Clear peer's CRT chain outside before parsing new one

If an attempt for session resumption fails, the `session_negotiate` structure might be partially filled, and in particular already contain a peer certificate structure. This certificate structure needs to be freed before parsing the certificate sent in the `Certificate` message. This commit moves the code-path taking care of this from the helper function `ssl_parse_certificate_chain()`, whose purpose should be parsing only, to the top-level handler `mbedtls_ssl_parse_certificate()`. The fact that we don't know the state of `ssl->session_negotiate` after a failed attempt for session resumption is undesirable, and a separate issue #2414 has been opened to improve on this.
2025-10-30 11:11:12 -04:00 · 2019-02-05 13:08:01 +00:00 · 2019-02-05 13:08:01 +00:00 · 7a955a043e
commit 7a955a043e
parent 4a55f638e2
1 changed files with 3 additions and 3 deletions
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@ -5798,9 +5798,6 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl )
    /* Make &ssl->in_msg[i] point to the beginning of the CRT chain. */
    i += 3;

-    /* In case we tried to reuse a session but it failed. */
-    ssl_clear_peer_cert( ssl->session_negotiate );
-
    /* Iterate through and parse the CRTs in the provided chain. */
    while( i < ssl->in_hslen )
    {
@ -6038,6 +6035,9 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
    }
 #endif /* MBEDTLS_SSL_SRV_C */

+    /* In case we tried to reuse a session but it failed. */
+    ssl_clear_peer_cert( ssl->session_negotiate );
+
    if( ( ret = ssl_parse_certificate_chain( ssl ) ) != 0 )
    {
        ssl->state++;