Commit e6575156 authored by Matt Caswell's avatar Matt Caswell
Browse files

Don't finish the handshake twice 



We finish the handshake when we move into the TLS_ST_OK state. At various
points we were also unnecessarily finishing it when we were reading/writing
the Finished message. It's much simpler just to do it in TLS_ST_OK, so
remove the other calls.

Reviewed-by: default avatarViktor Dukhovni <viktor@openssl.org>
parent b8fb5989

ssl/statem/statem_clnt.c

+0 −8
Original line number Diff line number Diff line
@@ -622,9 +622,6 @@ WORK_STATE ossl_statem_client_post_work(SSL *s, WORK_STATE wst) 
#endif

        if (statem_flush(s) != 1)

            return WORK_MORE_B;



        if (s->hit && tls_finish_handshake(s, WORK_MORE_A) != 1)

                return WORK_ERROR;

        break;



    default:
@@ -801,11 +798,6 @@ WORK_STATE ossl_statem_client_post_process_message(SSL *s, WORK_STATE wst) 
        return WORK_FINISHED_STOP;

#endif



    case TLS_ST_CR_FINISHED:

        if (!s->hit)

            return tls_finish_handshake(s, wst);

        else

            return WORK_FINISHED_STOP;

    default:

        break;

    }

ssl/statem/statem_lib.c

+1 −1
Original line number Diff line number Diff line
@@ -331,7 +331,7 @@ MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt) 
        s->s3->previous_server_finished_len = i;

    }



    return MSG_PROCESS_CONTINUE_PROCESSING;

    return MSG_PROCESS_FINISHED_READING;

 f_err:

    ssl3_send_alert(s, SSL3_AL_FATAL, al);

    ossl_statem_set_error(s);

ssl/statem/statem_srvr.c

+0 −6
Original line number Diff line number Diff line
@@ -876,12 +876,6 @@ WORK_STATE ossl_statem_server_post_process_message(SSL *s, WORK_STATE wst) 
#endif

        return WORK_FINISHED_CONTINUE;





    case TLS_ST_SR_FINISHED:

        if (s->hit)

            return tls_finish_handshake(s, wst);

        else

            return WORK_FINISHED_STOP;

    default:

        break;

    }