projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Change snprintf to memcpy
[openssl.git]
/
ssl
/
statem
/
statem_srvr.c
diff --git
a/ssl/statem/statem_srvr.c
b/ssl/statem/statem_srvr.c
index 8abedc0be6e9b22e757ea2fa1bc9a246b89dfe13..b68366cb332a8c426cbf65c6af8102f93756cfd9 100644
(file)
--- a/
ssl/statem/statem_srvr.c
+++ b/
ssl/statem/statem_srvr.c
@@
-180,7
+180,7
@@
static STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,
* 1: Success (transition allowed)
* 0: Error (transition not allowed)
*/
* 1: Success (transition allowed)
* 0: Error (transition not allowed)
*/
-int server_read_transition(SSL *s, int mt)
+int
ossl_statem_
server_read_transition(SSL *s, int mt)
{
OSSL_STATEM *st = &s->statem;
{
OSSL_STATEM *st = &s->statem;
@@
-402,7
+402,7
@@
static inline int send_certificate_request(SSL *s)
* server_write_transition() works out what handshake state to move to next
* when the server is writing messages to be sent to the client.
*/
* server_write_transition() works out what handshake state to move to next
* when the server is writing messages to be sent to the client.
*/
-
enum WRITE_TRAN
server_write_transition(SSL *s)
+
WRITE_TRAN ossl_statem_
server_write_transition(SSL *s)
{
OSSL_STATEM *st = &s->statem;
{
OSSL_STATEM *st = &s->statem;
@@
-520,7
+520,7
@@
enum WRITE_TRAN server_write_transition(SSL *s)
* Perform any pre work that needs to be done prior to sending a message from
* the server to the client.
*/
* Perform any pre work that needs to be done prior to sending a message from
* the server to the client.
*/
-
enum WORK_STATE server_pre_work(SSL *s, enum
WORK_STATE wst)
+
WORK_STATE ossl_statem_server_pre_work(SSL *s,
WORK_STATE wst)
{
OSSL_STATEM *st = &s->statem;
{
OSSL_STATEM *st = &s->statem;
@@
-599,7
+599,7
@@
enum WORK_STATE server_pre_work(SSL *s, enum WORK_STATE wst)
* Perform any work that needs to be done after sending a message from the
* server to the client.
*/
* Perform any work that needs to be done after sending a message from the
* server to the client.
*/
-
enum WORK_STATE server_post_work(SSL *s, enum
WORK_STATE wst)
+
WORK_STATE ossl_statem_server_post_work(SSL *s,
WORK_STATE wst)
{
OSSL_STATEM *st = &s->statem;
{
OSSL_STATEM *st = &s->statem;
@@
-635,8
+635,8
@@
enum WORK_STATE server_post_work(SSL *s, enum WORK_STATE wst)
* Add new shared key for SCTP-Auth, will be ignored if no
* SCTP used.
*/
* Add new shared key for SCTP-Auth, will be ignored if no
* SCTP used.
*/
-
snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL)
,
-
DTLS1_SCTP_AUTH_LABEL
);
+
memcpy(labelbuffer, DTLS1_SCTP_AUTH_LABEL
,
+
sizeof(DTLS1_SCTP_AUTH_LABEL)
);
if (SSL_export_keying_material(s, sctpauthkey,
sizeof(sctpauthkey), labelbuffer,
if (SSL_export_keying_material(s, sctpauthkey,
sizeof(sctpauthkey), labelbuffer,
@@
-707,7
+707,7
@@
enum WORK_STATE server_post_work(SSL *s, enum WORK_STATE wst)
* 1: Success
* 0: Error
*/
* 1: Success
* 0: Error
*/
-int server_construct_message(SSL *s)
+int
ossl_statem_
server_construct_message(SSL *s)
{
OSSL_STATEM *st = &s->statem;
{
OSSL_STATEM *st = &s->statem;
@@
-767,7
+767,7
@@
int server_construct_message(SSL *s)
* Returns the maximum allowed length for the current message that we are
* reading. Excludes the message header.
*/
* Returns the maximum allowed length for the current message that we are
* reading. Excludes the message header.
*/
-unsigned long server_max_message_size(SSL *s)
+unsigned long
ossl_statem_
server_max_message_size(SSL *s)
{
OSSL_STATEM *st = &s->statem;
{
OSSL_STATEM *st = &s->statem;
@@
-806,7
+806,7
@@
unsigned long server_max_message_size(SSL *s)
/*
* Process a message that the server has received from the client.
*/
/*
* Process a message that the server has received from the client.
