mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 19:54:21 +01:00
ssl_client2: Zeroize peer CRT info buffer when reconnecting
This commit is contained in:
Hanno Becker
parent
fe9aec4cb1
commit
a1051b4e9a
@ -478,7 +478,7 @@ static int my_send( void *ctx, const unsigned char *buf, size_t len )
|
|||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
static unsigned char peer_crt_info[1024] = { 0 };
|
static unsigned char peer_crt_info[1024];
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Enabled if debug_level > 1 in code below
|
* Enabled if debug_level > 1 in code below
|
||||||
@ -1512,6 +1512,7 @@ int main( int argc, char *argv[] )
|
|||||||
}
|
}
|
||||||
|
|
||||||
mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
|
mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
|
||||||
|
memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
|
||||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||||
|
|
||||||
if( opt.auth_mode != DFL_AUTH_MODE )
|
if( opt.auth_mode != DFL_AUTH_MODE )
|
||||||
@ -2217,6 +2218,8 @@ reconnect:
|
|||||||
|
|
||||||
mbedtls_printf( " . Reconnecting with saved session..." );
|
mbedtls_printf( " . Reconnecting with saved session..." );
|
||||||
|
|
||||||
|
memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
|
if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
|
||||||
{
|
{
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n",
|
mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n",
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user