X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fs3_lib.c;h=a7dbbf688d80b6904afa42a63b830c6c9dc9c1f3;hp=bed4a4e72d0caaecdd22b0ede37e7369f96e31e4;hb=7a7048aff053929feaadee4895749fe0a661d353;hpb=ca3a82c3b364e1e584546f0f3bbb938b0b472580 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index bed4a4e72d..a7dbbf688d 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3078,15 +3078,6 @@ const SSL_CIPHER *ssl3_get_cipher(unsigned int u) return (NULL); } -int ssl3_pending(const SSL *s) -{ - if (s->rstate == SSL_ST_READ_BODY) - return 0; - - return (s->s3->rrec.type == - SSL3_RT_APPLICATION_DATA) ? s->s3->rrec.length : 0; -} - int ssl3_set_handshake_header(SSL *s, int htype, unsigned long len) { unsigned char *p = (unsigned char *)s->init_buf->data; @@ -3110,11 +3101,8 @@ int ssl3_new(SSL *s) if ((s3 = OPENSSL_malloc(sizeof *s3)) == NULL) goto err; memset(s3, 0, sizeof *s3); - memset(s3->rrec.seq_num, 0, sizeof(s3->rrec.seq_num)); - memset(s3->wrec.seq_num, 0, sizeof(s3->wrec.seq_num)); - s->s3 = s3; - + #ifndef OPENSSL_NO_SRP if(!SSL_SRP_CTX_init(s)) goto err; @@ -3131,18 +3119,11 @@ void ssl3_free(SSL *s) return; ssl3_cleanup_key_block(s); - if (s->s3->rbuf.buf != NULL) - ssl3_release_read_buffer(s); - if (s->s3->wbuf.buf != NULL) - ssl3_release_write_buffer(s); - if (s->s3->rrec.comp != NULL) - OPENSSL_free(s->s3->rrec.comp); #ifndef OPENSSL_NO_DH DH_free(s->s3->tmp.dh); #endif #ifndef OPENSSL_NO_EC - if (s->s3->tmp.ecdh != NULL) - EC_KEY_free(s->s3->tmp.ecdh); + EC_KEY_free(s->s3->tmp.ecdh); #endif if (s->s3->tmp.ca_names != NULL) @@ -3165,27 +3146,19 @@ void ssl3_free(SSL *s) void ssl3_clear(SSL *s) { - unsigned char *rp, *wp; - size_t rlen, wlen; int init_extra; ssl3_cleanup_key_block(s); if (s->s3->tmp.ca_names != NULL) sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free); - if (s->s3->rrec.comp != NULL) { - OPENSSL_free(s->s3->rrec.comp); - s->s3->rrec.comp = NULL; - } #ifndef OPENSSL_NO_DH DH_free(s->s3->tmp.dh); s->s3->tmp.dh = NULL; #endif #ifndef OPENSSL_NO_EC - if (s->s3->tmp.ecdh != NULL) { - EC_KEY_free(s->s3->tmp.ecdh); - s->s3->tmp.ecdh = NULL; - } + EC_KEY_free(s->s3->tmp.ecdh); + s->s3->tmp.ecdh = NULL; #endif #ifndef OPENSSL_NO_TLSEXT # ifndef OPENSSL_NO_EC @@ -3193,10 +3166,6 @@ void ssl3_clear(SSL *s) # endif /* !OPENSSL_NO_EC */ #endif /* !OPENSSL_NO_TLSEXT */ - rp = s->s3->rbuf.buf; - wp = s->s3->wbuf.buf; - rlen = s->s3->rbuf.len; - wlen = s->s3->wbuf.len; init_extra = s->s3->init_extra; BIO_free(s->s3->handshake_buffer); s->s3->handshake_buffer = NULL; @@ -3210,15 +3179,10 @@ void ssl3_clear(SSL *s) } #endif memset(s->s3, 0, sizeof *s->s3); - s->s3->rbuf.buf = rp; - s->s3->wbuf.buf = wp; - s->s3->rbuf.len = rlen; - s->s3->wbuf.len = wlen; s->s3->init_extra = init_extra; ssl_free_wbio_buffer(s); - s->packet_length = 0; s->s3->renegotiate = 0; s->s3->total_renegotiations = 0; s->s3->num_renegotiations = 0; @@ -3356,8 +3320,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) return (ret); } } - if (s->cert->ecdh_tmp != NULL) - EC_KEY_free(s->cert->ecdh_tmp); + EC_KEY_free(s->cert->ecdh_tmp); s->cert->ecdh_tmp = ecdh; ret = 1; } @@ -3829,9 +3792,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) } } - if (cert->ecdh_tmp != NULL) { - EC_KEY_free(cert->ecdh_tmp); - } + EC_KEY_free(cert->ecdh_tmp); cert->ecdh_tmp = ecdh; return 1; } @@ -4500,8 +4461,9 @@ int ssl3_renegotiate_check(SSL *s) int ret = 0; if (s->s3->renegotiate) { - if ((s->s3->rbuf.left == 0) && - (s->s3->wbuf.left == 0) && !SSL_in_init(s)) { + if (!RECORD_LAYER_read_pending(&s->rlayer) + && !RECORD_LAYER_write_pending(&s->rlayer) + && !SSL_in_init(s)) { /* * if we are the server, and we have sent a 'RENEGOTIATE' * message, we need to go to SSL_ST_ACCEPT.