Move most of the fields in SSL_CTX to internal - the ones that remain are

known to be in use. ok beck@
author: jsing <> 2017-01-23 05:13:02 +0000
committer: jsing <> 2017-01-23 05:13:02 +0000
commit: 4630d5542486d6e54b467c2ff4c949c001f4c5f6 (patch)
tree: 50ca3784f76b348ba017005a955c6a288b176b57 /src/lib/libssl/ssl_sess.c
parent: 98459d42c7a847e84cc12f2d7df5e16e0f44839c (diff)
download: openbsd-4630d5542486d6e54b467c2ff4c949c001f4c5f6.tar.gz
openbsd-4630d5542486d6e54b467c2ff4c949c001f4c5f6.tar.bz2
openbsd-4630d5542486d6e54b467c2ff4c949c001f4c5f6.zip
1 files changed, 28 insertions, 28 deletions
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index 541b143384..c114e6ec07 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.59 2017/01/23 04:55:27 beck Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.60 2017/01/23 05:13:02 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -449,7 +449,7 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
        }
        if (try_session_cache && ret == NULL &&
-            !(s->session_ctx->session_cache_mode &
+            !(s->session_ctx->internal->session_cache_mode &
             SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
                SSL_SESSION data;
                data.ssl_version = s->version;
@@ -457,7 +457,7 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
                memcpy(data.session_id, session_id, len);
                CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
-                ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);
+                ret = lh_SSL_SESSION_retrieve(s->session_ctx->internal->sessions, &data);
                if (ret != NULL) {
                        /* Don't allow other threads to steal it. */
                        CRYPTO_add(&ret->references, 1,
@@ -493,7 +493,7 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
                         * Add the externally cached session to the internal
                         * cache as well if and only if we are supposed to.
                         */
-                        if (!(s->session_ctx->session_cache_mode &
+                        if (!(s->session_ctx->internal->session_cache_mode &
                            SSL_SESS_CACHE_NO_INTERNAL_STORE))
                                /*
                                 * The following should not return 1,
@@ -593,12 +593,12 @@ SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
         * later.
         */
        CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-        s = lh_SSL_SESSION_insert(ctx->sessions, c);
+        s = lh_SSL_SESSION_insert(ctx->internal->sessions, c);
        /*
         * s != NULL iff we already had a session with the given PID.
         * In this case, s == c should hold (then we did not really modify
-         * ctx->sessions), or we're in trouble.
+         * ctx->internal->sessions), or we're in trouble.
         */
        if (s != NULL && s != c) {
                /* We *are* in trouble ... */
@@ -638,7 +638,7 @@ SSL_CTX_add_session(SSL_CTX *ctx, SSL_SESSION *c)
                        while (SSL_CTX_sess_number(ctx) >
                            SSL_CTX_sess_get_cache_size(ctx)) {
                                if (!remove_session_lock(ctx,
-                                    ctx->session_cache_tail, 0))
+                                    ctx->internal->session_cache_tail, 0))
                                        break;
                                else
                                        ctx->internal->stats.sess_cache_full++;
@@ -664,9 +664,9 @@ remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck)
        if ((c != NULL) && (c->session_id_length != 0)) {
                if (lck)
                        CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
-                if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) == c) {
+                if ((r = lh_SSL_SESSION_retrieve(ctx->internal->sessions, c)) == c) {
                        ret = 1;
-                        r = lh_SSL_SESSION_delete(ctx->sessions, c);
+                        r = lh_SSL_SESSION_delete(ctx->internal->sessions, c);
                        SSL_SESSION_list_remove(ctx, c);
                }
                if (lck)
@@ -934,7 +934,7 @@ SSL_CTX_flush_sessions(SSL_CTX *s, long t)
        TIMEOUT_PARAM tp;
        tp.ctx = s;
-        tp.cache = s->sessions;
+        tp.cache = s->internal->sessions;
        if (tp.cache == NULL)
                return;
        tp.time = t;
@@ -965,23 +965,23 @@ SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s)
        if ((s->next == NULL) || (s->prev == NULL))
                return;
-        if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {
+        if (s->next == (SSL_SESSION *)&(ctx->internal->session_cache_tail)) {
                /* last element in list */
-                if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
+                if (s->prev == (SSL_SESSION *)&(ctx->internal->session_cache_head)) {
