commit 4882a6c50bf1d62764c96677a9aaf50722df0904
author David Benjamin <davidben@google.com> Sun Dec 11 02:48:12 2016 -0500
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Wed Dec 14 01:07:20 2016 +0000
tree f101bfaa34793ed0957b5ee36e9d601129a3257f
parent 54881224e885199e8fdcd383a6136b1243be6382

Replace key_exchange_info with group_id.

The only accessor for this field is the group/curve ID. Switch to only
storing that so no cipher checks are needed to interpret it. Instead,
ignore older values at parse time.

Change-Id: Id0946d4ac9e7482c69e64cc368a9d0cddf328bd3
Reviewed-on: https://boringssl-review.googlesource.com/12693
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/ssl_lib.c

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 383fbbc..8410a30 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1593,14 +1593,11 @@
   /* TODO(davidben): This checks the wrong session if there is a renegotiation in
    * progress. */
   SSL_SESSION *session = SSL_get_session(ssl);
-  if (session == NULL ||
-      session->cipher == NULL ||
-      (ssl3_protocol_version(ssl) < TLS1_3_VERSION &&
-       !SSL_CIPHER_is_ECDHE(session->cipher))) {
+  if (session == NULL) {
     return 0;
   }
 
-  return (uint16_t)session->key_exchange_info;
+  return session->group_id;
 }
 
 int SSL_CTX_set_tmp_dh(SSL_CTX *ctx, const DH *dh) {