Opened 16 months ago

Closed 14 months ago

Last modified 14 months ago

#2179 closed enhancement (fixed)

Wipe out memory used for storing SSL keys before released

Reported by: nanang Owned by: nanang
Priority: normal Milestone: release-2.9
Component: pjlib Version: trunk
Keywords: Cc:
Backport to 1.x milestone: Backported: no

Description (last modified by nanang)

Zeroing our buffers should be sufficient as we cannot really manage the OpenSSL internal buffers. Moreover, it seems that OpenSSL already does wipe out its internal buffers, i.e: a lot of OpenSSL_cleanse() calls in OpenSSL source code, the function will fill a buffer with garbage or zero. But unfortunately cannot really find official docs about it.

Additionally, SSL socket pool content will be zeroed before released, it is done using a new API pj_pool_secure_release().

Thanks Peter Koletzki for the feedback.

Change History (4)

comment:1 Changed 14 months ago by nanang

  • Description modified (diff)

comment:2 Changed 14 months ago by nanang

  • Owner set to nanang
  • Resolution set to fixed
  • Status changed from new to closed

In 5990:

Close #2179: Wipe out memory used for storing SSL keys before released.

comment:3 Changed 14 months ago by nanang

In 5994:

Re #2179: Wipe out memory used for storing SSL keys in PJSIP TLS transport and pjsua app. Thanks Peter Koletzki for the feedback.

comment:4 Changed 14 months ago by nanang

In 5999:

Re #2179: Fixed linking error when PJSIP_HAS_TLS_TRANSPORT is not defined.

Note: See TracTickets for help on using tickets.