Commit 5d23e130 authored by Emilia Kasper's avatar Emilia Kasper
Browse files

Remove ssl3_check_finished. 



The client sends a session ID with the session ticket, and uses
the returned ID to detect resumption, so we do not need to peek
at handshake messages: s->hit tells us explicitly if we're resuming.

An equivalent change was independently made in BoringSSL, see commit
407886f589cf2dbaed82db0a44173036c3bc3317.

Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
(cherry picked from commit 980bc1ec)

Conflicts:
	ssl/s3_clnt.c
parent f7c7aa69

ssl/d1_clnt.c

+0 −15
Original line number Diff line number Diff line
@@ -388,20 +388,6 @@ int dtls1_connect(SSL *s) 


		case SSL3_ST_CR_CERT_A:

		case SSL3_ST_CR_CERT_B:

#ifndef OPENSSL_NO_TLSEXT

			ret=ssl3_check_finished(s);

			if (ret <= 0) goto end;

			if (ret == 2)

				{

				s->hit = 1;

				if (s->tlsext_ticket_expected)

					s->state=SSL3_ST_CR_SESSION_TICKET_A;

				else

					s->state=SSL3_ST_CR_FINISHED_A;

				s->init_num=0;

				break;

				}

#endif

			/* Check if it is anon DH or PSK */

			if (!(s->s3->tmp.new_cipher->algorithm_auth & SSL_aNULL) &&

			    !(s->s3->tmp.new_cipher->algorithm_mkey & SSL_kPSK))
@@ -850,4 +836,3 @@ f_err: 
	ssl3_send_alert(s, SSL3_AL_FATAL, al);

	return -1;

	}

ssl/s3_clnt.c

+1 −53
Original line number Diff line number Diff line
@@ -314,20 +314,6 @@ int ssl3_connect(SSL *s) 
			break;

		case SSL3_ST_CR_CERT_A:

		case SSL3_ST_CR_CERT_B:

#ifndef OPENSSL_NO_TLSEXT

			ret=ssl3_check_finished(s);

			if (ret <= 0) goto end;

			if (ret == 2)

				{

				s->hit = 1;

				if (s->tlsext_ticket_expected)

					s->state=SSL3_ST_CR_SESSION_TICKET_A;

				else

					s->state=SSL3_ST_CR_FINISHED_A;

				s->init_num=0;

				break;

				}

#endif

			/* Check if it is anon DH/ECDH, SRP auth */

			/* or PSK */

			if (!(s->s3->tmp.new_cipher->algorithm_auth & (SSL_aNULL|SSL_aSRP)) &&
@@ -672,11 +658,7 @@ int ssl3_client_hello(SSL *s) 
		SSL_SESSION *sess = s->session;

		if ((sess == NULL) ||

			(sess->ssl_version != s->version) ||

#ifdef OPENSSL_NO_TLSEXT

			!sess->session_id_length ||

#else

			(!sess->session_id_length && !sess->tlsext_tick) ||

#endif

			(sess->not_resumable))

			{

			if (!ssl_get_new_session(s,0))
@@ -3687,39 +3669,6 @@ int ssl3_send_next_proto(SSL *s) 
	}

#endif  /* !OPENSSL_NO_TLSEXT && !OPENSSL_NO_NEXTPROTONEG */



/* Check to see if handshake is full or resumed. Usually this is just a

 * case of checking to see if a cache hit has occurred. In the case of

 * session tickets we have to check the next message to be sure.

 */



#ifndef OPENSSL_NO_TLSEXT

int ssl3_check_finished(SSL *s)

	{

	int ok;

	long n;



	/* If we have no ticket it cannot be a resumed session. */

	if (!s->session->tlsext_tick)

		return 1;

	/* this function is called when we really expect a Certificate

	 * message, so permit appropriate message length */

	n=s->method->ssl_get_message(s,

		SSL3_ST_CR_CERT_A,

		SSL3_ST_CR_CERT_B,

		-1,

		s->max_cert_list,

		&ok);

	if (!ok) return((int)n);

	s->s3->tmp.reuse_message = 1;



	if ((s->s3->tmp.message_type == SSL3_MT_FINISHED)

		|| (s->s3->tmp.message_type == SSL3_MT_NEWSESSION_TICKET))

		return 2;



	return 1;

	}

#endif



int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)

	{

	int i = 0;
@@ -3737,4 +3686,3 @@ int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey) 
		i = s->ctx->client_cert_cb(s,px509,ppkey);

	return i;

	}

ssl/ssl_locl.h

+0 −1
Original line number Diff line number Diff line
@@ -1218,7 +1218,6 @@ int ssl3_get_key_exchange(SSL *s); 
int ssl3_get_server_certificate(SSL *s);

int ssl3_check_cert_and_algorithm(SSL *s);

#ifndef OPENSSL_NO_TLSEXT

int ssl3_check_finished(SSL *s);

# ifndef OPENSSL_NO_NEXTPROTONEG

int ssl3_send_next_proto(SSL *s);

# endif