Convert CCS construction to WPACKET

Reviewed-by: N Rich Salz <rsalz@openssl.org>

Convert CCS construction to WPACKET
Reviewed-by: N Rich Salz <rsalz@openssl.org>
85a7a5e6 · Matt Caswell · 4f89bfbf · 85a7a5e6 · 85a7a5e6
隐藏空白更改
内联并排

Showing with 36 addition and 8 deletion

ssl/statem/statem_dtls.c ssl/statem/statem_dtls.c +25 -5

ssl/statem/statem_lib.c ssl/statem/statem_lib.c +11 -3

未找到文件。
--- a/ssl/statem/statem_dtls.c
+++ b/ssl/statem/statem_dtls.c
@@ -873,19 +873,33 @@ static int dtls_get_reassembled_message(SSL *s, long *len)
 */
 int dtls_construct_change_cipher_spec(SSL *s)
 {
-    unsigned char *p;
+    WPACKET pkt;
+
+    if (!WPACKET_init(&pkt, s->init_buf)
+            || !WPACKET_put_bytes(&pkt, SSL3_MT_CCS, 1)) {
+        SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }

-    p = (unsigned char *)s->init_buf->data;
-    *p++ = SSL3_MT_CCS;
    s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
    s->init_num = DTLS1_CCS_HEADER_LENGTH;

    if (s->version == DTLS1_BAD_VER) {
        s->d1->next_handshake_write_seq++;
-        s2n(s->d1->handshake_write_seq, p);
+
+        if (!WPACKET_put_bytes(&pkt, s->d1->handshake_write_seq, 2)) {
+            SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+
        s->init_num += 2;
    }

+    if (!WPACKET_finish(&pkt)) {
+        SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
+
    s->init_off = 0;

    dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
@@ -894,10 +908,16 @@ int dtls_construct_change_cipher_spec(SSL *s)
    /* buffer the message to handle re-xmits */
    if (!dtls1_buffer_message(s, 1)) {
        SSLerr(SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
-        return 0;
+        goto err    ;
    }

    return 1;
+ err:
+    WPACKET_cleanup(&pkt);
+    ossl_statem_set_error(s);
+    ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+
+    return 0;
 }

 #ifndef OPENSSL_NO_SCTP

--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -269,10 +269,18 @@ MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt)

 int tls_construct_change_cipher_spec(SSL *s)
 {
-    unsigned char *p;
+    WPACKET pkt;
+
+    if (!WPACKET_init(&pkt, s->init_buf)
+            || !WPACKET_put_bytes(&pkt, SSL3_MT_CCS, 1)
+            || !WPACKET_finish(&pkt)) {
+        WPACKET_cleanup(&pkt);
+        ossl_statem_set_error(s);
+        SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
+        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+        return 0;
+    }

-    p = (unsigned char *)s->init_buf->data;
-    *p = SSL3_MT_CCS;
    s->init_num = 1;
    s->init_off = 0;