From 2a9d3c112e4deeca3f07cd7f94aa7eb8bec0dd74 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=AF=9B=E5=AE=87=E9=94=8B?= <maoyufeng3@huawei.com>
Date: Mon, 27 Dec 2021 12:08:11 +0000
Subject: [PATCH] update library/ssl_tls.c. Fix BUG CVE-2021-44732

---
 library/ssl_tls.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index c749a8611..982c8c112 100755
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -301,6 +301,9 @@ static int ssl_session_copy( mbedtls_ssl_session *dst, const mbedtls_ssl_session
     mbedtls_ssl_session_free( dst );
     memcpy( dst, src, sizeof( mbedtls_ssl_session ) );
 
+#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
+    dst->ticket = NULL;
+#endif
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
     if( src->peer_cert != NULL )
     {
-- 
Gitee