Move handshake message handling functions from ssl_both.c to client/server.

Currently, ssl_both.c contains several functions that are used by both the
legacy client and legacy server. This interwines the client and server,
making it harder to make progressive changes. While it does deduplicate
some code, it also ends up with code that is conditioned on s->server and
forces the caller to pass in SSL3_ST_* values.

Move these functions from ssl_both.c into ssl_clnt.c and ssl_srvr.c,
renaming as appropriate and removing the s->server conditionals. Also move
the client and server function prototypes from ssl_locl.h into the .c
files, making them static in the process.

ok tb@

1 files changed, 1 insertions, 147 deletions

diff --git a/src/lib/libssl/ssl_both.c b/src/lib/libssl/ssl_both.c
index cfd32387d6..801b5bea29 100644
--- a/src/lib/libssl/ssl_both.c
+++ b/src/lib/libssl/ssl_both.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_both.c,v 1.42 2022/02/05 14:54:10 jsing Exp $ */
+/* $OpenBSD: ssl_both.c,v 1.43 2022/10/01 16:23:15 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -161,152 +161,6 @@ ssl3_do_write(SSL *s, int type)
         return (0);
 }
 
-int
-ssl3_send_finished(SSL *s, int state_a, int state_b)
-{
-        CBB cbb, finished;
-
-        memset(&cbb, 0, sizeof(cbb));
-
-        if (s->s3->hs.state == state_a) {
-                if (!tls12_derive_finished(s))
-                        goto err;
-
-                /* Copy finished so we can use it for renegotiation checks. */
-                if (!s->server) {
-                        memcpy(s->s3->previous_client_finished,
-                            s->s3->hs.finished, s->s3->hs.finished_len);
-                        s->s3->previous_client_finished_len =
-                            s->s3->hs.finished_len;
-                } else {
-                        memcpy(s->s3->previous_server_finished,
-                            s->s3->hs.finished, s->s3->hs.finished_len);
-                        s->s3->previous_server_finished_len =
-                            s->s3->hs.finished_len;
-                }
-
-                if (!ssl3_handshake_msg_start(s, &cbb, &finished,
-                    SSL3_MT_FINISHED))
-                        goto err;
-                if (!CBB_add_bytes(&finished, s->s3->hs.finished,
-                    s->s3->hs.finished_len))
-                        goto err;
-                if (!ssl3_handshake_msg_finish(s, &cbb))
-                        goto err;
-
-                s->s3->hs.state = state_b;
-        }
-
-        return (ssl3_handshake_write(s));
-
- err:
-        CBB_cleanup(&cbb);
-
-        return (-1);
-}
-
-int
-ssl3_get_finished(SSL *s, int a, int b)
-{
-        int al, md_len, ret;
-        CBS cbs;
-
-        /* should actually be 36+4 :-) */
-        if ((ret = ssl3_get_message(s, a, b, SSL3_MT_FINISHED, 64)) <= 0)
-                return ret;
-
-        /* If this occurs, we have missed a message */
-        if (!s->s3->change_cipher_spec) {
-                al = SSL_AD_UNEXPECTED_MESSAGE;
-                SSLerror(s, SSL_R_GOT_A_FIN_BEFORE_A_CCS);
-                goto fatal_err;
-        }
-        s->s3->change_cipher_spec = 0;
-
-        md_len = TLS1_FINISH_MAC_LENGTH;
-
-        if (s->internal->init_num < 0) {
-                al = SSL_AD_DECODE_ERROR;
-                SSLerror(s, SSL_R_BAD_DIGEST_LENGTH);
-                goto fatal_err;
-        }
-
-        CBS_init(&cbs, s->internal->init_msg, s->internal->init_num);
-
-        if (s->s3->hs.peer_finished_len != md_len ||
-            CBS_len(&cbs) != md_len) {
-                al = SSL_AD_DECODE_ERROR;
-                SSLerror(s, SSL_R_BAD_DIGEST_LENGTH);
-                goto fatal_err;
-        }
-
-        if (!CBS_mem_equal(&cbs, s->s3->hs.peer_finished, CBS_len(&cbs))) {
-                al = SSL_AD_DECRYPT_ERROR;
-                SSLerror(s, SSL_R_DIGEST_CHECK_FAILED);
-                goto fatal_err;
-        }
-
-        /* Copy finished so we can use it for renegotiation checks. */
-        OPENSSL_assert(md_len <= EVP_MAX_MD_SIZE);
-        if (s->server) {
-                memcpy(s->s3->previous_client_finished,
-                    s->s3->hs.peer_finished, md_len);
-                s->s3->previous_client_finished_len = md_len;
-        } else {
-                memcpy(s->s3->previous_server_finished,
-                    s->s3->hs.peer_finished, md_len);
-                s->s3->previous_server_finished_len = md_len;
-        }
-
-        return (1);
- fatal_err:
-        ssl3_send_alert(s, SSL3_AL_FATAL, al);
-        return (0);
-}
-
-int
-ssl3_send_change_cipher_spec(SSL *s, int a, int b)
-{
-        size_t outlen;
-        CBB cbb;
-
-        memset(&cbb, 0, sizeof(cbb));
-
-        if (s->s3->hs.state == a) {
-                if (!CBB_init_fixed(&cbb, s->internal->init_buf->data,
-                    s->internal->init_buf->length))
-                        goto err;
-                if (!CBB_add_u8(&cbb, SSL3_MT_CCS))
-                        goto err;
-                if (!CBB_finish(&cbb, NULL, &outlen))
-                        goto err;
-
-                if (outlen > INT_MAX)
-                        goto err;
-
-                s->internal->init_num = (int)outlen;
-                s->internal->init_off = 0;
-
-                if (SSL_is_dtls(s)) {
-                        s->d1->handshake_write_seq =
-                            s->d1->next_handshake_write_seq;
-                        dtls1_set_message_header_int(s, SSL3_MT_CCS, 0,
-                            s->d1->handshake_write_seq, 0, 0);
-                        dtls1_buffer_message(s, 1);
-                }
-
-                s->s3->hs.state = b;
-        }
-
-        /* SSL3_ST_CW_CHANGE_B */
-        return ssl3_record_write(s, SSL3_RT_CHANGE_CIPHER_SPEC);
-
- err:
-        CBB_cleanup(&cbb);
-
-        return -1;
-}
-
 static int
 ssl3_add_cert(CBB *cbb, X509 *x)
 {