Free and zero DH/ECDH temporary key after use.

PR#4303 Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2016-02-13 02:27:33 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2016-02-13 13:17:08 +0000
commit: 5b326dc529e19194feaef9a65fa37efbe11eaa7e (patch)
tree: 9fa28b609806af933356adf46953f8f838ac7c82 /ssl
parent: 63994098d52b31ff8c143fc2662f2fe9e3c016f1 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 4d40d0f9f3..e4c018a9db 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -2360,6 +2360,8 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
 
         EVP_PKEY_free(ckey);
         ckey = NULL;
+        EVP_PKEY_free(s->s3->tmp.pkey);
+        s->s3->tmp.pkey = NULL;
 
     } else
 #endif
@@ -2412,6 +2414,8 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt)
 
         EVP_PKEY_free(ckey);
         ckey = NULL;
+        EVP_PKEY_free(s->s3->tmp.pkey);
+        s->s3->tmp.pkey = NULL;
 
         return MSG_PROCESS_CONTINUE_PROCESSING;
     } else
author	Dr. Stephen Henson <steve@openssl.org>	2016-02-13 02:27:33 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2016-02-13 13:17:08 +0000
commit	5b326dc529e19194feaef9a65fa37efbe11eaa7e (patch)
tree	9fa28b609806af933356adf46953f8f838ac7c82 /ssl
parent	63994098d52b31ff8c143fc2662f2fe9e3c016f1 (diff)