Don't set the handshake header in every message
authorMatt Caswell <matt@openssl.org>
Thu, 29 Sep 2016 23:27:40 +0000 (00:27 +0100)
committerMatt Caswell <matt@openssl.org>
Mon, 3 Oct 2016 15:25:48 +0000 (16:25 +0100)
Move setting the handshake header up a level into the state machine code
in order to reduce boilerplate.

Reviewed-by: Rich Salz <rsalz@openssl.org>
include/openssl/ssl.h
ssl/ssl_err.c
ssl/statem/statem_clnt.c
ssl/statem/statem_lib.c
ssl/statem/statem_locl.h
ssl/statem/statem_srvr.c

index 517716f..e0d82f2 100644 (file)
@@ -2078,7 +2078,9 @@ int ERR_load_SSL_strings(void);
 # define SSL_F_DTLS_GET_REASSEMBLED_MESSAGE               370
 # define SSL_F_DTLS_PROCESS_HELLO_VERIFY                  386
 # define SSL_F_OPENSSL_INIT_SSL                           342
+# define SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE       430
 # define SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION         417
+# define SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE       431
 # define SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION         418
 # define SSL_F_READ_STATE_MACHINE                         352
 # define SSL_F_SSL3_CHANGE_CIPHER_STATE                   129
index 9539e67..c1a886a 100644 (file)
@@ -49,8 +49,12 @@ static ERR_STRING_DATA SSL_str_functs[] = {
      "dtls_get_reassembled_message"},
     {ERR_FUNC(SSL_F_DTLS_PROCESS_HELLO_VERIFY), "dtls_process_hello_verify"},
     {ERR_FUNC(SSL_F_OPENSSL_INIT_SSL), "OPENSSL_init_ssl"},
+    {ERR_FUNC(SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE),
+     "ossl_statem_client_construct_message"},
     {ERR_FUNC(SSL_F_OSSL_STATEM_CLIENT_READ_TRANSITION),
      "ossl_statem_client_read_transition"},
+    {ERR_FUNC(SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE),
+     "ossl_statem_server_construct_message"},
     {ERR_FUNC(SSL_F_OSSL_STATEM_SERVER_READ_TRANSITION),
      "ossl_statem_server_read_transition"},
     {ERR_FUNC(SSL_F_READ_STATE_MACHINE), "read_state_machine"},
index 5614d5a..18eaf32 100644 (file)
@@ -513,41 +513,74 @@ WORK_STATE ossl_statem_client_post_work(SSL *s, WORK_STATE wst)
 int ossl_statem_client_construct_message(SSL *s, WPACKET *pkt)
 {
     OSSL_STATEM *st = &s->statem;
+    int (*confunc) (SSL *s, WPACKET *pkt) = NULL;
+    int ret = 1, mt;
 
-    switch (st->hand_state) {
-    default:
-        /* Shouldn't happen */
-        return 0;
+    if (st->hand_state == TLS_ST_CW_CHANGE) {
+        /* Special case becase it is a different content type */
+        if (SSL_IS_DTLS(s))
+            return dtls_construct_change_cipher_spec(s, pkt);
 
-    case TLS_ST_CW_CLNT_HELLO:
-        return tls_construct_client_hello(s, pkt);
+        return tls_construct_change_cipher_spec(s, pkt);
+    } else {
+        switch (st->hand_state) {
+        default:
+            /* Shouldn't happen */
+            return 0;
 
-    case TLS_ST_CW_CERT:
-        return tls_construct_client_certificate(s, pkt);
+        case TLS_ST_CW_CLNT_HELLO:
+            confunc = tls_construct_client_hello;
+            mt = SSL3_MT_CLIENT_HELLO;
+            break;
 
-    case TLS_ST_CW_KEY_EXCH:
-        return tls_construct_client_key_exchange(s, pkt);
+        case TLS_ST_CW_CERT:
+            confunc = tls_construct_client_certificate;
+            mt = SSL3_MT_CERTIFICATE;
+            break;
 
-    case TLS_ST_CW_CERT_VRFY:
-        return tls_construct_client_verify(s, pkt);
+        case TLS_ST_CW_KEY_EXCH:
+            confunc = tls_construct_client_key_exchange;
+            mt = SSL3_MT_CLIENT_KEY_EXCHANGE;
+            break;
 
-    case TLS_ST_CW_CHANGE:
-        if (SSL_IS_DTLS(s))
-            return dtls_construct_change_cipher_spec(s, pkt);
-        else
-            return tls_construct_change_cipher_spec(s, pkt);
+        case TLS_ST_CW_CERT_VRFY:
+            confunc = tls_construct_client_verify;
+            mt = SSL3_MT_CERTIFICATE_VERIFY;
+            break;
 
