Cache cstp_cipher string for GnuTLS only

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

gnutls.c

@@ -2182,12 +2182,11 @@ char *get_gnutls_cipher(gnutls_session_t session)
 
 const char *openconnect_get_cstp_cipher(struct openconnect_info *vpninfo)
 {
-	if (vpninfo->cstp_cipher != NULL) {
-		gnutls_free(vpninfo->cstp_cipher);
-	}
+	if (vpninfo->gnutls_cstp_cipher)
+		gnutls_free(vpninfo->gnutls_cstp_cipher);
 
-	vpninfo->cstp_cipher = get_gnutls_cipher(vpninfo->https_sess);
-	return vpninfo->cstp_cipher;
+	vpninfo->gnutls_cstp_cipher = get_gnutls_cipher(vpninfo->https_sess);
+	return vpninfo->gnutls_cstp_cipher;
 }
 
 int openconnect_sha1(unsigned char *result, void *data, int datalen)

library.c

@@ -196,10 +196,8 @@ void openconnect_vpninfo_free(struct openconnect_info *vpninfo)
 	free(vpninfo->ifname);
 	free(vpninfo->dtls_cipher);
 #if defined(OPENCONNECT_GNUTLS)
-	gnutls_free(vpninfo->cstp_cipher);
+	gnutls_free(vpninfo->gnutls_cstp_cipher);
 	gnutls_free(vpninfo->gnutls_dtls_cipher);
-#else
-	free(vpninfo->cstp_cipher);
 #endif
 	free(vpninfo->dtls_addr);
 

openconnect-internal.h

@@ -343,14 +343,14 @@ struct openconnect_info {
 	   have fewer ifdefs and accessor macros for it. */
 	gnutls_session_t dtls_ssl;
 	char *gnutls_dtls_cipher; /* cached for openconnect_get_dtls_cipher() */
+	char *gnutls_cstp_cipher;
 #endif
 	int dtls_state;
 	struct keepalive_info dtls_times;
 	unsigned char dtls_session_id[32];
 	unsigned char dtls_secret[48];
 
 	char *dtls_cipher;
-	char *cstp_cipher;
 	char *vpnc_script;
 	int script_tun;
 	char *ifname;