{
EVP_PKEY *pkey = NULL;
PW_CB_DATA cb_data;
- UI_METHOD* transfer_pin = NULL;
cb_data.password = passwd;
cb_data.prompt_info = pkey_identifier;
dbglog( "Using our private key '%s' in engine", pkey_identifier );
pkey = ENGINE_load_private_key(pkey_engine, pkey_identifier, transfer_pin, &cb_data);
+
+ if (transfer_pin) UI_destroy_method(transfer_pin);
}
else {
dbglog( "Loading private key '%s' from engine", pkey_identifier );
warn("EAP-TLS: Cannot load PKCS11 key %s", pkey_identifier);
log_ssl_errors();
}
-
- if (transfer_pin) UI_destroy_method(transfer_pin);
}
else
{
ets->data = malloc(len);
if (!ets->data)
- fatal("EAP-TLS: allocation error\n");
+ fatal("EAP-TLS: memory allocation error in eaptls_receive\n");
ets->datalen = 0;
ets->tlslen = len;
ets->datalen = res;
ets->data = malloc(ets->datalen);
+ if (!ets->data)
+ fatal("EAP-TLS: memory allocation error in eaptls_send\n");
+
BCOPY(fromtls, ets->data, ets->datalen);
ets->offset = 0;
first = 1;
-
}
size = ets->datalen - ets->offset;
+++ /dev/null
---- pppd/eap-tls.c
-+++ pppd/eap-tls.c
-@@ -328,11 +328,12 @@ SSL_CTX *eaptls_init_ssl(int init_server, char *cacertfile, char *capath,
-
- SSL_library_init();
- SSL_load_error_strings();
-- /* load the openssl config file only once */
-- if (!ssl_config)
-- {
-- ssl_config = eaptls_ssl_load_config();
-- }
-+
-+ /* load the openssl config file only once and load it before triggering
-+ the loading of a global openssl config file via SSL_CTX_new()
-+ */
-+ if (!ssl_config)
-+ ssl_config = eaptls_ssl_load_config();
-
- ctx = SSL_CTX_new(TLS_method());
-
-@@ -403,13 +404,12 @@ SSL_CTX *eaptls_init_ssl(int init_server, char *cacertfile, char *capath,
- pkey_identifier = cert_identifier;
- }
- }
--
- }
-
- if (ssl_config && cert_engine_name)
- cert_engine = eaptls_ssl_load_engine( cert_engine_name );
-
-- if (pkey_engine_name)
-+ if (ssl_config && pkey_engine_name)
- {
- /* don't load the same engine twice */
- if ( cert_engine && strcmp( cert_engine_name, pkey_engine_name) == 0 )