Merge SESS_CERT into SSL_SESSION.
authorjsing <jsing@openbsd.org>
Sat, 8 Jan 2022 12:59:58 +0000 (12:59 +0000)
committerjsing <jsing@openbsd.org>
Sat, 8 Jan 2022 12:59:58 +0000 (12:59 +0000)
There is no reason for SESS_CERT to exist - remove it and merge its members
into SSL_SESSION for the time being. More clean up to follow.

ok inoguchi@ tb@

lib/libssl/ssl_cert.c
lib/libssl/ssl_clnt.c
lib/libssl/ssl_lib.c
lib/libssl/ssl_locl.h
lib/libssl/ssl_sess.c
lib/libssl/ssl_srvr.c
lib/libssl/tls13_client.c
lib/libssl/tls13_server.c

index c735547..e91de65 100644 (file)
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_cert.c,v 1.92 2022/01/08 12:43:44 jsing Exp $ */
+/* $OpenBSD: ssl_cert.c,v 1.93 2022/01/08 12:59:58 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -347,41 +347,6 @@ ssl_cert_add1_chain_cert(SSL_CERT *c, X509 *cert)
        return 1;
 }
 
-SESS_CERT *
-ssl_sess_cert_new(void)
-{
-       SESS_CERT *ret;
-
-       ret = calloc(1, sizeof *ret);
-       if (ret == NULL) {
-               SSLerrorx(ERR_R_MALLOC_FAILURE);
-               return NULL;
-       }
-       ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA]);
-       ret->references = 1;
-
-       return ret;
-}
-
-void
-ssl_sess_cert_free(SESS_CERT *sc)
-{
-       int i;
-
-       if (sc == NULL)
-               return;
-
-       i = CRYPTO_add(&sc->references, -1, CRYPTO_LOCK_SSL_SESS_CERT);
-       if (i > 0)
-               return;
-
-       sk_X509_pop_free(sc->cert_chain, X509_free);
-       for (i = 0; i < SSL_PKEY_NUM; i++)
-               X509_free(sc->peer_pkeys[i].x509);
-
-       free(sc);
-}
-
 int
 ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk)
 {
index c3912c3..70b6fff 100644 (file)
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.127 2022/01/06 18:23:56 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.128 2022/01/08 12:59:58 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1076,7 +1076,6 @@ ssl3_get_server_certificate(SSL *s)
        X509 *x = NULL;
        const unsigned char *q;
        STACK_OF(X509) *sk = NULL;
-       SESS_CERT *sc;
        EVP_PKEY *pkey = NULL;
 
        if ((ret = ssl3_get_message(s, SSL3_ST_CR_CERT_A,
@@ -1154,20 +1153,11 @@ ssl3_get_server_certificate(SSL *s)
        }
        ERR_clear_error(); /* but we keep s->verify_result */
 
-       sc = ssl_sess_cert_new();
-       if (sc == NULL)
-               goto err;
-       ssl_sess_cert_free(s->session->sess_cert);
-       s->session->sess_cert = sc;
-
-       sc->cert_chain = sk;
        /*
         * Inconsistency alert: cert_chain does include the peer's
         * certificate, which we don't include in s3_srvr.c
         */
        x = sk_X509_value(sk, 0);
-       sk = NULL;
-       /* VRS 19990621: possible memory leak; sk=null ==> !sk_pop_free() @end*/
 
        pkey = X509_get_pubkey(x);
 
@@ -1185,20 +1175,21 @@ ssl3_get_server_certificate(SSL *s)
                SSLerror(s, SSL_R_UNKNOWN_CERTIFICATE_TYPE);
                goto fatal_err;
        }
+       s->session->peer_cert_type = i;
+
+       sk_X509_pop_free(s->session->cert_chain, X509_free);
+       s->session->cert_chain = sk;
+       sk = NULL;
 
-       sc->peer_cert_type = i;
        X509_up_ref(x);
-       /*
-        * Why would the following ever happen?
-        * We just created sc a couple of lines ago.
-        */
-       X509_free(sc->peer_pkeys[i].x509);
-       sc->peer_pkeys[i].x509 = x;
-       sc->peer_key = &(sc->peer_pkeys[i]);
+       X509_free(s->session->peer_pkeys[i].x509);
+       s->session->peer_pkeys[i].x509 = x;
+       s->session->peer_key = &s->session->peer_pkeys[i];
 
