1 files changed, 3 insertions, 33 deletions
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c
index b63460a56d..a6d869df59 100644
--- a/src/lib/libssl/s3_both.c
+++ b/src/lib/libssl/s3_both.c
@@ -202,38 +202,15 @@ int ssl3_send_finished(SSL *s, int a, int b, const char *sender, int slen)
        return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
        }
-#ifndef OPENSSL_NO_NEXTPROTONEG
-/* ssl3_take_mac calculates the Finished MAC for the handshakes messages seen to far. */
-static void ssl3_take_mac(SSL *s) {
-        const char *sender;
-        int slen;
-        if (s->state & SSL_ST_CONNECT)
-                {
-                sender=s->method->ssl3_enc->server_finished_label;
-                slen=s->method->ssl3_enc->server_finished_label_len;
-                }
-        else
-                {
-                sender=s->method->ssl3_enc->client_finished_label;
-                slen=s->method->ssl3_enc->client_finished_label_len;
-                }
-        s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
-                sender,slen,s->s3->tmp.peer_finish_md);
-}
-#endif
 int ssl3_get_finished(SSL *s, int a, int b)
        {
        int al,i,ok;
        long n;
        unsigned char *p;
-#ifdef OPENSSL_NO_NEXTPROTONEG
+        /* the mac has already been generated when we received the
-        /* the mac has already been generated when we received the change
+         * change cipher spec message and is in s->s3->tmp.peer_finish_md
-         * cipher spec message and is in s->s3->tmp.peer_finish_md. */
+         */ 
-#endif
        n=s->method->ssl_get_message(s,
                a,
@@ -537,13 +514,6 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
                s->init_num += i;
                n -= i;
                }
-#ifndef OPENSSL_NO_NEXTPROTONEG
-        /* If receiving Finished, record MAC of prior handshake messages for
-         * Finished verification. */
-        if (*s->init_buf->data == SSL3_MT_FINISHED)
-                ssl3_take_mac(s);
-#endif
-        /* Feed this message into MAC computation. */
        ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);
        if (s->msg_callback)
                s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data, (size_t)s->init_num + 4, s, s->msg_callback_arg);

diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c index b63460a56d..a6d869df59 100644 --- a/src/lib/libssl/s3_both.c +++ b/src/lib/libssl/s3_both.c
@@ -202,38 +202,15 @@ int ssl3_send_finished(SSL s, int a, int b, const char sender, int slen)
202	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));	202	return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
203	}	203	}
204		204
205	#ifndef OPENSSL_NO_NEXTPROTONEG
206	/* ssl3_take_mac calculates the Finished MAC for the handshakes messages seen to far. */
207	static void ssl3_take_mac(SSL *s) {
208	const char *sender;
209	int slen;
210
211	if (s->state & SSL_ST_CONNECT)
212	{
213	sender=s->method->ssl3_enc->server_finished_label;
214	slen=s->method->ssl3_enc->server_finished_label_len;
215	}
216	else
217	{
218	sender=s->method->ssl3_enc->client_finished_label;
219	slen=s->method->ssl3_enc->client_finished_label_len;
220	}
221
222	s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
223	sender,slen,s->s3->tmp.peer_finish_md);
224	}
225	#endif
226
227	int ssl3_get_finished(SSL *s, int a, int b)	205	int ssl3_get_finished(SSL *s, int a, int b)
228	{	206	{
229	int al,i,ok;	207	int al,i,ok;
230	long n;	208	long n;
231	unsigned char *p;	209	unsigned char *p;
232		210
233	#ifdef OPENSSL_NO_NEXTPROTONEG	211	/* the mac has already been generated when we received the
234	/* the mac has already been generated when we received the change	212	* change cipher spec message and is in s->s3->tmp.peer_finish_md
235	* cipher spec message and is in s->s3->tmp.peer_finish_md. */	213	*/
236	#endif
237		214
238	n=s->method->ssl_get_message(s,	215	n=s->method->ssl_get_message(s,
239	a,	216	a,
@@ -537,13 +514,6 @@ long ssl3_get_message(SSL s, int st1, int stn, int mt, long max, int ok)
537	s->init_num += i;	514	s->init_num += i;
538	n -= i;	515	n -= i;
539	}	516	}
540	#ifndef OPENSSL_NO_NEXTPROTONEG
541	/* If receiving Finished, record MAC of prior handshake messages for
542	* Finished verification. */
543	if (*s->init_buf->data == SSL3_MT_FINISHED)
544	ssl3_take_mac(s);
545	#endif
546	/* Feed this message into MAC computation. */
547	ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);	517	ssl3_finish_mac(s, (unsigned char *)s->init_buf->data, s->init_num + 4);
548	if (s->msg_callback)	518	if (s->msg_callback)
549	s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data, (size_t)s->init_num + 4, s, s->msg_callback_arg);	519	s->msg_callback(0, s->version, SSL3_RT_HANDSHAKE, s->init_buf->data, (size_t)s->init_num + 4, s, s->msg_callback_arg);