param = p = (unsigned char *)s->init_msg;
if (s->session->sess_cert != NULL) {
#ifndef OPENSSL_NO_RSA
- if (s->session->sess_cert->peer_rsa_tmp != NULL) {
- RSA_free(s->session->sess_cert->peer_rsa_tmp);
- s->session->sess_cert->peer_rsa_tmp = NULL;
- }
+ RSA_free(s->session->sess_cert->peer_rsa_tmp);
+ s->session->sess_cert->peer_rsa_tmp = NULL;
#endif
#ifndef OPENSSL_NO_DH
- if (s->session->sess_cert->peer_dh_tmp) {
- DH_free(s->session->sess_cert->peer_dh_tmp);
- s->session->sess_cert->peer_dh_tmp = NULL;
- }
+ DH_free(s->session->sess_cert->peer_dh_tmp);
+ s->session->sess_cert->peer_dh_tmp = NULL;
#endif
#ifndef OPENSSL_NO_EC
- if (s->session->sess_cert->peer_ecdh_tmp) {
- EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp);
- s->session->sess_cert->peer_ecdh_tmp = NULL;
- }
+ EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp);
+ s->session->sess_cert->peer_ecdh_tmp = NULL;
#endif
} else {
s->session->sess_cert = ssl_sess_cert_new();
s->session->sess_cert->peer_dh_tmp = dh;
dh = NULL;
- } else if ((alg_k & SSL_kDHr) || (alg_k & SSL_kDHd)) {
- al = SSL_AD_ILLEGAL_PARAMETER;
- SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,
- SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
- goto f_err;
}
#endif /* !OPENSSL_NO_DH */
err:
EVP_PKEY_free(pkey);
#ifndef OPENSSL_NO_RSA
- if (rsa != NULL)
- RSA_free(rsa);
+ RSA_free(rsa);
#endif
#ifndef OPENSSL_NO_DH
- if (dh != NULL)
- DH_free(dh);
+ DH_free(dh);
#endif
#ifndef OPENSSL_NO_EC
BN_CTX_free(bn_ctx);
EC_POINT_free(srvr_ecpoint);
- if (ecdh != NULL)
- EC_KEY_free(ecdh);
+ EC_KEY_free(ecdh);
#endif
EVP_MD_CTX_cleanup(&md_ctx);
return (-1);
BN_CTX_free(bn_ctx);
if (encodedPoint != NULL)
OPENSSL_free(encodedPoint);
- if (clnt_ecdh != NULL)
- EC_KEY_free(clnt_ecdh);
+ EC_KEY_free(clnt_ecdh);
EVP_PKEY_free(srvr_pub_pkey);
}
#endif /* !OPENSSL_NO_EC */
EVP_PKEY_encrypt_init(pkey_ctx);
/* Generate session key */
- RAND_bytes(pms, pmslen);
+ if (RAND_bytes(pms, pmslen) <= 0) {
+ EVP_PKEY_CTX_free(pkey_ctx);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
+ ERR_R_INTERNAL_ERROR);
+ goto err;
+ };
/*
* If we have client certificate, use its secret as peer key
*/
BN_CTX_free(bn_ctx);
if (encodedPoint != NULL)
OPENSSL_free(encodedPoint);
- if (clnt_ecdh != NULL)
- EC_KEY_free(clnt_ecdh);
+ EC_KEY_free(clnt_ecdh);
EVP_PKEY_free(srvr_pub_pkey);
#endif
return (-1);