Merge branch 'tmp-clear-session-ticket-keys' into 'master'

Wipe session ticket keys before releasing the session structure See merge request gnutls/gnutls!1289
author: Daiki Ueno <ueno@gnu.org> 2020-06-21 08:16:43 +0000
committer: Daiki Ueno <ueno@gnu.org> 2020-06-21 08:16:43 +0000
commit: f2722162abb016812870a4eaca14aa98f83ad385 (patch)
tree: 9c3b8880b212517a74f55c3c7c8237d5b22a99c9
parent: 974b1ac12fc0d91ad64e4f9174b98601ab10df91 (diff)
parent: b58696758c709b97a4b77879d2d3758c2d4bdc1f (diff)
download: gnutls-f2722162abb016812870a4eaca14aa98f83ad385.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/state.c b/lib/state.c
index 7d0a77dc95..817a7b8cd8 100644
--- a/lib/state.c
+++ b/lib/state.c
@@ -714,6 +714,14 @@ void gnutls_deinit(gnutls_session_t session)
 	/* overwrite any temp TLS1.3 keys */
 	gnutls_memset(&session->key.proto, 0, sizeof(session->key.proto));
 
+	/* clear session ticket keys */
+	gnutls_memset(&session->key.session_ticket_key, 0,
+	              TICKET_MASTER_KEY_SIZE);
+	gnutls_memset(&session->key.previous_ticket_key, 0,
+	              TICKET_MASTER_KEY_SIZE);
+	gnutls_memset(&session->key.initial_stek, 0,
+	              TICKET_MASTER_KEY_SIZE);
+
 	gnutls_mutex_deinit(&session->internals.post_negotiation_lock);
 	gnutls_mutex_deinit(&session->internals.epoch_lock);
author	Daiki Ueno <ueno@gnu.org>	2020-06-21 08:16:43 +0000
committer	Daiki Ueno <ueno@gnu.org>	2020-06-21 08:16:43 +0000
commit	f2722162abb016812870a4eaca14aa98f83ad385 (patch)
tree	9c3b8880b212517a74f55c3c7c8237d5b22a99c9
parent	974b1ac12fc0d91ad64e4f9174b98601ab10df91 (diff)
parent	b58696758c709b97a4b77879d2d3758c2d4bdc1f (diff)
download	gnutls-f2722162abb016812870a4eaca14aa98f83ad385.tar.gz