                        /* only one element in list */
-                        ctx->session_cache_head = NULL;
+                        ctx->internal->session_cache_head = NULL;
-                        ctx->session_cache_tail = NULL;
+                        ctx->internal->session_cache_tail = NULL;
                } else {
-                        ctx->session_cache_tail = s->prev;
+                        ctx->internal->session_cache_tail = s->prev;
                        s->prev->next =
-                            (SSL_SESSION *)&(ctx->session_cache_tail);
+                            (SSL_SESSION *)&(ctx->internal->session_cache_tail);
                }
        } else {
-                if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {
+                if (s->prev == (SSL_SESSION *)&(ctx->internal->session_cache_head)) {
                        /* first element in list */
-                        ctx->session_cache_head = s->next;
+                        ctx->internal->session_cache_head = s->next;
                        s->next->prev =
-                            (SSL_SESSION *)&(ctx->session_cache_head);
+                            (SSL_SESSION *)&(ctx->internal->session_cache_head);
                } else {
                        /* middle of list */
                        s->next->prev = s->prev;
@@ -997,16 +997,16 @@ SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s)
        if ((s->next != NULL) && (s->prev != NULL))
                SSL_SESSION_list_remove(ctx, s);
-        if (ctx->session_cache_head == NULL) {
+        if (ctx->internal->session_cache_head == NULL) {
-                ctx->session_cache_head = s;
+                ctx->internal->session_cache_head = s;
-                ctx->session_cache_tail = s;
+                ctx->internal->session_cache_tail = s;
-                s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
+                s->prev = (SSL_SESSION *)&(ctx->internal->session_cache_head);
-                s->next = (SSL_SESSION *)&(ctx->session_cache_tail);
+                s->next = (SSL_SESSION *)&(ctx->internal->session_cache_tail);
        } else {
-                s->next = ctx->session_cache_head;
+                s->next = ctx->internal->session_cache_head;
                s->next->prev = s;
-                s->prev = (SSL_SESSION *)&(ctx->session_cache_head);
+                s->prev = (SSL_SESSION *)&(ctx->internal->session_cache_head);
-                ctx->session_cache_head = s;
+                ctx->internal->session_cache_head = s;
        }
 }
@@ -1091,7 +1091,7 @@ SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e)
                ENGINE_finish(e);
                return 0;
        }
-        ctx->client_cert_engine = e;
+        ctx->internal->client_cert_engine = e;
        return 1;
 }
 #endif
author	jsing <>	2017-01-23 05:13:02 +0000
committer	jsing <>	2017-01-23 05:13:02 +0000
commit	4630d5542486d6e54b467c2ff4c949c001f4c5f6 (patch)
tree	50ca3784f76b348ba017005a955c6a288b176b57 /src/lib/libssl/ssl_sess.c
parent	98459d42c7a847e84cc12f2d7df5e16e0f44839c (diff)
download	openbsd-4630d5542486d6e54b467c2ff4c949c001f4c5f6.tar.gz openbsd-4630d5542486d6e54b467c2ff4c949c001f4c5f6.tar.bz2 openbsd-4630d5542486d6e54b467c2ff4c949c001f4c5f6.zip

diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index 541b143384..c114e6ec07 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_sess.c,v 1.59 2017/01/23 04:55:27 beck Exp $ */	1	/* $OpenBSD: ssl_sess.c,v 1.60 2017/01/23 05:13:02 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -449,7 +449,7 @@ ssl_get_prev_session(SSL s, unsigned char session_id, int len,
449	}	449	}
450		450
451	if (try_session_cache && ret == NULL &&	451	if (try_session_cache && ret == NULL &&
452	!(s->session_ctx->session_cache_mode &	452	!(s->session_ctx->internal->session_cache_mode &
453	SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {	453	SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)) {
454	SSL_SESSION data;	454	SSL_SESSION data;
455	data.ssl_version = s->version;	455	data.ssl_version = s->version;
@@ -457,7 +457,7 @@ ssl_get_prev_session(SSL s, unsigned char session_id, int len,
457	memcpy(data.session_id, session_id, len);	457	memcpy(data.session_id, session_id, len);
458		458
459	CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);	459	CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
460	ret = lh_SSL_SESSION_retrieve(s->session_ctx->sessions, &data);	460	ret = lh_SSL_SESSION_retrieve(s->session_ctx->internal->sessions, &data);
461	if (ret != NULL) {	461	if (ret != NULL) {
462	/* Don't allow other threads to steal it. */	462	/* Don't allow other threads to steal it. */
463	CRYPTO_add(&ret->references, 1,	463	CRYPTO_add(&ret->references, 1,
@@ -493,7 +493,7 @@ ssl_get_prev_session(SSL s, unsigned char session_id, int len,
493	* Add the externally cached session to the internal	493	* Add the externally cached session to the internal
494	* cache as well if and only if we are supposed to.	494	* cache as well if and only if we are supposed to.
