kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Move srtp_profiles to SSL_CONFIG.

Browse Source 
These are also not needed after the handshake.

Change-Id: I5de2d5cf18a3783a6c04c0a8fe311069fb51b939
Reviewed-on: https://boringssl-review.googlesource.com/27986
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
David Benjamin 2018-05-02 16:11:34 -04:00 committed by CQ bot account: commit-bot@chromium.org
parent 98472cb30d
commit b95d4b4cb3
3 changed files with 16 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
ssl/d1_srtp.cc
View File

@ -198,23 +198,22 @@ int SSL_CTX_set_srtp_profiles(SSL_CTX *ctx, const char *profiles) {
} }
int SSL_set_srtp_profiles(SSL *ssl, const char *profiles) { int SSL_set_srtp_profiles(SSL *ssl, const char *profiles) {
return ssl_ctx_make_profiles(profiles, &ssl->srtp_profiles); return ssl->config != nullptr &&
ssl_ctx_make_profiles(profiles, &ssl->config->srtp_profiles);
} }
STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl) { STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl) {
if (ssl == NULL) { if (ssl == nullptr) {
return NULL; return nullptr;
} }
if (ssl->srtp_profiles != NULL) { if (ssl->config == nullptr) {
return ssl->srtp_profiles; assert(0);
return nullptr;
} }
if (ssl->ctx->srtp_profiles != NULL) { return ssl->config->srtp_profiles != nullptr ? ssl->config->srtp_profiles
return ssl->ctx->srtp_profiles; : ssl->ctx->srtp_profiles;
}
return NULL;
} }
const SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *ssl) { const SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *ssl) {

8
ssl/internal.h
View File

@ -2665,6 +2665,10 @@ struct SSL_CONFIG {
uint8_t *quic_transport_params = nullptr; uint8_t *quic_transport_params = nullptr;
size_t quic_transport_params_len = 0; size_t quic_transport_params_len = 0;
// srtp_profiles is the list of configured SRTP protection profiles for
// DTLS-SRTP.
STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles = nullptr;
// verify_mode is a bitmask of |SSL_VERIFY_*| values. // verify_mode is a bitmask of |SSL_VERIFY_*| values.
uint8_t verify_mode = SSL_VERIFY_NONE; uint8_t verify_mode = SSL_VERIFY_NONE;
@ -2763,10 +2767,6 @@ struct SSLConnection {
uint32_t max_cert_list; uint32_t max_cert_list;
char *tlsext_hostname; char *tlsext_hostname;
// srtp_profiles is the list of configured SRTP protection profiles for
// DTLS-SRTP.
STACK_OF(SRTP_PROTECTION_PROFILE) * srtp_profiles;
// renegotiate_mode controls how peer renegotiation attempts are handled. // renegotiate_mode controls how peer renegotiation attempts are handled.
enum ssl_renegotiate_mode_t renegotiate_mode; enum ssl_renegotiate_mode_t renegotiate_mode;

6
ssl/ssl_lib.cc
View File

@ -806,12 +806,13 @@ SSL_CONFIG::~SSL_CONFIG() {
} }
Delete(cipher_list); Delete(cipher_list);
Delete(cert); Delete(cert);
OPENSSL_free(psk_identity_hint);
OPENSSL_free(supported_group_list); OPENSSL_free(supported_group_list);
EVP_PKEY_free(tlsext_channel_id_private);
OPENSSL_free(alpn_client_proto_list); OPENSSL_free(alpn_client_proto_list);
OPENSSL_free(token_binding_params); OPENSSL_free(token_binding_params);
OPENSSL_free(quic_transport_params); OPENSSL_free(quic_transport_params);
EVP_PKEY_free(tlsext_channel_id_private); sk_SRTP_PROTECTION_PROFILE_free(srtp_profiles);
OPENSSL_free(psk_identity_hint);
sk_CRYPTO_BUFFER_pop_free(client_CA, CRYPTO_BUFFER_free); sk_CRYPTO_BUFFER_pop_free(client_CA, CRYPTO_BUFFER_free);
} }
@ -831,7 +832,6 @@ void SSL_free(SSL *ssl) {
SSL_SESSION_free(ssl->session); SSL_SESSION_free(ssl->session);
OPENSSL_free(ssl->tlsext_hostname); OPENSSL_free(ssl->tlsext_hostname);
sk_SRTP_PROTECTION_PROFILE_free(ssl->srtp_profiles);
if (ssl->method != NULL) { if (ssl->method != NULL) {
ssl->method->ssl_free(ssl); ssl->method->ssl_free(ssl);