boringssl/ssl
Steven Valdez 2f82a0e51b Don't stash tlsext_hostname in ssl_get_new_session.
ssl_get_new_session would stash a copy of the configured hostname
into the SSL_SESSION on the server. Servers have no reason to
configuring that anyway, but, if one did, we'd leak when filling in
the client-supplied SNI later.

Remove this code and guard against this by remembering to OPENSSL_free
when overwriting that field (although it should always be NULL).

Reported-By: Robert Swiecki <swiecki@google.com>
Change-Id: Ib901b5f82e5cf818060ef47a9585363e05dd9932
Reviewed-on: https://boringssl-review.googlesource.com/13631
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-02-06 18:42:53 +00:00
..
test Remove an unnecessary TLS 1.3 ClientHello state. 2017-02-03 20:03:37 +00:00
bio_ssl.c Move the SSL BIO into ssl/ from decrepit/. 2017-02-03 21:08:10 +00:00
CMakeLists.txt Move the SSL BIO into ssl/ from decrepit/. 2017-02-03 21:08:10 +00:00
custom_extensions.c Pass explicit hs parameters into custom_extensions.c. 2016-12-06 19:49:36 +00:00
d1_both.c Remove ssl_hash_message_t from ssl_get_message. 2017-01-27 23:23:57 +00:00
d1_lib.c Add a helper function for resetting SSL_get_error state. 2017-01-04 04:48:44 +00:00
d1_pkt.c Fold ssl3_write_bytes into ssl3_write_app_data. 2017-02-02 22:23:46 +00:00
d1_srtp.c Fix ssl_ctx_make_profiles error handling. 2016-09-27 13:27:06 +00:00
dtls_method.c Remove the rest of write_message. 2017-01-25 23:39:23 +00:00
dtls_record.c Don't use the buffer BIO in DTLS. 2017-01-25 23:35:32 +00:00
handshake_client.c Use a separate timeout scheme for TLS 1.3. 2017-02-02 19:51:49 +00:00
handshake_server.c Don't stash tlsext_hostname in ssl_get_new_session. 2017-02-06 18:42:53 +00:00
internal.h Fold ssl3_write_bytes into ssl3_write_app_data. 2017-02-02 22:23:46 +00:00
s3_both.c Remove ssl_hash_message_t from ssl_get_message. 2017-01-27 23:23:57 +00:00
s3_enc.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
s3_lib.c Don't use the buffer BIO in TLS. 2017-01-25 23:35:47 +00:00
s3_pkt.c Fold ssl3_write_bytes into ssl3_write_app_data. 2017-02-02 22:23:46 +00:00
ssl_aead_ctx.c Allow dtls_seal_record to work in-place. 2017-01-25 16:27:32 +00:00
ssl_asn1.c Use a separate timeout scheme for TLS 1.3. 2017-02-02 19:51:49 +00:00
ssl_buffer.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
ssl_cert.c Push the use of X509 upwards, out of |ssl_set_cert|. 2017-02-01 20:00:10 +00:00
ssl_cipher.c Remove old ChaCha20-Poly1305 AEAD. 2017-01-19 23:27:54 +00:00
ssl_ecdh.c Remove New Hope key agreement. 2016-12-10 01:06:31 +00:00
ssl_file.c Check for sk_X509_NAME_push failures. 2016-09-27 13:18:37 +00:00
ssl_lib.c Use a separate timeout scheme for TLS 1.3. 2017-02-02 19:51:49 +00:00
ssl_rsa_cc.cc Convert one libssl function to C++11. 2017-01-17 21:51:06 +00:00
ssl_rsa.c Push the use of X509 upwards, out of |ssl_set_cert|. 2017-02-01 20:00:10 +00:00
ssl_session.c Don't stash tlsext_hostname in ssl_get_new_session. 2017-02-06 18:42:53 +00:00
ssl_stat.c Remove the rest of write_message. 2017-01-25 23:39:23 +00:00
ssl_test.cc Add a basic SSL_get_certificate test. 2017-02-03 22:19:51 +00:00
ssl_x509.c Don't use |X509| objects in |CERT|, by default. 2017-01-27 16:21:05 +00:00
t1_enc.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
t1_lib.c Don't stash tlsext_hostname in ssl_get_new_session. 2017-02-06 18:42:53 +00:00
tls13_both.c Remove ssl_hash_message_t from ssl_get_message. 2017-01-27 23:23:57 +00:00
tls13_client.c Use a separate timeout scheme for TLS 1.3. 2017-02-02 19:51:49 +00:00
tls13_enc.c Work around language and compiler bug in memcpy, etc. 2016-12-21 20:34:47 +00:00
tls13_server.c Don't stash tlsext_hostname in ssl_get_new_session. 2017-02-06 18:42:53 +00:00
tls_method.c Remove the rest of write_message. 2017-01-25 23:39:23 +00:00
tls_record.c Don't use the buffer BIO in DTLS. 2017-01-25 23:35:32 +00:00