*/
-
enum MSG_PROCESS_RETURN
server_process_message(SSL *s, PACKET *pkt)
+
MSG_PROCESS_RETURN ossl_statem_
server_process_message(SSL *s, PACKET *pkt)
{
OSSL_STATEM *st = &s->statem;
{
OSSL_STATEM *st = &s->statem;
@@
-846,7
+846,7
@@
enum MSG_PROCESS_RETURN server_process_message(SSL *s, PACKET *pkt)
* Perform any further processing required following the receipt of a message
* from the client
*/
* Perform any further processing required following the receipt of a message
* from the client
*/
-
enum WORK_STATE server_post_process_message(SSL *s, enum
WORK_STATE wst)
+
WORK_STATE ossl_statem_server_post_process_message(SSL *s,
WORK_STATE wst)
{
OSSL_STATEM *st = &s->statem;
{
OSSL_STATEM *st = &s->statem;
@@
-976,7
+976,7
@@
int dtls_construct_hello_verify_request(SSL *s)
return 1;
}
return 1;
}
-
enum
MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
+MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
{
int i, al = SSL_AD_INTERNAL_ERROR;
unsigned int j, complen = 0;
{
int i, al = SSL_AD_INTERNAL_ERROR;
unsigned int j, complen = 0;
@@
-1516,9
+1516,9
@@
enum MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
}
}
-
enum WORK_STATE tls_post_process_client_hello(SSL *s, enum
WORK_STATE wst)
+
WORK_STATE tls_post_process_client_hello(SSL *s,
WORK_STATE wst)
{
{
- int al;
+ int al
= SSL_AD_HANDSHAKE_FAILURE
;
SSL_CIPHER *cipher;
if (wst == WORK_MORE_A) {
SSL_CIPHER *cipher;
if (wst == WORK_MORE_A) {
@@
-1540,7
+1540,6
@@
enum WORK_STATE tls_post_process_client_hello(SSL *s, enum WORK_STATE wst)
cipher = ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s));
if (cipher == NULL) {
cipher = ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s));
if (cipher == NULL) {
- al = SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER);
goto f_err;
}
SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO, SSL_R_NO_SHARED_CIPHER);
goto f_err;
}
@@
-1558,8
+1557,10
@@
enum WORK_STATE tls_post_process_client_hello(SSL *s, enum WORK_STATE wst)
}
if (!SSL_USE_SIGALGS(s) || !(s->verify_mode & SSL_VERIFY_PEER)) {
}
if (!SSL_USE_SIGALGS(s) || !(s->verify_mode & SSL_VERIFY_PEER)) {
- if (!ssl3_digest_cached_records(s, 0))
+ if (!ssl3_digest_cached_records(s, 0)) {
+ al = SSL_AD_INTERNAL_ERROR;
goto f_err;
goto f_err;
+ }
}
/*-
}
/*-
@@
-1577,7
+1578,8
@@
enum WORK_STATE tls_post_process_client_hello(SSL *s, enum WORK_STATE wst)
/* Handles TLS extensions that we couldn't check earlier */
if (s->version >= SSL3_VERSION) {
if (ssl_check_clienthello_tlsext_late(s) <= 0) {
/* Handles TLS extensions that we couldn't check earlier */
if (s->version >= SSL3_VERSION) {
if (ssl_check_clienthello_tlsext_late(s) <= 0) {
- SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT);
+ SSLerr(SSL_F_TLS_POST_PROCESS_CLIENT_HELLO,
+ SSL_R_CLIENTHELLO_TLSEXT);
goto f_err;
}
}
goto f_err;
}
}
@@
-2264,7
+2266,7
@@
int tls_construct_certificate_request(SSL *s)
return 0;
}
return 0;
}
-
enum
MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
+MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
{
int al;
unsigned int i;
{
int al;
unsigned int i;
@@
-2892,8
+2894,7
@@
enum MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
return MSG_PROCESS_ERROR;
}
return MSG_PROCESS_ERROR;
}
-enum WORK_STATE tls_post_process_client_key_exchange(SSL *s,
- enum WORK_STATE wst)
+WORK_STATE tls_post_process_client_key_exchange(SSL *s, WORK_STATE wst)
{
#ifndef OPENSSL_NO_SCTP
if (wst == WORK_MORE_A) {
{
#ifndef OPENSSL_NO_SCTP
if (wst == WORK_MORE_A) {
@@
-2904,8
+2905,8
@@
enum WORK_STATE tls_post_process_client_key_exchange(SSL *s,
* Add new shared key for SCTP-Auth, will be ignored if no SCTP
* used.
*/
* Add new shared key for SCTP-Auth, will be ignored if no SCTP
* used.
*/
-
snprintf((char *)labelbuffer, sizeof(DTLS1_SCTP_AUTH_LABEL)
,
-
DTLS1_SCTP_AUTH_LABEL
);
+
memcpy(labelbuffer, DTLS1_SCTP_AUTH_LABEL
,
+
sizeof(DTLS1_SCTP_AUTH_LABEL)
);
if (SSL_export_keying_material(s, sctpauthkey,
sizeof(sctpauthkey), labelbuffer,
if (SSL_export_keying_material(s, sctpauthkey,
sizeof(sctpauthkey), labelbuffer,
@@
-3003,7
+3004,7
@@
enum WORK_STATE tls_post_process_client_key_exchange(SSL *s,
return WORK_FINISHED_CONTINUE;
}
return WORK_FINISHED_CONTINUE;
}
-
enum
MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
+MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
{
EVP_PKEY *pkey = NULL;
unsigned char *sig, *data;
{
EVP_PKEY *pkey = NULL;
unsigned char *sig, *data;
@@
-3179,7
+3180,7
@@
enum MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt)
return ret;
}
return ret;
}
-
enum
MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
+MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
{
int i, al = SSL_AD_INTERNAL_ERROR, ret = MSG_PROCESS_ERROR;
X509 *x = NULL;
{
int i, al = SSL_AD_INTERNAL_ERROR, ret = MSG_PROCESS_ERROR;
X509 *x = NULL;
@@
-3499,7
+3500,7
@@
int tls_construct_cert_status(SSL *s)
* tls_process_next_proto reads a Next Protocol Negotiation handshake message.
* It sets the next_proto member in s if found
*/
* tls_process_next_proto reads a Next Protocol Negotiation handshake message.
* It sets the next_proto member in s if found
*/
-
enum
MSG_PROCESS_RETURN tls_process_next_proto(SSL *s, PACKET *pkt)
+MSG_PROCESS_RETURN tls_process_next_proto(SSL *s, PACKET *pkt)
{
PACKET next_proto, padding;
size_t next_proto_len;
{
PACKET next_proto, padding;
size_t next_proto_len;