From a46c28779655a75650c3d74963760870892001e9 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 5 Feb 2019 13:08:01 +0000 Subject: [PATCH] Clear peer's CRT chain outside before parsing new one If an attempt for session resumption fails, the `session_negotiate` structure might be partially filled, and in particular already contain a peer certificate structure. This certificate structure needs to be freed before parsing the certificate sent in the `Certificate` message. This commit moves the code-path taking care of this from the helper function `ssl_parse_certificate_chain()`, whose purpose should be parsing only, to the top-level handler `mbedtls_ssl_parse_certificate()`. The fact that we don't know the state of `ssl->session_negotiate` after a failed attempt for session resumption is undesirable, and a separate issue #2414 has been opened to improve on this. --- library/ssl_tls.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 389b2f2d3..a5d9ca5de 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -6212,9 +6212,6 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl ) /* Make &ssl->in_msg[i] point to the beginning of the CRT chain. */ i += 3; - /* In case we tried to reuse a session but it failed. */ - ssl_clear_peer_cert( ssl->session_negotiate ); - /* Iterate through and parse the CRTs in the provided chain. */ while( i < ssl->in_hslen ) { @@ -6452,6 +6449,9 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) } #endif /* MBEDTLS_SSL_SRV_C */ + /* In case we tried to reuse a session but it failed. */ + ssl_clear_peer_cert( ssl->session_negotiate ); + if( ( ret = ssl_parse_certificate_chain( ssl ) ) != 0 ) { ssl->state++;