d94682dce5
The only place it is used is EC_KEY_{dup,copy} and no one calls that function on an EC_KEY with ex_data. This aligns with functions like RSAPublicKey_dup which do not copy ex_data. The logic is also somewhat subtle in the face of malloc errors (upstream's PR 3323). In fact, we'd even changed the function pointer signature from upstream, so BoringSSL-only code is needed to pass this pointer in anyway. (I haven't switched it to CRYPTO_EX_unused because there are some callers which pass in an implementation anyway.) Note, in upstream, the dup hook is also used for SSL_SESSIONs when those are duplicated (for TLS 1.2 ticket renewal or TLS 1.3 resumption). Our interpretation is that callers should treat those SSL_SESSIONs equivalently to newly-established ones. This avoids every consumer providing a dup hook and simplifies the interface. (I've gone ahead and removed the TODO(fork). I don't think we'll be able to change this API. Maybe introduce a new one, but it may not be worth it? Then again, this API is atrocious... I've never seen anyone use argl and argp even.) BUG=21 Change-Id: I6c9e9d5a02347cb229d4c084c1e85125bd741d2b Reviewed-on: https://boringssl-review.googlesource.com/16344 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> |
||
---|---|---|
.. | ||
check.c | ||
CMakeLists.txt | ||
dh_asn1.c | ||
dh_test.cc | ||
dh.c | ||
params.c |