write) (SSL *s);
|
||||
} SSL3_ENC_METHOD;
|
||||
@ -1865,7 +1865,7 @@ __owur EVP_PKEY *ssl_dh_to_pkey(DH *dh);
|
||||
|
||||
__owur const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p);
|
||||
__owur int ssl3_put_cipher_by_char_old(const SSL_CIPHER *c, unsigned char *p);
|
||||
__owur int ssl3_put_cipher_by_char(const SSL_CIPHER *c, PACKETW *pkt,
|
||||
__owur int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt,
|
||||
size_t *len);
|
||||
int ssl3_init_finished_mac(SSL *s);
|
||||
__owur int ssl3_setup_key_block(SSL *s);
|
||||
@ -1906,12 +1906,12 @@ __owur int ssl3_do_change_cipher_spec(SSL *ssl);
|
||||
__owur long ssl3_default_timeout(void);
|
||||
|
||||
__owur int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len);
|
||||
__owur int ssl3_set_handshake_header2(SSL *s, PACKETW *pkt, PACKETW *body,
|
||||
__owur int ssl3_set_handshake_header2(SSL *s, WPACKET *pkt, WPACKET *body,
|
||||
int htype);
|
||||
__owur int tls_close_construct_packet(SSL *s, PACKETW *pkt);
|
||||
__owur int dtls1_set_handshake_header2(SSL *s, PACKETW *pkt, PACKETW *body,
|
||||
__owur int tls_close_construct_packet(SSL *s, WPACKET *pkt);
|
||||
__owur int dtls1_set_handshake_header2(SSL *s, WPACKET *pkt, WPACKET *body,
|
||||
int htype);
|
||||
__owur int dtls1_close_construct_packet(SSL *s, PACKETW *pkt);
|
||||
__owur int dtls1_close_construct_packet(SSL *s, WPACKET *pkt);
|
||||
__owur int ssl3_handshake_write(SSL *s);
|
||||
|
||||
__owur int ssl_allow_compression(SSL *s);
|
||||
@ -2020,7 +2020,7 @@ __owur EVP_PKEY *ssl_generate_pkey_curve(int id);
|
||||
__owur int tls1_shared_list(SSL *s,
|
||||
const unsigned char *l1, size_t l1len,
|
||||
const unsigned char *l2, size_t l2len, int nmatch);
|
||||
__owur int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al);
|
||||
__owur int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int *al);
|
||||
__owur unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
|
||||
unsigned char *limit, int *al);
|
||||
__owur int ssl_parse_clienthello_tlsext(SSL *s, PACKET *pkt);
|
||||
@ -2075,7 +2075,7 @@ __owur int ssl_parse_clienthello_renegotiate_ext(SSL *s, PACKET *pkt, int *al);
|
||||
__owur long ssl_get_algorithm2(SSL *s);
|
||||
__owur size_t tls12_copy_sigalgs_old(SSL *s, unsigned char *out,
|
||||
const unsigned char *psig, size_t psiglen);
|
||||
__owur int tls12_copy_sigalgs(SSL *s, PACKETW *pkt,
|
||||
__owur int tls12_copy_sigalgs(SSL *s, WPACKET *pkt,
|
||||
const unsigned char *psig, size_t psiglen);
|
||||
__owur int tls1_save_sigalgs(SSL *s, const unsigned char *data, int dsize);
|
||||
__owur int tls1_process_sigalgs(SSL *s);
|
||||
@ -2125,7 +2125,7 @@ __owur int custom_ext_parse(SSL *s, int server,
|
||||
int *al);
|
||||
__owur int custom_ext_add_old(SSL *s, int server, unsigned char **pret,
|
||||
unsigned char *limit, int *al);
|
||||
__owur int custom_ext_add(SSL *s, int server, PACKETW *pkt, int *al);
|
||||
__owur int custom_ext_add(SSL *s, int server, WPACKET *pkt, int *al);
|
||||
|
||||
__owur int custom_exts_copy(custom_ext_methods *dst,
|
||||
const custom_ext_methods *src);
|
||||
|
@ -63,7 +63,7 @@ static ossl_inline int cert_req_allowed(SSL *s);
|
||||
static int key_exchange_expected(SSL *s);
|
||||
static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b);
|
||||
static int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
|
||||
PACKETW *pkt);
|
||||
WPACKET *pkt);
|
||||
|
||||
/*
|
||||
* Is a CertificateRequest message allowed at the moment or not?
