commit 8baf9635236802032cb4889ecf7b8049d916728f
author David Benjamin <davidben@google.com> Thu Nov 17 17:11:16 2016 +0900
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Tue Dec 06 19:53:25 2016 +0000
tree db3a5172c85f086c44469648c95e0a609b9a1ce9
parent 6773972ff69742f7805139729dd327e266ad10c6

Pass explicit hs parameters to ssl_ext_*.

Change-Id: I84a8ff1d717f3291403f6fc49668c84f89b910da
Reviewed-on: https://boringssl-review.googlesource.com/12342
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/t1_lib.c

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index a87bee1..0b27165 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1990,7 +1990,8 @@
   return CBB_flush(out);
 }
 
-int ssl_ext_pre_shared_key_parse_serverhello(SSL *ssl, uint8_t *out_alert,
+int ssl_ext_pre_shared_key_parse_serverhello(SSL_HANDSHAKE *hs,
+                                             uint8_t *out_alert,
                                              CBS *contents) {
   uint16_t psk_id;
   if (!CBS_get_u16(contents, &psk_id) ||
@@ -2010,11 +2011,12 @@
   return 1;
 }
 
-int ssl_ext_pre_shared_key_parse_clienthello(SSL *ssl,
+int ssl_ext_pre_shared_key_parse_clienthello(SSL_HANDSHAKE *hs,
                                              SSL_SESSION **out_session,
                                              CBS *out_binders,
                                              uint8_t *out_alert,
                                              CBS *contents) {
+  SSL *const ssl = hs->ssl;
   /* We only process the first PSK identity since we don't support pure PSK. */
   uint32_t obfuscated_ticket_age;
   CBS identities, ticket, binders;
@@ -2081,8 +2083,8 @@
   return 1;
 }
 
-int ssl_ext_pre_shared_key_add_serverhello(SSL *ssl, CBB *out) {
-  if (!ssl->s3->session_reused) {
+int ssl_ext_pre_shared_key_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
+  if (!hs->ssl->s3->session_reused) {
     return 1;
   }
 
@@ -2260,9 +2262,10 @@
   return CBB_flush(out);
 }
 
-int ssl_ext_key_share_parse_serverhello(SSL *ssl, uint8_t **out_secret,
+int ssl_ext_key_share_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t **out_secret,
                                         size_t *out_secret_len,
                                         uint8_t *out_alert, CBS *contents) {
+  SSL *const ssl = hs->ssl;
   CBS peer_key;
   uint16_t group_id;
   if (!CBS_get_u16(contents, &group_id) ||
@@ -2272,28 +2275,28 @@
     return 0;
   }
 
-  if (SSL_ECDH_CTX_get_id(&ssl->s3->hs->ecdh_ctx) != group_id) {
+  if (SSL_ECDH_CTX_get_id(&hs->ecdh_ctx) != group_id) {
     *out_alert = SSL_AD_ILLEGAL_PARAMETER;
     OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CURVE);
     return 0;
   }
 
-  if (!SSL_ECDH_CTX_finish(&ssl->s3->hs->ecdh_ctx, out_secret, out_secret_len,
-                           out_alert, CBS_data(&peer_key),
-                           CBS_len(&peer_key))) {
+  if (!SSL_ECDH_CTX_finish(&hs->ecdh_ctx, out_secret, out_secret_len, out_alert,
+                           CBS_data(&peer_key), CBS_len(&peer_key))) {
     *out_alert = SSL_AD_INTERNAL_ERROR;
     return 0;
   }
 
   ssl->s3->new_session->key_exchange_info = group_id;
-  SSL_ECDH_CTX_cleanup(&ssl->s3->hs->ecdh_ctx);
+  SSL_ECDH_CTX_cleanup(&hs->ecdh_ctx);
   return 1;
 }
 
-int ssl_ext_key_share_parse_clienthello(SSL *ssl, int *out_found,
+int ssl_ext_key_share_parse_clienthello(SSL_HANDSHAKE *hs, int *out_found,
                                         uint8_t **out_secret,
                                         size_t *out_secret_len,
                                         uint8_t *out_alert, CBS *contents) {
+  SSL *const ssl = hs->ssl;
   uint16_t group_id;
   CBS key_shares;
   if (!tls1_get_shared_group(ssl, &group_id)) {
@@ -2348,11 +2351,9 @@
   CBB public_key;
   if (!CBB_init(&public_key, 32) ||
       !SSL_ECDH_CTX_init(&group, group_id) ||
-      !SSL_ECDH_CTX_accept(&group, &public_key, &secret, &secret_len,
-                           out_alert, CBS_data(&peer_key),
-                           CBS_len(&peer_key)) ||
-      !CBB_finish(&public_key, &ssl->s3->hs->public_key,
-                  &ssl->s3->hs->public_key_len)) {
+      !SSL_ECDH_CTX_accept(&group, &public_key, &secret, &secret_len, out_alert,
+                           CBS_data(&peer_key), CBS_len(&peer_key)) ||
+      !CBB_finish(&public_key, &hs->public_key, &hs->public_key_len)) {
     OPENSSL_free(secret);
     SSL_ECDH_CTX_cleanup(&group);
     CBB_cleanup(&public_key);
@@ -2368,7 +2369,8 @@
   return 1;
 }
 
-int ssl_ext_key_share_add_serverhello(SSL *ssl, CBB *out) {
+int ssl_ext_key_share_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
+  SSL *const ssl = hs->ssl;
   uint16_t group_id;
   CBB kse_bytes, public_key;
   if (!tls1_get_shared_group(ssl, &group_id) ||
@@ -2376,15 +2378,14 @@
       !CBB_add_u16_length_prefixed(out, &kse_bytes) ||
       !CBB_add_u16(&kse_bytes, group_id) ||
       !CBB_add_u16_length_prefixed(&kse_bytes, &public_key) ||
-      !CBB_add_bytes(&public_key, ssl->s3->hs->public_key,
-                     ssl->s3->hs->public_key_len) ||
+      !CBB_add_bytes(&public_key, hs->public_key, hs->public_key_len) ||
       !CBB_flush(out)) {
     return 0;
   }
 
-  OPENSSL_free(ssl->s3->hs->public_key);
-  ssl->s3->hs->public_key = NULL;
-  ssl->s3->hs->public_key_len = 0;
+  OPENSSL_free(hs->public_key);
+  hs->public_key = NULL;
+  hs->public_key_len = 0;
 
   ssl->s3->new_session->key_exchange_info = group_id;
   return 1;