generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove the type variable

Browse Source 
The SSL structure contained a "type" variable that was set to either
SSL_ST_ACCEPT or SSL_ST_CONNECT depending on whether we are the server or
the client. This duplicates the capability of the "server" variable and was
actually rarely used.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Matt Caswell 2015-09-10 09:19:53 +01:00
parent 5e41ba031e
commit 23a635c0ec
5 changed files with 5 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ssl/s3_both.c
View File

@ -176,7 +176,7 @@ int tls_construct_finished(SSL *s, const char *sender, int slen)
/* /*
* Copy the finished so we can use it for renegotiation checks * Copy the finished so we can use it for renegotiation checks
*/ */
if (s->type == SSL_ST_CONNECT) { if (!s->server) {
OPENSSL_assert(i <= EVP_MAX_MD_SIZE); OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_client_finished, s->s3->tmp.finish_md, i); memcpy(s->s3->previous_client_finished, s->s3->tmp.finish_md, i);
s->s3->previous_client_finished_len = i; s->s3->previous_client_finished_len = i;
@ -319,7 +319,7 @@ enum MSG_PROCESS_RETURN tls_process_finished(SSL *s, unsigned long n)
/* /*
* Copy the finished so we can use it for renegotiation checks * Copy the finished so we can use it for renegotiation checks
*/ */
if (s->type == SSL_ST_ACCEPT) { if (s->server) {
OPENSSL_assert(i <= EVP_MAX_MD_SIZE); OPENSSL_assert(i <= EVP_MAX_MD_SIZE);
memcpy(s->s3->previous_client_finished, s->s3->tmp.peer_finish_md, i); memcpy(s->s3->previous_client_finished, s->s3->tmp.peer_finish_md, i);
s->s3->previous_client_finished_len = i; s->s3->previous_client_finished_len = i;

2
ssl/ssl_cert.c
View File

@ -625,7 +625,7 @@ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx)
STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s) STACK_OF(X509_NAME) *SSL_get_client_CA_list(const SSL *s)
{ {
if (s->type == SSL_ST_CONNECT) { /* we are in the client */ if (!s->server) { /* we are in the client */
if (((s->version >> 8) == SSL3_VERSION_MAJOR) && (s->s3 != NULL)) if (((s->version >> 8) == SSL3_VERSION_MAJOR) && (s->s3 != NULL))
return (s->s3->tmp.ca_names); return (s->s3->tmp.ca_names);
else else

3
ssl/ssl_lib.c
View File

@ -215,8 +215,6 @@ int SSL_clear(SSL *s)
return 0; return 0;
} }
s->type = 0;
statem_clear(s); statem_clear(s);
s->version = s->method->version; s->version = s->method->version;
@ -2469,7 +2467,6 @@ SSL *SSL_dup(SSL *s)
return (NULL); return (NULL);
ret->version = s->version; ret->version = s->version;
ret->type = s->type;
ret->method = s->method; ret->method = s->method;
if (s->session != NULL) { if (s->session != NULL) {

5
ssl/ssl_locl.h
View File

@ -1050,8 +1050,7 @@ struct ssl_st {
* DTLS1_VERSION) * DTLS1_VERSION)
*/ */
int version; int version;
/* SSL_ST_CONNECT or SSL_ST_ACCEPT */
int type;
/* SSLv3 */ /* SSLv3 */
const SSL_METHOD *method; const SSL_METHOD *method;
/* /*
@ -1080,7 +1079,7 @@ struct ssl_st {
* handshake_func is == 0 until then, we use this test instead of an * handshake_func is == 0 until then, we use this test instead of an
* "init" member. * "init" member.
*/ */
/* are we the server side? - mostly used by SSL_clear */ /* are we the server side? */
int server; int server;
/* /*
* Generate a new session or reuse an old one. * Generate a new session or reuse an old one.

5
ssl/statem.c
View File

@ -356,11 +356,6 @@ static int state_machine(SSL *s, int server) {
} }
} }
if (server)
s->type = SSL_ST_ACCEPT;
else
s->type = SSL_ST_CONNECT;
if (s->init_buf == NULL) { if (s->init_buf == NULL) {
if ((buf = BUF_MEM_new()) == NULL) { if ((buf = BUF_MEM_new()) == NULL) {
goto end; goto end;