Deduplicate peer certificate chain processing code.

Rather than reimplement this in each TLS client and server, deduplicate it
into a single function. Furthermore, rather than dealing with the API
hazard that is SSL_get_peer_cert_chain() in this code, simply produce two
chains - one that has the leaf and one that does not.
SSL_get_peer_cert_chain() can then return the appropriate one.

This also moves the peer cert chain from the SSL_SESSION to the
SSL_HANDSHAKE, which makes more sense since it is not available on
resumption.

ok tb@

1 files changed, 7 insertions, 3 deletions

diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h
index 18daf791f05..1bfeeb97407 100644
--- a/lib/libssl/ssl_locl.h
+++ b/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.417 2022/07/24 14:28:16 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.418 2022/08/17 07:39:19 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -518,8 +518,6 @@ struct ssl_session_st {
 	 * not_resumable_session_cb to disable session caching and tickets. */
 	int not_resumable;
 
-	STACK_OF(X509) *cert_chain; /* as received from peer */
-
 	size_t tlsext_ecpointformatlist_length;
 	uint8_t *tlsext_ecpointformatlist; /* peer's list */
 	size_t tlsext_supportedgroups_length;
@@ -645,6 +643,10 @@ typedef struct ssl_handshake_st {
 	uint8_t peer_finished[EVP_MAX_MD_SIZE];
 	size_t peer_finished_len;
 
+	/* List of certificates received from our peer. */
+	STACK_OF(X509) *peer_certs;
+	STACK_OF(X509) *peer_certs_no_leaf;
+
 	SSL_HANDSHAKE_TLS12 tls12;
 	SSL_HANDSHAKE_TLS13 tls13;
 } SSL_HANDSHAKE;
@@ -1566,6 +1568,8 @@ int srtp_find_profile_by_num(unsigned int profile_num,
 
 #endif /* OPENSSL_NO_SRTP */
 
+int tls_process_peer_certs(SSL *s, STACK_OF(X509) *peer_certs);
+
 __END_HIDDEN_DECLS
 
 #endif