-       X509_free(s->session->peer);
        X509_up_ref(x);
+       X509_free(s->session->peer);
        s->session->peer = x;
+
        s->session->verify_result = s->verify_result;
 
        x = NULL;
@@ -1225,11 +1216,9 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, CBS *cbs)
 {
        int nid = NID_dhKeyAgreement;
        int invalid_params, invalid_key;
-       SESS_CERT *sc;
        long alg_a;
 
        alg_a = S3I(s)->hs.cipher->algorithm_auth;
-       sc = s->session->sess_cert;
 
        tls_key_share_free(S3I(s)->hs.key_share);
        if ((S3I(s)->hs.key_share = tls_key_share_new_nid(nid)) == NULL)
@@ -1254,7 +1243,7 @@ ssl3_get_server_kex_dhe(SSL *s, EVP_PKEY **pkey, CBS *cbs)
        }
 
        if (alg_a & SSL_aRSA)
-               *pkey = X509_get_pubkey(sc->peer_pkeys[SSL_PKEY_RSA].x509);
+               *pkey = X509_get_pubkey(s->session->peer_pkeys[SSL_PKEY_RSA].x509);
        else
                /* XXX - Anonymous DH, so no certificate or pkey. */
                *pkey = NULL;
@@ -1275,11 +1264,9 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, CBS *cbs)
        CBS public;
        uint8_t curve_type;
        uint16_t curve_id;
-       SESS_CERT *sc;
        long alg_a;
 
        alg_a = S3I(s)->hs.cipher->algorithm_auth;
-       sc = s->session->sess_cert;
 
        if (!CBS_get_u8(cbs, &curve_type))
                goto decode_err;
@@ -1319,9 +1306,9 @@ ssl3_get_server_kex_ecdhe(SSL *s, EVP_PKEY **pkey, CBS *cbs)
         * and ECDSA.
         */
        if (alg_a & SSL_aRSA)
-               *pkey = X509_get_pubkey(sc->peer_pkeys[SSL_PKEY_RSA].x509);
+               *pkey = X509_get_pubkey(s->session->peer_pkeys[SSL_PKEY_RSA].x509);
        else if (alg_a & SSL_aECDSA)
-               *pkey = X509_get_pubkey(sc->peer_pkeys[SSL_PKEY_ECC].x509);
+               *pkey = X509_get_pubkey(s->session->peer_pkeys[SSL_PKEY_ECC].x509);
        else
                /* XXX - Anonymous ECDH, so no certificate or pkey. */
                *pkey = NULL;
@@ -1381,12 +1368,6 @@ ssl3_get_server_key_exchange(SSL *s)
                return (1);
        }
 
-       if (s->session->sess_cert == NULL) {
-               s->session->sess_cert = ssl_sess_cert_new();
-               if (s->session->sess_cert == NULL)
-                       goto err;
-       }
-
        param = CBS_data(&cbs);
        param_len = CBS_len(&cbs);
 
@@ -1823,7 +1804,7 @@ ssl3_get_server_done(SSL *s)
 }
 
 static int
-ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
+ssl3_send_client_kex_rsa(SSL *s, CBB *cbb)
 {
        unsigned char pms[SSL_MAX_MASTER_KEY_LENGTH];
        unsigned char *enc_pms = NULL;
@@ -1838,7 +1819,7 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
         * RSA-Encrypted Premaster Secret Message - RFC 5246 section 7.4.7.1.
         */
 
-       pkey = X509_get_pubkey(sess_cert->peer_pkeys[SSL_PKEY_RSA].x509);
+       pkey = X509_get_pubkey(s->session->peer_pkeys[SSL_PKEY_RSA].x509);
        if (pkey == NULL || (rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) {
                SSLerror(s, ERR_R_INTERNAL_ERROR);
                goto err;
@@ -1890,7 +1871,7 @@ ssl3_send_client_kex_rsa(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
 }
 
 static int
-ssl3_send_client_kex_dhe(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
+ssl3_send_client_kex_dhe(SSL *s, CBB *cbb)
 {
        uint8_t *key = NULL;
        size_t key_len = 0;
@@ -1922,7 +1903,7 @@ ssl3_send_client_kex_dhe(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
 }
 
 static int
-ssl3_send_client_kex_ecdhe(SSL *s, SESS_CERT *sc, CBB *cbb)
+ssl3_send_client_kex_ecdhe(SSL *s, CBB *cbb)
 {
        uint8_t *key = NULL;
        size_t key_len = 0;
@@ -1961,7 +1942,7 @@ ssl3_send_client_kex_ecdhe(SSL *s, SESS_CERT *sc, CBB *cbb)
 }
 
 static int
-ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
+ssl3_send_client_kex_gost(SSL *s, CBB *cbb)
 {
        unsigned char premaster_secret[32], shared_ukm[32], tmp[256];
        EVP_PKEY *pub_key = NULL;
@@ -1975,7 +1956,7 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
        CBB gostblob;
 
