[openssl-commits] [openssl] master update

Dr. Stephen Henson steve at openssl.org
Wed Feb 24 02:42:10 UTC 2016 

The branch master has been updated
       via  2cf28d6127fdfbfb43d21b87514f08d925ca0c3a (commit)
      from  8c73aeb61e6df2bcd375532145fd7f97afbc3f11 (commit)


- Log -----------------------------------------------------------------
commit 2cf28d6127fdfbfb43d21b87514f08d925ca0c3a
Author: Dr. Stephen Henson <steve at openssl.org>
Date:   Wed Feb 17 15:39:25 2016 +0000

    Remove unused parameter in ssl_set_masks().
    
    The ssl_set_masks() function no longer depends on the cipher. This
    also means there is no need to set the masks for each cipher in
    ssl3_choose_cipher.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 ssl/s3_lib.c   | 2 +-
 ssl/ssl_lib.c  | 4 ++--
 ssl/ssl_locl.h | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 967840f..07ce76d 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3788,6 +3788,7 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
     }
 
     tls1_set_cert_validity(s);
+    ssl_set_masks(s);
 
     for (i = 0; i < sk_SSL_CIPHER_num(prio); i++) {
         c = sk_SSL_CIPHER_value(prio, i);
@@ -3799,7 +3800,6 @@ const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
         if ((c->algorithm_ssl & SSL_TLSV1) && s->version == SSL3_VERSION)
             continue;
 
-        ssl_set_masks(s, c);
         mask_k = s->s3->tmp.mask_k;
         mask_a = s->s3->tmp.mask_a;
 #ifndef OPENSSL_NO_SRP
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index fecd392..7c62731 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2493,7 +2493,7 @@ void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg)
     ssl_cert_set_cert_cb(s->cert, cb, arg);
 }
 
-void ssl_set_masks(SSL *s, const SSL_CIPHER *cipher)
+void ssl_set_masks(SSL *s)
 {
 #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_GOST)
     CERT_PKEY *cpk;
@@ -2646,7 +2646,7 @@ CERT_PKEY *ssl_get_server_send_pkey(SSL *s)
     c = s->cert;
     if (!s->s3 || !s->s3->tmp.new_cipher)
         return NULL;
-    ssl_set_masks(s, s->s3->tmp.new_cipher);
+    ssl_set_masks(s);
 
     i = ssl_get_server_cert_index(s);
 
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index fbca4f9..f4d1ddc 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1854,7 +1854,7 @@ __owur int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverin
                                    size_t *serverinfo_length);
 __owur EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *c, const EVP_MD **pmd);
 __owur int ssl_cert_type(X509 *x, EVP_PKEY *pkey);
-void ssl_set_masks(SSL *s, const SSL_CIPHER *cipher);
+void ssl_set_masks(SSL *s);
 __owur STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
 __owur int ssl_verify_alarm_type(long type);
 void ssl_load_ciphers(void);

More information about the openssl-commits mailing list