From 1e6d6df943a681eb8454cf40b9cd554519156e16 Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Fri, 13 May 2016 18:28:17 -0400 Subject: [PATCH] Remove state parameters to ssl3_get_message. They're completely unused now. The handshake message reassembly logic should not depend on the state machine. This should partially free it up (ugly as it is) to be shared with a future TLS 1.3 implementation while, in parallel, it and the layers below, get reworked. This also cuts down on the number of states significantly. Partially because I expect we'd want to get ssl_hash_message_t out of there too. Having it in common code is fine, but it needs to be in the (supposed to be) protocol-agnostic handshake state machine, not the protocol-specific handshake message layer. Change-Id: I12f9dc57bf433ceead0591106ab165d352ef6ee4 Reviewed-on: https://boringssl-review.googlesource.com/7949 Reviewed-by: Adam Langley --- include/openssl/ssl3.h | 19 +++--------- ssl/d1_both.c | 3 +- ssl/d1_clnt.c | 16 ++-------- ssl/d1_srvr.c | 8 +---- ssl/internal.h | 13 ++++---- ssl/s3_both.c | 11 +++---- ssl/s3_clnt.c | 42 ++++++++------------------ ssl/s3_srvr.c | 56 +++++++++++++--------------------- ssl/ssl_stat.c | 68 ------------------------------------------ 9 files changed, 50 insertions(+), 186 deletions(-) diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h index 957b740e..52e57439 100644 --- a/include/openssl/ssl3.h +++ b/include/openssl/ssl3.h @@ -312,17 +312,12 @@ OPENSSL_COMPILE_ASSERT( #define SSL3_ST_CW_CLNT_HELLO_B (0x111 | SSL_ST_CONNECT) /* read from server */ #define SSL3_ST_CR_SRVR_HELLO_A (0x120 | SSL_ST_CONNECT) -#define SSL3_ST_CR_SRVR_HELLO_B (0x121 | SSL_ST_CONNECT) #define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A (0x126 | SSL_ST_CONNECT) -#define DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B (0x127 | SSL_ST_CONNECT) #define SSL3_ST_CR_CERT_A (0x130 | SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_B (0x131 | SSL_ST_CONNECT) #define SSL3_ST_CR_KEY_EXCH_A (0x140 | SSL_ST_CONNECT) #define SSL3_ST_CR_KEY_EXCH_B (0x141 | SSL_ST_CONNECT) #define SSL3_ST_CR_CERT_REQ_A (0x150 | SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_REQ_B (0x151 | SSL_ST_CONNECT) #define SSL3_ST_CR_SRVR_DONE_A (0x160 | SSL_ST_CONNECT) -#define SSL3_ST_CR_SRVR_DONE_B (0x161 | SSL_ST_CONNECT) /* write to server */ #define SSL3_ST_CW_CERT_A (0x170 | SSL_ST_CONNECT) #define SSL3_ST_CW_CERT_B (0x171 | SSL_ST_CONNECT) @@ -344,11 +339,12 @@ OPENSSL_COMPILE_ASSERT( /* read from server */ #define SSL3_ST_CR_CHANGE (0x1C0 | SSL_ST_CONNECT) #define SSL3_ST_CR_FINISHED_A (0x1D0 | SSL_ST_CONNECT) -#define SSL3_ST_CR_FINISHED_B (0x1D1 | SSL_ST_CONNECT) #define SSL3_ST_CR_SESSION_TICKET_A (0x1E0 | SSL_ST_CONNECT) -#define SSL3_ST_CR_SESSION_TICKET_B (0x1E1 | SSL_ST_CONNECT) #define SSL3_ST_CR_CERT_STATUS_A (0x1F0 | SSL_ST_CONNECT) -#define SSL3_ST_CR_CERT_STATUS_B (0x1F1 | SSL_ST_CONNECT) + +/* SSL3_ST_CR_SRVR_HELLO_B is a legacy alias for |SSL3_ST_CR_SRVR_HELLO_A| used + * by some consumers which check |SSL_state|. */ +#define SSL3_ST_CR_SRVR_HELLO_B SSL3_ST_CR_SRVR_HELLO_A /* server */ /* extra state */ @@ -359,7 +355,6 @@ OPENSSL_COMPILE_ASSERT( #define SSL3_ST_SR_CLNT_HELLO_A (0x110 | SSL_ST_ACCEPT) #define SSL3_ST_SR_CLNT_HELLO_B (0x111 | SSL_ST_ACCEPT) #define SSL3_ST_SR_CLNT_HELLO_C (0x112 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_CLNT_HELLO_D (0x115 | SSL_ST_ACCEPT) /* write to client */ #define SSL3_ST_SW_HELLO_REQ_A (0x120 | SSL_ST_ACCEPT) #define SSL3_ST_SW_HELLO_REQ_B (0x121 | SSL_ST_ACCEPT) @@ -377,19 +372,13 @@ OPENSSL_COMPILE_ASSERT( #define SSL3_ST_SW_SRVR_DONE_B (0x171 | SSL_ST_ACCEPT) /* read from client */ #define SSL3_ST_SR_CERT_A (0x180 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_CERT_B (0x181 | SSL_ST_ACCEPT) #define SSL3_ST_SR_KEY_EXCH_A (0x190 | SSL_ST_ACCEPT) #define SSL3_ST_SR_KEY_EXCH_B (0x191 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_KEY_EXCH_C (0x192 | SSL_ST_ACCEPT) #define SSL3_ST_SR_CERT_VRFY_A (0x1A0 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_CERT_VRFY_B (0x1A1 | SSL_ST_ACCEPT) #define SSL3_ST_SR_CHANGE (0x1B0 | SSL_ST_ACCEPT) #define SSL3_ST_SR_NEXT_PROTO_A (0x210 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_NEXT_PROTO_B (0x211 | SSL_ST_ACCEPT) #define SSL3_ST_SR_CHANNEL_ID_A (0x230 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_CHANNEL_ID_B (0x231 | SSL_ST_ACCEPT) #define SSL3_ST_SR_FINISHED_A (0x1C0 | SSL_ST_ACCEPT) -#define SSL3_ST_SR_FINISHED_B (0x1C1 | SSL_ST_ACCEPT) /* write to client */ #define SSL3_ST_SW_CHANGE_A (0x1D0 | SSL_ST_ACCEPT) diff --git a/ssl/d1_both.c b/ssl/d1_both.c index 86fbe4a6..074668ca 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c @@ -558,7 +558,7 @@ static int dtls1_process_fragment(SSL *ssl) { /* dtls1_get_message reads a handshake message of message type |msg_type| (any * if |msg_type| == -1). Read an entire handshake message. Handshake messages * arrive in fragments. */ -long dtls1_get_message(SSL *ssl, int st1, int stn, int msg_type, +long dtls1_get_message(SSL *ssl, int msg_type, enum ssl_hash_message_t hash_message, int *ok) { pitem *item = NULL; hm_fragment *frag = NULL; @@ -646,7 +646,6 @@ long dtls1_get_message(SSL *ssl, int st1, int stn, int msg_type, pitem_free(item); dtls1_hm_fragment_free(frag); - ssl->state = stn; *ok = 1; return ssl->init_num; diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c index 62da1756..7d75ff85 100644 --- a/ssl/d1_clnt.c +++ b/ssl/d1_clnt.c @@ -200,7 +200,6 @@ int dtls1_connect(SSL *ssl) { break; case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: - case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: ret = dtls1_get_hello_verify(ssl); if (ret <= 0) { goto end; @@ -216,7 +215,6 @@ int dtls1_connect(SSL *ssl) { break; case SSL3_ST_CR_SRVR_HELLO_A: - case SSL3_ST_CR_SRVR_HELLO_B: ret = ssl3_get_server_hello(ssl); if (ret <= 0) { goto end; @@ -235,7 +233,6 @@ int dtls1_connect(SSL *ssl) { break; case SSL3_ST_CR_CERT_A: - case SSL3_ST_CR_CERT_B: if (ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) { ret = ssl3_get_server_certificate(ssl); if (ret <= 0) { @@ -264,7 +261,6 @@ int dtls1_connect(SSL *ssl) { break; case SSL3_ST_CR_KEY_EXCH_A: - case SSL3_ST_CR_KEY_EXCH_B: ret = ssl3_get_server_key_exchange(ssl); if (ret <= 0) { goto end; @@ -278,7 +274,6 @@ int dtls1_connect(SSL *ssl) { break; case SSL3_ST_CR_CERT_REQ_A: - case SSL3_ST_CR_CERT_REQ_B: ret = ssl3_get_certificate_request(ssl); if (ret <= 0) { goto end; @@ -288,7 +283,6 @@ int dtls1_connect(SSL *ssl) { break; case SSL3_ST_CR_SRVR_DONE_A: - case SSL3_ST_CR_SRVR_DONE_B: ret = ssl3_get_server_done(ssl); if (ret <= 0) { goto end; @@ -393,7 +387,6 @@ int dtls1_connect(SSL *ssl) { break; case SSL3_ST_CR_SESSION_TICKET_A: - case SSL3_ST_CR_SESSION_TICKET_B: ret = ssl3_get_new_session_ticket(ssl); if (ret <= 0) { goto end; @@ -403,7 +396,6 @@ int dtls1_connect(SSL *ssl) { break; case SSL3_ST_CR_CERT_STATUS_A: - case SSL3_ST_CR_CERT_STATUS_B: ret = ssl3_get_cert_status(ssl); if (ret <= 0) { goto end; @@ -426,9 +418,7 @@ int dtls1_connect(SSL *ssl) { break; case SSL3_ST_CR_FINISHED_A: - case SSL3_ST_CR_FINISHED_B: - ret = - ssl3_get_finished(ssl, SSL3_ST_CR_FINISHED_A, SSL3_ST_CR_FINISHED_B); + ret = ssl3_get_finished(ssl); if (ret <= 0) { goto end; } @@ -507,9 +497,7 @@ static int dtls1_get_hello_verify(SSL *ssl) { CBS hello_verify_request, cookie; uint16_t server_version; - n = ssl->method->ssl_get_message(ssl, DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A, - DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B, -1, - ssl_hash_message, &ok); + n = ssl->method->ssl_get_message(ssl, -1, ssl_hash_message, &ok); if (!ok) { return n; diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c index f715f29e..f7be3965 100644 --- a/ssl/d1_srvr.c +++ b/ssl/d1_srvr.c @@ -185,7 +185,6 @@ int dtls1_accept(SSL *ssl) { case SSL3_ST_SR_CLNT_HELLO_A: case SSL3_ST_SR_CLNT_HELLO_B: case SSL3_ST_SR_CLNT_HELLO_C: - case SSL3_ST_SR_CLNT_HELLO_D: ret = ssl3_get_client_hello(ssl); if (ret <= 0) { goto end; @@ -310,7 +309,6 @@ int dtls1_accept(SSL *ssl) { break; case SSL3_ST_SR_CERT_A: - case SSL3_ST_SR_CERT_B: if (ssl->s3->tmp.cert_request) { ret = ssl3_get_client_certificate(ssl); if (ret <= 0) { @@ -323,7 +321,6 @@ int dtls1_accept(SSL *ssl) { case SSL3_ST_SR_KEY_EXCH_A: case SSL3_ST_SR_KEY_EXCH_B: - case SSL3_ST_SR_KEY_EXCH_C: ret = ssl3_get_client_key_exchange(ssl); if (ret <= 0) { goto end; @@ -333,7 +330,6 @@ int dtls1_accept(SSL *ssl) { break; case SSL3_ST_SR_CERT_VRFY_A: - case SSL3_ST_SR_CERT_VRFY_B: ret = ssl3_get_cert_verify(ssl); if (ret <= 0) { goto end; @@ -357,9 +353,7 @@ int dtls1_accept(SSL *ssl) { break; case SSL3_ST_SR_FINISHED_A: - case SSL3_ST_SR_FINISHED_B: - ret = ssl3_get_finished(ssl, SSL3_ST_SR_FINISHED_A, - SSL3_ST_SR_FINISHED_B); + ret = ssl3_get_finished(ssl); if (ret <= 0) { goto end; } diff --git a/ssl/internal.h b/ssl/internal.h index cb16b349..962d8356 100644 --- a/ssl/internal.h +++ b/ssl/internal.h @@ -853,9 +853,8 @@ struct ssl_protocol_method_st { void (*ssl_free)(SSL *ssl); int (*ssl_accept)(SSL *ssl); int (*ssl_connect)(SSL *ssl); - long (*ssl_get_message)(SSL *ssl, int header_state, int body_state, - int msg_type, enum ssl_hash_message_t hash_message, - int *ok); + long (*ssl_get_message)(SSL *ssl, int msg_type, + enum ssl_hash_message_t hash_message, int *ok); int (*ssl_read_app_data)(SSL *ssl, uint8_t *buf, int len, int peek); int (*ssl_read_change_cipher_spec)(SSL *ssl); void (*ssl_read_close_notify)(SSL *ssl); @@ -1044,13 +1043,13 @@ int ssl_fill_hello_random(uint8_t *out, size_t len, int is_server); int ssl3_send_server_certificate(SSL *ssl); int ssl3_send_new_session_ticket(SSL *ssl); int ssl3_send_certificate_status(SSL *ssl); -int ssl3_get_finished(SSL *ssl, int state_a, int