int SSL_accept(SSL *s)
{
- if (s->handshake_func == 0) {
+ if (s->handshake_func == NULL) {
/* Not properly initialized yet */
SSL_set_accept_state(s);
}
int SSL_connect(SSL *s)
{
- if (s->handshake_func == 0) {
+ if (s->handshake_func == NULL) {
/* Not properly initialized yet */
SSL_set_connect_state(s);
}
int SSL_read(SSL *s, void *buf, int num)
{
- if (s->handshake_func == 0) {
+ if (s->handshake_func == NULL) {
SSLerr(SSL_F_SSL_READ, SSL_R_UNINITIALIZED);
return -1;
}
int SSL_peek(SSL *s, void *buf, int num)
{
- if (s->handshake_func == 0) {
+ if (s->handshake_func == NULL) {
SSLerr(SSL_F_SSL_PEEK, SSL_R_UNINITIALIZED);
return -1;
}
int SSL_write(SSL *s, const void *buf, int num)
{
- if (s->handshake_func == 0) {
+ if (s->handshake_func == NULL) {
SSLerr(SSL_F_SSL_WRITE, SSL_R_UNINITIALIZED);
return -1;
}
* (see ssl3_shutdown).
*/
- if (s->handshake_func == 0) {
+ if (s->handshake_func == NULL) {
SSLerr(SSL_F_SSL_SHUTDOWN, SSL_R_UNINITIALIZED);
return -1;
}
{
OPENSSL_free(ctx->alpn_client_proto_list);
ctx->alpn_client_proto_list = OPENSSL_malloc(protos_len);
- if (ctx->alpn_client_proto_list == NULL)
+ if (ctx->alpn_client_proto_list == NULL) {
+ SSLerr(SSL_F_SSL_CTX_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE);
return 1;
+ }
memcpy(ctx->alpn_client_proto_list, protos, protos_len);
ctx->alpn_client_proto_list_len = protos_len;
{
OPENSSL_free(ssl->alpn_client_proto_list);
ssl->alpn_client_proto_list = OPENSSL_malloc(protos_len);
- if (ssl->alpn_client_proto_list == NULL)
+ if (ssl->alpn_client_proto_list == NULL) {
+ SSLerr(SSL_F_SSL_SET_ALPN_PROTOS, ERR_R_MALLOC_FAILURE);
return 1;
+ }
memcpy(ssl->alpn_client_proto_list, protos, protos_len);
ssl->alpn_client_proto_list_len = protos_len;
SSL_CTX_SRP_CTX_free(a);
#endif
#ifndef OPENSSL_NO_ENGINE
- if (a->client_cert_engine)
- ENGINE_finish(a->client_cert_engine);
+ ENGINE_finish(a->client_cert_engine);
#endif
#ifndef OPENSSL_NO_EC
ssl_cert_set_cert_cb(s->cert, cb, arg);
}
-void ssl_set_masks(SSL *s, const SSL_CIPHER *cipher)
+void ssl_set_masks(SSL *s)
{
#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_GOST)
CERT_PKEY *cpk;
#ifndef OPENSSL_NO_EC
int have_ecc_cert, ecdsa_ok;
X509 *x = NULL;
- int pk_nid = 0, md_nid = 0;
#endif
if (c == NULL)
return;
ecdsa_ok = ex_kusage & X509v3_KU_DIGITAL_SIGNATURE;
if (!(pvalid[SSL_PKEY_ECC] & CERT_PKEY_SIGN))
ecdsa_ok = 0;
- OBJ_find_sigid_algs(X509_get_signature_nid(x), &md_nid, &pk_nid);
- if (ecdsa_ok) {
+ if (ecdsa_ok)
mask_a |= SSL_aECDSA;
- }
}
#endif
c = s->cert;
if (!s->s3 || !s->s3->tmp.new_cipher)
return NULL;
- ssl_set_masks(s, s->s3->tmp.new_cipher);
-
-#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
- /*
- * Broken protocol test: return last used certificate: which may mismatch
- * the one expected.
- */
- if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
- return c->key;
-#endif
+ ssl_set_masks(s);
i = ssl_get_server_cert_index(s);
alg_a = cipher->algorithm_auth;
c = s->cert;
-#ifdef OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL
- /*
- * Broken protocol test: use last key: which may mismatch the one
- * expected.
- */
- if (c->cert_flags & SSL_CERT_FLAG_BROKEN_PROTOCOL)
- idx = c->key - c->pkeys;
- else
-#endif
-
if ((alg_a & SSL_aDSS) &&
(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
idx = SSL_PKEY_DSA_SIGN;