Async sniffer: don't retry if seeing non-pending error (#6220)

* Async sniffer: don't retry if seeing non-pending error * Print error messages when decrypting from queue * Zeroize the SessionTable in ssl_FreeSniffer() --------- Co-authored-by: Lealem Amedie <lealem47@github.com>
2023-04-24 14:51:55 -06:00 · 2023-04-24 14:51:55 -06:00 · a10526d5f9
commit a10526d5f9
parent 9b7ca65608
2 changed files with 9 additions and 3 deletions
--- a/src/sniffer.c
+++ b/src/sniffer.c
@ -831,6 +831,7 @@ static void FreeSnifferSession(SnifferSession* session)
 #endif
    }
    XFREE(session, NULL, DYNAMIC_TYPE_SNIFFER_SESSION);
+    XMEMSET(session, 0, sizeof(SnifferSession));
 }


@ -855,6 +856,7 @@ void ssl_FreeSniffer(void)
            FreeSnifferSession(removeSession);
        }
    }
+    XMEMSET(SessionTable, 0, sizeof(SessionTable));
    SessionCount = 0;

    /* Then server (wolfSSL_CTX) */
--- a/sslSniffer/sslSnifferTest/snifftest.c
+++ b/sslSniffer/sslSnifferTest/snifftest.c
@ -572,12 +572,16 @@ static int SnifferAsyncPollQueue(byte** data, char* err, SSLInfo* sslInfo,
                ret = ssl_DecodePacketAsync(asyncQueue[i].packet,
                    asyncQueue[i].length, 0, data, err, sslInfo, NULL);
                asyncQueue[i].lastRet = ret;
-                if (ret >= 0) {
+                if (ret != WC_PENDING_E) {
+                    if (ret < 0) {
+                        printf("ssl_Decode ret = %d, %s on packet number %d\n",
+                                ret, err, asyncQueue[i].packetNumber);
+                    }
                    /* done, so free and break to process below */
                    XFREE(asyncQueue[i].packet, NULL, DYNAMIC_TYPE_TMP_BUFFER);
                    asyncQueue[i].packet = NULL;
-                    if (ret > 0) {
-                        /* decrypted some data, so return */
+                    if (ret != 0) {
+                        /* decrypted some data or found error, so return */
                        break;
                    }
                }