Free the transcript as soon as we initialise the transcript hash.

Unlike TLSv1.2 there is only a single hash in use, hence as soon as we
know what the hash is and have initialised the transcript hash, we can
free the transcript buffers.

ok inoguchi@ tb@

2 files changed, 4 insertions, 2 deletions

diff --git a/src/lib/libssl/tls13_client.c b/src/lib/libssl/tls13_client.c
index 69e75558dc..78f46bd859 100644
--- a/src/lib/libssl/tls13_client.c
+++ b/src/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.39 2020/01/30 17:09:23 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.40 2020/02/04 18:00:30 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -435,6 +435,7 @@ tls13_server_hello_recv(struct tls13_ctx *ctx, CBS *cbs)
         /* XXX - pass in hash. */
         if (!tls1_transcript_hash_init(s))
                 goto err;
+        tls1_transcript_free(s);
         if (!tls1_transcript_hash_value(s, buf, sizeof(buf), &hash_len))
                 goto err;
         context.data = buf;
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c
index 1f17fe4ab0..660508a121 100644
--- a/src/lib/libssl/tls13_server.c
+++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_server.c,v 1.22 2020/01/30 17:09:23 jsing Exp $ */
+/* $OpenBSD: tls13_server.c,v 1.23 2020/02/04 18:00:30 jsing Exp $ */
 /*
  * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -586,6 +586,7 @@ tls13_server_hello_sent(struct tls13_ctx *ctx)
         /* XXX - pass in hash. */
         if (!tls1_transcript_hash_init(s))
                 goto err;
+        tls1_transcript_free(s);
         if (!tls1_transcript_hash_value(s, buf, sizeof(buf), &hash_len))
                 goto err;
         context.data = buf;