projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Don't calculate the Finished MAC twice
[openssl.git] / ssl / s3_msg.c
diff --git a/ssl/s3_msg.c b/ssl/s3_msg.c
index 5e6e7c442895c8ac9005f84328fd877f72e99683..6e102a14fda212f843c1fb83cbc7723e392bb267 100644 (file)
--- a/ssl/s3_msg.c
+++ b/ssl/s3_msg.c
@@ -12,9 +12,6 @@
 int ssl3_do_change_cipher_spec(SSL *s)
 {
     int i;
-    size_t finish_md_len;
-    const char *sender;
-    size_t slen;
 
     if (s->server)
         i = SSL3_CHANGE_CIPHER_SERVER_READ;
@@ -36,26 +33,6 @@ int ssl3_do_change_cipher_spec(SSL *s)
     if (!s->method->ssl3_enc->change_cipher_state(s, i))
         return 0;
 
-    /*
-     * we have to record the message digest at this point so we can get it
-     * before we read the finished message
-     */
-    if (!s->server) {
-        sender = s->method->ssl3_enc->server_finished_label;
-        slen = s->method->ssl3_enc->server_finished_label_len;
-    } else {
-        sender = s->method->ssl3_enc->client_finished_label;
-        slen = s->method->ssl3_enc->client_finished_label_len;
-    }
-
-    finish_md_len = s->method->ssl3_enc->final_finish_mac(s, sender, slen,
-                                            s->s3->tmp.peer_finish_md);
-    if (finish_md_len == 0) {
-        SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-    s->s3->tmp.peer_finish_md_len = finish_md_len;
-
     return 1;
 }
 
Unnamed repository; edit this file 'description' to name the repository.