generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

CERT tidy

Browse Source 
Move per-connection state out of the CERT structure: which should just be
for shared configuration data (e.g. certificates to use).

In particular move temporary premaster secret, raw ciphers, peer signature
algorithms and shared signature algorithms.

Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Dr. Stephen Henson
2015-05-12 17:17:37 +01:00
parent 6c5b6cb035
commit 76106e60a8
7 changed files with 54 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
ssl/s3_srvr.c
View File

@@ -3572,13 +3572,13 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s, unsigned char *p,
sk_SSL_CIPHER_zero(sk);
}
OPENSSL_free(s->cert->ciphers_raw);
s->cert->ciphers_raw = BUF_memdup(p, num);
if (s->cert->ciphers_raw == NULL) {
OPENSSL_free(s->s3->tmp.ciphers_raw);
s->s3->tmp.ciphers_raw = BUF_memdup(p, num);
if (s->s3->tmp.ciphers_raw == NULL) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
goto err;
}
s->cert->ciphers_rawlen = (size_t)num;
s->s3->tmp.ciphers_rawlen = (size_t)num;
for (i = 0; i < num; i += n) {
/* Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV */