Use size_t for OCSP response length.

The OCSP response length is currently an integer, which is overloaded with -1 meaning "unset". Use a size_t for the OCSP response length and infer unset from the OCSP response being NULL. This makes code more readable, simpler and less error prone. ok beck@
author: jsing <jsing@openbsd.org> 2020-05-10 14:17:47 +0000
committer: jsing <jsing@openbsd.org> 2020-05-10 14:17:47 +0000
commit: d875fefd47f9f124550eb48e77679245674fcaf2 (patch)
tree: fcfeb9eadf343cff3d2ae0611d3dbbe62c0ab100 /lib/libssl/ssl_lib.c
parent: Only reset TLS extension state when parsing client hello or server hello. (diff)
download: wireguard-openbsd-d875fefd47f9f124550eb48e77679245674fcaf2.tar.xz
wireguard-openbsd-d875fefd47f9f124550eb48e77679245674fcaf2.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index 0c9b90be852..1c4ab636a1f 100644
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.212 2020/03/16 15:25:14 tb Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.213 2020/05/10 14:17:47 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -299,7 +299,7 @@ SSL_new(SSL_CTX *ctx)
 	s->internal->tlsext_ocsp_ids = NULL;
 	s->internal->tlsext_ocsp_exts = NULL;
 	s->internal->tlsext_ocsp_resp = NULL;
-	s->internal->tlsext_ocsp_resplen = -1;
+	s->internal->tlsext_ocsp_resp_len = 0;
 	CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
 	s->initial_ctx = ctx;
author	jsing <jsing@openbsd.org>	2020-05-10 14:17:47 +0000
committer	jsing <jsing@openbsd.org>	2020-05-10 14:17:47 +0000
commit	d875fefd47f9f124550eb48e77679245674fcaf2 (patch)
tree	fcfeb9eadf343cff3d2ae0611d3dbbe62c0ab100 /lib/libssl/ssl_lib.c
parent	Only reset TLS extension state when parsing client hello or server hello. (diff)
download	wireguard-openbsd-d875fefd47f9f124550eb48e77679245674fcaf2.tar.xz wireguard-openbsd-d875fefd47f9f124550eb48e77679245674fcaf2.zip