diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-11-13 16:41:31 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-11-13 16:41:31 +0100 |
| commit | 03049f8e7a02b19695464ce026bab947831df803 (patch) | |
| tree | afd03737ed0f2c980795975e9be4f3d2446f63c6 | |
| parent | 86cfae5389d80d516adeea6b13f98baae536369e (diff) | |
| download | gnutls-03049f8e7a02b19695464ce026bab947831df803.tar.gz | |
Revert "deinitialize all handshake keys when handshake is over"
This reverts commit 0e370b7b34c96f7929f9070ad8287c6cf52e7901.
| -rw-r--r-- | lib/gnutls_state.c | 52 |
1 files changed, 24 insertions, 28 deletions
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index fe03dbdb34..f5e81054dc 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -222,33 +222,6 @@ _gnutls_session_cert_type_supported(gnutls_session_t session, return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; } -static void deinit_keys(gnutls_session_t session) -{ - gnutls_pk_params_release(&session->key.ecdh_params); - gnutls_pk_params_release(&session->key.dh_params); - zrelease_temp_mpi_key(&session->key.ecdh_x); - zrelease_temp_mpi_key(&session->key.ecdh_y); - - zrelease_temp_mpi_key(&session->key.client_Y); - - /* SRP */ - zrelease_temp_mpi_key(&session->key.srp_p); - zrelease_temp_mpi_key(&session->key.srp_g); - zrelease_temp_mpi_key(&session->key.srp_key); - - zrelease_temp_mpi_key(&session->key.u); - zrelease_temp_mpi_key(&session->key.a); - zrelease_temp_mpi_key(&session->key.x); - zrelease_temp_mpi_key(&session->key.A); - zrelease_temp_mpi_key(&session->key.B); - zrelease_temp_mpi_key(&session->key.b); - - /* RSA */ - zrelease_temp_mpi_key(&session->key.rsa[0]); - zrelease_temp_mpi_key(&session->key.rsa[1]); - - _gnutls_free_temp_key_datum(&session->key.key); -} /* this function deinitializes all the internal parameters stored * in a session struct. @@ -298,7 +271,6 @@ void _gnutls_handshake_internal_state_clear(gnutls_session_t session) _gnutls_handshake_internal_state_init(session); deinit_internal_params(session); - deinit_keys(session); _gnutls_epoch_gc(session); @@ -502,6 +474,30 @@ void gnutls_deinit(gnutls_session_t session) gnutls_credentials_clear(session); _gnutls_selected_certs_deinit(session); + gnutls_pk_params_release(&session->key.ecdh_params); + gnutls_pk_params_release(&session->key.dh_params); + zrelease_temp_mpi_key(&session->key.ecdh_x); + zrelease_temp_mpi_key(&session->key.ecdh_y); + + zrelease_temp_mpi_key(&session->key.client_Y); + + zrelease_temp_mpi_key(&session->key.srp_p); + zrelease_temp_mpi_key(&session->key.srp_g); + zrelease_temp_mpi_key(&session->key.srp_key); + + zrelease_temp_mpi_key(&session->key.u); + zrelease_temp_mpi_key(&session->key.a); + zrelease_temp_mpi_key(&session->key.x); + zrelease_temp_mpi_key(&session->key.A); + zrelease_temp_mpi_key(&session->key.B); + zrelease_temp_mpi_key(&session->key.b); + + /* RSA */ + zrelease_temp_mpi_key(&session->key.rsa[0]); + zrelease_temp_mpi_key(&session->key.rsa[1]); + + _gnutls_free_temp_key_datum(&session->key.key); + gnutls_free(session); } |