Merge pull request #4532 from embhorn/zd13139

Fix mem leak in HandleTlsResumption
This commit is contained in:
David Garske
2021-11-08 08:39:45 -08:00
committed by GitHub

View File

@ -29131,25 +29131,31 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
* Session tickets are checked for validity based on the time each ticket * Session tickets are checked for validity based on the time each ticket
* was created, timeout value and the current time. If the tickets are * was created, timeout value and the current time. If the tickets are
* judged expired, falls back to full-handshake. If you want disable this * judged expired, falls back to full-handshake. If you want disable this
* sessin ticket validation check in TLS1.2 and below, define * session ticket validation check in TLS1.2 and below, define
* WOLFSSL_NO_TICKET_EXPRE. * WOLFSSL_NO_TICKET_EXPRE.
*/ */
int HandleTlsResumption(WOLFSSL* ssl, int bogusID, Suites* clSuites) int HandleTlsResumption(WOLFSSL* ssl, int bogusID, Suites* clSuites)
{ {
int ret = 0; int ret = 0;
WOLFSSL_SESSION* session; WOLFSSL_SESSION* session;
#ifdef HAVE_EXT_CACHE
byte gotSess = 0;
#endif
(void)bogusID; (void)bogusID;
#ifdef HAVE_SESSION_TICKET
session = GetSession(ssl, ssl->arrays->masterSecret, 1); if (ssl->options.useTicket == 1) {
#ifdef HAVE_SESSION_TICKET session = &ssl->session;
if (ssl->options.useTicket == 1) { } else if (bogusID == 1 && ssl->options.rejectTicket == 0) {
session = &ssl->session; WOLFSSL_MSG("Bogus session ID without session ticket");
} else if (bogusID == 1 && ssl->options.rejectTicket == 0) { return BUFFER_ERROR;
WOLFSSL_MSG("Bogus session ID without session ticket"); } else
return BUFFER_ERROR; #endif
} {
session = GetSession(ssl, ssl->arrays->masterSecret, 1);
#ifdef HAVE_EXT_CACHE
gotSess = 1;
#endif #endif
}
if (!session) { if (!session) {
WOLFSSL_MSG("Session lookup for resume failed"); WOLFSSL_MSG("Session lookup for resume failed");
ssl->options.resuming = 0; ssl->options.resuming = 0;
@ -29180,14 +29186,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#ifdef WOLFSSL_EXTRA_ALERTS #ifdef WOLFSSL_EXTRA_ALERTS
SendAlert(ssl, alert_fatal, handshake_failure); SendAlert(ssl, alert_fatal, handshake_failure);
#endif #endif
#ifdef HAVE_EXT_CACHE ret = EXT_MASTER_SECRET_NEEDED_E;
wolfSSL_SESSION_free(session);
#endif
return EXT_MASTER_SECRET_NEEDED_E;
} }
#ifdef HAVE_EXT_CACHE
wolfSSL_SESSION_free(session);
#endif
} }
else { else {
#ifndef NO_RESUME_SUITE_CHECK #ifndef NO_RESUME_SUITE_CHECK
@ -29205,36 +29205,41 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#ifdef WOLFSSL_EXTRA_ALERTS #ifdef WOLFSSL_EXTRA_ALERTS
SendAlert(ssl, alert_fatal, illegal_parameter); SendAlert(ssl, alert_fatal, illegal_parameter);
#endif #endif
return UNSUPPORTED_SUITE; ret = UNSUPPORTED_SUITE;
} }
#endif #endif
#ifdef HAVE_EXT_CACHE if (ret == 0) {
wolfSSL_SESSION_free(session); if (MatchSuite(ssl, clSuites) < 0) {
#endif WOLFSSL_MSG("Unsupported cipher suite, ClientHello");
if (MatchSuite(ssl, clSuites) < 0) { ret = UNSUPPORTED_SUITE;
WOLFSSL_MSG("Unsupported cipher suite, ClientHello"); }
return UNSUPPORTED_SUITE;
} }
if (ret == 0) {
ret = wc_RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, ret = wc_RNG_GenerateBlock(ssl->rng,
RAN_LEN); ssl->arrays->serverRandom, RAN_LEN);
if (ret != 0) }
return ret; if (ret == 0) {
#ifdef NO_OLD_TLS
#ifdef NO_OLD_TLS ret = DeriveTlsKeys(ssl);
ret = DeriveTlsKeys(ssl); #else
#else #ifndef NO_TLS
#ifndef NO_TLS if (ssl->options.tls)
if (ssl->options.tls) ret = DeriveTlsKeys(ssl);
ret = DeriveTlsKeys(ssl); #endif
if (!ssl->options.tls)
ret = DeriveKeys(ssl);
#endif #endif
if (!ssl->options.tls) ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE;
ret = DeriveKeys(ssl); }
#endif
ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE;
} }
#ifdef HAVE_EXT_CACHE
if (gotSess) {
wolfSSL_SESSION_free(session);
}
#endif
return ret; return ret;
} }