Move new_cipher and new_session to SSL_HANDSHAKE.
This lets us trim another two pointers of per-connection state.
Change-Id: I2145d529bc25b7e24a921d01e82ee99f2c98867c
Reviewed-on: https://boringssl-review.googlesource.com/13804
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/handshake_client.c b/ssl/handshake_client.c
index 35c3d14..e6b8c09 100644
--- a/ssl/handshake_client.c
+++ b/ssl/handshake_client.c
@@ -248,7 +248,7 @@
break;
case SSL3_ST_CR_CERT_A:
- if (ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) {
+ if (ssl_cipher_uses_certificate_auth(hs->new_cipher)) {
ret = ssl3_get_server_certificate(hs);
if (ret <= 0) {
goto end;
@@ -268,7 +268,7 @@
break;
case SSL3_ST_VERIFY_SERVER_CERT:
- if (ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) {
+ if (ssl_cipher_uses_certificate_auth(hs->new_cipher)) {
ret = ssl3_verify_server_cert(hs);
if (ret <= 0) {
goto end;
@@ -286,7 +286,7 @@
break;
case SSL3_ST_CR_CERT_REQ_A:
- if (ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) {
+ if (ssl_cipher_uses_certificate_auth(hs->new_cipher)) {
ret = ssl3_get_certificate_request(hs);
if (ret <= 0) {
goto end;
@@ -467,15 +467,15 @@
* of the new established_session due to False Start. The caller may
* have taken a reference to the temporary session. */
ssl->s3->established_session =
- SSL_SESSION_dup(ssl->s3->new_session, SSL_SESSION_DUP_ALL);
+ SSL_SESSION_dup(hs->new_session, SSL_SESSION_DUP_ALL);
if (ssl->s3->established_session == NULL) {
ret = -1;
goto end;
}
ssl->s3->established_session->not_resumable = 0;
- SSL_SESSION_free(ssl->s3->new_session);
- ssl->s3->new_session = NULL;
+ SSL_SESSION_free(hs->new_session);
+ hs->new_session = NULL;
}
hs->state = SSL_ST_OK;
@@ -912,9 +912,9 @@
goto f_err;
}
/* Note: session_id could be empty. */
- ssl->s3->new_session->session_id_length = CBS_len(&session_id);
- OPENSSL_memcpy(ssl->s3->new_session->session_id, CBS_data(&session_id),
- CBS_len(&session_id));
+ hs->new_session->session_id_length = CBS_len(&session_id);
+ OPENSSL_memcpy(hs->new_session->session_id, CBS_data(&session_id),
+ CBS_len(&session_id));
}
const SSL_CIPHER *c = SSL_get_cipher_by_value(cipher_suite);
@@ -956,9 +956,9 @@
goto f_err;
}
} else {
- ssl->s3->new_session->cipher = c;
+ hs->new_session->cipher = c;
}
- ssl->s3->tmp.new_cipher = c;
+ hs->new_cipher = c;
/* Now that the cipher is known, initialize the handshake hash and hash the
* ServerHello. */
@@ -972,7 +972,7 @@
* which requires hashing the handshake transcript. Otherwise, the handshake
* buffer may be released. */
if (ssl->session != NULL ||
- !ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) {
+ !ssl_cipher_uses_certificate_auth(hs->new_cipher)) {
SSL_TRANSCRIPT_free_buffer(&hs->transcript);
}
@@ -1033,27 +1033,27 @@
CBS_init(&cbs, ssl->init_msg, ssl->init_num);
uint8_t alert = SSL_AD_DECODE_ERROR;
- sk_CRYPTO_BUFFER_pop_free(ssl->s3->new_session->certs, CRYPTO_BUFFER_free);
+ sk_CRYPTO_BUFFER_pop_free(hs->new_session->certs, CRYPTO_BUFFER_free);
EVP_PKEY_free(hs->peer_pubkey);
hs->peer_pubkey = NULL;
- ssl->s3->new_session->certs = ssl_parse_cert_chain(
- &alert, &hs->peer_pubkey, NULL, &cbs, ssl->ctx->pool);
- if (ssl->s3->new_session->certs == NULL) {
+ hs->new_session->certs = ssl_parse_cert_chain(&alert, &hs->peer_pubkey, NULL,
+ &cbs, ssl->ctx->pool);
+ if (hs->new_session->certs == NULL) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
return -1;
}
- if (sk_CRYPTO_BUFFER_num(ssl->s3->new_session->certs) == 0 ||
+ if (sk_CRYPTO_BUFFER_num(hs->new_session->certs) == 0 ||
CBS_len(&cbs) != 0 ||
- !ssl->ctx->x509_method->session_cache_objects(ssl->s3->new_session)) {
+ !ssl->ctx->x509_method->session_cache_objects(hs->new_session)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
return -1;
}
if (!ssl_check_leaf_certificate(
- ssl, hs->peer_pubkey,
- sk_CRYPTO_BUFFER_value(ssl->s3->new_session->certs, 0))) {
+ hs, hs->peer_pubkey,
+ sk_CRYPTO_BUFFER_value(hs->new_session->certs, 0))) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
return -1;
}
@@ -1094,8 +1094,8 @@
goto f_err;
}
- if (!CBS_stow(&ocsp_response, &ssl->s3->new_session->ocsp_response,
- &ssl->s3->new_session->ocsp_response_length)) {
+ if (!CBS_stow(&ocsp_response, &hs->new_session->ocsp_response,
+ &hs->new_session->ocsp_response_length)) {
al = SSL_AD_INTERNAL_ERROR;
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
