Encapsulate s->s3->wrec

[openssl.git] / ssl / ssl_cert.c

diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 974259969f0585c489e89fa10774578b9b16cd12..f05a60a30adefed13ca1dff4c1709dff330b1b4c 100644 (file)
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -175,7 +175,7 @@ void ssl_cert_set_default_md(CERT *cert)
     cert->pkeys[SSL_PKEY_RSA_SIGN].digest = EVP_sha1();
     cert->pkeys[SSL_PKEY_RSA_ENC].digest = EVP_sha1();
 #endif
-#ifndef OPENSSL_NO_ECDSA
+#ifndef OPENSSL_NO_EC
     cert->pkeys[SSL_PKEY_ECC].digest = EVP_sha1();
 #endif
 }
@@ -261,7 +261,7 @@ CERT *ssl_cert_dup(CERT *cert)
     ret->dh_tmp_auto = cert->dh_tmp_auto;
 #endif
 
-#ifndef OPENSSL_NO_ECDH
+#ifndef OPENSSL_NO_EC
     if (cert->ecdh_tmp) {
         ret->ecdh_tmp = EC_KEY_dup(cert->ecdh_tmp);
         if (ret->ecdh_tmp == NULL) {
@@ -443,16 +443,13 @@ void ssl_cert_free(CERT *c)
 #endif
 
 #ifndef OPENSSL_NO_RSA
-    if (c->rsa_tmp)
-        RSA_free(c->rsa_tmp);
+    RSA_free(c->rsa_tmp);
 #endif
 #ifndef OPENSSL_NO_DH
-    if (c->dh_tmp)
-        DH_free(c->dh_tmp);
+    DH_free(c->dh_tmp);
 #endif
-#ifndef OPENSSL_NO_ECDH
-    if (c->ecdh_tmp)
-        EC_KEY_free(c->ecdh_tmp);
+#ifndef OPENSSL_NO_EC
+    EC_KEY_free(c->ecdh_tmp);
 #endif
 
     ssl_cert_clear_certs(c);
@@ -484,31 +481,6 @@ void ssl_cert_free(CERT *c)
     OPENSSL_free(c);
 }
 
-int ssl_cert_inst(CERT **o)
-{
-    /*
-     * Create a CERT if there isn't already one (which cannot really happen,
-     * as it is initially created in SSL_CTX_new; but the earlier code
-     * usually allows for that one being non-existant, so we follow that
-     * behaviour, as it might turn out that there actually is a reason for it
-     * -- but I'm not sure that *all* of the existing code could cope with
-     * s->cert being NULL, otherwise we could do without the initialization
-     * in SSL_CTX_new).
-     */
-
-    if (o == NULL) {
-        SSLerr(SSL_F_SSL_CERT_INST, ERR_R_PASSED_NULL_PARAMETER);
-        return (0);
-    }
-    if (*o == NULL) {
-        if ((*o = ssl_cert_new()) == NULL) {
-            SSLerr(SSL_F_SSL_CERT_INST, ERR_R_MALLOC_FAILURE);
-            return (0);
-        }
-    }
-    return (1);
-}
-
 int ssl_cert_set0_chain(SSL *s, SSL_CTX *ctx, STACK_OF(X509) *chain)
 {
     int i, r;
@@ -676,16 +648,13 @@ void ssl_sess_cert_free(SESS_CERT *sc)
     }
 
 #ifndef OPENSSL_NO_RSA
-    if (sc->peer_rsa_tmp != NULL)
-        RSA_free(sc->peer_rsa_tmp);
+    RSA_free(sc->peer_rsa_tmp);
 #endif
 #ifndef OPENSSL_NO_DH
-    if (sc->peer_dh_tmp != NULL)
-        DH_free(sc->peer_dh_tmp);
+    DH_free(sc->peer_dh_tmp);
 #endif
-#ifndef OPENSSL_NO_ECDH
-    if (sc->peer_ecdh_tmp != NULL)
-        EC_KEY_free(sc->peer_ecdh_tmp);
+#ifndef OPENSSL_NO_EC
+    EC_KEY_free(sc->peer_ecdh_tmp);
 #endif
 
     OPENSSL_free(sc);
@@ -906,8 +875,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
     }
     if (sk != NULL)
         sk_X509_NAME_free(sk);
-    if (in != NULL)
-        BIO_free(in);
+    BIO_free(in);
     if (x != NULL)
         X509_free(x);
     if (ret != NULL)
@@ -967,8 +935,7 @@ int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
  err:
         ret = 0;
     }
-    if (in != NULL)
-        BIO_free(in);
+    BIO_free(in);
     if (x != NULL)
         X509_free(x);