The branch master has been updated
       via  08029dfa03c0ee3a50f373017143aaae5f87d17f (commit)
       via  85a7a5e6ef633d2b01ef9792463a36b507a35a6a (commit)
       via  4f89bfbf1538eb5ad502f646f78f4e40092bfcfe (commit)
      from  418a18a2deddc0b0d6181de0008219c899ca6ddf (commit)


- Log -----------------------------------------------------------------
commit 08029dfa03c0ee3a50f373017143aaae5f87d17f
Author: Matt Caswell <m...@openssl.org>
Date:   Tue Sep 20 14:47:44 2016 +0100

    Convert WPACKET_put_bytes to use convenience macros
    
    All the other functions that take an argument for the number of bytes
    use convenience macros for this purpose. We should do the same with
    WPACKET_put_bytes().
    
    Reviewed-by: Rich Salz <rs...@openssl.org>

commit 85a7a5e6ef633d2b01ef9792463a36b507a35a6a
Author: Matt Caswell <m...@openssl.org>
Date:   Tue Sep 20 12:26:46 2016 +0100

    Convert CCS construction to WPACKET
    
    Reviewed-by: Rich Salz <rs...@openssl.org>

commit 4f89bfbf1538eb5ad502f646f78f4e40092bfcfe
Author: Matt Caswell <m...@openssl.org>
Date:   Tue Sep 20 12:19:18 2016 +0100

    Convert Finished construction to WPACKET
    
    Reviewed-by: Rich Salz <rs...@openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 ssl/packet.c             |  2 +-
 ssl/packet_locl.h        | 18 +++++++++++++--
 ssl/s3_lib.c             |  4 ++--
 ssl/statem/statem_clnt.c | 10 ++++----
 ssl/statem/statem_dtls.c | 30 ++++++++++++++++++++----
 ssl/statem/statem_lib.c  | 46 +++++++++++++++++++++++++++----------
 ssl/t1_ext.c             |  2 +-
 ssl/t1_lib.c             | 60 ++++++++++++++++++++++++------------------------
 test/wpackettest.c       | 32 +++++++++++++-------------
 9 files changed, 130 insertions(+), 74 deletions(-)

diff --git a/ssl/packet.c b/ssl/packet.c
index 7d80ebc..6199469 100644
--- a/ssl/packet.c
+++ b/ssl/packet.c
@@ -234,7 +234,7 @@ int WPACKET_start_sub_packet(WPACKET *pkt)
     return WPACKET_start_sub_packet_len__(pkt, 0);
 }
 
-int WPACKET_put_bytes(WPACKET *pkt, unsigned int val, size_t size)
+int WPACKET_put_bytes__(WPACKET *pkt, unsigned int val, size_t size)
 {
     unsigned char *data;
 
diff --git a/ssl/packet_locl.h b/ssl/packet_locl.h
index 0ec5a38..c51d892 100644
--- a/ssl/packet_locl.h
+++ b/ssl/packet_locl.h
@@ -701,9 +701,23 @@ int WPACKET_sub_allocate_bytes__(WPACKET *pkt, size_t len,
  * Write the value stored in |val| into the WPACKET. The value will consume
  * |bytes| amount of storage. An error will occur if |val| cannot be
  * accommodated in |bytes| storage, e.g. attempting to write the value 256 into
- * 1 byte will fail.
+ * 1 byte will fail. Don't call this directly. Use the convenience macros below
+ * instead.
  */
-int WPACKET_put_bytes(WPACKET *pkt, unsigned int val, size_t bytes);
+int WPACKET_put_bytes__(WPACKET *pkt, unsigned int val, size_t bytes);
+
+/*
+ * Convenience macros for calling WPACKET_put_bytes with different
+ * lengths
+ */
+#define WPACKET_put_bytes_u8(pkt, val) \
+    WPACKET_put_bytes__((pkt), (val), 1)
+#define WPACKET_put_bytes_u16(pkt, val) \
+    WPACKET_put_bytes__((pkt), (val), 2)
+#define WPACKET_put_bytes_u24(pkt, val) \
+    WPACKET_put_bytes__((pkt), (val)), 3)
+#define WPACKET_put_bytes_u32(pkt, val) \
+    WPACKET_sub_allocate_bytes__((pkt), (val), 4)
 