goto f_err;
@@ -1109,8 +1109,8 @@
static int ssl3_verify_server_cert(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
- if (!ssl_verify_cert_chain(ssl, &ssl->s3->new_session->verify_result,
- ssl->s3->new_session->x509_chain)) {
+ if (!ssl_verify_cert_chain(ssl, &hs->new_session->verify_result,
+ hs->new_session->x509_chain)) {
return -1;
}
@@ -1131,7 +1131,7 @@
if (ssl->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE) {
/* Some ciphers (pure PSK) have an optional ServerKeyExchange message. */
- if (ssl_cipher_requires_server_key_exchange(ssl->s3->tmp.new_cipher)) {
+ if (ssl_cipher_requires_server_key_exchange(hs->new_cipher)) {
OPENSSL_PUT_ERROR(SSL, SSL_R_UNEXPECTED_MESSAGE);
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_UNEXPECTED_MESSAGE);
return -1;
@@ -1150,8 +1150,8 @@
CBS_init(&server_key_exchange, ssl->init_msg, ssl->init_num);
CBS server_key_exchange_orig = server_key_exchange;
- uint32_t alg_k = ssl->s3->tmp.new_cipher->algorithm_mkey;
- uint32_t alg_a = ssl->s3->tmp.new_cipher->algorithm_auth;
+ uint32_t alg_k = hs->new_cipher->algorithm_mkey;
+ uint32_t alg_a = hs->new_cipher->algorithm_auth;
if (alg_a & SSL_aPSK) {
CBS psk_identity_hint;
@@ -1247,7 +1247,7 @@
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
goto f_err;
}
- ssl->s3->new_session->group_id = group_id;
+ hs->new_session->group_id = group_id;
/* Ensure the group is consistent with preferences. */
if (!tls1_check_group_id(ssl, group_id)) {
@@ -1275,7 +1275,7 @@
CBS_len(&server_key_exchange_orig) - CBS_len(&server_key_exchange));
/* ServerKeyExchange should be signed by the server's public key. */
- if (ssl_cipher_uses_certificate_auth(ssl->s3->tmp.new_cipher)) {
+ if (ssl_cipher_uses_certificate_auth(hs->new_cipher)) {
uint16_t signature_algorithm = 0;
if (ssl3_protocol_version(ssl) >= TLS1_2_VERSION) {
if (!CBS_get_u16(&server_key_exchange, &signature_algorithm)) {
@@ -1286,7 +1286,7 @@
if (!tls12_check_peer_sigalg(ssl, &al, signature_algorithm)) {
goto f_err;
}
- ssl->s3->new_session->peer_signature_algorithm = signature_algorithm;
+ hs->new_session->peer_signature_algorithm = signature_algorithm;
} else if (hs->peer_pubkey->type == EVP_PKEY_RSA) {
signature_algorithm = SSL_SIGN_RSA_PKCS1_MD5_SHA1;
} else if (hs->peer_pubkey->type == EVP_PKEY_EC) {
@@ -1495,8 +1495,8 @@
goto err;
}
- uint32_t alg_k = ssl->s3->tmp.new_cipher->algorithm_mkey;
- uint32_t alg_a = ssl->s3->tmp.new_cipher->algorithm_auth;
+ uint32_t alg_k = hs->new_cipher->algorithm_mkey;
+ uint32_t alg_a = hs->new_cipher->algorithm_auth;
/* If using a PSK key exchange, prepare the pre-shared key. */
unsigned psk_len = 0;
@@ -1519,9 +1519,9 @@
}
assert(psk_len <= PSK_MAX_PSK_LEN);
- OPENSSL_free(ssl->s3->new_session->psk_identity);
- ssl->s3->new_session->psk_identity = BUF_strdup(identity);
- if (ssl->s3->new_session->psk_identity == NULL) {
+ OPENSSL_free(hs->new_session->psk_identity);
+ hs->new_session->psk_identity = BUF_strdup(identity);
+ if (hs->new_session->psk_identity == NULL) {
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
goto err;
}
@@ -1644,13 +1644,12 @@
goto err;
}
- ssl->s3->new_session->master_key_length = tls1_generate_master_secret(
- hs, ssl->s3->new_session->master_key, pms, pms_len);
- if (ssl->s3->new_session->master_key_length == 0) {
+ hs->new_session->master_key_length = tls1_generate_master_secret(
+ hs, hs->new_session->master_key, pms, pms_len);
+ if (hs->new_session->master_key_length == 0) {
goto err;
}
- ssl->s3->new_session->extended_master_secret =
- ssl->s3->tmp.extended_master_secret;
+ hs->new_session->extended_master_secret = ssl->s3->tmp.extended_master_secret;
OPENSSL_cleanse(pms, pms_len);
OPENSSL_free(pms);
@@ -1708,9 +1707,9 @@
uint8_t digest[EVP_MAX_MD_SIZE];
size_t digest_len;
- if (!SSL_TRANSCRIPT_ssl3_cert_verify_hash(
- &hs->transcript, digest, &digest_len, ssl->s3->new_session,
- signature_algorithm)) {
+ if (!SSL_TRANSCRIPT_ssl3_cert_verify_hash(&hs->transcript, digest,
+ &digest_len, hs->new_session,
+ signature_algorithm)) {
goto err;
}
@@ -1838,7 +1837,7 @@
}
int session_renewed = ssl->session != NULL;
- SSL_SESSION *session = ssl->s3->new_session;
+ SSL_SESSION *session = hs->new_session;
if (session_renewed) {
/* The server is sending a new ticket for an existing session. Sessions are
* immutable once established, so duplicate all but the ticket of the