summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorTheo Buehler <tb@cvs.openbsd.org>2020-01-21 04:45:19 +0000
committerTheo Buehler <tb@cvs.openbsd.org>2020-01-21 04:45:19 +0000
commit7ba7b897607f6558c3ebc8ff74bb71515100fcd5 (patch)
treee8e68bf6def7a89bfb60d4732769c45514bb413e /lib
parenta8bf765e46df28451faf215c13e75a46c6c54fe0 (diff)
Clear and free the tls13_ctx that hangs off an SSL *s from
SSL_{clear,free}(3). Make sure the handshake context is cleaned up completely: the hs_tls13 reacharound is taken care of by ssl3_{clear,free}(3). Add a missing tls13_handshake_msg_free() call to tls13_ctx_free(). ok beck jsing
Diffstat (limited to 'lib')
-rw-r--r--lib/libssl/ssl_lib.c7
-rw-r--r--lib/libssl/tls13_lib.c3
2 files changed, 8 insertions, 2 deletions
diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index 374342c3113..a667b5d2945 100644
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.207 2019/11/17 19:07:07 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.208 2020/01/21 04:45:18 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -193,6 +193,9 @@ SSL_clear(SSL *s)
s->internal->rwstate = SSL_NOTHING;
s->internal->rstate = SSL_ST_READ_HEADER;
+ tls13_ctx_free(s->internal->tls13);
+ s->internal->tls13 = NULL;
+
BUF_MEM_free(s->internal->init_buf);
s->internal->init_buf = NULL;
@@ -524,6 +527,8 @@ SSL_free(SSL *s)
BIO_free_all(s->rbio);
BIO_free_all(s->wbio);
+ tls13_ctx_free(s->internal->tls13);
+
BUF_MEM_free(s->internal->init_buf);
/* add extra stuff */
diff --git a/lib/libssl/tls13_lib.c b/lib/libssl/tls13_lib.c
index d30d28c45f7..fbd7a9a83ad 100644
--- a/lib/libssl/tls13_lib.c
+++ b/lib/libssl/tls13_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_lib.c,v 1.14 2020/01/20 13:10:37 jsing Exp $ */
+/* $OpenBSD: tls13_lib.c,v 1.15 2020/01/21 04:45:18 tb Exp $ */
/*
* Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2019 Bob Beck <beck@openbsd.org>
@@ -265,6 +265,7 @@ tls13_ctx_free(struct tls13_ctx *ctx)
tls13_error_clear(&ctx->error);
tls13_record_layer_free(ctx->rl);
+ tls13_handshake_msg_free(ctx->hs_msg);
freezero(ctx, sizeof(struct tls13_ctx));
}