Google Git
Sign in
pigweed/third_party/github/google/boringssl/fbdfefb76e8a81fd05f24be5d8c3f8732a5e6223^!/./ssl/ssl_locl.h
commit
fbdfefb76e8a81fd05f24be5d8c3f8732a5e6223
[log]
author
David Benjamin <davidben@chromium.org>
Mon Feb 16 19:33:53 2015 -0500
committer
Adam Langley <agl@google.com>
Tue Feb 17 21:01:37 2015 +0000
tree
19e2525a6c0a0b7e3570cd7a68d06a1ef6279de0
parent
9d0847ae6dc2a54f2c673e82fe4ede2570923710 [diff] [blame]
Handle failures in ssl3_finish_mac.

It may fail because the BIO_write to the memory BIO can allocate.
Unfortunately, this bubbles up pretty far up now that we've moved the handshake
hash to ssl3_set_handshake_header.

Change-Id: I58884347a4456bb974ac4783078131522167e29d
Reviewed-on: https://boringssl-review.googlesource.com/3483
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index c7abe79..9d77c91 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h

@@ -583,7 +583,7 @@
   /* Handshake header length */
   unsigned int hhlen;
   /* Set the handshake header */
-  void (*set_handshake_header)(SSL *s, int type, unsigned long len);
+  int (*set_handshake_header)(SSL *s, int type, unsigned long len);
   /* Write out handshake message */
   int (*do_write)(SSL *s);
 };
@@ -732,9 +732,9 @@
 long ssl3_get_message(SSL *s, int header_state, int body_state, int msg_type,
                       long max, int hash_message, int *ok);
 
-/* ssl3_hash_current_message incorporates the current handshake message into
- * the handshake hash. */
-void ssl3_hash_current_message(SSL *s);
+/* ssl3_hash_current_message incorporates the current handshake message into the
+ * handshake hash. It returns one on success and zero on allocation failure. */
+int ssl3_hash_current_message(SSL *s);
 
 /* ssl3_cert_verify_hash writes the CertificateVerify hash into the bytes
  * pointed to by |out| and writes the number of bytes to |*out_len|. |out| must
@@ -756,7 +756,7 @@
 int ssl3_write_bytes(SSL *s, int type, const void *buf, int len);
 int ssl3_final_finish_mac(SSL *s, const char *sender, int slen, uint8_t *p);
 int ssl3_cert_verify_mac(SSL *s, int md_nid, uint8_t *p);
-void ssl3_finish_mac(SSL *s, const uint8_t *buf, int len);
+int ssl3_finish_mac(SSL *s, const uint8_t *buf, int len);
 void ssl3_free_digest_list(SSL *s);
 int ssl3_output_cert_chain(SSL *s, CERT_PKEY *cpk);
 const SSL_CIPHER *ssl3_choose_cipher(
@@ -791,7 +791,7 @@
 void ssl3_record_sequence_update(uint8_t *seq);
 int ssl3_do_change_cipher_spec(SSL *ssl);
 
-void ssl3_set_handshake_header(SSL *s, int htype, unsigned long len);
+int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len);
 int ssl3_handshake_write(SSL *s);
 
 int dtls1_do_write(SSL *s, int type);