Move not_resumable and sess_cert from SSL_SESSION to internal.

ok beck@
author: jsing <> 2017-01-23 01:22:08 +0000
committer: jsing <> 2017-01-23 01:22:08 +0000
commit: 8c3e82ca039c1de2d07ceb9033058fc6bb5791a2 (patch)
tree: 0516913107a84da915d173ba7ce7df2e5e964a93 /src/lib/libssl/s3_clnt.c
parent: d7518764eb9d1799e2ed6df6586b98e012bf423d (diff)
download: openbsd-8c3e82ca039c1de2d07ceb9033058fc6bb5791a2.tar.gz
openbsd-8c3e82ca039c1de2d07ceb9033058fc6bb5791a2.tar.bz2
openbsd-8c3e82ca039c1de2d07ceb9033058fc6bb5791a2.zip
1 files changed, 19 insertions, 19 deletions
diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index 18e34f7b7b..2c272032b5 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_clnt.c,v 1.163 2017/01/23 00:12:54 jsing Exp $ */
+/* $OpenBSD: s3_clnt.c,v 1.164 2017/01/23 01:22:08 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -600,7 +600,7 @@ ssl3_client_hello(SSL *s)
                if ((sess == NULL) ||
                    (sess->ssl_version != s->version) ||
                    (!sess->session_id_length && !sess->tlsext_tick) ||
-                    (sess->not_resumable)) {
+                    (sess->internal->not_resumable)) {
                        if (!ssl_get_new_session(s, 0))
                                goto err;
                }
@@ -1037,9 +1037,9 @@ ssl3_get_server_certificate(SSL *s)
        sc = ssl_sess_cert_new();
        if (sc == NULL)
                goto err;
-        if (s->session->sess_cert)
+        if (SSI(s)->sess_cert)
-                ssl_sess_cert_free(s->session->sess_cert);
+                ssl_sess_cert_free(SSI(s)->sess_cert);
-        s->session->sess_cert = sc;
+        SSI(s)->sess_cert = sc;
        sc->cert_chain = sk;
        /*
@@ -1114,7 +1114,7 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
        int al;
        alg_a = S3I(s)->tmp.new_cipher->algorithm_auth;
-        sc = s->session->sess_cert;
+        sc = SSI(s)->sess_cert;
        if (*nn < 0)
                goto err;
@@ -1281,7 +1281,7 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, unsigned char **pp, long *nn)
        int al;
        alg_a = S3I(s)->tmp.new_cipher->algorithm_auth;
-        sc = s->session->sess_cert;
+        sc = SSI(s)->sess_cert;
        if (*nn < 0)
                goto err;
@@ -1397,18 +1397,18 @@ ssl3_get_server_key_exchange(SSL *s)
                return (1);
        }
-        if (s->session->sess_cert != NULL) {
+        if (SSI(s)->sess_cert != NULL) {
-                DH_free(s->session->sess_cert->peer_dh_tmp);
+                DH_free(SSI(s)->sess_cert->peer_dh_tmp);
-                s->session->sess_cert->peer_dh_tmp = NULL;
+                SSI(s)->sess_cert->peer_dh_tmp = NULL;
-                EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp);
+                EC_KEY_free(SSI(s)->sess_cert->peer_ecdh_tmp);
-                s->session->sess_cert->peer_ecdh_tmp = NULL;
+                SSI(s)->sess_cert->peer_ecdh_tmp = NULL;
-                free(s->session->sess_cert->peer_x25519_tmp);
+                free(SSI(s)->sess_cert->peer_x25519_tmp);
-                s->session->sess_cert->peer_x25519_tmp = NULL;
