Google Git
Sign in
boringssl/boringssl.git/98472cb30db1e4644e81530c73c0bc5e89dbaaf3^!/./ssl/t1_lib.cc
commit
98472cb30db1e4644e81530c73c0bc5e89dbaaf3
[log]
author
David Benjamin <davidben@google.com>
Wed May 02 16:05:36 2018 -0400
committer
CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Wed May 02 20:15:08 2018 +0000
tree
8b64d0b1585996f9d01010b03677df796c0f20b5
parent
8e75ae488047c519f14f2c08b02a55bf7712fa1d [diff] [blame]
Consistently use session_ctx for session caching.

The TLS 1.3 client logic used ctx instead. This is all moot as
SSL_set_SSL_CTX on a client really wouldn't work, but we should be
consistent. Unfortunately, this moves moving the pointer back to SSL
from SSL_CONFIG.

Change-Id: I45f8241e16f499ad416afd5eceb52dc82af9c4f4
Reviewed-on: https://boringssl-review.googlesource.com/27985
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/t1_lib.cc b/ssl/t1_lib.cc
index eb6d90b..7fae0da 100644
--- a/ssl/t1_lib.cc
+++ b/ssl/t1_lib.cc

@@ -3317,9 +3317,9 @@
   if (ssl->ctx->tlsext_servername_callback != 0) {
     ret = ssl->ctx->tlsext_servername_callback(ssl, &al,
                                                ssl->ctx->tlsext_servername_arg);
-  } else if (hs->config->session_ctx->tlsext_servername_callback != 0) {
-    ret = hs->config->session_ctx->tlsext_servername_callback(
-        ssl, &al, hs->config->session_ctx->tlsext_servername_arg);
+  } else if (ssl->session_ctx->tlsext_servername_callback != 0) {
+    ret = ssl->session_ctx->tlsext_servername_callback(
+        ssl, &al, ssl->session_ctx->tlsext_servername_arg);
   }
 
   switch (ret) {
@@ -3408,7 +3408,7 @@
   ScopedEVP_CIPHER_CTX cipher_ctx;
   ScopedHMAC_CTX hmac_ctx;
   const uint8_t *iv = ticket + SSL_TICKET_KEY_NAME_LEN;
-  int cb_ret = hs->config->session_ctx->tlsext_ticket_key_cb(
+  int cb_ret = hs->ssl->session_ctx->tlsext_ticket_key_cb(
       hs->ssl, (uint8_t *)ticket /* name */, (uint8_t *)iv, cipher_ctx.get(),
       hmac_ctx.get(), 0 /* decrypt */);
   if (cb_ret < 0) {
@@ -3428,7 +3428,7 @@
     SSL_HANDSHAKE *hs, uint8_t **out, size_t *out_len, const uint8_t *ticket,
     size_t ticket_len) {
   assert(ticket_len >= SSL_TICKET_KEY_NAME_LEN + EVP_MAX_IV_LENGTH);
-  SSL_CTX *ctx = hs->config->session_ctx;
+  SSL_CTX *ctx = hs->ssl->session_ctx;
 
   // Rotate the ticket key if necessary.
   if (!ssl_ctx_rotate_ticket_encryption_key(ctx)) {
@@ -3475,7 +3475,7 @@
 
   size_t plaintext_len;
   const enum ssl_ticket_aead_result_t result =
-      hs->config->session_ctx->ticket_aead_method->open(
+      hs->ssl->session_ctx->ticket_aead_method->open(
           hs->ssl, plaintext, &plaintext_len, ticket_len, ticket, ticket_len);
 
   if (result == ssl_ticket_aead_success) {
@@ -3503,7 +3503,7 @@
   uint8_t *plaintext = NULL;
   size_t plaintext_len;
   enum ssl_ticket_aead_result_t result;
-  if (hs->config->session_ctx->ticket_aead_method != NULL) {
+  if (hs->ssl->session_ctx->ticket_aead_method != NULL) {
     result = ssl_decrypt_ticket_with_method(
         hs, &plaintext, &plaintext_len, out_renew_ticket, ticket, ticket_len);
   } else {
@@ -3514,7 +3514,7 @@
     if (ticket_len < SSL_TICKET_KEY_NAME_LEN + EVP_MAX_IV_LENGTH) {
       return ssl_ticket_aead_ignore_ticket;
     }
-    if (hs->config->session_ctx->tlsext_ticket_key_cb != NULL) {
+    if (hs->ssl->session_ctx->tlsext_ticket_key_cb != NULL) {
       result = ssl_decrypt_ticket_with_cb(hs, &plaintext, &plaintext_len,
                                           out_renew_ticket, ticket, ticket_len);
     } else {