Clean up the TLS handshake digest handling - this refactors some of the

code for improved readability, however it also address two issues.

The first of these is a hard-to-hit double free that will occur if
EVP_DigestInit_ex() fails. To avoid this and to be more robust, ensure
that tls1_digest_cached_records() either completes successfully and sets
up all of the necessary digests, or it cleans up and frees everything
that was allocated.

The second issue is that EVP_DigestUpdate() can fail - detect and handle
this in tls1_finish_mac() and change the return type to an int so that a
failure can be propagated to the caller (the callers still need to be
fixed to handle this, in a later diff).

The double-free was reported by Matthew Dillon.

ok beck@ doug@ miod@

0 files changed, 0 insertions, 0 deletions