        /* Get server sertificate PKEY and create ctx from it */
-       peer_cert = sess_cert->peer_pkeys[SSL_PKEY_GOST01].x509;
+       peer_cert = s->session->peer_pkeys[SSL_PKEY_GOST01].x509;
        if (peer_cert == NULL) {
                SSLerror(s, SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER);
                goto err;
@@ -2074,7 +2055,6 @@ ssl3_send_client_kex_gost(SSL *s, SESS_CERT *sess_cert, CBB *cbb)
 int
 ssl3_send_client_key_exchange(SSL *s)
 {
-       SESS_CERT *sess_cert;
        unsigned long alg_k;
        CBB cbb, kex;
 
@@ -2083,28 +2063,21 @@ ssl3_send_client_key_exchange(SSL *s)
        if (S3I(s)->hs.state == SSL3_ST_CW_KEY_EXCH_A) {
                alg_k = S3I(s)->hs.cipher->algorithm_mkey;
 
-               if ((sess_cert = s->session->sess_cert) == NULL) {
-                       ssl3_send_alert(s, SSL3_AL_FATAL,
-                           SSL_AD_UNEXPECTED_MESSAGE);
-                       SSLerror(s, ERR_R_INTERNAL_ERROR);
-                       goto err;
-               }
-
                if (!ssl3_handshake_msg_start(s, &cbb, &kex,
                    SSL3_MT_CLIENT_KEY_EXCHANGE))
                        goto err;
 
                if (alg_k & SSL_kRSA) {
-                       if (!ssl3_send_client_kex_rsa(s, sess_cert, &kex))
+                       if (!ssl3_send_client_kex_rsa(s, &kex))
                                goto err;
                } else if (alg_k & SSL_kDHE) {
-                       if (!ssl3_send_client_kex_dhe(s, sess_cert, &kex))
+                       if (!ssl3_send_client_kex_dhe(s, &kex))
                                goto err;
                } else if (alg_k & SSL_kECDHE) {
-                       if (!ssl3_send_client_kex_ecdhe(s, sess_cert, &kex))
+                       if (!ssl3_send_client_kex_ecdhe(s, &kex))
                                goto err;
                } else if (alg_k & SSL_kGOST) {
-                       if (ssl3_send_client_kex_gost(s, sess_cert, &kex) != 1)
+                       if (ssl3_send_client_kex_gost(s, &kex) != 1)
                                goto err;
                } else {
                        ssl3_send_alert(s, SSL3_AL_FATAL,
@@ -2481,11 +2454,10 @@ ssl3_send_client_certificate(SSL *s)
 int
 ssl3_check_cert_and_algorithm(SSL *s)
 {
-       int              i, idx;
-       long             alg_k, alg_a;
-       EVP_PKEY        *pkey = NULL;
-       SESS_CERT       *sc;
+       long alg_k, alg_a;
+       EVP_PKEY *pkey = NULL;
        int nid = NID_undef;
+       int i, idx;
 
        alg_k = S3I(s)->hs.cipher->algorithm_mkey;
        alg_a = S3I(s)->hs.cipher->algorithm_auth;
@@ -2494,21 +2466,15 @@ ssl3_check_cert_and_algorithm(SSL *s)
        if (alg_a & SSL_aNULL)
                return (1);
 
-       sc = s->session->sess_cert;
-       if (sc == NULL) {
-               SSLerror(s, ERR_R_INTERNAL_ERROR);
-               goto err;
-       }
-
        if (S3I(s)->hs.key_share != NULL)
                nid = tls_key_share_nid(S3I(s)->hs.key_share);
 
        /* This is the passed certificate. */
 
-       idx = sc->peer_cert_type;
+       idx = s->session->peer_cert_type;
        if (idx == SSL_PKEY_ECC) {
                if (ssl_check_srvr_ecc_cert_and_alg(
-                   sc->peer_pkeys[idx].x509, s) == 0) {
+                   s->session->peer_pkeys[idx].x509, s) == 0) {
                        /* check failed */
                        SSLerror(s, SSL_R_BAD_ECC_CERT);
                        goto fatal_err;
@@ -2516,8 +2482,8 @@ ssl3_check_cert_and_algorithm(SSL *s)
                        return (1);
                }
        }
-       pkey = X509_get_pubkey(sc->peer_pkeys[idx].x509);
-       i = X509_certificate_type(sc->peer_pkeys[idx].x509, pkey);
+       pkey = X509_get_pubkey(s->session->peer_pkeys[idx].x509);
+       i = X509_certificate_type(s->session->peer_pkeys[idx].x509, pkey);
        EVP_PKEY_free(pkey);
 
