Remove the rest of write_message.
The TLS 1.2 state machine now looks actually much closer to the TLS 1.3
one on the write side. Although the write states still have a BIO-style
return, they don't actually send anything anymore. Only the BIO flush
state does. Reads are still integrated into the states themselves
though, so I haven't made it match TLS 1.3 yet.
BUG=72
Change-Id: I7708162efca13cd335723efa5080718a5f2808ab
Reviewed-on: https://boringssl-review.googlesource.com/13228
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/handshake_server.c b/ssl/handshake_server.c
index 00b374c..33ffa7e 100644
--- a/ssl/handshake_server.c
+++ b/ssl/handshake_server.c
@@ -232,7 +232,6 @@
break;
case SSL3_ST_SW_SRVR_HELLO_A:
- case SSL3_ST_SW_SRVR_HELLO_B:
ret = ssl3_send_server_hello(hs);
if (ret <= 0) {
goto end;
@@ -245,7 +244,6 @@
break;
case SSL3_ST_SW_CERT_A:
- case SSL3_ST_SW_CERT_B:
if (ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) {
ret = ssl3_send_server_certificate(hs);
if (ret <= 0) {
@@ -258,7 +256,6 @@
break;
case SSL3_ST_SW_CERT_STATUS_A:
- case SSL3_ST_SW_CERT_STATUS_B:
if (hs->certificate_status_expected) {
ret = ssl3_send_certificate_status(hs);
if (ret <= 0) {
@@ -272,7 +269,6 @@
case SSL3_ST_SW_KEY_EXCH_A:
case SSL3_ST_SW_KEY_EXCH_B:
- case SSL3_ST_SW_KEY_EXCH_C:
alg_a = ssl->s3->tmp.new_cipher->algorithm_auth;
/* PSK ciphers send ServerKeyExchange if there is an identity hint. */
@@ -290,7 +286,6 @@
break;
case SSL3_ST_SW_CERT_REQ_A:
- case SSL3_ST_SW_CERT_REQ_B:
if (hs->cert_request) {
ret = ssl3_send_certificate_request(hs);
if (ret <= 0) {
@@ -303,7 +298,6 @@
break;
case SSL3_ST_SW_SRVR_DONE_A:
- case SSL3_ST_SW_SRVR_DONE_B:
ret = ssl3_send_server_hello_done(hs);
if (ret <= 0) {
goto end;
@@ -403,7 +397,6 @@
break;
case SSL3_ST_SW_SESSION_TICKET_A:
- case SSL3_ST_SW_SESSION_TICKET_B:
if (hs->ticket_expected) {
ret = ssl3_send_new_session_ticket(hs);
if (ret <= 0) {
@@ -426,9 +419,7 @@
break;
case SSL3_ST_SW_FINISHED_A:
- case SSL3_ST_SW_FINISHED_B:
- ret = ssl3_send_finished(hs, SSL3_ST_SW_FINISHED_A,
- SSL3_ST_SW_FINISHED_B);
+ ret = ssl3_send_finished(hs);
if (ret <= 0) {
goto end;
}
@@ -1039,11 +1030,6 @@
static int ssl3_send_server_hello(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- if (hs->state == SSL3_ST_SW_SRVR_HELLO_B) {
- return ssl->method->write_message(ssl);
- }
-
- assert(hs->state == SSL3_ST_SW_SRVR_HELLO_A);
/* We only accept ChannelIDs on connections with ECDHE in order to avoid a
* known attack while we fix ChannelID itself. */
@@ -1094,34 +1080,24 @@
return -1;
}
- hs->state = SSL3_ST_SW_SRVR_HELLO_B;
- return ssl->method->write_message(ssl);
+ return 1;
}
static int ssl3_send_server_certificate(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- if (hs->state == SSL3_ST_SW_CERT_B) {
- return ssl->method->write_message(ssl);
- }
-
if (!ssl_has_certificate(ssl)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_SET);
- return 0;
+ return -1;
}
if (!ssl3_output_cert_chain(ssl)) {
- return 0;
+ return -1;
}
- hs->state = SSL3_ST_SW_CERT_B;
- return ssl->method->write_message(ssl);
+ return 1;
}
static int ssl3_send_certificate_status(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- if (hs->state == SSL3_ST_SW_CERT_STATUS_B) {
- return ssl->method->write_message(ssl);
- }
-
CBB cbb, body, ocsp_response;
if (!ssl->method->init_message(ssl, &cbb, &body,
SSL3_MT_CERTIFICATE_STATUS) ||
@@ -1135,16 +1111,11 @@
return -1;
}
- hs->state = SSL3_ST_SW_CERT_STATUS_B;
- return ssl->method->write_message(ssl);
+ return 1;
}
static int ssl3_send_server_key_exchange(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- if (hs->state == SSL3_ST_SW_KEY_EXCH_C) {
- return ssl->method->write_message(ssl);
- }
-
CBB cbb, child;
CBB_zero(&cbb);
@@ -1312,8 +1283,7 @@
hs->server_params = NULL;
hs->server_params_len = 0;
- hs->state = SSL3_ST_SW_KEY_EXCH_C;
- return ssl->method->write_message(ssl);
+ return 1;
err:
CBB_cleanup(&cbb);
@@ -1360,10 +1330,6 @@
static int ssl3_send_certificate_request(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- if (hs->state == SSL3_ST_SW_CERT_REQ_B) {
- return ssl->method->write_message(ssl);
- }
-
CBB cbb, body, cert_types, sigalgs_cbb;
if (!ssl->method->init_message(ssl, &cbb, &body,
SSL3_MT_CERTIFICATE_REQUEST) ||
@@ -1391,8 +1357,7 @@
goto err;
}
- hs->state = SSL3_ST_SW_CERT_REQ_B;
- return ssl->method->write_message(ssl);
+ return 1;
err:
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
@@ -1402,10 +1367,6 @@
static int ssl3_send_server_hello_done(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- if (hs->state == SSL3_ST_SW_SRVR_DONE_B) {
- return ssl->method->write_message(ssl);
- }
-
CBB cbb, body;
if (!ssl->method->init_message(ssl, &cbb, &body, SSL3_MT_SERVER_HELLO_DONE) ||
!ssl_add_message_cbb(ssl, &cbb)) {
@@ -1414,8 +1375,7 @@
return -1;
}
- hs->state = SSL3_ST_SW_SRVR_DONE_B;
- return ssl->method->write_message(ssl);
+ return 1;
}
static int ssl3_get_client_certificate(SSL_HANDSHAKE *hs) {
@@ -1929,10 +1889,6 @@
static int ssl3_send_new_session_ticket(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- if (hs->state == SSL3_ST_SW_SESSION_TICKET_B) {
- return ssl->method->write_message(ssl);
- }
-
const SSL_SESSION *session;
SSL_SESSION *session_copy = NULL;
if (ssl->session == NULL) {
@@ -1966,6 +1922,5 @@
return -1;
}
- hs->state = SSL3_ST_SW_SESSION_TICKET_B;
- return ssl->method->write_message(ssl);
+ return 1;
}
