Port ssl3_get_client_hello to CBS. Also fix some DTLS cookie bugs. rcvd_cookie is never referenced after being saved (and the length isn't saved, so it couldn't be used anyway), and the cookie verification failed to check the length. For convenience, add a CBS_mem_equal helper function. Saves a bit of repetition. Change-Id: I187137733b069f0ac8d8b1bf151eeb80d388b971 Reviewed-on: https://boringssl-review.googlesource.com/1174 Reviewed-by: Adam Langley <agl@google.com>

commit: 22f9bccde5ebd742c36f02fe05e45880221b2239 [log] [tgz]
author: David Benjamin <davidben@chromium.org> Sun Jul 13 12:29:21 2014 -0400
committer: Adam Langley <agl@google.com> Tue Jul 15 18:30:09 2014 +0000
tree: b7da369edb63daaf93b8a9e25e82a392dcdef8a0
parent: 14c83e7d00d9ce97d9810a20ac1156fa3099d14c [diff] [blame]
diff --git a/include/openssl/bytestring.h b/include/openssl/bytestring.h
index 631acdd..544a5d5 100644
--- a/include/openssl/bytestring.h
+++ b/include/openssl/bytestring.h

@@ -73,6 +73,11 @@
  * a NUL byte and zero otherwise. */
 int CBS_contains_zero_byte(const CBS *cbs);
 
+/* CBS_mem_equal compares the current contents of |cbs| with the |len| bytes
+ * starting at |data|. If they're equal, it returns one, otherwise zero. If the
+ * lengths match, it uses a constant-time comparison. */
+int CBS_mem_equal(const CBS *cbs, const uint8_t *data, size_t len);
+
 /* CBS_get_u8 sets |*out| to the next uint8_t from |cbs| and advances |cbs|. It
  * returns one on success and zero on error. */
 int CBS_get_u8(CBS *cbs, uint8_t *out);
commit	22f9bccde5ebd742c36f02fe05e45880221b2239	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Sun Jul 13 12:29:21 2014 -0400
committer	Adam Langley <agl@google.com>	Tue Jul 15 18:30:09 2014 +0000
tree	b7da369edb63daaf93b8a9e25e82a392dcdef8a0
parent	14c83e7d00d9ce97d9810a20ac1156fa3099d14c [diff] [blame]