Changeset 5994
- Timestamp:
- May 15, 2019 9:41:52 AM (5 years ago)
- Location:
- pjproject/trunk
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
pjproject/trunk/pjsip-apps/src/pjsua/pjsua_app.c
r5918 r5994 1794 1794 status = pjsua_set_null_snd_dev(); 1795 1795 if (status != PJ_SUCCESS) 1796 return status;1796 goto on_error; 1797 1797 } 1798 1798 #endif … … 1811 1811 call_opt.aud_cnt = app_config.aud_cnt; 1812 1812 call_opt.vid_cnt = app_config.vid.vid_cnt; 1813 1814 /* Wipe out TLS key settings in transport configs */ 1815 pjsip_tls_setting_wipe_keys(&app_config.udp_cfg.tls_setting); 1813 1816 1814 1817 pj_pool_release(tmp_pool); … … 1960 1963 cli_telnet_port = app_config.cli_cfg.telnet_cfg.port; 1961 1964 } 1965 1966 /* Wipe out TLS key settings in transport configs */ 1967 pjsip_tls_setting_wipe_keys(&app_config.udp_cfg.tls_setting); 1962 1968 1963 1969 /* Reset config */ -
pjproject/trunk/pjsip/include/pjsip/sip_transport_tls.h
r5889 r5994 418 418 } 419 419 } 420 421 422 /** 423 * Wipe out certificates and keys in the TLS setting buffer. 424 * 425 * @param opt TLS setting. 426 */ 427 PJ_DECL(void) pjsip_tls_setting_wipe_keys(pjsip_tls_setting *opt); 420 428 421 429 -
pjproject/trunk/pjsip/src/pjsip/sip_transport_tls.c
r5991 r5994 673 673 if (listener->factory.pool) { 674 674 PJ_LOG(4,(listener->factory.obj_name, "SIP TLS transport destroyed")); 675 pj_pool_s afe_release(&listener->factory.pool);675 pj_pool_secure_release(&listener->factory.pool); 676 676 } 677 677 } … … 971 971 972 972 if (tls->rdata.tp_info.pool) { 973 pj_pool_release(tls->rdata.tp_info.pool); 974 tls->rdata.tp_info.pool = NULL; 973 pj_pool_secure_release(&tls->rdata.tp_info.pool); 975 974 } 976 975 … … 986 985 987 986 if (tls->base.pool) { 988 pj_pool_t *pool;989 990 987 if (tls->close_reason != PJ_SUCCESS) { 991 988 char errmsg[PJ_ERR_MSG_SIZE]; … … 1002 999 1003 1000 } 1004 1005 pool = tls->base.pool; 1006 tls->base.pool = NULL; 1007 pj_pool_release(pool); 1001 pj_pool_secure_release(&tls->base.pool); 1008 1002 } 1009 1003 } … … 2030 2024 } 2031 2025 2026 2027 static void wipe_buf(pj_str_t *buf) 2028 { 2029 volatile char *p = buf->ptr; 2030 pj_ssize_t len = buf->slen; 2031 while (len--) *p++ = 0; 2032 buf->slen = 0; 2033 } 2034 2035 /* 2036 * Wipe out certificates and keys in the TLS setting buffer. 2037 */ 2038 PJ_DEF(void) pjsip_tls_setting_wipe_keys(pjsip_tls_setting *opt) 2039 { 2040 wipe_buf(&opt->ca_list_file); 2041 wipe_buf(&opt->ca_list_path); 2042 wipe_buf(&opt->cert_file); 2043 wipe_buf(&opt->privkey_file); 2044 wipe_buf(&opt->password); 2045 wipe_buf(&opt->sigalgs); 2046 wipe_buf(&opt->entropy_path); 2047 wipe_buf(&opt->ca_buf); 2048 wipe_buf(&opt->cert_buf); 2049 wipe_buf(&opt->privkey_buf); 2050 } 2051 2032 2052 #endif /* PJSIP_HAS_TLS_TRANSPORT */
Note: See TracChangeset
for help on using the changeset viewer.