mirror/openvpn
0
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2024-09-20 03:52:28 +02:00
Code

polarssl: also allocate PKCS#11 certificate object on demand

Browse Source 
Commit 444a93ea changed certificate allocation to be postponed until
actual usage to fix --client-cert-not-required / --verify-client-cert
for PolarSSL builds.  However, I forgot to allocate when using pkcs11
(because that code does not use the tls_ctx_load_cert_file() function).

And while we're at it, use ALLOC_OBJ_CLEAR() instead of malloc + manual
check.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1448101324-20310-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10543
Signed-off-by: Gert Doering <gert@greenie.muc.de>
This commit is contained in:
Steffan Karger 2015-11-21 11:22:04 +01:00 committed by Gert Doering
parent 6e9373c846
commit 9571010a14
1 changed files with 2 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/openvpn/pkcs11_polarssl.c
View File

@ -50,18 +50,13 @@ pkcs11_init_tls_session(pkcs11h_certificate_t certificate,
ASSERT (NULL != ssl_ctx);
ALLOC_OBJ_CLEAR (ssl_ctx->crt_chain, x509_crt);
if (pkcs11_x509_cert_init(ssl_ctx->crt_chain, certificate)) {
msg (M_FATAL, "PKCS#11: Cannot retrieve PolarSSL certificate object");
goto cleanup;
}
ssl_ctx->priv_key_pkcs11 = malloc(sizeof(pkcs11_context));
if (ssl_ctx->priv_key_pkcs11 == NULL) {
msg (M_FATAL, "PKCS#11: Cannot allocate PolarSSL private key object");
goto cleanup;
}
ALLOC_OBJ_CLEAR (ssl_ctx->priv_key_pkcs11, pkcs11_context);
if (pkcs11_priv_key_init(ssl_ctx->priv_key_pkcs11, certificate)) {
msg (M_FATAL, "PKCS#11: Cannot initialize PolarSSL private key object");
goto cleanup;