Update cookie_len for size_t

Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Matt Caswell 2016-10-04 21:04:03 +01:00
parent 12472b4561
commit cb150cbcac
3 changed files with 9 additions and 7 deletions

View file

@ -1378,7 +1378,7 @@ int pqueue_size(pqueue *pq);
typedef struct dtls1_state_st { typedef struct dtls1_state_st {
unsigned char cookie[DTLS1_COOKIE_LENGTH]; unsigned char cookie[DTLS1_COOKIE_LENGTH];
unsigned int cookie_len; size_t cookie_len;
unsigned int cookie_verified; unsigned int cookie_verified;
/* handshake message numbers */ /* handshake message numbers */
unsigned short handshake_write_seq; unsigned short handshake_write_seq;
@ -1958,7 +1958,7 @@ void dtls1_stop_timer(SSL *s);
__owur int dtls1_is_timer_expired(SSL *s); __owur int dtls1_is_timer_expired(SSL *s);
void dtls1_double_timeout(SSL *s); void dtls1_double_timeout(SSL *s);
__owur int dtls_raw_hello_verify_request(WPACKET *pkt, unsigned char *cookie, __owur int dtls_raw_hello_verify_request(WPACKET *pkt, unsigned char *cookie,
unsigned char cookie_len); size_t cookie_len);
__owur int dtls1_send_newsession_ticket(SSL *s); __owur int dtls1_send_newsession_ticket(SSL *s);
__owur size_t dtls1_min_mtu(SSL *s); __owur size_t dtls1_min_mtu(SSL *s);
void dtls1_hm_fragment_free(hm_fragment *frag); void dtls1_hm_fragment_free(hm_fragment *frag);

View file

@ -870,7 +870,7 @@ int tls_construct_client_hello(SSL *s, WPACKET *pkt)
MSG_PROCESS_RETURN dtls_process_hello_verify(SSL *s, PACKET *pkt) MSG_PROCESS_RETURN dtls_process_hello_verify(SSL *s, PACKET *pkt)
{ {
int al; int al;
unsigned int cookie_len; size_t cookie_len;
PACKET cookiepkt; PACKET cookiepkt;
if (!PACKET_forward(pkt, 2) if (!PACKET_forward(pkt, 2)

View file

@ -853,7 +853,7 @@ static int ssl_check_srp_ext_ClientHello(SSL *s, int *al)
#endif #endif
int dtls_raw_hello_verify_request(WPACKET *pkt, unsigned char *cookie, int dtls_raw_hello_verify_request(WPACKET *pkt, unsigned char *cookie,
unsigned char cookie_len) size_t cookie_len)
{ {
/* Always use DTLS 1.0 version: see RFC 6347 */ /* Always use DTLS 1.0 version: see RFC 6347 */
if (!WPACKET_put_bytes_u16(pkt, DTLS1_VERSION) if (!WPACKET_put_bytes_u16(pkt, DTLS1_VERSION)
@ -865,14 +865,16 @@ int dtls_raw_hello_verify_request(WPACKET *pkt, unsigned char *cookie,
int dtls_construct_hello_verify_request(SSL *s, WPACKET *pkt) int dtls_construct_hello_verify_request(SSL *s, WPACKET *pkt)
{ {
unsigned int cookie_leni;
if (s->ctx->app_gen_cookie_cb == NULL || if (s->ctx->app_gen_cookie_cb == NULL ||
s->ctx->app_gen_cookie_cb(s, s->d1->cookie, s->ctx->app_gen_cookie_cb(s, s->d1->cookie,
&(s->d1->cookie_len)) == 0 || &cookie_leni) == 0 ||
s->d1->cookie_len > 255) { cookie_leni > 255) {
SSLerr(SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST, SSLerr(SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST,
SSL_R_COOKIE_GEN_CALLBACK_FAILURE); SSL_R_COOKIE_GEN_CALLBACK_FAILURE);
return 0; return 0;
} }
s->d1->cookie_len = cookie_leni;
if (!dtls_raw_hello_verify_request(pkt, s->d1->cookie, if (!dtls_raw_hello_verify_request(pkt, s->d1->cookie,
s->d1->cookie_len)) { s->d1->cookie_len)) {