kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Move srtp_profile to ssl->s3. 

This too is connection-level state to be reset on SSL_clear.

Change-Id: I071c9431c28a7d0ff3eb20c679784d4aa4c236a5
Reviewed-on: https://boringssl-review.googlesource.com/27490
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Steven Valdez <svaldez@google.com>
kris/onging/CECPQ3_patch15
David Benjamin 6 years ago
committed by CQ bot account: commit-bot@chromium.org
parent
e28552dec8
commit
fceca8e27b
3 changed files with 10 additions and 10 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      ssl/d1_srtp.cc
  2. +4
    -4
      ssl/internal.h
  3. +5
    -5
      ssl/t1_lib.cc

+ 1
- 1
ssl/d1_srtp.cc View File

@@ -218,7 +218,7 @@ STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl) {
}

const SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *ssl) {
return ssl->srtp_profile;
return ssl->s3->srtp_profile;
}

int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles) {


+ 4
- 4
ssl/internal.h View File

@@ -2449,6 +2449,10 @@ struct SSL3_STATE {

// Contains the QUIC transport params received by the peer.
Array<uint8_t> peer_quic_transport_params;

// srtp_profile is the selected SRTP protection profile for
// DTLS-SRTP.
const SRTP_PROTECTION_PROFILE *srtp_profile = nullptr;
};

// lengths of messages
@@ -2680,10 +2684,6 @@ struct SSLConnection {
// DTLS-SRTP.
STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles;

// srtp_profile is the selected SRTP protection profile for
// DTLS-SRTP.
const SRTP_PROTECTION_PROFILE *srtp_profile;

// The client's Channel ID private key.
EVP_PKEY *tlsext_channel_id_private;



+ 5
- 5
ssl/t1_lib.cc View File

@@ -1646,7 +1646,7 @@ static bool ext_channel_id_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {


static void ext_srtp_init(SSL_HANDSHAKE *hs) {
hs->ssl->srtp_profile = NULL;
hs->ssl->s3->srtp_profile = NULL;
}

static bool ext_srtp_add_clienthello(SSL_HANDSHAKE *hs, CBB *out) {
@@ -1713,7 +1713,7 @@ static bool ext_srtp_parse_serverhello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
// offered).
for (const SRTP_PROTECTION_PROFILE *profile : profiles) {
if (profile->id == profile_id) {
ssl->srtp_profile = profile;
ssl->s3->srtp_profile = profile;
return true;
}
}
@@ -1755,7 +1755,7 @@ static bool ext_srtp_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,
}

if (server_profile->id == profile_id) {
ssl->srtp_profile = server_profile;
ssl->s3->srtp_profile = server_profile;
return true;
}
}
@@ -1766,7 +1766,7 @@ static bool ext_srtp_parse_clienthello(SSL_HANDSHAKE *hs, uint8_t *out_alert,

static bool ext_srtp_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
SSL *const ssl = hs->ssl;
if (ssl->srtp_profile == NULL) {
if (ssl->s3->srtp_profile == NULL) {
return true;
}

@@ -1774,7 +1774,7 @@ static bool ext_srtp_add_serverhello(SSL_HANDSHAKE *hs, CBB *out) {
if (!CBB_add_u16(out, TLSEXT_TYPE_srtp) ||
!CBB_add_u16_length_prefixed(out, &contents) ||
!CBB_add_u16_length_prefixed(&contents, &profile_ids) ||
!CBB_add_u16(&profile_ids, ssl->srtp_profile->id) ||
!CBB_add_u16(&profile_ids, ssl->s3->srtp_profile->id) ||
!CBB_add_u8(&contents, 0 /* empty MKI */) ||
!CBB_flush(out)) {
return false;


Write Preview
Loading…
Cancel
Save