        /* Check that we have a certificate if we require one. */
@@ -2536,9 +2502,10 @@ ssl3_check_cert_and_algorithm(SSL *s)
        }
 
        return (1);
+
  fatal_err:
        ssl3_send_alert(s, SSL3_AL_FATAL, SSL_AD_HANDSHAKE_FAILURE);
- err:
+
        return (0);
 }
 
index 64b1806..fb0920c 100644 (file)
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.282 2022/01/08 12:43:44 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.283 2022/01/08 12:59:58 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -883,20 +883,14 @@ SSL_get_peer_certificate(const SSL *s)
 STACK_OF(X509) *
 SSL_get_peer_cert_chain(const SSL *s)
 {
-       STACK_OF(X509)  *r;
-
-       if ((s == NULL) || (s->session == NULL) ||
-           (s->session->sess_cert == NULL))
-               r = NULL;
-       else
-               r = s->session->sess_cert->cert_chain;
+       if (s == NULL || s->session == NULL)
+               return NULL;
 
        /*
         * If we are a client, cert_chain includes the peer's own
-        * certificate;
-        * if we are a server, it does not.
+        * certificate; if we are a server, it does not.
         */
-       return (r);
+       return s->session->cert_chain;
 }
 
 STACK_OF(X509) *
index 637a789..d559e71 100644 (file)
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.378 2022/01/08 12:54:32 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.379 2022/01/08 12:59:59 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -511,8 +511,15 @@ struct ssl_session_st {
         * not_resumable_session_cb to disable session caching and tickets. */
        int not_resumable;
 
-       /* The cert is the certificate used to establish this connection */
-       struct sess_cert_st /* SESS_CERT */ *sess_cert;
+       STACK_OF(X509) *cert_chain; /* as received from peer */
+
+       /* The 'peer_...' members are used only by clients. */
+       int peer_cert_type;
+
+       /* Obviously we don't have the private keys of these,
+        * so maybe we shouldn't even use the SSL_CERT_PKEY type here. */
+       SSL_CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */
+       SSL_CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
 
        size_t tlsext_ecpointformatlist_length;
        uint8_t *tlsext_ecpointformatlist; /* peer's list */
@@ -1216,20 +1223,6 @@ typedef struct ssl3_state_st {
        struct ssl3_state_internal_st *internal;
 } SSL3_STATE;
 
-typedef struct sess_cert_st {
-       STACK_OF(X509) *cert_chain; /* as received from peer */
-
-       /* The 'peer_...' members are used only by clients. */
-       int peer_cert_type;
-
-       SSL_CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never NULL!) */
-       SSL_CERT_PKEY peer_pkeys[SSL_PKEY_NUM];
-       /* Obviously we don't have the private keys of these,
-        * so maybe we shouldn't even use the SSL_CERT_PKEY type here. */
-
-       int references; /* actually always 1 at the moment */
-} SESS_CERT;
-
 /*#define SSL_DEBUG    */
 /*#define RSA_DEBUG    */
 
@@ -1295,8 +1288,6 @@ int ssl_cert_set1_chain(SSL_CERT *c, STACK_OF(X509) *chain);
 int ssl_cert_add0_chain_cert(SSL_CERT *c, X509 *cert);
 int ssl_cert_add1_chain_cert(SSL_CERT *c, X509 *cert);
 
-SESS_CERT *ssl_sess_cert_new(void);
-void ssl_sess_cert_free(SESS_CERT *sc);
 int ssl_get_new_session(SSL *s, int session);
 int ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block,
     int *alert);
index 2fa6af4..8d0f0b9 100644 (file)
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.106 2021/10/25 10:01:46 jsing Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.107 2022/01/08 12:59:59 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -230,6 +230,8 @@ SSL_SESSION_new(void)
        ss->next = NULL;
        ss->tlsext_hostname = NULL;
 
+       ss->peer_key = &ss->peer_pkeys[SSL_PKEY_RSA];
+
        ss->tlsext_ecpointformatlist_length = 0;
        ss->tlsext_ecpointformatlist = NULL;
        ss->tlsext_supportedgroups_length = 0;
@@ -760,7 +762,9 @@ SSL_SESSION_free(SSL_SESSION *ss)
        explicit_bzero(ss->master_key, sizeof ss->master_key);
        explicit_bzero(ss->session_id, sizeof ss->session_id);
 