 #if !defined(OPENSSL_NO_NEXTPROTONEG)
-    case TLS_ST_CW_NEXT_PROTO:
-        return tls_construct_next_proto(s, pkt);
+        case TLS_ST_CW_NEXT_PROTO:
+            confunc = tls_construct_next_proto;
+            mt = SSL3_MT_NEXT_PROTO;
+            break;
 #endif
-    case TLS_ST_CW_FINISHED:
-        return tls_construct_finished(s, pkt,
-                                      s->method->
-                                      ssl3_enc->client_finished_label,
-                                      s->method->
-                                      ssl3_enc->client_finished_label_len);
+        case TLS_ST_CW_FINISHED:
+            mt = SSL3_MT_FINISHED;
+            break;
+        }
+
+        if (!ssl_set_handshake_header(s, pkt, mt)) {
+            SSLerr(SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE,
+                   ERR_R_INTERNAL_ERROR);
+            return 0;
+        }
+
+        if (st->hand_state == TLS_ST_CW_FINISHED)
+            ret = tls_construct_finished(s, pkt,
+                                         s->method->
+                                         ssl3_enc->client_finished_label,
+                                         s->method->
+                                         ssl3_enc->client_finished_label_len);
+        else
+            ret = confunc(s, pkt);
+
+        if (!ret || !ssl_close_construct_packet(s, pkt)) {
+            SSLerr(SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE,
+                   ERR_R_INTERNAL_ERROR);
+            return 0;
+        }
     }
+    return 1;
 }
 
 /*
@@ -736,12 +769,6 @@ int tls_construct_client_hello(SSL *s, WPACKET *pkt)
     if (i && ssl_fill_hello_random(s, 0, p, sizeof(s->s3->client_random)) <= 0)
         return 0;
 
-    if (!ssl_set_handshake_header(s, pkt, SSL3_MT_CLIENT_HELLO)) {
-        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
-        SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-
     /*-
      * version indicates the negotiated version: for example from
      * an SSLv2/v3 compatible client hello). The client_version
@@ -855,11 +882,6 @@ int tls_construct_client_hello(SSL *s, WPACKET *pkt)
         return 0;
     }
 
-    if (!ssl_close_construct_packet(s, pkt)) {
-        SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_HELLO, ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-
     return 1;
 }
 
@@ -2455,12 +2477,6 @@ int tls_construct_client_key_exchange(SSL *s, WPACKET *pkt)
     unsigned long alg_k;
     int al = -1;
 
-    if (!ssl_set_handshake_header(s, pkt, SSL3_MT_CLIENT_KEY_EXCHANGE)) {
-        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
-        SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
     alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
 
     if ((alg_k & SSL_PSK)
@@ -2488,12 +2504,6 @@ int tls_construct_client_key_exchange(SSL *s, WPACKET *pkt)
         goto err;
     }
 
-    if (!ssl_close_construct_packet(s, pkt)) {
-        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
-        SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
     return 1;
  err:
     if (al != -1)
@@ -2582,11 +2592,6 @@ int tls_construct_client_verify(SSL *s, WPACKET *pkt)
     void *hdata;
     unsigned char *sig = NULL;
 
-    if (!ssl_set_handshake_header(s, pkt, SSL3_MT_CERTIFICATE_VERIFY)) {
-        SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
     mctx = EVP_MD_CTX_new();
     if (mctx == NULL) {
         SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_MALLOC_FAILURE);
@@ -2640,11 +2645,6 @@ int tls_construct_client_verify(SSL *s, WPACKET *pkt)
     if (!ssl3_digest_cached_records(s, 0))
         goto err;
 
-    if (!ssl_close_construct_packet(s, pkt)) {
-        SSLerr(SSL_F_TLS_CONSTRUCT_CLIENT_VERIFY, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
     OPENSSL_free(sig);
     EVP_MD_CTX_free(mctx);
     return 1;
@@ -2846,11 +2846,6 @@ int tls_construct_next_proto(SSL *s, WPACKET *pkt)
     size_t len, padding_len;
     unsigned char *padding = NULL;
 
-    if (!ssl_set_handshake_header(s, pkt, SSL3_MT_NEXT_PROTO)) {
-        SSLerr(SSL_F_TLS_CONSTRUCT_NEXT_PROTO, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
     len = s->next_proto_negotiated_len;
     padding_len = 32 - ((len + 2) % 32);
 
