Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18132)
static void tls_int_free(OSSL_RECORD_LAYER *rl)
{
- /* TODO(RECLAYER): Cleanse sensitive fields */
BIO_free(rl->prev);
BIO_free(rl->bio);
BIO_free(rl->next);
COMP_CTX_free(rl->expand);
#endif
+ if (rl->version == SSL3_VERSION)
+ OPENSSL_cleanse(rl->mac_secret, sizeof(rl->mac_secret));
+
OPENSSL_free(rl);
}