Move the TLSv1.3 handshake struct inside the shared handshake struct.

There are currently three different handshake structs that are in use - the SSL_HANDSHAKE struct (as S3I(s)->hs), the SSL_HANDSHAKE_TLS13 struct (as S3I(s)->hs_tls13 or ctx->hs in the TLSv1.3 code) and the infamous 'tmp' embedded in SSL3_STATE_INTERNAL (as S3I(s)->tmp)). This is the first step towards cleaning up the handshake structs so that shared data is in the SSL_HANDSHAKE struct, with sub-structs for TLSv1.2 and TLSv1.3 specific information. Place SSL_HANDSHAKE_TLS13 inside SSL_HANDSHAKE and change ctx->hs to refer to the SSL_HANDSHAKE struct instead of the SSL_HANDSHAKE_TLS13 struct. This allows the TLSv1.3 code to access the shared handshake data without needing the SSL struct. ok inoguchi@ tb@
author: jsing <> 2021-03-21 18:36:34 +0000
committer: jsing <> 2021-03-21 18:36:34 +0000
commit: b4267956efe26acca04e81248b224852ab3b48df (patch)
tree: 04368005066ac217cbc5ba4c6633356e81eb6d00 /src/lib/libssl/ssl_locl.h
parent: 25064bbd608cffa42b7bf46d3ea7eeb88d693de4 (diff)
download: openbsd-b4267956efe26acca04e81248b224852ab3b48df.tar.gz
openbsd-b4267956efe26acca04e81248b224852ab3b48df.tar.bz2
openbsd-b4267956efe26acca04e81248b224852ab3b48df.zip
1 files changed, 41 insertions, 40 deletions
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index 99b72cc65e..33eb3bba7d 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.327 2021/03/17 17:42:53 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.328 2021/03/21 18:36:34 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -410,6 +410,44 @@ typedef struct ssl_session_internal_st {
 } SSL_SESSION_INTERNAL;
 #define SSI(s) (s->session->internal)
+typedef struct cert_pkey_st {
+        X509 *x509;
+        EVP_PKEY *privatekey;
+        STACK_OF(X509) *chain;
+} CERT_PKEY;
+typedef struct ssl_handshake_tls13_st {
+        int use_legacy;
+        int hrr;
+        /* Certificate and sigalg selected for use (static pointers). */
+        const CERT_PKEY *cpk;
+        const struct ssl_sigalg *sigalg;
+        /* Version proposed by peer server. */
+        uint16_t server_version;
+        uint16_t server_group;
+        struct tls13_key_share *key_share;
+        struct tls13_secrets *secrets;
+        uint8_t *cookie;
+        size_t cookie_len;
+        /* Preserved transcript hash. */
+        uint8_t transcript_hash[EVP_MAX_MD_SIZE];
+        size_t transcript_hash_len;
+        /* Legacy session ID. */
+        uint8_t legacy_session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
+        size_t legacy_session_id_len;
+        /* ClientHello hash, used to validate following HelloRetryRequest */
+        EVP_MD_CTX *clienthello_md_ctx;
+        unsigned char *clienthello_hash;
+        unsigned int clienthello_hash_len;
+} SSL_HANDSHAKE_TLS13;
 typedef struct ssl_handshake_st {
        /*
         * Minimum and maximum versions supported for this handshake. These are
@@ -428,6 +466,8 @@ typedef struct ssl_handshake_st {
         */
        uint16_t negotiated_tls_version;
+        SSL_HANDSHAKE_TLS13 tls13;
        /* state contains one of the SSL3_ST_* values. */
        int state;
@@ -449,44 +489,6 @@ typedef struct ssl_handshake_st {
        uint8_t *sigalgs;
 } SSL_HANDSHAKE;
-typedef struct cert_pkey_st {
-        X509 *x509;
-        EVP_PKEY *privatekey;
-        STACK_OF(X509) *chain;
-} CERT_PKEY;
-typedef struct ssl_handshake_tls13_st {
-        int use_legacy;
-        int hrr;
-        /* Certificate and sigalg selected for use (static pointers). */
-        const CERT_PKEY *cpk;
-        const struct ssl_sigalg *sigalg;
-        /* Version proposed by peer server. */
-        uint16_t server_version;
-        uint16_t server_group;
-        struct tls13_key_share *key_share;
-        struct tls13_secrets *secrets;
-        uint8_t *cookie;
-        size_t cookie_len;
-        /* Preserved transcript hash. */
-        uint8_t transcript_hash[EVP_MAX_MD_SIZE];
-        size_t transcript_hash_len;
-        /* Legacy session ID. */
-        uint8_t legacy_session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
-        size_t legacy_session_id_len;
-        /* ClientHello hash, used to validate following HelloRetryRequest */
-        EVP_MD_CTX *clienthello_md_ctx;
-        unsigned char *clienthello_hash;
-        unsigned int clienthello_hash_len;
-} SSL_HANDSHAKE_TLS13;
 struct tls12_record_layer;
 struct tls12_record_layer *tls12_record_layer_new(void);
@@ -907,7 +909,6 @@ typedef struct ssl3_state_internal_st {
        int in_read_app_data;
        SSL_HANDSHAKE hs;
-        SSL_HANDSHAKE_TLS13 hs_tls13;
        struct  {
                unsigned char cert_verify_md[EVP_MAX_MD_SIZE];
author	jsing <>	2021-03-21 18:36:34 +0000
committer	jsing <>	2021-03-21 18:36:34 +0000
commit	b4267956efe26acca04e81248b224852ab3b48df (patch)
tree	04368005066ac217cbc5ba4c6633356e81eb6d00 /src/lib/libssl/ssl_locl.h
parent	25064bbd608cffa42b7bf46d3ea7eeb88d693de4 (diff)
download	openbsd-b4267956efe26acca04e81248b224852ab3b48df.tar.gz openbsd-b4267956efe26acca04e81248b224852ab3b48df.tar.bz2 openbsd-b4267956efe26acca04e81248b224852ab3b48df.zip