|
||||
@ -697,10 +697,10 @@ int tls_construct_client_hello(SSL *s)
|
||||
SSL_COMP *comp;
|
||||
#endif
|
||||
SSL_SESSION *sess = s->session;
|
||||
PACKETW pkt, body, spkt;
|
||||
WPACKET pkt, body, spkt;
|
||||
|
||||
if (!PACKETW_init(&pkt, s->init_buf)
|
||||
|| !PACKETW_set_max_size(&pkt, SSL3_RT_MAX_PLAIN_LENGTH)) {
|
||||
if (!WPACKET_init(&pkt, s->init_buf)
|
||||
|| !WPACKET_set_max_size(&pkt, SSL3_RT_MAX_PLAIN_LENGTH)) {
|
||||
/* Should not happen */
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
@ -782,8 +782,8 @@ int tls_construct_client_hello(SSL *s)
|
||||
* client_version in client hello and not resetting it to
|
||||
* the negotiated version.
|
||||
*/
|
||||
if (!PACKETW_put_bytes(&body, s->client_version, 2)
|
||||
|| !PACKETW_memcpy(&body, s->s3->client_random, SSL3_RANDOM_SIZE)) {
|
||||
if (!WPACKET_put_bytes(&body, s->client_version, 2)
|
||||
|| !WPACKET_memcpy(&body, s->s3->client_random, SSL3_RANDOM_SIZE)) {
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
}
|
||||
@ -794,9 +794,9 @@ int tls_construct_client_hello(SSL *s)
|
||||
else
|
||||
i = s->session->session_id_length;
|
||||
if (i > (int)sizeof(s->session->session_id)
|
||||
|| !PACKETW_get_sub_packet_len(&body, &spkt, 1)
|
||||
|| (i != 0 && !PACKETW_memcpy(&spkt, s->session->session_id, i))
|
||||
|| !PACKETW_close(&spkt)) {
|
||||
|| !WPACKET_get_sub_packet_len(&body, &spkt, 1)
|
||||
|| (i != 0 && !WPACKET_memcpy(&spkt, s->session->session_id, i))
|
||||
|| !WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
}
|
||||
@ -804,29 +804,29 @@ int tls_construct_client_hello(SSL *s)
|
||||
/* cookie stuff for DTLS */
|
||||
if (SSL_IS_DTLS(s)) {
|
||||
if (s->d1->cookie_len > sizeof(s->d1->cookie)
|
||||
|| !PACKETW_get_sub_packet_len(&body, &spkt, 1)
|
||||
|| !PACKETW_memcpy(&spkt, s->d1->cookie, s->d1->cookie_len)
|
||||
|| !PACKETW_close(&spkt)) {
|
||||
|| !WPACKET_get_sub_packet_len(&body, &spkt, 1)
|
||||
|| !WPACKET_memcpy(&spkt, s->d1->cookie, s->d1->cookie_len)
|
||||
|| !WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
|
||||
/* Ciphers supported */
|
||||
if (!PACKETW_get_sub_packet_len(&body, &spkt, 2)) {
|
||||
if (!WPACKET_get_sub_packet_len(&body, &spkt, 2)) {
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
}
|
||||
/* ssl_cipher_list_to_bytes() raises SSLerr if appropriate */
|
||||
if (!ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &spkt))
|
||||
goto err;
|
||||
if (!PACKETW_close(&spkt)) {
|
||||
if (!WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* COMPRESSION */
|
||||
if (!PACKETW_get_sub_packet_len(&body, &spkt, 1)) {
|
||||
if (!WPACKET_get_sub_packet_len(&body, &spkt, 1)) {
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
}
|
||||
@ -835,7 +835,7 @@ int tls_construct_client_hello(SSL *s)
|
||||
int compnum = sk_SSL_COMP_num(s->ctx->comp_methods);
|
||||
for (i = 0; i < compnum; i++) {
|
||||
comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
|
||||
if (!PACKETW_put_bytes(&spkt, comp->id, 1)) {
|
||||
if (!WPACKET_put_bytes(&spkt, comp->id, 1)) {
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
}
|
||||
@ -843,7 +843,7 @@ int tls_construct_client_hello(SSL *s)
|
||||
}
|
||||
#endif
|
||||
/* Add the NULL method */
|
||||
if (!PACKETW_put_bytes(&spkt, 0, 1) || !PACKETW_close(&spkt)) {
|
||||
if (!WPACKET_put_bytes(&spkt, 0, 1) || !WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
}
|
||||
@ -853,21 +853,21 @@ int tls_construct_client_hello(SSL *s)
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
|
||||
goto err;
|
||||
}
|
||||
if (!PACKETW_get_sub_packet_len(&body, &spkt, 2)
|
||||
if (!WPACKET_get_sub_packet_len(&body, &spkt, 2)
|
||||
/*
|
||||
* If extensions are of zero length then we don't even add the
|
||||
* extensions length bytes
|
||||
*/
|
||||
|| !PACKETW_set_flags(&spkt,
