1 files changed, 14 insertions, 25 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index d8a186040b..2f4ab38863 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -2332,10 +2332,8 @@ ssl3_free(SSL *s)
                return;
 #ifdef TLSEXT_TYPE_opaque_prf_input
-        if (s->s3->client_opaque_prf_input != NULL)
+        free(s->s3->client_opaque_prf_input);
-                free(s->s3->client_opaque_prf_input);
+        free(s->s3->server_opaque_prf_input);
-        if (s->s3->server_opaque_prf_input != NULL)
-                free(s->s3->server_opaque_prf_input);
 #endif
        ssl3_cleanup_key_block(s);
@@ -2343,8 +2341,7 @@ ssl3_free(SSL *s)
                ssl3_release_read_buffer(s);
        if (s->s3->wbuf.buf != NULL)
                ssl3_release_write_buffer(s);
-        if (s->s3->rrec.comp != NULL)
+        free(s->s3->rrec.comp);
-                free(s->s3->rrec.comp);
 #ifndef OPENSSL_NO_DH
        if (s->s3->tmp.dh != NULL)
                DH_free(s->s3->tmp.dh);
@@ -2374,11 +2371,9 @@ ssl3_clear(SSL *s)
        int              init_extra;
 #ifdef TLSEXT_TYPE_opaque_prf_input
-        if (s->s3->client_opaque_prf_input != NULL)
+        free(s->s3->client_opaque_prf_input);
-                free(s->s3->client_opaque_prf_input);
        s->s3->client_opaque_prf_input = NULL;
-        if (s->s3->server_opaque_prf_input != NULL)
+        free(s->s3->server_opaque_prf_input);
-                free(s->s3->server_opaque_prf_input);
        s->s3->server_opaque_prf_input = NULL;
 #endif
@@ -2386,10 +2381,9 @@ ssl3_clear(SSL *s)
        if (s->s3->tmp.ca_names != NULL)
                sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
-        if (s->s3->rrec.comp != NULL) {
+        free(s->s3->rrec.comp);
-                free(s->s3->rrec.comp);
+        s->s3->rrec.comp = NULL;
-                s->s3->rrec.comp = NULL;
-        }
 #ifndef OPENSSL_NO_DH
        if (s->s3->tmp.dh != NULL) {
                DH_free(s->s3->tmp.dh);
@@ -2437,11 +2431,9 @@ ssl3_clear(SSL *s)
        s->version = SSL3_VERSION;
 #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
-        if (s->next_proto_negotiated) {
+        free(s->next_proto_negotiated);
-                free(s->next_proto_negotiated);
+        s->next_proto_negotiated = NULL;
-                s->next_proto_negotiated = NULL;
+        s->next_proto_negotiated_len = 0;
-                s->next_proto_negotiated_len = 0;
-        }
 #endif
 }
@@ -2589,8 +2581,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 #ifndef OPENSSL_NO_TLSEXT
        case SSL_CTRL_SET_TLSEXT_HOSTNAME:
                if (larg == TLSEXT_NAMETYPE_host_name) {
-                        if (s->tlsext_hostname != NULL)
+                        free(s->tlsext_hostname);
-                                free(s->tlsext_hostname);
                        s->tlsext_hostname = NULL;
                        ret = 1;
@@ -2630,8 +2621,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
                            SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
                        break;
                }
-                if (s->tlsext_opaque_prf_input != NULL)
+                free(s->tlsext_opaque_prf_input);
-                        free(s->tlsext_opaque_prf_input);
                if ((size_t)larg == 0) {
                        s->tlsext_opaque_prf_input = NULL;
                        s->tlsext_opaque_prf_input_len = 0;
@@ -2678,8 +2668,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
                return s->tlsext_ocsp_resplen;
        case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
-                if (s->tlsext_ocsp_resp)
+                free(s->tlsext_ocsp_resp);
-                        free(s->tlsext_ocsp_resp);
                s->tlsext_ocsp_resp = parg;
                s->tlsext_ocsp_resplen = larg;
                ret = 1;

diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index d8a186040b..2f4ab38863 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c
@@ -2332,10 +2332,8 @@ ssl3_free(SSL *s)
2332	return;	2332	return;
2333		2333
2334	#ifdef TLSEXT_TYPE_opaque_prf_input	2334	#ifdef TLSEXT_TYPE_opaque_prf_input
2335	if (s->s3->client_opaque_prf_input != NULL)	2335	free(s->s3->client_opaque_prf_input);
