Move a large part of ssl_st into internal, so we can see what squeals.

ok jsing@
author: beck <> 2017-01-23 06:45:30 +0000
committer: beck <> 2017-01-23 06:45:30 +0000
commit: fedd988b9f44e5e0ccf1a340f14354f32800d524 (patch)
tree: dfb700c2a3d1498e8069f1fab4c6691ef0f3fef1 /src/lib/libssl/ssl_sess.c
parent: 3b1c7c5973d7e6aca42940bd4e07900c35d585f5 (diff)
download: openbsd-fedd988b9f44e5e0ccf1a340f14354f32800d524.tar.gz
openbsd-fedd988b9f44e5e0ccf1a340f14354f32800d524.tar.bz2
openbsd-fedd988b9f44e5e0ccf1a340f14354f32800d524.zip
1 files changed, 15 insertions, 15 deletions
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index 4a7650fd9d..52a04d3094 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.61 2017/01/23 05:27:22 jsing Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.62 2017/01/23 06:45:30 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -319,7 +319,7 @@ ssl_get_new_session(SSL *s, int session)
                }
                /* If RFC4507 ticket use empty session ID. */
-                if (s->tlsext_ticket_expected) {
+                if (s->internal->tlsext_ticket_expected) {
                        ss->session_id_length = 0;
                        goto sess_id_done;
                }
@@ -411,7 +411,7 @@ sess_id_done:
 *   - If a session is found then s->session is pointed at it (after freeing
 *     an existing session if need be) and s->verify_result is set from the
 *     session.
- *   - Both for new and resumed sessions, s->tlsext_ticket_expected is set
+ *   - Both for new and resumed sessions, s->internal->tlsext_ticket_expected is set
 *     to 1 if the server should issue a new session ticket (to 0 otherwise).
 */
 int
@@ -431,7 +431,7 @@ ssl_get_prev_session(SSL *s, unsigned char *session_id, int len,
        if (len == 0)
                try_session_cache = 0;
-        /* Sets s->tlsext_ticket_expected. */
+        /* Sets s->internal->tlsext_ticket_expected. */
        r = tls1_process_ticket(s, session_id, len, limit, &ret);
        switch (r) {
        case -1: /* Error during processing */
@@ -566,7 +566,7 @@ err:
                         * The session was from a ticket, so we should
                         * issue a ticket for the new session.
                         */
-                        s->tlsext_ticket_expected = 1;
+                        s->internal->tlsext_ticket_expected = 1;
                }
        }
        if (fatal)
@@ -869,24 +869,24 @@ int
 SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
 {
        if (s->version >= TLS1_VERSION) {
-                free(s->tlsext_session_ticket);
+                free(s->internal->tlsext_session_ticket);
-                s->tlsext_session_ticket =
+                s->internal->tlsext_session_ticket =
                    malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
-                if (!s->tlsext_session_ticket) {
+                if (!s->internal->tlsext_session_ticket) {
                        SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT,
                            ERR_R_MALLOC_FAILURE);
                        return 0;
                }
                if (ext_data) {
-                        s->tlsext_session_ticket->length = ext_len;
+                        s->internal->tlsext_session_ticket->length = ext_len;
-                        s->tlsext_session_ticket->data =
+                        s->internal->tlsext_session_ticket->data =
-                            s->tlsext_session_ticket + 1;
+                            s->internal->tlsext_session_ticket + 1;
-                        memcpy(s->tlsext_session_ticket->data,
+                        memcpy(s->internal->tlsext_session_ticket->data,
                            ext_data, ext_len);
                } else {
-                        s->tlsext_session_ticket->length = 0;
+                        s->internal->tlsext_session_ticket->length = 0;
-                        s->tlsext_session_ticket->data = NULL;
+                        s->internal->tlsext_session_ticket->data = NULL;
                }
                return 1;
@@ -950,7 +950,7 @@ SSL_CTX_flush_sessions(SSL_CTX *s, long t)
 int
 ssl_clear_bad_session(SSL *s)
 {
-        if ((s->session != NULL) && !(s->shutdown & SSL_SENT_SHUTDOWN) &&
+        if ((s->session != NULL) && !(s->internal->shutdown & SSL_SENT_SHUTDOWN) &&
            !(SSL_in_init(s) || SSL_in_before(s))) {
                SSL_CTX_remove_session(s->ctx, s->session);
                return (1);
author	beck <>	2017-01-23 06:45:30 +0000
committer	beck <>	2017-01-23 06:45:30 +0000
commit	fedd988b9f44e5e0ccf1a340f14354f32800d524 (patch)
tree	dfb700c2a3d1498e8069f1fab4c6691ef0f3fef1 /src/lib/libssl/ssl_sess.c
parent	3b1c7c5973d7e6aca42940bd4e07900c35d585f5 (diff)
download	openbsd-fedd988b9f44e5e0ccf1a340f14354f32800d524.tar.gz openbsd-fedd988b9f44e5e0ccf1a340f14354f32800d524.tar.bz2 openbsd-fedd988b9f44e5e0ccf1a340f14354f32800d524.zip

diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index 4a7650fd9d..52a04d3094 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_sess.c,v 1.61 2017/01/23 05:27:22 jsing Exp $ */	1	/* $OpenBSD: ssl_sess.c,v 1.62 2017/01/23 06:45:30 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -319,7 +319,7 @@ ssl_get_new_session(SSL *s, int session)
319	}	319	}
320		320
321	/* If RFC4507 ticket use empty session ID. */	321	/* If RFC4507 ticket use empty session ID. */
322	if (s->tlsext_ticket_expected) {	322	if (s->internal->tlsext_ticket_expected) {
323	ss->session_id_length = 0;	323	ss->session_id_length = 0;
324	goto sess_id_done;	324	goto sess_id_done;
325	}	325	}
@@ -411,7 +411,7 @@ sess_id_done:
411	* - If a session is found then s->session is pointed at it (after freeing	411	* - If a session is found then s->session is pointed at it (after freeing
412	* an existing session if need be) and s->verify_result is set from the	412	* an existing session if need be) and s->verify_result is set from the
413	* session.	413	* session.