|
||||
OPENSSL_PACKETW_FLAGS_ABANDON_ON_ZERO_LENGTH)
|
||||
|| !WPACKET_set_flags(&spkt,
|
||||
OPENSSL_WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH)
|
||||
|| !ssl_add_clienthello_tlsext(s, &spkt, &al)
|
||||
|| !PACKETW_close(&spkt)) {
|
||||
|| !WPACKET_close(&spkt)) {
|
||||
ssl3_send_alert(s, SSL3_AL_FATAL, al);
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (!PACKETW_close(&body) || !ssl_close_construct_packet(s, &pkt)) {
|
||||
if (!WPACKET_close(&body) || !ssl_close_construct_packet(s, &pkt)) {
|
||||
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
|
||||
SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
|
||||
goto err;
|
||||
@ -2917,7 +2917,7 @@ int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
|
||||
return i;
|
||||
}
|
||||
|
||||
int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, PACKETW *pkt)
|
||||
int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, WPACKET *pkt)
|
||||
{
|
||||
int i;
|
||||
size_t totlen = 0, len, maxlen;
|
||||
|
@ -1192,12 +1192,12 @@ void dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr)
|
||||
}
|
||||
|
||||
/*
|
||||
* Temporary name. To be renamed dtls1_set_handshake_header() once all PACKETW
|
||||
* Temporary name. To be renamed dtls1_set_handshake_header() once all WPACKET
|
||||
* conversion is complete. The old dtls1_set_handshake_heder() can be deleted
|
||||
* at that point.
|
||||
* TODO - RENAME ME
|
||||
*/
|
||||
int dtls1_set_handshake_header2(SSL *s, PACKETW *pkt, PACKETW *body, int htype)
|
||||
int dtls1_set_handshake_header2(SSL *s, WPACKET *pkt, WPACKET *body, int htype)
|
||||
{
|
||||
unsigned char *header;
|
||||
dtls1_set_message_header(s, htype, 0, 0, 0);
|
||||
@ -1206,20 +1206,20 @@ int dtls1_set_handshake_header2(SSL *s, PACKETW *pkt, PACKETW *body, int htype)
|
||||
* We allocate space at the start for the message header. This gets filled
|
||||
* in later
|
||||
*/
|
||||
if (!PACKETW_allocate_bytes(pkt, DTLS1_HM_HEADER_LENGTH, &header)
|
||||
|| !PACKETW_get_sub_packet(pkt, body))
|
||||
if (!WPACKET_allocate_bytes(pkt, DTLS1_HM_HEADER_LENGTH, &header)
|
||||
|| !WPACKET_get_sub_packet(pkt, body))
|
||||
return 0;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
int dtls1_close_construct_packet(SSL *s, PACKETW *pkt)
|
||||
int dtls1_close_construct_packet(SSL *s, WPACKET *pkt)
|
||||
{
|
||||
size_t msglen;
|
||||
|
||||
if (!PACKETW_get_length(pkt, &msglen)
|
||||
if (!WPACKET_get_length(pkt, &msglen)
|
||||
|| msglen > INT_MAX
|
||||
|| !PACKETW_close(pkt))
|
||||
|| !WPACKET_close(pkt))
|
||||
return 0;
|
||||
s->d1->w_msg_hdr.msg_len = msglen - DTLS1_HM_HEADER_LENGTH;
|
||||
s->d1->w_msg_hdr.frag_len = msglen - DTLS1_HM_HEADER_LENGTH;
|
||||
|
@ -57,13 +57,13 @@ int ssl3_do_write(SSL *s, int type)
|
||||
return (0);
|
||||
}
|
||||
|
||||
int tls_close_construct_packet(SSL *s, PACKETW *pkt)
|
||||
int tls_close_construct_packet(SSL *s, WPACKET *pkt)
|
||||
{
|
||||
size_t msglen;
|
||||
|
||||
if (!PACKETW_get_length(pkt, &msglen)
|
||||
if (!WPACKET_get_length(pkt, &msglen)
|
||||
|| msglen > INT_MAX
|
||||
|| !PACKETW_close(pkt))
|
||||
|| !WPACKET_close(pkt))
|
||||
return 0;
|
||||
s->init_num = (int)msglen;
|
||||
s->init_off = 0;
|
||||
|
16
ssl/t1_ext.c
16
ssl/t1_ext.c
@ -72,8 +72,8 @@ int custom_ext_parse(SSL *s, int server,
|
||||
|
||||
/*
|
||||
* Request custom extension data from the application and add to the return
|
||||
* buffer. This is the old style function signature prior to PACKETW. This is
|
||||
* here temporarily until the conversion to PACKETW is completed, i.e. it is
|
||||
* buffer. This is the old style function signature prior to WPACKET. This is
|
||||
* here temporarily until the conversion to WPACKET is completed, i.e. it is
|
||||
* used by code that hasn't been converted yet.