 /* Set a maximum size that we will not allow the WPACKET to grow beyond */
 int WPACKET_set_max_size(WPACKET *pkt, size_t maxsize);
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 3749b2c..2a4dc6d 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -2798,7 +2798,7 @@ int ssl3_set_handshake_header(SSL *s, int htype, unsigned 
long len)
 int ssl3_set_handshake_header2(SSL *s, WPACKET *pkt, int htype)
 {
     /* Set the content type and 3 bytes for the message len */
-    if (!WPACKET_put_bytes(pkt, htype, 1)
+    if (!WPACKET_put_bytes_u8(pkt, htype)
             || !WPACKET_start_sub_packet_u24(pkt))
         return 0;
 
@@ -3598,7 +3598,7 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, WPACKET 
*pkt, size_t *len)
         return 1;
     }
 
-    if (!WPACKET_put_bytes(pkt, c->id & 0xffff, 2))
+    if (!WPACKET_put_bytes_u16(pkt, c->id & 0xffff))
         return 0;
 
     *len = 2;
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 95af064..bb7219f 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -782,7 +782,7 @@ int tls_construct_client_hello(SSL *s)
      * client_version in client hello and not resetting it to
      * the negotiated version.
      */
-    if (!WPACKET_put_bytes(&pkt, s->client_version, 2)
+    if (!WPACKET_put_bytes_u16(&pkt, s->client_version)
             || !WPACKET_memcpy(&pkt, s->s3->client_random, SSL3_RANDOM_SIZE)) {
         SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
         goto err;
@@ -834,7 +834,7 @@ int tls_construct_client_hello(SSL *s)
         int compnum = sk_SSL_COMP_num(s->ctx->comp_methods);
         for (i = 0; i < compnum; i++) {
             comp = sk_SSL_COMP_value(s->ctx->comp_methods, i);
-            if (!WPACKET_put_bytes(&pkt, comp->id, 1)) {
+            if (!WPACKET_put_bytes_u8(&pkt, comp->id)) {
                 SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
                 goto err;
             }
@@ -842,7 +842,7 @@ int tls_construct_client_hello(SSL *s)
     }
 #endif
     /* Add the NULL method */
-    if (!WPACKET_put_bytes(&pkt, 0, 1) || !WPACKET_close(&pkt)) {
+    if (!WPACKET_put_bytes_u8(&pkt, 0) || !WPACKET_close(&pkt)) {
         SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
         goto err;
     }
@@ -2424,8 +2424,8 @@ static int tls_construct_cke_gost(SSL *s, WPACKET *pkt, 
int *al)
         goto err;
     }
 
-    if (!WPACKET_put_bytes(pkt, V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED, 1)
-            || (msglen >= 0x80 && !WPACKET_put_bytes(pkt, 0x81, 1))
+    if (!WPACKET_put_bytes_u8(pkt, V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)
+            || (msglen >= 0x80 && !WPACKET_put_bytes_u8(pkt, 0x81))
             || !WPACKET_sub_memcpy_u8(pkt, tmp, msglen)) {
         *al = SSL_AD_INTERNAL_ERROR;
         SSLerr(SSL_F_TLS_CONSTRUCT_CKE_GOST, ERR_R_INTERNAL_ERROR);
diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c
index b9a53b0..f892f0f 100644
--- a/ssl/statem/statem_dtls.c
+++ b/ssl/statem/statem_dtls.c
@@ -873,19 +873,33 @@ static int dtls_get_reassembled_message(SSL *s, long *len)
  */
 int dtls_construct_change_cipher_spec(SSL *s)
 {
-    unsigned char *p;
+    WPACKET pkt;
+
+    if (!WPACKET_init(&pkt, s->init_buf)
+            || !WPACKET_put_bytes_u8(&pkt, SSL3_MT_CCS)) {
+        SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
 
-    p = (unsigned char *)s->init_buf->data;
-    *p++ = SSL3_MT_CCS;
     s->d1->handshake_write_seq = s->d1->next_handshake_write_seq;
     s->init_num = DTLS1_CCS_HEADER_LENGTH;
 
     if (s->version == DTLS1_BAD_VER) {
         s->d1->next_handshake_write_seq++;
-        s2n(s->d1->handshake_write_seq, p);
+
+        if (!WPACKET_put_bytes_u16(&pkt, s->d1->handshake_write_seq)) {
+            SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
+            goto err;
+        }
+
         s->init_num += 2;
     }
 
