diff --git a/ssl/packet.c b/ssl/packet.c index 8528d8be089f79b638579db05a645eaf0d49a056..6b6cc481a23c52b9931e84054bd4e0277698ab42 100644 --- a/ssl/packet.c +++ b/ssl/packet.c @@ -10,10 +10,10 @@ #include "packet_locl.h" /* - * Allocate bytes in the PACKETW_BUF for the output. This reserves the bytes + * Allocate bytes in the WPACKET_BUF for the output. This reserves the bytes * and count them as "written", but doesn't actually do the writing. */ -static unsigned char *PACKETW_BUF_allocate(PACKETW_BUF *wbuf, size_t len) +static unsigned char *WPACKET_BUF_allocate(WPACKET_BUF *wbuf, size_t len) { unsigned char *ret = wbuf->curr; @@ -40,19 +40,19 @@ static unsigned char *PACKETW_BUF_allocate(PACKETW_BUF *wbuf, size_t len) } /* - * Initialise a PACKETW with the buffer in |buf|. The buffer must exist - * for the whole time that the PACKETW is being used. Additionally |lenbytes| of + * Initialise a WPACKET with the buffer in |buf|. The buffer must exist + * for the whole time that the WPACKET is being used. Additionally |lenbytes| of * data is preallocated at the start of the buffer to store the length of the - * PACKETW once we know it. + * WPACKET once we know it. */ -int PACKETW_init_len(PACKETW *pkt, BUF_MEM *buf, size_t lenbytes) +int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes) { - PACKETW_BUF *wbuf; + WPACKET_BUF *wbuf; /* Sanity check */ if (buf == NULL) return 0; - wbuf = OPENSSL_zalloc(sizeof(PACKETW_BUF)); + wbuf = OPENSSL_zalloc(sizeof(WPACKET_BUF)); if (wbuf == NULL) { pkt->isclosed = 1; return 0; @@ -75,7 +75,7 @@ int PACKETW_init_len(PACKETW *pkt, BUF_MEM *buf, size_t lenbytes) return 1; } - pkt->packet_len = PACKETW_BUF_allocate(wbuf, lenbytes); + pkt->packet_len = WPACKET_BUF_allocate(wbuf, lenbytes); if (pkt->packet_len == NULL) { OPENSSL_free(wbuf); pkt->wbuf = NULL; @@ -87,23 +87,23 @@ int PACKETW_init_len(PACKETW *pkt, BUF_MEM *buf, size_t lenbytes) } /* - * Same as PACKETW_init_len except there is no preallocation of the PACKETW + * Same as WPACKET_init_len except there is no preallocation of the WPACKET * length. */ -int PACKETW_init(PACKETW *pkt, BUF_MEM *buf) +int WPACKET_init(WPACKET *pkt, BUF_MEM *buf) { - return PACKETW_init_len(pkt, buf, 0); + return WPACKET_init_len(pkt, buf, 0); } /* - * Set the PACKETW length, and the location for where we should write that - * length. Normally this will be at the start of the PACKETW, and therefore - * the PACKETW would have been initialised via PACKETW_init_len(). However there + * Set the WPACKET length, and the location for where we should write that + * length. Normally this will be at the start of the WPACKET, and therefore + * the WPACKET would have been initialised via WPACKET_init_len(). However there * is the possibility that the length needs to be written to some other location - * other than the start of the PACKETW. In that case init via PACKETW_init() and + * other than the start of the WPACKET. In that case init via WPACKET_init() and * then set the location for the length using this function. */ -int PACKETW_set_packet_len(PACKETW *pkt, unsigned char *packet_len, +int WPACKET_set_packet_len(WPACKET *pkt, unsigned char *packet_len, size_t lenbytes) { /* We only allow this to be set once */ @@ -116,7 +116,7 @@ int PACKETW_set_packet_len(PACKETW *pkt, unsigned char *packet_len, return 1; } -int PACKETW_set_flags(PACKETW *pkt, unsigned int flags) +int WPACKET_set_flags(WPACKET *pkt, unsigned int flags) { pkt->flags = flags; @@ -124,12 +124,12 @@ int PACKETW_set_flags(PACKETW *pkt, unsigned int flags) } /* - * Closes the PACKETW and marks it as invalid for future writes. It also writes + * Closes the WPACKET and marks it as invalid for future writes. It also writes * out the length of the packet to the required location (normally the start - * of the PACKETW) if appropriate. A PACKETW cannot be closed if it has an + * of the WPACKET) if appropriate. A WPACKET cannot be closed if it has an * active sub-packet. */ -int PACKETW_close(PACKETW *pkt) +int WPACKET_close(WPACKET *pkt) { size_t packlen; @@ -137,12 +137,12 @@ int PACKETW_close(PACKETW *pkt) return 0; packlen = pkt->wbuf->written - pkt->pwritten; - if (packlen == 0 && pkt->flags & OPENSSL_PACKETW_FLAGS_NON_ZERO_LENGTH) + if (packlen == 0 && pkt->flags & OPENSSL_WPACKET_FLAGS_NON_ZERO_LENGTH) return 0; if (packlen == 0 - && pkt->flags & OPENSSL_PACKETW_FLAGS_ABANDON_ON_ZERO_LENGTH) { - /* Deallocate any bytes allocated for the length of the PACKETW */ + && pkt->flags & OPENSSL_WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) { + /* Deallocate any bytes allocated for the length of the WPACKET */ if ((pkt->wbuf->curr - pkt->lenbytes) == pkt->packet_len) { pkt->wbuf->written -= pkt->lenbytes; pkt->wbuf->curr -= pkt->lenbytes; @@ -152,7 +152,7 @@ int PACKETW_close(PACKETW *pkt) pkt->packet_len = NULL; } - /* Write out the PACKETW length if needed */ + /* Write out the WPACKET length if needed */ if (pkt->packet_len != NULL) { size_t lenbytes; @@ -189,7 +189,7 @@ int PACKETW_close(PACKETW *pkt) * Additionally |lenbytes| of data is preallocated at the start of the * sub-packet to store its length once we know it. */ -int PACKETW_get_sub_packet_len(PACKETW *pkt, PACKETW *subpkt, size_t lenbytes) +int WPACKET_get_sub_packet_len(WPACKET *pkt, WPACKET *subpkt, size_t lenbytes) { if (pkt->isclosed || pkt->haschild || subpkt == NULL) return 0; @@ -207,7 +207,7 @@ int PACKETW_get_sub_packet_len(PACKETW *pkt, PACKETW *subpkt, size_t lenbytes) return 1; } - subpkt->packet_len = PACKETW_BUF_allocate(pkt->wbuf, lenbytes); + subpkt->packet_len = WPACKET_BUF_allocate(pkt->wbuf, lenbytes); if (subpkt->packet_len == NULL) { subpkt->isclosed = 1; return 0; @@ -219,20 +219,20 @@ int PACKETW_get_sub_packet_len(PACKETW *pkt, PACKETW *subpkt, size_t lenbytes) } /* - * Same as PACKETW_get_sub_packet_len() except no bytes are pre-allocated for + * Same as WPACKET_get_sub_packet_len() except no bytes are pre-allocated for * the sub-packet length. */ -int PACKETW_get_sub_packet(PACKETW *pkt, PACKETW *subpkt) +int WPACKET_get_sub_packet(WPACKET *pkt, WPACKET *subpkt) { - return PACKETW_get_sub_packet_len(pkt, subpkt, 0); + return WPACKET_get_sub_packet_len(pkt, subpkt, 0); } /* - * Allocate some bytes in the PACKETW for writing. That number of bytes is + * Allocate some bytes in the WPACKET for writing. That number of bytes is * marked as having been written, and a pointer to their location is stored in * |*allocbytes|. */ -int PACKETW_allocate_bytes(PACKETW *pkt, size_t bytes, +int WPACKET_allocate_bytes(WPACKET *pkt, size_t bytes, unsigned char **allocbytes) { unsigned char *data; @@ -240,7 +240,7 @@ int PACKETW_allocate_bytes(PACKETW *pkt, size_t bytes, if (pkt->isclosed || pkt->haschild || bytes == 0) return 0; - data = PACKETW_BUF_allocate(pkt->wbuf, bytes); + data = WPACKET_BUF_allocate(pkt->wbuf, bytes); if (data == NULL) return 0; @@ -250,17 +250,17 @@ int PACKETW_allocate_bytes(PACKETW *pkt, size_t bytes, } /* - * Write the value stored in |val| into the PACKETW. The value will consome + * Write the value stored in |val| into the WPACKET. The value will consome * |bytes| amount of storage. An error will occur if |val| cannot be accommdated * in |bytes| storage, e.g. attempting to write the value 256 into 1 byte will * fail. */ -int PACKETW_put_bytes(PACKETW *pkt, unsigned int val, size_t bytes) +int WPACKET_put_bytes(WPACKET *pkt, unsigned int val, size_t bytes) { unsigned char *data; if (bytes > sizeof(unsigned int) - || !PACKETW_allocate_bytes(pkt, bytes, &data)) + || !WPACKET_allocate_bytes(pkt, bytes, &data)) return 0; data += bytes - 1; @@ -278,10 +278,10 @@ int PACKETW_put_bytes(PACKETW *pkt, unsigned int val, size_t bytes) } /* - * Set a maximum size that we will not allow the PACKETW to grow beyond. If not + * Set a maximum size that we will not allow the WPACKET to grow beyond. If not * set then there is no maximum. */ -int PACKETW_set_max_size(PACKETW *pkt, size_t maxsize) +int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize) { pkt->wbuf->maxsize = maxsize; @@ -289,16 +289,16 @@ int PACKETW_set_max_size(PACKETW *pkt, size_t maxsize) } /* - * Copy |len| bytes of data from |*src| into the PACKETW. + * Copy |len| bytes of data from |*src| into the WPACKET. */ -int PACKETW_memcpy(PACKETW *pkt, const void *src, size_t len) +int WPACKET_memcpy(WPACKET *pkt, const void *src, size_t len) { unsigned char *dest; if (len == 0) return 1; - if (!PACKETW_allocate_bytes(pkt, len, &dest)) + if (!WPACKET_allocate_bytes(pkt, len, &dest)) return 0; memcpy(dest, src, len); @@ -308,9 +308,9 @@ int PACKETW_memcpy(PACKETW *pkt, const void *src, size_t len) /* * Return the total number of bytes written so far to the underlying buffer. - * This might includes bytes written by a parent PACKETW. + * This might includes bytes written by a parent WPACKET. */ -int PACKETW_get_total_written(PACKETW *pkt, size_t *written) +int WPACKET_get_total_written(WPACKET *pkt, size_t *written) { if (pkt->isclosed || written == NULL) return 0; @@ -321,10 +321,10 @@ int PACKETW_get_total_written(PACKETW *pkt, size_t *written) } /* - * Returns the length of this PACKETW so far. This excludes any bytes allocated + * Returns the length of this WPACKET so far. This excludes any bytes allocated * for the length itself. */ -int PACKETW_get_length(PACKETW *pkt, size_t *len) +int WPACKET_get_length(WPACKET *pkt, size_t *len) { if (pkt->isclosed || len == NULL) return 0; diff --git a/ssl/packet_locl.h b/ssl/packet_locl.h index e7830475073cea9ba830c46a9ef1d821a6346e0d..88bc7ddebc621a8294975742bbd0dc89dc7c6341 100644 --- a/ssl/packet_locl.h +++ b/ssl/packet_locl.h @@ -562,25 +562,25 @@ typedef struct packetw_buf { size_t written; /* - * Maximum number of bytes we will allow to be written to this PACKETW. Zero + * Maximum number of bytes we will allow to be written to this WPACKET. Zero * if no maximum */ size_t maxsize; -} PACKETW_BUF; +} WPACKET_BUF; -typedef struct packetw_st PACKETW; +typedef struct packetw_st WPACKET; struct packetw_st { - /* The parent PACKETW if we have one or NULL otherwise */ - PACKETW *parent; + /* The parent WPACKET if we have one or NULL otherwise */ + WPACKET *parent; /* The actual buffer - shared with sub-packets */ - PACKETW_BUF *wbuf; + WPACKET_BUF *wbuf; - /* Flags for this PACKETW */ + /* Flags for this WPACKET */ unsigned int flags; /* - * Pointer to where the length of this PACKETW goes (or NULL if we don't + * Pointer to where the length of this WPACKET goes (or NULL if we don't * write the length) */ unsigned char *packet_len; @@ -594,35 +594,35 @@ struct packetw_st { /* True if we have an active sub-packet or false otherwise */ int haschild; - /* True if PACKETW_close() has been called on this PACKETW */ + /* True if WPACKET_close() has been called on this WPACKET */ int isclosed; }; /* Flags */ -#define