|
||||
* TODO - REMOVE THIS FUNCTION
|
||||
*/
|
||||
@ -139,7 +139,7 @@ int custom_ext_add_old(SSL *s, int server,
|
||||
* Request custom extension data from the application and add to the return
|
||||
* buffer.
|
||||
*/
|
||||
int custom_ext_add(SSL *s, int server, PACKETW *pkt, int *al)
|
||||
int custom_ext_add(SSL *s, int server, WPACKET *pkt, int *al)
|
||||
{
|
||||
custom_ext_methods *exts = server ? &s->cert->srv_ext : &s->cert->cli_ext;
|
||||
custom_ext_method *meth;
|
||||
@ -148,7 +148,7 @@ int custom_ext_add(SSL *s, int server, PACKETW *pkt, int *al)
|
||||
for (i = 0; i < exts->meths_count; i++) {
|
||||
const unsigned char *out = NULL;
|
||||
size_t outlen = 0;
|
||||
PACKETW spkt;
|
||||
WPACKET spkt;
|
||||
|
||||
meth = exts->meths + i;
|
||||
|
||||
@ -172,10 +172,10 @@ int custom_ext_add(SSL *s, int server, PACKETW *pkt, int *al)
|
||||
continue; /* skip this extension */
|
||||
}
|
||||
|
||||
if (!PACKETW_put_bytes(pkt, meth->ext_type, 2)
|
||||
|| !PACKETW_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| (outlen > 0 && !PACKETW_memcpy(&spkt, out, outlen))
|
||||
|| !PACKETW_close(&spkt)) {
|
||||
if (!WPACKET_put_bytes(pkt, meth->ext_type, 2)
|
||||
|| !WPACKET_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| (outlen > 0 && !WPACKET_memcpy(&spkt, out, outlen))
|
||||
|| !WPACKET_close(&spkt)) {
|
||||
*al = SSL_AD_INTERNAL_ERROR;
|
||||
return 0;
|
||||
}
|
||||
|
190
ssl/t1_lib.c
190
ssl/t1_lib.c
@ -1013,9 +1013,9 @@ static int tls1_check_duplicate_extensions(const PACKET *packet)
|
||||
return ret;
|
||||
}
|
||||
|
||||
int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int *al)
|
||||
{
|
||||
PACKETW spkt;
|
||||
WPACKET spkt;
|
||||
#ifndef OPENSSL_NO_EC
|
||||
/* See if we support any ECC ciphersuites */
|
||||
int using_ecc = 0;
|
||||
@ -1040,11 +1040,11 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
|
||||
/* Add RI if renegotiating */
|
||||
if (s->renegotiate) {
|
||||
if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_renegotiate, 2)
|
||||
|| !PACKETW_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !PACKETW_memcpy(&spkt, s->s3->previous_client_finished,
|
||||
if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_renegotiate, 2)
|
||||
|| !WPACKET_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !WPACKET_memcpy(&spkt, s->s3->previous_client_finished,
|
||||
s->s3->previous_client_finished_len)
|
||||
|| !PACKETW_close(&spkt)) {
|
||||
|| !WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -1055,21 +1055,21 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
|
||||
if (s->tlsext_hostname != NULL) {
|
||||
/* Add TLS extension servername to the Client Hello message */
|
||||
PACKETW slistpkt, hostpkt;
|
||||
WPACKET slistpkt, hostpkt;
|
||||
|
||||
if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_server_name, 2)
|
||||
if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_server_name, 2)
|
||||
/* Sub-packet for server_name extension */
|
||||
|| !PACKETW_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !WPACKET_get_sub_packet_len(pkt, &spkt, 2)
|
||||
/* Sub-packet for servername list (always 1 hostname)*/
|
||||
|| !PACKETW_get_sub_packet_len(&spkt, &slistpkt, 2)
|
||||
|| !PACKETW_put_bytes(&slistpkt, TLSEXT_NAMETYPE_host_name, 1)
|
||||
|| !WPACKET_get_sub_packet_len(&spkt, &slistpkt, 2)
|
||||
|| !WPACKET_put_bytes(&slistpkt, TLSEXT_NAMETYPE_host_name, 1)
|
||||
/* Sub-packet for a single hostname host name */
|
||||
|| !PACKETW_get_sub_packet_len(&slistpkt, &hostpkt, 2)
|
||||
|| !PACKETW_memcpy(&hostpkt, s->tlsext_hostname,
|
||||
