external/boringssl: Sync to 7f8c553d7f4db0a6ce727f2986d41bf8fe8ec4bf.

This includes the following changes:

https://boringssl.googlesource.com/boringssl/+log/f8de2af7e319f83ba88579fbf127ba5fafc26c71..7f8c553d7f4db0a6ce727f2986d41bf8fe8ec4bf

Test: BoringSSL CTS Presubmits.
Change-Id: I1cc1bdabc0fa7ba83731e7fc01eaf3dd80e0aa5b

1 files changed, 6 insertions, 6 deletions

diff --git a/src/ssl/s3_lib.cc b/src/ssl/s3_lib.cc
index 3df8e1b3..f3f99fa4 100644
--- a/src/ssl/s3_lib.cc
+++ b/src/ssl/s3_lib.cc
@@ -164,25 +164,25 @@
 
 namespace bssl {
 
-int ssl3_new(SSL *ssl) {
+bool ssl3_new(SSL *ssl) {
   UniquePtr<SSLAEADContext> aead_read_ctx =
       SSLAEADContext::CreateNullCipher(SSL_is_dtls(ssl));
   UniquePtr<SSLAEADContext> aead_write_ctx =
       SSLAEADContext::CreateNullCipher(SSL_is_dtls(ssl));
   if (!aead_read_ctx || !aead_write_ctx) {
-    return 0;
+    return false;
   }
 
   SSL3_STATE *s3 = (SSL3_STATE *)OPENSSL_malloc(sizeof *s3);
   if (s3 == NULL) {
-    return 0;
+    return false;
   }
   OPENSSL_memset(s3, 0, sizeof *s3);
 
   s3->hs = ssl_handshake_new(ssl);
   if (s3->hs == NULL) {
     OPENSSL_free(s3);
-    return 0;
+    return false;
   }
 
   s3->aead_read_ctx = aead_read_ctx.release();
@@ -195,7 +195,7 @@ int ssl3_new(SSL *ssl) {
   // protocol version, and implement this pre-negotiation quirk in |SSL_version|
   // at the API boundary rather than in internal state.
   ssl->version = TLS1_2_VERSION;
-  return 1;
+  return true;
 }
 
 void ssl3_free(SSL *ssl) {
@@ -206,6 +206,7 @@ void ssl3_free(SSL *ssl) {
   ssl_read_buffer_clear(ssl);
   ssl_write_buffer_clear(ssl);
 
+  ERR_SAVE_STATE_free(ssl->s3->read_error);
   SSL_SESSION_free(ssl->s3->established_session);
   ssl_handshake_free(ssl->s3->hs);
   OPENSSL_free(ssl->s3->next_proto_negotiated);
@@ -215,7 +216,6 @@ void ssl3_free(SSL *ssl) {
   Delete(ssl->s3->aead_write_ctx);
   BUF_MEM_free(ssl->s3->pending_flight);
 
-  OPENSSL_cleanse(ssl->s3, sizeof *ssl->s3);
   OPENSSL_free(ssl->s3);
   ssl->s3 = NULL;
 }