+    if (!WPACKET_finish(&pkt)) {
+        SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
+
     s->init_off = 0;
 
     dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
@@ -894,10 +908,16 @@ int dtls_construct_change_cipher_spec(SSL *s)
     /* buffer the message to handle re-xmits */
     if (!dtls1_buffer_message(s, 1)) {
         SSLerr(SSL_F_DTLS_CONSTRUCT_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
-        return 0;
+        goto err    ;
     }
 
     return 1;
+ err:
+    WPACKET_cleanup(&pkt);
+    ossl_statem_set_error(s);
+    ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+
+    return 0;
 }
 
 #ifndef OPENSSL_NO_SCTP
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index 882e150..3ffe4e5 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -74,20 +74,29 @@ int tls_close_construct_packet(SSL *s, WPACKET *pkt)
 
 int tls_construct_finished(SSL *s, const char *sender, int slen)
 {
-    unsigned char *p;
     int i;
-    unsigned long l;
+    WPACKET pkt;
 
-    p = ssl_handshake_start(s);
+    if (!WPACKET_init(&pkt, s->init_buf)
+            || !ssl_set_handshake_header2(s, &pkt, SSL3_MT_FINISHED)) {
+        SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
 
     i = s->method->ssl3_enc->final_finish_mac(s,
                                               sender, slen,
                                               s->s3->tmp.finish_md);
-    if (i <= 0)
-        return 0;
+    if (i <= 0) {
+        SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
+
     s->s3->tmp.finish_md_len = i;
-    memcpy(p, s->s3->tmp.finish_md, i);
-    l = i;
+
+    if (!WPACKET_memcpy(&pkt, s->s3->tmp.finish_md, i)) {
+        SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
+        goto err;
+    }
 
     /*
      * Copy the finished so we can use it for renegotiation checks
@@ -102,12 +111,17 @@ int tls_construct_finished(SSL *s, const char *sender, 
int slen)
         s->s3->previous_server_finished_len = i;
     }
 
-    if (!ssl_set_handshake_header(s, SSL3_MT_FINISHED, l)) {
+    if (!ssl_close_construct_packet(s, &pkt)) {
         SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
-        return 0;
+        goto err;
     }
 
     return 1;
+ err:
+    ossl_statem_set_error(s);
+    WPACKET_cleanup(&pkt);
+    ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+    return 0;
 }
 
 #ifndef OPENSSL_NO_NEXTPROTONEG
@@ -255,10 +269,18 @@ MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET 
*pkt)
 
 int tls_construct_change_cipher_spec(SSL *s)
 {
-    unsigned char *p;
+    WPACKET pkt;
+
+    if (!WPACKET_init(&pkt, s->init_buf)
+            || !WPACKET_put_bytes_u8(&pkt, SSL3_MT_CCS)
+            || !WPACKET_finish(&pkt)) {
+        WPACKET_cleanup(&pkt);
+        ossl_statem_set_error(s);
+        SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
+        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+        return 0;
+    }
 
-    p = (unsigned char *)s->init_buf->data;
-    *p = SSL3_MT_CCS;
     s->init_num = 1;
     s->init_off = 0;
 
diff --git a/ssl/t1_ext.c b/ssl/t1_ext.c
index 664906c..099a0ae 100644
--- a/ssl/t1_ext.c
+++ b/ssl/t1_ext.c
@@ -171,7 +171,7 @@ int custom_ext_add(SSL *s, int server, WPACKET *pkt, int 
*al)
                 continue;       /* skip this extension */
         }
 
-        if (!WPACKET_put_bytes(pkt, meth->ext_type, 2)
+        if (!WPACKET_put_bytes_u16(pkt, meth->ext_type)
                 || !WPACKET_start_sub_packet_u16(pkt)
                 || (outlen > 0 && !WPACKET_memcpy(pkt, out, outlen))
                 || !WPACKET_close(pkt)) {
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index eea7802..035353c 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1039,7 +1039,7 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int 
*al)
 
