Changeset 5994 for pjproject/trunk/pjsip/src/pjsip/sip_transport_tls.c

Timestamp:

May 15, 2019 9:41:52 AM (5 years ago)

Author:

nanang

Message:

Re #2179: Wipe out memory used for storing SSL keys in PJSIP TLS transport and pjsua app. Thanks Peter Koletzki for the feedback.

File:

• pjproject/trunk/pjsip/src/pjsip/sip_transport_tls.c (modified) (5 diffs)

pjproject/trunk/pjsip/src/pjsip/sip_transport_tls.c

@@ -673 +673 @@
     if (listener->factory.pool) {
         PJ_LOG(4,(listener->factory.obj_name,  "SIP TLS transport destroyed"));
-        pj_pool_safe_release(&listener->factory.pool);
+        pj_pool_secure_release(&listener->factory.pool);
     }
 }
@@ -971 +971 @@
 
     if (tls->rdata.tp_info.pool) {
-        pj_pool_release(tls->rdata.tp_info.pool);
-        tls->rdata.tp_info.pool = NULL;
+        pj_pool_secure_release(&tls->rdata.tp_info.pool);
     }
 
@@ -986 +985 @@
 
     if (tls->base.pool) {
-        pj_pool_t *pool;
-
         if (tls->close_reason != PJ_SUCCESS) {
             char errmsg[PJ_ERR_MSG_SIZE];
@@ -1002 +999 @@
 
         }
-
-        pool = tls->base.pool;
-        tls->base.pool = NULL;
-        pj_pool_release(pool);
+        pj_pool_secure_release(&tls->base.pool);
     }
 }
@@ -2030 +2024 @@
 }
 
+
+static void wipe_buf(pj_str_t *buf)
+{
+    volatile char *p = buf->ptr;
+    pj_ssize_t len = buf->slen;
+    while (len--) *p++ = 0;
+    buf->slen = 0;
+}
+
+/*
+ * Wipe out certificates and keys in the TLS setting buffer.
+ */
+PJ_DEF(void) pjsip_tls_setting_wipe_keys(pjsip_tls_setting *opt)
+{
+    wipe_buf(&opt->ca_list_file);
+    wipe_buf(&opt->ca_list_path);
+    wipe_buf(&opt->cert_file);
+    wipe_buf(&opt->privkey_file);
+    wipe_buf(&opt->password);
+    wipe_buf(&opt->sigalgs);
+    wipe_buf(&opt->entropy_path);
+    wipe_buf(&opt->ca_buf);
+    wipe_buf(&opt->cert_buf);
+    wipe_buf(&opt->privkey_buf);    
+}
+
 #endif /* PJSIP_HAS_TLS_TRANSPORT */