@@ -2862,11 +2857,6 @@ int tls_construct_next_proto(SSL *s, WPACKET *pkt)
 
     memset(padding, 0, padding_len);
 
-    if (!ssl_close_construct_packet(s, pkt)) {
-        SSLerr(SSL_F_TLS_CONSTRUCT_NEXT_PROTO, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
     return 1;
  err:
     ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
index a6b1f6b..cac18cc 100644 (file)
@@ -75,11 +75,6 @@ int tls_construct_finished(SSL *s, WPACKET *pkt, const char *sender, int slen)
 {
     int i;
 
-    if (!ssl_set_handshake_header(s, pkt, SSL3_MT_FINISHED)) {
-        SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
     i = s->method->ssl3_enc->final_finish_mac(s,
                                               sender, slen,
                                               s->s3->tmp.finish_md);
@@ -108,11 +103,6 @@ int tls_construct_finished(SSL *s, WPACKET *pkt, const char *sender, int slen)
         s->s3->previous_server_finished_len = i;
     }
 
-    if (!ssl_close_construct_packet(s, pkt)) {
-        SSLerr(SSL_F_TLS_CONSTRUCT_FINISHED, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
     return 1;
  err:
     ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
@@ -278,11 +268,9 @@ int tls_construct_change_cipher_spec(SSL *s, WPACKET *pkt)
 
 unsigned long ssl3_output_cert_chain(SSL *s, WPACKET *pkt, CERT_PKEY *cpk)
 {
-    if (!ssl_set_handshake_header(s, pkt, SSL3_MT_CERTIFICATE)
-            || !WPACKET_start_sub_packet_u24(pkt)
+    if (!WPACKET_start_sub_packet_u24(pkt)
             || !ssl_add_cert_chain(s, pkt, cpk)
-            || !WPACKET_close(pkt)
-            || !ssl_close_construct_packet(s, pkt)) {
+            || !WPACKET_close(pkt)) {
         SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN, ERR_R_INTERNAL_ERROR);
         return 0;
     }
index 8d6dd2a..f67361c 100644 (file)
@@ -109,7 +109,6 @@ __owur MSG_PROCESS_RETURN dtls_process_hello_verify(SSL *s, PACKET *pkt);
 __owur MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt);
 __owur WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst);
 __owur int tls_construct_server_hello(SSL *s, WPACKET *pkt);
-__owur int tls_construct_hello_request(SSL *s, WPACKET *pkt);
 __owur int dtls_construct_hello_verify_request(SSL *s, WPACKET *pkt);
 __owur int tls_construct_server_certificate(SSL *s, WPACKET *pkt);
 __owur int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt);
index 17dc9cb..46bd5c7 100644 (file)
@@ -622,52 +622,91 @@ WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst)
 int ossl_statem_server_construct_message(SSL *s, WPACKET *pkt)
 {
     OSSL_STATEM *st = &s->statem;
+    int (*confunc) (SSL *s, WPACKET *pkt) = NULL;
+    int ret = 1, mt;
 
-    switch (st->hand_state) {
-    default:
-        /* Shouldn't happen */
-        return 0;
+    if (st->hand_state == TLS_ST_SW_CHANGE) {
+        /* Special case becase it is a different content type */
+        if (SSL_IS_DTLS(s))
+            return dtls_construct_change_cipher_spec(s, pkt);
 
-    case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
+        return tls_construct_change_cipher_spec(s, pkt);
+    } else if (st->hand_state == DTLS_ST_SW_HELLO_VERIFY_REQUEST) {
+        /* Special case because we don't call ssl_close_construct_packet() */
         return dtls_construct_hello_verify_request(s, pkt);
+    } else {
+        switch (st->hand_state) {
+        default:
+            /* Shouldn't happen */
+            return 0;
 
-    case TLS_ST_SW_HELLO_REQ:
-        return tls_construct_hello_request(s, pkt);
+        case TLS_ST_SW_HELLO_REQ:
+            /* No construction function needed */
+            mt = SSL3_MT_HELLO_REQUEST;
+            break;
 
-    case TLS_ST_SW_SRVR_HELLO:
-        return tls_construct_server_hello(s, pkt);
+        case TLS_ST_SW_SRVR_HELLO:
+            confunc = tls_construct_server_hello;
+            mt = SSL3_MT_SERVER_HELLO;
+            break;
 
-    case TLS_ST_SW_CERT:
-        return tls_construct_server_certificate(s, pkt);
+        case TLS_ST_SW_CERT:
+            confunc = tls_construct_server_certificate;
+            mt = SSL3_MT_CERTIFICATE;
+            break;
 
