int SSL_clear(SSL *s)
{
- unsigned char *rp;
- size_t rlen;
- int read_ahead;
-
if (s->method == NULL) {
SSLerr(SSL_F_SSL_CLEAR, SSL_R_NO_METHOD_SPECIFIED);
return (0);
s->version = s->method->version;
s->client_version = s->version;
s->rwstate = SSL_NOTHING;
- s->rstate = SSL_ST_READ_HEADER;
if (s->init_buf != NULL) {
BUF_MEM_free(s->init_buf);
} else
s->method->ssl_clear(s);
- read_ahead = RECORD_LAYER_get_read_ahead(&s->rlayer);
- rp = SSL3_BUFFER_get_buf(RECORD_LAYER_get_rbuf(&s->rlayer));
- rlen = SSL3_BUFFER_get_len(RECORD_LAYER_get_rbuf(&s->rlayer));
- memset(&s->rlayer, 0, sizeof s->rlayer);
- SSL3_BUFFER_set_buf(RECORD_LAYER_get_rbuf(&s->rlayer), rp);
- SSL3_BUFFER_set_len(RECORD_LAYER_get_rbuf(&s->rlayer), rlen);
-
- /* Do I need to do this? As far as I can tell read_ahead did not
- * previously get reset by SSL_clear...so I'll keep it that way..but is
- * that right?
- */
- RECORD_LAYER_set_read_ahead(&s->rlayer, read_ahead);
+ RECORD_LAYER_clear(&s->rlayer);
return (1);
}
return (NULL);
}
- s = (SSL *)OPENSSL_malloc(sizeof(SSL));
+ s = OPENSSL_malloc(sizeof(SSL));
if (s == NULL)
goto err;
memset(s, 0, sizeof(SSL));
- RECORD_LAYER_set_ssl(&s->rlayer, s);
+ RECORD_LAYER_init(&s->rlayer, s);
#ifndef OPENSSL_NO_KRB5
s->kssl_ctx = kssl_ctx_new();
s->references = 1;
s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;
- if(!SSL_clear(s))
+ if (!SSL_clear(s))
goto err;
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
return (s);
err:
- if (s != NULL)
- SSL_free(s);
+ SSL_free(s);
SSLerr(SSL_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
return (NULL);
}
}
#endif
- if (s->param)
- X509_VERIFY_PARAM_free(s->param);
-
+ X509_VERIFY_PARAM_free(s->param);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
if (s->bbio != NULL) {
ssl_clear_hash_ctx(&s->read_hash);
ssl_clear_hash_ctx(&s->write_hash);
- if (s->cert != NULL)
- ssl_cert_free(s->cert);
+ ssl_cert_free(s->cert);
/* Free up if allocated */
#ifndef OPENSSL_NO_TLSEXT
if (s->tlsext_hostname)
OPENSSL_free(s->tlsext_hostname);
- if (s->initial_ctx)
- SSL_CTX_free(s->initial_ctx);
+ SSL_CTX_free(s->initial_ctx);
# ifndef OPENSSL_NO_EC
if (s->tlsext_ecpointformatlist)
OPENSSL_free(s->tlsext_ecpointformatlist);
if (s->tlsext_ellipticcurvelist)
OPENSSL_free(s->tlsext_ellipticcurvelist);
# endif /* OPENSSL_NO_EC */
- if (s->tlsext_ocsp_exts)
- sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
+ sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
if (s->tlsext_ocsp_ids)
sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
if (s->tlsext_ocsp_resp)
OPENSSL_free(s->alpn_client_proto_list);
#endif
- if (s->client_CA != NULL)
- sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
+ sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
if (s->method != NULL)
s->method->ssl_free(s);
- if (SSL3_BUFFER_is_initialised(RECORD_LAYER_get_rbuf(&s->rlayer)))
- ssl3_release_read_buffer(s);
+ RECORD_LAYER_release(&s->rlayer);
- if (s->ctx)
- SSL_CTX_free(s->ctx);
+ SSL_CTX_free(s->ctx);
#ifndef OPENSSL_NO_KRB5
if (s->kssl_ctx != NULL)
int SSL_copy_session_id(SSL *t, const SSL *f)
{
/* Do we need to to SSL locking? */
- if(!SSL_set_session(t, SSL_get_session(f))) {
+ if (!SSL_set_session(t, SSL_get_session(f))) {
return 0;
}
CRYPTO_add(&f->cert->references, 1, CRYPTO_LOCK_SSL_CERT);