     /* Add RI if renegotiating */
     if (s->renegotiate) {
-        if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_renegotiate, 2)
+        if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_renegotiate)
                 || !WPACKET_sub_memcpy_u16(pkt, 
s->s3->previous_client_finished,
                                    s->s3->previous_client_finished_len)) {
             SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
@@ -1052,12 +1052,12 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, 
int *al)
 
     if (s->tlsext_hostname != NULL) {
         /* Add TLS extension servername to the Client Hello message */
-        if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_server_name, 2)
+        if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_server_name)
                    /* Sub-packet for server_name extension */
                 || !WPACKET_start_sub_packet_u16(pkt)
                    /* Sub-packet for servername list (always 1 hostname)*/
                 || !WPACKET_start_sub_packet_u16(pkt)
-                || !WPACKET_put_bytes(pkt, TLSEXT_NAMETYPE_host_name, 1)
+                || !WPACKET_put_bytes_u8(pkt, TLSEXT_NAMETYPE_host_name)
                 || !WPACKET_sub_memcpy_u16(pkt, s->tlsext_hostname,
                                            strlen(s->tlsext_hostname))
                 || !WPACKET_close(pkt)
@@ -1069,7 +1069,7 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int 
*al)
 #ifndef OPENSSL_NO_SRP
     /* Add SRP username if there is one */
     if (s->srp_ctx.login != NULL) {
-        if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_srp, 2)
+        if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_srp)
                    /* Sub-packet for SRP extension */
                 || !WPACKET_start_sub_packet_u16(pkt)
                 || !WPACKET_start_sub_packet_u8(pkt)
@@ -1096,7 +1096,7 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int 
*al)
 
         tls1_get_formatlist(s, &pformats, &num_formats);
 
-        if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_ec_point_formats, 2)
+        if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_ec_point_formats)
                    /* Sub-packet for formats extension */
                 || !WPACKET_start_sub_packet_u16(pkt)
                 || !WPACKET_sub_memcpy_u8(pkt, pformats, num_formats)
@@ -1114,7 +1114,7 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int 
*al)
             return 0;
         }
 
-        if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_elliptic_curves, 2)
+        if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_elliptic_curves)
                    /* Sub-packet for curves extension */
                 || !WPACKET_start_sub_packet_u16(pkt)
                 || !WPACKET_start_sub_packet_u16(pkt)) {
@@ -1124,8 +1124,8 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int 
*al)
         /* Copy curve ID if supported */
         for (i = 0; i < num_curves; i++, pcurves += 2) {
             if (tls_curve_allowed(s, pcurves, SSL_SECOP_CURVE_SUPPORTED)) {
-                if (!WPACKET_put_bytes(pkt, pcurves[0], 1)
-                    || !WPACKET_put_bytes(pkt, pcurves[1], 1)) {
+                if (!WPACKET_put_bytes_u8(pkt, pcurves[0])
+                    || !WPACKET_put_bytes_u8(pkt, pcurves[1])) {
                         SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT,
                                ERR_R_INTERNAL_ERROR);
                         return 0;
@@ -1160,7 +1160,7 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int 
*al)
             s->tlsext_session_ticket->data == NULL)
             goto skip_ext;
 
-        if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_session_ticket, 2)
+        if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_session_ticket)
                 || !WPACKET_sub_memcpy_u16(pkt, s->session->tlsext_tick,
                                            ticklen)) {
             SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
@@ -1175,7 +1175,7 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int 
*al)
 
         salglen = tls12_get_psigalgs(s, &salg);
 
-        if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_signature_algorithms, 2)
+        if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_signature_algorithms)
                    /* Sub-packet for sig-algs extension */
                 || !WPACKET_start_sub_packet_u16(pkt)
                    /* Sub-packet for the actual list */
@@ -1191,10 +1191,10 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, 
int *al)
     if (s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp) {
         int i;
 
-        if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_status_request, 2)
+        if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_status_request)
                    /* Sub-packet for status request extension */
                 || !WPACKET_start_sub_packet_u16(pkt)
-                || !WPACKET_put_bytes(pkt, TLSEXT_STATUSTYPE_ocsp, 1)
+                || !WPACKET_put_bytes_u8(pkt, TLSEXT_STATUSTYPE_ocsp)
                    /* Sub-packet for the ids */
                 || !WPACKET_start_sub_packet_u16(pkt)) {
             SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
@@ -1255,10 +1255,10 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, 
int *al)
         else
             mode = SSL_DTLSEXT_HB_ENABLED;
 
