[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Matt Caswell
matt at openssl.org
Wed Jan 24 12:21:30 UTC 2018
The branch OpenSSL_1_0_2-stable has been updated
via 874893375c023c2b394887cfb54d52837a29f7c5 (commit)
from bb9ca2af564e86a89bfc3c01ddae7ceafe5ed3b7 (commit)
- Log -----------------------------------------------------------------
commit 874893375c023c2b394887cfb54d52837a29f7c5
Author: J Mohan Rao Arisankala <mohan at computer.org>
Date: Fri Apr 21 21:33:46 2017 +0530
Cleanup ctxs if callback fail to retrieve session ticket
If tlsext ticket decrypt callback returns error, cleanup ctxs
Reviewed-by: Rich Salz <rsalz at openssl.org>
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3273)
-----------------------------------------------------------------------
Summary of changes:
ssl/t1_lib.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 1a4387b..82ad601 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -3513,9 +3513,12 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
int rv = tctx->tlsext_ticket_key_cb(s, nctick, nctick + 16,
&ctx, &hctx, 0);
if (rv < 0)
- return -1;
- if (rv == 0)
+ goto err;
+ if (rv == 0) {
+ HMAC_CTX_cleanup(&hctx);
+ EVP_CIPHER_CTX_cleanup(&ctx);
return 2;
+ }
if (rv == 2)
renew_ticket = 1;
} else {
More information about the openssl-commits
mailing list