diff options
author | Attila Molnar <attilamolnar@hush.com> | 2014-06-16 20:57:37 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-06-17 10:24:12 +0200 |
commit | 167c20d0d8d6c22f9114a32b11efc7d66d276719 (patch) | |
tree | e986aeffe94cd9c573c09ab019dd429d698d994a | |
parent | b8363aba7f43c40af91c20aa0aba0c5e3c8506af (diff) | |
download | gnutls-167c20d0d8d6c22f9114a32b11efc7d66d276719.tar.gz |
doc: Explain post-callback deallocation behavior for the SRP server callback
Signed-off-by: Attila Molnar <attilamolnar@hush.com>
-rw-r--r-- | lib/gnutls_srp.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/gnutls_srp.c b/lib/gnutls_srp.c index 0423435093..fb7c08399a 100644 --- a/lib/gnutls_srp.c +++ b/lib/gnutls_srp.c @@ -624,6 +624,11 @@ gnutls_srp_set_server_credentials_file(gnutls_srp_server_credentials_t res, * in using the gnutls_malloc(). For convenience @prime and @generator * may also be one of the static parameters defined in gnutls.h. * + * Initially, the data field is NULL in every #gnutls_datum_t + * structure that the callback has to fill in. When the + * callback is done GnuTLS deallocates all of those buffers + * which are non-NULL, regardless of the return value. + * * In order to prevent attackers from guessing valid usernames, * if a user does not exist, g and n values should be filled in * using a random user's parameters. In that case the callback must |