diff options
author | Matt Caswell <matt@openssl.org> | 2016-07-08 10:43:59 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-07-18 23:05:14 +0100 |
commit | 840a2bf8eccc5efa77f84e8470b33ac0c64bb020 (patch) | |
tree | d82ffaee70fa806dc9f9231cc46f021f56eeb03a /ssl/statem | |
parent | e00e0b3d84719e80ed5a8fd48c1162537c2fa12c (diff) |
Split out SRP CKE construction into a separate function
Continuing previous commit to break up the
tls_construct_client_key_exchange() function. This splits out the SRP
code.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl/statem')
-rw-r--r-- | ssl/statem/statem_clnt.c | 56 |
1 files changed, 33 insertions, 23 deletions
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index a9fcf10f32..125f7c4cc9 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2425,6 +2425,36 @@ static int tls_construct_cke_gost(SSL *s, unsigned char **p, int *len, int *al) #endif } +static int tls_construct_cke_srp(SSL *s, unsigned char **p, int *len, int *al) +{ +#ifndef OPENSSL_NO_SRT + if (s->srp_ctx.A != NULL) { + /* send off the data */ + *len = BN_num_bytes(s->srp_ctx.A); + s2n(*len, *p); + BN_bn2bin(s->srp_ctx.A, *p); + *len += 2; + } else { + SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, + ERR_R_INTERNAL_ERROR); + return 0; + } + OPENSSL_free(s->session->srp_username); + s->session->srp_username = OPENSSL_strdup(s->srp_ctx.login); + if (s->session->srp_username == NULL) { + SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, + ERR_R_MALLOC_FAILURE); + return 0; + } + + return 1; +#else + SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); + *al = SSL_AD_INTERNAL_ERROR; + return 0; +#endif +} + int tls_construct_client_key_exchange(SSL *s) { unsigned char *p; @@ -2457,30 +2487,10 @@ int tls_construct_client_key_exchange(SSL *s) } else if (alg_k & SSL_kGOST) { if (!tls_construct_cke_gost(s, &p, &n, &al)) goto err; - } -#ifndef OPENSSL_NO_SRP - else if (alg_k & SSL_kSRP) { - if (s->srp_ctx.A != NULL) { - /* send off the data */ - n = BN_num_bytes(s->srp_ctx.A); - s2n(n, p); - BN_bn2bin(s->srp_ctx.A, p); - n += 2; - } else { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, - ERR_R_INTERNAL_ERROR); - goto err; - } - OPENSSL_free(s->session->srp_username); - s->session->srp_username = OPENSSL_strdup(s->srp_ctx.login); - if (s->session->srp_username == NULL) { - SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, - ERR_R_MALLOC_FAILURE); + } else if (alg_k & SSL_kSRP) { + if (!tls_construct_cke_srp(s, &p, &n, &al)) goto err; - } - } -#endif - else { + } else { ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE); SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto err; |