Google Git
Sign in
boringssl/boringssl.git/07e138425d8e54d5ca78b395dd808cb5ec3a3eb9^!/./ssl/ssl_lib.c
commit
07e138425d8e54d5ca78b395dd808cb5ec3a3eb9
[log]
author
David Benjamin <davidben@chromium.org>
Sat Oct 17 13:48:04 2015 -0400
committer
Adam Langley <alangley@gmail.com>
Mon Oct 26 17:38:40 2015 +0000
tree
9abbcaa0e4db803d9774ee60fed30bee4f131b3a
parent
10a1a9d32ebba0e9db7ef3524a77e2a7b1f3b8bd [diff] [blame]
Move remaining functions out of tls1.h.

Now tls1.h is just a pile of protocol constants with no more circular
dependency problem.

I've preserved SSL_get_servername's behavior where it's simultaneously a
lookup of handshake state and local configuration.  I've removed it from
SSL_get_servername_type. It got the logic wrong anyway with the order of
the s->session check.

(Searching through code, neither is used on the client, but the
SSL_get_servername one is easy.)

Change-Id: I61bb8fb0858b07d76a7835bffa6dc793812fb027
Reviewed-on: https://boringssl-review.googlesource.com/6298
Reviewed-by: Adam Langley <alangley@gmail.com>

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 57a76fa..1baf355 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c

@@ -1562,21 +1562,25 @@
   return NULL;
 }
 
-
-/* return a servername extension value if provided in Client Hello, or NULL. So
- * far, only host_name types are defined (RFC 3546). */
-const char *SSL_get_servername(const SSL *s, const int type) {
+const char *SSL_get_servername(const SSL *ssl, const int type) {
   if (type != TLSEXT_NAMETYPE_host_name) {
     return NULL;
   }
 
-  return s->session && !s->tlsext_hostname ? s->session->tlsext_hostname
-                                           : s->tlsext_hostname;
+  /* Historically, |SSL_get_servername| was also the configuration getter
+   * corresponding to |SSL_set_tlsext_host_name|. */
+  if (ssl->tlsext_hostname != NULL) {
+    return ssl->tlsext_hostname;
+  }
+
+  if (ssl->session == NULL) {
+    return NULL;
+  }
+  return ssl->session->tlsext_hostname;
 }
 
-int SSL_get_servername_type(const SSL *s) {
-  if (s->session &&
-      (!s->tlsext_hostname ? s->session->tlsext_hostname : s->tlsext_hostname)) {
+int SSL_get_servername_type(const SSL *ssl) {
+  if (ssl->session != NULL && ssl->session->tlsext_hostname != NULL) {
     return TLSEXT_NAMETYPE_host_name;
   }
 
@@ -1761,16 +1765,16 @@
   }
 }
 
-int SSL_export_keying_material(SSL *s, uint8_t *out, size_t out_len,
+int SSL_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len,
                                const char *label, size_t label_len,
                                const uint8_t *context, size_t context_len,
                                int use_context) {
-  if (s->version < TLS1_VERSION) {
+  if (ssl->version < TLS1_VERSION) {
     return 0;
   }
 
-  return s->enc_method->export_keying_material(
-      s, out, out_len, label, label_len, context, context_len, use_context);
+  return ssl->enc_method->export_keying_material(
+      ssl, out, out_len, label, label_len, context, context_len, use_context);
 }
 
 void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,