int SSL_clear(SSL *s)
{
+ unsigned char *rp;
+ size_t rlen;
+ int read_ahead;
if (s->method == NULL) {
SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED);
return (0);
} else
s->method->ssl_clear(s);
+
+ read_ahead = RECORD_LAYER_get_read_ahead(&s->rlayer);
+ rp = SSL3_BUFFER_get_buf(RECORD_LAYER_get_rbuf(&s->rlayer));
+ rlen = SSL3_BUFFER_get_len(RECORD_LAYER_get_rbuf(&s->rlayer));
+ memset(&s->rlayer, 0, sizeof s->rlayer);
+ SSL3_BUFFER_set_buf(RECORD_LAYER_get_rbuf(&s->rlayer), rp);
+ SSL3_BUFFER_set_len(RECORD_LAYER_get_rbuf(&s->rlayer), rlen);
+
+ /* Do I need to do this? As far as I can tell read_ahead did not
+ * previously get reset by SSL_clear...so I'll keep it that way..but is
+ * that right?
+ */
+ RECORD_LAYER_set_read_ahead(&s->rlayer, read_ahead);
+
return (1);
}
goto err;
memset(s, 0, sizeof(SSL));
+ RECORD_LAYER_set_ssl(&s->rlayer, s);
+
#ifndef OPENSSL_NO_KRB5
s->kssl_ctx = kssl_ctx_new();
#endif /* OPENSSL_NO_KRB5 */
if (s->cert == NULL)
goto err;
- s->read_ahead = ctx->read_ahead;
+ RECORD_LAYER_set_read_ahead(&s->rlayer, ctx->read_ahead);
s->msg_callback = ctx->msg_callback;
s->msg_callback_arg = ctx->msg_callback_arg;
s->verify_mode = ctx->verify_mode;
if (s->method != NULL)
s->method->ssl_free(s);
+ if (SSL3_BUFFER_is_initialised(RECORD_LAYER_get_rbuf(&s->rlayer)))
+ ssl3_release_read_buffer(s);
+
if (s->ctx)
SSL_CTX_free(s->ctx);
void SSL_set_read_ahead(SSL *s, int yes)
{
- s->read_ahead = yes;
+ RECORD_LAYER_set_read_ahead(&s->rlayer, yes);
}
int SSL_get_read_ahead(const SSL *s)
{
- return (s->read_ahead);
+ return RECORD_LAYER_get_read_ahead(&s->rlayer);
}
int SSL_pending(const SSL *s)
* Now in theory, since the calling process own 't' it should be safe to
* modify. We need to be able to read f without being hassled
*/
-void SSL_copy_session_id(SSL *t, const SSL *f)
+int SSL_copy_session_id(SSL *t, const SSL *f)
{
/* Do we need to to SSL locking? */
if(!SSL_set_session(t, SSL_get_session(f))) {
- /* How do we handle this!! void function */
- return;
+ return 0;
}
/*
ssl_cert_free(t->cert);
t->cert = f->cert;
if(!SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length)) {
- /* Really should do something about this..but void function - ignore */
- ;
+ return 0;
}
+
+ return 1;
}
/* Fix this so it checks all the valid key/cert options */
switch (cmd) {
case SSL_CTRL_GET_READ_AHEAD:
- return (s->read_ahead);
+ return (RECORD_LAYER_get_read_ahead(&s->rlayer));
case SSL_CTRL_SET_READ_AHEAD:
- l = s->read_ahead;
- s->read_ahead = larg;
+ l = RECORD_LAYER_get_read_ahead(&s->rlayer);
+ RECORD_LAYER_set_read_ahead(&s->rlayer, larg);
return (l);
case SSL_CTRL_SET_MSG_CALLBACK_ARG:
if (s->session != NULL) {
/* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
- SSL_copy_session_id(ret, s);
+ if(!SSL_copy_session_id(ret, s))
+ goto err;
} else {
/*
* No session has been established yet, so we have to expect that