From 4b6b49a2bf85ce2576ea3bcd9bb8691e98cf8d50 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Sun, 28 Sep 2014 14:46:09 +0000 Subject: Provide a ressl config function that explicitly clears keys. Now that ressl config takes copies of the keys passed to it, the keys need to be explicitly cleared. While this can be done by calling the appropriate functions with a NULL pointer, it is simpler and more obvious to call one function that does this for you. ok tedu@ --- src/lib/libressl/ressl.h | 3 ++- src/lib/libressl/ressl_config.c | 9 ++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) (limited to 'src/lib') diff --git a/src/lib/libressl/ressl.h b/src/lib/libressl/ressl.h index 192f863f44..9795c3804b 100644 --- a/src/lib/libressl/ressl.h +++ b/src/lib/libressl/ressl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ressl.h,v 1.14 2014/09/28 06:24:00 tedu Exp $ */ +/* $OpenBSD: ressl.h,v 1.15 2014/09/28 14:46:09 jsing Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -44,6 +44,7 @@ int ressl_config_set_key_mem(struct ressl_config *config, const uint8_t *key, void ressl_config_set_verify_depth(struct ressl_config *config, int verify_depth); +void ressl_config_clear_keys(struct ressl_config *config); void ressl_config_insecure_no_verify(struct ressl_config *config); void ressl_config_verify(struct ressl_config *config); diff --git a/src/lib/libressl/ressl_config.c b/src/lib/libressl/ressl_config.c index 5deb8d187f..319bba330d 100644 --- a/src/lib/libressl/ressl_config.c +++ b/src/lib/libressl/ressl_config.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ressl_config.c,v 1.9 2014/09/28 06:24:00 tedu Exp $ */ +/* $OpenBSD: ressl_config.c,v 1.10 2014/09/28 14:46:09 jsing Exp $ */ /* * Copyright (c) 2014 Joel Sing * @@ -97,6 +97,13 @@ ressl_config_free(struct ressl_config *config) free(config); } +void +ressl_config_clear_keys(struct ressl_config *config) +{ + ressl_config_set_cert_mem(config, NULL, 0); + ressl_config_set_key_mem(config, NULL, 0); +} + int ressl_config_set_ca_file(struct ressl_config *config, const char *ca_file) { -- cgit v1.2.3-55-g6feb