Pack an SSL* a little better.

On 64-bit systems the SSL structure is 1/16th padding. This change
reorders some fields and changes one to a bitfield in order to reduce
the memory usage a little.

Change-Id: Id7626a44d22652254717d544bdc2e08f1b0d705f
Reviewed-on: https://boringssl-review.googlesource.com/11140
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

1 files changed, 15 insertions, 18 deletions

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 0969dce9..8602ec6c 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -4010,9 +4010,16 @@ struct ssl_ctx_st {
 };
 
 struct ssl_st {
+  /* method is the method table corresponding to the current protocol (DTLS or
+   * TLS). */
+  const SSL_PROTOCOL_METHOD *method;
+
   /* version is the protocol version. */
   int version;
 
+  /* state contains one of the SSL3_ST_* values. */
+  int state;
+
   /* max_version is the maximum acceptable protocol version. Note this version
    * is normalized in DTLS. */
   uint16_t max_version;
@@ -4026,9 +4033,7 @@ struct ssl_st {
    * normalized in DTLS. */
   uint16_t fallback_version;
 
-  /* method is the method table corresponding to the current protocol (DTLS or
-   * TLS). */
-  const SSL_PROTOCOL_METHOD *method;
+  uint16_t max_send_fragment;
 
   /* There are 2 BIO's even though they are normally both the same. This is so
    * data can be read and written to different handlers */
@@ -4049,14 +4054,6 @@ struct ssl_st {
 
   int (*handshake_func)(SSL *);
 
-  /* Imagine that here's a boolean member "init" that is switched as soon as
-   * SSL_set_{accept/connect}_state is called for the first time, so that
-   * "state" and "handshake_func" are properly initialized.  But as
-   * handshake_func is == 0 until then, we use this test instead of an "init"
-   * member. */
-
-  int state;    /* where we are */
-
   BUF_MEM *init_buf; /* buffer used during init */
 
   /* init_msg is a pointer to the current handshake message body. */
@@ -4071,10 +4068,6 @@ struct ssl_st {
   struct ssl3_state_st *s3;  /* SSLv3 variables */
   struct dtls1_state_st *d1; /* DTLSv1 variables */
 
-  /* initial_timeout_duration_ms is the default DTLS timeout duration in
-   * milliseconds. It's used to initialize the timer any time it's restarted. */
-  unsigned initial_timeout_duration_ms;
-
   /* callback that allows applications to peek at protocol messages */
   void (*msg_callback)(int write_p, int version, int content_type,
                        const void *buf, size_t len, SSL *ssl, void *arg);
@@ -4097,6 +4090,10 @@ struct ssl_st {
    * needs re-doing when in SSL_accept or SSL_connect */
   int rwstate;
 
+  /* initial_timeout_duration_ms is the default DTLS timeout duration in
+   * milliseconds. It's used to initialize the timer any time it's restarted. */
+  unsigned initial_timeout_duration_ms;
+
   /* the session_id_context is used to ensure sessions are only reused
    * in the appropriate context */
   unsigned int sid_ctx_length;
@@ -4135,10 +4132,7 @@ struct ssl_st {
   uint32_t max_cert_list;
   int client_version; /* what was passed, used for
                        * SSLv3/TLS rollback check */
-  uint16_t max_send_fragment;
   char *tlsext_hostname;
-  /* RFC4507 session ticket expected to be received or sent */
-  int tlsext_ticket_expected;
   size_t supported_group_list_len;
   uint16_t *supported_group_list; /* our list */
 
@@ -4193,6 +4187,9 @@ struct ssl_st {
    * we'll advertise support. */
   unsigned tlsext_channel_id_enabled:1;
 
+  /* RFC4507 session ticket expected to be received or sent */
+  unsigned tlsext_ticket_expected:1;
+
   /* TODO(agl): remove once node.js not longer references this. */
   int tlsext_status_type;
 };