495	*/	495	*/
496	if (!(s->session_ctx->session_cache_mode &	496	if (!(s->session_ctx->internal->session_cache_mode &
497	SSL_SESS_CACHE_NO_INTERNAL_STORE))	497	SSL_SESS_CACHE_NO_INTERNAL_STORE))
498	/*	498	/*
499	* The following should not return 1,	499	* The following should not return 1,
@@ -593,12 +593,12 @@ SSL_CTX_add_session(SSL_CTX ctx, SSL_SESSION c)
593	* later.	593	* later.
594	*/	594	*/
595	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);	595	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
596	s = lh_SSL_SESSION_insert(ctx->sessions, c);	596	s = lh_SSL_SESSION_insert(ctx->internal->sessions, c);
597		597
598	/*	598	/*
599	* s != NULL iff we already had a session with the given PID.	599	* s != NULL iff we already had a session with the given PID.
600	* In this case, s == c should hold (then we did not really modify	600	* In this case, s == c should hold (then we did not really modify
601	* ctx->sessions), or we're in trouble.	601	* ctx->internal->sessions), or we're in trouble.
602	*/	602	*/
603	if (s != NULL && s != c) {	603	if (s != NULL && s != c) {
604	/* We are in trouble ... */	604	/* We are in trouble ... */
@@ -638,7 +638,7 @@ SSL_CTX_add_session(SSL_CTX ctx, SSL_SESSION c)
638	while (SSL_CTX_sess_number(ctx) >	638	while (SSL_CTX_sess_number(ctx) >
639	SSL_CTX_sess_get_cache_size(ctx)) {	639	SSL_CTX_sess_get_cache_size(ctx)) {
640	if (!remove_session_lock(ctx,	640	if (!remove_session_lock(ctx,
641	ctx->session_cache_tail, 0))	641	ctx->internal->session_cache_tail, 0))
642	break;	642	break;
643	else	643	else
644	ctx->internal->stats.sess_cache_full++;	644	ctx->internal->stats.sess_cache_full++;
@@ -664,9 +664,9 @@ remove_session_lock(SSL_CTX ctx, SSL_SESSION c, int lck)
664	if ((c != NULL) && (c->session_id_length != 0)) {	664	if ((c != NULL) && (c->session_id_length != 0)) {
665	if (lck)	665	if (lck)
666	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);	666	CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
667	if ((r = lh_SSL_SESSION_retrieve(ctx->sessions, c)) == c) {	667	if ((r = lh_SSL_SESSION_retrieve(ctx->internal->sessions, c)) == c) {
668	ret = 1;	668	ret = 1;
669	r = lh_SSL_SESSION_delete(ctx->sessions, c);	669	r = lh_SSL_SESSION_delete(ctx->internal->sessions, c);
670	SSL_SESSION_list_remove(ctx, c);	670	SSL_SESSION_list_remove(ctx, c);
671	}	671	}
672	if (lck)	672	if (lck)
@@ -934,7 +934,7 @@ SSL_CTX_flush_sessions(SSL_CTX *s, long t)
934	TIMEOUT_PARAM tp;	934	TIMEOUT_PARAM tp;
935		935
936	tp.ctx = s;	936	tp.ctx = s;
937	tp.cache = s->sessions;	937	tp.cache = s->internal->sessions;
938	if (tp.cache == NULL)	938	if (tp.cache == NULL)
939	return;	939	return;
940	tp.time = t;	940	tp.time = t;
@@ -965,23 +965,23 @@ SSL_SESSION_list_remove(SSL_CTX ctx, SSL_SESSION s)
965	if ((s->next == NULL) \|\| (s->prev == NULL))	965	if ((s->next == NULL) \|\| (s->prev == NULL))
966	return;	966	return;
967		967