+                SSI(s)->sess_cert->peer_x25519_tmp = NULL;
        } else {
-                s->session->sess_cert = ssl_sess_cert_new();
+                SSI(s)->sess_cert = ssl_sess_cert_new();
-                if (s->session->sess_cert == NULL)
+                if (SSI(s)->sess_cert == NULL)
                        goto err;
        }
@@ -2341,7 +2341,7 @@ ssl3_send_client_key_exchange(SSL *s)
        if (s->state == SSL3_ST_CW_KEY_EXCH_A) {
                alg_k = S3I(s)->tmp.new_cipher->algorithm_mkey;
-                if ((sess_cert = s->session->sess_cert) == NULL) {
+                if ((sess_cert = SSI(s)->sess_cert) == NULL) {
                        ssl3_send_alert(s, SSL3_AL_FATAL,
                            SSL_AD_UNEXPECTED_MESSAGE);
                        SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
@@ -2636,13 +2636,13 @@ ssl3_check_cert_and_algorithm(SSL *s)
        if (alg_a & SSL_aNULL)
                return (1);
-        sc = s->session->sess_cert;
+        sc = SSI(s)->sess_cert;
        if (sc == NULL) {
                SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
                    ERR_R_INTERNAL_ERROR);
                goto err;
        }
-        dh = s->session->sess_cert->peer_dh_tmp;
+        dh = SSI(s)->sess_cert->peer_dh_tmp;
        /* This is the passed certificate. */
author	jsing <>	2017-01-23 01:22:08 +0000
committer	jsing <>	2017-01-23 01:22:08 +0000
commit	8c3e82ca039c1de2d07ceb9033058fc6bb5791a2 (patch)
tree	0516913107a84da915d173ba7ce7df2e5e964a93 /src/lib/libssl/s3_clnt.c
parent	d7518764eb9d1799e2ed6df6586b98e012bf423d (diff)
download	openbsd-8c3e82ca039c1de2d07ceb9033058fc6bb5791a2.tar.gz openbsd-8c3e82ca039c1de2d07ceb9033058fc6bb5791a2.tar.bz2 openbsd-8c3e82ca039c1de2d07ceb9033058fc6bb5791a2.zip

diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index 18e34f7b7b..2c272032b5 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: s3_clnt.c,v 1.163 2017/01/23 00:12:54 jsing Exp $ */	1	/* $OpenBSD: s3_clnt.c,v 1.164 2017/01/23 01:22:08 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -600,7 +600,7 @@ ssl3_client_hello(SSL *s)
600	if ((sess == NULL) \|\|	600	if ((sess == NULL) \|\|
601	(sess->ssl_version != s->version) \|\|	601	(sess->ssl_version != s->version) \|\|
602	(!sess->session_id_length && !sess->tlsext_tick) \|\|	602	(!sess->session_id_length && !sess->tlsext_tick) \|\|
603	(sess->not_resumable)) {	603	(sess->internal->not_resumable)) {
604	if (!ssl_get_new_session(s, 0))	604	if (!ssl_get_new_session(s, 0))
605	goto err;	605	goto err;
606	}	606	}
@@ -1037,9 +1037,9 @@ ssl3_get_server_certificate(SSL *s)
1037	sc = ssl_sess_cert_new();	1037	sc = ssl_sess_cert_new();
1038	if (sc == NULL)	1038	if (sc == NULL)
1039	goto err;	1039	goto err;
1040	if (s->session->sess_cert)	1040	if (SSI(s)->sess_cert)
1041	ssl_sess_cert_free(s->session->sess_cert);	1041	ssl_sess_cert_free(SSI(s)->sess_cert);
1042	s->session->sess_cert = sc;	1042	SSI(s)->sess_cert = sc;
1043		1043
1044	sc->cert_chain = sk;	1044	sc->cert_chain = sk;
1045	/*	1045	/*
