From 138d879b1616ace5c1ae9d93e2d734b08892691d Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Sun, 2 May 2021 17:46:58 +0000
Subject: Clean up tls1_change_cipher_state().

Replace flag gymnastics at call sites with separate read and write,
functions which call the common code. Condition on s->server instead of
using SSL_ST_ACCEPT, for consistency and more readable code.

ok inoguchi@ tb@
---
 src/lib/libssl/ssl_pkt.c | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

(limited to 'src/lib/libssl/ssl_pkt.c')

diff --git a/src/lib/libssl/ssl_pkt.c b/src/lib/libssl/ssl_pkt.c
index 6e0cfe2102..ba59aa3237 100644
--- a/src/lib/libssl/ssl_pkt.c
+++ b/src/lib/libssl/ssl_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_pkt.c,v 1.41 2021/04/25 13:15:22 jsing Exp $ */
+/* $OpenBSD: ssl_pkt.c,v 1.42 2021/05/02 17:46:58 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1154,8 +1154,6 @@ ssl3_read_bytes(SSL *s, int type, unsigned char *buf, int len, int peek)
 int
 ssl3_do_change_cipher_spec(SSL *s)
 {
-	int i;
-
 	if (S3I(s)->hs.tls12.key_block == NULL) {
 		if (s->session == NULL || s->session->master_key_length == 0) {
 			/* might happen if dtls1_read_bytes() calls this */
@@ -1168,12 +1166,7 @@ ssl3_do_change_cipher_spec(SSL *s)
 			return (0);
 	}
 
-	if (S3I(s)->hs.state & SSL_ST_ACCEPT)
-		i = SSL3_CHANGE_CIPHER_SERVER_READ;
-	else
-		i = SSL3_CHANGE_CIPHER_CLIENT_READ;
-
-	if (!tls1_change_cipher_state(s, i))
+	if (!tls1_change_read_cipher_state(s))
 		return (0);
 
 	/*
-- 
cgit v1.2.3-55-g6feb