commit 22f9bccde5ebd742c36f02fe05e45880221b2239
author David Benjamin <davidben@chromium.org> Sun Jul 13 12:29:21 2014 -0400
committer Adam Langley <agl@google.com> Tue Jul 15 18:30:09 2014 +0000
tree b7da369edb63daaf93b8a9e25e82a392dcdef8a0
parent 14c83e7d00d9ce97d9810a20ac1156fa3099d14c

Port ssl3_get_client_hello to CBS.

Also fix some DTLS cookie bugs. rcvd_cookie is never referenced after being
saved (and the length isn't saved, so it couldn't be used anyway), and the
cookie verification failed to check the length.

For convenience, add a CBS_mem_equal helper function. Saves a bit of
repetition.

Change-Id: I187137733b069f0ac8d8b1bf151eeb80d388b971
Reviewed-on: https://boringssl-review.googlesource.com/1174
Reviewed-by: Adam Langley <agl@google.com>

ssl/ssl_sess.c

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 35f9eb6..579627c 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -1089,6 +1089,7 @@
 	ctx->app_gen_cookie_cb=cb;
 	}
 
+/* TODO(davidben): |cookie| should be a const pointer. */
 void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
 	int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len))
 	{