Move peer_dh_tmp and peer_ecdh_tmp out of SESS_CERT.

Gets another field out of the SSL_SESSION.

Change-Id: I9a27255533f8e43e152808427466ec1306cfcc60
Reviewed-on: https://boringssl-review.googlesource.com/5756
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h
index e04412f..9c272a6 100644
--- a/include/openssl/ssl3.h
+++ b/include/openssl/ssl3.h
@@ -519,6 +519,12 @@
     /* Client-only: in_false_start is one if there is a pending handshake in
      * False Start. The client may write data at this point. */
     char in_false_start;
+
+    /* peer_dh_tmp, on a client, is the server's DHE public key. */
+    DH *peer_dh_tmp;
+
+    /* peer_ecdh_tmp, on a client, is the server's ECDHE public key. */
+    EC_KEY *peer_ecdh_tmp;
   } tmp;
 
   /* Connection binding to prevent renegotiation attacks */
diff --git a/ssl/internal.h b/ssl/internal.h
index 8dc3068..fdcb31c 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -786,9 +786,6 @@
 
   /* peer_cert, on a client, is the leaf certificate of the peer. */
   X509 *peer_cert;
-
-  DH *peer_dh_tmp;
-  EC_KEY *peer_ecdh_tmp;
 } SESS_CERT;
 
 /* SSL_METHOD is a compatibility structure to support the legacy version-locked
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 1ed1507..b81b914 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1109,12 +1109,7 @@
   CBS_init(&server_key_exchange, s->init_msg, n);
   server_key_exchange_orig = server_key_exchange;
 
-  if (s->session->sess_cert != NULL) {
-    DH_free(s->session->sess_cert->peer_dh_tmp);
-    s->session->sess_cert->peer_dh_tmp = NULL;
-    EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp);
-    s->session->sess_cert->peer_ecdh_tmp = NULL;
-  } else {
+  if (s->session->sess_cert == NULL) {
     s->session->sess_cert = ssl_sess_cert_new();
     if (s->session->sess_cert == NULL) {
       return -1;
@@ -1191,7 +1186,8 @@
       OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_DH_P_LENGTH);
       goto err;
     }
-    s->session->sess_cert->peer_dh_tmp = dh;
+    DH_free(s->s3->tmp.peer_dh_tmp);
+    s->s3->tmp.peer_dh_tmp = dh;
     dh = NULL;
   } else if (alg_k & SSL_kECDHE) {
     uint16_t curve_id;
@@ -1244,7 +1240,8 @@
       goto f_err;
     }
     EC_KEY_set_public_key(ecdh, srvr_ecpoint);
-    s->session->sess_cert->peer_ecdh_tmp = ecdh;
+    EC_KEY_free(s->s3->tmp.peer_ecdh_tmp);
+    s->s3->tmp.peer_ecdh_tmp = ecdh;
     ecdh = NULL;
     BN_CTX_free(bn_ctx);
     bn_ctx = NULL;
@@ -1735,21 +1732,14 @@
       }
     } else if (alg_k & SSL_kDHE) {
       DH *dh_srvr, *dh_clnt;
-      SESS_CERT *scert = s->session->sess_cert;
       int dh_len;
       size_t pub_len;
 
-      if (scert == NULL) {
-        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
-        OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
-        goto err;
-      }
-
-      if (scert->peer_dh_tmp == NULL) {
+      if (s->s3->tmp.peer_dh_tmp == NULL) {
         OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
         goto err;
       }
-      dh_srvr = scert->peer_dh_tmp;
+      dh_srvr = s->s3->tmp.peer_dh_tmp;
 
       /* generate a new random key */
       dh_clnt = DHparams_dup(dh_srvr);
@@ -1791,18 +1781,12 @@
       EC_KEY *tkey;
       int field_size = 0, ecdh_len;
 
-      if (s->session->sess_cert == NULL) {
-        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
-        OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
-        goto err;
-      }
-
-      if (s->session->sess_cert->peer_ecdh_tmp == NULL) {
+      if (s->s3->tmp.peer_ecdh_tmp == NULL) {
         OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
         goto err;
       }
 
-      tkey = s->session->sess_cert->peer_ecdh_tmp;
+      tkey = s->s3->tmp.peer_ecdh_tmp;
 
       srvr_group = EC_KEY_get0_group(tkey);
       srvr_ecpoint = EC_KEY_get0_public_key(tkey);
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 22e7990..64e31e5 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -233,6 +233,8 @@
   OPENSSL_free(s->s3->tmp.certificate_types);
   OPENSSL_free(s->s3->tmp.peer_ellipticcurvelist);
   OPENSSL_free(s->s3->tmp.peer_psk_identity_hint);
+  DH_free(s->s3->tmp.peer_dh_tmp);
+  EC_KEY_free(s->s3->tmp.peer_ecdh_tmp);
   ssl3_free_handshake_buffer(s);
   ssl3_free_handshake_hash(s);
   OPENSSL_free(s->s3->alpn_selected);
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index b9be723..68a6dbe 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -327,14 +327,6 @@
   if (sess_cert->peer_cert != NULL) {
     ret->peer_cert = X509_up_ref(sess_cert->peer_cert);
   }
-  if (sess_cert->peer_dh_tmp != NULL) {
-    ret->peer_dh_tmp = sess_cert->peer_dh_tmp;
-    DH_up_ref(ret->peer_dh_tmp);
-  }
-  if (sess_cert->peer_ecdh_tmp != NULL) {
-    ret->peer_ecdh_tmp = sess_cert->peer_ecdh_tmp;
-    EC_KEY_up_ref(ret->peer_ecdh_tmp);
-  }
   return ret;
 }
 
@@ -345,8 +337,6 @@
 
   sk_X509_pop_free(sess_cert->cert_chain, X509_free);
   X509_free(sess_cert->peer_cert);
-  DH_free(sess_cert->peer_dh_tmp);
-  EC_KEY_free(sess_cert->peer_ecdh_tmp);
 
   OPENSSL_free(sess_cert);
 }