414	* - Both for new and resumed sessions, s->tlsext_ticket_expected is set	414	* - Both for new and resumed sessions, s->internal->tlsext_ticket_expected is set
415	* to 1 if the server should issue a new session ticket (to 0 otherwise).	415	* to 1 if the server should issue a new session ticket (to 0 otherwise).
416	*/	416	*/
417	int	417	int
@@ -431,7 +431,7 @@ ssl_get_prev_session(SSL s, unsigned char session_id, int len,
431	if (len == 0)	431	if (len == 0)
432	try_session_cache = 0;	432	try_session_cache = 0;
433		433
434	/* Sets s->tlsext_ticket_expected. */	434	/* Sets s->internal->tlsext_ticket_expected. */
435	r = tls1_process_ticket(s, session_id, len, limit, &ret);	435	r = tls1_process_ticket(s, session_id, len, limit, &ret);
436	switch (r) {	436	switch (r) {
437	case -1: /* Error during processing */	437	case -1: /* Error during processing */
@@ -566,7 +566,7 @@ err:
566	* The session was from a ticket, so we should	566	* The session was from a ticket, so we should
567	* issue a ticket for the new session.	567	* issue a ticket for the new session.
568	*/	568	*/
569	s->tlsext_ticket_expected = 1;	569	s->internal->tlsext_ticket_expected = 1;
570	}	570	}
571	}	571	}
572	if (fatal)	572	if (fatal)
@@ -869,24 +869,24 @@ int
869	SSL_set_session_ticket_ext(SSL s, void ext_data, int ext_len)	869	SSL_set_session_ticket_ext(SSL s, void ext_data, int ext_len)
870	{	870	{
871	if (s->version >= TLS1_VERSION) {	871	if (s->version >= TLS1_VERSION) {
872	free(s->tlsext_session_ticket);	872	free(s->internal->tlsext_session_ticket);
873	s->tlsext_session_ticket =	873	s->internal->tlsext_session_ticket =
874	malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);	874	malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
875	if (!s->tlsext_session_ticket) {	875	if (!s->internal->tlsext_session_ticket) {
876	SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT,	876	SSLerr(SSL_F_SSL_SET_SESSION_TICKET_EXT,
877	ERR_R_MALLOC_FAILURE);	877	ERR_R_MALLOC_FAILURE);
878	return 0;	878	return 0;
879	}	879	}
880		880
881	if (ext_data) {	881	if (ext_data) {
882	s->tlsext_session_ticket->length = ext_len;	882	s->internal->tlsext_session_ticket->length = ext_len;
883	s->tlsext_session_ticket->data =	883	s->internal->tlsext_session_ticket->data =
884	s->tlsext_session_ticket + 1;	884	s->internal->tlsext_session_ticket + 1;
885	memcpy(s->tlsext_session_ticket->data,	885	memcpy(s->internal->tlsext_session_ticket->data,
886	ext_data, ext_len);	886	ext_data, ext_len);
887	} else {	887	} else {
888	s->tlsext_session_ticket->length = 0;	888	s->internal->tlsext_session_ticket->length = 0;
889	s->tlsext_session_ticket->data = NULL;	889	s->internal->tlsext_session_ticket->data = NULL;
890	}	890	}
891		891
892	return 1;	892	return 1;
@@ -950,7 +950,7 @@ SSL_CTX_flush_sessions(SSL_CTX *s, long t)
950	int	950	int
951	ssl_clear_bad_session(SSL *s)	951	ssl_clear_bad_session(SSL *s)
952	{	952	{
953	if ((s->session != NULL) && !(s->shutdown & SSL_SENT_SHUTDOWN) &&	953	if ((s->session != NULL) && !(s->internal->shutdown & SSL_SENT_SHUTDOWN) &&
954	!(SSL_in_init(s) \|\| SSL_in_before(s))) {	954	!(SSL_in_init(s) \|\| SSL_in_before(s))) {
955	SSL_CTX_remove_session(s->ctx, s->session);	955	SSL_CTX_remove_session(s->ctx, s->session);
956	return (1);	956	return (1);