Tidy up ssl3_digest_cached_records logic.

Rewrite ssl3_digest_cached_records handling. Only digest cached records if digest array is NULL: this means it is safe to call ssl3_digest_cached_records multiple times (subsequent calls are no op). Remove flag TLS1_FLAGS_KEEP_HANDSHAKE instead only update handshake buffer if digest array is NULL. Add additional "keep" parameter to ssl3_digest_cached_records to indicate if the handshake buffer should be retained after digesting cached records (needed for TLS 1.2 client authentication). Reviewed-by: Matt Caswell <matt@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2015-06-16 14:44:29 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2015-06-23 22:24:09 +0100
commit: 124037fdc0571b5bd9022412348e9979a1726a31 (patch)
tree: 05ed987e95a605a9cbe076d047c1c4309d263ca5 /ssl/ssl_locl.h
parent: 74924dcb3802640d7e2ae2e80ca6515d0a53de7a (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index f1046c5ffe..8f8d99700b 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1922,7 +1922,7 @@ void ssl3_free_digest_list(SSL *s);
 __owur unsigned long ssl3_output_cert_chain(SSL *s, CERT_PKEY *cpk);
 __owur SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt,
                                STACK_OF(SSL_CIPHER) *srvr);
-__owur int ssl3_digest_cached_records(SSL *s);
+__owur int ssl3_digest_cached_records(SSL *s, int keep);
 __owur int ssl3_new(SSL *s);
 void ssl3_free(SSL *s);
 __owur int ssl3_accept(SSL *s);
author	Dr. Stephen Henson <steve@openssl.org>	2015-06-16 14:44:29 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2015-06-23 22:24:09 +0100
commit	124037fdc0571b5bd9022412348e9979a1726a31 (patch)
tree	05ed987e95a605a9cbe076d047c1c4309d263ca5 /ssl/ssl_locl.h
parent	74924dcb3802640d7e2ae2e80ca6515d0a53de7a (diff)