Tweak ssl_early_callback_init.

It really should take a few more parameters and save a bit of
long-winded initialization work.

Change-Id: I2823f0aa82be39914a156323f6f32b470b6d6a3b
Reviewed-on: https://boringssl-review.googlesource.com/8876
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/handshake_server.c

@@ -548,11 +548,8 @@ static int ssl3_get_client_hello(SSL *ssl) {
       /* fallthrough */
     case SSL3_ST_SR_CLNT_HELLO_B:
     case SSL3_ST_SR_CLNT_HELLO_C:
-      memset(&early_ctx, 0, sizeof(early_ctx));
-      early_ctx.ssl = ssl;
-      early_ctx.client_hello = ssl->init_msg;
-      early_ctx.client_hello_len = ssl->init_num;
-      if (!ssl_early_callback_init(&early_ctx)) {
+      if (!ssl_early_callback_init(ssl, &early_ctx, ssl->init_msg,
+                                   ssl->init_num)) {
         al = SSL_AD_DECODE_ERROR;
         OPENSSL_PUT_ERROR(SSL, SSL_R_CLIENTHELLO_PARSE_FAILED);
         goto f_err;

ssl/internal.h

@@ -1342,7 +1342,8 @@ int tls1_handshake_digest(SSL *ssl, uint8_t *out, size_t out_len);
 int tls1_generate_master_secret(SSL *ssl, uint8_t *out, const uint8_t *premaster,
                                 size_t premaster_len);
 
-char ssl_early_callback_init(struct ssl_early_callback_ctx *ctx);
+int ssl_early_callback_init(SSL *ssl, struct ssl_early_callback_ctx *ctx,
+                            const uint8_t *in, size_t in_len);
 
 /* tls1_get_grouplist sets |*out_group_ids| and |*out_group_ids_len| to the
  * list of allowed group IDs. If |get_peer_groups| is non-zero, return the

ssl/t1_lib.c

@@ -202,9 +202,14 @@ done:
   return ret;
 }
 
-char ssl_early_callback_init(struct ssl_early_callback_ctx *ctx) {
-  CBS client_hello, session_id, cipher_suites, compression_methods, extensions;
+int ssl_early_callback_init(SSL *ssl, struct ssl_early_callback_ctx *ctx,
+                            const uint8_t *in, size_t in_len) {
+  memset(ctx, 0, sizeof(*ctx));
+  ctx->ssl = ssl;
+  ctx->client_hello = in;
+  ctx->client_hello_len = in_len;
 
+  CBS client_hello, session_id, cipher_suites, compression_methods, extensions;
   CBS_init(&client_hello, ctx->client_hello, ctx->client_hello_len);
 
   if (/* Skip client version. */

ssl/tls13_server.c

@@ -106,20 +106,15 @@ static enum ssl_hs_wait_t do_process_client_hello(SSL *ssl, SSL_HANDSHAKE *hs) {
   }
 
   struct ssl_early_callback_ctx early_ctx;
-  uint16_t client_wire_version;
-  CBS client_random, session_id, cipher_suites, compression_methods;
-
-  memset(&early_ctx, 0, sizeof(early_ctx));
-  early_ctx.ssl = ssl;
-  early_ctx.client_hello = ssl->init_msg;
-  early_ctx.client_hello_len = ssl->init_num;
-  if (!ssl_early_callback_init(&early_ctx)) {
+  if (!ssl_early_callback_init(ssl, &early_ctx, ssl->init_msg,
+                               ssl->init_num)) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_CLIENTHELLO_PARSE_FAILED);
     ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
     return ssl_hs_error;
   }
 
-  CBS cbs;
+  CBS cbs, client_random, session_id, cipher_suites, compression_methods;
+  uint16_t client_wire_version;
   CBS_init(&cbs, ssl->init_msg, ssl->init_num);
   if (!CBS_get_u16(&cbs, &client_wire_version) ||
       !CBS_get_bytes(&cbs, &client_random, SSL3_RANDOM_SIZE) ||
@@ -280,12 +275,8 @@ static enum ssl_hs_wait_t do_process_second_client_hello(SSL *ssl,
   }
 
   struct ssl_early_callback_ctx early_ctx;
-
-  memset(&early_ctx, 0, sizeof(early_ctx));
-  early_ctx.ssl = ssl;
-  early_ctx.client_hello = ssl->init_msg;
-  early_ctx.client_hello_len = ssl->init_num;
-  if (!ssl_early_callback_init(&early_ctx)) {
+  if (!ssl_early_callback_init(ssl, &early_ctx, ssl->init_msg,
+                               ssl->init_num)) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_CLIENTHELLO_PARSE_FAILED);
     ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECODE_ERROR);
     return ssl_hs_error;