From e1bd225a5dec0713c15e56367e1f7c5202dc274d Mon Sep 17 00:00:00 2001
From: Frederik Wedel-Heinen <frederik.wedel-heinen@dencrypt.dk>
Date: Tue, 7 May 2024 21:18:44 +0200
Subject: [PATCH] Clear old messages from queues in order to avoid leaks of
 record layer objects.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22275)
---
 ssl/tls13_enc.c         | 8 ++++++++
 test/tls13secretstest.c | 8 ++++++++
 2 files changed, 16 insertions(+)

diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
index cacce45b0003b..c15fa5aa9e0de 100644
--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c
@@ -719,6 +719,14 @@ int tls13_change_cipher_state(SSL_CONNECTION *s, int which)
                ? OSSL_RECORD_PROTECTION_LEVEL_HANDSHAKE
                : OSSL_RECORD_PROTECTION_LEVEL_APPLICATION);
 
+    if (SSL_CONNECTION_IS_DTLS(s)) {
+        /* We have moved to the next flight lets clear out old messages */
+        if (direction == OSSL_RECORD_DIRECTION_READ)
+            dtls1_clear_received_buffer(s);
+        else
+            dtls1_clear_sent_buffer(s);
+    }
+
     if (!ssl_set_new_record_layer(s, s->version,
                                   direction,
                                   level, secret, hashlen, key, keylen, iv,
diff --git a/test/tls13secretstest.c b/test/tls13secretstest.c
index 352c1898adfb1..54dc86b694abc 100644
--- a/test/tls13secretstest.c
+++ b/test/tls13secretstest.c
@@ -229,6 +229,14 @@ int ssl_set_new_record_layer(SSL_CONNECTION *s, int version, int direction,
     return 0;
 }
 
+void dtls1_clear_received_buffer(SSL_CONNECTION *s)
+{
+}
+
+void dtls1_clear_sent_buffer(SSL_CONNECTION *s)
+{
+}
+
 /* End of mocked out code */
 
 static int test_secret(SSL_CONNECTION *s, unsigned char *prk,