1 files changed, 7 insertions, 18 deletions
diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c
index 64d317b7ac..8864366f59 100644
--- a/src/lib/libssl/s3_both.c
+++ b/src/lib/libssl/s3_both.c
@@ -268,23 +268,16 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
        X509_STORE_CTX xs_ctx;
        X509_OBJECT obj;
-        int no_chain;
-        if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) || s->ctx->extra_certs)
-                no_chain = 1;
-        else
-                no_chain = 0;
        /* TLSv1 sends a chain with nothing in it, instead of an alert */
        buf=s->init_buf;
-        if (!BUF_MEM_grow_clean(buf,10))
+        if (!BUF_MEM_grow(buf,(int)(10)))
                {
                SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
                return(0);
                }
        if (x != NULL)
                {
-                if(!no_chain && !X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL))
+                if(!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL))
                        {
                        SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
                        return(0);
@@ -293,7 +286,7 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
                for (;;)
                        {
                        n=i2d_X509(x,NULL);
-                        if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
+                        if (!BUF_MEM_grow(buf,(int)(n+l+3)))
                                {
                                SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
                                return(0);
@@ -302,10 +295,6 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
                        l2n3(n,p);
                        i2d_X509(x,&p);
                        l+=n+3;
-                        if (no_chain)
-                                break;
                        if (X509_NAME_cmp(X509_get_subject_name(x),
                                X509_get_issuer_name(x)) == 0) break;
@@ -317,8 +306,8 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
                         * ref count */
                        X509_free(x);
                        }
-                if (!no_chain)
-                        X509_STORE_CTX_cleanup(&xs_ctx);
+                X509_STORE_CTX_cleanup(&xs_ctx);
                }
        /* Thawte special :-) */
@@ -327,7 +316,7 @@ unsigned long ssl3_output_cert_chain(SSL *s, X509 *x)
                {
                x=sk_X509_value(s->ctx->extra_certs,i);
                n=i2d_X509(x,NULL);
-                if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))
+                if (!BUF_MEM_grow(buf,(int)(n+l+3)))
                        {
                        SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
                        return(0);
@@ -450,7 +439,7 @@ long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok)
                        SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
                        goto f_err;
                        }
-                if (l && !BUF_MEM_grow_clean(s->init_buf,(int)l+4))
+                if (l && !BUF_MEM_grow(s->init_buf,(int)l+4))
                        {
                        SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);
                        goto err;

diff --git a/src/lib/libssl/s3_both.c b/src/lib/libssl/s3_both.c index 64d317b7ac..8864366f59 100644 --- a/src/lib/libssl/s3_both.c +++ b/src/lib/libssl/s3_both.c
@@ -268,23 +268,16 @@ unsigned long ssl3_output_cert_chain(SSL s, X509 x)
268	X509_STORE_CTX xs_ctx;	268	X509_STORE_CTX xs_ctx;
269	X509_OBJECT obj;	269	X509_OBJECT obj;
270		270
271	int no_chain;
272
273	if ((s->mode & SSL_MODE_NO_AUTO_CHAIN) \|\| s->ctx->extra_certs)
274	no_chain = 1;
275	else
276	no_chain = 0;
277
278	/* TLSv1 sends a chain with nothing in it, instead of an alert */	271	/* TLSv1 sends a chain with nothing in it, instead of an alert */
279	buf=s->init_buf;	272	buf=s->init_buf;
280	if (!BUF_MEM_grow_clean(buf,10))	273	if (!BUF_MEM_grow(buf,(int)(10)))
281	{	274	{
282	SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);	275	SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
283	return(0);	276	return(0);
284	}	277	}
285	if (x != NULL)	278	if (x != NULL)
286	{	279	{
287	if(!no_chain && !X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL))	280	if(!X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL))
288	{	281	{
289	SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);	282	SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_X509_LIB);
290	return(0);	283	return(0);
@@ -293,7 +286,7 @@ unsigned long ssl3_output_cert_chain(SSL s, X509 x)
293	for (;;)	286	for (;;)
294	{	287	{
295	n=i2d_X509(x,NULL);	288	n=i2d_X509(x,NULL);
296	if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))	289	if (!BUF_MEM_grow(buf,(int)(n+l+3)))
297	{	290	{
298	SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);	291	SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
299	return(0);	292	return(0);
@@ -302,10 +295,6 @@ unsigned long ssl3_output_cert_chain(SSL s, X509 x)
302	l2n3(n,p);	295	l2n3(n,p);
303	i2d_X509(x,&p);	296	i2d_X509(x,&p);
304	l+=n+3;	297	l+=n+3;
305
306	if (no_chain)
307	break;
308
309	if (X509_NAME_cmp(X509_get_subject_name(x),	298	if (X509_NAME_cmp(X509_get_subject_name(x),
310	X509_get_issuer_name(x)) == 0) break;	299	X509_get_issuer_name(x)) == 0) break;
311		300
@@ -317,8 +306,8 @@ unsigned long ssl3_output_cert_chain(SSL s, X509 x)
317	* ref count */	306	* ref count */
318	X509_free(x);	307	X509_free(x);
319	}	308	}
320	if (!no_chain)	309
321	X509_STORE_CTX_cleanup(&xs_ctx);	310	X509_STORE_CTX_cleanup(&xs_ctx);
322	}	311	}
323		312
324	/* Thawte special :-) */	313	/* Thawte special :-) */
@@ -327,7 +316,7 @@ unsigned long ssl3_output_cert_chain(SSL s, X509 x)
327	{	316	{
328	x=sk_X509_value(s->ctx->extra_certs,i);	317	x=sk_X509_value(s->ctx->extra_certs,i);
329	n=i2d_X509(x,NULL);	318	n=i2d_X509(x,NULL);
330	if (!BUF_MEM_grow_clean(buf,(int)(n+l+3)))	319	if (!BUF_MEM_grow(buf,(int)(n+l+3)))
331	{	320	{
332	SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);	321	SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
333	return(0);	322	return(0);
@@ -450,7 +439,7 @@ long ssl3_get_message(SSL s, int st1, int stn, int mt, long max, int ok)
450	SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);	439	SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
451	goto f_err;	440	goto f_err;
452	}	441	}
453	if (l && !BUF_MEM_grow_clean(s->init_buf,(int)l+4))	442	if (l && !BUF_MEM_grow(s->init_buf,(int)l+4))
454	{	443	{
455	SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);	444	SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);
456	goto err;	445	goto err;