state_b); +int ssl3_get_finished(SSL *ssl); int ssl3_send_change_cipher_spec(SSL *ssl, int state_a, int state_b); void ssl3_cleanup_key_block(SSL *ssl); int ssl3_do_write(SSL *ssl, int type); int ssl3_send_alert(SSL *ssl, int level, int desc); int ssl3_get_req_cert_type(SSL *ssl, uint8_t *p); -long ssl3_get_message(SSL *ssl, int header_state, int body_state, int msg_type, +long ssl3_get_message(SSL *ssl, int msg_type, enum ssl_hash_message_t hash_message, int *ok); /* ssl3_hash_current_message incorporates the current handshake message into the @@ -1156,8 +1155,8 @@ int dtls1_accept(SSL *ssl); int dtls1_connect(SSL *ssl); void dtls1_free(SSL *ssl); -long dtls1_get_message(SSL *ssl, int st1, int stn, int mt, - enum ssl_hash_message_t hash_message, int *ok); +long dtls1_get_message(SSL *ssl, int mt, enum ssl_hash_message_t hash_message, + int *ok); int dtls1_dispatch_alert(SSL *ssl); /* ssl_is_wbio_buffered returns one if |ssl|'s write BIO is buffered and zero diff --git a/ssl/s3_both.c b/ssl/s3_both.c index 48519cb3..d5e304d9 100644 --- a/ssl/s3_both.c +++ b/ssl/s3_both.c @@ -211,12 +211,12 @@ static void ssl3_take_mac(SSL *ssl) { ssl, !ssl->server, ssl->s3->tmp.peer_finish_md); } -int ssl3_get_finished(SSL *ssl, int a, int b) { +int ssl3_get_finished(SSL *ssl) { int al, finished_len, ok; long message_len; uint8_t *p; - message_len = ssl->method->ssl_get_message(ssl, a, b, SSL3_MT_FINISHED, + message_len = ssl->method->ssl_get_message(ssl, SSL3_MT_FINISHED, ssl_dont_hash_message, &ok); if (!ok) { @@ -328,9 +328,8 @@ static int extend_handshake_buffer(SSL *ssl, size_t length) { } /* Obtain handshake message of message type |msg_type| (any if |msg_type| == - * -1). The first four bytes (msg_type and length) are read in state - * |header_state|, the body is read in state |body_state|. */ -long ssl3_get_message(SSL *ssl, int header_state, int body_state, int msg_type, + * -1). */ +long ssl3_get_message(SSL *ssl, int msg_type, enum ssl_hash_message_t hash_message, int *ok) { *ok = 0; @@ -347,7 +346,6 @@ long ssl3_get_message(SSL *ssl, int header_state, int body_state, int msg_type, return -1; } *ok = 1; - ssl->state = body_state; assert(ssl->init_buf->length >= 4); ssl->init_msg = (uint8_t *)ssl->init_buf->data + 4; ssl->init_num = (int)ssl->init_buf->length - 4; @@ -405,7 +403,6 @@ again: return -1; } ssl->s3->tmp.message_type = actual_type; - ssl->state = body_state; ssl->init_msg = (uint8_t*)ssl->init_buf->data + 4; ssl->init_num = ssl->init_buf->length - 4; diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 8a6064a6..9f928495 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -236,7 +236,6 @@ int ssl3_connect(SSL *ssl) { break; case SSL3_ST_CR_SRVR_HELLO_A: - case SSL3_ST_CR_SRVR_HELLO_B: ret = ssl3_get_server_hello(ssl); if (ret <= 0) { goto end; @@ -255,7 +254,6 @@ int ssl3_connect(SSL *ssl) { break; case SSL3_ST_CR_CERT_A: - case SSL3_ST_CR_CERT_B: if (ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) { ret = ssl3_get_server_certificate(ssl); if (ret <= 0) { @@ -284,7 +282,6 @@ int ssl3_connect(SSL *ssl) { break; case SSL3_ST_CR_KEY_EXCH_A: - case SSL3_ST_CR_KEY_EXCH_B: ret = ssl3_get_server_key_exchange(ssl); if (ret <= 0) { goto end; @@ -298,7 +295,6 @@ int ssl3_connect(SSL *ssl) { break; case SSL3_ST_CR_CERT_REQ_A: - case SSL3_ST_CR_CERT_REQ_B: ret = ssl3_get_certificate_request(ssl); if (ret <= 0) { goto end; @@ -308,7 +304,6 @@ int ssl3_connect(SSL *ssl) { break; case SSL3_ST_CR_SRVR_DONE_A: - case SSL3_ST_CR_SRVR_DONE_B: ret = ssl3_get_server_done(ssl); if (ret <= 0) { goto end; @@ -448,7 +443,6 @@ int ssl3_connect(SSL *ssl) { break; case SSL3_ST_CR_SESSION_TICKET_A: - case SSL3_ST_CR_SESSION_TICKET_B: ret = ssl3_get_new_session_ticket(ssl); if (ret <= 0) { goto end; @@ -458,7 +452,6 @@ int ssl3_connect(SSL *ssl) { break; case SSL3_ST_CR_CERT_STATUS_A: - case SSL3_ST_CR_CERT_STATUS_B: ret = ssl3_get_cert_status(ssl); if (ret <= 0) { goto end; @@ -481,9 +474,7 @@ int ssl3_connect(SSL *ssl) { break; case SSL3_ST_CR_FINISHED_A: - case SSL3_ST_CR_FINISHED_B: - ret = ssl3_get_finished(ssl, SSL3_ST_CR_FINISHED_A, - SSL3_ST_CR_FINISHED_B); + ret = ssl3_get_finished(ssl); if (ret <= 0) { goto end; } @@ -729,9 +720,8 @@ int ssl3_get_server_hello(SSL *ssl) { uint16_t server_version, cipher_suite; uint8_t compression_method; - n = ssl->method->ssl_get_message(ssl, SSL3_ST_CR_SRVR_HELLO_A, - SSL3_ST_CR_SRVR_HELLO_B, - SSL3_MT_SERVER_HELLO, ssl_hash_message, &ok); + n = ssl->method->ssl_get_message(ssl, SSL3_MT_SERVER_HELLO, ssl_hash_message, + &ok); if (!ok) { uint32_t err = ERR_peek_error(); @@ -959,8 +949,8 @@ int ssl3_get_server_certificate(SSL *ssl) { CBS cbs, certificate_list; const uint8_t *data; - n = ssl->method->ssl_get_message(ssl, SSL3_ST_CR_CERT_A, SSL3_ST_CR_CERT_B, - SSL3_MT_CERTIFICATE, ssl_hash_message, &ok); + n = ssl->method->ssl_get_message(ssl, SSL3_MT_CERTIFICATE, ssl_hash_message, + &ok); if (!ok) { return n; @@ -1048,9 +1038,7 @@ int ssl3_get_server_key_exchange(SSL *ssl) { EC_KEY *ecdh = NULL; EC_POINT *srvr_ecpoint = NULL; - long n = ssl->method->ssl_get_message(ssl, SSL3_ST_CR_KEY_EXCH_A, - SSL3_ST_CR_KEY_EXCH_B, -1, - ssl_hash_message, &ok); + long n = ssl->method->ssl_get_message(ssl, -1, ssl_hash_message, &ok); if (!ok) { return n; } @@ -1295,9 +1283,7 @@ int ssl3_get_certificate_request(SSL *ssl) { X509_NAME *xn = NULL; STACK_OF(X509_NAME) *ca_sk = NULL; - long n = ssl->method->ssl_get_message(ssl, SSL3_ST_CR_CERT_REQ_A, - SSL3_ST_CR_CERT_REQ_B, -1, - ssl_hash_message, &ok); + long n = ssl->method->ssl_get_message(ssl, -1, ssl_hash_message, &ok); if (!ok) { return n; @@ -1402,9 +1388,8 @@ err: int ssl3_get_new_session_ticket(SSL *ssl) { int ok, al; - long n = ssl->method->ssl_get_message( - ssl, SSL3_ST_CR_SESSION_TICKET_A, SSL3_ST_CR_SESSION_TICKET_B, - SSL3_MT_NEWSESSION_TICKET, ssl_hash_message, &ok); + long n = ssl->method->ssl_get_message(ssl, SSL3_MT_NEWSESSION_TICKET, + ssl_hash_message, &ok); if (!ok) { return n; @@ -1480,9 +1465,7 @@ int ssl3_get_cert_status(SSL *ssl) { CBS certificate_status, ocsp_response; uint8_t status_type; - n = ssl->method->ssl_get_message(ssl, SSL3_ST_CR_CERT_STATUS_A, - SSL3_ST_CR_CERT_STATUS_B, -1, - ssl_hash_message, &ok); + n = ssl->method->ssl_get_message(ssl, -1, ssl_hash_message, &ok); if (!ok) { return n; @@ -1523,9 +1506,8 @@ int ssl3_get_server_done(SSL *ssl) { int ok; long n; - n = ssl->method->ssl_get_message(ssl, SSL3_ST_CR_SRVR_DONE_A, - SSL3_ST_CR_SRVR_DONE_B, SSL3_MT_SERVER_DONE, - ssl_hash_message, &ok); + n = ssl->method->ssl_get_message(ssl, SSL3_MT_SERVER_DONE, ssl_hash_message, + &ok); if (!ok) { return n; diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 266fb626..3303d00a 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -257,7 +257,6 @@ int ssl3_accept(SSL *ssl) { case SSL3_ST_SR_CLNT_HELLO_A: case SSL3_ST_SR_CLNT_HELLO_B: case SSL3_ST_SR_CLNT_HELLO_C: - case SSL3_ST_SR_CLNT_HELLO_D: ret = ssl3_get_client_hello(ssl); if (ret <= 0) { goto end; @@ -380,7 +379,6 @@ int ssl3_accept(SSL *ssl) { break; case SSL3_ST_SR_CERT_A: - case SSL3_ST_SR_CERT_B: if (ssl->s3->tmp.cert_request) { ret = ssl3_get_client_certificate(ssl); if (ret <= 0) { @@ -393,7 +391,6 @@ int ssl3_accept(SSL *ssl) { case SSL3_ST_SR_KEY_EXCH_A: case SSL3_ST_SR_KEY_EXCH_B: - case SSL3_ST_SR_KEY_EXCH_C: ret = ssl3_get_client_key_exchange(ssl); if (ret <= 0) { goto end; @@ -403,7 +400,6 @@ int ssl3_accept(SSL *ssl) { break; case SSL3_ST_SR_CERT_VRFY_A: - case SSL3_ST_SR_CERT_VRFY_B: ret = ssl3_get_cert_verify(ssl); if (ret <= 0) { goto end; @@ -434,7 +430,6 @@ int ssl3_accept(SSL *ssl) { break; case SSL3_ST_SR_NEXT_PROTO_A: - case SSL3_ST_SR_NEXT_PROTO_B: ret = ssl3_get_next_proto(ssl); if (ret <= 0) { goto end; @@ -448,7 +443,6 @@ int ssl3_accept(SSL *ssl) { break; case SSL3_ST_SR_CHANNEL_ID_A: - case SSL3_ST_SR_CHANNEL_ID_B: ret = ssl3_get_channel_id(ssl); if (ret <= 0) { goto end; @@ -458,9 +452,7 @@ int ssl3_accept(SSL *ssl) { break; case SSL3_ST_SR_FINISHED_A: - case SSL3_ST_SR_FINISHED_B: - ret = ssl3_get_finished(ssl, SSL3_ST_SR_FINISHED_A, - SSL3_ST_SR_FINISHED_B); + ret = ssl3_get_finished(ssl); if (ret <= 0) { goto end; } @@ -765,19 +757,17 @@ int ssl3_get_client_hello(SSL *ssl) { * SSLv3, even if prompted with TLSv1. */ switch (ssl->state) { case SSL3_ST_SR_CLNT_HELLO_A: - case SSL3_ST_SR_CLNT_HELLO_B: - n = ssl->method->ssl_get_message( - ssl, SSL3_ST_SR_CLNT_HELLO_A, SSL3_ST_SR_CLNT_HELLO_B, - SSL3_MT_CLIENT_HELLO, ssl_hash_message, &ok); + n = ssl->method->ssl_get_message(ssl, SSL3_MT_CLIENT_HELLO, + ssl_hash_message, &ok); if (!ok) { return n; } - ssl->state = SSL3_ST_SR_CLNT_HELLO_C; + ssl->state = SSL3_ST_SR_CLNT_HELLO_B; /* fallthrough */ + case SSL3_ST_SR_CLNT_HELLO_B: case SSL3_ST_SR_CLNT_HELLO_C: - case SSL3_ST_SR_CLNT_HELLO_D: /* We have previously parsed the ClientHello message, and can't call * ssl_get_message again without hashing the message into the Finished * digest again. */ @@ -793,9 +783,9 @@ int ssl3_get_client_hello(SSL *ssl) { goto f_err; } - if (ssl->state == SSL3_ST_SR_CLNT_HELLO_C && + if (ssl->state == SSL3_ST_SR_CLNT_HELLO_B && ssl->ctx->select_certificate_cb != NULL) { - ssl->state = SSL3_ST_SR_CLNT_HELLO_D; + ssl->state = SSL3_ST_SR_CLNT_HELLO_C; switch (ssl->ctx->select_certificate_cb(&early_ctx)) { case 0: ssl->rwstate = SSL_CERTIFICATE_SELECTION_PENDING; @@ -811,7 +801,7 @@ int ssl3_get_client_hello(SSL *ssl) { /* fallthrough */; } } - ssl->state = SSL3_ST_SR_CLNT_HELLO_D; + ssl->state = SSL3_ST_SR_CLNT_HELLO_C; break; default: @@ -1446,12 +1436,10 @@ int ssl3_get_client_key_exchange(SSL *ssl) { unsigned psk_len = 0; uint8_t psk[PSK_MAX_PSK_LEN]; - if (ssl->state == SSL3_ST_SR_KEY_EXCH_A || - ssl->state == SSL3_ST_SR_KEY_EXCH_B) { + if (ssl->state == SSL3_ST_SR_KEY_EXCH_A) { int ok; const long n = ssl->method->ssl_get_message( - ssl, SSL3_ST_SR_KEY_EXCH_A, SSL3_ST_SR_KEY_EXCH_B, - SSL3_MT_CLIENT_KEY_EXCHANGE, ssl_hash_message, &ok); + ssl, SSL3_MT_CLIENT_KEY_EXCHANGE, ssl_hash_message, &ok); if (!ok) { return n; } @@ -1521,7 +1509,7 @@ int ssl3_get_client_key_exchange(SSL *ssl) { enum ssl_private_key_result_t decrypt_result; size_t decrypt_len; - if (ssl->state == SSL3_ST_SR_KEY_EXCH_B) { + if (ssl->state == SSL3_ST_SR_KEY_EXCH_A) { if (!ssl_has_private_key(ssl) || ssl_private_key_type(ssl) != EVP_PKEY_RSA) { al = SSL_AD_HANDSHAKE_FAILURE; @@ -1549,7 +1537,7 @@ int ssl3_get_client_key_exchange(SSL *ssl) { CBS_data(&encrypted_premaster_secret), CBS_len(&encrypted_premaster_secret)); } else { - assert(ssl->state == SSL3_ST_SR_KEY_EXCH_C); + assert(ssl->state == SSL3_ST_SR_KEY_EXCH_B); /* Complete async decrypt. */ decrypt_result = ssl_private_key_decrypt_complete( ssl, decrypt_buf, &decrypt_len, rsa_size); @@ -1562,7 +1550,7 @@ int ssl3_get_client_key_exchange(SSL *ssl) { goto err; case ssl_private_key_retry: ssl->rwstate = SSL_PRIVATE_KEY_OPERATION; - ssl->state = SSL3_ST_SR_KEY_EXCH_C; + ssl->state = SSL3_ST_SR_KEY_EXCH_B; goto err; } @@ -1731,9 +1719,8 @@ int ssl3_get_cert_verify(SSL *ssl) { return 1; } - n = ssl->method->ssl_get_message( - ssl, SSL3_ST_SR_CERT_VRFY_A, SSL3_ST_SR_CERT_VRFY_B, - SSL3_MT_CERTIFICATE_VERIFY, ssl_dont_hash_message, &ok); + n = ssl->method->ssl_get_message(ssl, SSL3_MT_CERTIFICATE_VERIFY, + ssl_dont_hash_message, &ok); if (!ok) { return n; @@ -1829,8 +1816,7 @@ int ssl3_get_client_certificate(SSL *ssl) { int is_first_certificate = 1; assert(ssl->s3->tmp.cert_request); - n = ssl->method->ssl_get_message(ssl, SSL3_ST_SR_CERT_A, SSL3_ST_SR_CERT_B, - -1, ssl_hash_message, &ok); + n = ssl->method->ssl_get_message(ssl, -1, ssl_hash_message, &ok); if (!ok) { return n; @@ -2117,9 +2103,8 @@ int ssl3_get_next_proto(SSL *ssl) { return -1; } - n = ssl->method->ssl_get_message(ssl, SSL3_ST_SR_NEXT_PROTO_A, - SSL3_ST_SR_NEXT_PROTO_B, SSL3_MT_NEXT_PROTO, - ssl_hash_message, &ok); + n = ssl->method->ssl_get_message(ssl, SSL3_MT_NEXT_PROTO, ssl_hash_message, + &ok); if (!ok) { return n; @@ -2158,9 +2143,8 @@ int ssl3_get_channel_id(SSL *ssl) { BIGNUM x, y; CBS encrypted_extensions, extension; - n = ssl->method->ssl_get_message( - ssl, SSL3_ST_SR_CHANNEL_ID_A, SSL3_ST_SR_CHANNEL_ID_B, - SSL3_MT_ENCRYPTED_EXTENSIONS, ssl_dont_hash_message, &ok); + n = ssl->method->ssl_get_message(ssl, SSL3_MT_ENCRYPTED_EXTENSIONS, + ssl_dont_hash_message, &ok); if (!ok) { return n; diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c index 8fa197d5..15d1270b 100644 --- a/ssl/ssl_stat.c +++ b/ssl/ssl_stat.c @@ -110,39 +110,21 @@ const char *SSL_state_string_long(const SSL *ssl) { case SSL3_ST_CR_SRVR_HELLO_A: return "SSLv3 read server hello A"; - case SSL3_ST_CR_SRVR_HELLO_B: - return "SSLv3 read server hello B"; - case SSL3_ST_CR_CERT_A: return "SSLv3 read server certificate A"; - case SSL3_ST_CR_CERT_B: - return "SSLv3 read server certificate B"; - case SSL3_ST_CR_KEY_EXCH_A: return "SSLv3 read server key exchange A"; - case SSL3_ST_CR_KEY_EXCH_B: - return "SSLv3 read server key exchange B"; - case SSL3_ST_CR_CERT_REQ_A: return "SSLv3 read server certificate request A"; - case SSL3_ST_CR_CERT_REQ_B: - return "SSLv3 read server certificate request B"; - case