From 0bdca5d51f203cf414d645e75ac197e3fadfadc8 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Fri, 10 May 2019 06:30:12 +0200 Subject: _gnutls_srp_entry_free: follow consistent behavior in freeing data _gnutls_srp_entry_free would previously not free any parameters that were known to gnutls to account for documented behavior of gnutls_srp_set_server_credentials_function(). This was not updated when the newly added 8192 parameter was added to the library. This introduces a safety check for generator parameters, even though in practice they are the same pointer. Resolves: #761 Signed-off-by: Nikos Mavrogiannopoulos --- NEWS | 3 +++ lib/auth/srp_passwd.c | 12 ++++++++---- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/NEWS b/NEWS index 0ada7c1a31..b2e312e62b 100644 --- a/NEWS +++ b/NEWS @@ -11,6 +11,9 @@ See the end for copying conditions. ** libgnutls: Added new function to retrieve early keying material (#329) +** libgnutls: the gnutls_srp_set_server_credentials_function can be used + with the 8192 parameters as well (#995). + ** API and ABI modifications: gnutls_prf_early: Added diff --git a/lib/auth/srp_passwd.c b/lib/auth/srp_passwd.c index ad1937c962..6902be3d26 100644 --- a/lib/auth/srp_passwd.c +++ b/lib/auth/srp_passwd.c @@ -447,20 +447,24 @@ void _gnutls_srp_entry_free(SRP_PWD_ENTRY * entry) _gnutls_free_key_datum(&entry->v); _gnutls_free_datum(&entry->salt); - if ((entry->g.data != gnutls_srp_1024_group_generator.data) - && (entry->g.data != gnutls_srp_3072_group_generator.data)) + if ((entry->g.data != gnutls_srp_1024_group_generator.data) && + (entry->g.data != gnutls_srp_1536_group_generator.data) && + (entry->g.data != gnutls_srp_2048_group_generator.data) && + (entry->g.data != gnutls_srp_3072_group_generator.data) && + (entry->g.data != gnutls_srp_4096_group_generator.data) && + (entry->g.data != gnutls_srp_8192_group_generator.data)) _gnutls_free_datum(&entry->g); if (entry->n.data != gnutls_srp_1024_group_prime.data && entry->n.data != gnutls_srp_1536_group_prime.data && entry->n.data != gnutls_srp_2048_group_prime.data && entry->n.data != gnutls_srp_3072_group_prime.data && - entry->n.data != gnutls_srp_4096_group_prime.data) + entry->n.data != gnutls_srp_4096_group_prime.data && + entry->n.data != gnutls_srp_8192_group_prime.data) _gnutls_free_datum(&entry->n); gnutls_free(entry->username); gnutls_free(entry); } - #endif /* ENABLE SRP */ -- cgit v1.2.1