commit 1deb41bb2de8c4c99842b2868772b1931b80d315
author David Benjamin <davidben@google.com> Tue Aug 09 19:36:38 2016 -0400
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Thu Aug 11 04:57:52 2016 +0000
tree 912b4919683a0ba5cf2cf52d7c625d5b9cf88c83
parent 19d5cf86dec1aaf52b4ab5f71d0602b795932f00

Move SCSV handling out of cipher list parsing.

It's odd that a function like ssl_bytes_to_cipher_list secretly has side
effects all over the place. This removes the need for the TLS 1.3 code
to re-query the version range, and it removes the requirement that the
RI extension be first.

Change-Id: Ic9af549db3aaa8880f3c591b8a13ba9ae91d6a46
Reviewed-on: https://boringssl-review.googlesource.com/10220
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/internal.h

diff --git a/ssl/internal.h b/ssl/internal.h
index 77759e4..827e5fd 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -967,9 +967,10 @@
                                      CBS *out, uint16_t extension_type);
 
 STACK_OF(SSL_CIPHER) *
-    ssl_parse_client_cipher_list(SSL *ssl,
-                                 const struct ssl_early_callback_ctx *ctx,
-                                 uint16_t max_version);
+    ssl_parse_client_cipher_list(const struct ssl_early_callback_ctx *ctx);
+
+int ssl_client_cipher_list_contains_cipher(
+    const struct ssl_early_callback_ctx *client_hello, uint16_t id);
 
 
 /* Underdocumented functions.