-       ssl_sess_cert_free(ss->sess_cert);
+       sk_X509_pop_free(ss->cert_chain, X509_free);
+       for (i = 0; i < SSL_PKEY_NUM; i++)
+               X509_free(ss->peer_pkeys[i].x509);
 
        X509_free(ss->peer);
 
index 6e74943..7f7a176 100644 (file)
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.133 2022/01/08 12:43:44 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.134 2022/01/08 12:59:59 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2235,29 +2235,17 @@ ssl3_get_client_certificate(SSL *s)
 
        X509_free(s->session->peer);
        s->session->peer = sk_X509_shift(sk);
-       s->session->verify_result = s->verify_result;
-
-       /*
-        * With the current implementation, sess_cert will always be NULL
-        * when we arrive here
-        */
-       if (s->session->sess_cert == NULL) {
-               s->session->sess_cert = ssl_sess_cert_new();
-               if (s->session->sess_cert == NULL) {
-                       SSLerror(s, ERR_R_MALLOC_FAILURE);
-                       goto err;
-               }
-       }
-       sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
-       s->session->sess_cert->cert_chain = sk;
 
        /*
         * Inconsistency alert: cert_chain does *not* include the
         * peer's own certificate, while we do include it in s3_clnt.c
         */
-
+       sk_X509_pop_free(s->session->cert_chain, X509_free);
+       s->session->cert_chain = sk;
        sk = NULL;
 
+       s->session->verify_result = s->verify_result;
+
        ret = 1;
        if (0) {
  decode_err:
index 882bce8..d961f98 100644 (file)
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.90 2022/01/08 12:43:44 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.91 2022/01/08 12:59:59 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -628,21 +628,19 @@ tls13_server_certificate_recv(struct tls13_ctx *ctx, CBS *cbs)
        if ((cert_idx = ssl_cert_type(cert, pkey)) < 0)
                goto err;
 
-       ssl_sess_cert_free(s->session->sess_cert);
-       if ((s->session->sess_cert = ssl_sess_cert_new()) == NULL)
-               goto err;
-
-       s->session->sess_cert->cert_chain = certs;
+       sk_X509_pop_free(s->session->cert_chain, X509_free);
+       s->session->cert_chain = certs;
        certs = NULL;
 
        X509_up_ref(cert);
-       s->session->sess_cert->peer_pkeys[cert_idx].x509 = cert;
-       s->session->sess_cert->peer_key = &(s->session->sess_cert->peer_pkeys[cert_idx]);
-
-       X509_free(s->session->peer);
+       X509_free(s->session->peer_pkeys[cert_idx].x509);
+       s->session->peer_pkeys[cert_idx].x509 = cert;
+       s->session->peer_key = &s->session->peer_pkeys[cert_idx];
 
        X509_up_ref(cert);
+       X509_free(s->session->peer);
        s->session->peer = cert;
+
        s->session->verify_result = s->verify_result;
 
        if (ctx->ocsp_status_recv_cb != NULL &&
index 4edf388..e31ae38 100644 (file)
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.92 2022/01/08 12:43:45 jsing Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.93 2022/01/08 12:59:59 jsing Exp $ */
 /*
  * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -921,21 +921,19 @@ tls13_client_certificate_recv(struct tls13_ctx *ctx, CBS *cbs)
        if ((cert_idx = ssl_cert_type(cert, pkey)) < 0)
                goto err;
 
-       ssl_sess_cert_free(s->session->sess_cert);
-       if ((s->session->sess_cert = ssl_sess_cert_new()) == NULL)
-               goto err;
-
-       s->session->sess_cert->cert_chain = certs;
+       sk_X509_pop_free(s->session->cert_chain, X509_free);
+       s->session->cert_chain = certs;
        certs = NULL;
 
        X509_up_ref(cert);
-       s->session->sess_cert->peer_pkeys[cert_idx].x509 = cert;
-       s->session->sess_cert->peer_key = &(s->session->sess_cert->peer_pkeys[cert_idx]);
-
-       X509_free(s->session->peer);
+       X509_free(s->session->peer_pkeys[cert_idx].x509);
+       s->session->peer_pkeys[cert_idx].x509 = cert;
+       s->session->peer_key = &s->session->peer_pkeys[cert_idx];
 
        X509_up_ref(cert);
+       X509_free(s->session->peer);
        s->session->peer = cert;
+
        s->session->verify_result = s->verify_result;
 
        ctx->handshake_stage.hs_type |= WITH_CCV;