提交 85a7a5e6 编写于 作者: M Matt Caswell

Convert CCS construction to WPACKET

Reviewed-by: NRich Salz <rsalz@openssl.org>
上级 4f89bfbf
...@@ -873,19 +873,33 @@ static int dtls_get_reassembled_message(SSL *s, long *len) ...@@ -873,19 +873,33 @@ static int dtls_get_reassembled_message(SSL *s, long *len)
*/ */
int dtls_construct_change_cipher_spec(SSL *s) int dtls_construct_change_cipher_spec(SSL *s)
{ {
unsigned char *p; WPACKET pkt;
if (!WPACKET_init(&pkt, s->init_buf)
|| !WPACKET_put_bytes(&pkt, SSL3_MT_CCS, 1)) {
SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
goto err;
}
p = (unsigned char *)s->init_buf->data;
*p++ = SSL3_MT_CCS;
s->d1->handshake_write_seq = s->d1->next_handshake_write_seq; s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
s->init_num = DTLS1_CCS_HEADER_LENGTH; s->init_num = DTLS1_CCS_HEADER_LENGTH;
if (s->version == DTLS1_BAD_VER) { if (s->version == DTLS1_BAD_VER) {
s->d1->next_handshake_write_seq++; s->d1->next_handshake_write_seq++;
s2n(s->d1->handshake_write_seq, p);
if (!WPACKET_put_bytes(&pkt, s->d1->handshake_write_seq, 2)) {
SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
goto err;
}
s->init_num += 2; s->init_num += 2;
} }
if (!WPACKET_finish(&pkt)) {
SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
goto err;
}
s->init_off = 0; s->init_off = 0;
dtls1_set_message_header_int(s, SSL3_MT_CCS, 0, dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
...@@ -894,10 +908,16 @@ int dtls_construct_change_cipher_spec(SSL *s) ...@@ -894,10 +908,16 @@ int dtls_construct_change_cipher_spec(SSL *s)
/* buffer the message to handle re-xmits */ /* buffer the message to handle re-xmits */
if (!dtls1_buffer_message(s, 1)) { if (!dtls1_buffer_message(s, 1)) {
SSLerr(SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR); SSLerr(SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
return 0; goto err ;
} }
return 1; return 1;
err:
WPACKET_cleanup(&pkt);
ossl_statem_set_error(s);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
return 0;
} }
#ifndef OPENSSL_NO_SCTP #ifndef OPENSSL_NO_SCTP
......
...@@ -269,10 +269,18 @@ MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt) ...@@ -269,10 +269,18 @@ MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt)
int tls_construct_change_cipher_spec(SSL *s) int tls_construct_change_cipher_spec(SSL *s)
{ {
unsigned char *p; WPACKET pkt;
if (!WPACKET_init(&pkt, s->init_buf)
|| !WPACKET_put_bytes(&pkt, SSL3_MT_CCS, 1)
|| !WPACKET_finish(&pkt)) {
WPACKET_cleanup(&pkt);
ossl_statem_set_error(s);
SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
return 0;
}
p = (unsigned char *)s->init_buf->data;
*p = SSL3_MT_CCS;
s->init_num = 1; s->init_num = 1;
s->init_off = 0; s->init_off = 0;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册