Google Git
Sign in
boringssl / boringssl / 7bb0fbf77bc447d523199fd62ee8b419bb1c321b^! / . / ssl / t1_lib.cc
commit7bb0fbf77bc447d523199fd62ee8b419bb1c321b[log] [tgz]
authorDavid Benjamin <davidben@google.com>Tue Jul 03 13:55:42 2018 -0400
committerAdam Langley <agl@google.com>Fri Jul 06 19:47:08 2018 +0000
treed7a8737df054bb92476fde9522b316f7b41a0ff6
parent0ce090acd64496ca8dcc3456eee179d9238dd3a2 [diff] [blame]
C++ the ticket keys a bit.

While I'm here, remove the silly "tlsext_" prefix. At this point it's no
longer novel that a feature is encoded in an extension.

Change-Id: Ib5fbd2121333a213bdda0332885a8c90036ebc4d
Reviewed-on: https://boringssl-review.googlesource.com/29592
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/ssl/t1_lib.cc b/ssl/t1_lib.cc
index e0e7504..fab6afe 100644
--- a/ssl/t1_lib.cc
+++ b/ssl/t1_lib.cc

@@ -3490,7 +3490,7 @@
   ScopedEVP_CIPHER_CTX cipher_ctx;
   ScopedHMAC_CTX hmac_ctx;
   const uint8_t *iv = ticket + SSL_TICKET_KEY_NAME_LEN;
-  int cb_ret = hs->ssl->session_ctx->tlsext_ticket_key_cb(
+  int cb_ret = hs->ssl->session_ctx->ticket_key_cb(
       hs->ssl, (uint8_t *)ticket /* name */, (uint8_t *)iv, cipher_ctx.get(),
       hmac_ctx.get(), 0 /* decrypt */);
   if (cb_ret < 0) {
@@ -3522,15 +3522,15 @@
   ScopedHMAC_CTX hmac_ctx;
   {
     MutexReadLock lock(&ctx->lock);
-    const tlsext_ticket_key *key;
-    if (ctx->tlsext_ticket_key_current &&
-        !OPENSSL_memcmp(ctx->tlsext_ticket_key_current->name, ticket,
+    const TicketKey *key;
+    if (ctx->ticket_key_current &&
+        !OPENSSL_memcmp(ctx->ticket_key_current->name, ticket,
                         SSL_TICKET_KEY_NAME_LEN)) {
-      key = ctx->tlsext_ticket_key_current;
-    } else if (ctx->tlsext_ticket_key_prev &&
-               !OPENSSL_memcmp(ctx->tlsext_ticket_key_prev->name, ticket,
+      key = ctx->ticket_key_current.get();
+    } else if (ctx->ticket_key_prev &&
+               !OPENSSL_memcmp(ctx->ticket_key_prev->name, ticket,
                                SSL_TICKET_KEY_NAME_LEN)) {
-      key = ctx->tlsext_ticket_key_prev;
+      key = ctx->ticket_key_prev.get();
     } else {
       return ssl_ticket_aead_ignore_ticket;
     }
@@ -3589,14 +3589,14 @@
     result = ssl_decrypt_ticket_with_method(
         hs, &plaintext, &plaintext_len, out_renew_ticket, ticket, ticket_len);
   } else {
-    // Ensure there is room for the key name and the largest IV
-    // |tlsext_ticket_key_cb| may try to consume. The real limit may be lower,
-    // but the maximum IV length should be well under the minimum size for the
-    // session material and HMAC.
+    // Ensure there is room for the key name and the largest IV |ticket_key_cb|
+    // may try to consume. The real limit may be lower, but the maximum IV
+    // length should be well under the minimum size for the session material and
+    // HMAC.
     if (ticket_len < SSL_TICKET_KEY_NAME_LEN + EVP_MAX_IV_LENGTH) {
       return ssl_ticket_aead_ignore_ticket;
     }
-    if (hs->ssl->session_ctx->tlsext_ticket_key_cb != NULL) {
+    if (hs->ssl->session_ctx->ticket_key_cb != NULL) {
       result = ssl_decrypt_ticket_with_cb(hs, &plaintext, &plaintext_len,
                                           out_renew_ticket, ticket, ticket_len);
     } else {