Ensure the handshake transcript is cleaned up.

Add a check at the completion of the client/server handshake to ensure that
the handshake transcript has been freed. Fix the case where a server asks
the client for a certificate, but it does not have one, resulting in the
handshake transcript being left around post-handshake.

ok bcook@ tb@

1 files changed, 7 insertions, 1 deletions

diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index e046438cc0..f077140b90 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.48 2018/08/27 17:04:34 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.49 2018/11/08 20:26:45 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -707,6 +707,12 @@ ssl3_accept(SSL *s)
                         /* clean a few things up */
                         tls1_cleanup_key_block(s);
 
+                        if (S3I(s)->handshake_buffer != NULL) {
+                                SSLerror(s, ERR_R_INTERNAL_ERROR);
+                                ret = -1;
+                                goto end;
+                        }
+
                         if (!SSL_IS_DTLS(s)) {
                                 BUF_MEM_free(s->internal->init_buf);
                                 s->internal->init_buf = NULL;