diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2015-06-16 14:44:29 +0100 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2015-06-23 22:24:09 +0100 |
| commit | 124037fdc0571b5bd9022412348e9979a1726a31 (patch) | |
| tree | 05ed987e95a605a9cbe076d047c1c4309d263ca5 /ssl/t1_enc.c | |
| parent | 74924dcb3802640d7e2ae2e80ca6515d0a53de7a (diff) | |
Tidy up ssl3_digest_cached_records logic.
Rewrite ssl3_digest_cached_records handling. Only digest cached records
if digest array is NULL: this means it is safe to call
ssl3_digest_cached_records multiple times (subsequent calls are no op).
Remove flag TLS1_FLAGS_KEEP_HANDSHAKE instead only update handshake buffer
if digest array is NULL.
Add additional "keep" parameter to ssl3_digest_cached_records to indicate
if the handshake buffer should be retained after digesting cached records
(needed for TLS 1.2 client authentication).
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'ssl/t1_enc.c')
| -rw-r--r-- | ssl/t1_enc.c | 28 |
1 files changed, 11 insertions, 17 deletions
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index e8653412aa..9942bb433f 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -679,9 +679,8 @@ int tls1_cert_verify_mac(SSL *s, int md_nid, unsigned char *out) EVP_MD_CTX ctx, *d = NULL; int i; - if (s->s3->handshake_buffer) - if (!ssl3_digest_cached_records(s)) - return 0; + if (!ssl3_digest_cached_records(s, 0)) + return 0; for (i = 0; i < SSL_MAX_DIGEST; i++) { if (s->s3->handshake_dgst[i] @@ -709,9 +708,8 @@ int tls1_final_finish_mac(SSL *s, const char *str, int slen, unsigned char hash[2 * EVP_MAX_MD_SIZE]; unsigned char buf2[12]; - if (s->s3->handshake_buffer) - if (!ssl3_digest_cached_records(s)) - return 0; + if (!ssl3_digest_cached_records(s, 0)) + return 0; hashlen = ssl_handshake_hash(s, hash, sizeof(hash)); @@ -736,17 +734,13 @@ int tls1_generate_master_secret(SSL *s, unsigned char *out, unsigned char *p, if (s->session->flags & SSL_SESS_FLAG_EXTMS) { unsigned char hash[EVP_MAX_MD_SIZE * 2]; int hashlen; - /* If we don't have any digests cache records */ - if (s->s3->handshake_buffer) { - /* - * keep record buffer: this wont affect client auth because we're - * freezing the buffer at the same point (after client key - * exchange and before certificate verify) - */ - s->s3->flags |= TLS1_FLAGS_KEEP_HANDSHAKE; - if (!ssl3_digest_cached_records(s)) - return -1; - } + /* Digest cached records keeping record buffer (if present): + * this wont affect client auth because we're freezing the buffer + * at the same point (after client key exchange and before certificate + * verify) + */ + if (!ssl3_digest_cached_records(s, 1)) + return -1; hashlen = ssl_handshake_hash(s, hash, sizeof(hash)); #ifdef SSL_DEBUG fprintf(stderr, "Handshake hashes:\n"); |