X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fd1_srtp.c;h=e49aea9be1e4bf5866d47834c1b976819e1e4375;hp=c7861b8c8ffd58a9fb2987782da5c2cfa36a14aa;hb=fbdf0299dc98bc611d854c0a62c6ab1810d856fc;hpb=0f113f3ee4d629ef9a4a30911b22b224772085e5 diff --git a/ssl/d1_srtp.c b/ssl/d1_srtp.c index c7861b8c8f..e49aea9be1 100644 --- a/ssl/d1_srtp.c +++ b/ssl/d1_srtp.c @@ -1,4 +1,3 @@ -/* ssl/t1_lib.c */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -129,16 +128,14 @@ static SRTP_PROTECTION_PROFILE srtp_known_profiles[] = { "SRTP_AES128_CM_SHA1_32", SRTP_AES128_CM_SHA1_32, }, -# if 0 { - "SRTP_NULL_SHA1_80", - SRTP_NULL_SHA1_80, + "SRTP_AEAD_AES_128_GCM", + SRTP_AEAD_AES_128_GCM }, { - "SRTP_NULL_SHA1_32", - SRTP_NULL_SHA1_32, + "SRTP_AEAD_AES_256_GCM", + SRTP_AEAD_AES_256_GCM }, -# endif {0} }; @@ -149,7 +146,8 @@ static int find_profile_by_name(char *profile_name, p = srtp_known_profiles; while (p->name) { - if ((len == strlen(p->name)) && !strncmp(p->name, profile_name, len)) { + if ((len == strlen(p->name)) + && strncmp(p->name, profile_name, len) == 0) { *pptr = p; return 0; } @@ -167,10 +165,9 @@ static int ssl_ctx_make_profiles(const char *profiles_string, char *col; char *ptr = (char *)profiles_string; - SRTP_PROTECTION_PROFILE *p; - if (!(profiles = sk_SRTP_PROTECTION_PROFILE_new_null())) { + if ((profiles = sk_SRTP_PROTECTION_PROFILE_new_null()) == NULL) { SSLerr(SSL_F_SSL_CTX_MAKE_PROFILES, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); return 1; @@ -200,6 +197,8 @@ static int ssl_ctx_make_profiles(const char *profiles_string, ptr = col + 1; } while (col); + sk_SRTP_PROTECTION_PROFILE_free(*out); + *out = profiles; return 0; @@ -276,38 +275,18 @@ int ssl_add_clienthello_use_srtp_ext(SSL *s, unsigned char *p, int *len, return 0; } -int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len, - int *al) +int ssl_parse_clienthello_use_srtp_ext(SSL *s, PACKET *pkt, int *al) { SRTP_PROTECTION_PROFILE *sprof; STACK_OF(SRTP_PROTECTION_PROFILE) *srvr; - int ct; - int mki_len; + unsigned int ct, mki_len, id; int i, srtp_pref; - unsigned int id; - - /* Length value + the MKI length */ - if (len < 3) { - SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, - SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); - *al = SSL_AD_DECODE_ERROR; - return 1; - } - - /* Pull off the length of the cipher suite list */ - n2s(d, ct); - len -= 2; - - /* Check that it is even */ - if (ct % 2) { - SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, - SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); - *al = SSL_AD_DECODE_ERROR; - return 1; - } + PACKET subpkt; - /* Check that lengths are consistent */ - if (len < (ct + 1)) { + /* Pull off the length of the cipher suite list and check it is even */ + if (!PACKET_get_net_2(pkt, &ct) + || (ct & 1) != 0 + || !PACKET_get_sub_packet(pkt, &subpkt, ct)) { SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *al = SSL_AD_DECODE_ERROR; @@ -319,10 +298,13 @@ int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len, /* Search all profiles for a match initially */ srtp_pref = sk_SRTP_PROTECTION_PROFILE_num(srvr); - while (ct) { - n2s(d, id); - ct -= 2; - len -= 2; + while (PACKET_remaining(&subpkt)) { + if (!PACKET_get_net_2(&subpkt, &id)) { + SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, + SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); + *al = SSL_AD_DECODE_ERROR; + return 1; + } /* * Only look for match in profiles of higher preference than @@ -343,11 +325,15 @@ int ssl_parse_clienthello_use_srtp_ext(SSL *s, unsigned char *d, int len, /* * Now extract the MKI value as a sanity check, but discard it for now */ - mki_len = *d; - d++; - len--; + if (!PACKET_get_1(pkt, &mki_len)) { + SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, + SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); + *al = SSL_AD_DECODE_ERROR; + return 1; + } - if (mki_len != len) { + if (!PACKET_forward(pkt, mki_len) + || PACKET_remaining(pkt)) { SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_USE_SRTP_EXT, SSL_R_BAD_SRTP_MKI_VALUE); *al = SSL_AD_DECODE_ERROR; @@ -381,33 +367,27 @@ int ssl_add_serverhello_use_srtp_ext(SSL *s, unsigned char *p, int *len, return 0; } -int ssl_parse_serverhello_use_srtp_ext(SSL *s, unsigned char *d, int len, - int *al) +int ssl_parse_serverhello_use_srtp_ext(SSL *s, PACKET *pkt, int *al) { - unsigned id; + unsigned int id, ct, mki; int i; - int ct; STACK_OF(SRTP_PROTECTION_PROFILE) *clnt; SRTP_PROTECTION_PROFILE *prof; - if (len != 5) { - SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT, - SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); - *al = SSL_AD_DECODE_ERROR; - return 1; - } - - n2s(d, ct); - if (ct != 2) { + if (!PACKET_get_net_2(pkt, &ct) + || ct != 2 + || !PACKET_get_net_2(pkt, &id) + || !PACKET_get_1(pkt, &mki) + || PACKET_remaining(pkt) != 0) { SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); *al = SSL_AD_DECODE_ERROR; return 1; } - n2s(d, id); - if (*d) { /* Must be no MKI, since we never offer one */ + if (mki != 0) { + /* Must be no MKI, since we never offer one */ SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_USE_SRTP_EXT, SSL_R_BAD_SRTP_MKI_VALUE); *al = SSL_AD_ILLEGAL_PARAMETER;