OPENSSL_PACKETW_FLAGS_NONE 0 -/* Error on PACKETW_close() if no data written to the PACKETW */ -#define OPENSSL_PACKETW_FLAGS_NON_ZERO_LENGTH 1 +#define OPENSSL_WPACKET_FLAGS_NONE 0 +/* Error on WPACKET_close() if no data written to the WPACKET */ +#define OPENSSL_WPACKET_FLAGS_NON_ZERO_LENGTH 1 /* - * Abandon all changes on PACKETW_close() if no data written to the PACKETW, + * Abandon all changes on WPACKET_close() if no data written to the WPACKET, * i.e. this does not write out a zero packet length */ -#define OPENSSL_PACKETW_FLAGS_ABANDON_ON_ZERO_LENGTH 2 +#define OPENSSL_WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH 2 -int PACKETW_init_len(PACKETW *pkt, BUF_MEM *buf, size_t lenbytes); -int PACKETW_init(PACKETW *pkt, BUF_MEM *buf); -int PACKETW_set_flags(PACKETW *pkt, unsigned int flags); -int PACKETW_set_packet_len(PACKETW *pkt, unsigned char *packet_len, +int WPACKET_init_len(WPACKET *pkt, BUF_MEM *buf, size_t lenbytes); +int WPACKET_init(WPACKET *pkt, BUF_MEM *buf); +int WPACKET_set_flags(WPACKET *pkt, unsigned int flags); +int WPACKET_set_packet_len(WPACKET *pkt, unsigned char *packet_len, size_t lenbytes); -int PACKETW_close(PACKETW *pkt); -int PACKETW_get_sub_packet_len(PACKETW *pkt, PACKETW *subpkt, size_t lenbytes); -int PACKETW_get_sub_packet(PACKETW *pkt, PACKETW *subpkt); -int PACKETW_allocate_bytes(PACKETW *pkt, size_t bytes, +int WPACKET_close(WPACKET *pkt); +int WPACKET_get_sub_packet_len(WPACKET *pkt, WPACKET *subpkt, size_t lenbytes); +int WPACKET_get_sub_packet(WPACKET *pkt, WPACKET *subpkt); +int WPACKET_allocate_bytes(WPACKET *pkt, size_t bytes, unsigned char **allocbytes); -int PACKETW_put_bytes(PACKETW *pkt, unsigned int val, size_t bytes); -int PACKETW_set_max_size(PACKETW *pkt, size_t maxsize); -int PACKETW_memcpy(PACKETW *pkt, const void *src, size_t len); -int PACKETW_get_total_written(PACKETW *pkt, size_t *written); -int PACKETW_get_length(PACKETW *pkt, size_t *len); +int WPACKET_put_bytes(WPACKET *pkt, unsigned int val, size_t bytes); +int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize); +int WPACKET_memcpy(WPACKET *pkt, const void *src, size_t len); +int WPACKET_get_total_written(WPACKET *pkt, size_t *written); +int WPACKET_get_length(WPACKET *pkt, size_t *len); # ifdef __cplusplus } diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 9f7c6cc7826d3f6aedc85d8047b772ae294b4ec6..7cec0116c0fe98e5997db791eb6bf98053d094ed 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -2790,16 +2790,16 @@ int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len) } /* - * Temporary name. To be renamed ssl3_set_handshake_header() once all PACKETW + * Temporary name. To be renamed ssl3_set_handshake_header() once all WPACKET * conversion is complete. The old ssl3_set_handshake_heder() can be deleted * at that point. * TODO - RENAME ME */ -int ssl3_set_handshake_header2(SSL *s, PACKETW *pkt, PACKETW *body, int htype) +int ssl3_set_handshake_header2(SSL *s, WPACKET *pkt, WPACKET *body, int htype) { /* Set the content type and 3 bytes for the message len */ - if (!PACKETW_put_bytes(pkt, htype, 1) - || !PACKETW_get_sub_packet_len(pkt, body, 3)) + if (!WPACKET_put_bytes(pkt, htype, 1) + || !WPACKET_get_sub_packet_len(pkt, body, 3)) return 0; return 1; @@ -3573,7 +3573,7 @@ const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p) /* * Old version of the ssl3_put_cipher_by_char function used by code that has not - * yet been converted to PACKETW yet. It will be deleted once PACKETW conversion + * yet been converted to WPACKET yet. It will be deleted once WPACKET conversion * is complete. * TODO - DELETE ME */ @@ -3591,14 +3591,14 @@ int ssl3_put_cipher_by_char_old(const SSL_CIPHER *c, unsigned char *p) return (2); } -int ssl3_put_cipher_by_char(const SSL_CIPHER *c, PACKETW *pkt, size_t *len) +int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len) { if ((c->id & 0xff000000) != 0x03000000) { *len = 0; return 1; } - if (!PACKETW_put_bytes(pkt, c->id & 0xffff, 2)) + if (!WPACKET_put_bytes(pkt, c->id & 0xffff, 2)) return 0; *len = 2; diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 29ad18d05ff6e48f7c80d4a055d3bfbdff121534..b4aa0914533cbf13906c91e26519ce6a142bdcb5 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -457,7 +457,7 @@ struct ssl_method_st { long (*ssl_ctrl) (SSL *s, int cmd, long larg, void *parg); long (*ssl_ctx_ctrl) (SSL_CTX *ctx, int cmd, long larg, void *parg); const SSL_CIPHER *(*get_cipher_by_char) (const unsigned char *ptr); - int (*put_cipher_by_char) (const SSL_CIPHER *cipher, PACKETW *pkt, + int (*put_cipher_by_char) (const SSL_CIPHER *cipher, WPACKET *pkt, size_t *len); int (*ssl_pending) (const SSL *s); int (*num_ciphers) (void); @@ -1586,10 +1586,10 @@ typedef struct ssl3_enc_method { /* Set the handshake header */ int (*set_handshake_header) (SSL *s, int type, unsigned long len); /* Set the handshake header */ - int (*set_handshake_header2) (SSL *s, PACKETW *pkt, PACKETW *body, + int (*set_handshake_header2) (SSL *s, WPACKET *pkt, WPACKET *body, int type); /* Close construction of the handshake message */ - int (*close_construct_packet) (SSL *s, PACKETW *pkt); + int (*close_construct_packet) (SSL *s, WPACKET *pkt); /* Write out handshake message */ int (*do_write) (SSL *s); } SSL3_ENC_METHOD; @@ -1865,7 +1865,7 @@ __owur EVP_PKEY *ssl_dh_to_pkey(DH *dh); __owur const SSL_CIPHER *ssl3_get_cipher_by_char(const unsigned char *p); __owur int ssl3_put_cipher_by_char_old(const