diff options
| author | jsing <> | 2018-11-09 17:43:31 +0000 |
|---|---|---|
| committer | jsing <> | 2018-11-09 17:43:31 +0000 |
| commit | 826108f8a9b9e1ce5bf0a2ba0f8e70b746a6652f (patch) | |
| tree | 46aa99972eae27e863c414b66c65719b132c8b0e | |
| parent | b88042ee7a2d2fc6e740c79270b86ab3fe455897 (diff) | |
| download | openbsd-826108f8a9b9e1ce5bf0a2ba0f8e70b746a6652f.tar.gz openbsd-826108f8a9b9e1ce5bf0a2ba0f8e70b746a6652f.tar.bz2 openbsd-826108f8a9b9e1ce5bf0a2ba0f8e70b746a6652f.zip | |
Ensure we free the handshake transcript upon session resumption.
Found the hard way by jmc@
ok tb@
| -rw-r--r-- | src/lib/libssl/ssl_clnt.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 5dbda1f2fa..e9e098aa28 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_clnt.c,v 1.39 2018/11/09 05:43:39 beck Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.40 2018/11/09 17:43:31 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -309,6 +309,9 @@ ssl3_connect(SSL *s) | |||
| 309 | /* receive renewed session ticket */ | 309 | /* receive renewed session ticket */ |
| 310 | S3I(s)->hs.state = SSL3_ST_CR_SESSION_TICKET_A; | 310 | S3I(s)->hs.state = SSL3_ST_CR_SESSION_TICKET_A; |
| 311 | } | 311 | } |
| 312 | |||
| 313 | /* No client certificate verification. */ | ||
| 314 | tls1_transcript_free(s); | ||
| 312 | } | 315 | } |
| 313 | } else if (SSL_IS_DTLS(s)) { | 316 | } else if (SSL_IS_DTLS(s)) { |
| 314 | S3I(s)->hs.state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A; | 317 | S3I(s)->hs.state = DTLS1_ST_CR_HELLO_VERIFY_REQUEST_A; |