968	if (s->next == (SSL_SESSION *)&(ctx->session_cache_tail)) {	968	if (s->next == (SSL_SESSION *)&(ctx->internal->session_cache_tail)) {
969	/* last element in list */	969	/* last element in list */
970	if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {	970	if (s->prev == (SSL_SESSION *)&(ctx->internal->session_cache_head)) {
971	/* only one element in list */	971	/* only one element in list */
972	ctx->session_cache_head = NULL;	972	ctx->internal->session_cache_head = NULL;
973	ctx->session_cache_tail = NULL;	973	ctx->internal->session_cache_tail = NULL;
974	} else {	974	} else {
975	ctx->session_cache_tail = s->prev;	975	ctx->internal->session_cache_tail = s->prev;
976	s->prev->next =	976	s->prev->next =
977	(SSL_SESSION *)&(ctx->session_cache_tail);	977	(SSL_SESSION *)&(ctx->internal->session_cache_tail);
978	}	978	}
979	} else {	979	} else {
980	if (s->prev == (SSL_SESSION *)&(ctx->session_cache_head)) {	980	if (s->prev == (SSL_SESSION *)&(ctx->internal->session_cache_head)) {
981	/* first element in list */	981	/* first element in list */
982	ctx->session_cache_head = s->next;	982	ctx->internal->session_cache_head = s->next;
983	s->next->prev =	983	s->next->prev =
984	(SSL_SESSION *)&(ctx->session_cache_head);	984	(SSL_SESSION *)&(ctx->internal->session_cache_head);
985	} else {	985	} else {
986	/* middle of list */	986	/* middle of list */
987	s->next->prev = s->prev;	987	s->next->prev = s->prev;
@@ -997,16 +997,16 @@ SSL_SESSION_list_add(SSL_CTX ctx, SSL_SESSION s)
997	if ((s->next != NULL) && (s->prev != NULL))	997	if ((s->next != NULL) && (s->prev != NULL))
998	SSL_SESSION_list_remove(ctx, s);	998	SSL_SESSION_list_remove(ctx, s);
999		999
1000	if (ctx->session_cache_head == NULL) {	1000	if (ctx->internal->session_cache_head == NULL) {
1001	ctx->session_cache_head = s;	1001	ctx->internal->session_cache_head = s;
1002	ctx->session_cache_tail = s;	1002	ctx->internal->session_cache_tail = s;
1003	s->prev = (SSL_SESSION *)&(ctx->session_cache_head);	1003	s->prev = (SSL_SESSION *)&(ctx->internal->session_cache_head);
1004	s->next = (SSL_SESSION *)&(ctx->session_cache_tail);	1004	s->next = (SSL_SESSION *)&(ctx->internal->session_cache_tail);
1005	} else {	1005	} else {
1006	s->next = ctx->session_cache_head;	1006	s->next = ctx->internal->session_cache_head;
1007	s->next->prev = s;	1007	s->next->prev = s;
1008	s->prev = (SSL_SESSION *)&(ctx->session_cache_head);	1008	s->prev = (SSL_SESSION *)&(ctx->internal->session_cache_head);
1009	ctx->session_cache_head = s;	1009	ctx->internal->session_cache_head = s;
1010	}	1010	}
1011	}	1011	}
1012		1012
@@ -1091,7 +1091,7 @@ SSL_CTX_set_client_cert_engine(SSL_CTX ctx, ENGINE e)
1091	ENGINE_finish(e);	1091	ENGINE_finish(e);
1092	return 0;	1092	return 0;
1093	}	1093	}
1094	ctx->client_cert_engine = e;	1094	ctx->internal->client_cert_engine = e;
1095	return 1;	1095	return 1;
1096	}	1096	}
1097	#endif	1097	#endif