-        if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_heartbeat, 2)
+        if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_heartbeat)
                    /* Sub-packet for Hearbeat extension */
                 || !WPACKET_start_sub_packet_u16(pkt)
-                || !WPACKET_put_bytes(pkt, mode, 1)
+                || !WPACKET_put_bytes_u8(pkt, mode)
                 || !WPACKET_close(pkt)) {
             SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
             return 0;
@@ -1272,8 +1272,8 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int 
*al)
          * The client advertises an empty extension to indicate its support
          * for Next Protocol Negotiation
          */
-        if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_next_proto_neg, 2)
-                || !WPACKET_put_bytes(pkt, 0, 2)) {
+        if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_next_proto_neg)
+                || !WPACKET_put_bytes_u16(pkt, 0)) {
             SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
             return 0;
         }
@@ -1286,8 +1286,8 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int 
*al)
      * (see longer comment below)
      */
     if (s->alpn_client_proto_list && !s->s3->tmp.finish_md_len) {
-        if (!WPACKET_put_bytes(pkt,
-                    TLSEXT_TYPE_application_layer_protocol_negotiation, 2)
+        if (!WPACKET_put_bytes_u16(pkt,
+                    TLSEXT_TYPE_application_layer_protocol_negotiation)
                    /* Sub-packet ALPN extension */
                 || !WPACKET_start_sub_packet_u16(pkt)
                 || !WPACKET_sub_memcpy_u16(pkt, s->alpn_client_proto_list,
@@ -1304,7 +1304,7 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int 
*al)
         SRTP_PROTECTION_PROFILE *prof;
         int i, ct;
 
-        if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_use_srtp, 2)
+        if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_use_srtp)
                    /* Sub-packet for SRTP extension */
                 || !WPACKET_start_sub_packet_u16(pkt)
                    /* Sub-packet for the protection profile list */
@@ -1315,7 +1315,7 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int 
*al)
         ct = sk_SRTP_PROTECTION_PROFILE_num(clnt);
         for (i = 0; i < ct; i++) {
             prof = sk_SRTP_PROTECTION_PROFILE_value(clnt, i);
-            if (prof == NULL || !WPACKET_put_bytes(pkt, prof->id, 2)) {
+            if (prof == NULL || !WPACKET_put_bytes_u16(pkt, prof->id)) {
                 SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
                 return 0;
             }
@@ -1333,24 +1333,24 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, 
int *al)
         return 0;
     }
 
-    if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_encrypt_then_mac, 2)
-            || !WPACKET_put_bytes(pkt, 0, 2)) {
+    if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_encrypt_then_mac)
+            || !WPACKET_put_bytes_u16(pkt, 0)) {
         SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
         return 0;
     }
 
 #ifndef OPENSSL_NO_CT
     if (s->ct_validation_callback != NULL) {
-        if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_signed_certificate_timestamp, 
2)
-                || !WPACKET_put_bytes(pkt, 0, 2)) {
+        if (!WPACKET_put_bytes_u16(pkt, 
TLSEXT_TYPE_signed_certificate_timestamp)
+                || !WPACKET_put_bytes_u16(pkt, 0)) {
             SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
             return 0;
         }
     }
 #endif
 
-    if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_extended_master_secret, 2)
-            || !WPACKET_put_bytes(pkt, 0, 2)) {
+    if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_extended_master_secret)
+            || !WPACKET_put_bytes_u16(pkt, 0)) {
         SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
         return 0;
     }
@@ -1377,7 +1377,7 @@ int ssl_add_clienthello_tlsext(SSL *s, WPACKET *pkt, int 
*al)
             else
                 hlen = 0;
 