-    case TLS_ST_SW_KEY_EXCH:
-        return tls_construct_server_key_exchange(s, pkt);
+        case TLS_ST_SW_KEY_EXCH:
+            confunc = tls_construct_server_key_exchange;
+            mt = SSL3_MT_SERVER_KEY_EXCHANGE;
+            break;
 
-    case TLS_ST_SW_CERT_REQ:
-        return tls_construct_certificate_request(s, pkt);
+        case TLS_ST_SW_CERT_REQ:
+            confunc = tls_construct_certificate_request;
+            mt = SSL3_MT_CERTIFICATE_REQUEST;
+            break;
 
-    case TLS_ST_SW_SRVR_DONE:
-        return tls_construct_server_done(s, pkt);
+        case TLS_ST_SW_SRVR_DONE:
+            confunc = tls_construct_server_done;
+            mt = SSL3_MT_SERVER_DONE;
+            break;
 
-    case TLS_ST_SW_SESSION_TICKET:
-        return tls_construct_new_session_ticket(s, pkt);
+        case TLS_ST_SW_SESSION_TICKET:
+            confunc = tls_construct_new_session_ticket;
+            mt = SSL3_MT_NEWSESSION_TICKET;
+            break;
 
-    case TLS_ST_SW_CERT_STATUS:
-        return tls_construct_cert_status(s, pkt);
+        case TLS_ST_SW_CERT_STATUS:
+            confunc = tls_construct_cert_status;
+            mt = SSL3_MT_CERTIFICATE_STATUS;
+            break;
 
-    case TLS_ST_SW_CHANGE:
-        if (SSL_IS_DTLS(s))
-            return dtls_construct_change_cipher_spec(s, pkt);
-        else
-            return tls_construct_change_cipher_spec(s, pkt);
+        case TLS_ST_SW_FINISHED:
+            mt = SSL3_MT_FINISHED;
+            break;
+        }
 
-    case TLS_ST_SW_FINISHED:
-        return tls_construct_finished(s, pkt,
-                                      s->method->
-                                      ssl3_enc->server_finished_label,
-                                      s->method->
-                                      ssl3_enc->server_finished_label_len);
+        if (!ssl_set_handshake_header(s, pkt, mt)) {
+            SSLerr(SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE,
+                   ERR_R_INTERNAL_ERROR);
+            return 0;
+        }
+
+        if (st->hand_state == TLS_ST_SW_FINISHED)
+            ret = tls_construct_finished(s, pkt,
+                                         s->method->
+                                         ssl3_enc->server_finished_label,
+                                         s->method->
+                                         ssl3_enc->server_finished_label_len);
+        else if (confunc != NULL)
+            ret = confunc(s, pkt);
+
+        if (!ret || !ssl_close_construct_packet(s, pkt)) {
+            SSLerr(SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE,
+                   ERR_R_INTERNAL_ERROR);
+            return 0;
+        }
     }
+    return 1;
 }
 
 /*
@@ -829,17 +868,6 @@ static int ssl_check_srp_ext_ClientHello(SSL *s, int *al)
 }
 #endif
 
-int tls_construct_hello_request(SSL *s, WPACKET *pkt)
-{
-    if (!ssl_set_handshake_header(s, pkt, SSL3_MT_HELLO_REQUEST)
-            || !ssl_close_construct_packet(s, pkt)) {
-        SSLerr(SSL_F_TLS_CONSTRUCT_HELLO_REQUEST, ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-
-    return 1;
-}
-
 int dtls_raw_hello_verify_request(WPACKET *pkt, unsigned char *cookie,
                                   unsigned char cookie_len)
 {
@@ -1492,8 +1520,7 @@ int tls_construct_server_hello(SSL *s, WPACKET *pkt)
     int sl, compm, al = SSL_AD_INTERNAL_ERROR;
     size_t len;
 
-    if (!ssl_set_handshake_header(s, pkt, SSL3_MT_SERVER_HELLO)
-            || !WPACKET_put_bytes_u16(pkt, s->version)
+    if (!WPACKET_put_bytes_u16(pkt, s->version)
                /*
                 * Random stuff. Filling of the server_random takes place in
                 * tls_process_client_hello()
@@ -1544,8 +1571,7 @@ int tls_construct_server_hello(SSL *s, WPACKET *pkt)
             || !s->method->put_cipher_by_char(s->s3->tmp.new_cipher, pkt, &len)
             || !WPACKET_put_bytes_u8(pkt, compm)
             || !ssl_prepare_serverhello_tlsext(s)
-            || !ssl_add_serverhello_tlsext(s, pkt, &al)
-            || !ssl_close_construct_packet(s, pkt)) {
+            || !ssl_add_serverhello_tlsext(s, pkt, &al)) {
         SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
         goto err;
     }
@@ -1558,21 +1584,13 @@ int tls_construct_server_hello(SSL *s, WPACKET *pkt)
 
