wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Refactor into clear_ciphers; RT3588

Browse source 
While closing RT3588 (Remove obsolete comment) Kurt and I saw that a
few lines to completely clear the SSL cipher state could be moved into
a common function.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
This commit is contained in:
Rich Salz 2015-06-13 10:50:00 -04:00 committed by Rich Salz
parent 29eca1c0d5
commit d31fb0b5b3
1 changed files with 12 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
ssl/ssl_lib.c
View file

@ -186,6 +186,14 @@ SSL3_ENC_METHOD ssl3_undef_enc_method = {
int use_context))ssl_undefined_function, int use_context))ssl_undefined_function,
}; };
static void clear_ciphers(SSL *s)
{
/* clear the current cipher */
ssl_clear_cipher_ctx(s);
ssl_clear_hash_ctx(&s->read_hash);
ssl_clear_hash_ctx(&s->write_hash);
}
int SSL_clear(SSL *s) int SSL_clear(SSL *s)
{ {
if (s->method == NULL) { if (s->method == NULL) {
@ -217,9 +225,7 @@ int SSL_clear(SSL *s)
BUF_MEM_free(s->init_buf); BUF_MEM_free(s->init_buf);
s->init_buf = NULL; s->init_buf = NULL;
ssl_clear_cipher_ctx(s); clear_ciphers(s);
ssl_clear_hash_ctx(&s->read_hash);
ssl_clear_hash_ctx(&s->write_hash);
s->first_packet = 0; s->first_packet = 0;
/* /*
@ -548,9 +554,7 @@ void SSL_free(SSL *s)
SSL_SESSION_free(s->session); SSL_SESSION_free(s->session);
} }
ssl_clear_cipher_ctx(s); clear_ciphers(s);
ssl_clear_hash_ctx(&s->read_hash);
ssl_clear_hash_ctx(&s->write_hash);
ssl_cert_free(s->cert); ssl_cert_free(s->cert);
/* Free up if allocated */ /* Free up if allocated */
@ -2450,20 +2454,13 @@ int SSL_do_handshake(SSL *s)
return (ret); return (ret);
} }
/*
* For the next 2 functions, SSL_clear() sets shutdown and so one of these
* calls will reset it
*/
void SSL_set_accept_state(SSL *s) void SSL_set_accept_state(SSL *s)
{ {
s->server = 1; s->server = 1;
s->shutdown = 0; s->shutdown = 0;
s->state = SSL_ST_ACCEPT | SSL_ST_BEFORE; s->state = SSL_ST_ACCEPT | SSL_ST_BEFORE;
s->handshake_func = s->method->ssl_accept; s->handshake_func = s->method->ssl_accept;
/* clear the current cipher */ clear_ciphers(s);
ssl_clear_cipher_ctx(s);
ssl_clear_hash_ctx(&s->read_hash);
ssl_clear_hash_ctx(&s->write_hash);
} }
void SSL_set_connect_state(SSL *s) void SSL_set_connect_state(SSL *s)
@ -2472,10 +2469,7 @@ void SSL_set_connect_state(SSL *s)
s->shutdown = 0; s->shutdown = 0;
s->state = SSL_ST_CONNECT | SSL_ST_BEFORE; s->state = SSL_ST_CONNECT | SSL_ST_BEFORE;
s->handshake_func = s->method->ssl_connect; s->handshake_func = s->method->ssl_connect;
/* clear the current cipher */ clear_ciphers(s);
ssl_clear_cipher_ctx(s);
ssl_clear_hash_ctx(&s->read_hash);
ssl_clear_hash_ctx(&s->write_hash);
} }
int ssl_undefined_function(SSL *s) int ssl_undefined_function(SSL *s)