Move Channel ID initialization out of ssl3_new.
Configuration data inherited from the ctx happens in SSL_new. (This also gets
in the way of using ssl3_free/ssl3_new to implement SSL_clear.)
Change-Id: I2773af91abf4e1edc0c1a324bc1e94088d7c2274
Reviewed-on: https://boringssl-review.googlesource.com/2821
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index dcdf4ee..e783c8f 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -640,12 +640,6 @@
memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num));
s->s3 = s3;
-
- s->tlsext_channel_id_enabled = s->ctx->tlsext_channel_id_enabled;
- if (s->ctx->tlsext_channel_id_private) {
- s->tlsext_channel_id_private =
- EVP_PKEY_dup(s->ctx->tlsext_channel_id_private);
- }
s->method->ssl_clear(s);
return 1;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 5ed3531..76f7408 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -329,6 +329,11 @@
s->psk_client_callback = ctx->psk_client_callback;
s->psk_server_callback = ctx->psk_server_callback;
+ s->tlsext_channel_id_enabled = ctx->tlsext_channel_id_enabled;
+ if (ctx->tlsext_channel_id_private) {
+ s->tlsext_channel_id_private = EVP_PKEY_dup(ctx->tlsext_channel_id_private);
+ }
+
s->signed_cert_timestamps_enabled = s->ctx->signed_cert_timestamps_enabled;
s->ocsp_stapling_enabled = s->ctx->ocsp_stapling_enabled;