|| !WPACKET_get_sub_packet_len(&slistpkt, &hostpkt, 2)
|
||||
|| !WPACKET_memcpy(&hostpkt, s->tlsext_hostname,
|
||||
strlen(s->tlsext_hostname))
|
||||
|| !PACKETW_close(&hostpkt)
|
||||
|| !PACKETW_close(&slistpkt)
|
||||
|| !PACKETW_close(&spkt)) {
|
||||
|| !WPACKET_close(&hostpkt)
|
||||
|| !WPACKET_close(&slistpkt)
|
||||
|| !WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -1077,19 +1077,19 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
#ifndef OPENSSL_NO_SRP
|
||||
/* Add SRP username if there is one */
|
||||
if (s->srp_ctx.login != NULL) {
|
||||
PACKETW loginpkt;
|
||||
WPACKET loginpkt;
|
||||
|
||||
if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_srp, 2)
|
||||
if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_srp, 2)
|
||||
/* Sub-packet for SRP extension */
|
||||
|| !PACKETW_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !PACKETW_get_sub_packet_len(&spkt, &loginpkt, 1)
|
||||
|| !WPACKET_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !WPACKET_get_sub_packet_len(&spkt, &loginpkt, 1)
|
||||
/* login must not be zero...internal error if so */
|
||||
|| !PACKETW_set_flags(&loginpkt,
|
||||
OPENSSL_PACKETW_FLAGS_NON_ZERO_LENGTH)
|
||||
|| !PACKETW_memcpy(&loginpkt, s->srp_ctx.login,
|
||||
|| !WPACKET_set_flags(&loginpkt,
|
||||
OPENSSL_WPACKET_FLAGS_NON_ZERO_LENGTH)
|
||||
|| !WPACKET_memcpy(&loginpkt, s->srp_ctx.login,
|
||||
strlen(s->srp_ctx.login))
|
||||
|| !PACKETW_close(&loginpkt)
|
||||
|| !PACKETW_close(&spkt)) {
|
||||
|| !WPACKET_close(&loginpkt)
|
||||
|| !WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -1098,7 +1098,7 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
|
||||
#ifndef OPENSSL_NO_EC
|
||||
if (using_ecc) {
|
||||
PACKETW formatspkt, curveslistpkt;
|
||||
WPACKET formatspkt, curveslistpkt;
|
||||
|
||||
/*
|
||||
* Add TLS extension ECPointFormats to the ClientHello message
|
||||
@ -1109,13 +1109,13 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
|
||||
tls1_get_formatlist(s, &pformats, &num_formats);
|
||||
|
||||
if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_ec_point_formats, 2)
|
||||
if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_ec_point_formats, 2)
|
||||
/* Sub-packet for formats extension */
|
||||
|| !PACKETW_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !PACKETW_get_sub_packet_len(&spkt, &formatspkt, 1)
|
||||
|| !PACKETW_memcpy(&formatspkt, pformats, num_formats)
|
||||
|| !PACKETW_close(&formatspkt)
|
||||
|| !PACKETW_close(&spkt)) {
|
||||
|| !WPACKET_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !WPACKET_get_sub_packet_len(&spkt, &formatspkt, 1)
|
||||
|| !WPACKET_memcpy(&formatspkt, pformats, num_formats)
|
||||
|| !WPACKET_close(&formatspkt)
|
||||
|| !WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -1129,25 +1129,25 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_elliptic_curves, 2)
|
||||
if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_elliptic_curves, 2)
|
||||
/* Sub-packet for curves extension */
|
||||
|| !PACKETW_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !PACKETW_get_sub_packet_len(&spkt, &curveslistpkt, 2)) {
|
||||
|| !WPACKET_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !WPACKET_get_sub_packet_len(&spkt, &curveslistpkt, 2)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
/* Copy curve ID if supported */
|
||||
for (i = 0; i < num_curves; i++, pcurves += 2) {
|
||||
if (tls_curve_allowed(s, pcurves, SSL_SECOP_CURVE_SUPPORTED)) {
|
||||
if (!PACKETW_put_bytes(&curveslistpkt, pcurves[0], 1)
|
||||
|| !PACKETW_put_bytes(&curveslistpkt, pcurves[1], 1)) {
|
||||
if (!WPACKET_put_bytes(&curveslistpkt, pcurves[0], 1)
