Changeset 87d507b in mod_gnutls


Ignore:
Timestamp:
Jun 17, 2016, 7:13:57 AM (2 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, master, upstream
Children:
ac3f500
Parents:
78b75b3
Message:

Overwrite session ticket key before releasing it

Private key material must not remain in released memory.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_hooks.c

    r78b75b3 r87d507b  
    5858
    5959/* Pool Cleanup Function */
    60 apr_status_t mgs_cleanup_pre_config(void *data __attribute__((unused))) {
    61         /* Free all session data */
     60apr_status_t mgs_cleanup_pre_config(void *data __attribute__((unused)))
     61{
     62    /* Free session ticket master key */
     63    gnutls_memset(session_ticket_key.data, 0, session_ticket_key.size);
    6264    gnutls_free(session_ticket_key.data);
    6365    session_ticket_key.data = NULL;
Note: See TracChangeset for help on using the changeset viewer.