From: NaveenShivanna86 <navin.shivanna@gmail.com>
Date: Wed, 21 Aug 2019 06:28:29 +0000 (+0530)
Subject: 'init_buf' memory can be freed when DTLS is used over SCTP (not over UDP).
X-Git-Tag: OpenSSL_1_1_1e~199
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=a80de34b2769c35270d45bbae67c4b219c99156d;p=oweals%2Fopenssl.git

'init_buf' memory can be freed when DTLS is used over SCTP (not over UDP).

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9653)

(cherry picked from commit e7c27a6c3716843f8412fd96311b70ac84b785f9)
---

diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index ed52b18d3a..bd1d34f3b6 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -1033,14 +1033,25 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop)
     int cleanuphand = s->statem.cleanuphand;
 
     if (clearbufs) {
-        if (!SSL_IS_DTLS(s)) {
+        if (!SSL_IS_DTLS(s)
+#ifndef OPENSSL_NO_SCTP
             /*
-             * We don't do this in DTLS because we may still need the init_buf
+             * RFC6083: SCTP provides a reliable and in-sequence transport service for DTLS
+             * messages that require it. Therefore, DTLS procedures for retransmissions
+             * MUST NOT be used.
+             * Hence the init_buf can be cleared when DTLS over SCTP as transport is used.
+             */
+            || BIO_dgram_is_sctp(SSL_get_wbio(s))
+#endif
+            ) {
+            /*
+             * We don't do this in DTLS over UDP because we may still need the init_buf
              * in case there are any unexpected retransmits
              */
             BUF_MEM_free(s->init_buf);
             s->init_buf = NULL;
         }
+
         if (!ssl_free_wbio_buffer(s)) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_FINISH_HANDSHAKE,
                      ERR_R_INTERNAL_ERROR);