|
||||
|| !WPACKET_put_bytes(&curveslistpkt, pcurves[1], 1)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT,
|
||||
ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (!PACKETW_close(&curveslistpkt) || !PACKETW_close(&spkt)) {
|
||||
if (!WPACKET_close(&curveslistpkt) || !WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -1175,11 +1175,11 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
s->tlsext_session_ticket->data == NULL)
|
||||
goto skip_ext;
|
||||
|
||||
if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_session_ticket, 2)
|
||||
if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_session_ticket, 2)
|
||||
/* Sub-packet for ticket extension */
|
||||
|| !PACKETW_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !PACKETW_memcpy(&spkt, s->session->tlsext_tick, ticklen)
|
||||
|| !PACKETW_close(&spkt)) {
|
||||
|| !WPACKET_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !WPACKET_memcpy(&spkt, s->session->tlsext_tick, ticklen)
|
||||
|| !WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -1189,33 +1189,33 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
if (SSL_CLIENT_USE_SIGALGS(s)) {
|
||||
size_t salglen;
|
||||
const unsigned char *salg;
|
||||
PACKETW salgslistpkt;
|
||||
WPACKET salgslistpkt;
|
||||
|
||||
salglen = tls12_get_psigalgs(s, &salg);
|
||||
|
||||
if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_signature_algorithms, 2)
|
||||
if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_signature_algorithms, 2)
|
||||
/* Sub-packet for sig-algs extension */
|
||||
|| !PACKETW_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !WPACKET_get_sub_packet_len(pkt, &spkt, 2)
|
||||
/* Sub-packet for the actual list */
|
||||
|| !PACKETW_get_sub_packet_len(&spkt, &salgslistpkt, 2)
|
||||
|| !WPACKET_get_sub_packet_len(&spkt, &salgslistpkt, 2)
|
||||
|| !tls12_copy_sigalgs(s, &salgslistpkt, salg, salglen)
|
||||
|| !PACKETW_close(&salgslistpkt)
|
||||
|| !PACKETW_close(&spkt)) {
|
||||
|| !WPACKET_close(&salgslistpkt)
|
||||
|| !WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
#ifndef OPENSSL_NO_OCSP
|
||||
if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) {
|
||||
PACKETW idspkt, extpkt;
|
||||
WPACKET idspkt, extpkt;
|
||||
int i;
|
||||
|
||||
if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_status_request, 2)
|
||||
if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_status_request, 2)
|
||||
/* Sub-packet for status request extension */
|
||||
|| !PACKETW_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !PACKETW_put_bytes(&spkt, TLSEXT_STATUSTYPE_ocsp, 1)
|
||||
|| !WPACKET_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !WPACKET_put_bytes(&spkt, TLSEXT_STATUSTYPE_ocsp, 1)
|
||||
/* Sub-packet for the ids */
|
||||
|| !PACKETW_get_sub_packet_len(&spkt, &idspkt, 2)) {
|
||||
|| !WPACKET_get_sub_packet_len(&spkt, &idspkt, 2)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -1223,22 +1223,22 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
unsigned char *idbytes;
|
||||
int idlen;
|
||||
OCSP_RESPID *id;
|
||||
PACKETW idpkt;
|
||||
WPACKET idpkt;
|
||||
|
||||
id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i);
|
||||
idlen = i2d_OCSP_RESPID(id, NULL);
|
||||
if (idlen <= 0
|
||||
/* Sub-packet for an individual id */
|
||||
|| !PACKETW_get_sub_packet_len(&idspkt, &idpkt, 1)
|
||||
|| !PACKETW_allocate_bytes(&idpkt, idlen, &idbytes)
|
||||
|| !WPACKET_get_sub_packet_len(&idspkt, &idpkt, 1)
|
||||
|| !WPACKET_allocate_bytes(&idpkt, idlen, &idbytes)
|
||||
|| i2d_OCSP_RESPID(id, &idbytes) != idlen
|
||||
|| !PACKETW_close(&idpkt)) {
|
