wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update cookie_len for size_t

Browse source 
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Matt Caswell 2016-10-04 21:04:03 +01:00
parent 12472b4561
commit cb150cbcac
3 changed files with 9 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
ssl/ssl_locl.h
View file

@ -612,7 +612,7 @@ struct ssl_ctx_st {
* Most session-ids that will be cached, default is * Most session-ids that will be cached, default is
* SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited. * SSL_SESSION_CACHE_MAX_SIZE_DEFAULT. 0 is unlimited.
*/ */
size_t session_cache_size; size_t session_cache_size;
struct ssl_session_st *session_cache_head; struct ssl_session_st *session_cache_head;
struct ssl_session_st *session_cache_tail; struct ssl_session_st *session_cache_tail;
/* /*
@ -1378,7 +1378,7 @@ int pqueue_size(pqueue *pq);
typedef struct dtls1_state_st { typedef struct dtls1_state_st {
unsigned char cookie[DTLS1_COOKIE_LENGTH]; unsigned char cookie[DTLS1_COOKIE_LENGTH];
unsigned int cookie_len; size_t cookie_len;
unsigned int cookie_verified; unsigned int cookie_verified;
/* handshake message numbers */ /* handshake message numbers */
unsigned short handshake_write_seq; unsigned short handshake_write_seq;
@ -1958,7 +1958,7 @@ void dtls1_stop_timer(SSL *s);
__owur int dtls1_is_timer_expired(SSL *s); __owur int dtls1_is_timer_expired(SSL *s);
void dtls1_double_timeout(SSL *s); void dtls1_double_timeout(SSL *s);
__owur int dtls_raw_hello_verify_request(WPACKET *pkt, unsigned char *cookie, __owur int dtls_raw_hello_verify_request(WPACKET *pkt, unsigned char *cookie,
unsigned char cookie_len); size_t cookie_len);
__owur int dtls1_send_newsession_ticket(SSL *s); __owur int dtls1_send_newsession_ticket(SSL *s);
__owur size_t dtls1_min_mtu(SSL *s); __owur size_t dtls1_min_mtu(SSL *s);
void dtls1_hm_fragment_free(hm_fragment *frag); void dtls1_hm_fragment_free(hm_fragment *frag);

2
ssl/statem/statem_clnt.c
View file

@ -870,7 +870,7 @@ int tls_construct_client_hello(SSL *s, WPACKET *pkt)
MSG_PROCESS_RETURN dtls_process_hello_verify(SSL *s, PACKET *pkt) MSG_PROCESS_RETURN dtls_process_hello_verify(SSL *s, PACKET *pkt)
{ {
int al; int al;
unsigned int cookie_len; size_t cookie_len;
PACKET cookiepkt; PACKET cookiepkt;
if (!PACKET_forward(pkt, 2) if (!PACKET_forward(pkt, 2)

8
ssl/statem/statem_srvr.c
View file

@ -853,7 +853,7 @@ static int ssl_check_srp_ext_ClientHello(SSL *s, int *al)
#endif #endif
int dtls_raw_hello_verify_request(WPACKET *pkt, unsigned char *cookie, int dtls_raw_hello_verify_request(WPACKET *pkt, unsigned char *cookie,
unsigned char cookie_len) size_t cookie_len)
{ {
/* Always use DTLS 1.0 version: see RFC 6347 */ /* Always use DTLS 1.0 version: see RFC 6347 */
if (!WPACKET_put_bytes_u16(pkt, DTLS1_VERSION) if (!WPACKET_put_bytes_u16(pkt, DTLS1_VERSION)
@ -865,14 +865,16 @@ int dtls_raw_hello_verify_request(WPACKET *pkt, unsigned char *cookie,
int dtls_construct_hello_verify_request(SSL *s, WPACKET *pkt) int dtls_construct_hello_verify_request(SSL *s, WPACKET *pkt)
{ {
unsigned int cookie_leni;
if (s->ctx->app_gen_cookie_cb == NULL || if (s->ctx->app_gen_cookie_cb == NULL ||
s->ctx->app_gen_cookie_cb(s, s->d1->cookie, s->ctx->app_gen_cookie_cb(s, s->d1->cookie,
&(s->d1->cookie_len)) == 0 || &cookie_leni) == 0 ||
s->d1->cookie_len > 255) { cookie_leni > 255) {
SSLerr(SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST, SSLerr(SSL_F_DTLS_CONSTRUCT_HELLO_VERIFY_REQUEST,
SSL_R_COOKIE_GEN_CALLBACK_FAILURE); SSL_R_COOKIE_GEN_CALLBACK_FAILURE);
return 0; return 0;
} }
s->d1->cookie_len = cookie_leni;
if (!dtls_raw_hello_verify_request(pkt, s->d1->cookie, if (!dtls_raw_hello_verify_request(pkt, s->d1->cookie,
s->d1->cookie_len)) { s->d1->cookie_len)) {