2336	free(s->s3->client_opaque_prf_input);	2336	free(s->s3->server_opaque_prf_input);
2337	if (s->s3->server_opaque_prf_input != NULL)
2338	free(s->s3->server_opaque_prf_input);
2339	#endif	2337	#endif
2340		2338
2341	ssl3_cleanup_key_block(s);	2339	ssl3_cleanup_key_block(s);
@@ -2343,8 +2341,7 @@ ssl3_free(SSL *s)
2343	ssl3_release_read_buffer(s);	2341	ssl3_release_read_buffer(s);
2344	if (s->s3->wbuf.buf != NULL)	2342	if (s->s3->wbuf.buf != NULL)
2345	ssl3_release_write_buffer(s);	2343	ssl3_release_write_buffer(s);
2346	if (s->s3->rrec.comp != NULL)	2344	free(s->s3->rrec.comp);
2347	free(s->s3->rrec.comp);
2348	#ifndef OPENSSL_NO_DH	2345	#ifndef OPENSSL_NO_DH
2349	if (s->s3->tmp.dh != NULL)	2346	if (s->s3->tmp.dh != NULL)
2350	DH_free(s->s3->tmp.dh);	2347	DH_free(s->s3->tmp.dh);
@@ -2374,11 +2371,9 @@ ssl3_clear(SSL *s)
2374	int init_extra;	2371	int init_extra;
2375		2372
2376	#ifdef TLSEXT_TYPE_opaque_prf_input	2373	#ifdef TLSEXT_TYPE_opaque_prf_input
2377	if (s->s3->client_opaque_prf_input != NULL)	2374	free(s->s3->client_opaque_prf_input);
2378	free(s->s3->client_opaque_prf_input);
2379	s->s3->client_opaque_prf_input = NULL;	2375	s->s3->client_opaque_prf_input = NULL;
2380	if (s->s3->server_opaque_prf_input != NULL)	2376	free(s->s3->server_opaque_prf_input);
2381	free(s->s3->server_opaque_prf_input);
2382	s->s3->server_opaque_prf_input = NULL;	2377	s->s3->server_opaque_prf_input = NULL;
2383	#endif	2378	#endif
2384		2379
@@ -2386,10 +2381,9 @@ ssl3_clear(SSL *s)
2386	if (s->s3->tmp.ca_names != NULL)	2381	if (s->s3->tmp.ca_names != NULL)
2387	sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);	2382	sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
2388		2383
2389	if (s->s3->rrec.comp != NULL) {	2384	free(s->s3->rrec.comp);
2390	free(s->s3->rrec.comp);	2385	s->s3->rrec.comp = NULL;
2391	s->s3->rrec.comp = NULL;	2386
2392	}
2393	#ifndef OPENSSL_NO_DH	2387	#ifndef OPENSSL_NO_DH
2394	if (s->s3->tmp.dh != NULL) {	2388	if (s->s3->tmp.dh != NULL) {
2395	DH_free(s->s3->tmp.dh);	2389	DH_free(s->s3->tmp.dh);
@@ -2437,11 +2431,9 @@ ssl3_clear(SSL *s)
2437	s->version = SSL3_VERSION;	2431	s->version = SSL3_VERSION;
2438		2432
2439	#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)	2433	#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
2440	if (s->next_proto_negotiated) {	2434	free(s->next_proto_negotiated);
2441	free(s->next_proto_negotiated);	2435	s->next_proto_negotiated = NULL;
2442	s->next_proto_negotiated = NULL;	2436	s->next_proto_negotiated_len = 0;
2443	s->next_proto_negotiated_len = 0;
2444	}
2445	#endif	2437	#endif
2446	}	2438	}
2447		2439
@@ -2589,8 +2581,7 @@ ssl3_ctrl(SSL s, int cmd, long larg, void parg)
2589	#ifndef OPENSSL_NO_TLSEXT	2581	#ifndef OPENSSL_NO_TLSEXT
2590	case SSL_CTRL_SET_TLSEXT_HOSTNAME:	2582	case SSL_CTRL_SET_TLSEXT_HOSTNAME:
2591	if (larg == TLSEXT_NAMETYPE_host_name) {	2583	if (larg == TLSEXT_NAMETYPE_host_name) {
2592	if (s->tlsext_hostname != NULL)	2584	free(s->tlsext_hostname);
2593	free(s->tlsext_hostname);
2594	s->tlsext_hostname = NULL;	2585	s->tlsext_hostname = NULL;
2595		2586
2596	ret = 1;	2587	ret = 1;
@@ -2630,8 +2621,7 @@ ssl3_ctrl(SSL s, int cmd, long larg, void parg)
2630	SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);	2621	SSL_R_OPAQUE_PRF_INPUT_TOO_LONG);
2631	break;	2622	break;
2632	}	2623	}
2633	if (s->tlsext_opaque_prf_input != NULL)	2624	free(s->tlsext_opaque_prf_input);
2634	free(s->tlsext_opaque_prf_input);
2635	if ((size_t)larg == 0) {	2625	if ((size_t)larg == 0) {
2636	s->tlsext_opaque_prf_input = NULL;	2626	s->tlsext_opaque_prf_input = NULL;
2637	s->tlsext_opaque_prf_input_len = 0;	2627	s->tlsext_opaque_prf_input_len = 0;
@@ -2678,8 +2668,7 @@ ssl3_ctrl(SSL s, int cmd, long larg, void parg)
2678	return s->tlsext_ocsp_resplen;	2668	return s->tlsext_ocsp_resplen;
2679		2669
2680	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:	2670	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
2681	if (s->tlsext_ocsp_resp)	2671	free(s->tlsext_ocsp_resp);
2682	free(s->tlsext_ocsp_resp);
2683	s->tlsext_ocsp_resp = parg;	2672	s->tlsext_ocsp_resp = parg;
2684	s->tlsext_ocsp_resplen = larg;	2673	s->tlsext_ocsp_resplen = larg;
2685	ret = 1;	2674	ret = 1;