SSL_CIPHER *c, unsigned char *p); -__owur int ssl3_put_cipher_by_char(const SSL_CIPHER *c, PACKETW *pkt, +__owur int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET *pkt, size_t *len); int ssl3_init_finished_mac(SSL *s); __owur int ssl3_setup_key_block(SSL *s); @@ -1906,12 +1906,12 @@ __owur int ssl3_do_change_cipher_spec(SSL *ssl); __owur long ssl3_default_timeout(void); __owur int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len); -__owur int ssl3_set_handshake_header2(SSL *s, PACKETW *pkt, PACKETW *body, +__owur int ssl3_set_handshake_header2(SSL *s, WPACKET *pkt, WPACKET *body, int htype); -__owur int tls_close_construct_packet(SSL *s, PACKETW *pkt); -__owur int dtls1_set_handshake_header2(SSL *s, PACKETW *pkt, PACKETW *body, +__owur int tls_close_construct_packet(SSL *s, WPACKET *pkt); +__owur int dtls1_set_handshake_header2(SSL *s, WPACKET *pkt, WPACKET *body, int htype); -__owur int dtls1_close_construct_packet(SSL *s, PACKETW *pkt); +__owur int dtls1_close_construct_packet(SSL *s, WPACKET *pkt); __owur int ssl3_handshake_write(SSL *s); __owur int ssl_allow_compression(SSL *s); @@ -2020,7 +2020,7 @@ __owur EVP_PKEY *ssl_generate_pkey_curve(int id); __owur int tls1_shared_list(SSL *s, const unsigned char *l1, size_t l1len, const unsigned char *l2, size_t l2len, int nmatch); -__owur int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al); +__owur int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int *al); __owur unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf, unsigned char *limit, int *al); __owur int ssl_parse_clienthello_tlsext(SSL *s, PACKET *pkt); @@ -2075,7 +2075,7 @@ __owur int ssl_parse_clienthello_renegotiate_ext(SSL *s, PACKET *pkt, int *al); __owur long ssl_get_algorithm2(SSL *s); __owur size_t tls12_copy_sigalgs_old(SSL *s, unsigned char *out, const unsigned char *psig, size_t psiglen); -__owur int tls12_copy_sigalgs(SSL *s, PACKETW *pkt, +__owur int tls12_copy_sigalgs(SSL *s, WPACKET *pkt, const unsigned char *psig, size_t psiglen); __owur int tls1_save_sigalgs(SSL *s, const unsigned char *data, int dsize); __owur int tls1_process_sigalgs(SSL *s); @@ -2125,7 +2125,7 @@ __owur int custom_ext_parse(SSL *s, int server, int *al); __owur int custom_ext_add_old(SSL *s, int server, unsigned char **pret, unsigned char *limit, int *al); -__owur int custom_ext_add(SSL *s, int server, PACKETW *pkt, int *al); +__owur int custom_ext_add(SSL *s, int server, WPACKET *pkt, int *al); __owur int custom_exts_copy(custom_ext_methods *dst, const custom_ext_methods *src); diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 0fdcfa2b59c52c9ac21b8ba27a09f5ed5892e683..faa44b6c02b2b8f76e68d285a1dc68a22b0eac47 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -63,7 +63,7 @@ static ossl_inline int cert_req_allowed(SSL *s); static int key_exchange_expected(SSL *s); static int ca_dn_cmp(const X509_NAME *const *a, const X509_NAME *const *b); static int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, - PACKETW *pkt); + WPACKET *pkt); /* * Is a CertificateRequest message allowed at the moment or not? @@ -697,10 +697,10 @@ int tls_construct_client_hello(SSL *s) SSL_COMP *comp; #endif SSL_SESSION *sess = s->session; - PACKETW pkt, body, spkt; + WPACKET pkt, body, spkt; - if (!PACKETW_init(&pkt, s->init_buf) - || !PACKETW_set_max_size(&pkt, SSL3_RT_MAX_PLAIN_LENGTH)) { + if (!WPACKET_init(&pkt, s->init_buf) + || !WPACKET_set_max_size(&pkt, SSL3_RT_MAX_PLAIN_LENGTH)) { /* Should not happen */ SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); goto err; @@ -782,8 +782,8 @@ int tls_construct_client_hello(SSL *s) * client_version in client hello and not resetting it to * the negotiated version. */ - if (!PACKETW_put_bytes(&body, s->client_version, 2) - || !PACKETW_memcpy(&body, s->s3->client_random, SSL3_RANDOM_SIZE)) { + if (!WPACKET_put_bytes(&body, s->client_version, 2) + || !WPACKET_memcpy(&body, s->s3->client_random, SSL3_RANDOM_SIZE)) { SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); goto err; } @@ -794,9 +794,9 @@ int tls_construct_client_hello(SSL *s) else i = s->session->session_id_length; if (i > (int)sizeof(s->session->session_id) - || !PACKETW_get_sub_packet_len(&body, &spkt, 1) - || (i != 0 && !PACKETW_memcpy(&spkt, s->session->session_id, i)) - || !PACKETW_close(&spkt)) { + || !WPACKET_get_sub_packet_len(&body, &spkt, 1) + || (i != 0 && !WPACKET_memcpy(&spkt, s->session->session_id, i)) + || !WPACKET_close(&spkt)) { SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); goto err; } @@ -804,29 +804,29 @@ int tls_construct_client_hello(SSL *s) /* cookie stuff for DTLS */ if (SSL_IS_DTLS(s)) { if (s->d1->cookie_len > sizeof(s->d1->cookie) - || !PACKETW_get_sub_packet_len(&body, &spkt, 1) - || !PACKETW_memcpy(&spkt, s->d1->cookie, s->d1->cookie_len) - || !PACKETW_close(&spkt)) { + || !WPACKET_get_sub_packet_len(&body, &spkt, 1) + || !WPACKET_memcpy(&spkt, s->d1->cookie, s->d1->cookie_len) + || !WPACKET_close(&spkt)) { SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); goto err; } } /* Ciphers supported */ - if (!PACKETW_get_sub_packet_len(&body, &spkt, 2)) { + if (!WPACKET_get_sub_packet_len(&body, &spkt, 2)) { SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); goto err; } /* ssl_cipher_list_to_bytes() raises SSLerr if appropriate */ if (!ssl_cipher_list_to_bytes(s, SSL_get_ciphers(s), &spkt)) goto err; - if (!PACKETW_close(&spkt)) { + if (!WPACKET_close(&spkt)) { SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); goto err; } /* COMPRESSION */ - if (!PACKETW_get_sub_packet_len(&body, &spkt, 1)) { + if (!WPACKET_get_sub_packet_len(&body, &spkt, 1)) { SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); goto err; } @@ -835,7 +835,7 @@ int tls_construct_client_hello(SSL *s) int compnum = sk_SSL_COMP_num(s->ctx->comp_methods); for (i = 0; i < compnum; i++) { comp = sk_SSL_COMP_value(s->ctx->comp_methods, i); - if (!PACKETW_put_bytes(&spkt, comp->id, 1)) { + if (!WPACKET_put_bytes(&spkt, comp->id, 1)) { SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); goto err; } @@ -843,7 +843,7 @@ int tls_construct_client_hello(SSL *s) } #endif /* Add the NULL method */ - if (!PACKETW_put_bytes(&spkt, 0, 1) || !PACKETW_close(&spkt)) { + if (!WPACKET_put_bytes(&spkt, 0, 1) || !WPACKET_close(&spkt)) { SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); goto err; } @@ -853,21 +853,21 @@ int tls_construct_client_hello(SSL *s) SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, SSL_R_CLIENTHELLO_TLSEXT); goto err; } - if (!PACKETW_get_sub_packet_len(&body, &spkt, 2) + if (!WPACKET_get_sub_packet_len(&body, &spkt, 2) /* * If extensions are of zero length then we don't even add the * extensions length bytes */ - || !PACKETW_set_flags(&spkt, - OPENSSL_PACKETW_FLAGS_ABANDON_ON_ZERO_LENGTH) + || !WPACKET_set_flags(&spkt, + OPENSSL_WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) || !ssl_add_clienthello_tlsext(s, &spkt, &al) - || !PACKETW_close(&spkt)) { + || !WPACKET_close(&spkt)) { ssl3_send_alert(s, SSL3_AL_FATAL, al); SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); goto err; } - if (!PACKETW_close(&body) || !ssl_close_construct_packet(s, &pkt)) { + if (!WPACKET_close(&body) || !ssl_close_construct_packet(s, &pkt)) { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR); goto err; @@ -2917,7 +2917,7 @@ int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey) return i; } -int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, PACKETW *pkt) +int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk, WPACKET *pkt) { int i; size_t totlen = 0, len, maxlen; diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c index 6d6c5a3aa6775187a59db331bffd717bf77f57ab..492d37736d8b9b2a8acb3b4cc4794130168f11e0 100644 --- a/ssl/statem/statem_dtls.c +++ b/ssl/statem/statem_dtls.c @@ -1192,12 +1192,12 @@ void dtls1_get_message_header(unsigned char *data, struct hm_header_st *msg_hdr) } /* - * Temporary name. To be renamed dtls1_set_handshake_header() once all PACKETW + * Temporary name. To be renamed dtls1_set_handshake_header() once all WPACKET * conversion is complete. The old dtls1_set_handshake_heder() can be deleted * at that point. * TODO - RENAME ME */ -int dtls1_set_handshake_header2(SSL *s, PACKETW *pkt, PACKETW *body, int htype) +int dtls1_set_handshake_header2(SSL *s, WPACKET *pkt, WPACKET *body, int htype) { unsigned char *header; dtls1_set_message_header(s, htype, 0, 0, 0); @@ -1206,20 +1206,20 @@ int dtls1_set_handshake_header2(SSL *s, PACKETW *pkt, PACKETW *body, int htype) * We allocate space at the start for the message header. This gets filled * in later */ - if (!PACKETW_allocate_bytes(pkt, DTLS1_HM_HEADER_LENGTH, &header) - || !PACKETW_get_sub_packet(pkt, body)) + if (!WPACKET_allocate_bytes(pkt, DTLS1_HM_HEADER_LENGTH, &header) + || !WPACKET_get_sub_packet(pkt, body)) return 0; return 1; } -int dtls1_close_construct_packet(SSL *s, PACKETW *pkt) +int dtls1_close_construct_packet(SSL *s, WPACKET *pkt) { size_t msglen; - if (!PACKETW_get_length(pkt, &msglen) + if (!WPACKET_get_length(pkt, &msglen) || msglen > INT_MAX - || !PACKETW_close(pkt)) + || !WPACKET_close(pkt)) return 0; s->d1->w_msg_hdr.msg_len = msglen - DTLS1_HM_HEADER_LENGTH; s->d1->w_msg_hdr.frag_len = msglen - DTLS1_HM_HEADER_LENGTH; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 2eaa2c0b1a9dc9d2c20988d9aea4b06b4517ee6b..3f5628cbc4911385ec39f52b3d5eeb0ac95a50d5 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -57,13 +57,13 @@ int ssl3_do_write(SSL *s, int type) return (0); } -int tls_close_construct_packet(SSL *s, PACKETW *pkt) +int tls_close_construct_packet(SSL *s, WPACKET *pkt) { size_t msglen; - if (!PACKETW_get_length(pkt, &msglen) + if (!WPACKET_get_length(pkt, &msglen) || msglen > INT_MAX - || !PACKETW_close(pkt)) + || !WPACKET_close(pkt)) return 0; s->init_num = (int)msglen; s->init_off = 0; diff --git a/ssl/t1_ext.c b/ssl/t1_ext.c index 1ccd4c8b15595d5673e1fc3f97a5675cd55cf8cd..734522b110c6dc8b053de0f0f012bbfae7203efd 100644 --- a/ssl/t1_ext.c +++ b/ssl/t1_ext.c @@ -72,8 +72,8 @@ int custom_ext_parse(SSL *s, int server, /* * Request custom extension data from the application and add to the return - * buffer. This is the old style function signature prior to PACKETW. This is - * here temporarily until the conversion to PACKETW is completed, i.e. it is + * buffer. This is the old style function signature prior to WPACKET. This is + * here temporarily until the conversion to WPACKET is completed, i.e. it is * used by code that hasn't been converted yet. * TODO - REMOVE THIS FUNCTION */ @@ -139,7 +139,7 @@ int custom_ext_add_old(SSL *s, int server, * Request custom extension data from the application and add to the return * buffer. */ -int custom_ext_add(SSL *s, int server, PACKETW *pkt, int *al) +int custom_ext_add(SSL *s, int server, WPACKET *pkt, int *al) { custom_ext_methods *exts = server ? &s->cert->srv_ext : &s->cert->cli_ext; custom_ext_method *meth; @@ -148,7 +148,7 @@ int custom_ext_add(SSL *s, int server, PACKETW *pkt, int *al) for (i = 0; i < exts->meths_count; i++) { const unsigned char *out = NULL; size_t outlen = 0; - PACKETW spkt; + WPACKET spkt; meth = exts->meths + i; @@ -172,10 +172,10 @@ int custom_ext_add(SSL *s, int server, PACKETW *pkt, int *al) continue; /* skip this extension */ } - if (!PACKETW_put_bytes(pkt, meth->ext_type, 2) - || !PACKETW_get_sub_packet_len(pkt, &spkt, 2) - || (outlen > 0 && !PACKETW_memcpy(&spkt, out, outlen)) - || !PACKETW_close(&spkt)) { + if (!WPACKET_put_bytes(pkt, meth->ext_type, 2) + || !WPACKET_get_sub_packet_len(pkt, &spkt, 2) + || (outlen > 0 && !WPACKET_memcpy(&spkt, out, outlen)) + || !WPACKET_close(&spkt)) { *al = SSL_AD_INTERNAL_ERROR; return 0; } diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 6e047918fd051401b8fed873ffaa032162b916f2..0ea80d9a10d86e95bfcc971c6d7f166b2e774fed 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1013,9 +1013,9 @@ static int tls1_check_duplicate_extensions(const PACKET *packet) return ret; } -int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) +int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int *al) { - PACKETW spkt; + WPACKET spkt; #ifndef OPENSSL_NO_EC /* See if we support any ECC ciphersuites */ int using_ecc = 0; @@ -1040,11 +1040,11 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) /* Add RI if renegotiating */ if (s->renegotiate) { - if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_renegotiate, 2) - || !PACKETW_get_sub_packet_len(pkt, &spkt, 2) - || !PACKETW_memcpy(&spkt, s->s3->previous_client_finished, + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_renegotiate, 2) + || !WPACKET_get_sub_packet_len(pkt, &spkt, 2) + || !WPACKET_memcpy(&spkt, s->s3->previous_client_finished, s->s3->previous_client_finished_len) - || !PACKETW_close(&spkt)) { + || !WPACKET_close(&spkt)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -1055,21 +1055,21 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) if (s->tlsext_hostname != NULL) { /* Add TLS extension servername to the Client Hello message */ - PACKETW slistpkt, hostpkt; + WPACKET slistpkt, hostpkt; - if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_server_name, 2) + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_server_name, 2) /* Sub-packet for server_name extension */ - || !PACKETW_get_sub_packet_len(pkt, &spkt, 2) + || !WPACKET_get_sub_packet_len(pkt, &spkt, 2) /* Sub-packet for servername list (always 1 hostname)*/ - || !PACKETW_get_sub_packet_len(&spkt, &slistpkt, 2) - || !PACKETW_put_bytes(&slistpkt, TLSEXT_NAMETYPE_host_name, 1) + || !WPACKET_get_sub_packet_len(&spkt, &slistpkt, 2) + || !WPACKET_put_bytes(&slistpkt, TLSEXT_NAMETYPE_host_name, 1) /* Sub-packet for a single hostname host name */ - || !PACKETW_get_sub_packet_len(&slistpkt, &hostpkt, 2) - || !PACKETW_memcpy(&hostpkt, s->tlsext_hostname, + || !WPACKET_get_sub_packet_len(&slistpkt, &hostpkt, 2) + || !WPACKET_memcpy(&hostpkt, s->tlsext_hostname, strlen(s->tlsext_hostname)) - || !PACKETW_close(&hostpkt) - || !PACKETW_close(&slistpkt) - || !PACKETW_close(&spkt)) { + || !WPACKET_close(&hostpkt) + || !WPACKET_close(&slistpkt) + || !WPACKET_close(&spkt)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -1077,19 +1077,19 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) #ifndef OPENSSL_NO_SRP /* Add SRP username if there is one */ if (s->srp_ctx.login != NULL) { - PACKETW loginpkt; + WPACKET loginpkt; - if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_srp, 2) + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_srp, 2) /* Sub-packet for SRP extension */ - || !PACKETW_get_sub_packet_len(pkt, &spkt, 2) - || !PACKETW_get_sub_packet_len(&spkt, &loginpkt, 1) + || !WPACKET_get_sub_packet_len(pkt, &spkt, 2) + || !WPACKET_get_sub_packet_len(&spkt, &loginpkt, 1) /* login must not be zero...internal error if so */ - || !PACKETW_set_flags(&loginpkt, - OPENSSL_PACKETW_FLAGS_NON_ZERO_LENGTH) - || !PACKETW_memcpy(&loginpkt, s->srp_ctx.login, + || !WPACKET_set_flags(&loginpkt, + OPENSSL_WPACKET_FLAGS_NON_ZERO_LENGTH) + || !WPACKET_memcpy(&loginpkt, s->srp_ctx.login, strlen(s->srp_ctx.login)) - || !PACKETW_close(&loginpkt) - || !PACKETW_close(&spkt)) { + || !WPACKET_close(&loginpkt) + || !WPACKET_close(&spkt)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -1098,7 +1098,7 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) #ifndef OPENSSL_NO_EC if (using_ecc) { - PACKETW formatspkt, curveslistpkt; + WPACKET formatspkt, curveslistpkt; /* * Add TLS extension ECPointFormats to the ClientHello message @@ -1109,13 +1109,13 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) tls1_get_formatlist(s, &pformats, &num_formats); - if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_ec_point_formats, 2) + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_ec_point_formats, 2) /* Sub-packet for formats extension */ - || !PACKETW_get_sub_packet_len(pkt, &spkt, 2) - || !PACKETW_get_sub_packet_len(&spkt, &formatspkt, 1) - || !PACKETW_memcpy(&formatspkt, pformats, num_formats) - || !PACKETW_close(&formatspkt) - || !PACKETW_close(&spkt)) { + || !WPACKET_get_sub_packet_len(pkt, &spkt, 2) + || !WPACKET_get_sub_packet_len(&spkt, &formatspkt, 1) + || !WPACKET_memcpy(&formatspkt, pformats, num_formats) + || !WPACKET_close(&formatspkt) + || !WPACKET_close(&spkt)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -1129,25 +1129,25 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) return 0; } - if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_elliptic_curves, 2) + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_elliptic_curves, 2) /* Sub-packet for curves extension */ - || !PACKETW_get_sub_packet_len(pkt, &spkt, 2) - || !PACKETW_get_sub_packet_len(&spkt, &curveslistpkt, 2)) { + || !WPACKET_get_sub_packet_len(pkt, &spkt, 2) + || !WPACKET_get_sub_packet_len(&spkt, &curveslistpkt, 2)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } /* Copy curve ID if supported */ for (i = 0; i < num_curves; i++, pcurves += 2) { if (tls_curve_allowed(s, pcurves, SSL_SECOP_CURVE_SUPPORTED)) { - if (!PACKETW_put_bytes(&curveslistpkt, pcurves[0], 1) - || !PACKETW_put_bytes(&curveslistpkt, pcurves[1], 1)) { + if (!WPACKET_put_bytes(&curveslistpkt, pcurves[0], 1) + || !WPACKET_put_bytes(&curveslistpkt, pcurves[1], 1)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } } } - if (!PACKETW_close(&curveslistpkt) || !PACKETW_close(&spkt)) { + if (!WPACKET_close(&curveslistpkt) || !WPACKET_close(&spkt)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -1175,11 +1175,11 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) s->tlsext_session_ticket->data == NULL) goto skip_ext; - if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_session_ticket, 2) + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_session_ticket, 2) /* Sub-packet for ticket extension */ - || !PACKETW_get_sub_packet_len(pkt, &spkt, 2) - || !PACKETW_memcpy(&spkt, s->session->tlsext_tick, ticklen) - || !PACKETW_close(&spkt)) { + || !WPACKET_get_sub_packet_len(pkt, &spkt, 2) + || !WPACKET_memcpy(&spkt, s->session->tlsext_tick, ticklen) + || !WPACKET_close(&spkt)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -1189,33 +1189,33 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) if (SSL_CLIENT_USE_SIGALGS(s)) { size_t salglen; const unsigned char *salg; - PACKETW salgslistpkt; + WPACKET salgslistpkt; salglen = tls12_get_psigalgs(s, &salg); - if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_signature_algorithms, 2) + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_signature_algorithms, 2) /* Sub-packet for sig-algs extension */ - || !PACKETW_get_sub_packet_len(pkt, &spkt, 2) + || !WPACKET_get_sub_packet_len(pkt, &spkt, 2) /* Sub-packet for the actual list */ - || !PACKETW_get_sub_packet_len(&spkt, &salgslistpkt, 2) + || !WPACKET_get_sub_packet_len(&spkt, &salgslistpkt, 2) || !tls12_copy_sigalgs(s, &salgslistpkt, salg, salglen) - || !PACKETW_close(&salgslistpkt) - || !PACKETW_close(&spkt)) { + || !WPACKET_close(&salgslistpkt) + || !WPACKET_close(&spkt)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } } #ifndef OPENSSL_NO_OCSP if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) { - PACKETW idspkt, extpkt; + WPACKET idspkt, extpkt; int i; - if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_status_request, 2) + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_status_request, 2) /* Sub-packet for status request extension */ - || !PACKETW_get_sub_packet_len(pkt, &spkt, 2) - || !PACKETW_put_bytes(&spkt, TLSEXT_STATUSTYPE_ocsp, 1) + || !WPACKET_get_sub_packet_len(pkt, &spkt, 2) + || !WPACKET_put_bytes(&spkt, TLSEXT_STATUSTYPE_ocsp, 1) /* Sub-packet for the ids */ - || !PACKETW_get_sub_packet_len(&spkt, &idspkt, 2)) { + || !WPACKET_get_sub_packet_len(&spkt, &idspkt, 2)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -1223,22 +1223,22 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) unsigned char *idbytes; int idlen; OCSP_RESPID *id; - PACKETW idpkt; + WPACKET idpkt; id = sk_OCSP_RESPID_value(s->tlsext_ocsp_ids, i); idlen = i2d_OCSP_RESPID(id, NULL); if (idlen <= 0 /* Sub-packet for an individual id */ - || !PACKETW_get_sub_packet_len(&idspkt, &idpkt, 1) - || !PACKETW_allocate_bytes(&idpkt, idlen, &idbytes) + || !WPACKET_get_sub_packet_len(&idspkt, &idpkt, 1) + || !WPACKET_allocate_bytes(&idpkt, idlen, &idbytes) || i2d_OCSP_RESPID(id, &idbytes) != idlen - || !PACKETW_close(&idpkt)) { + || !WPACKET_close(&idpkt)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } } - if (!PACKETW_close(&idspkt) - || !PACKETW_get_sub_packet_len(&spkt, &extpkt, 2)) { + if (!WPACKET_close(&idspkt) + || !WPACKET_get_sub_packet_len(&spkt, &extpkt, 2)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -1250,14 +1250,14 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } - if (!PACKETW_allocate_bytes(&extpkt, extlen, &extbytes) + if (!WPACKET_allocate_bytes(&extpkt, extlen, &extbytes) || i2d_X509_EXTENSIONS(s->tlsext_ocsp_exts, &extbytes) != extlen) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } } - if (!PACKETW_close(&extpkt) || !PACKETW_close(&spkt)) { + if (!WPACKET_close(&extpkt) || !WPACKET_close(&spkt)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -1277,11 +1277,11 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) else mode = SSL_DTLSEXT_HB_ENABLED; - if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_heartbeat, 2) + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_heartbeat, 2) /* Sub-packet for Hearbeat extension */ - || !PACKETW_get_sub_packet_len(pkt, &spkt, 2) - || !PACKETW_put_bytes(&spkt, mode, 1) - || !PACKETW_close(&spkt)) { + || !WPACKET_get_sub_packet_len(pkt, &spkt, 2) + || !WPACKET_put_bytes(&spkt, mode, 