diff options
| author |   jsing <jsing@openbsd.org> | 2020-05-10 14:17:47 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2020-05-10 14:17:47 +0000 |
| commit | d875fefd47f9f124550eb48e77679245674fcaf2 (patch) | |
| tree | fcfeb9eadf343cff3d2ae0611d3dbbe62c0ab100 /lib/libssl/ssl_clnt.c | |
| parent | Only reset TLS extension state when parsing client hello or server hello. (diff) | |
| download | wireguard-openbsd-d875fefd47f9f124550eb48e77679245674fcaf2.tar.xz wireguard-openbsd-d875fefd47f9f124550eb48e77679245674fcaf2.zip | |
Use size_t for OCSP response length.
The OCSP response length is currently an integer, which is overloaded with
-1 meaning "unset". Use a size_t for the OCSP response length and infer
unset from the OCSP response being NULL. This makes code more readable,
simpler and less error prone.
ok beck@
Diffstat (limited to 'lib/libssl/ssl_clnt.c')
| -rw-r--r-- | lib/libssl/ssl_clnt.c | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c index a83453d39c8..6b457569a3b 100644 --- a/lib/libssl/ssl_clnt.c +++ b/lib/libssl/ssl_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_clnt.c,v 1.65 2020/05/09 13:54:19 tb Exp $ */ +/* $OpenBSD: ssl_clnt.c,v 1.66 2020/05/10 14:17:47 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1830,7 +1830,6 @@ int ssl3_get_cert_status(SSL *s) { CBS cert_status, response; - size_t stow_len; int ok, al; long n; uint8_t status_type; @@ -1871,13 +1870,11 @@ ssl3_get_cert_status(SSL *s) } if (!CBS_stow(&response, &s->internal->tlsext_ocsp_resp, - &stow_len) || stow_len > INT_MAX) { - s->internal->tlsext_ocsp_resplen = 0; + &s->internal->tlsext_ocsp_resp_len)) { al = SSL_AD_INTERNAL_ERROR; SSLerror(s, ERR_R_MALLOC_FAILURE); goto f_err; } - s->internal->tlsext_ocsp_resplen = (int)stow_len; if (s->ctx->internal->tlsext_status_cb) { int ret; |