 int tls_construct_server_done(SSL *s, WPACKET *pkt)
 {
-    if (!ssl_set_handshake_header(s, pkt, SSL3_MT_SERVER_DONE)
-            || !ssl_close_construct_packet(s, pkt)) {
-        SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_DONE, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
     if (!s->s3->tmp.cert_request) {
-        if (!ssl3_digest_cached_records(s, 0))
-            goto err;
+        if (!ssl3_digest_cached_records(s, 0)) {
+            ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
+            return 0;
+        }
     }
     return 1;
-
- err:
-    ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
-    return 0;
 }
 
 int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
@@ -1593,9 +1611,7 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
     EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
     size_t paramlen, paramoffset;
 
-    if (!ssl_set_handshake_header(s, pkt,
-                                         SSL3_MT_SERVER_KEY_EXCHANGE)
-            || !WPACKET_get_total_written(pkt, &paramoffset)) {
+    if (!WPACKET_get_total_written(pkt, &paramoffset)) {
         SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
         goto f_err;
     }
@@ -1900,11 +1916,6 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
         }
     }
 
-    if (!ssl_close_construct_packet(s, pkt)) {
-        SSLerr(SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
-        goto f_err;
-    }
-
     EVP_MD_CTX_free(md_ctx);
     return 1;
  f_err:
@@ -1925,13 +1936,6 @@ int tls_construct_certificate_request(SSL *s, WPACKET *pkt)
     int i, nl;
     STACK_OF(X509_NAME) *sk = NULL;
 
-    if (!ssl_set_handshake_header(s, pkt,
-                                         SSL3_MT_CERTIFICATE_REQUEST)) {
-        SSLerr(SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
-
     /* get the list of acceptable cert types */
     if (!WPACKET_start_sub_packet_u8(pkt)
             || !ssl3_get_req_cert_type(s, pkt)
@@ -1978,8 +1982,7 @@ int tls_construct_certificate_request(SSL *s, WPACKET *pkt)
     }
     /* else no CA names */
 
-    if (!WPACKET_close(pkt)
-            || !ssl_close_construct_packet(s, pkt)) {
+    if (!WPACKET_close(pkt)) {
         SSLerr(SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST, ERR_R_INTERNAL_ERROR);
         goto err;
     }
@@ -2954,11 +2957,6 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
         return 0;
     }
 
-    if (!ssl_set_handshake_header(s, pkt, SSL3_MT_NEWSESSION_TICKET)) {
-        SSLerr(SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET, ERR_R_INTERNAL_ERROR);
-        goto err;
-    }
-
     ctx = EVP_CIPHER_CTX_new();
     hctx = HMAC_CTX_new();
     if (ctx == NULL || hctx == NULL) {
@@ -3067,8 +3065,7 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
             || hlen > EVP_MAX_MD_SIZE
             || !WPACKET_allocate_bytes(pkt, hlen, &macdata2)
             || macdata1 != macdata2
-            || !WPACKET_close(pkt)
-            || !ssl_close_construct_packet(s, pkt)) {
+            || !WPACKET_close(pkt)) {
         SSLerr(SSL_F_TLS_CONSTRUCT_NEW_SESSION_TICKET, ERR_R_INTERNAL_ERROR);
         goto err;
     }
@@ -3087,11 +3084,9 @@ int tls_construct_new_session_ticket(SSL *s, WPACKET *pkt)
 
 int tls_construct_cert_status(SSL *s, WPACKET *pkt)
 {
-    if (!ssl_set_handshake_header(s, pkt, SSL3_MT_CERTIFICATE_STATUS)
-            || !WPACKET_put_bytes_u8(pkt, s->tlsext_status_type)
+    if (!WPACKET_put_bytes_u8(pkt, s->tlsext_status_type)
             || !WPACKET_sub_memcpy_u24(pkt, s->tlsext_ocsp_resp,
-                                       s->tlsext_ocsp_resplen)
-            || !ssl_close_construct_packet(s, pkt)) {
+                                       s->tlsext_ocsp_resplen)) {
         SSLerr(SSL_F_TLS_CONSTRUCT_CERT_STATUS, ERR_R_INTERNAL_ERROR);
         ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
         return 0;