@@ -1114,7 +1114,7 @@ ssl3_get_server_kex_dhe(SSL s, EVP_PKEY pkey, unsigned char pp, long nn)
1114	int al;	1114	int al;
1115		1115
1116	alg_a = S3I(s)->tmp.new_cipher->algorithm_auth;	1116	alg_a = S3I(s)->tmp.new_cipher->algorithm_auth;
1117	sc = s->session->sess_cert;	1117	sc = SSI(s)->sess_cert;
1118		1118
1119	if (*nn < 0)	1119	if (*nn < 0)
1120	goto err;	1120	goto err;
@@ -1281,7 +1281,7 @@ ssl3_get_server_kex_ecdhe(SSL s, EVP_PKEY pkey, unsigned char pp, long nn)
1281	int al;	1281	int al;
1282		1282
1283	alg_a = S3I(s)->tmp.new_cipher->algorithm_auth;	1283	alg_a = S3I(s)->tmp.new_cipher->algorithm_auth;
1284	sc = s->session->sess_cert;	1284	sc = SSI(s)->sess_cert;
1285		1285
1286	if (*nn < 0)	1286	if (*nn < 0)
1287	goto err;	1287	goto err;
@@ -1397,18 +1397,18 @@ ssl3_get_server_key_exchange(SSL *s)
1397	return (1);	1397	return (1);
1398	}	1398	}
1399		1399
1400	if (s->session->sess_cert != NULL) {	1400	if (SSI(s)->sess_cert != NULL) {
1401	DH_free(s->session->sess_cert->peer_dh_tmp);	1401	DH_free(SSI(s)->sess_cert->peer_dh_tmp);
1402	s->session->sess_cert->peer_dh_tmp = NULL;	1402	SSI(s)->sess_cert->peer_dh_tmp = NULL;
1403		1403
1404	EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp);	1404	EC_KEY_free(SSI(s)->sess_cert->peer_ecdh_tmp);
1405	s->session->sess_cert->peer_ecdh_tmp = NULL;	1405	SSI(s)->sess_cert->peer_ecdh_tmp = NULL;
1406		1406
1407	free(s->session->sess_cert->peer_x25519_tmp);	1407	free(SSI(s)->sess_cert->peer_x25519_tmp);
1408	s->session->sess_cert->peer_x25519_tmp = NULL;	1408	SSI(s)->sess_cert->peer_x25519_tmp = NULL;
1409	} else {	1409	} else {
1410	s->session->sess_cert = ssl_sess_cert_new();	1410	SSI(s)->sess_cert = ssl_sess_cert_new();
1411	if (s->session->sess_cert == NULL)	1411	if (SSI(s)->sess_cert == NULL)
1412	goto err;	1412	goto err;
1413	}	1413	}
1414		1414
@@ -2341,7 +2341,7 @@ ssl3_send_client_key_exchange(SSL *s)
2341	if (s->state == SSL3_ST_CW_KEY_EXCH_A) {	2341	if (s->state == SSL3_ST_CW_KEY_EXCH_A) {
2342	alg_k = S3I(s)->tmp.new_cipher->algorithm_mkey;	2342	alg_k = S3I(s)->tmp.new_cipher->algorithm_mkey;
2343		2343
2344	if ((sess_cert = s->session->sess_cert) == NULL) {	2344	if ((sess_cert = SSI(s)->sess_cert) == NULL) {
2345	ssl3_send_alert(s, SSL3_AL_FATAL,	2345	ssl3_send_alert(s, SSL3_AL_FATAL,
2346	SSL_AD_UNEXPECTED_MESSAGE);	2346	SSL_AD_UNEXPECTED_MESSAGE);
2347	SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,	2347	SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
@@ -2636,13 +2636,13 @@ ssl3_check_cert_and_algorithm(SSL *s)
2636	if (alg_a & SSL_aNULL)	2636	if (alg_a & SSL_aNULL)
2637	return (1);	2637	return (1);
2638		2638
2639	sc = s->session->sess_cert;	2639	sc = SSI(s)->sess_cert;
2640	if (sc == NULL) {	2640	if (sc == NULL) {
2641	SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,	2641	SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,
2642	ERR_R_INTERNAL_ERROR);	2642	ERR_R_INTERNAL_ERROR);
2643	goto err;	2643	goto err;
2644	}	2644	}
2645	dh = s->session->sess_cert->peer_dh_tmp;	2645	dh = SSI(s)->sess_cert->peer_dh_tmp;
2646		2646
2647	/* This is the passed certificate. */	2647	/* This is the passed certificate. */
2648		2648