Fixes from clang / scan-build

[freeradius.git] / src / modules / rlm_eap / libeap / eap_tls.c

diff --git a/src/modules/rlm_eap/libeap/eap_tls.c b/src/modules/rlm_eap/libeap/eap_tls.c
index 2152352..1a1ad21 100644 (file)
--- a/src/modules/rlm_eap/libeap/eap_tls.c
+++ b/src/modules/rlm_eap/libeap/eap_tls.c
@@ -149,10 +149,13 @@ int eaptls_success(EAP_HANDLER *handler, int peap_flag)
                RDEBUG2("Saving response in the cache");
                
                vp = paircopy2(request->reply->vps, PW_USER_NAME, 0);
-               pairadd(&vps, vp);
+               if (vp) pairadd(&vps, vp);
                
                vp = paircopy2(request->packet->vps, PW_STRIPPED_USER_NAME, 0);
-               pairadd(&vps, vp);
+               if (vp) pairadd(&vps, vp);
+               
+               vp = paircopy2(request->reply->vps, PW_CACHED_SESSION_POLICY, 0);
+               if (vp) pairadd(&vps, vp);
                
                if (vps) {
                        SSL_SESSION_set_ex_data(tls_session->ssl->session,
@@ -836,7 +839,11 @@ eaptls_status_t eaptls_process(EAP_HANDLER *handler)
        eaptls_status_t status;
        REQUEST *request = handler->request;
 
+       rad_assert(request != NULL);
+
        RDEBUG2("processing EAP-TLS");
+       if (handler->certs) pairadd(&request->packet->vps,
+                                   paircopy(handler->certs));
 
        /* This case is when SSL generates Alert then we
         * send that alert to the client and then send the EAP-Failure