Clear peer's CRT chain outside before parsing new one
If an attempt for session resumption fails, the `session_negotiate` structure
might be partially filled, and in particular already contain a peer certificate
structure. This certificate structure needs to be freed before parsing the
certificate sent in the `Certificate` message.
This commit moves the code-path taking care of this from the helper
function `ssl_parse_certificate_chain()`, whose purpose should be parsing
only, to the top-level handler `mbedtls_ssl_parse_certificate()`.
The fact that we don't know the state of `ssl->session_negotiate` after
a failed attempt for session resumption is undesirable, and a separate
issue #2414 has been opened to improve on this.
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f89029b..6239d67 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -5798,9 +5798,6 @@
/* Make &ssl->in_msg[i] point to the beginning of the CRT chain. */
i += 3;
- /* In case we tried to reuse a session but it failed. */
- ssl_clear_peer_cert( ssl->session_negotiate );
-
/* Iterate through and parse the CRTs in the provided chain. */
while( i < ssl->in_hslen )
{
@@ -6038,6 +6035,9 @@
}
#endif /* MBEDTLS_SSL_SRV_C */
+ /* In case we tried to reuse a session but it failed. */
+ ssl_clear_peer_cert( ssl->session_negotiate );
+
if( ( ret = ssl_parse_certificate_chain( ssl ) ) != 0 )
{
ssl->state++;