-            if (!WPACKET_put_bytes(pkt, TLSEXT_TYPE_padding, 2)
+            if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_padding)
                     || !WPACKET_sub_allocate_bytes_u16(pkt, hlen, &padbytes)) {
                 SSLerr(SSL_F_SSL_ADD_CLIENTHELLO_TLSEXT, ERR_R_INTERNAL_ERROR);
                 return 0;
@@ -3131,7 +3131,7 @@ int tls12_get_sigandhash(WPACKET *pkt, const EVP_PKEY 
*pk, const EVP_MD *md)
     sig_id = tls12_get_sigid(pk);
     if (sig_id == -1)
         return 0;
-    if (!WPACKET_put_bytes(pkt, md_id, 1) || !WPACKET_put_bytes(pkt, sig_id, 
1))
+    if (!WPACKET_put_bytes_u8(pkt, md_id) || !WPACKET_put_bytes_u8(pkt, 
sig_id))
         return 0;
 
     return 1;
@@ -3352,8 +3352,8 @@ int tls12_copy_sigalgs(SSL *s, WPACKET *pkt,
 
     for (i = 0; i < psiglen; i += 2, psig += 2) {
         if (tls12_sigalg_allowed(s, SSL_SECOP_SIGALG_SUPPORTED, psig)) {
-            if (!WPACKET_put_bytes(pkt, psig[0], 1)
-                    || !WPACKET_put_bytes(pkt, psig[1], 1))
+            if (!WPACKET_put_bytes_u8(pkt, psig[0])
+                    || !WPACKET_put_bytes_u8(pkt, psig[1]))
                 return 0;
         }
     }
diff --git a/test/wpackettest.c b/test/wpackettest.c
index ac712b4..2cb9e72 100644
--- a/test/wpackettest.c
+++ b/test/wpackettest.c
@@ -36,7 +36,7 @@ static int test_WPACKET_init(void)
     size_t written;
 
     if (!WPACKET_init(&pkt, buf)
-            || !WPACKET_put_bytes(&pkt, 0xff, 1)
+            || !WPACKET_put_bytes_u8(&pkt, 0xff)
                 /* Closing a top level WPACKET should fail */
             ||  WPACKET_close(&pkt)
                 /* Finishing a top level WPACKET should succeed */
@@ -56,7 +56,7 @@ static int test_WPACKET_init(void)
 
     /* Now try with a one byte length prefix */
     if (!WPACKET_init_len(&pkt, buf, 1)
-            || !WPACKET_put_bytes(&pkt, 0xff, 1)
+            || !WPACKET_put_bytes_u8(&pkt, 0xff)
             || !WPACKET_finish(&pkt)
             || !WPACKET_get_total_written(&pkt, &written)
             ||  written != sizeof(simple2)
@@ -67,7 +67,7 @@ static int test_WPACKET_init(void)
 
     /* And a longer length prefix */
     if (!WPACKET_init_len(&pkt, buf, 4)
-            || !WPACKET_put_bytes(&pkt, 0xff, 1)
+            || !WPACKET_put_bytes_u8(&pkt, 0xff)
             || !WPACKET_finish(&pkt)
             || !WPACKET_get_total_written(&pkt, &written)
             ||  written != sizeof(simple3)
@@ -85,7 +85,7 @@ static int test_WPACKET_init(void)
          * Putting more bytes in than fit for the size of the length prefix
          * should fail
          */
-        if ((!WPACKET_put_bytes(&pkt, 0xff, 1)) == (i != 256)) {
+        if ((!WPACKET_put_bytes_u8(&pkt, 0xff)) == (i != 256)) {
             testfail("test_WPACKET_init():4 failed\n", &pkt);
             return 0;
         }
@@ -136,13 +136,13 @@ static int test_WPACKET_set_max_size(void)
                 /*
                  * Should fail because packet is already filled
                  */
-            ||  WPACKET_put_bytes(&pkt, 0xff, 1)
+            ||  WPACKET_put_bytes_u8(&pkt, 0xff)
                 /*
                  * You can't put in more bytes than max size
                  */
             || !WPACKET_set_max_size(&pkt, 0x02)
-            || !WPACKET_put_bytes(&pkt, 0xff, 1)
-            ||  WPACKET_put_bytes(&pkt, 0xff, 1)
+            || !WPACKET_put_bytes_u8(&pkt, 0xff)
+            ||  WPACKET_put_bytes_u8(&pkt, 0xff)
             || !WPACKET_finish(&pkt)
             || !WPACKET_get_total_written(&pkt, &written)
             ||  written != sizeof(simple2)
@@ -162,7 +162,7 @@ static int test_WPACKET_start_sub_packet(void)
 
