From 2db811a8ec7158fed542b0e11d3ef3eb5bbf207c Mon Sep 17 00:00:00 2001 From: jsing Date: Fri, 14 Apr 2017 15:32:41 +0000 Subject: [PATCH] Use freezero(3) when cleaning up session tickets - not only does it require less code, but there is also a potential performance gain since they can be larger allocations. --- lib/libssl/ssl_srvr.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/lib/libssl/ssl_srvr.c b/lib/libssl/ssl_srvr.c index 31b869e5524..8ea1adf7baf 100644 --- a/lib/libssl/ssl_srvr.c +++ b/lib/libssl/ssl_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_srvr.c,v 1.13 2017/04/14 15:26:53 jsing Exp $ */ +/* $OpenBSD: ssl_srvr.c,v 1.14 2017/04/14 15:32:41 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2696,17 +2696,14 @@ ssl3_send_newsession_ticket(SSL *s) s->internal->state = SSL3_ST_SW_SESSION_TICKET_B; - explicit_bzero(senc, slen_full); - free(senc); + freezero(senc, slen_full); } /* SSL3_ST_SW_SESSION_TICKET_B */ return (ssl3_handshake_write(s)); err: - if (senc != NULL) - explicit_bzero(senc, slen_full); - free(senc); + freezero(senc, slen_full); return (-1); } -- 2.20.1