From e09fbd2f7e015a2f1a1ffa630a7eff66ffa7418b Mon Sep 17 00:00:00 2001
From: Richard Fuchs <rfuchs@sipwise.com>
Date: Thu, 20 Nov 2014 11:35:20 -0500
Subject: [PATCH] dtls shutdown clears crypto context as well

---
 daemon/dtls.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/daemon/dtls.c b/daemon/dtls.c
index 507672623..4cd1cbb7d 100644
--- a/daemon/dtls.c
+++ b/daemon/dtls.c
@@ -667,6 +667,7 @@ int dtls(struct packet_stream *ps, const str *s, struct sockaddr_in6 *fsin) {
 	return 0;
 }
 
+/* call must be locked */
 void dtls_shutdown(struct packet_stream *ps) {
 	struct dtls_connection *d = &ps->sfd->dtls;
 	struct sockaddr_in6 sin;
@@ -690,6 +691,9 @@ void dtls_shutdown(struct packet_stream *ps) {
 		X509_free(ps->dtls_cert);
 		ps->dtls_cert = NULL;
 	}
+
+	crypto_reset(&ps->crypto);
+	crypto_reset(&ps->sfd->crypto);
 }
 
 void dtls_connection_cleanup(struct dtls_connection *c) {