{
ks->state = S_UNDEF;
- if (ks->ks_ssl.ssl) {
-#ifdef BIO_DEBUG
- bio_debug_oc ("close ssl_bio", ks->ks_ssl.ssl_bio);
- bio_debug_oc ("close ct_in", ks->ks_ssl.ct_in);
- bio_debug_oc ("close ct_out", ks->ks_ssl.ct_out);
-#endif
- BIO_free_all(ks->ks_ssl.ssl_bio);
- SSL_free (ks->ks_ssl.ssl);
- }
+ key_state_ssl_free(&ks->ks_ssl);
free_key_ctx_bi (&ks->key);
free_buf (&ks->plaintext_read_buf);
void key_state_ssl_init(struct key_state_ssl *ks_ssl,
const struct tls_root_ctx *ssl_ctx, bool is_server, void *session);
+/**
+ * Free the SSL channel part of the given key state.
+ *
+ * @param ks_ssl The SSL channel's state info to free
+ */
+void key_state_ssl_free(struct key_state_ssl *ks_ssl);
+
/*
* Show the TLS ciphers that are available for us to use in the OpenSSL
* library.
BIO_set_ssl (ks_ssl->ssl_bio, ks_ssl->ssl, BIO_NOCLOSE);
}
+void key_state_ssl_free(struct key_state_ssl *ks_ssl)
+{
+ if (ks_ssl->ssl) {
+#ifdef BIO_DEBUG
+ bio_debug_oc ("close ssl_bio", ks_ssl->ssl_bio);
+ bio_debug_oc ("close ct_in", ks_ssl->ct_in);
+ bio_debug_oc ("close ct_out", ks_ssl->ct_out);
+#endif
+ BIO_free_all(ks_ssl->ssl_bio);
+ SSL_free (ks_ssl->ssl);
+ }
+}
+
void
tls_ctx_load_extra_certs (struct tls_root_ctx *ctx, const char *extra_certs_file
#if ENABLE_INLINE_FILES
projects / thirdparty / openvpn.git / commitdiff