||||
|| !WPACKET_close(&idpkt)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
if (!PACKETW_close(&idspkt)
|
||||
|| !PACKETW_get_sub_packet_len(&spkt, &extpkt, 2)) {
|
||||
if (!WPACKET_close(&idspkt)
|
||||
|| !WPACKET_get_sub_packet_len(&spkt, &extpkt, 2)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -1250,14 +1250,14 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
if (!PACKETW_allocate_bytes(&extpkt, extlen, &extbytes)
|
||||
if (!WPACKET_allocate_bytes(&extpkt, extlen, &extbytes)
|
||||
|| i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &extbytes)
|
||||
!= extlen) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
if (!PACKETW_close(&extpkt) || !PACKETW_close(&spkt)) {
|
||||
if (!WPACKET_close(&extpkt) || !WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -1277,11 +1277,11 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
else
|
||||
mode = SSL_DTLSEXT_HB_ENABLED;
|
||||
|
||||
if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_heartbeat, 2)
|
||||
if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_heartbeat, 2)
|
||||
/* Sub-packet for Hearbeat extension */
|
||||
|| !PACKETW_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !PACKETW_put_bytes(&spkt, mode, 1)
|
||||
|| !PACKETW_close(&spkt)) {
|
||||
|| !WPACKET_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !WPACKET_put_bytes(&spkt, mode, 1)
|
||||
|| !WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -1294,8 +1294,8 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
* The client advertises an empty extension to indicate its support
|
||||
* for Next Protocol Negotiation
|
||||
*/
|
||||
if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_next_proto_neg, 2)
|
||||
|| !PACKETW_put_bytes(pkt, 0, 2)) {
|
||||
if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_next_proto_neg, 2)
|
||||
|| !WPACKET_put_bytes(pkt, 0, 2)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -1308,18 +1308,18 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
* (see longer comment below)
|
||||
*/
|
||||
if (s->alpn_client_proto_list && !s->s3->tmp.finish_md_len) {
|
||||
PACKETW plistpkt;
|
||||
WPACKET plistpkt;
|
||||
|
||||
if (!PACKETW_put_bytes(pkt,
|
||||
if (!WPACKET_put_bytes(pkt,
|
||||
TLSEXT_TYPE_application_layer_protocol_negotiation, 2)
|
||||
/* Sub-packet ALPN extension */
|
||||
|| !PACKETW_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !WPACKET_get_sub_packet_len(pkt, &spkt, 2)
|
||||
/* Sub-packet for ALPN proto list */
|
||||
|| !PACKETW_get_sub_packet_len(&spkt, &plistpkt, 2)
|
||||
|| !PACKETW_memcpy(&plistpkt, s->alpn_client_proto_list,
|
||||
|| !WPACKET_get_sub_packet_len(&spkt, &plistpkt, 2)
|
||||
|| !WPACKET_memcpy(&plistpkt, s->alpn_client_proto_list,
|
||||
s->alpn_client_proto_list_len)
|
||||
|| !PACKETW_close(&plistpkt)
|
||||
|| !PACKETW_close(&spkt)) {
|
||||
|| !WPACKET_close(&plistpkt)
|
||||
|| !WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -1330,25 +1330,25 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
STACK_OF(SRTP_PROTECTION_PROFILE) *clnt = 0;
|
||||
SRTP_PROTECTION_PROFILE *prof;
|
||||
int i, ct;
|
||||
PACKETW plistpkt;
|
||||
WPACKET plistpkt;
|
||||
|
||||
if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_use_srtp, 2)
|
||||
if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_use_srtp, 2)
|
||||
/* Sub-packet for SRTP extension */
|
||||
|| !PACKETW_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !WPACKET_get_sub_packet_len(pkt, &spkt, 2)
|
||||
/* Sub-packet for the protection profile list */
|
||||
|| !PACKETW_get_sub_packet_len(&spkt, &plistpkt, 2)) {
|
||||
