Remove the special case processing for finished construction
authorMatt Caswell <matt@openssl.org>
Fri, 30 Sep 2016 09:50:57 +0000 (10:50 +0100)
committerMatt Caswell <matt@openssl.org>
Mon, 3 Oct 2016 15:25:48 +0000 (16:25 +0100)
tls_construct_finished() used to have different arguments to all of the
other construction functions. It doesn't anymore, so there is no neeed to
treat it as a special case.

Reviewed-by: Rich Salz <rsalz@openssl.org>
ssl/statem/statem_clnt.c
ssl/statem/statem_lib.c
ssl/statem/statem_locl.h
ssl/statem/statem_srvr.c

index 52c07ea..5e5983a 100644 (file)
@@ -514,7 +514,7 @@ int ossl_statem_client_construct_message(SSL *s, WPACKET *pkt)
 {
     OSSL_STATEM *st = &s->statem;
     int (*confunc) (SSL *s, WPACKET *pkt) = NULL;
-    int ret = 1, mt;
+    int mt;
 
     switch (st->hand_state) {
     default:
@@ -556,26 +556,14 @@ int ossl_statem_client_construct_message(SSL *s, WPACKET *pkt)
         break;
 #endif
     case TLS_ST_CW_FINISHED:
+        confunc = tls_construct_finished;
         mt = SSL3_MT_FINISHED;
         break;
     }
 
-    if (!ssl_set_handshake_header(s, pkt, mt)) {
-        SSLerr(SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE,
-               ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-
-    if (st->hand_state == TLS_ST_CW_FINISHED)
-        ret = tls_construct_finished(s, pkt,
-                                     s->method->
-                                     ssl3_enc->client_finished_label,
-                                     s->method->
-                                     ssl3_enc->client_finished_label_len);
-    else
-        ret = confunc(s, pkt);
-
-    if (!ret || !ssl_close_construct_packet(s, pkt, mt)) {
+    if (!ssl_set_handshake_header(s, pkt, mt)
+            || !confunc(s, pkt)
+            || !ssl_close_construct_packet(s, pkt, mt)) {
         SSLerr(SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE,
                ERR_R_INTERNAL_ERROR);
         return 0;
index fa0032b..c185d7c 100644 (file)
@@ -71,9 +71,19 @@ int tls_close_construct_packet(SSL *s, WPACKET *pkt, int htype)
     return 1;
 }
 
-int tls_construct_finished(SSL *s, WPACKET *pkt, const char *sender, int slen)
+int tls_construct_finished(SSL *s, WPACKET *pkt)
 {
     int i;
+    const char *sender;
+    int slen;
+
+    if (s->server) {
+        sender = s->method->ssl3_enc->server_finished_label;
+        slen = s->method->ssl3_enc->server_finished_label_len;
+    } else {
+        sender = s->method->ssl3_enc->client_finished_label;
+        slen = s->method->ssl3_enc->client_finished_label_len;
+    }
 
     i = s->method->ssl3_enc->final_finish_mac(s,
                                               sender, slen,
index f67361c..57410c1 100644 (file)
@@ -78,8 +78,7 @@ __owur MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt);
 __owur int tls_construct_change_cipher_spec(SSL *s, WPACKET *pkt);
 __owur int dtls_construct_change_cipher_spec(SSL *s, WPACKET *pkt);
 
-__owur int tls_construct_finished(SSL *s, WPACKET *pkt, const char *sender,
-                                  int slen);
+__owur int tls_construct_finished(SSL *s, WPACKET *pkt);
 __owur WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst);
 __owur WORK_STATE dtls_wait_for_dry(SSL *s);
 
index 78850a7..2f070c0 100644 (file)
@@ -623,7 +623,7 @@ int ossl_statem_server_construct_message(SSL *s, WPACKET *pkt)
 {
     OSSL_STATEM *st = &s->statem;
     int (*confunc) (SSL *s, WPACKET *pkt) = NULL;
-    int ret = 1, mt;
+    int mt;
 
     switch (st->hand_state) {
     default:
@@ -684,26 +684,14 @@ int ossl_statem_server_construct_message(SSL *s, WPACKET *pkt)
         break;
 
     case TLS_ST_SW_FINISHED:
+        confunc = tls_construct_finished;
         mt = SSL3_MT_FINISHED;
         break;
     }
 
-    if (!ssl_set_handshake_header(s, pkt, mt)) {
-        SSLerr(SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE,
-               ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-
-    if (st->hand_state == TLS_ST_SW_FINISHED)
-        ret = tls_construct_finished(s, pkt,
-                                     s->method->
-                                     ssl3_enc->server_finished_label,
-                                     s->method->
-                                     ssl3_enc->server_finished_label_len);
-    else if (confunc != NULL)
-        ret = confunc(s, pkt);
-
-    if (!ret || !ssl_close_construct_packet(s, pkt, mt)) {
+    if (!ssl_set_handshake_header(s, pkt, mt)
+            || (confunc != NULL && !confunc(s, pkt))
+            || !ssl_close_construct_packet(s, pkt, mt)) {
         SSLerr(SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE,
                ERR_R_INTERNAL_ERROR);
         return 0;