generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Don't finish the handshake twice

Browse Source 
We finish the handshake when we move into the TLS_ST_OK state. At various
points we were also unnecessarily finishing it when we were reading/writing
the Finished message. It's much simpler just to do it in TLS_ST_OK, so
remove the other calls.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
This commit is contained in:
Matt Caswell 2015-11-06 09:47:18 +00:00
parent b8fb59897b
commit e657515620
3 changed files with 1 additions and 15 deletions

8
ssl/statem/statem_clnt.c

@ -622,9 +622,6 @@ WORK_STATE ossl_statem_client_post_work(SSL *s, WORK_STATE wst)
#endif #endif
if (statem_flush(s) != 1) if (statem_flush(s) != 1)
return WORK_MORE_B; return WORK_MORE_B;
if (s->hit && tls_finish_handshake(s, WORK_MORE_A) != 1)
return WORK_ERROR;
break; break;
default: default:
@ -801,11 +798,6 @@ WORK_STATE ossl_statem_client_post_process_message(SSL *s, WORK_STATE wst)
return WORK_FINISHED_STOP; return WORK_FINISHED_STOP;
#endif #endif
case TLS_ST_CR_FINISHED:
if (!s->hit)
return tls_finish_handshake(s, wst);
else
return WORK_FINISHED_STOP;
default: default:
break; break;
} }

2
ssl/statem/statem_lib.c

@ -331,7 +331,7 @@ MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt)
s->s3->previous_server_finished_len = i; s->s3->previous_server_finished_len = i;
} }
return MSG_PROCESS_CONTINUE_PROCESSING; return MSG_PROCESS_FINISHED_READING;
f_err: f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al); ssl3_send_alert(s, SSL3_AL_FATAL, al);
ossl_statem_set_error(s); ossl_statem_set_error(s);

6
ssl/statem/statem_srvr.c

@ -876,12 +876,6 @@ WORK_STATE ossl_statem_server_post_process_message(SSL *s, WORK_STATE wst)
#endif #endif
return WORK_FINISHED_CONTINUE; return WORK_FINISHED_CONTINUE;
case TLS_ST_SR_FINISHED:
if (s->hit)
return tls_finish_handshake(s, wst);
else
return WORK_FINISHED_STOP;
default: default:
break; break;
} }