mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-22 11:55:42 +01:00
Fix memory leak in server with expired tickets
This commit is contained in:
parent
84c30c7e83
commit
d701c9aec9
@ -39,6 +39,8 @@ Bugfix
|
||||
send() would return an EAGAIN error when sending the ticket.
|
||||
* ssl_cache was leaking memory when reusing a timed out entry containing a
|
||||
client certificate.
|
||||
* ssl_srv was leaking memory when client presented a timed out ticket
|
||||
containing a client certificate
|
||||
|
||||
= PolarSSL 1.3.4 released on 2014-01-27
|
||||
Features
|
||||
|
@ -310,7 +310,7 @@ static int ssl_parse_ticket( ssl_context *ssl,
|
||||
if( ( ret = ssl_load_session( &session, ticket, clear_len ) ) != 0 )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "failed to parse ticket content" ) );
|
||||
memset( &session, 0, sizeof( ssl_session ) );
|
||||
ssl_session_free( &session );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
@ -319,7 +319,7 @@ static int ssl_parse_ticket( ssl_context *ssl,
|
||||
if( (int) ( time( NULL) - session.start ) > ssl->ticket_lifetime )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "session ticket expired" ) );
|
||||
memset( &session, 0, sizeof( ssl_session ) );
|
||||
ssl_session_free( &session );
|
||||
return( POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED );
|
||||
}
|
||||
#endif
|
||||
|
Loading…
Reference in New Issue
Block a user