summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2020-09-14 18:25:24 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2020-09-14 18:25:24 +0000
commit918cc65ccb8a736ea4e71e7d96a3d7e16680c958 (patch)
tree1490341f7b3a427cd0e9c5d3b084da8942f23ad3 /lib
parent266b995bd335486e027446bda66b26e97777a3c6 (diff)
Cleanup and simplify SSL_set_session().
SSL_set_ssl_method() checks to see if the method is already the same, so we do not need to do this check in three different places. Switch to dtls1_get_client_method()/tls1_get_client_method() to find the method - this is a slight change in behaviour, however there is not much point trying to resume a session on something other than a client. ok beck@
Diffstat (limited to 'lib')
-rw-r--r--lib/libssl/ssl_sess.c58
1 files changed, 22 insertions, 36 deletions
diff --git a/lib/libssl/ssl_sess.c b/lib/libssl/ssl_sess.c
index 3af4cfa79c3..4f9252679aa 100644
--- a/lib/libssl/ssl_sess.c
+++ b/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.97 2020/09/02 08:04:06 tb Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.98 2020/09/14 18:25:23 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -776,45 +776,31 @@ SSL_SESSION_up_ref(SSL_SESSION *ss)
int
SSL_set_session(SSL *s, SSL_SESSION *session)
{
- int ret = 0;
- const SSL_METHOD *meth;
-
- if (session != NULL) {
- meth = s->ctx->method->internal->get_ssl_method(session->ssl_version);
- if (meth == NULL)
- meth = s->method->internal->get_ssl_method(session->ssl_version);
- if (meth == NULL) {
- SSLerror(s, SSL_R_UNABLE_TO_FIND_SSL_METHOD);
- return (0);
- }
+ const SSL_METHOD *method;
- if (meth != s->method) {
- if (!SSL_set_ssl_method(s, meth))
- return (0);
- }
+ if (session == NULL) {
+ SSL_SESSION_free(s->session);
+ s->session = NULL;
- /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/
- CRYPTO_add(&session->references, 1, CRYPTO_LOCK_SSL_SESSION);
- if (s->session != NULL)
- SSL_SESSION_free(s->session);
- s->session = session;
- s->verify_result = s->session->verify_result;
- /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/
- ret = 1;
- } else {
- if (s->session != NULL) {
- SSL_SESSION_free(s->session);
- s->session = NULL;
- }
+ return SSL_set_ssl_method(s, s->ctx->method);
+ }
- meth = s->ctx->method;
- if (meth != s->method) {
- if (!SSL_set_ssl_method(s, meth))
- return (0);
- }
- ret = 1;
+ if ((method = tls1_get_client_method(session->ssl_version)) == NULL)
+ method = dtls1_get_client_method(session->ssl_version);
+ if (method == NULL) {
+ SSLerror(s, SSL_R_UNABLE_TO_FIND_SSL_METHOD);
+ return (0);
}
- return (ret);
+
+ if (!SSL_set_ssl_method(s, method))
+ return (0);
+
+ CRYPTO_add(&session->references, 1, CRYPTO_LOCK_SSL_SESSION);
+ SSL_SESSION_free(s->session);
+ s->session = session;
+ s->verify_result = s->session->verify_result;
+
+ return (1);
}
size_t