1) + || !WPACKET_close(&spkt)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -1294,8 +1294,8 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) * The client advertises an empty extension to indicate its support * for Next Protocol Negotiation */ - if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_next_proto_neg, 2) - || !PACKETW_put_bytes(pkt, 0, 2)) { + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_next_proto_neg, 2) + || !WPACKET_put_bytes(pkt, 0, 2)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -1308,18 +1308,18 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) * (see longer comment below) */ if (s->alpn_client_proto_list && !s->s3->tmp.finish_md_len) { - PACKETW plistpkt; + WPACKET plistpkt; - if (!PACKETW_put_bytes(pkt, + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_application_layer_protocol_negotiation, 2) /* Sub-packet ALPN extension */ - || !PACKETW_get_sub_packet_len(pkt, &spkt, 2) + || !WPACKET_get_sub_packet_len(pkt, &spkt, 2) /* Sub-packet for ALPN proto list */ - || !PACKETW_get_sub_packet_len(&spkt, &plistpkt, 2) - || !PACKETW_memcpy(&plistpkt, s->alpn_client_proto_list, + || !WPACKET_get_sub_packet_len(&spkt, &plistpkt, 2) + || !WPACKET_memcpy(&plistpkt, s->alpn_client_proto_list, s->alpn_client_proto_list_len) - || !PACKETW_close(&plistpkt) - || !PACKETW_close(&spkt)) { + || !WPACKET_close(&plistpkt) + || !WPACKET_close(&spkt)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -1330,25 +1330,25 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) STACK_OF(SRTP_PROTECTION_PROFILE) *clnt = 0; SRTP_PROTECTION_PROFILE *prof; int i, ct; - PACKETW plistpkt; + WPACKET plistpkt; - if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_use_srtp, 2) + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_use_srtp, 2) /* Sub-packet for SRTP extension */ - || !PACKETW_get_sub_packet_len(pkt, &spkt, 2) + || !WPACKET_get_sub_packet_len(pkt, &spkt, 2) /* Sub-packet for the protection profile list */ - || !PACKETW_get_sub_packet_len(&spkt, &plistpkt, 2)) { + || !WPACKET_get_sub_packet_len(&spkt, &plistpkt, 2)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } ct = sk_SRTP_PROTECTION_PROFILE_num(clnt); for (i = 0; i < ct; i++) { prof = sk_SRTP_PROTECTION_PROFILE_value(clnt, i); - if (prof == NULL || !PACKETW_put_bytes(&plistpkt, prof->id, 2)) { + if (prof == NULL || !WPACKET_put_bytes(&plistpkt, prof->id, 2)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } } - if (!PACKETW_close(&plistpkt) || !PACKETW_close(&spkt)) { + if (!WPACKET_close(&plistpkt) || !WPACKET_close(&spkt)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -1361,24 +1361,24 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) return 0; } - if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_encrypt_then_mac, 2) - || !PACKETW_put_bytes(pkt, 0, 2)) { + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_encrypt_then_mac, 2) + || !WPACKET_put_bytes(pkt, 0, 2)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } #ifndef OPENSSL_NO_CT if (s->ct_validation_callback != NULL) { - if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_signed_certificate_timestamp, 2) - || !PACKETW_put_bytes(pkt, 0, 2)) { + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_signed_certificate_timestamp, 2) + || !WPACKET_put_bytes(pkt, 0, 2)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } } #endif - if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_extended_master_secret, 2) - || !PACKETW_put_bytes(pkt, 0, 2)) { + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_extended_master_secret, 2) + || !WPACKET_put_bytes(pkt, 0, 2)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -1393,7 +1393,7 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) unsigned char *padbytes; size_t hlen; - if (!PACKETW_get_total_written(pkt, &hlen)) { + if (!WPACKET_get_total_written(pkt, &hlen)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -1405,14 +1405,14 @@ int ssl_add_clienthello_tlsext(SSL *s, PACKETW *pkt, int *al) else hlen = 0; - if (!PACKETW_put_bytes(pkt, TLSEXT_TYPE_padding, 2) - || !PACKETW_get_sub_packet_len(pkt, &spkt, 2) - || !PACKETW_allocate_bytes(&spkt, hlen, &padbytes)) { + if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_padding, 2) + || !WPACKET_get_sub_packet_len(pkt, &spkt, 2) + || !WPACKET_allocate_bytes(&spkt, hlen, &padbytes)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } memset(padbytes, 0, hlen); - if (!PACKETW_close(&spkt)) { + if (!WPACKET_close(&spkt)) { SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR); return 0; } @@ -3335,7 +3335,7 @@ void ssl_set_sig_mask(uint32_t *pmask_a, SSL *s, int op) /* * Old version of the tls12_copy_sigalgs function used by code that has not - * yet been converted to PACKETW yet. It will be deleted once PACKETW conversion + * yet been converted to WPACKET yet. It will be deleted once WPACKET conversion * is complete. * TODO - DELETE ME */ @@ -3353,14 +3353,14 @@ size_t tls12_copy_sigalgs_old(SSL *s, unsigned char *out, return tmpout - out; } -int tls12_copy_sigalgs(SSL *s, PACKETW *pkt, +int tls12_copy_sigalgs(SSL *s, WPACKET *pkt, const unsigned char *psig, size_t psiglen) { size_t i; for (i = 0; i < psiglen; i += 2, psig += 2) { if (tls12_sigalg_allowed(s, SSL_SECOP_SIGALG_SUPPORTED, psig)) { - if (!PACKETW_put_bytes(pkt, psig[0], 1) - || !PACKETW_put_bytes(pkt, psig[1], 1)) + if (!WPACKET_put_bytes(pkt, psig[0], 1) + || !WPACKET_put_bytes(pkt, psig[1], 1)) return 0; } }