Ignore:
Timestamp:
May 15, 2019 2:43:01 AM (5 years ago)
Author:
nanang
Message:

Close #2179: Wipe out memory used for storing SSL keys before released.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • pjproject/trunk/pjlib/src/pj/ssl_sock_ossl.c

    r5980 r5990  
    10521052    } 
    10531053 
     1054    /* Early sensitive data cleanup after OpenSSL context setup. However, 
     1055     * this cannot be done for listener sockets, as the data will still 
     1056     * be needed by accepted sockets. 
     1057     */ 
     1058    if (cert && (!ssock->is_server || ssock->parent)) { 
     1059        wipe_cert_buffer(cert); 
     1060    } 
     1061 
    10541062    /* Create SSL instance */ 
    10551063    ossock->ossl_ctx = ctx; 
Note: See TracChangeset for help on using the changeset viewer.