kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Simplify TLS reuse_message implementation.

Browse Source 
Rather than have a separate codepath, just skip the message_complete
logic and parse what's in the buffer. This also cuts down on one input
to setting up a reuse_message; message_type is now only written to in
the get_message implementation.

Change-Id: I96689b5957a3f2548af9099ec4e53cabacdc395a
Reviewed-on: https://boringssl-review.googlesource.com/8640
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2016-07-06 21:31:14 -07:00 committed by Adam Langley
parent c937edef3e
commit 34a3c49875
2 changed files with 4 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ssl/handshake_server.c
View File

@ -702,7 +702,6 @@ static int ssl3_get_v2_client_hello(SSL *ssl) {
/* Mark the message for "re"-use by the version-specific method. */
ssl->s3->tmp.reuse_message = 1;
ssl->s3->tmp.message_type = SSL3_MT_CLIENT_HELLO;
ssl->s3->tmp.message_complete = 1;
/* Consume and discard the V2ClientHello. */

18
ssl/s3_both.c
View File

@ -374,27 +374,17 @@ long ssl3_get_message(SSL *ssl, int msg_type,
enum ssl_hash_message_t hash_message, int *ok) {
*ok = 0;
again:
if (ssl->s3->tmp.reuse_message) {
/* A ssl_dont_hash_message call cannot be combined with reuse_message; the
* ssl_dont_hash_message would have to have been applied to the previous
* call. */
assert(hash_message == ssl_hash_message);
assert(ssl->s3->tmp.message_complete);
ssl->s3->tmp.reuse_message = 0;
if (msg_type >= 0 && ssl->s3->tmp.message_type != msg_type) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
return -1;
}
*ok = 1;
assert(ssl->init_buf->length >= 4);
ssl->init_msg = (uint8_t *)ssl->init_buf->data + 4;
ssl->init_num = (int)ssl->init_buf->length - 4;
return ssl->init_num;
}
again:
if (ssl->s3->tmp.message_complete) {
ssl->s3->tmp.reuse_message = 0;
hash_message = ssl_dont_hash_message;
} else if (ssl->s3->tmp.message_complete) {
ssl->s3->tmp.message_complete = 0;
ssl->init_buf->length = 0;
}