From: Yann Ylavic <ylavic@apache.org>
Date: Fri, 24 Apr 2020 17:04:28 +0000 (+0000)
Subject: mod_ssl: follow up to r1876934: OSSL_PARAM_construct_*() make no copy.
X-Git-Tag: 2.5.0-alpha2-ci-test-only~1490
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=00c85f8083b56375d2c3344050373ed3b69c2019;p=thirdparty%2Fapache%2Fhttpd.git

mod_ssl: follow up to r1876934: OSSL_PARAM_construct_*() make no copy.

Pass OSSL_PARAM_construct_octet_string() an explicit copy of the MAC key
to avoid saving a pointer to stack.

While at it, cleanup secret data from buf before leaving.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1876937 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
index 4861df6f5d6..b48ff73009a 100644
--- a/modules/ssl/ssl_engine_init.c
+++ b/modules/ssl/ssl_engine_init.c
@@ -1608,7 +1608,8 @@ static apr_status_t ssl_init_ticket_key(server_rec *s,
                                            ssl_callback_SessionTicket);
 #else
     ticket_key->mac_params[0] =
-        OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY, buf + 16, 16);
+        OSSL_PARAM_construct_octet_string(OSSL_MAC_PARAM_KEY,
+                                          apr_pmemdup(p, buf + 16, 16), 16);
     ticket_key->mac_params[1] =
         OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST, "sha256", 0);
     ticket_key->mac_params[2] =
@@ -1616,6 +1617,7 @@ static apr_status_t ssl_init_ticket_key(server_rec *s,
     res = SSL_CTX_set_tlsext_ticket_key_evp_cb(mctx->ssl_ctx,
                                                ssl_callback_SessionTicket);
 #endif
+    memset(buf, 0, sizeof(buf));
     if (!res) {
         ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(01913)
                      "Unable to initialize TLS session ticket key callback "