[openssl-commits] [openssl] master update

[Rich Salz]

The branch master has been updated
       via  d31fb0b5b341aa7883b487d07e6a56d216224e25 (commit)
      from  29eca1c0d58026792b50f7fd7f447f7a5fe63b5f (commit)


- Log -----------------------------------------------------------------
commit d31fb0b5b341aa7883b487d07e6a56d216224e25
Author: Rich Salz <rsalz at akamai.com>
Date:   Sat Jun 13 10:50:00 2015 -0400

    Refactor into clear_ciphers; RT3588
    
    While closing RT3588 (Remove obsolete comment) Kurt and I saw that a
    few lines to completely clear the SSL cipher state could be moved into
    a common function.
    
    Reviewed-by: Kurt Roeckx <kurt at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 ssl/ssl_lib.c | 30 ++++++++++++------------------
 1 file changed, 12 insertions(+), 18 deletions(-)

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 1ce4f36..5c814fd 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -186,6 +186,14 @@ SSL3_ENC_METHOD ssl3_undef_enc_method = {
              int use_context))ssl_undefined_function,
 };
 
+static void clear_ciphers(SSL *s)
+{
+    /* clear the current cipher */
+    ssl_clear_cipher_ctx(s);
+    ssl_clear_hash_ctx(&s->read_hash);
+    ssl_clear_hash_ctx(&s->write_hash);
+}
+
 int SSL_clear(SSL *s)
 {
     if (s->method == NULL) {
@@ -217,9 +225,7 @@ int SSL_clear(SSL *s)
 
     BUF_MEM_free(s->init_buf);
     s->init_buf = NULL;
-    ssl_clear_cipher_ctx(s);
-    ssl_clear_hash_ctx(&s->read_hash);
-    ssl_clear_hash_ctx(&s->write_hash);
+    clear_ciphers(s);
     s->first_packet = 0;
 
     /*
@@ -548,9 +554,7 @@ void SSL_free(SSL *s)
         SSL_SESSION_free(s->session);
     }
 
-    ssl_clear_cipher_ctx(s);
-    ssl_clear_hash_ctx(&s->read_hash);
-    ssl_clear_hash_ctx(&s->write_hash);
+    clear_ciphers(s);
 
     ssl_cert_free(s->cert);
     /* Free up if allocated */
@@ -2450,20 +2454,13 @@ int SSL_do_handshake(SSL *s)
     return (ret);
 }
 
-/*
- * For the next 2 functions, SSL_clear() sets shutdown and so one of these
- * calls will reset it
- */
 void SSL_set_accept_state(SSL *s)
 {
     s->server = 1;
     s->shutdown = 0;
     s->state = SSL_ST_ACCEPT | SSL_ST_BEFORE;
     s->handshake_func = s->method->ssl_accept;
-    /* clear the current cipher */
-    ssl_clear_cipher_ctx(s);
-    ssl_clear_hash_ctx(&s->read_hash);
-    ssl_clear_hash_ctx(&s->write_hash);
+    clear_ciphers(s);
 }
 
 void SSL_set_connect_state(SSL *s)
@@ -2472,10 +2469,7 @@ void SSL_set_connect_state(SSL *s)
     s->shutdown = 0;
     s->state = SSL_ST_CONNECT | SSL_ST_BEFORE;
     s->handshake_func = s->method->ssl_connect;
-    /* clear the current cipher */
-    ssl_clear_cipher_ctx(s);
-    ssl_clear_hash_ctx(&s->read_hash);
-    ssl_clear_hash_ctx(&s->write_hash);
+    clear_ciphers(s);
 }
 
 int ssl_undefined_function(SSL *s)