From: Adriaan de Jong <dejong@fox-it.com>
Date: Mon, 27 Jun 2011 15:51:23 +0000 (+0200)
Subject: Refactored key_state free code
X-Git-Tag: v2.3-alpha1~141
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=214fc873fe744ac722e9dd69917b6254e2151af2;p=thirdparty%2Fopenvpn.git

Refactored key_state free code

Signed-off-by: Adriaan de Jong <dejong@fox-it.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Signed-off-by: David Sommerseth <davids@redhat.com>
---

diff --git a/ssl.c b/ssl.c
index ae9d36c57..5b6a5cac6 100644
--- a/ssl.c
+++ b/ssl.c
@@ -2262,15 +2262,7 @@ key_state_free (struct key_state *ks, bool clear)
 {
   ks->state = S_UNDEF;
 
-  if (ks->ks_ssl.ssl) {
-#ifdef BIO_DEBUG
-    bio_debug_oc ("close ssl_bio", ks->ks_ssl.ssl_bio);
-    bio_debug_oc ("close ct_in", ks->ks_ssl.ct_in);
-    bio_debug_oc ("close ct_out", ks->ks_ssl.ct_out);
-#endif
-    BIO_free_all(ks->ks_ssl.ssl_bio);
-    SSL_free (ks->ks_ssl.ssl);
-  }
+  key_state_ssl_free(&ks->ks_ssl);
 
   free_key_ctx_bi (&ks->key);
   free_buf (&ks->plaintext_read_buf);
diff --git a/ssl_backend.h b/ssl_backend.h
index 5c96dafed..22266520e 100644
--- a/ssl_backend.h
+++ b/ssl_backend.h
@@ -287,6 +287,13 @@ void tls_ctx_load_extra_certs (struct tls_root_ctx *ctx, const char *extra_certs
 void key_state_ssl_init(struct key_state_ssl *ks_ssl,
     const struct tls_root_ctx *ssl_ctx, bool is_server, void *session);
 
+/**
+ * Free the SSL channel part of the given key state.
+ *
+ * @param ks_ssl	The SSL channel's state info to free
+ */
+void key_state_ssl_free(struct key_state_ssl *ks_ssl);
+
 /*
  * Show the TLS ciphers that are available for us to use in the OpenSSL
  * library.
diff --git a/ssl_openssl.c b/ssl_openssl.c
index 1214c6ead..8c3c4552f 100644
--- a/ssl_openssl.c
+++ b/ssl_openssl.c
@@ -889,6 +889,19 @@ key_state_ssl_init(struct key_state_ssl *ks_ssl, const struct tls_root_ctx *ssl_
   BIO_set_ssl (ks_ssl->ssl_bio, ks_ssl->ssl, BIO_NOCLOSE);
 }
 
+void key_state_ssl_free(struct key_state_ssl *ks_ssl)
+{
+  if (ks_ssl->ssl) {
+#ifdef BIO_DEBUG
+    bio_debug_oc ("close ssl_bio", ks_ssl->ssl_bio);
+    bio_debug_oc ("close ct_in", ks_ssl->ct_in);
+    bio_debug_oc ("close ct_out", ks_ssl->ct_out);
+#endif
+    BIO_free_all(ks_ssl->ssl_bio);
+    SSL_free (ks_ssl->ssl);
+  }
+}
+
 void
 tls_ctx_load_extra_certs (struct tls_root_ctx *ctx, const char *extra_certs_file
 #if ENABLE_INLINE_FILES