-/* $OpenBSD: tls.c,v 1.33 2015/09/29 10:17:04 deraadt Exp $ */
+/* $OpenBSD: tls.c,v 1.34 2015/10/07 23:25:45 beck Exp $ */
/*
* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
*
else if ((ctx->flags & TLS_SERVER_CONN) != 0)
rv = tls_handshake_server(ctx);
- if (rv == 0 &&
- (ctx->ssl_peer_cert = SSL_get_peer_certificate(ctx->ssl_conn)) &&
- (tls_get_conninfo(ctx) == -1))
- rv = -1;
+ if (rv == 0) {
+ ctx->ssl_peer_cert = SSL_get_peer_certificate(ctx->ssl_conn);
+ if (tls_get_conninfo(ctx) == -1)
+ rv = -1;
+ }
out:
/* Prevent callers from performing incorrect error handling */
errno = 0;
-/* $OpenBSD: tls_conninfo.c,v 1.3 2015/09/28 15:18:08 jsing Exp $ */
+/* $OpenBSD: tls_conninfo.c,v 1.4 2015/10/07 23:25:45 beck Exp $ */
/*
* Copyright (c) 2015 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2015 Bob Beck <beck@openbsd.org>
int
tls_get_conninfo(struct tls *ctx) {
- int rv = -1;
+ const char * tmp;
if (ctx->ssl_peer_cert != NULL) {
if (tls_get_peer_cert_hash(ctx, &ctx->conninfo->hash) == -1)
goto err;
goto err;
if (tls_get_peer_cert_issuer(ctx, &ctx->conninfo->issuer) == -1)
goto err;
- ctx->conninfo->version = strdup(SSL_get_version(ctx->ssl_conn));
- if (ctx->conninfo->version == NULL)
- goto err;
- ctx->conninfo->cipher = strdup(SSL_get_cipher(ctx->ssl_conn));
- if (ctx->conninfo->cipher == NULL)
- goto err;
}
- rv = 0;
+ if ((tmp = SSL_get_version(ctx->ssl_conn)) == NULL)
+ goto err;
+ ctx->conninfo->version = strdup(tmp);
+ if (ctx->conninfo->version == NULL)
+ goto err;
+ if ((tmp = SSL_get_cipher(ctx->ssl_conn)) == NULL)
+ goto err;
+ ctx->conninfo->cipher = strdup(tmp);
+ if (ctx->conninfo->cipher == NULL)
+ goto err;
+ return (0);
err:
- return (rv);
+ tls_free_conninfo(ctx->conninfo);
+ return (-1);
}
void
projects / openbsd / commitdiff