SSL3_ST_CR_SESSION_TICKET_A: return "SSLv3 read server session ticket A"; - case SSL3_ST_CR_SESSION_TICKET_B: - return "SSLv3 read server session ticket B"; - case SSL3_ST_CR_SRVR_DONE_A: return "SSLv3 read server done A"; - case SSL3_ST_CR_SRVR_DONE_B: - return "SSLv3 read server done B"; - case SSL3_ST_CW_CERT_A: return "SSLv3 write client certificate A"; @@ -191,10 +173,6 @@ const char *SSL_state_string_long(const SSL *ssl) { case SSL3_ST_SR_FINISHED_A: return "SSLv3 read finished A"; - case SSL3_ST_CR_FINISHED_B: - case SSL3_ST_SR_FINISHED_B: - return "SSLv3 read finished B"; - case SSL3_ST_CW_FLUSH: case SSL3_ST_SW_FLUSH: return "SSLv3 flush data"; @@ -208,9 +186,6 @@ const char *SSL_state_string_long(const SSL *ssl) { case SSL3_ST_SR_CLNT_HELLO_C: return "SSLv3 read client hello C"; - case SSL3_ST_SR_CLNT_HELLO_D: - return "SSLv3 read client hello D"; - case SSL3_ST_SW_HELLO_REQ_A: return "SSLv3 write hello request A"; @@ -259,9 +234,6 @@ const char *SSL_state_string_long(const SSL *ssl) { case SSL3_ST_SR_CERT_A: return "SSLv3 read client certificate A"; - case SSL3_ST_SR_CERT_B: - return "SSLv3 read client certificate B"; - case SSL3_ST_SR_KEY_EXCH_A: return "SSLv3 read client key exchange A"; @@ -271,16 +243,10 @@ const char *SSL_state_string_long(const SSL *ssl) { case SSL3_ST_SR_CERT_VRFY_A: return "SSLv3 read certificate verify A"; - case SSL3_ST_SR_CERT_VRFY_B: - return "SSLv3 read certificate verify B"; - /* DTLS */ case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: return "DTLS1 read hello verify request A"; - case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: - return "DTLS1 read hello verify request B"; - default: return "unknown state"; } @@ -311,33 +277,18 @@ const char *SSL_state_string(const SSL *ssl) { case SSL3_ST_CR_SRVR_HELLO_A: return "3RSH_A"; - case SSL3_ST_CR_SRVR_HELLO_B: - return "3RSH_B"; - case SSL3_ST_CR_CERT_A: return "3RSC_A"; - case SSL3_ST_CR_CERT_B: - return "3RSC_B"; - case SSL3_ST_CR_KEY_EXCH_A: return "3RSKEA"; - case SSL3_ST_CR_KEY_EXCH_B: - return "3RSKEB"; - case SSL3_ST_CR_CERT_REQ_A: return "3RCR_A"; - case SSL3_ST_CR_CERT_REQ_B: - return "3RCR_B"; - case SSL3_ST_CR_SRVR_DONE_A: return "3RSD_A"; - case SSL3_ST_CR_SRVR_DONE_B: - return "3RSD_B"; - case SSL3_ST_CW_CERT_A: return "3WCC_A"; @@ -386,10 +337,6 @@ const char *SSL_state_string(const SSL *ssl) { case SSL3_ST_CR_FINISHED_A: return "3RFINA"; - case SSL3_ST_SR_FINISHED_B: - case SSL3_ST_CR_FINISHED_B: - return "3RFINB"; - case SSL3_ST_SW_HELLO_REQ_A: return "3WHR_A"; @@ -408,9 +355,6 @@ const char *SSL_state_string(const SSL *ssl) { case SSL3_ST_SR_CLNT_HELLO_C: return "3RCH_C"; - case SSL3_ST_SR_CLNT_HELLO_D: - return "3RCH_D"; - case SSL3_ST_SW_SRVR_HELLO_A: return "3WSH_A"; @@ -444,28 +388,16 @@ const char *SSL_state_string(const SSL *ssl) { case SSL3_ST_SR_CERT_A: return "3RCC_A"; - case SSL3_ST_SR_CERT_B: - return "3RCC_B"; - case SSL3_ST_SR_KEY_EXCH_A: return "3RCKEA"; - case SSL3_ST_SR_KEY_EXCH_B: - return "3RCKEB"; - case SSL3_ST_SR_CERT_VRFY_A: return "3RCV_A"; - case SSL3_ST_SR_CERT_VRFY_B: - return "3RCV_B"; - /* DTLS */ case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A: return "DRCHVA"; - case DTLS1_ST_CR_HELLO_VERIFY_REQUEST_B: - return "DRCHVB"; - default: return "UNKWN "; }