fix(mbedtls): fix mbedtls dynamic resource memory leaks and RSA cert drop earlier

RX process caches the session information in "ssl->in_ctr" not in "ssl->in_buf". So when freeing the SSL, can't free the "ssl->in_ctr", because the "ssl->in_buf" is empty. Make the RX process like TX process, and cache the session information in "ssl->in_buf", so that the cache buffer can be freed when freeing the SSL. Closes https://github.com/espressif/esp-idf/issues/6104
2025-12-16 04:22:22 +00:00 · 2020-11-12 15:17:21 +08:00
parent 2558830339
commit 1c9592efc4
4 changed files with 59 additions and 16 deletions
--- a/components/mbedtls/port/dynamic/esp_ssl_cli.c
+++ b/components/mbedtls/port/dynamic/esp_ssl_cli.c
@@ -73,7 +73,17 @@ static int manage_resource(mbedtls_ssl_context *ssl, bool add)
                    CHECK_OK(esp_mbedtls_free_rx_buffer(ssl));
                }
 #ifdef CONFIG_MBEDTLS_DYNAMIC_FREE_PEER_CERT
-                esp_mbedtls_free_peer_cert(ssl);
+                /**
+                 * If current ciphersuite is RSA, we should free peer'
+                 * certificate at step  MBEDTLS_SSL_CLIENT_KEY_EXCHANGE.
+                 *
+                 * And if it is other kinds of ciphersuite, we can free
+                 * peer certificate here.
+                 */
+
+                if (esp_mbedtls_ssl_is_rsa(ssl) == false) {
+                    esp_mbedtls_free_peer_cert(ssl);
+                }
 #endif
            }
            break;
@@ -123,6 +133,12 @@ static int manage_resource(mbedtls_ssl_context *ssl, bool add)
                size_t buffer_len = MBEDTLS_SSL_OUT_BUFFER_LEN;

                CHECK_OK(esp_mbedtls_add_tx_buffer(ssl, buffer_len));
+            } else {
+#ifdef CONFIG_MBEDTLS_DYNAMIC_FREE_PEER_CERT
+                if (esp_mbedtls_ssl_is_rsa(ssl) == true) {
+                    esp_mbedtls_free_peer_cert(ssl);
+                }
+#endif
            }
            break;
        case MBEDTLS_SSL_CERTIFICATE_VERIFY: