arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-04-19 23:22:16 +03:00
Code

Purge certificates only when expanding plaintext buffer

Browse Source
This commit is contained in:
Ivan Grokhotkov 2016-06-13 00:50:25 +08:00
parent f41146fb17
commit ab516f799d
1 changed files with 3 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ssl/tls1.c
View File

@ -288,10 +288,6 @@ EXP_FUNC int STDCALL ssl_write(SSL *ssl, const uint8_t *out_data, int out_len)
int n = out_len, nw, i, tot = 0; int n = out_len, nw, i, tot = 0;
/* maximum size of a TLS packet is around 16kB, so fragment */ /* maximum size of a TLS packet is around 16kB, so fragment */
if (ssl->can_free_certificates) {
certificate_free(ssl);
}
do do
{ {
nw = n; nw = n;
@ -1226,10 +1222,6 @@ int basic_read(SSL *ssl, uint8_t **in_data)
int read_len, is_client = IS_SET_SSL_FLAG(SSL_IS_CLIENT); int read_len, is_client = IS_SET_SSL_FLAG(SSL_IS_CLIENT);
uint8_t *buf = ssl->bm_data; uint8_t *buf = ssl->bm_data;
if (ssl->can_free_certificates) {
certificate_free(ssl);
}
read_len = SOCKET_READ(ssl->client_fd, &buf[ssl->bm_read_index], read_len = SOCKET_READ(ssl->client_fd, &buf[ssl->bm_read_index],
ssl->need_bytes-ssl->got_bytes); ssl->need_bytes-ssl->got_bytes);
@ -1436,6 +1428,9 @@ int increase_bm_data_size(SSL *ssl, size_t size)
if (ssl->max_plain_length == RT_MAX_PLAIN_LENGTH) { if (ssl->max_plain_length == RT_MAX_PLAIN_LENGTH) {
return SSL_OK; return SSL_OK;
} }
if (ssl->can_free_certificates) {
certificate_free(ssl);
}
size_t required = (size + 1023) & ~(1023); // round up to 1k size_t required = (size + 1023) & ~(1023); // round up to 1k
required = (required < RT_MAX_PLAIN_LENGTH) ? required : RT_MAX_PLAIN_LENGTH; required = (required < RT_MAX_PLAIN_LENGTH) ? required : RT_MAX_PLAIN_LENGTH;
uint8_t* new_bm_all_data = (uint8_t*) realloc(ssl->bm_all_data, required + RT_EXTRA); uint8_t* new_bm_all_data = (uint8_t*) realloc(ssl->bm_all_data, required + RT_EXTRA);