diff options
| author | Martin Thomson <martin.thomson@gmail.com> | 2017-09-11 15:49:53 +1000 |
|---|---|---|
| committer | Martin Thomson <martin.thomson@gmail.com> | 2017-09-11 15:49:53 +1000 |
| commit | 5279f98950ac2a31ecd45ce326cdb782c509a9b3 (patch) | |
| tree | e575d741e8fc0ce3f12cf1127737cab4c0f5a82f /lib/ssl/sslinfo.c | |
| parent | b68bc690228555731f5801fe2bca96968bc8814a (diff) | |
| download | nss-hg-5279f98950ac2a31ecd45ce326cdb782c509a9b3.tar.gz | |
Bug 1398679 - Make cipher specs properly directional, r=ekr
This makes each cipher spec unidirectional. This is a tiny bit less efficient
in TLS 1.2 and earlier, where some of the material could be shared (a few
pointers essentially) but it is much more efficient for TLS 1.3.
There is now only one variable of each type on the specs. Up to now, the specs
had two copies of almost everything to support being used for both read and
write. Now there are separate specs for reading and writing. We only
duplicate the pointers to the master secret, and the cipher definitions.
This also does away with the backing array that was used to hold two copies of
specs. Cipher specs are allocated on the heap as they are used and reference
counted, using the same system as is already used for TLS 1.3.
This uses the |direction| attribute that was previously added for TLS 1.3 and
uses that more thoroughly.
Diffstat (limited to 'lib/ssl/sslinfo.c')
| -rw-r--r-- | lib/ssl/sslinfo.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/ssl/sslinfo.c b/lib/ssl/sslinfo.c index 90357bb94..d88643abc 100644 --- a/lib/ssl/sslinfo.c +++ b/lib/ssl/sslinfo.c @@ -494,7 +494,7 @@ SSL_ExportKeyingMaterial(PRFileDesc *fd, * secret is available and we have sent ChangeCipherSpec. */ ssl_GetSpecReadLock(ss); - if (!ss->ssl3.cwSpec->master_secret) { + if (!ss->ssl3.cwSpec->masterSecret) { PORT_SetError(SSL_ERROR_HANDSHAKE_NOT_COMPLETED); rv = SECFailure; } else { |