Refactor tls13_server_hello_sent().

Split the record protection engagement code into a separate
tls13_server_engage_record_protection() function and call this from
tls13_server_hello_sent(). Also move some functions around to keep the
logical ordering/grouping.

ok inoguchi@ tb@ (as part of a larger diff)

1 files changed, 36 insertions, 30 deletions

diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c
index 4fa1aba31d..19ee2e9eaa 100644
--- a/src/lib/libssl/tls13_server.c
+++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.34 2020/04/28 20:37:22 jsing Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.35 2020/05/09 08:26:16 jsing Exp $ */
 /*
  * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -242,35 +242,8 @@ err:
         return 0;
 }
 
-int
-tls13_server_hello_retry_request_send(struct tls13_ctx *ctx, CBB *cbb)
-{
-        return 0;
-}
-
-int
-tls13_client_hello_retry_recv(struct tls13_ctx *ctx, CBS *cbs)
-{
-        return 0;
-}
-
-int
-tls13_server_hello_send(struct tls13_ctx *ctx, CBB *cbb)
-{
-        if (ctx->hs->key_share == NULL)
-                return 0;
-
-        if (!tls13_key_share_generate(ctx->hs->key_share))
-                return 0;
-
-        if (!tls13_server_hello_build(ctx, cbb))
-                return 0;
-
-        return 1;
-}
-
-int
-tls13_server_hello_sent(struct tls13_ctx *ctx)
+static int                                                                                                                                                                                                                       
+tls13_server_engage_record_protection(struct tls13_ctx *ctx) 
 {
         struct tls13_secrets *secrets;
         struct tls13_secret context;
@@ -338,6 +311,39 @@ tls13_server_hello_sent(struct tls13_ctx *ctx)
 }
 
 int
+tls13_server_hello_retry_request_send(struct tls13_ctx *ctx, CBB *cbb)
+{
+        return 0;
+}
+
+int
+tls13_client_hello_retry_recv(struct tls13_ctx *ctx, CBS *cbs)
+{
+        return 0;
+}
+
+int
+tls13_server_hello_send(struct tls13_ctx *ctx, CBB *cbb)
+{
+        if (ctx->hs->key_share == NULL)
+                return 0;
+
+        if (!tls13_key_share_generate(ctx->hs->key_share))
+                return 0;
+
+        if (!tls13_server_hello_build(ctx, cbb))
+                return 0;
+
+        return 1;
+}
+
+int
+tls13_server_hello_sent(struct tls13_ctx *ctx)
+{
+        return tls13_server_engage_record_protection(ctx);
+}
+
+int
 tls13_server_encrypted_extensions_send(struct tls13_ctx *ctx, CBB *cbb)
 {
         if (!tlsext_server_build(ctx->ssl, cbb, SSL_TLSEXT_MSG_EE))