     if (!WPACKET_init(&pkt, buf)
             || !WPACKET_start_sub_packet(&pkt)
-            || !WPACKET_put_bytes(&pkt, 0xff, 1)
+            || !WPACKET_put_bytes_u8(&pkt, 0xff)
                 /* Can't finish because we have a sub packet */
             ||  WPACKET_finish(&pkt)
             || !WPACKET_close(&pkt)
@@ -180,7 +180,7 @@ static int test_WPACKET_start_sub_packet(void)
    /* Single sub-packet with length prefix */
     if (!WPACKET_init(&pkt, buf)
             || !WPACKET_start_sub_packet_u8(&pkt)
-            || !WPACKET_put_bytes(&pkt, 0xff, 1)
+            || !WPACKET_put_bytes_u8(&pkt, 0xff)
             || !WPACKET_close(&pkt)
             || !WPACKET_finish(&pkt)
             || !WPACKET_get_total_written(&pkt, &written)
@@ -193,9 +193,9 @@ static int test_WPACKET_start_sub_packet(void)
     /* Nested sub-packets with length prefixes */
     if (!WPACKET_init(&pkt, buf)
             || !WPACKET_start_sub_packet_u8(&pkt)
-            || !WPACKET_put_bytes(&pkt, 0xff, 1)
+            || !WPACKET_put_bytes_u8(&pkt, 0xff)
             || !WPACKET_start_sub_packet_u8(&pkt)
-            || !WPACKET_put_bytes(&pkt, 0xff, 1)
+            || !WPACKET_put_bytes_u8(&pkt, 0xff)
             || !WPACKET_get_length(&pkt, &len)
             || len != 1
             || !WPACKET_close(&pkt)
@@ -213,10 +213,10 @@ static int test_WPACKET_start_sub_packet(void)
     /* Sequential sub-packets with length prefixes */
     if (!WPACKET_init(&pkt, buf)
             || !WPACKET_start_sub_packet_u8(&pkt)
-            || !WPACKET_put_bytes(&pkt, 0xff, 1)
+            || !WPACKET_put_bytes_u8(&pkt, 0xff)
             || !WPACKET_close(&pkt)
             || !WPACKET_start_sub_packet_u8(&pkt)
-            || !WPACKET_put_bytes(&pkt, 0xff, 1)
+            || !WPACKET_put_bytes_u8(&pkt, 0xff)
             || !WPACKET_close(&pkt)
             || !WPACKET_finish(&pkt)
             || !WPACKET_get_total_written(&pkt, &written)
@@ -240,7 +240,7 @@ static int test_WPACKET_set_flags(void)
             || !WPACKET_set_flags(&pkt, WPACKET_FLAGS_NON_ZERO_LENGTH)
                 /* Should fail because of zero length */
             ||  WPACKET_finish(&pkt)
-            || !WPACKET_put_bytes(&pkt, 0xff, 1)
+            || !WPACKET_put_bytes_u8(&pkt, 0xff)
             || !WPACKET_finish(&pkt)
             || !WPACKET_get_total_written(&pkt, &written)
             ||  written != sizeof(simple1)
@@ -255,7 +255,7 @@ static int test_WPACKET_set_flags(void)
             || !WPACKET_set_flags(&pkt, WPACKET_FLAGS_NON_ZERO_LENGTH)
                 /* Should fail because of zero length */
             ||  WPACKET_close(&pkt)
-            || !WPACKET_put_bytes(&pkt, 0xff, 1)
+            || !WPACKET_put_bytes_u8(&pkt, 0xff)
             || !WPACKET_close(&pkt)
             || !WPACKET_finish(&pkt)
             || !WPACKET_get_total_written(&pkt, &written)
@@ -292,7 +292,7 @@ static int test_WPACKET_set_flags(void)
     if (!WPACKET_init(&pkt, buf)
             || !WPACKET_start_sub_packet_u8(&pkt)
             || !WPACKET_set_flags(&pkt, WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH)
-            || !WPACKET_put_bytes(&pkt, 0xff, 1)
+            || !WPACKET_put_bytes_u8(&pkt, 0xff)
             || !WPACKET_close(&pkt)
             || !WPACKET_finish(&pkt)
             || !WPACKET_get_total_written(&pkt, &written)
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

Reply via email to