{
size_t ret = 0;
- if (s->s3 != NULL) {
- ret = s->s3->tmp.finish_md_len;
- if (count > ret)
- count = ret;
- memcpy(buf, s->s3->tmp.finish_md, count);
- }
+ ret = s->s3.tmp.finish_md_len;
+ if (count > ret)
+ count = ret;
+ memcpy(buf, s->s3.tmp.finish_md, count);
return ret;
}
{
size_t ret = 0;
- if (s->s3 != NULL) {
- ret = s->s3->tmp.peer_finish_md_len;
- if (count > ret)
- count = ret;
- memcpy(buf, s->s3->tmp.peer_finish_md, count);
- }
+ ret = s->s3.tmp.peer_finish_md_len;
+ if (count > ret)
+ count = ret;
+ memcpy(buf, s->s3.tmp.peer_finish_md, count);
return ret;
}
RECORD_LAYER_set_read_ahead(&s->rlayer, 1);
return 1;
case SSL_CTRL_GET_RI_SUPPORT:
- if (s->s3)
- return s->s3->send_connection_binding;
- else
- return 0;
+ return s->s3.send_connection_binding;
case SSL_CTRL_CERT_FLAGS:
return (s->cert->cert_flags |= larg);
case SSL_CTRL_CLEAR_CERT_FLAGS:
case SSL_CTRL_GET_RAW_CIPHERLIST:
if (parg) {
- if (s->s3->tmp.ciphers_raw == NULL)
+ if (s->s3.tmp.ciphers_raw == NULL)
return 0;
- *(unsigned char **)parg = s->s3->tmp.ciphers_raw;
- return (int)s->s3->tmp.ciphers_rawlen;
+ *(unsigned char **)parg = s->s3.tmp.ciphers_raw;
+ return (int)s->s3.tmp.ciphers_rawlen;
} else {
return TLS_CIPHER_LEN;
}
void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
unsigned int *len)
{
- *data = NULL;
- if (ssl->s3)
- *data = ssl->s3->alpn_selected;
+ *data = ssl->s3.alpn_selected;
if (*data == NULL)
*len = 0;
else
- *len = (unsigned int)ssl->s3->alpn_selected_len;
+ *len = (unsigned int)ssl->s3.alpn_selected_len;
}
int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
void ssl_set_masks(SSL *s)
{
CERT *c = s->cert;
- uint32_t *pvalid = s->s3->tmp.valid_flags;
+ uint32_t *pvalid = s->s3.tmp.valid_flags;
int rsa_enc, rsa_sign, dh_tmp, dsa_sign;
unsigned long mask_k, mask_a;
#ifndef OPENSSL_NO_EC
mask_k |= SSL_kECDHEPSK;
#endif
- s->s3->tmp.mask_k = mask_k;
- s->s3->tmp.mask_a = mask_a;
+ s->s3.tmp.mask_k = mask_k;
+ s->s3.tmp.mask_a = mask_a;
}
#ifndef OPENSSL_NO_EC
int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL *s)
{
- if (s->s3->tmp.new_cipher->algorithm_auth & SSL_aECDSA) {
+ if (s->s3.tmp.new_cipher->algorithm_auth & SSL_aECDSA) {
/* key usage, if present, must allow signing */
if (!(X509_get_key_usage(x) & X509v3_KU_DIGITAL_SIGNATURE)) {
SSLerr(SSL_F_SSL_CHECK_SRVR_ECC_CERT_AND_ALG,
int ssl_get_server_cert_serverinfo(SSL *s, const unsigned char **serverinfo,
size_t *serverinfo_length)
{
- CERT_PKEY *cpk = s->s3->tmp.cert;
+ CERT_PKEY *cpk = s->s3.tmp.cert;
*serverinfo_length = 0;
if (cpk == NULL || cpk->serverinfo == NULL)
return SSL_ERROR_WANT_CLIENT_HELLO_CB;
if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
- (s->s3->warn_alert == SSL_AD_CLOSE_NOTIFY))
+ (s->s3.warn_alert == SSL_AD_CLOSE_NOTIFY))
return SSL_ERROR_ZERO_RETURN;
return SSL_ERROR_SYSCALL;
const SSL_CIPHER *SSL_get_pending_cipher(const SSL *s)
{
- return s->s3->tmp.new_cipher;
+ return s->s3.tmp.new_cipher;
}
const COMP_METHOD *SSL_get_current_compression(const SSL *s)
