AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix memory leak in server with expired tickets

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-02-26 17:54:07 +01:00
parent 84c30c7e83
commit d701c9aec9
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -39,6 +39,8 @@ Bugfix
send() would return an EAGAIN error when sending the ticket.
* ssl_cache was leaking memory when reusing a timed out entry containing a
client certificate.
* ssl_srv was leaking memory when client presented a timed out ticket
containing a client certificate
= PolarSSL 1.3.4 released on 2014-01-27
Features

4
library/ssl_srv.c
View File

@ -310,7 +310,7 @@ static int ssl_parse_ticket( ssl_context *ssl,
if( ( ret = ssl_load_session( &session, ticket, clear_len ) ) != 0 )
{
SSL_DEBUG_MSG( 1, ( "failed to parse ticket content" ) );
memset( &session, 0, sizeof( ssl_session ) );
ssl_session_free( &session );
return( ret );
}
@ -319,7 +319,7 @@ static int ssl_parse_ticket( ssl_context *ssl,
if( (int) ( time( NULL) - session.start ) > ssl->ticket_lifetime )
{
SSL_DEBUG_MSG( 1, ( "session ticket expired" ) );
memset( &session, 0, sizeof( ssl_session ) );
ssl_session_free( &session );
return( POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED );
}
#endif