Fixed static analyzer warnings; removed superfluous file

Signed-off-by: Jan Just Keijser <jan.just.keijser@gmail.com>

diff --git a/pppd/eap-tls.c b/pppd/eap-tls.c
index 3d8fdc787420b5d5452fe2c413cc80d6fe26e3be..5740f308a89ae6c2e645222474a2ba6497cde9e7 100644 (file)
--- a/pppd/eap-tls.c
+++ b/pppd/eap-tls.c
@@ -508,7 +508,6 @@ SSL_CTX *eaptls_init_ssl(int init_server, char *cacertfile, char *capath,
     {
         EVP_PKEY   *pkey = NULL;
         PW_CB_DATA  cb_data;
     {
         EVP_PKEY   *pkey = NULL;
         PW_CB_DATA  cb_data;

-        UI_METHOD* transfer_pin = NULL;

 
         cb_data.password = passwd;
         cb_data.prompt_info = pkey_identifier;
 
         cb_data.password = passwd;
         cb_data.prompt_info = pkey_identifier;


@@ -534,6 +533,8 @@ SSL_CTX *eaptls_init_ssl(int init_server, char *cacertfile, char *capath,
 
             dbglog( "Using our private key '%s' in engine", pkey_identifier );
             pkey = ENGINE_load_private_key(pkey_engine, pkey_identifier, transfer_pin, &cb_data);
 
             dbglog( "Using our private key '%s' in engine", pkey_identifier );
             pkey = ENGINE_load_private_key(pkey_engine, pkey_identifier, transfer_pin, &cb_data);

+
+            if (transfer_pin) UI_destroy_method(transfer_pin);

         }
         else {
             dbglog( "Loading private key '%s' from engine", pkey_identifier );
         }
         else {
             dbglog( "Loading private key '%s' from engine", pkey_identifier );


@@ -553,8 +554,6 @@ SSL_CTX *eaptls_init_ssl(int init_server, char *cacertfile, char *capath,
             warn("EAP-TLS: Cannot load PKCS11 key %s", pkey_identifier);
             log_ssl_errors();
         }
             warn("EAP-TLS: Cannot load PKCS11 key %s", pkey_identifier);
             log_ssl_errors();
         }

-
-        if (transfer_pin) UI_destroy_method(transfer_pin);

     }
     else
     {
     }
     else
     {


@@ -982,7 +981,7 @@ int eaptls_receive(struct eaptls_session *ets, u_char * inp, int len)
  
         ets->data = malloc(len);
         if (!ets->data)
  
         ets->data = malloc(len);
         if (!ets->data)

-            fatal("EAP-TLS: allocation error\n");
+            fatal("EAP-TLS: memory allocation error in eaptls_receive\n");

  
         ets->datalen = 0;
         ets->tlslen = len;
  
         ets->datalen = 0;
         ets->tlslen = len;


@@ -1065,11 +1064,13 @@ int eaptls_send(struct eaptls_session *ets, u_char ** outp)
         ets->datalen = res;
 
         ets->data = malloc(ets->datalen);
         ets->datalen = res;
 
         ets->data = malloc(ets->datalen);

+        if (!ets->data)
+            fatal("EAP-TLS: memory allocation error in eaptls_send\n");
+

         BCOPY(fromtls, ets->data, ets->datalen);
 
         ets->offset = 0;
         first = 1;
         BCOPY(fromtls, ets->data, ets->datalen);
 
         ets->offset = 0;
         first = 1;

-

     }
 
     size = ets->datalen - ets->offset;
     }
 
     size = ets->datalen - ets->offset;

diff --git a/pppd/eap-tls.c.rej b/pppd/eap-tls.c.rej
deleted file mode 100644 (file)
index fc09719..0000000
--- a/pppd/eap-tls.c.rej
+++ /dev/null
@@ -1,35 +0,0 @@
---- pppd/eap-tls.c
-+++ pppd/eap-tls.c
-@@ -328,11 +328,12 @@ SSL_CTX *eaptls_init_ssl(int init_server, char *cacertfile, char *capath,
- 
-       SSL_library_init();
-       SSL_load_error_strings();
--      /* load the openssl config file only once */
--        if (!ssl_config)
--        {
--                ssl_config = eaptls_ssl_load_config();
--      }
-+
-+      /* load the openssl config file only once and load it before triggering
-+         the loading of a global openssl config file via SSL_CTX_new()
-+       */
-+      if (!ssl_config)
-+              ssl_config = eaptls_ssl_load_config();
- 
-       ctx = SSL_CTX_new(TLS_method());
- 
-@@ -403,13 +404,12 @@ SSL_CTX *eaptls_init_ssl(int init_server, char *cacertfile, char *capath,
-                               pkey_identifier = cert_identifier;
-                       }
-               }
--
-       }
- 
-       if (ssl_config && cert_engine_name)
-               cert_engine = eaptls_ssl_load_engine( cert_engine_name );
- 
--      if (pkey_engine_name)
-+      if (ssl_config && pkey_engine_name)
-       {
-               /* don't load the same engine twice */
-               if ( cert_engine && strcmp( cert_engine_name, pkey_engine_name) == 0 )