diff options
| author |   jsing <jsing@openbsd.org> | 2019-01-21 10:44:08 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2019-01-21 10:44:08 +0000 |
| commit | 789094573671c657f039324eb0b8f19a798dfa43 (patch) | |
| tree | d332bc67341633e2682466130ced45660cb9c045 /lib/libssl/tls13_handshake.c | |
| parent | rename kex->kem_client_pub -> kex->client_pub now that KEM has been renamed (diff) | |
| download | wireguard-openbsd-789094573671c657f039324eb0b8f19a798dfa43.tar.xz wireguard-openbsd-789094573671c657f039324eb0b8f19a798dfa43.zip | |
The main handshake loop can be shared between client and server.
Pull the shared code up into a function and call it from tls13_connect()
and tls13_accept() instead of duplicating it.
"Yes, please!" tb@
Diffstat (limited to 'lib/libssl/tls13_handshake.c')
| -rw-r--r-- | lib/libssl/tls13_handshake.c | 40 |
1 files changed, 12 insertions, 28 deletions
diff --git a/lib/libssl/tls13_handshake.c b/lib/libssl/tls13_handshake.c index 92780bb2f20..9e17fd13518 100644 --- a/lib/libssl/tls13_handshake.c +++ b/lib/libssl/tls13_handshake.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_handshake.c,v 1.15 2019/01/21 06:58:44 jsing Exp $ */ +/* $OpenBSD: tls13_handshake.c,v 1.16 2019/01/21 10:44:08 jsing Exp $ */ /* * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org> * Copyright (c) 2019 Joel Sing <jsing@openbsd.org> @@ -286,13 +286,11 @@ tls13_handshake_advance_state_machine(struct tls13_ctx *ctx) } int -tls13_connect(struct tls13_ctx *ctx) +tls13_handshake_perform(struct tls13_ctx *ctx) { struct tls13_handshake_action *action; int ret; - ctx->mode = TLS13_HS_CLIENT; - for (;;) { if ((action = tls13_handshake_active_action(ctx)) == NULL) return TLS13_IO_FAILURE; @@ -300,7 +298,7 @@ tls13_connect(struct tls13_ctx *ctx) if (action->handshake_complete) return TLS13_IO_SUCCESS; - if (action->sender == TLS13_HS_CLIENT) { + if (action->sender == ctx->mode) { if ((ret = tls13_handshake_send_action(ctx, action)) <= 0) return ret; } else { @@ -314,33 +312,19 @@ tls13_connect(struct tls13_ctx *ctx) } int -tls13_accept(struct tls13_ctx *ctx) +tls13_connect(struct tls13_ctx *ctx) { - struct tls13_handshake_action *action; - int ret; - - ctx->mode = TLS13_HS_SERVER; - - for (;;) { - if ((action = tls13_handshake_active_action(ctx)) == NULL) - return TLS13_IO_FAILURE; - - if (action->handshake_complete) - return TLS13_IO_SUCCESS; + ctx->mode = TLS13_HS_CLIENT; - if (action->sender == TLS13_HS_SERVER) { - if ((ret = tls13_handshake_send_action(ctx, action)) <= 0) - return ret; - } else { - if ((ret = tls13_handshake_recv_action(ctx, action)) <= 0) - return ret; - } + return tls13_handshake_perform(ctx); +} - if (!tls13_handshake_advance_state_machine(ctx)) - return TLS13_IO_FAILURE; - } +int +tls13_accept(struct tls13_ctx *ctx) +{ + ctx->mode = TLS13_HS_SERVER; - return 1; + return tls13_handshake_perform(ctx); } int |