passepartoutvpn
/
tunnelkit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Reset rather than nil out Authenticator 

For reuse in control channel.
This commit is contained in:
Davide De Rosa 2020-02-29 19:11:15 +01:00
parent a7aa78141e
commit f6d915e6dd
2 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
TunnelKit/Sources/Protocols/OpenVPN/Authenticator.swift
View File

@ -62,9 +62,9 @@ extension OpenVPN {
private(set) var serverRandom2: ZeroingData? private(set) var serverRandom2: ZeroingData?
let username: ZeroingData? private(set) var username: ZeroingData?
let password: ZeroingData? private(set) var password: ZeroingData?
var withLocalOptions: Bool var withLocalOptions: Bool
@ -87,6 +87,17 @@ extension OpenVPN {
controlBuffer = Z() controlBuffer = Z()
} }
func reset() {
controlBuffer.zero()
preMaster.zero()
random1.zero()
random2.zero()
serverRandom1?.zero()
serverRandom2?.zero()
username = nil
password = nil
}
// MARK: Authentication request // MARK: Authentication request
// Ruby: on_tls_connect // Ruby: on_tls_connect

2
TunnelKit/Sources/Protocols/OpenVPN/OpenVPNSession.swift
View File

@ -745,7 +745,7 @@ public class OpenVPNSession: Session {
private func completeConnection() { private func completeConnection() {
setupEncryption() setupEncryption()
authenticator = nil authenticator?.reset()
negotiationKey.controlState = .connected negotiationKey.controlState = .connected
connectedDate = Date() connectedDate = Date()
transitionKeys() transitionKeys()