diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 481a76296..236a1f8e7 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -499,7 +499,6 @@ struct mbedtls_ssl_handshake_params
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
- void (*update_checksum)(mbedtls_ssl_context *, const unsigned char *, size_t);
void (*calc_verify)(const mbedtls_ssl_context *, unsigned char *, size_t *);
#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
@@ -1838,6 +1837,9 @@ static inline int mbedtls_ssl_session_get_compression(
#endif
}
+void mbedtls_ssl_update_checksum( mbedtls_ssl_context *,
+ const unsigned char *, size_t );
+
#define MBEDTLS_SSL_CHK(f) do { if( ( ret = f ) < 0 ) goto cleanup; } while( 0 )
#if defined(MBEDTLS_USE_TINYCRYPT)
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index c25482d18..3b9b70e34 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1138,7 +1138,7 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl )
return( ret );
}
- ssl->handshake->update_checksum( ssl, buf + 2, n );
+ mbedtls_ssl_update_checksum( ssl, buf + 2, n );
buf = ssl->in_msg;
n = ssl->in_left - 5;
@@ -1523,7 +1523,7 @@ read_record_header:
MBEDTLS_SSL_DEBUG_BUF( 4, "record contents", buf, msg_len );
- ssl->handshake->update_checksum( ssl, buf, msg_len );
+ mbedtls_ssl_update_checksum( ssl, buf, msg_len );
/*
* Handshake layer:
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index e5f979d32..4e4903fdf 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -834,9 +834,6 @@ static int tls_prf_sha384( const unsigned char *secret, size_t slen,
#endif /* MBEDTLS_SHA512_C */
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
-static void ssl_update_checksum( mbedtls_ssl_context *,
- const unsigned char *, size_t );
-
#if defined(MBEDTLS_SSL_PROTO_SSL3)
static void ssl_calc_verify_ssl( const mbedtls_ssl_context *, unsigned char *, size_t * );
static void ssl_calc_finished_ssl( mbedtls_ssl_context *, unsigned char *, int );
@@ -4158,7 +4155,7 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
/* Update running hashes of handshake messages seen */
if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
- ssl->handshake->update_checksum( ssl, ssl->out_msg, ssl->out_msglen );
+ mbedtls_ssl_update_checksum( ssl, ssl->out_msg, ssl->out_msglen );
}
/* Either send now, or just save to be sent (and resent) later */
@@ -4615,9 +4612,7 @@ void mbedtls_ssl_update_handshake_status( mbedtls_ssl_context *ssl )
mbedtls_ssl_handshake_params * const hs = ssl->handshake;
if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER && hs != NULL )
- {
- ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen );
- }
+ mbedtls_ssl_update_checksum( ssl, ssl->in_msg, ssl->in_hslen );
/* Handshake message is complete, increment counter */
#if defined(MBEDTLS_SSL_PROTO_DTLS)
@@ -7389,8 +7384,8 @@ void mbedtls_ssl_reset_checksum( mbedtls_ssl_context *ssl )
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
}
-static void ssl_update_checksum( mbedtls_ssl_context *ssl,
- const unsigned char *buf, size_t len )
+void mbedtls_ssl_update_checksum( mbedtls_ssl_context *ssl,
+ const unsigned char *buf, size_t len )
{
#if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
defined(MBEDTLS_SSL_PROTO_TLS1_1)
@@ -8001,8 +7996,6 @@ static void ssl_handshake_params_init( mbedtls_ssl_handshake_params *handshake )
#endif
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
- handshake->update_checksum = ssl_update_checksum;
-
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
mbedtls_ssl_sig_hash_set_init( &handshake->hash_algs );