Squash together TLS 1.2 states for server Finished block.
We can take advantage of our flight-by-flight model.
BUG=128
Change-Id: If27a5b6d88055da71199ef672d9c71969925aca9
Reviewed-on: https://boringssl-review.googlesource.com/17249
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h
index 25c31c1..9fbd4ef 100644
--- a/include/openssl/ssl3.h
+++ b/include/openssl/ssl3.h
@@ -358,9 +358,7 @@
#define SSL3_ST_SR_FINISHED_A (0x1C0 | SSL_ST_ACCEPT)
/* write to client */
-#define SSL3_ST_SW_CHANGE (0x1D0 | SSL_ST_ACCEPT)
#define SSL3_ST_SW_FINISHED_A (0x1E0 | SSL_ST_ACCEPT)
-#define SSL3_ST_SW_SESSION_TICKET_A (0x1F0 | SSL_ST_ACCEPT)
#define SSL3_ST_SW_CERT_STATUS_A (0x200 | SSL_ST_ACCEPT)
#define SSL3_MT_HELLO_REQUEST 0
diff --git a/ssl/handshake_server.c b/ssl/handshake_server.c
index 3979801..b59e3b2 100644
--- a/ssl/handshake_server.c
+++ b/ssl/handshake_server.c
@@ -184,7 +184,7 @@
static int ssl3_get_cert_verify(SSL_HANDSHAKE *hs);
static int ssl3_get_next_proto(SSL_HANDSHAKE *hs);
static int ssl3_get_channel_id(SSL_HANDSHAKE *hs);
-static int ssl3_send_new_session_ticket(SSL_HANDSHAKE *hs);
+static int ssl3_send_server_finished(SSL_HANDSHAKE *hs);
static struct CRYPTO_STATIC_MUTEX g_v2clienthello_lock =
CRYPTO_STATIC_MUTEX_INIT;
@@ -255,7 +255,7 @@
goto end;
}
if (ssl->session != NULL) {
- hs->state = SSL3_ST_SW_SESSION_TICKET_A;
+ hs->state = SSL3_ST_SW_FINISHED_A;
} else {
hs->state = SSL3_ST_SW_CERT_A;
}
@@ -388,7 +388,7 @@
if (ssl->session != NULL) {
hs->state = SSL_ST_OK;
} else {
- hs->state = SSL3_ST_SW_SESSION_TICKET_A;
+ hs->state = SSL3_ST_SW_FINISHED_A;
}
/* If this is a full handshake with ChannelID then record the handshake
@@ -402,28 +402,8 @@
}
break;
- case SSL3_ST_SW_SESSION_TICKET_A:
- if (hs->ticket_expected) {
- ret = ssl3_send_new_session_ticket(hs);
- if (ret <= 0) {
- goto end;
- }
- }
- hs->state = SSL3_ST_SW_CHANGE;
- break;
-
- case SSL3_ST_SW_CHANGE:
- if (!ssl->method->add_change_cipher_spec(ssl) ||
- !tls1_change_cipher_state(hs, SSL3_CHANGE_CIPHER_SERVER_WRITE)) {
- ret = -1;
- goto end;
- }
-
- hs->state = SSL3_ST_SW_FINISHED_A;
- break;
-
case SSL3_ST_SW_FINISHED_A:
- ret = ssl3_send_finished(hs);
+ ret = ssl3_send_server_finished(hs);
if (ret <= 0) {
goto end;
}
@@ -1825,40 +1805,46 @@
return 1;
}
-static int ssl3_send_new_session_ticket(SSL_HANDSHAKE *hs) {
+static int ssl3_send_server_finished(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- const SSL_SESSION *session;
- SSL_SESSION *session_copy = NULL;
- if (ssl->session == NULL) {
- /* Fix the timeout to measure from the ticket issuance time. */
- ssl_session_rebase_time(ssl, hs->new_session);
- session = hs->new_session;
- } else {
- /* We are renewing an existing session. Duplicate the session to adjust the
- * timeout. */
- session_copy = SSL_SESSION_dup(ssl->session, SSL_SESSION_INCLUDE_NONAUTH);
- if (session_copy == NULL) {
- return -1;
+
+ if (hs->ticket_expected) {
+ const SSL_SESSION *session;
+ SSL_SESSION *session_copy = NULL;
+ if (ssl->session == NULL) {
+ /* Fix the timeout to measure from the ticket issuance time. */
+ ssl_session_rebase_time(ssl, hs->new_session);
+ session = hs->new_session;
+ } else {
+ /* We are renewing an existing session. Duplicate the session to adjust
+ * the timeout. */
+ session_copy = SSL_SESSION_dup(ssl->session, SSL_SESSION_INCLUDE_NONAUTH);
+ if (session_copy == NULL) {
+ return -1;
+ }
+
+ ssl_session_rebase_time(ssl, session_copy);
+ session = session_copy;
}
- ssl_session_rebase_time(ssl, session_copy);
- session = session_copy;
+ CBB cbb, body, ticket;
+ int ok = ssl->method->init_message(ssl, &cbb, &body,
+ SSL3_MT_NEW_SESSION_TICKET) &&
+ CBB_add_u32(&body, session->timeout) &&
+ CBB_add_u16_length_prefixed(&body, &ticket) &&
+ ssl_encrypt_ticket(ssl, &ticket, session) &&
+ ssl_add_message_cbb(ssl, &cbb);
+ SSL_SESSION_free(session_copy);
+ CBB_cleanup(&cbb);
+ if (!ok) {
+ return -1;
+ }
}
- CBB cbb, body, ticket;
- int ok =
- ssl->method->init_message(ssl, &cbb, &body, SSL3_MT_NEW_SESSION_TICKET) &&
- CBB_add_u32(&body, session->timeout) &&
- CBB_add_u16_length_prefixed(&body, &ticket) &&
- ssl_encrypt_ticket(ssl, &ticket, session) &&
- ssl_add_message_cbb(ssl, &cbb);
-
- SSL_SESSION_free(session_copy);
- CBB_cleanup(&cbb);
-
- if (!ok) {
+ if (!ssl->method->add_change_cipher_spec(ssl) ||
+ !tls1_change_cipher_state(hs, SSL3_CHANGE_CIPHER_SERVER_WRITE)) {
return -1;
}
- return 1;
+ return ssl3_send_finished(hs);
}
diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c
index 571b4a9..bb7216c 100644
--- a/ssl/ssl_stat.c
+++ b/ssl/ssl_stat.c
@@ -146,7 +146,6 @@
return "SSLv3 write certificate verify B";
case SSL3_ST_CW_CHANGE:
- case SSL3_ST_SW_CHANGE:
return "SSLv3 write change cipher spec";
case SSL3_ST_CW_FINISHED_A:
@@ -186,9 +185,6 @@
case SSL3_ST_SW_CERT_REQ_A:
return "SSLv3 write certificate request A";
- case SSL3_ST_SW_SESSION_TICKET_A:
- return "SSLv3 write session ticket A";
-
case SSL3_ST_SW_SRVR_DONE_A:
return "SSLv3 write server done A";
@@ -259,7 +255,6 @@
case SSL3_ST_CW_CERT_VRFY_B:
return "3WCV_B";
- case SSL3_ST_SW_CHANGE:
case SSL3_ST_CW_CHANGE:
return "3WCCS_";
