From 8a41eb70cc6d3272cb9c4a52a02a8b603b310189 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Thu, 13 May 1999 10:32:04 +0000 Subject: [PATCH] First tiny changes in preparation of changing of "sess_cert" handling. Also I've subsituted real tabs for 8-spaces sequences in some lines so that things don't look that weird with a tab-width of 4. --- ssl/ssl_lib.c | 53 ++++++++++++++++++++++++++++++++++++-------------- ssl/ssl_locl.h | 2 +- 2 files changed, 39 insertions(+), 16 deletions(-) diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 18564170c..6a9de2bf4 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1505,7 +1505,7 @@ char *SSL_get_version(SSL *s) } SSL *SSL_dup(SSL *s) - { + { STACK_OF(X509_NAME) *sk; X509_NAME *xn; SSL *ret; @@ -1514,8 +1514,31 @@ SSL *SSL_dup(SSL *s) if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL) return(NULL); - /* This copies version, session-id, SSL_METHOD and 'cert' */ - SSL_copy_session_id(ret,s); + if (s->session != NULL) + { + /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */ + SSL_copy_session_id(ret,s); + } + else + { + /* No session has been established yet, so we have to expect + * that s->cert or ret->cert will be changed later -- + * they should not both point to the same object, + * and thus we can't use SSL_copy_session_id. */ + + ret->method = s->method; + ret->method->ssl_new(ret); + + if (s->cert != NULL) + { + ret->cert = ssl_cert_dup(s->cert); + if (ret->cert == NULL) + goto err; + } + + SSL_set_session_id_context(ret, + s->sid_ctx, s->sid_ctx_length); + } SSL_set_read_ahead(ret,SSL_get_read_ahead(s)); SSL_set_verify(ret,SSL_get_verify_mode(s), @@ -1591,18 +1614,18 @@ err: void ssl_clear_cipher_ctx(SSL *s) { - if (s->enc_read_ctx != NULL) - { - EVP_CIPHER_CTX_cleanup(s->enc_read_ctx); - Free(s->enc_read_ctx); - s->enc_read_ctx=NULL; - } - if (s->enc_write_ctx != NULL) - { - EVP_CIPHER_CTX_cleanup(s->enc_write_ctx); - Free(s->enc_write_ctx); - s->enc_write_ctx=NULL; - } + if (s->enc_read_ctx != NULL) + { + EVP_CIPHER_CTX_cleanup(s->enc_read_ctx); + Free(s->enc_read_ctx); + s->enc_read_ctx=NULL; + } + if (s->enc_write_ctx != NULL) + { + EVP_CIPHER_CTX_cleanup(s->enc_write_ctx); + Free(s->enc_write_ctx); + s->enc_write_ctx=NULL; + } if (s->expand != NULL) { COMP_CTX_free(s->expand); diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index f1bfcf951..91f3b254c 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -277,7 +277,7 @@ typedef struct cert_st STACK_OF(X509) *cert_chain; /* XXX should only exist in sess_cert_st */ - int references; /* XXX will finally always be 1 */ + int references; /*> 1 only if SSL_copy_session_id is used */ } CERT;