Move ECC extensions out of SSL_SESSION.
There's no need to store them on the session. They're temporary handshake
state and weren't serialized in d2i_SSL_SESSION anyway.
Change-Id: I830d378ab49aaa4fc6c4c7a6a8c035e2263fb763
Reviewed-on: https://boringssl-review.googlesource.com/1990
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index a689921..d3e3c41 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -440,10 +440,6 @@
* efficient and to implement a maximum cache size. */
struct ssl_session_st *prev,*next;
char *tlsext_hostname;
- size_t tlsext_ecpointformatlist_length;
- unsigned char *tlsext_ecpointformatlist; /* peer's list */
- size_t tlsext_ellipticcurvelist_length;
- uint16_t *tlsext_ellipticcurvelist; /* peer's list */
/* RFC4507 info */
uint8_t *tlsext_tick; /* Session ticket */
size_t tlsext_ticklen; /* Session ticket length */
diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h
index 3aea752..2a201aa 100644
--- a/include/openssl/ssl3.h
+++ b/include/openssl/ssl3.h
@@ -473,6 +473,18 @@
* negotiated and the server is expected to send a
* CertificateStatus message. */
char certificate_status_expected;
+
+ /* peer_ecpointformatlist contains the EC point
+ * formats advertised by the peer. */
+ uint8_t *peer_ecpointformatlist;
+ size_t peer_ecpointformatlist_length;
+
+ /* Server-only: peer_ellipticcurvelist contains the EC
+ * curve IDs advertised by the peer. This is only set
+ * on the server's end. The server does not advertise
+ * this extension to the client. */
+ uint16_t *peer_ellipticcurvelist;
+ size_t peer_ellipticcurvelist_length;
} tmp;
/* Connection binding to prevent renegotiation attacks */
