Revert of New tls channel id version for OpenSSL

openssl/ssl/t1_enc.c

 /* ssl/t1_enc.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
  * This package is an SSL implementation written
  * by Eric Young (eay@cryptsoft.com).
  * The implementation was written so as to conform with Netscapes SSL.
  * 
  * This library is free for commercial and non-commercial use as long as
  * the following conditions are aheared to.  The following conditions
@@ skipping 1129 matching lines @@
                 return 0;
         }       
 
         EVP_MD_CTX_init(&ctx);
         EVP_MD_CTX_copy_ex(&ctx,d);
         EVP_DigestFinal_ex(&ctx,out,&ret);
         EVP_MD_CTX_cleanup(&ctx);
         return((int)ret);
         }
 
-/* tls1_handshake_digest calculates the current handshake hash and writes it to
- * |out|, which has space for |out_len| bytes. It returns the number of bytes
- * written or -1 in the event of an error. This function works on a copy of the
- * underlying digests so can be called multiple times and prior to the final
- * update etc. */
-int tls1_handshake_digest(SSL *s, unsigned char *out, size_t out_len)
-        {
-        const EVP_MD *md;
-        EVP_MD_CTX ctx;
-        int i, err = 0, len = 0;
-        long mask;
-
-        EVP_MD_CTX_init(&ctx);
-
-        for (i = 0; ssl_get_handshake_digest(i, &mask, &md); i++)
-                {
-                int hash_size;
-                unsigned int digest_len;
-                EVP_MD_CTX *hdgst = s->s3->handshake_dgst[i];
-
-                if ((mask & ssl_get_algorithm2(s)) == 0)
-                        continue;
-
-                hash_size = EVP_MD_size(md);
-                if (!hdgst || hash_size < 0 || (size_t)hash_size > out_len)
-                        {
-                        err = 1;
-                        break;
-                        }
-
-                if (!EVP_MD_CTX_copy_ex(&ctx, hdgst) ||
-                    !EVP_DigestFinal_ex(&ctx, out, &digest_len) ||
-                    digest_len != (unsigned int)hash_size) /* internal error */
-                        {
-                        err = 1;
-                        break;
-                        }
-                out += digest_len;
-                out_len -= digest_len;
-                len += digest_len;
-                }
-
-        EVP_MD_CTX_cleanup(&ctx);
-
-        if (err != 0)
-                return -1;
-        return len;
-        }
-
 int tls1_final_finish_mac(SSL *s,
              const char *str, int slen, unsigned char *out)
         {
+        unsigned int i;
+        EVP_MD_CTX ctx;
         unsigned char buf[2*EVP_MAX_MD_SIZE];
-        unsigned char buf2[12];
+        unsigned char *q,buf2[12];
+        int idx;
+        long mask;
         int err=0;
-        int digests_len;
+        const EVP_MD *md; 
 
-        if (s->s3->handshake_buffer)
+        q=buf;
+
+        if (s->s3->handshake_buffer) 
                 if (!ssl3_digest_cached_records(s))
                         return 0;
 
-        digests_len = tls1_handshake_digest(s, buf, sizeof(buf));
-        if (digests_len < 0)
+        EVP_MD_CTX_init(&ctx);
+
+        for (idx=0;ssl_get_handshake_digest(idx,&mask,&md);idx++)
                 {
-                err = 1;
-                digests_len = 0;
+                if (mask & ssl_get_algorithm2(s))
+                        {
+                        int hashsize = EVP_MD_size(md);
+                        if (hashsize < 0 || hashsize > (int)(sizeof buf - (size_t)(q-buf)))
+                                {
+                                /* internal error: 'buf' is too small for this cipersuite! */
+                                err = 1;
+                                }
+                        else
+                                {
+                                EVP_MD_CTX_copy_ex(&ctx,s->s3->handshake_dgst[idx]);
+                                EVP_DigestFinal_ex(&ctx,q,&i);
+                                if (i != (unsigned int)hashsize) /* can't really happen */
+                                        err = 1;
+                                q+=i;
+                                }
+                        }
                 }
-
+                
         if (!tls1_PRF(ssl_get_algorithm2(s),
-                        str,slen, buf, digests_len, NULL,0, NULL,0, NULL,0,
+                        str,slen, buf,(int)(q-buf), NULL,0, NULL,0, NULL,0,
                         s->session->master_key,s->session->master_key_length,
                         out,buf2,sizeof buf2))
                 err = 1;
+        EVP_MD_CTX_cleanup(&ctx);
 
         if (err)
                 return 0;
         else
                 return sizeof buf2;
         }
 
 int tls1_mac(SSL *ssl, unsigned char *md, int send)
         {
         SSL3_RECORD *rec;
@@ skipping 288 matching lines @@
         case SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE: return(TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE);
         case SSL_AD_BAD_CERTIFICATE_HASH_VALUE: return(TLS1_AD_BAD_CERTIFICATE_HASH_VALUE);
         case SSL_AD_UNKNOWN_PSK_IDENTITY:return(TLS1_AD_UNKNOWN_PSK_IDENTITY);
 #if 0 /* not appropriate for TLS, not used for DTLS */
         case DTLS1_AD_MISSING_HANDSHAKE_MESSAGE: return 
                                           (DTLS1_AD_MISSING_HANDSHAKE_MESSAGE);
 #endif
         default:                        return(-1);
                 }
         }