Add an accessor for session->certs.

Chromium has some code which reaches into this field for memory
accounting.

This fixes a bug in doc.go where this line-wrapping confuses it. doc.go
needs a bit of a rewrite, but this is a bit better.

Change-Id: Ic9cc2c2fe9329d7bc366ccf91e0c9a92eae08ed2
Reviewed-on: https://boringssl-review.googlesource.com/27764
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
David Benjamin 2018-04-25 17:34:24 -04:00 committed by CQ bot account: commit-bot@chromium.org
parent bf4bcdf16e
commit 855dabc9df
3 changed files with 19 additions and 2 deletions

View File

@ -1694,6 +1694,13 @@ OPENSSL_EXPORT uint32_t SSL_SESSION_get_timeout(const SSL_SESSION *session);
// TODO(davidben): This should return a const X509 *. // TODO(davidben): This should return a const X509 *.
OPENSSL_EXPORT X509 *SSL_SESSION_get0_peer(const SSL_SESSION *session); OPENSSL_EXPORT X509 *SSL_SESSION_get0_peer(const SSL_SESSION *session);
// SSL_SESSION_get0_peer_certificates returns the peer certificate chain stored
// in |session|, or NULL if the peer did not use certificates. This is the
// unverified list of certificates as sent by the peer, not the final chain
// built during verification. The caller does not take ownership of the result.
OPENSSL_EXPORT const STACK_OF(CRYPTO_BUFFER) *
SSL_SESSION_get0_peer_certificates(const SSL_SESSION *session);
// SSL_SESSION_get_master_key writes up to |max_out| bytes of |session|'s master // SSL_SESSION_get_master_key writes up to |max_out| bytes of |session|'s master
// secret to |out| and returns the number of bytes written. If |max_out| is // secret to |out| and returns the number of bytes written. If |max_out| is
// zero, it returns the size of the master secret. // zero, it returns the size of the master secret.

View File

@ -913,6 +913,11 @@ X509 *SSL_SESSION_get0_peer(const SSL_SESSION *session) {
return session->x509_peer; return session->x509_peer;
} }
const STACK_OF(CRYPTO_BUFFER) *
SSL_SESSION_get0_peer_certificates(const SSL_SESSION *session) {
return session->certs;
}
size_t SSL_SESSION_get_master_key(const SSL_SESSION *session, uint8_t *out, size_t SSL_SESSION_get_master_key(const SSL_SESSION *session, uint8_t *out,
size_t max_out) { size_t max_out) {
// TODO(davidben): Fix master_key_length's type and remove these casts. // TODO(davidben): Fix master_key_length's type and remove these casts.

View File

@ -17,6 +17,7 @@ import (
"io/ioutil" "io/ioutil"
"os" "os"
"path/filepath" "path/filepath"
"regexp"
"strings" "strings"
) )
@ -216,6 +217,9 @@ func skipLine(s string) string {
return "" return ""
} }
var stackOfRegexp = regexp.MustCompile(`STACK_OF\(([^)]*)\)`)
var lhashOfRegexp = regexp.MustCompile(`LHASH_OF\(([^)]*)\)`)
func getNameFromDecl(decl string) (string, bool) { func getNameFromDecl(decl string) (string, bool) {
for strings.HasPrefix(decl, "#if") || strings.HasPrefix(decl, "#elif") { for strings.HasPrefix(decl, "#if") || strings.HasPrefix(decl, "#elif") {
decl = skipLine(decl) decl = skipLine(decl)
@ -249,8 +253,9 @@ func getNameFromDecl(decl string) (string, bool) {
return decl[:i], true return decl[:i], true
} }
decl = strings.TrimPrefix(decl, "OPENSSL_EXPORT ") decl = strings.TrimPrefix(decl, "OPENSSL_EXPORT ")
decl = strings.TrimPrefix(decl, "STACK_OF(") decl = strings.TrimPrefix(decl, "const ")
decl = strings.TrimPrefix(decl, "LHASH_OF(") decl = stackOfRegexp.ReplaceAllString(decl, "STACK_OF_$1")
decl = lhashOfRegexp.ReplaceAllString(decl, "LHASH_OF_$1")
i := strings.Index(decl, "(") i := strings.Index(decl, "(")
if i < 0 { if i < 0 {
return "", false return "", false