Move Channel ID initialization out of ssl3_new.

Configuration data inherited from the ctx happens in SSL_new. (This also gets
in the way of using ssl3_free/ssl3_new to implement SSL_clear.)

Change-Id: I2773af91abf4e1edc0c1a324bc1e94088d7c2274
Reviewed-on: https://boringssl-review.googlesource.com/2821
Reviewed-by: Adam Langley <agl@google.com>

ssl/s3_lib.c

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index dcdf4ee..e783c8f 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -640,12 +640,6 @@
   memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
 
   s->s3 = s3;
-
-  s->tlsext_channel_id_enabled = s->ctx->tlsext_channel_id_enabled;
-  if (s->ctx->tlsext_channel_id_private) {
-    s->tlsext_channel_id_private =
-        EVP_PKEY_dup(s->ctx->tlsext_channel_id_private);
-  }
   s->method->ssl_clear(s);
 
   return 1;

ssl/ssl_lib.c

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 5ed3531..76f7408 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -329,6 +329,11 @@
   s->psk_client_callback = ctx->psk_client_callback;
   s->psk_server_callback = ctx->psk_server_callback;
 
+  s->tlsext_channel_id_enabled = ctx->tlsext_channel_id_enabled;
+  if (ctx->tlsext_channel_id_private) {
+    s->tlsext_channel_id_private = EVP_PKEY_dup(ctx->tlsext_channel_id_private);
+  }
+
   s->signed_cert_timestamps_enabled = s->ctx->signed_cert_timestamps_enabled;
   s->ocsp_stapling_enabled = s->ctx->ocsp_stapling_enabled;