mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-07 10:40:48 +02:00
zeroize ssl->encrypt after transferring ownership to dup
This commit is contained in:
@@ -906,6 +906,9 @@ static int DupSSL(WOLFSSL* dup, WOLFSSL* ssl)
|
||||
XMEMCPY(&dup->version, &ssl->version, sizeof(ProtocolVersion));
|
||||
XMEMCPY(&dup->chVersion, &ssl->chVersion, sizeof(ProtocolVersion));
|
||||
|
||||
/* dup side now owns encrypt/write ciphers */
|
||||
XMEMSET(&ssl->encrypt, 0, sizeof(Ciphers));
|
||||
|
||||
#ifdef HAVE_ONE_TIME_AUTH
|
||||
#ifdef HAVE_POLY1305
|
||||
if (ssl->auth.setup && ssl->auth.poly1305 != NULL) {
|
||||
@@ -918,9 +921,6 @@ static int DupSSL(WOLFSSL* dup, WOLFSSL* ssl)
|
||||
#endif
|
||||
#endif
|
||||
|
||||
/* dup side now owns encrypt/write ciphers */
|
||||
XMEMSET(&ssl->encrypt, 0, sizeof(Ciphers));
|
||||
|
||||
#ifdef WOLFSSL_TLS13
|
||||
if (IsAtLeastTLSv1_3(ssl->version)) {
|
||||
/* Copy TLS 1.3 application traffic secrets so the write side can
|
||||
|
||||
Reference in New Issue
Block a user