ssl_cert_free(t->cert);
t->cert = f->cert;
- if(!SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length)) {
+ if (!SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length)) {
return 0;
}
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
goto err;
}
- ret = (SSL_CTX *)OPENSSL_malloc(sizeof(SSL_CTX));
+ ret = OPENSSL_malloc(sizeof(SSL_CTX));
if (ret == NULL)
goto err;
if (ret->cert_store == NULL)
goto err;
- if(!ssl_create_cipher_list(ret->method,
+ if (!ssl_create_cipher_list(ret->method,
&ret->cipher_list, &ret->cipher_list_by_id,
SSL_DEFAULT_CIPHER_LIST, ret->cert)
|| sk_SSL_CIPHER_num(ret->cipher_list) <= 0) {
ret->psk_server_callback = NULL;
#endif
#ifndef OPENSSL_NO_SRP
- if(!SSL_CTX_SRP_CTX_init(ret))
+ if (!SSL_CTX_SRP_CTX_init(ret))
goto err;
#endif
#ifndef OPENSSL_NO_ENGINE
err:
SSLerr(SSL_F_SSL_CTX_NEW, ERR_R_MALLOC_FAILURE);
err2:
- if (ret != NULL)
- SSL_CTX_free(ret);
+ SSL_CTX_free(ret);
return (NULL);
}
}
#endif
- if (a->param)
- X509_VERIFY_PARAM_free(a->param);
+ X509_VERIFY_PARAM_free(a->param);
/*
* Free internal session cache. However: the remove_cb() may reference
if (a->sessions != NULL)
lh_SSL_SESSION_free(a->sessions);
- if (a->cert_store != NULL)
- X509_STORE_free(a->cert_store);
+ X509_STORE_free(a->cert_store);
if (a->cipher_list != NULL)
sk_SSL_CIPHER_free(a->cipher_list);
if (a->cipher_list_by_id != NULL)
sk_SSL_CIPHER_free(a->cipher_list_by_id);
- if (a->cert != NULL)
- ssl_cert_free(a->cert);
- if (a->client_CA != NULL)
- sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
- if (a->extra_certs != NULL)
- sk_X509_pop_free(a->extra_certs, X509_free);
+ ssl_cert_free(a->cert);
+ sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
+ sk_X509_pop_free(a->extra_certs, X509_free);
a->comp_methods = NULL;
#ifndef OPENSSL_NO_SRTP
if (s->session != NULL) {
/* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
- if(!SSL_copy_session_id(ret, s))
+ if (!SSL_copy_session_id(ret, s))
goto err;
} else {
/*
ret->method->ssl_new(ret);
if (s->cert != NULL) {
- if (ret->cert != NULL) {
- ssl_cert_free(ret->cert);
- }
+ ssl_cert_free(ret->cert);
ret->cert = ssl_cert_dup(s->cert);
if (ret->cert == NULL)
goto err;
}
- if(!SSL_set_session_id_context(ret, s->sid_ctx, s->sid_ctx_length))
+ if (!SSL_set_session_id_context(ret, s->sid_ctx, s->sid_ctx_length))
goto err;
}
ret->shutdown = s->shutdown;
ret->state = s->state; /* SSL_dup does not really work at any state,
* though */
- ret->rstate = s->rstate;
+ RECORD_LAYER_dup(&ret->rlayer, &s->rlayer);
ret->init_num = 0; /* would have to copy ret->init_buf,
* ret->init_msg, ret->init_num,
* ret->init_off */
if (0) {
err:
- if (ret != NULL)
- SSL_free(ret);
+ SSL_free(ret);
ret = NULL;
}
return (ret);
void ssl_free_wbio_buffer(SSL *s)
{
+ /* callers ensure s is never null */
if (s->bbio == NULL)
return;
}
CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
- if (ssl->ctx != NULL)
- SSL_CTX_free(ssl->ctx); /* decrement reference count */
+ SSL_CTX_free(ssl->ctx); /* decrement reference count */
ssl->ctx = ctx;
return (ssl->ctx);
void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
{
- if (ctx->cert_store != NULL)
- X509_STORE_free(ctx->cert_store);
+ X509_STORE_free(ctx->cert_store);
ctx->cert_store = store;
}
projects / openssl.git / blobdiff