mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-30 01:24:21 +01:00
ssl_client2: Zeroize peer CRT info buffer when reconnecting
This commit is contained in:
parent
890d7ee4cb
commit
f9ca30d042
@ -494,7 +494,7 @@ static int my_send( void *ctx, const unsigned char *buf, size_t len )
|
|||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
static unsigned char peer_crt_info[1024] = { 0 };
|
static unsigned char peer_crt_info[1024];
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Enabled if debug_level > 1 in code below
|
* Enabled if debug_level > 1 in code below
|
||||||
@ -1650,6 +1650,7 @@ int main( int argc, char *argv[] )
|
|||||||
}
|
}
|
||||||
|
|
||||||
mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
|
mbedtls_ssl_conf_verify( &conf, my_verify, NULL );
|
||||||
|
memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
|
||||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||||
@ -2513,6 +2514,8 @@ reconnect:
|
|||||||
|
|
||||||
mbedtls_printf( " . Reconnecting with saved session..." );
|
mbedtls_printf( " . Reconnecting with saved session..." );
|
||||||
|
|
||||||
|
memset( peer_crt_info, 0, sizeof( peer_crt_info ) );
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
|
if( ( ret = mbedtls_ssl_session_reset( &ssl ) ) != 0 )
|
||||||
{
|
{
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n",
|
mbedtls_printf( " failed\n ! mbedtls_ssl_session_reset returned -0x%x\n\n",
|
||||||
|
Loading…
Reference in New Issue
Block a user