fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! Refact…

…or code and fix a couple of missing DTLSv1.3 checks.
fwh-dc · May 21, 2024 · 5fb0743 · 5fb0743
1 parent 1816fab
commit 5fb0743
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 4 deletions.
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
@@ -1771,10 +1771,10 @@ int tls_parse_stoc_supported_versions(SSL_CONNECTION *s, PACKET *pkt,
                                       unsigned int context,
                                       X509 *x, size_t chainidx)
 {
-    unsigned int version;
+    int version;
     const int version1_3 = SSL_CONNECTION_IS_DTLS(s) ? DTLS1_3_VERSION : TLS1_3_VERSION;
 
-    if (!PACKET_get_net_2(pkt, &version)
+    if (!PACKET_get_net_2(pkt, (unsigned int*)&version)
             || PACKET_remaining(pkt) != 0) {
         SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_LENGTH_MISMATCH);
         return 0;

diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
@@ -722,7 +722,8 @@ int tls_parse_ctos_cookie(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
                           X509 *x, size_t chainidx)
 {
 #if !(defined(OPENSSL_NO_TLS1_3) && defined(OPENSSL_NO_DTLS1_3))
-    unsigned int format, version, key_share, group_id;
+    unsigned int format, key_share, group_id;
+    int version;
     EVP_MD_CTX *hctx;
     EVP_PKEY *pkey;
     PACKET cookie, raw, chhash, appcookie;
@@ -803,7 +804,7 @@ int tls_parse_ctos_cookie(SSL_CONNECTION *s, PACKET *pkt, unsigned int context,
      */
 
     /* Check the version number is sane */
-    if (!PACKET_get_net_2(&cookie, &version)) {
+    if (!PACKET_get_net_2(&cookie, (unsigned int*)&version)) {
         SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_LENGTH_MISMATCH);
         return 0;
     }