summaryrefslogtreecommitdiffstats
path: root/src/lockdown.c
diff options
context:
space:
mode:
authorGravatar Christophe Fergeau2009-11-17 21:46:48 +0100
committerGravatar Matt Colyer2009-11-17 19:24:39 -0800
commite3b6f3237efae9de0412573ae056b33e0ba48137 (patch)
treebeeb8e7bc7dfe2ee305d4424f6c867d05d21f374 /src/lockdown.c
parentc56382f15ec52925219daddd10d2a4cefb4fa166 (diff)
downloadlibimobiledevice-e3b6f3237efae9de0412573ae056b33e0ba48137.tar.gz
libimobiledevice-e3b6f3237efae9de0412573ae056b33e0ba48137.tar.bz2
don't leak memory allocated for gnutls credentials
Diffstat (limited to 'src/lockdown.c')
-rw-r--r--src/lockdown.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/src/lockdown.c b/src/lockdown.c
index 80a89dc..b69fab7 100644
--- a/src/lockdown.c
+++ b/src/lockdown.c
@@ -178,6 +178,9 @@ static lockdownd_error_t lockdownd_stop_ssl_session(lockdownd_client_t client)
178 gnutls_deinit(*client->ssl_session); 178 gnutls_deinit(*client->ssl_session);
179 free(client->ssl_session); 179 free(client->ssl_session);
180 } 180 }
181 if (client->ssl_certificate) {
182 gnutls_certificate_free_credentials(client->ssl_certificate);
183 }
181 client->in_SSL = 0; 184 client->in_SSL = 0;
182 185
183 return ret; 186 return ret;
@@ -1037,15 +1040,12 @@ lockdownd_error_t lockdownd_start_ssl_session(lockdownd_client_t client, const c
1037 ret = LOCKDOWN_E_SSL_ERROR; 1040 ret = LOCKDOWN_E_SSL_ERROR;
1038 if (lockdown_check_result(dict, "StartSession") == RESULT_SUCCESS) { 1041 if (lockdown_check_result(dict, "StartSession") == RESULT_SUCCESS) {
1039 // Set up GnuTLS... 1042 // Set up GnuTLS...
1040 //gnutls_anon_client_credentials_t anoncred;
1041 gnutls_certificate_credentials_t xcred;
1042
1043 log_dbg_msg(DBGMASK_LOCKDOWND, "%s: started the session OK, now trying GnuTLS\n", __func__); 1043 log_dbg_msg(DBGMASK_LOCKDOWND, "%s: started the session OK, now trying GnuTLS\n", __func__);
1044 errno = 0; 1044 errno = 0;
1045 gnutls_global_init(); 1045 gnutls_global_init();
1046 //gnutls_anon_allocate_client_credentials(&anoncred); 1046 //gnutls_anon_allocate_client_credentials(&anoncred);
1047 gnutls_certificate_allocate_credentials(&xcred); 1047 gnutls_certificate_allocate_credentials(&client->ssl_certificate);
1048 gnutls_certificate_set_x509_trust_file(xcred, "hostcert.pem", GNUTLS_X509_FMT_PEM); 1048 gnutls_certificate_set_x509_trust_file(client->ssl_certificate, "hostcert.pem", GNUTLS_X509_FMT_PEM);
1049 gnutls_init(client->ssl_session, GNUTLS_CLIENT); 1049 gnutls_init(client->ssl_session, GNUTLS_CLIENT);
1050 { 1050 {
1051 int protocol_priority[16] = { GNUTLS_SSL3, 0 }; 1051 int protocol_priority[16] = { GNUTLS_SSL3, 0 };
@@ -1060,7 +1060,7 @@ lockdownd_error_t lockdownd_start_ssl_session(lockdownd_client_t client, const c
1060 gnutls_protocol_set_priority(*client->ssl_session, protocol_priority); 1060 gnutls_protocol_set_priority(*client->ssl_session, protocol_priority);
1061 gnutls_mac_set_priority(*client->ssl_session, mac_priority); 1061 gnutls_mac_set_priority(*client->ssl_session, mac_priority);
1062 } 1062 }
1063 gnutls_credentials_set(*client->ssl_session, GNUTLS_CRD_CERTIFICATE, xcred); // this part is killing me. 1063 gnutls_credentials_set(*client->ssl_session, GNUTLS_CRD_CERTIFICATE, client->ssl_certificate); // this part is killing me.
1064 1064
1065 log_dbg_msg(DBGMASK_LOCKDOWND, "%s: GnuTLS step 1...\n", __func__); 1065 log_dbg_msg(DBGMASK_LOCKDOWND, "%s: GnuTLS step 1...\n", __func__);
1066 gnutls_transport_set_ptr(*client->ssl_session, (gnutls_transport_ptr_t) client); 1066 gnutls_transport_set_ptr(*client->ssl_session, (gnutls_transport_ptr_t) client);
© 2009-2020 sukimashita.com - Generated by cgit - Icons from Tango - Uses Google Analytics