TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 8372454615207dc701b0fa845a43e2793ad40d41^! / . / library / ssl_tls.c
commit8372454615207dc701b0fa845a43e2793ad40d41[log] [tgz]
authorManuel Pégourié-Gonnard <mpg@elzevir.fr>Tue Sep 24 22:30:56 2013 +0200
committerManuel Pégourié-Gonnard <mpg@elzevir.fr>Tue Sep 24 22:30:56 2013 +0200
tree1a72489bd3ce43fe7e110c0d9dbd36f724558e2d
parentb095a7bf290c9d78260ed94f8d33f0ce98f78f7e [diff] [blame]
Rework SNI to fix memory issues

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index a94751b..388ce8d 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -4170,9 +4170,23 @@
     polarssl_free( handshake->curves );
 #endif
 
-#if defined(POLARSSL_X509_CRT_PARSE_C)
-    if( handshake->free_key_cert != 0 )
-        ssl_key_cert_free( handshake->key_cert );
+#if defined(POLARSSL_X509_CRT_PARSE_C) && \
+    defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
+    /*
+     * Free only the linked list wrapper, not the keys themselves
+     * since the belong to the SNI callback
+     */
+    if( handshake->sni_key_cert != NULL )
+    {
+        ssl_key_cert *cur = handshake->sni_key_cert, *next;
+
+        while( cur != NULL )
+        {
+            next = cur->next;
+            polarssl_free( cur );
+            cur = next;
+        }
+    }
 #endif
 
     memset( handshake, 0, sizeof( ssl_handshake_params ) );