|| !WPACKET_get_sub_packet_len(&spkt, &plistpkt, 2)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
ct = sk_SRTP_PROTECTION_PROFILE_num(clnt);
|
||||
for (i = 0; i < ct; i++) {
|
||||
prof = sk_SRTP_PROTECTION_PROFILE_value(clnt, i);
|
||||
if (prof == NULL || !PACKETW_put_bytes(&plistpkt, prof->id, 2)) {
|
||||
if (prof == NULL || !WPACKET_put_bytes(&plistpkt, prof->id, 2)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
if (!PACKETW_close(&plistpkt) || !PACKETW_close(&spkt)) {
|
||||
if (!WPACKET_close(&plistpkt) || !WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -1361,24 +1361,24 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_encrypt_then_mac, 2)
|
||||
|| !PACKETW_put_bytes(pkt, 0, 2)) {
|
||||
if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_encrypt_then_mac, 2)
|
||||
|| !WPACKET_put_bytes(pkt, 0, 2)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
|
||||
#ifndef OPENSSL_NO_CT
|
||||
if (s->ct_validation_callback != NULL) {
|
||||
if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_signed_certificate_timestamp, 2)
|
||||
|| !PACKETW_put_bytes(pkt, 0, 2)) {
|
||||
if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_signed_certificate_timestamp, 2)
|
||||
|| !WPACKET_put_bytes(pkt, 0, 2)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_extended_master_secret, 2)
|
||||
|| !PACKETW_put_bytes(pkt, 0, 2)) {
|
||||
if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_extended_master_secret, 2)
|
||||
|| !WPACKET_put_bytes(pkt, 0, 2)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -1393,7 +1393,7 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
unsigned char *padbytes;
|
||||
size_t hlen;
|
||||
|
||||
if (!PACKETW_get_total_written(pkt, &hlen)) {
|
||||
if (!WPACKET_get_total_written(pkt, &hlen)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -1405,14 +1405,14 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al)
|
||||
else
|
||||
hlen = 0;
|
||||
|
||||
if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_padding, 2)
|
||||
|| !PACKETW_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !PACKETW_allocate_bytes(&spkt, hlen, &padbytes)) {
|
||||
if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_padding, 2)
|
||||
|| !WPACKET_get_sub_packet_len(pkt, &spkt, 2)
|
||||
|| !WPACKET_allocate_bytes(&spkt, hlen, &padbytes)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
memset(padbytes, 0, hlen);
|
||||
if (!PACKETW_close(&spkt)) {
|
||||
if (!WPACKET_close(&spkt)) {
|
||||
SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
@ -3335,7 +3335,7 @@ void ssl_set_sig_mask(uint32_t *pmask_a, SSL *s, int op)
|
||||
|
||||
/*
|
||||
* Old version of the tls12_copy_sigalgs function used by code that has not
|
||||
* yet been converted to PACKETW yet. It will be deleted once PACKETW conversion
|
||||
* yet been converted to WPACKET yet. It will be deleted once WPACKET conversion
|
||||
* is complete.
|
||||
* TODO - DELETE ME
|
||||
*/
|
||||
@ -3353,14 +3353,14 @@ size_t tls12_copy_sigalgs_old(SSL *s, unsigned char *out,
|
||||
return tmpout - out;
|
||||
}
|
||||
|
||||
int tls12_copy_sigalgs(SSL *s, PACKETW *pkt,
|
||||
int tls12_copy_sigalgs(SSL *s, WPACKET *pkt,
|
||||
const unsigned char *psig, size_t psiglen)
|
||||
{
|
||||
size_t i;
|
||||
for (i = 0; i < psiglen; i += 2, psig += 2) {
|
||||
if (tls12_sigalg_allowed(s, SSL_SECOP_SIGALG_SUPPORTED, psig)) {
|
||||
if (!PACKETW_put_bytes(pkt, psig[0], 1)
|
||||
|| !PACKETW_put_bytes(pkt, psig[1], 1))
|
||||
if (!WPACKET_put_bytes(pkt, psig[0], 1)
|
||||
|| !WPACKET_put_bytes(pkt, psig[1], 1))
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user