From 56dcd57b57dad8b070841b90ce5a824b6ae461af Mon Sep 17 00:00:00 2001 From: jsing Date: Mon, 10 Apr 2017 16:48:43 +0000 Subject: [PATCH] freezero() the key block; simpler code and less of it. --- lib/libssl/t1_enc.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/lib/libssl/t1_enc.c b/lib/libssl/t1_enc.c index e3ffe0472ee..ce57235cea8 100644 --- a/lib/libssl/t1_enc.c +++ b/lib/libssl/t1_enc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_enc.c,v 1.107 2017/03/25 13:42:29 jsing Exp $ */ +/* $OpenBSD: t1_enc.c,v 1.108 2017/04/10 16:48:43 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -152,12 +152,8 @@ int tls1_PRF(SSL *s, const unsigned char *secret, size_t secret_len, void tls1_cleanup_key_block(SSL *s) { - if (S3I(s)->tmp.key_block != NULL) { - explicit_bzero(S3I(s)->tmp.key_block, - S3I(s)->tmp.key_block_length); - free(S3I(s)->tmp.key_block); - S3I(s)->tmp.key_block = NULL; - } + freezero(S3I(s)->tmp.key_block, S3I(s)->tmp.key_block_length); + S3I(s)->tmp.key_block = NULL; S3I(s)->tmp.key_block_length = 0; } -- 2.20.1