Remove the type variable

The SSL structure contained a "type" variable that was set to either
SSL_ST_ACCEPT or SSL_ST_CONNECT depending on whether we are the server or
the client. This duplicates the capability of the "server" variable and was
actually rarely used.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index db0197d60b6fd70185f104f92dbb11b6d8fc5725..6c5147421ee445ef61382294e36afcc15fe9a0d9 100644 (file)
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -176,7 +176,7 @@ int tls_construct_finished(SSL *s, const char *sender, int slen)
     /*
      * Copy the finished so we can use it for renegotiation checks
      */
     /*
      * Copy the finished so we can use it for renegotiation checks
      */

-    if (s->type == SSL_ST_CONNECT) {
+    if (!s->server) {

         OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
         memcpy(s->s3->previous_client_finished, s->s3->tmp.finish_md, i);
         s->s3->previous_client_finished_len = i;
         OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
         memcpy(s->s3->previous_client_finished, s->s3->tmp.finish_md, i);
         s->s3->previous_client_finished_len = i;


@@ -319,7 +319,7 @@ enum MSG_PROCESS_RETURN tls_process_finished(SSL *s, unsigned long n)
     /*
      * Copy the finished so we can use it for renegotiation checks
      */
     /*
      * Copy the finished so we can use it for renegotiation checks
      */

-    if (s->type == SSL_ST_ACCEPT) {
+    if (s->server) {

         OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
         memcpy(s->s3->previous_client_finished, s->s3->tmp.peer_finish_md, i);
         s->s3->previous_client_finished_len = i;
         OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
         memcpy(s->s3->previous_client_finished, s->s3->tmp.peer_finish_md, i);
         s->s3->previous_client_finished_len = i;

diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 1caa3c85e34d4ac46d621441d3ee41c6b03ec156..3304a1d164d49a610445a1853d0875d40252fe50 100644 (file)
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -625,7 +625,7 @@ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx)
 
 STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s)
 {
 
 STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s)
 {

-    if (s->type == SSL_ST_CONNECT) { /* we are in the client */
+    if (!s->server) { /* we are in the client */

         if (((s->version >> 8) == SSL3_VERSION_MAJOR) && (s->s3 != NULL))
             return (s->s3->tmp.ca_names);
         else
         if (((s->version >> 8) == SSL3_VERSION_MAJOR) && (s->s3 != NULL))
             return (s->s3->tmp.ca_names);
         else

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 0aef51f3618aed6f880ff2995060c5d924073732..cb303c419d17e13790dc9eddaf50e832323f6c01 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -215,8 +215,6 @@ int SSL_clear(SSL *s)
         return 0;
     }
 
         return 0;
     }
 

-    s->type = 0;
-

     statem_clear(s);
 
     s->version = s->method->version;
     statem_clear(s);
 
     s->version = s->method->version;


@@ -2469,7 +2467,6 @@ SSL *SSL_dup(SSL *s)
         return (NULL);
 
     ret->version = s->version;
         return (NULL);
 
     ret->version = s->version;

-    ret->type = s->type;

     ret->method = s->method;
 
     if (s->session != NULL) {
     ret->method = s->method;
 
     if (s->session != NULL) {

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index aebd3af8dde03843be7a639692d9827098e46b8b..e7d28622c061ba5a883190563ee55c5aabce0117 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1050,8 +1050,7 @@ struct ssl_st {
      * DTLS1_VERSION)
      */
     int version;
      * DTLS1_VERSION)
      */
     int version;

-    /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
-    int type;
+

     /* SSLv3 */
     const SSL_METHOD *method;
     /*
     /* SSLv3 */
     const SSL_METHOD *method;
     /*


@@ -1080,7 +1079,7 @@ struct ssl_st {
      * handshake_func is == 0 until then, we use this test instead of an
      * "init" member.
      */
      * handshake_func is == 0 until then, we use this test instead of an
      * "init" member.
      */

-    /* are we the server side? - mostly used by SSL_clear */
+    /* are we the server side? */

     int server;
     /*
      * Generate a new session or reuse an old one.
     int server;
     /*
      * Generate a new session or reuse an old one.

diff --git a/ssl/statem.c b/ssl/statem.c
index 34d55cb11b651fe7f722be1018d774d04ca083c0..ad44c5f86d718165df49a7fdeaad9d3f8c07520d 100644 (file)
--- a/ssl/statem.c
+++ b/ssl/statem.c
@@ -356,11 +356,6 @@ static int state_machine(SSL *s, int server) {
             }
         }
 
             }
         }
 

-        if (server)
-            s->type = SSL_ST_ACCEPT;
-        else
-            s->type = SSL_ST_CONNECT;
-

         if (s->init_buf == NULL) {
             if ((buf = BUF_MEM_new()) == NULL) {
                 goto end;
         if (s->init_buf == NULL) {
             if ((buf = BUF_MEM_new()) == NULL) {
                 goto end;