mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don't leak cert in case of failure

Browse Source
This commit is contained in:
Hardening 2014-06-03 15:19:00 +02:00
parent a607b4553d
commit 462a26c8c3
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
libfreerdp/crypto/tls.c
View File

@ -635,14 +635,15 @@ int tls_do_handshake(rdpTls* tls, BOOL clientMode)
if (!tls->Bindings)
{
fprintf(stderr, "%s: unable to retrieve bindings\n", __FUNCTION__);
return -1;
verify_status = -1;
goto out;
}
if (!crypto_cert_get_public_key(cert, &tls->PublicKey, &tls->PublicKeyLength))
{
fprintf(stderr, "%s: crypto_cert_get_public_key failed to return the server public key.\n", __FUNCTION__);
tls_free_certificate(cert);
return -1;
verify_status = -1;
goto out;
}
/* Note: server-side NLA needs public keys (keys from us, the server) but no
@ -661,6 +662,7 @@ int tls_do_handshake(rdpTls* tls, BOOL clientMode)
}
}
out:
tls_free_certificate(cert);
return verify_status;