diff options
author | jsing <jsing@openbsd.org> | 2017-04-10 16:48:43 +0000 |
---|---|---|
committer | jsing <jsing@openbsd.org> | 2017-04-10 16:48:43 +0000 |
commit | 56dcd57b57dad8b070841b90ce5a824b6ae461af (patch) | |
tree | e902e541b1c9d5b92b70bc01c534e8227dc4ce9e /lib/libssl/t1_enc.c | |
parent | Use freezero() for i2d_SSL_SESSION() - one line of code instead of three. (diff) | |
download | wireguard-openbsd-56dcd57b57dad8b070841b90ce5a824b6ae461af.tar.xz wireguard-openbsd-56dcd57b57dad8b070841b90ce5a824b6ae461af.zip |
freezero() the key block; simpler code and less of it.
Diffstat (limited to 'lib/libssl/t1_enc.c')
-rw-r--r-- | lib/libssl/t1_enc.c | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c index e3ffe0472ee..ce57235cea8 100644 --- a/lib/libssl/t1_enc.c +++ b/lib/libssl/t1_enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_enc.c,v 1.107 2017/03/25 13:42:29 jsing Exp $ */ +/* $OpenBSD: t1_enc.c,v 1.108 2017/04/10 16:48:43 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -152,12 +152,8 @@ int tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len, void tls1_cleanup_key_block(SSL *s) { - if (S3I(s)->tmp.key_block != NULL) { - explicit_bzero(S3I(s)->tmp.key_block, - S3I(s)->tmp.key_block_length); - free(S3I(s)->tmp.key_block); - S3I(s)->tmp.key_block = NULL; - } + freezero(S3I(s)->tmp.key_block, S3I(s)->tmp.key_block_length); + S3I(s)->tmp.key_block = NULL; S3I(s)->tmp.key_block_length = 0; } |