size_t SSL_get_client_random(const SSL *ssl, unsigned char *out, size_t outlen)
{
if (outlen == 0)
- return sizeof(ssl->s3->client_random);
- if (outlen > sizeof(ssl->s3->client_random))
- outlen = sizeof(ssl->s3->client_random);
- memcpy(out, ssl->s3->client_random, outlen);
+ return sizeof(ssl->s3.client_random);
+ if (outlen > sizeof(ssl->s3.client_random))
+ outlen = sizeof(ssl->s3.client_random);
+ memcpy(out, ssl->s3.client_random, outlen);
return outlen;
}
size_t SSL_get_server_random(const SSL *ssl, unsigned char *out, size_t outlen)
{
if (outlen == 0)
- return sizeof(ssl->s3->server_random);
- if (outlen > sizeof(ssl->s3->server_random))
- outlen = sizeof(ssl->s3->server_random);
- memcpy(out, ssl->s3->server_random, outlen);
+ return sizeof(ssl->s3.server_random);
+ if (outlen > sizeof(ssl->s3.server_random))
+ outlen = sizeof(ssl->s3.server_random);
+ memcpy(out, ssl->s3.server_random, outlen);
return outlen;
}
size_t *hashlen)
{
EVP_MD_CTX *ctx = NULL;
- EVP_MD_CTX *hdgst = s->s3->handshake_dgst;
+ EVP_MD_CTX *hdgst = s->s3.handshake_dgst;
int hashleni = EVP_MD_CTX_size(hdgst);
int ret = 0;
{
return nss_keylog_int(label,
ssl,
- ssl->s3->client_random,
+ ssl->s3.client_random,
SSL3_RANDOM_SIZE,
secret,
secret_len);
return 0;
}
- OPENSSL_free(s->s3->tmp.ciphers_raw);
- s->s3->tmp.ciphers_raw = NULL;
- s->s3->tmp.ciphers_rawlen = 0;
+ OPENSSL_free(s->s3.tmp.ciphers_raw);
+ s->s3.tmp.ciphers_raw = NULL;
+ s->s3.tmp.ciphers_rawlen = 0;
if (sslv2format) {
size_t numciphers = PACKET_remaining(cipher_suites) / n;
* problem.
*/
raw = OPENSSL_malloc(numciphers * TLS_CIPHER_LEN);
- s->s3->tmp.ciphers_raw = raw;
+ s->s3.tmp.ciphers_raw = raw;
if (raw == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_CACHE_CIPHERLIST,
ERR_R_MALLOC_FAILURE);
return 0;
}
- for (s->s3->tmp.ciphers_rawlen = 0;
+ for (s->s3.tmp.ciphers_rawlen = 0;
PACKET_remaining(&sslv2ciphers) > 0;
raw += TLS_CIPHER_LEN) {
if (!PACKET_get_1(&sslv2ciphers, &leadbyte)
&& !PACKET_forward(&sslv2ciphers, TLS_CIPHER_LEN))) {
SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_SSL_CACHE_CIPHERLIST,
SSL_R_BAD_PACKET);
- OPENSSL_free(s->s3->tmp.ciphers_raw);
- s->s3->tmp.ciphers_raw = NULL;
- s->s3->tmp.ciphers_rawlen = 0;
+ OPENSSL_free(s->s3.tmp.ciphers_raw);
+ s->s3.tmp.ciphers_raw = NULL;
+ s->s3.tmp.ciphers_rawlen = 0;
return 0;
}
if (leadbyte == 0)
- s->s3->tmp.ciphers_rawlen += TLS_CIPHER_LEN;
+ s->s3.tmp.ciphers_rawlen += TLS_CIPHER_LEN;
}
- } else if (!PACKET_memdup(cipher_suites, &s->s3->tmp.ciphers_raw,
- &s->s3->tmp.ciphers_rawlen)) {
+ } else if (!PACKET_memdup(cipher_suites, &s->s3.tmp.ciphers_raw,
+ &s->s3.tmp.ciphers_rawlen)) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_CACHE_CIPHERLIST,
ERR_R_INTERNAL_ERROR);
return 0;
ERR_clear_error();
- s->s3->flags |= TLS1_FLAGS_STATELESS;
+ s->s3.flags |= TLS1_FLAGS_STATELESS;
ret = SSL_accept(s);
- s->s3->flags &= ~TLS1_FLAGS_STATELESS;
+ s->s3.flags &= ~TLS1_FLAGS_STATELESS;
if (ret > 0 && s->ext.cookieok)
return 1;