diff options
author | Bodo Möller <bodo@openssl.org> | 2000-02-21 10:16:30 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2000-02-21 10:16:30 +0000 |
commit | 745c70e5658d176a87965526d8839a7da79a6240 (patch) | |
tree | 28a773e16a41d2a732768259aa887b1f3867e65c /ssl/s3_pkt.c | |
parent | 9dd2b2a94092a4a467f9a5fde6973b4df872fd6b (diff) |
Move MAC computations for Finished from ssl3_read_bytes into
ssl3_get_message, which is more logical (and avoids a bug,
in addition to the one that I introduced yesterday :-)
and makes Microsoft "fast SGC" less special.
MS SGC should still work now without an extra state of its own
(it goes directly to SSL3_ST_SR_CLNT_HELLO_C, which is the usual state
for reading the body of a Client Hello message), however this should
be tested to make sure, and I don't have a MS SGC client.
Diffstat (limited to 'ssl/s3_pkt.c')
-rw-r--r-- | ssl/s3_pkt.c | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c index fcb3d17100..d76c5f9e59 100644 --- a/ssl/s3_pkt.c +++ b/ssl/s3_pkt.c @@ -507,9 +507,6 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, int len) return(i); } - if (type == SSL3_RT_HANDSHAKE) - ssl3_finish_mac(s,&(buf[tot]),i); - if ((i == (int)n) || (type == SSL3_RT_APPLICATION_DATA && (s->mode & SSL_MODE_ENABLE_PARTIAL_WRITE))) @@ -740,7 +737,6 @@ int ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len) /* move any remaining fragment bytes: */ for (i = 0; i < s->s3->handshake_fragment_len; i++) s->s3->handshake_fragment[i] = *src++; - ssl3_finish_mac(s, buf, n); return n; } @@ -820,9 +816,6 @@ start: s->rstate=SSL_ST_READ_HEADER; rr->off=0; } - - if (type == SSL3_RT_HANDSHAKE) - ssl3_finish_mac(s,buf,n); return(n); } @@ -1130,10 +1123,15 @@ int ssl3_do_write(SSL *s, int type) int ret; ret=ssl3_write_bytes(s,type,&s->init_buf->data[s->init_off], - s->init_num); + s->init_num); + if (ret < 0) return(-1); + if (type == SSL3_RT_HANDSHAKE) + /* should not be done for 'Hello Request's, but in that case + * we'll ignore the result anyway */ + ssl3_finish_mac(s,&s->init_buf->data[s->init_off],ret); + if (ret == s->init_num) return(1); - if (ret < 0) return(-1); s->init_off+=ret; s->init_num-=ret; return(0); |