From 229185e668514e17bce9b22c38303e3cc3c9eb7a Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Fri, 30 Sep 2016 10:50:57 +0100
Subject: [PATCH] Remove the special case processing for finished construction

tls_construct_finished() used to have different arguments to all of the
other construction functions. It doesn't anymore, so there is no neeed to
treat it as a special case.

Reviewed-by: Rich Salz <rsalz@openssl.org>
---
 ssl/statem/statem_clnt.c | 22 +++++-----------------
 ssl/statem/statem_lib.c  | 12 +++++++++++-
 ssl/statem/statem_locl.h |  3 +--
 ssl/statem/statem_srvr.c | 22 +++++-----------------
 4 files changed, 22 insertions(+), 37 deletions(-)

diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 52c07ea70a..5e5983a24f 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -514,7 +514,7 @@ int ossl_statem_client_construct_message(SSL *s, WPACKET *pkt)
 {
     OSSL_STATEM *st = &s->statem;
     int (*confunc) (SSL *s, WPACKET *pkt) = NULL;
-    int ret = 1, mt;
+    int mt;
 
     switch (st->hand_state) {
     default:
@@ -556,26 +556,14 @@ int ossl_statem_client_construct_message(SSL *s, WPACKET *pkt)
         break;
 #endif
     case TLS_ST_CW_FINISHED:
+        confunc = tls_construct_finished;
         mt = SSL3_MT_FINISHED;
         break;
     }
 
-    if (!ssl_set_handshake_header(s, pkt, mt)) {
-        SSLerr(SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE,
-               ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-
-    if (st->hand_state == TLS_ST_CW_FINISHED)
-        ret = tls_construct_finished(s, pkt,
-                                     s->method->
-                                     ssl3_enc->client_finished_label,
-                                     s->method->
-                                     ssl3_enc->client_finished_label_len);
-    else
-        ret = confunc(s, pkt);
-
-    if (!ret || !ssl_close_construct_packet(s, pkt, mt)) {
+    if (!ssl_set_handshake_header(s, pkt, mt)
+            || !confunc(s, pkt)
+            || !ssl_close_construct_packet(s, pkt, mt)) {
         SSLerr(SSL_F_OSSL_STATEM_CLIENT_CONSTRUCT_MESSAGE,
                ERR_R_INTERNAL_ERROR);
         return 0;
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index fa0032bcb4..c185d7c72a 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -71,9 +71,19 @@ int tls_close_construct_packet(SSL *s, WPACKET *pkt, int htype)
     return 1;
 }
 
-int tls_construct_finished(SSL *s, WPACKET *pkt, const char *sender, int slen)
+int tls_construct_finished(SSL *s, WPACKET *pkt)
 {
     int i;
+    const char *sender;
+    int slen;
+
+    if (s->server) {
+        sender = s->method->ssl3_enc->server_finished_label;
+        slen = s->method->ssl3_enc->server_finished_label_len;
+    } else {
+        sender = s->method->ssl3_enc->client_finished_label;
+        slen = s->method->ssl3_enc->client_finished_label_len;
+    }
 
     i = s->method->ssl3_enc->final_finish_mac(s,
                                               sender, slen,
diff --git a/ssl/statem/statem_locl.h b/ssl/statem/statem_locl.h
index f67361c06f..57410c106b 100644
--- a/ssl/statem/statem_locl.h
+++ b/ssl/statem/statem_locl.h
@@ -78,8 +78,7 @@ __owur MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt);
 __owur int tls_construct_change_cipher_spec(SSL *s, WPACKET *pkt);
 __owur int dtls_construct_change_cipher_spec(SSL *s, WPACKET *pkt);
 
-__owur int tls_construct_finished(SSL *s, WPACKET *pkt, const char *sender,
-                                  int slen);
+__owur int tls_construct_finished(SSL *s, WPACKET *pkt);
 __owur WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst);
 __owur WORK_STATE dtls_wait_for_dry(SSL *s);
 
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 78850a748b..2f070c0ac0 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -623,7 +623,7 @@ int ossl_statem_server_construct_message(SSL *s, WPACKET *pkt)
 {
     OSSL_STATEM *st = &s->statem;
     int (*confunc) (SSL *s, WPACKET *pkt) = NULL;
-    int ret = 1, mt;
+    int mt;
 
     switch (st->hand_state) {
     default:
@@ -684,26 +684,14 @@ int ossl_statem_server_construct_message(SSL *s, WPACKET *pkt)
         break;
 
     case TLS_ST_SW_FINISHED:
+        confunc = tls_construct_finished;
         mt = SSL3_MT_FINISHED;
         break;
     }
 
-    if (!ssl_set_handshake_header(s, pkt, mt)) {
-        SSLerr(SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE,
-               ERR_R_INTERNAL_ERROR);
-        return 0;
-    }
-
-    if (st->hand_state == TLS_ST_SW_FINISHED)
-        ret = tls_construct_finished(s, pkt,
-                                     s->method->
-                                     ssl3_enc->server_finished_label,
-                                     s->method->
-                                     ssl3_enc->server_finished_label_len);
-    else if (confunc != NULL)
-        ret = confunc(s, pkt);
-
-    if (!ret || !ssl_close_construct_packet(s, pkt, mt)) {
+    if (!ssl_set_handshake_header(s, pkt, mt)
+            || (confunc != NULL && !confunc(s, pkt))
+            || !ssl_close_construct_packet(s, pkt, mt)) {
         SSLerr(SSL_F_OSSL_STATEM_SERVER_CONSTRUCT_MESSAGE,
                ERR_R_INTERNAL_ERROR);
         return 0;
-- 
GitLab