Am 23.11.22 um 16:49 schrieb Max Fillinger:
When running openvpn --show-tls with mbedtls, it showed a null pointer error at the end because of this.Signed-off-by: Max Fillinger <maximilian.fillin...@foxcrypto.com> --- src/openvpn/ssl_mbedtls.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c index ea06cf70..aa55a1a0 100644 --- a/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c @@ -165,7 +165,10 @@ tls_ctx_free(struct tls_root_ctx *ctx) free(ctx->crl);#if defined(ENABLE_PKCS11)- pkcs11h_certificate_freeCertificate(ctx->pkcs11_cert); + if (ctx->pkcs11_cert) + { + pkcs11h_certificate_freeCertificate(ctx->pkcs11_cert); + } #endiffree(ctx->allowed_ciphers);
Sigh, a function that violates the C paradigm that calling somethingfree on a null pointer is fine. Maybe we should add as a comment that this function is special in this way.
Acked-By: Arne Schwabe <a...@rfc2549.org> Arne _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
