commit ca9e8f52f1631fa4906a0d44abdeb55f80fe026d
author David Benjamin <davidben@google.com> Wed Aug 09 15:02:34 2017 -0400
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Wed Aug 09 19:13:15 2017 +0000
tree 3894fc051a920b4586ba621dadcd8330b4df71c3
parent 74115c93f1fd9a9ef1d51e26c80858284e1dcf6f

Tidy up handshake digest logic.

Use SSL_SESSION_get_digest instead of the lower level function where
applicable. Also, remove the failure case (Ivan Maidanski points out in
https://android-review.googlesource.com/c/337852/1/src/ssl/t1_enc.c that
this unreachable codepath is a memory leak) by passing in an SSL_CIPHER
to make it more locally obvious that other values are impossible.

Change-Id: Ie624049d47ab0d24f32b405390d6251c7343d7d6
Reviewed-on: https://boringssl-review.googlesource.com/19024
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/ssl_session.cc

diff --git a/ssl/ssl_session.cc b/ssl/ssl_session.cc
index 1830723..a1c21dc 100644
--- a/ssl/ssl_session.cc
+++ b/ssl/ssl_session.cc
@@ -368,8 +368,8 @@
 }
 
 const EVP_MD *SSL_SESSION_get_digest(const SSL_SESSION *session) {
-  return ssl_get_handshake_digest(session->cipher->algorithm_prf,
-                                  SSL_SESSION_protocol_version(session));
+  return ssl_get_handshake_digest(SSL_SESSION_protocol_version(session),
+                                  session->cipher);
 }
 
 int ssl_get_new_session(SSL_HANDSHAKE *hs, int is_server) {