Move peer_psk_identity_hint to SSL_HANDSHAKE.
One less field to reset on renego and save a pointer of post-handshake
memory.
Change-Id: Ifc0c3c73072af244ee3848d9a798988d2c8a7c38
Reviewed-on: https://boringssl-review.googlesource.com/11086
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 8602ec6..ac1a63b 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -4398,10 +4398,6 @@
* didn't use it to create the master secret initially. */
char extended_master_secret;
- /* Client-only: peer_psk_identity_hint is the psk_identity_hint sent by the
- * server when using a PSK key exchange. */
- char *peer_psk_identity_hint;
-
/* new_mac_secret_size is unused and exists only until wpa_supplicant can
* be updated. It is only needed for EAP-FAST, which we don't support. */
uint8_t new_mac_secret_size;
diff --git a/ssl/handshake_client.c b/ssl/handshake_client.c
index d48b000..b8153f5 100644
--- a/ssl/handshake_client.c
+++ b/ssl/handshake_client.c
@@ -1116,20 +1116,13 @@
}
if (ssl->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {
+ /* Some ciphers (pure PSK) have an optional ServerKeyExchange message. */
if (ssl_cipher_requires_server_key_exchange(ssl->s3->tmp.new_cipher)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
return -1;
}
- /* In plain PSK ciphersuite, ServerKeyExchange may be omitted to send no
- * identity hint. */
- if (ssl->s3->tmp.new_cipher->algorithm_auth & SSL_aPSK) {
- /* TODO(davidben): This should be reset in one place with the rest of the
- * handshake state. */
- OPENSSL_free(ssl->s3->tmp.peer_psk_identity_hint);
- ssl->s3->tmp.peer_psk_identity_hint = NULL;
- }
ssl->s3->tmp.reuse_message = 1;
return 1;
}
@@ -1168,7 +1161,7 @@
}
/* Save the identity hint as a C string. */
- if (!CBS_strdup(&psk_identity_hint, &ssl->s3->tmp.peer_psk_identity_hint)) {
+ if (!CBS_strdup(&psk_identity_hint, &ssl->s3->hs->peer_psk_identity_hint)) {
al = SSL_AD_INTERNAL_ERROR;
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
goto f_err;
@@ -1542,7 +1535,7 @@
char identity[PSK_MAX_IDENTITY_LEN + 1];
memset(identity, 0, sizeof(identity));
psk_len = ssl->psk_client_callback(
- ssl, ssl->s3->tmp.peer_psk_identity_hint, identity, sizeof(identity),
+ ssl, ssl->s3->hs->peer_psk_identity_hint, identity, sizeof(identity),
psk, sizeof(psk));
if (psk_len == 0) {
OPENSSL_PUT_ERROR(SSL, SSL_R_PSK_IDENTITY_NOT_FOUND);
diff --git a/ssl/internal.h b/ssl/internal.h
index 13dec3a..c090094 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -922,6 +922,10 @@
size_t num_peer_sigalgs;
uint8_t session_tickets_sent;
+
+ /* peer_psk_identity_hint, on the client, is the psk_identity_hint sent by the
+ * server when using a TLS 1.2 PSK key exchange. */
+ char *peer_psk_identity_hint;
} /* SSL_HANDSHAKE */;
SSL_HANDSHAKE *ssl_handshake_new(enum ssl_hs_wait_t (*do_handshake)(SSL *ssl));
diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index 4baa839..23cda92 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -166,6 +166,7 @@
OPENSSL_free(hs->key_share_bytes);
OPENSSL_free(hs->public_key);
OPENSSL_free(hs->peer_sigalgs);
+ OPENSSL_free(hs->peer_psk_identity_hint);
OPENSSL_free(hs);
}
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 3378526..2a7bbae 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -210,7 +210,6 @@
sk_X509_NAME_pop_free(ssl->s3->tmp.ca_names, X509_NAME_free);
OPENSSL_free(ssl->s3->tmp.certificate_types);
OPENSSL_free(ssl->s3->tmp.peer_supported_group_list);
- OPENSSL_free(ssl->s3->tmp.peer_psk_identity_hint);
SSL_SESSION_free(ssl->s3->new_session);
SSL_SESSION_free(ssl->s3->established_session);
ssl3_free_handshake_buffer(ssl);
