Message ID | 20201023120259.29783-2-arne@rfc2549.org |
---|---|
State | Accepted |
Headers | show |
Series | [Openvpn-devel] Remove --disable-def-auth configure argument | expand |
Acked-by: Gert Doering <gert@greenie.muc.de> "This was an easy one" - documentation is good. Your patch has been applied to the master branch. commit 8292102b102ff62d6b7ed1254076b822cb113162 Author: Arne Schwabe Date: Fri Oct 23 14:02:54 2020 +0200 Add more documentation about our internal TLS functions Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de> Message-Id: <20201023120259.29783-2-arne@rfc2549.org> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21220.html Signed-off-by: Gert Doering <gert@greenie.muc.de> -- kind regards, Gert Doering
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 618cc9cc..98ce38f9 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -1109,7 +1109,10 @@ tls_session_init(struct tls_multi *multi, struct tls_session *session) * @param session - A pointer to the \c tls_session structure to be * cleaned up. * @param clear - Whether the memory allocated for the \a session - * object should be overwritten with 0s. + * object should be overwritten with 0s. This + * implicitly sets many states to 0/false, + * e.g. the validity of the keys in the structure + * */ static void tls_session_free(struct tls_session *session, bool clear) @@ -1118,6 +1121,9 @@ tls_session_free(struct tls_session *session, bool clear) for (size_t i = 0; i < KS_SIZE; ++i) { + /* we don't need clear=true for this call since + * the structs are part of session and get cleared + * as part of session */ key_state_free(&session->key[i], false); }
Signed-off-by: Arne Schwabe <arne@rfc2549.org> --- src/openvpn/ssl.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-)