The function has exactly one caller. Also add some comments. Change-Id: I1566aed625449c91f25a777f5a4232d236019ed7 Reviewed-on: https://boringssl-review.googlesource.com/20673 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>kris/onging/CECPQ3_patch15
@@ -600,14 +600,19 @@ static enum ssl_hs_wait_t do_read_server_hello(SSL_HANDSHAKE *hs) { | |||||
return ssl_hs_ok; | return ssl_hs_ok; | ||||
} | } | ||||
// Clear some TLS 1.3 state that no longer needs to be retained. | |||||
hs->key_share.reset(); | |||||
hs->key_share_bytes.Reset(); | |||||
// A TLS 1.2 server would not know to skip the early data we offered. Report | |||||
// an error code sooner. The caller may use this error code to implement the | |||||
// fallback described in draft-ietf-tls-tls13-18 appendix C.3. | |||||
if (hs->early_data_offered) { | if (hs->early_data_offered) { | ||||
OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_VERSION_ON_EARLY_DATA); | OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_VERSION_ON_EARLY_DATA); | ||||
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_PROTOCOL_VERSION); | ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_PROTOCOL_VERSION); | ||||
return ssl_hs_error; | return ssl_hs_error; | ||||
} | } | ||||
ssl_clear_tls13_state(hs); | |||||
if (!ssl_check_message_type(ssl, msg, SSL3_MT_SERVER_HELLO)) { | if (!ssl_check_message_type(ssl, msg, SSL3_MT_SERVER_HELLO)) { | ||||
return ssl_hs_error; | return ssl_hs_error; | ||||
} | } | ||||
@@ -1517,10 +1517,6 @@ int ssl_is_sct_list_valid(const CBS *contents); | |||||
int ssl_write_client_hello(SSL_HANDSHAKE *hs); | int ssl_write_client_hello(SSL_HANDSHAKE *hs); | ||||
// ssl_clear_tls13_state releases client state only needed for TLS 1.3. It | |||||
// should be called once the version is known to be TLS 1.2 or earlier. | |||||
void ssl_clear_tls13_state(SSL_HANDSHAKE *hs); | |||||
enum ssl_cert_verify_context_t { | enum ssl_cert_verify_context_t { | ||||
ssl_cert_verify_server, | ssl_cert_verify_server, | ||||
ssl_cert_verify_client, | ssl_cert_verify_client, | ||||
@@ -839,9 +839,4 @@ int tls13_process_new_session_ticket(SSL *ssl, const SSLMessage &msg) { | |||||
return 1; | return 1; | ||||
} | } | ||||
void ssl_clear_tls13_state(SSL_HANDSHAKE *hs) { | |||||
hs->key_share.reset(); | |||||
hs->key_share_bytes.Reset(); | |||||
} | |||||
} // namespace bssl | } // namespace bssl |