diff options
author | Trevor Perrin <unsafe@trevp.net> | 2013-07-27 23:10:14 -0700 |
---|---|---|
committer | Ben Laurie <ben@links.org> | 2013-07-31 14:29:41 +0100 |
commit | 0b2bde70dd8fc290d640ed64cf7609dc2963a48b (patch) | |
tree | 70693fd57b9dbe0b6151c57c3d0b11d32a82c148 /ssl/ssl_rsa.c | |
parent | a898936218bc279b5d7cdf76d58a25e7a2d419cb (diff) | |
download | openssl-0b2bde70dd8fc290d640ed64cf7609dc2963a48b.tar.gz |
Various custom extension fixes.
Force no SSL2 when custom extensions in use.
Don't clear extension state when cert is set.
Clear on renegotiate.
Diffstat (limited to 'ssl/ssl_rsa.c')
-rw-r--r-- | ssl/ssl_rsa.c | 21 |
1 files changed, 2 insertions, 19 deletions
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 77abcfce83..2837624ae9 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -463,23 +463,6 @@ static int ssl_set_cert(CERT *c, X509 *x) X509_free(c->pkeys[i].x509); CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509); c->pkeys[i].x509=x; -#ifndef OPENSSL_NO_TLSEXT - /* Free the old authz data, if it exists. */ - if (c->pkeys[i].authz != NULL) - { - OPENSSL_free(c->pkeys[i].authz); - c->pkeys[i].authz = NULL; - c->pkeys[i].authz_length = 0; - } - - /* Free the old serverinfo data, if it exists. */ - if (c->pkeys[i].serverinfo != NULL) - { - OPENSSL_free(c->pkeys[i].serverinfo); - c->pkeys[i].serverinfo = NULL; - c->pkeys[i].serverinfo_length = 0; - } -#endif c->key= &(c->pkeys[i]); c->valid=0; @@ -1083,7 +1066,7 @@ int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo, if (!serverinfo_process_buffer(serverinfo, serverinfo_length, NULL)) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO,SSL_R_INVALID_SERVERINFO_DATA); - return(0); + return 0; } if (!ssl_cert_inst(&ctx->cert)) { @@ -1110,7 +1093,7 @@ int SSL_CTX_use_serverinfo(SSL_CTX *ctx, const unsigned char *serverinfo, if (!serverinfo_process_buffer(serverinfo, serverinfo_length, ctx)) { SSLerr(SSL_F_SSL_CTX_USE_SERVERINFO,SSL_R_INVALID_SERVERINFO_DATA); - return(0); + return 0; } return 1; } |