projects
/
mech_eap.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Avoid double-free of bio. Better error code for ca cert parsing failure.
[mech_eap.git]
/
mech_eap
/
util_moonshot.c
diff --git
a/mech_eap/util_moonshot.c
b/mech_eap/util_moonshot.c
index
79594da
..
b73b765
100644
(file)
--- a/
mech_eap/util_moonshot.c
+++ b/
mech_eap/util_moonshot.c
@@
-34,6
+34,7
@@
#include <openssl/bio.h>
#include <openssl/pem.h>
#include <openssl/x509.h>
#include <openssl/bio.h>
#include <openssl/pem.h>
#include <openssl/x509.h>
+#include <stdio.h>
#ifdef HAVE_MOONSHOT_GET_IDENTITY
#include <libmoonshot.h>
#ifdef HAVE_MOONSHOT_GET_IDENTITY
#include <libmoonshot.h>
@@
-240,15
+241,15
@@
libMoonshotResolveInitiatorCred(OM_uint32 *minor,
}
cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
if (cert == NULL) {
}
cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
if (cert == NULL) {
- major = GSS_S_
FAILURE
;
- *minor =
ENOMEM
;
+ major = GSS_S_
DEFECTIVE_CREDENTIAL
;
+ *minor =
GSSEAP_BAD_CACERTIFICATE
;
goto cleanup;
}
BIO_free(bio);
bio = BIO_new(BIO_s_mem());
if (i2d_X509_bio(bio, cert) < 0) {
goto cleanup;
}
BIO_free(bio);
bio = BIO_new(BIO_s_mem());
if (i2d_X509_bio(bio, cert) < 0) {
- major = GSS_S_
FAILURE
;
- *minor =
ENOMEM; /* TODO */
+ major = GSS_S_
DEFECTIVE_CREDENTIAL
;
+ *minor =
GSSEAP_BAD_CACERTIFICATE;
goto cleanup;
}
BIO_get_mem_ptr(bio, &bptr);
goto cleanup;
}
BIO_get_mem_ptr(bio, &bptr);
@@
-259,6
+260,7
@@
libMoonshotResolveInitiatorCred(OM_uint32 *minor,
goto cleanup;
}
BIO_free(bio);
goto cleanup;
}
BIO_free(bio);
+ bio = NULL;
makeStringBufferOrCleanup("blob://ca-cert", &cred->caCertificate);
}
makeStringBufferOrCleanup("blob://ca-cert", &cred->caCertificate);
}