Google Git
Sign in
boringssl / boringssl.git / 6e4fc336c4465c2fa63a512efb5b96776f15c412^! / . / ssl / tls13_both.c
commit6e4fc336c4465c2fa63a512efb5b96776f15c412[log] [tgz]
authorDavid Benjamin <davidben@google.com>Thu Nov 17 16:43:08 2016 +0900
committerDavid Benjamin <davidben@google.com>Tue Dec 06 19:49:24 2016 +0000
tree37b356b7662c7a4626e1a3c6e73890923f8115ed
parent8c880a2b953160b8e4cf8c081bafb9271c01af4b [diff] [blame]
Pass explicit hs parameters to tls13_*.c.

This removes all explicit ssl->s3->hs access in those files.

Change-Id: I801ca1c894936aecef21e56ec7e7acb9d1b99688
Reviewed-on: https://boringssl-review.googlesource.com/12318
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/tls13_both.c b/ssl/tls13_both.c
index 7d61304..6f697e6 100644
--- a/ssl/tls13_both.c
+++ b/ssl/tls13_both.c

@@ -401,10 +401,11 @@
   return 1;
 }
 
-int tls13_process_finished(SSL *ssl) {
+int tls13_process_finished(SSL_HANDSHAKE *hs) {
+  SSL *const ssl = hs->ssl;
   uint8_t verify_data[EVP_MAX_MD_SIZE];
   size_t verify_data_len;
-  if (!tls13_finished_mac(ssl, verify_data, &verify_data_len, !ssl->server)) {
+  if (!tls13_finished_mac(hs, verify_data, &verify_data_len, !ssl->server)) {
     return 0;
   }
 
@@ -423,7 +424,8 @@
   return 1;
 }
 
-int tls13_prepare_certificate(SSL *ssl) {
+int tls13_prepare_certificate(SSL_HANDSHAKE *hs) {
+  SSL *const ssl = hs->ssl;
   CBB cbb, body, certificate_list;
   if (!ssl->method->init_message(ssl, &cbb, &body, SSL3_MT_CERTIFICATE) ||
       /* The request context is always empty in the handshake. */
@@ -450,7 +452,7 @@
     goto err;
   }
 
-  if (ssl->s3->hs->scts_requested &&
+  if (hs->scts_requested &&
       ssl->ctx->signed_cert_timestamp_list_length != 0) {
     CBB contents;
     if (!CBB_add_u16(&extensions, TLSEXT_TYPE_certificate_timestamp) ||
@@ -463,7 +465,7 @@
     }
   }
 
-  if (ssl->s3->hs->ocsp_stapling_requested &&
+  if (hs->ocsp_stapling_requested &&
       ssl->ctx->ocsp_response_length != 0) {
     CBB contents, ocsp_response;
     if (!CBB_add_u16(&extensions, TLSEXT_TYPE_status_request) ||
@@ -500,7 +502,8 @@
 }
 
 enum ssl_private_key_result_t tls13_prepare_certificate_verify(
-    SSL *ssl, int is_first_run) {
+    SSL_HANDSHAKE *hs, int is_first_run) {
+  SSL *const ssl = hs->ssl;
   enum ssl_private_key_result_t ret = ssl_private_key_failure;
   uint8_t *msg = NULL;
   size_t msg_len;
@@ -561,11 +564,12 @@
   return ret;
 }
 
-int tls13_prepare_finished(SSL *ssl) {
+int tls13_prepare_finished(SSL_HANDSHAKE *hs) {
+  SSL *const ssl = hs->ssl;
   size_t verify_data_len;
   uint8_t verify_data[EVP_MAX_MD_SIZE];
 
-  if (!tls13_finished_mac(ssl, verify_data, &verify_data_len, ssl->server)) {
+  if (!tls13_finished_mac(hs, verify_data, &verify_data_len, ssl->server)) {
     ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_INTERNAL_ERROR);
     OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED);
     return 0;