From 5b326dc529e19194feaef9a65fa37efbe11eaa7e Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 13 Feb 2016 02:27:33 +0000 Subject: [PATCH] Free and zero DH/ECDH temporary key after use. PR#4303 Reviewed-by: Viktor Dukhovni --- ssl/statem/statem_srvr.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 4d40d0f9f3..e4c018a9db 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2360,6 +2360,8 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt) EVP_PKEY_free(ckey); ckey = NULL; + EVP_PKEY_free(s->s3->tmp.pkey); + s->s3->tmp.pkey = NULL; } else #endif @@ -2412,6 +2414,8 @@ MSG_PROCESS_RETURN tls_process_client_key_exchange(SSL *s, PACKET *pkt) EVP_PKEY_free(ckey); ckey = NULL; + EVP_PKEY_free(s->s3->tmp.pkey); + s->s3->tmp.pkey = NULL; return MSG_PROCESS_CONTINUE_PROCESSING; } else -- 2.25.1