tls-crypto: Destroy HKDF instance if keys are derived multiple times

author Tobias Brunner <tobias@strongswan.org>

Tue, 25 Aug 2020 15:13:17 +0000 (17:13 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Fri, 12 Feb 2021 10:45:44 +0000 (11:45 +0100)
author Tobias Brunner <tobias@strongswan.org>
Tue, 25 Aug 2020 15:13:17 +0000 (17:13 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Fri, 12 Feb 2021 10:45:44 +0000 (11:45 +0100)
diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c

index 494a6930a708ad68f011cebddc726b8145914647..04fe4ef0f40046fd8f938dab3d9bd4750927bcf0 100644 (file)
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@@ -1270,6 +1270,7 @@ static void destroy_aeads(private_tls_crypto_t *this)
  static bool create_ciphers(private_tls_crypto_t *this, suite_algs_t *algs)
  {
         destroy_aeads(this);
+       DESTROY_IF(this->hkdf);
         DESTROY_IF(this->prf);
         if (this->tls->get_version_max(this->tls) < TLS_1_3)
         {
author	Tobias Brunner <tobias@strongswan.org>
	Tue, 25 Aug 2020 15:13:17 +0000 (17:13 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Fri, 12 Feb 2021 10:45:44 +0000 (11:45 +0100)