Simplify tls1_change_cipher_spec. Rather than use those weird bitmasks, just pass an evp_aead_direction_t and figure it out from there. Change-Id: Ie52c6404bd0728d7d1ef964a3590d9ba0843c1d6 Reviewed-on: https://boringssl-review.googlesource.com/20666 Reviewed-by: Steven Valdez <svaldez@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: e58f8a6b9ab6e990f0c273552f7b1411a3c6b0bc [log] [tgz]
author: David Benjamin <davidben@google.com> Thu Sep 21 19:07:15 2017 -0400
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Fri Sep 22 15:18:17 2017 +0000
tree: 24ab39db21dbba3a119a0cb192217d0d81a2ea7c
parent: 38570b26b88a705064a2753feb9233319f796f7b [diff] [blame]
diff --git a/ssl/handshake_server.cc b/ssl/handshake_server.cc
index cd99ec9..a38e25f 100644
--- a/ssl/handshake_server.cc
+++ b/ssl/handshake_server.cc

@@ -1397,7 +1397,7 @@
 }
 
 static enum ssl_hs_wait_t do_process_change_cipher_spec(SSL_HANDSHAKE *hs) {
-  if (!tls1_change_cipher_state(hs, SSL3_CHANGE_CIPHER_SERVER_READ)) {
+  if (!tls1_change_cipher_state(hs, evp_aead_open)) {
     return ssl_hs_error;
   }
 
@@ -1525,7 +1525,7 @@
   }
 
   if (!ssl->method->add_change_cipher_spec(ssl) ||
-      !tls1_change_cipher_state(hs, SSL3_CHANGE_CIPHER_SERVER_WRITE) ||
+      !tls1_change_cipher_state(hs, evp_aead_seal) ||
       !ssl3_send_finished(hs)) {
     return ssl_hs_error;
   }
commit	e58f8a6b9ab6e990f0c273552f7b1411a3c6b0bc	[log] [tgz]
author	David Benjamin <davidben@google.com>	Thu Sep 21 19:07:15 2017 -0400
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Fri Sep 22 15:18:17 2017 +0000
tree	24ab39db21dbba3a119a0cb192217d0d81a2ea7c
parent	38570b26b88a705064a2753feb9233319f796f7b [diff] [blame]