Google Git
Sign in
boringssl / boringssl / 34a3c498755bf10692fd1038b728b3dcf485641d^! / .
commit34a3c498755bf10692fd1038b728b3dcf485641d[log] [tgz]
authorDavid Benjamin <davidben@google.com>Wed Jul 06 21:31:14 2016 -0700
committerAdam Langley <agl@google.com>Thu Jul 07 23:01:07 2016 +0000
treeab1734e98cdbf2de27cc7d30651bbba3a8d4a869
parentc937edef3e0613b7b0d8efb751cd326b1e36c00f [diff]
Simplify TLS reuse_message implementation.

Rather than have a separate codepath, just skip the message_complete
logic and parse what's in the buffer. This also cuts down on one input
to setting up a reuse_message; message_type is now only written to in
the get_message implementation.

Change-Id: I96689b5957a3f2548af9099ec4e53cabacdc395a
Reviewed-on: https://boringssl-review.googlesource.com/8640
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/ssl/handshake_server.c b/ssl/handshake_server.c
index ebd47e1..085bf3d 100644
--- a/ssl/handshake_server.c
+++ b/ssl/handshake_server.c

@@ -702,7 +702,6 @@
 
   /* Mark the message for "re"-use by the version-specific method. */
   ssl->s3->tmp.reuse_message = 1;
-  ssl->s3->tmp.message_type = SSL3_MT_CLIENT_HELLO;
   ssl->s3->tmp.message_complete = 1;
 
   /* Consume and discard the V2ClientHello. */

diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index f28e50f..fd16318 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c

@@ -374,27 +374,17 @@
                       enum ssl_hash_message_t hash_message, int *ok) {
   *ok = 0;
 
+again:
   if (ssl->s3->tmp.reuse_message) {
     /* A ssl_dont_hash_message call cannot be combined with reuse_message; the
      * ssl_dont_hash_message would have to have been applied to the previous
      * call. */
     assert(hash_message == ssl_hash_message);
     assert(ssl->s3->tmp.message_complete);
-    ssl->s3->tmp.reuse_message = 0;
-    if (msg_type >= 0 && ssl->s3->tmp.message_type != msg_type) {
-      ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
-      OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
-      return -1;
-    }
-    *ok = 1;
-    assert(ssl->init_buf->length >= 4);
-    ssl->init_msg = (uint8_t *)ssl->init_buf->data + 4;
-    ssl->init_num = (int)ssl->init_buf->length - 4;
-    return ssl->init_num;
-  }
 
-again:
-  if (ssl->s3->tmp.message_complete) {
+    ssl->s3->tmp.reuse_message = 0;
+    hash_message = ssl_dont_hash_message;
+  } else if (ssl->s3->tmp.message_complete) {
     ssl->s3->tmp.message_complete = 0;
     ssl->init_buf->length = 0;
   }