feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #913 from JacobBarthelmeh/Compatibility-Layer

Browse Source 
allow re-using WOLFSSL structure after calling shutdown
This commit is contained in:
toddouska
2017-05-12 16:50:14 -07:00
committed by GitHub
parent dcd3a6a478 0374907acc
commit 3297280e62
2 changed files with 54 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/internal.c
View File

@@ -5094,6 +5094,10 @@ int HashInput(WOLFSSL* ssl, const byte* input, int sz)
} }
#endif #endif
if (ssl->hsHashes == NULL) {
return BAD_FUNC_ARG;
}
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
#ifndef NO_SHA #ifndef NO_SHA
wc_ShaUpdate(&ssl->hsHashes->hashSha, adj, sz); wc_ShaUpdate(&ssl->hsHashes->hashSha, adj, sz);

25
src/ssl.c
View File

@@ -2107,9 +2107,9 @@ int wolfSSL_shutdown(WOLFSSL* ssl)
if (ssl->options.quietShutdown) { if (ssl->options.quietShutdown) {
WOLFSSL_MSG("quiet shutdown, no close notify sent"); WOLFSSL_MSG("quiet shutdown, no close notify sent");
return SSL_SUCCESS; ret = SSL_SUCCESS;
} }
else {
/* try to send close notify, not an error if can't */ /* try to send close notify, not an error if can't */
if (!ssl->options.isClosed && !ssl->options.connReset && if (!ssl->options.isClosed && !ssl->options.connReset &&
!ssl->options.sentNotify) { !ssl->options.sentNotify) {
@@ -2121,12 +2121,12 @@ int wolfSSL_shutdown(WOLFSSL* ssl)
ssl->options.sentNotify = 1; /* don't send close_notify twice */ ssl->options.sentNotify = 1; /* don't send close_notify twice */
if (ssl->options.closeNotify) if (ssl->options.closeNotify)
ret = SSL_SUCCESS; ret = SSL_SUCCESS;
else else {
ret = SSL_SHUTDOWN_NOT_DONE; ret = SSL_SHUTDOWN_NOT_DONE;
WOLFSSL_LEAVE("SSL_shutdown()", ret); WOLFSSL_LEAVE("SSL_shutdown()", ret);
return ret; return ret;
} }
}
/* call wolfSSL_shutdown again for bidirectional shutdown */ /* call wolfSSL_shutdown again for bidirectional shutdown */
if (ssl->options.sentNotify && !ssl->options.closeNotify) { if (ssl->options.sentNotify && !ssl->options.closeNotify) {
@@ -2139,6 +2139,17 @@ int wolfSSL_shutdown(WOLFSSL* ssl)
ret = SSL_SUCCESS; ret = SSL_SUCCESS;
} }
} }
}
#ifdef OPENSSL_EXTRA
/* reset WOLFSSL structure state for possible re-use */
if (ret == SSL_SUCCESS) {
if (wolfSSL_clear(ssl) != SSL_SUCCESS) {
WOLFSSL_MSG("could not clear WOLFSSL");
ret = SSL_FATAL_ERROR;
}
}
#endif
WOLFSSL_LEAVE("SSL_shutdown()", ret); WOLFSSL_LEAVE("SSL_shutdown()", ret);
@@ -12716,6 +12727,10 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
int wolfSSL_clear(WOLFSSL* ssl) int wolfSSL_clear(WOLFSSL* ssl)
{ {
if (ssl == NULL) {
return SSL_FAILURE;
}
ssl->options.isClosed = 0; ssl->options.isClosed = 0;
ssl->options.connReset = 0; ssl->options.connReset = 0;
ssl->options.sentNotify = 0; ssl->options.sentNotify = 0;
@@ -12731,6 +12746,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
ssl->keys.encryptionOn = 0; ssl->keys.encryptionOn = 0;
XMEMSET(&ssl->msgsReceived, 0, sizeof(ssl->msgsReceived)); XMEMSET(&ssl->msgsReceived, 0, sizeof(ssl->msgsReceived));
if (ssl->hsHashes != NULL) {
#ifndef NO_OLD_TLS #ifndef NO_OLD_TLS
#ifndef NO_MD5 #ifndef NO_MD5
wc_InitMd5(&ssl->hsHashes->hashMd5); wc_InitMd5(&ssl->hsHashes->hashMd5);
@@ -12752,6 +12768,7 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD *md)
if (wc_InitSha512(&ssl->hsHashes->hashSha512) != 0) if (wc_InitSha512(&ssl->hsHashes->hashSha512) != 0)
return SSL_FAILURE; return SSL_FAILURE;
#endif #endif
}
#ifdef KEEP_PEER_CERT #ifdef KEEP_PEER_CERT
FreeX509(&ssl->peerCert); FreeX509(&ssl->peerCert);