generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Rewrite ssl3_send_client_key_exchange to support extms.

Browse Source 
Rewrite ssl3_send_client_key_exchange to retain the premaster secret
instead of using it immediately.

This is needed because the premaster secret is used after the client key
exchange message has been sent to compute the extended master secret.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Dr. Stephen Henson
2015-01-23 02:41:09 +00:00
parent 48fbcbacd2
commit c660ec63a8
3 changed files with 112 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ssl/ssl_cert.c
View File

@@ -476,6 +476,11 @@ void ssl_cert_free(CERT *c)
custom_exts_free(&c->cli_ext);
custom_exts_free(&c->srv_ext);
#endif
if (c->pms) {
OPENSSL_cleanse(c->pms, c->pmslen);
OPENSSL_free(c->pms);
c->pms = NULL;
}
OPENSSL_free(c);
}