Remove reliance on the SSL object from the DTLS read record layer code

Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18132)
author: Matt Caswell <matt@openssl.org> 2022-06-08 15:52:44 +0200
committer: Matt Caswell <matt@openssl.org> 2022-08-18 17:38:13 +0200
commit: 222cf410d5e7bdd58dd50a0a3f1f0805707808ef (patch)
tree: 5505e71a7ee046d082b17de744d4af59c61d09e9 /ssl/t1_enc.c
parent: Move some DTLS read code into the read record layer (diff)
download: openssl-222cf410d5e7bdd58dd50a0a3f1f0805707808ef.tar.xz
openssl-222cf410d5e7bdd58dd50a0a3f1f0805707808ef.zip
1 files changed, 11 insertions, 48 deletions
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index ab8acd71f8..b1f91ed60e 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -242,55 +242,18 @@ int tls1_change_cipher_state(SSL_CONNECTION *s, int which)
         else
             s->mac_flags &= ~SSL_MAC_FLAG_READ_MAC_TLSTREE;
 
-        if (SSL_CONNECTION_IS_DTLS(s)) {
-            if (s->enc_read_ctx != NULL) {
-                reuse_dd = 1;
-            } else if ((s->enc_read_ctx = EVP_CIPHER_CTX_new()) == NULL) {
-                SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_MALLOC_FAILURE);
-                goto err;
-            } else {
-                /*
-                * make sure it's initialised in case we exit later with an error
-                */
-                EVP_CIPHER_CTX_reset(s->enc_read_ctx);
-            }
-            dd = s->enc_read_ctx;
-            mac_ctx = ssl_replace_hash(&s->read_hash, NULL);
-            if (mac_ctx == NULL) {
-                SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
-                goto err;
-            }
-    #ifndef OPENSSL_NO_COMP
-            COMP_CTX_free(s->expand);
-            s->expand = NULL;
-            if (comp != NULL) {
-                s->expand = COMP_CTX_new(comp->method);
-                if (s->expand == NULL) {
-                    SSLfatal(s, SSL_AD_INTERNAL_ERROR,
-                            SSL_R_COMPRESSION_LIBRARY_ERROR);
-                    goto err;
-                }
-            }
-    #endif
-            /*
-            * this is done by dtls1_reset_seq_numbers for DTLS
-            */
-            if (!SSL_CONNECTION_IS_DTLS(s))
-                RECORD_LAYER_reset_read_sequence(&s->rlayer);
-        } else {
-            if (!ssl_set_new_record_layer(s, s->version,
-                                          OSSL_RECORD_DIRECTION_READ,
-                                          OSSL_RECORD_PROTECTION_LEVEL_APPLICATION,
-                                          key, cl, iv, (size_t)k, mac_secret,
-                                          mac_secret_size, c, taglen, mac_type,
-                                          m, comp)) {
-                /* SSLfatal already called */
-                goto err;
-            }
-
-            /* TODO(RECLAYER): Temporary - remove me */
-            goto skip_ktls;
+        if (!ssl_set_new_record_layer(s, s->version,
+                                        OSSL_RECORD_DIRECTION_READ,
+                                        OSSL_RECORD_PROTECTION_LEVEL_APPLICATION,
+                                        key, cl, iv, (size_t)k, mac_secret,
+                                        mac_secret_size, c, taglen, mac_type,
+                                        m, comp)) {
+            /* SSLfatal already called */
+            goto err;
         }
+
+        /* TODO(RECLAYER): Temporary - remove me */
+        goto skip_ktls;
     } else {
         s->statem.enc_write_state = ENC_WRITE_STATE_INVALID;
         if (s->ext.use_etm)
author	Matt Caswell <matt@openssl.org>	2022-06-08 15:52:44 +0200
committer	Matt Caswell <matt@openssl.org>	2022-08-18 17:38:13 +0200
commit	222cf410d5e7bdd58dd50a0a3f1f0805707808ef (patch)
tree	5505e71a7ee046d082b17de744d4af59c61d09e9 /ssl/t1_enc.c
parent	Move some DTLS read code into the read record layer (diff)
download	openssl-222cf410d5e7bdd58dd50a0a3f1f0805707808ef.tar.xz openssl-222cf410d5e7bdd58dd50a0a3f1f0805707808ef.zip