yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-26 13:05:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

ssl_client2: Zeroize peer CRT info buffer when reconnecting

Browse Source
This commit is contained in:
Hanno Becker 2019-02-26 11:38:29 +00:00
parent 890d7ee4cb
commit f9ca30d042
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
programs/ssl/ssl_client2.c
View File

@ -494,7 +494,7 @@ static int my_send( void *ctx, const unsigned char *buf, size_t len )
}
#if defined(MBEDTLS_X509_CRT_PARSE_C)
static unsigned char peer_crt_info[1024] = { 0 };
static unsigned char peer_crt_info[1024];
/*
* Enabled if debug_level > 1 in code below
@ -1650,6 +1650,7 @@ int main( int argc, char *argv[] )
}
mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
@ -2513,6 +2514,8 @@ reconnect:
mbedtls_printf( " . Reconnecting with saved session..." );
memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
{
mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n",