Replace reuse_message with an explicit next_message call.
This means that ssl_get_message (soon to be replaced with a BIO-less
version) is idempotent which avoids the SSL3_ST_SR_KEY_EXCH_B
contortion. It also eases converting the TLS 1.2 state machine. See
https://docs.google.com/a/google.com/document/d/11n7LHsT3GwE34LAJIe3EFs4165TI4UR_3CqiM9LJVpI/edit?usp=sharing
for details.
Bug: 128
Change-Id: Iddd4f951389e8766da07a9de595b552e75f8acf0
Reviewed-on: https://boringssl-review.googlesource.com/18805
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/handshake_server.cc b/ssl/handshake_server.cc
index 907943f..1889177 100644
--- a/ssl/handshake_server.cc
+++ b/ssl/handshake_server.cc
@@ -304,7 +304,6 @@
break;
case SSL3_ST_SR_KEY_EXCH_A:
- case SSL3_ST_SR_KEY_EXCH_B:
ret = ssl3_get_client_key_exchange(hs);
if (ret <= 0) {
goto end;
@@ -925,6 +924,7 @@
hs->transcript.FreeBuffer();
}
+ ssl->method->next_message(ssl);
return 1;
}
@@ -1195,7 +1195,6 @@
/* OpenSSL returns X509_V_OK when no certificates are received. This is
* classed by them as a bug, but it's assumed by at least NGINX. */
hs->new_session->verify_result = X509_V_OK;
- ssl->s3->tmp.reuse_message = 1;
return 1;
}
@@ -1253,14 +1252,12 @@
/* OpenSSL returns X509_V_OK when no certificates are received. This is
* classed by them as a bug, but it's assumed by at least NGINX. */
hs->new_session->verify_result = X509_V_OK;
- return 1;
- }
-
- /* The hash will have been filled in. */
- if (ssl->retain_only_sha256_of_client_certs) {
+ } else if (ssl->retain_only_sha256_of_client_certs) {
+ /* The hash will have been filled in. */
hs->new_session->peer_sha256_valid = 1;
}
+ ssl->method->next_message(ssl);
return 1;
}
@@ -1271,11 +1268,9 @@
size_t premaster_secret_len = 0;
uint8_t *decrypt_buf = NULL;
- if (hs->state == SSL3_ST_SR_KEY_EXCH_A) {
- int ret = ssl->method->ssl_get_message(ssl);
- if (ret <= 0) {
- return ret;
- }
+ int ret = ssl->method->ssl_get_message(ssl);
+ if (ret <= 0) {
+ return ret;
}
if (!ssl_check_message_type(ssl, SSL3_MT_CLIENT_KEY_EXCHANGE)) {
@@ -1349,7 +1344,6 @@
goto err;
case ssl_private_key_retry:
ssl->rwstate = SSL_PRIVATE_KEY_OPERATION;
- hs->state = SSL3_ST_SR_KEY_EXCH_B;
goto err;
}
@@ -1501,6 +1495,7 @@
OPENSSL_cleanse(premaster_secret, premaster_secret_len);
OPENSSL_free(premaster_secret);
+ ssl->method->next_message(ssl);
return 1;
err:
@@ -1606,6 +1601,7 @@
return -1;
}
+ ssl->method->next_message(ssl);
return 1;
}
@@ -1630,14 +1626,15 @@
CBS_len(&next_protocol) != 0) {
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
- return 0;
+ return -1;
}
if (!CBS_stow(&selected_protocol, &ssl->s3->next_proto_negotiated,
&ssl->s3->next_proto_negotiated_len)) {
- return 0;
+ return -1;
}
+ ssl->method->next_message(ssl);
return 1;
}
@@ -1654,6 +1651,7 @@
!ssl_hash_current_message(hs)) {
return -1;
}
+ ssl->method->next_message(ssl);
return 1;
}