ssl_client2/ssl_server2: Rework ordering of cleanup
Signed-off-by: Przemyslaw Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemyslaw Stekiel
parent
505712338e
commit
d6914e3196
2 changed files with 46 additions and 43 deletions
|
|
@ -3019,6 +3019,19 @@ exit:
|
|||
|
||||
mbedtls_net_free( &server_fd );
|
||||
|
||||
mbedtls_ssl_free( &ssl );
|
||||
mbedtls_ssl_config_free( &conf );
|
||||
mbedtls_ssl_session_free( &saved_session );
|
||||
|
||||
if( session_data != NULL )
|
||||
mbedtls_platform_zeroize( session_data, session_data_len );
|
||||
mbedtls_free( session_data );
|
||||
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
|
||||
if( context_buf != NULL )
|
||||
mbedtls_platform_zeroize( context_buf, context_buf_len );
|
||||
mbedtls_free( context_buf );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
mbedtls_x509_crt_free( &clicert );
|
||||
mbedtls_x509_crt_free( &cacert );
|
||||
|
|
@ -3049,10 +3062,6 @@ exit:
|
|||
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED &&
|
||||
MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
mbedtls_ssl_session_free( &saved_session );
|
||||
mbedtls_ssl_free( &ssl );
|
||||
mbedtls_ssl_config_free( &conf );
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
const char* message = mbedtls_test_helper_is_psa_leaking();
|
||||
if( message )
|
||||
|
|
@ -3071,14 +3080,6 @@ exit:
|
|||
#endif
|
||||
|
||||
rng_free( &rng );
|
||||
if( session_data != NULL )
|
||||
mbedtls_platform_zeroize( session_data, session_data_len );
|
||||
mbedtls_free( session_data );
|
||||
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
|
||||
if( context_buf != NULL )
|
||||
mbedtls_platform_zeroize( context_buf, context_buf_len );
|
||||
mbedtls_free( context_buf );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_TEST_HOOKS)
|
||||
if( test_hooks_failure_detected( ) )
|
||||
|
|
|
|||
|
|
@ -3951,9 +3951,35 @@ exit:
|
|||
mbedtls_net_free( &client_fd );
|
||||
mbedtls_net_free( &listen_fd );
|
||||
|
||||
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
|
||||
mbedtls_dhm_free( &dhm );
|
||||
mbedtls_ssl_free( &ssl );
|
||||
mbedtls_ssl_config_free( &conf );
|
||||
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_cache_free( &cache );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
mbedtls_ssl_ticket_free( &ticket_ctx );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_COOKIE_C)
|
||||
mbedtls_ssl_cookie_free( &cookie_ctx );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
|
||||
if( context_buf != NULL )
|
||||
mbedtls_platform_zeroize( context_buf, context_buf_len );
|
||||
mbedtls_free( context_buf );
|
||||
#endif
|
||||
|
||||
#if defined(SNI_OPTION)
|
||||
sni_free( sni_info );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||
ret = psk_free( psk_info );
|
||||
if( ( ret != 0 ) && ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) )
|
||||
mbedtls_printf( "Failed to list of opaque PSKs - error was %d\n", ret );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||
mbedtls_x509_crt_free( &cacert );
|
||||
mbedtls_x509_crt_free( &srvcert );
|
||||
|
|
@ -3965,6 +3991,11 @@ exit:
|
|||
psa_destroy_key( key_slot2 );
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
|
||||
mbedtls_dhm_free( &dhm );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
|
||||
for( i = 0; (size_t) i < ssl_async_keys.slots_used; i++ )
|
||||
{
|
||||
|
|
@ -3976,17 +4007,6 @@ exit:
|
|||
}
|
||||
}
|
||||
#endif
|
||||
#if defined(SNI_OPTION)
|
||||
sni_free( sni_info );
|
||||
#endif
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||
ret = psk_free( psk_info );
|
||||
if( ( ret != 0 ) && ( opt.query_config_mode == DFL_QUERY_CONFIG_MODE ) )
|
||||
mbedtls_printf( "Failed to list of opaque PSKs - error was %d\n", ret );
|
||||
#endif
|
||||
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_FS_IO)
|
||||
mbedtls_dhm_free( &dhm );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED) && \
|
||||
defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
|
|
@ -4007,16 +4027,6 @@ exit:
|
|||
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED &&
|
||||
MBEDTLS_USE_PSA_CRYPTO */
|
||||
|
||||
#if defined(MBEDTLS_SSL_CACHE_C)
|
||||
mbedtls_ssl_cache_free( &cache );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
|
||||
mbedtls_ssl_ticket_free( &ticket_ctx );
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_COOKIE_C)
|
||||
mbedtls_ssl_cookie_free( &cookie_ctx );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
||||
const char* message = mbedtls_test_helper_is_psa_leaking();
|
||||
if( message )
|
||||
|
|
@ -4034,18 +4044,10 @@ exit:
|
|||
mbedtls_psa_crypto_free( );
|
||||
#endif
|
||||
|
||||
mbedtls_ssl_free( &ssl );
|
||||
mbedtls_ssl_config_free( &conf );
|
||||
rng_free( &rng );
|
||||
|
||||
mbedtls_free( buf );
|
||||
|
||||
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
|
||||
if( context_buf != NULL )
|
||||
mbedtls_platform_zeroize( context_buf, context_buf_len );
|
||||
mbedtls_free( context_buf );
|
||||
#endif
|
||||
|
||||
#if defined(MBEDTLS_TEST_HOOKS)
|
||||
/* Let test hooks detect errors such as resource leaks.
|
||||
* Don't do it in query_config mode, because some test code prints
|
||||
|
|
|
|||
Loading…
Reference in a new issue