goto f_err;
}
- if (s->hit && (s->session->cipher != c))
+ /* Depending on the session caching (internal/external), the cipher
+ and/or cipher_id values may not be set. Make sure that
+ cipher_id is set and use it for comparison. */
+ if (s->session->cipher)
+ s->session->cipher_id = s->session->cipher->id;
+ if (s->hit && (s->session->cipher_id != c->id))
{
if (!(s->options &
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
s->method->ssl3_enc->generate_master_secret(s,
s->session->master_key,
tmp_buf,sizeof tmp_buf);
- memset(tmp_buf,0,sizeof tmp_buf);
+ OPENSSL_cleanse(tmp_buf,sizeof tmp_buf);
}
#endif
#ifndef OPENSSL_NO_KRB5
s->session->master_key,
tmp_buf, sizeof tmp_buf);
- memset(tmp_buf, 0, sizeof tmp_buf);
- memset(epms, 0, outl);
+ OPENSSL_cleanse(tmp_buf, sizeof tmp_buf);
+ OPENSSL_cleanse(epms, outl);
}
#endif
#ifndef OPENSSL_NO_DH