-/* $OpenBSD: bio_ssl.c,v 1.28 2018/05/01 13:30:24 tb Exp $ */
+/* $OpenBSD: bio_ssl.c,v 1.29 2018/08/24 20:30:21 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
if ((((BIO_SSL *)t->ptr)->ssl == NULL) ||
(((BIO_SSL *)f->ptr)->ssl == NULL))
return (0);
- SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl, ((BIO_SSL *)f->ptr)->ssl);
+ if (!SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl,
+ ((BIO_SSL *)f->ptr)->ssl))
+ return (0);
return (1);
}
-/* $OpenBSD: ssl.h,v 1.158 2018/05/01 13:30:24 tb Exp $ */
+/* $OpenBSD: ssl.h,v 1.159 2018/08/24 20:30:21 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
long SSL_SESSION_set_time(SSL_SESSION *s, long t);
long SSL_SESSION_get_timeout(const SSL_SESSION *s);
long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
-void SSL_copy_session_id(SSL *to, const SSL *from);
+int SSL_copy_session_id(SSL *to, const SSL *from);
X509 *SSL_SESSION_get0_peer(SSL_SESSION *s);
int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
unsigned int sid_len);
-/* $OpenBSD: ssl_lib.c,v 1.185 2018/04/25 07:10:39 tb Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.186 2018/08/24 20:30:21 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* Now in theory, since the calling process own 't' it should be safe to
* modify. We need to be able to read f without being hassled
*/
-void
+int
SSL_copy_session_id(SSL *t, const SSL *f)
{
CERT *tmp;
- /* Do we need to to SSL locking? */
- SSL_set_session(t, SSL_get_session(f));
+ /* Do we need to do SSL locking? */
+ if (!SSL_set_session(t, SSL_get_session(f)))
+ return 0;
- /*
- * What if we are setup as SSLv2 but want to talk SSLv3 or
- * vice-versa.
- */
+ /* What if we are set up for one protocol but want to talk another? */
if (t->method != f->method) {
- t->method->internal->ssl_free(t); /* cleanup current */
- t->method = f->method; /* change method */
- t->method->internal->ssl_new(t); /* setup new */
+ t->method->internal->ssl_free(t);
+ t->method = f->method;
+ if (!t->method->internal->ssl_new(t))
+ return 0;
}
tmp = t->cert;
} else
t->cert = NULL;
ssl_cert_free(tmp);
- SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length);
+
+ if (!SSL_set_session_id_context(t, f->sid_ctx, f->sid_ctx_length))
+ return 0;
+
+ return 1;
}
/* Fix this so it checks all the valid key/cert options */
int i;
if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL)
- return (NULL);
+ goto err;
ret->version = s->version;
ret->internal->type = s->internal->type;
ret->method = s->method;
if (s->session != NULL) {
- /* This copies session-id, SSL_METHOD, sid_ctx, and 'cert' */
- SSL_copy_session_id(ret, s);
+ if (!SSL_copy_session_id(ret, s))
+ goto err;
} else {
/*
* No session has been established yet, so we have to expect
goto err;
}
- SSL_set_session_id_context(ret,
- s->sid_ctx, s->sid_ctx_length);
+ if (!SSL_set_session_id_context(ret, s->sid_ctx,
+ s->sid_ctx_length))
+ goto err;
}
ret->internal->options = s->internal->options;
}
}
- if (0) {
-err:
- if (ret != NULL)
- SSL_free(ret);
- ret = NULL;
- }
- return (ret);
+ return ret;
+ err:
+ SSL_free(ret);
+ return NULL;
}
void
projects / openbsd / commitdiff