More talloc_steal() . Should help with #637

diff --git a/src/modules/rlm_eap/types/rlm_eap_peap/peap.c b/src/modules/rlm_eap/types/rlm_eap_peap/peap.c
index 26de962..b231e9e 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_peap/peap.c
+++ b/src/modules/rlm_eap/types/rlm_eap_peap/peap.c
@@ -1122,7 +1122,7 @@ rlm_rcode_t eappeap_process(eap_handler_t *handler, tls_session_t *tls_session)
                         *      tunneled request.
                         */
                        rad_assert(!request->proxy);
-                       request->proxy = fake->packet;
+                       request->proxy = talloc_steal(request, fake->packet);
                        memset(&request->proxy->src_ipaddr, 0,
                               sizeof(request->proxy->src_ipaddr));
                        memset(&request->proxy->dst_ipaddr, 0,

diff --git a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
index aa79f1b..36ef39e 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
+++ b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
@@ -843,9 +843,9 @@ static int CC_HINT(nonnull) eapttls_postproxy(eap_handler_t *handler, void *data
                /*
                 *      Terrible hacks.
                 */
-               request->proxy = fake->packet;
+               request->proxy = talloc_steal(request, fake->packet);
                fake->packet = NULL;
-               request->proxy_reply = fake->reply;
+               request->proxy_reply = talloc_steal(request, fake->reply);
                fake->reply = NULL;
 
                /*