Remove session_ctx macro.
Don't pollute the embedder's namespace with a session_ctx macro. It looks like
the difference was that, without TLS extensions, session_ctx was ctx rather
than initial_ctx. Now it's always initial_ctx. Retain the semantics of
switching SSL_CTX's out after the fact, until/unless we decide to replace that
with something less scary-sounding.
Change-Id: Ie5df5138aec25218ca80031cf645671968b8a54a
Reviewed-on: https://boringssl-review.googlesource.com/1663
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index de91feb..0100fb9 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1396,8 +1396,6 @@
uint8_t *next_proto_negotiated;
size_t next_proto_negotiated_len;
-#define session_ctx initial_ctx
-
STACK_OF(SRTP_PROTECTION_PROFILE) *srtp_profiles; /* What we'll do */
SRTP_PROTECTION_PROFILE *srtp_profile; /* What's been chosen */
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index d6f6bdc..01d59c4 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2344,14 +2344,14 @@
* and it would be rather hard to do anyway :-) */
if (s->session->session_id_length == 0) return;
- i=s->session_ctx->session_cache_mode;
+ i=s->initial_ctx->session_cache_mode;
if ((i & mode) && (!s->hit)
&& ((i & SSL_SESS_CACHE_NO_INTERNAL_STORE)
- || SSL_CTX_add_session(s->session_ctx,s->session))
- && (s->session_ctx->new_session_cb != NULL))
+ || SSL_CTX_add_session(s->initial_ctx,s->session))
+ && (s->initial_ctx->new_session_cb != NULL))
{
CRYPTO_add(&s->session->references,1,CRYPTO_LOCK_SSL_SESSION);
- if (!s->session_ctx->new_session_cb(s,s->session))
+ if (!s->initial_ctx->new_session_cb(s,s->session))
SSL_SESSION_free(s->session);
}
@@ -2360,10 +2360,10 @@
((i & mode) == mode))
{
if ( (((mode & SSL_SESS_CACHE_CLIENT)
- ?s->session_ctx->stats.sess_connect_good
- :s->session_ctx->stats.sess_accept_good) & 0xff) == 0xff)
+ ?s->initial_ctx->stats.sess_connect_good
+ :s->initial_ctx->stats.sess_accept_good) & 0xff) == 0xff)
{
- SSL_CTX_flush_sessions(s->session_ctx,(unsigned long)time(NULL));
+ SSL_CTX_flush_sessions(s->initial_ctx,(unsigned long)time(NULL));
}
}
}
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index bc20e86..c48c64b 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -272,8 +272,8 @@
if ((ss=SSL_SESSION_new()) == NULL) return(0);
/* If the context has a default timeout, use it over the default. */
- if (s->session_ctx->session_timeout != 0)
- ss->timeout=s->session_ctx->session_timeout;
+ if (s->initial_ctx->session_timeout != 0)
+ ss->timeout=s->initial_ctx->session_timeout;
if (s->session != NULL)
{
@@ -334,8 +334,8 @@
CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
if(s->generate_session_id)
cb = s->generate_session_id;
- else if(s->session_ctx->generate_session_id)
- cb = s->session_ctx->generate_session_id;
+ else if(s->initial_ctx->generate_session_id)
+ cb = s->initial_ctx->generate_session_id;
CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
/* Choose a session ID */
tmp = ss->session_id_length;
@@ -458,7 +458,7 @@
if (try_session_cache &&
ret == NULL &&
- !(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
+ !(s->initial_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_LOOKUP))
{
SSL_SESSION data;
data.ssl_version=s->version;
@@ -467,7 +467,7 @@
return 0;
memcpy(data.session_id,ctx->session_id,ctx->session_id_len);
CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
- ret=lh_SSL_SESSION_retrieve(s->session_ctx->sessions,&data);
+ ret=lh_SSL_SESSION_retrieve(s->initial_ctx->sessions,&data);
if (ret != NULL)
{
/* don't allow other threads to steal it: */
@@ -475,16 +475,16 @@
}
CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
if (ret == NULL)
- s->session_ctx->stats.sess_miss++;
+ s->initial_ctx->stats.sess_miss++;
}
if (try_session_cache &&
ret == NULL &&
- s->session_ctx->get_session_cb != NULL)
+ s->initial_ctx->get_session_cb != NULL)
{
int copy=1;
- if ((ret=s->session_ctx->get_session_cb(s,(unsigned char *) ctx->session_id,ctx->session_id_len,©)))
+ if ((ret=s->initial_ctx->get_session_cb(s,(unsigned char *) ctx->session_id,ctx->session_id_len,©)))
{
if (ret == SSL_magic_pending_session_ptr())
{
@@ -493,7 +493,7 @@
* figure out the session asynchronously. */
return PENDING_SESSION;
}
- s->session_ctx->stats.sess_cb_hit++;
+ s->initial_ctx->stats.sess_cb_hit++;
/* Increment reference count now if the session callback
* asks us to do so (note that if the session structures
@@ -505,10 +505,10 @@
/* Add the externally cached session to the internal
* cache as well if and only if we are supposed to. */
- if(!(s->session_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE))
+ if(!(s->initial_ctx->session_cache_mode & SSL_SESS_CACHE_NO_INTERNAL_STORE))
/* The following should not return 1, otherwise,
* things are very strange */
- SSL_CTX_add_session(s->session_ctx,ret);
+ SSL_CTX_add_session(s->initial_ctx,ret);
}
}
@@ -544,16 +544,16 @@
if (ret->timeout < (long)(time(NULL) - ret->time)) /* timeout */
{
- s->session_ctx->stats.sess_timeout++;
+ s->initial_ctx->stats.sess_timeout++;
if (try_session_cache)
{
/* session was from the cache, so remove it */
- SSL_CTX_remove_session(s->session_ctx,ret);
+ SSL_CTX_remove_session(s->initial_ctx,ret);
}
goto err;
}
- s->session_ctx->stats.sess_hit++;
+ s->initial_ctx->stats.sess_hit++;
if (s->session != NULL)
SSL_SESSION_free(s->session);