tls: do not leak RSA key

function old new delta tls_handshake 1957 2059 +102 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
author: Denys Vlasenko <vda.linux@googlemail.com> 2018-11-25 16:17:26 +0100
committer: Denys Vlasenko <vda.linux@googlemail.com> 2018-11-25 16:17:26 +0100
commit: a6192f347fb87289c9cfdc4d57b126d704eba0de (patch)
tree: a444d7679f2d7d239fa7776fba8b5b578582adee /networking/tls.c
parent: eb53d01be54caf0208e4006c089d7841fe4a0f57 (diff)
download: busybox-w32-a6192f347fb87289c9cfdc4d57b126d704eba0de.tar.gz
busybox-w32-a6192f347fb87289c9cfdc4d57b126d704eba0de.tar.bz2
busybox-w32-a6192f347fb87289c9cfdc4d57b126d704eba0de.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/networking/tls.c b/networking/tls.c
index 9b4298de7..9833a0adb 100644
--- a/networking/tls.c
+++ b/networking/tls.c
@@ -2168,6 +2168,7 @@ void FAST_FUNC tls_handshake(tls_state_t *tls, const char *sni)
        /* application data can be sent/received */
        /* free handshake data */
+        psRsaKey_clear(&tls->hsd->server_rsa_pub_key);
 //      if (PARANOIA)
 //              memset(tls->hsd, 0, tls->hsd->hsd_size);
        free(tls->hsd);
author	Denys Vlasenko <vda.linux@googlemail.com>	2018-11-25 16:17:26 +0100
committer	Denys Vlasenko <vda.linux@googlemail.com>	2018-11-25 16:17:26 +0100
commit	a6192f347fb87289c9cfdc4d57b126d704eba0de (patch)
tree	a444d7679f2d7d239fa7776fba8b5b578582adee /networking/tls.c
parent	eb53d01be54caf0208e4006c089d7841fe4a0f57 (diff)
download	busybox-w32-a6192f347fb87289c9cfdc4d57b126d704eba0de.tar.gz busybox-w32-a6192f347fb87289c9cfdc4d57b126d704eba0de.tar.bz2 busybox-w32-a6192f347fb87289c9cfdc4d57b126d704eba0de.zip

diff --git a/networking/tls.c b/networking/tls.c index 9b4298de7..9833a0adb 100644 --- a/networking/tls.c +++ b/networking/tls.c
@@ -2168,6 +2168,7 @@ void FAST_FUNC tls_handshake(tls_state_t tls, const char sni)
2168	/* application data can be sent/received */	2168	/* application data can be sent/received */
2169		2169
2170	/* free handshake data */	2170	/* free handshake data */
		2171	psRsaKey_clear(&tls->hsd->server_rsa_pub_key);
2171	// if (PARANOIA)	2172	// if (PARANOIA)
2172	// memset(tls->hsd, 0, tls->hsd->hsd_size);	2173	// memset(tls->hsd, 0, tls->hsd->hsd_size);
2173	free(tls->hsd);	2174	free(tls->hsd);