commit 8f94c31b19c688692d9afcffe3afb2f85391b125
author David Benjamin <davidben@google.com> Tue Aug 01 17:35:55 2017 -0400
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Tue Aug 08 21:08:59 2017 +0000
tree 9722c40a2682e8233d28c96be14357ab96170ba3
parent ba2d3df75981449c56e8cc276b2a56319483fc4a

Replace reuse_message with an explicit next_message call.

This means that ssl_get_message (soon to be replaced with a BIO-less
version) is idempotent which avoids the SSL3_ST_SR_KEY_EXCH_B
contortion. It also eases converting the TLS 1.2 state machine. See
https://docs.google.com/a/google.com/document/d/11n7LHsT3GwE34LAJIe3EFs4165TI4UR_3CqiM9LJVpI/edit?usp=sharing
for details.

Bug: 128
Change-Id: Iddd4f951389e8766da07a9de595b552e75f8acf0
Reviewed-on: https://boringssl-review.googlesource.com/18805
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/tls13_client.cc

diff --git a/ssl/tls13_client.cc b/ssl/tls13_client.cc
index 2940265..fa4731f 100644
--- a/ssl/tls13_client.cc
+++ b/ssl/tls13_client.cc
@@ -144,6 +144,7 @@
     return ssl_hs_error;
   }
 
+  ssl->method->next_message(ssl);
   hs->received_hello_retry_request = 1;
   hs->tls13_state = state_send_second_client_hello;
   /* 0-RTT is rejected if we receive a HelloRetryRequest. */
@@ -341,6 +342,8 @@
       !tls13_derive_handshake_secrets(hs)) {
     return ssl_hs_error;
   }
+
+  ssl->method->next_message(ssl);
   hs->tls13_state = state_process_change_cipher_spec;
   return ssl->version == TLS1_3_EXPERIMENT_VERSION
              ? ssl_hs_read_change_cipher_spec
@@ -416,6 +419,7 @@
     return ssl_hs_error;
   }
 
+  ssl->method->next_message(ssl);
   hs->tls13_state = state_continue_second_server_flight;
   if (hs->in_early_data && !ssl->early_data_accepted) {
     return ssl_hs_early_data_rejected;
@@ -480,6 +484,7 @@
     return ssl_hs_error;
   }
 
+  ssl->method->next_message(ssl);
   hs->tls13_state = state_process_server_certificate;
   return ssl_hs_read_message;
 }
@@ -492,6 +497,7 @@
     return ssl_hs_error;
   }
 
+  ssl->method->next_message(ssl);
   hs->tls13_state = state_process_server_certificate_verify;
   return ssl_hs_read_message;
 }
@@ -515,6 +521,7 @@
     return ssl_hs_error;
   }
 
+  ssl->method->next_message(ssl);
   hs->tls13_state = state_process_server_finished;
   return ssl_hs_read_message;
 }
@@ -530,6 +537,7 @@
     return ssl_hs_error;
   }
 
+  ssl->method->next_message(ssl);
   hs->tls13_state = state_send_end_of_early_data;
   return ssl_hs_ok;
 }