Support enabling early data on SSL This moves the early data switch to CERT to make this |SSL_set_SSL_CTX|-proof. Change-Id: Icca96e76636d87578deb24b2d507cabee7e46a4a Reviewed-on: https://boringssl-review.googlesource.com/14545 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: 67bb45f44be61b54ab4830c222ed1f77bb53f6d9 [log] [tgz]
author: Alessandro Ghedini <alessandro@ghedini.me> Thu Mar 30 16:33:24 2017 -0500
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Mon Apr 03 20:25:29 2017 +0000
tree: bd92776ec6f472e25ad80eb9df46111c779cff08
parent: faa539f877432814d0f2de19846eb99f2ea1e207 [diff] [blame]
diff --git a/ssl/tls13_server.c b/ssl/tls13_server.c
index 35ee4f7..500cb9d 100644
--- a/ssl/tls13_server.c
+++ b/ssl/tls13_server.c

@@ -167,7 +167,7 @@
       goto err;
     }
 
-    if (ssl->ctx->enable_early_data) {
+    if (ssl->cert->enable_early_data) {
       session->ticket_max_early_data = kMaxEarlyDataAccepted;
 
       CBB early_data_info;
@@ -355,7 +355,7 @@
       hs->new_session = SSL_SESSION_dup(session, SSL_SESSION_DUP_AUTH_ONLY);
 
       if (/* Early data must be acceptable for this ticket. */
-          ssl->ctx->enable_early_data &&
+          ssl->cert->enable_early_data &&
           session->ticket_max_early_data != 0 &&
           /* The client must have offered early data. */
           hs->early_data_offered &&
commit	67bb45f44be61b54ab4830c222ed1f77bb53f6d9	[log] [tgz]
author	Alessandro Ghedini <alessandro@ghedini.me>	Thu Mar 30 16:33:24 2017 -0500
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Mon Apr 03 20:25:29 2017 +0000
tree	bd92776ec6f472e25ad80eb9df46111c779cff08
parent	faa539f877432814d0f2de19846eb99f2ea1e207 [diff] [blame]