kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

ssl->cert and ctx->cert cannot be NULL.

Browse Source 
They get initialized in SSL_new and SSL_CTX_new, respectively.

Change-Id: Ib484108987a99f654d1a77fc473103f5cb393bd7
Reviewed-on: https://boringssl-review.googlesource.com/5676
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2015-08-09 12:07:25 -04:00 committed by Adam Langley
parent 3dd9016a51
commit 651b3d9284
2 changed files with 1 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ssl/d1_srvr.c
View File

@ -150,11 +150,6 @@ int dtls1_accept(SSL *s) {
s->in_handshake++; s->in_handshake++;
if (s->cert == NULL) {
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_SET);
return -1;
}
for (;;) { for (;;) {
state = s->state; state = s->state;

19
ssl/ssl_lib.c
View File

@ -794,7 +794,7 @@ STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s) {
/* Fix this so it checks all the valid key/cert options */ /* Fix this so it checks all the valid key/cert options */
int SSL_CTX_check_private_key(const SSL_CTX *ctx) { int SSL_CTX_check_private_key(const SSL_CTX *ctx) {
if (ctx == NULL || ctx->cert == NULL || ctx->cert->x509 == NULL) { if (ctx->cert->x509 == NULL) {
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_ASSIGNED); OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_ASSIGNED);
return 0; return 0;
} }
@ -809,16 +809,6 @@ int SSL_CTX_check_private_key(const SSL_CTX *ctx) {
/* Fix this function so that it takes an optional type parameter */ /* Fix this function so that it takes an optional type parameter */
int SSL_check_private_key(const SSL *ssl) { int SSL_check_private_key(const SSL *ssl) {
if (ssl == NULL) {
OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (ssl->cert == NULL) {
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_ASSIGNED);
return 0;
}
if (ssl->cert->x509 == NULL) { if (ssl->cert->x509 == NULL) {
OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_ASSIGNED); OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_ASSIGNED);
return 0; return 0;
@ -1811,13 +1801,6 @@ void ssl_get_compatible_server_ciphers(SSL *s, uint32_t *out_mask_k,
int have_ecc_cert = 0, ecdsa_ok; int have_ecc_cert = 0, ecdsa_ok;
X509 *x; X509 *x;
if (c == NULL) {
/* TODO(davidben): Is this codepath possible? */
*out_mask_k = 0;
*out_mask_a = 0;
return;
}
dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL); dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);
if (s->cert->x509 != NULL && ssl_has_private_key(s)) { if (s->cert->x509 != NULL && ssl_has_private_key(s)) {