From dacdef0bd14d3205fd8b9a76fa9f8f2d56946ce4 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Mon, 21 Jan 2019 10:44:08 +0000
Subject: The main handshake loop can be shared between client and server.

Pull the shared code up into a function and call it from tls13_connect()
and tls13_accept() instead of duplicating it.

"Yes, please!" tb@
---
 src/lib/libssl/tls13_handshake.c | 40 ++++++++++++----------------------------
 src/lib/libssl/tls13_internal.h  |  4 +++-
 2 files changed, 15 insertions(+), 29 deletions(-)

diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c
index 92780bb2f2..9e17fd1351 100644
--- a/src/lib/libssl/tls13_handshake.c
+++ b/src/lib/libssl/tls13_handshake.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tls13_handshake.c,v 1.15 2019/01/21 06:58:44 jsing Exp $	*/
+/*	$OpenBSD: tls13_handshake.c,v 1.16 2019/01/21 10:44:08 jsing Exp $	*/
 /*
  * Copyright (c) 2018-2019 Theo Buehler <tb@openbsd.org>
  * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
@@ -286,13 +286,11 @@ tls13_handshake_advance_state_machine(struct tls13_ctx *ctx)
 }
 
 int
-tls13_connect(struct tls13_ctx *ctx)
+tls13_handshake_perform(struct tls13_ctx *ctx)
 {
 	struct tls13_handshake_action *action;
 	int ret;
 
-	ctx->mode = TLS13_HS_CLIENT;
-
 	for (;;) {
 		if ((action = tls13_handshake_active_action(ctx)) == NULL)
 			return TLS13_IO_FAILURE;
@@ -300,7 +298,7 @@ tls13_connect(struct tls13_ctx *ctx)
 		if (action->handshake_complete)
 			return TLS13_IO_SUCCESS;
 
-		if (action->sender == TLS13_HS_CLIENT) {
+		if (action->sender == ctx->mode) {
 			if ((ret = tls13_handshake_send_action(ctx, action)) <= 0)
 				return ret;
 		} else {
@@ -314,33 +312,19 @@ tls13_connect(struct tls13_ctx *ctx)
 }
 
 int
-tls13_accept(struct tls13_ctx *ctx)
+tls13_connect(struct tls13_ctx *ctx)
 {
-	struct tls13_handshake_action *action;
-	int ret;
-
-	ctx->mode = TLS13_HS_SERVER;
-
-	for (;;) {
-		if ((action = tls13_handshake_active_action(ctx)) == NULL)
-			return TLS13_IO_FAILURE;
-
-		if (action->handshake_complete)
-			return TLS13_IO_SUCCESS;
+	ctx->mode = TLS13_HS_CLIENT;
 
-		if (action->sender == TLS13_HS_SERVER) {
-			if ((ret = tls13_handshake_send_action(ctx, action)) <= 0)
-				return ret;
-		} else {
-			if ((ret = tls13_handshake_recv_action(ctx, action)) <= 0)
-				return ret;
-		}
+	return tls13_handshake_perform(ctx);
+}
 
-		if (!tls13_handshake_advance_state_machine(ctx))
-			return TLS13_IO_FAILURE;
-	}
+int
+tls13_accept(struct tls13_ctx *ctx)
+{
+	ctx->mode = TLS13_HS_SERVER;
 
-	return 1;
+	return tls13_handshake_perform(ctx);
 }
 
 int
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index 03fdab7e53..03de0fc40e 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_internal.h,v 1.12 2019/01/21 09:10:58 jsing Exp $ */
+/* $OpenBSD: tls13_internal.h,v 1.13 2019/01/21 10:44:08 jsing Exp $ */
 /*
  * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
  * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -186,6 +186,8 @@ int tls13_legacy_write_bytes(SSL *ssl, int type, const void *buf, int len);
 #define	TLS13_MT_KEY_UPDATE			24
 #define	TLS13_MT_MESSAGE_HASH			254
 
+int tls13_handshake_perform(struct tls13_ctx *ctx);
+
 int tls13_client_hello_send(struct tls13_ctx *ctx);
 int tls13_client_hello_recv(struct tls13_ctx *ctx);
 int tls13_client_hello_retry_send(struct tls13_ctx *ctx);
-- 
cgit v1.2.3-55-g6feb