feedc0de/esp-idf
1
0
Fork 0
forked from espressif/esp-idf
Code Pull Requests Activity

EAP peer: Clear temporary message buffers before freeing

Browse Source 
These buffers in TLS-based EAP methods might contain keys or password
(e.g., when using TTLS-PAP or PEAP-GTC), so clear them explicitly to
avoid leaving such material into heap memory unnecessarily.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen
2019-02-05 20:26:50 +02:00
committed by Sarvesh Bodakhe
parent aa987d418e
commit 1e38fa2c12
3 changed files with 56 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
components/wpa_supplicant/src/eap_peer/eap_fast.c
View File

@@ -249,8 +249,8 @@ static void eap_fast_deinit(struct eap_sm *sm, void *priv)
os_memset(data->key_data, 0, EAP_FAST_KEY_LEN); os_memset(data->key_data, 0, EAP_FAST_KEY_LEN);
os_memset(data->emsk, 0, EAP_EMSK_LEN); os_memset(data->emsk, 0, EAP_EMSK_LEN);
os_free(data->session_id); os_free(data->session_id);
wpabuf_free(data->pending_phase2_req); wpabuf_clear_free(data->pending_phase2_req);
wpabuf_free(data->pending_resp); wpabuf_clear_free(data->pending_resp);
os_free(data); os_free(data);
} }
@@ -800,7 +800,7 @@ static struct wpabuf * eap_fast_process_crypto_binding(
ret->methodState = METHOD_DONE; ret->methodState = METHOD_DONE;
ret->decision = DECISION_FAIL; ret->decision = DECISION_FAIL;
data->phase2_success = 0; data->phase2_success = 0;
wpabuf_free(resp); wpabuf_clear_free(resp);
return NULL; return NULL;
} }
@@ -814,7 +814,7 @@ static struct wpabuf * eap_fast_process_crypto_binding(
} else { } else {
wpa_printf(MSG_ERROR, "EAP-FAST: Failed to derive " wpa_printf(MSG_ERROR, "EAP-FAST: Failed to derive "
"Session-Id"); "Session-Id");
wpabuf_free(resp); wpabuf_clear_free(resp);
return NULL; return NULL;
} }
} }
@@ -1135,7 +1135,7 @@ static int eap_fast_encrypt_response(struct eap_sm *sm,
wpa_printf(MSG_INFO, "EAP-FAST: Failed to encrypt a Phase 2 " wpa_printf(MSG_INFO, "EAP-FAST: Failed to encrypt a Phase 2 "
"frame"); "frame");
} }
wpabuf_free(resp); wpabuf_clear_free(resp);
return 0; return 0;
} }
@@ -1313,14 +1313,14 @@ continue_req:
wpa_printf(MSG_INFO, "EAP-FAST: Too short Phase 2 " wpa_printf(MSG_INFO, "EAP-FAST: Too short Phase 2 "
"TLV frame (len=%lu)", "TLV frame (len=%lu)",
(unsigned long) wpabuf_len(in_decrypted)); (unsigned long) wpabuf_len(in_decrypted));
wpabuf_free(in_decrypted); wpabuf_clear_free(in_decrypted);
return -1; return -1;
} }
res = eap_fast_process_decrypted(sm, data, ret, identifier, res = eap_fast_process_decrypted(sm, data, ret, identifier,
in_decrypted, out_data); in_decrypted, out_data);
wpabuf_free(in_decrypted); wpabuf_clear_free(in_decrypted);
return res; return res;
} }
@@ -1598,7 +1598,7 @@ static struct wpabuf * eap_fast_process(struct eap_sm *sm, void *priv,
if (sm->waiting_ext_cert_check) { if (sm->waiting_ext_cert_check) {
wpa_printf(MSG_DEBUG, wpa_printf(MSG_DEBUG,
"EAP-FAST: Waiting external server certificate validation"); "EAP-FAST: Waiting external server certificate validation");
wpabuf_free(data->pending_resp); wpabuf_clear_free(data->pending_resp);
data->pending_resp = resp; data->pending_resp = resp;
return NULL; return NULL;
} }
@@ -1627,7 +1627,7 @@ static struct wpabuf * eap_fast_process(struct eap_sm *sm, void *priv,
"EAP-FAST: Could not derive keys"); "EAP-FAST: Could not derive keys");
ret->methodState = METHOD_DONE; ret->methodState = METHOD_DONE;
ret->decision = DECISION_FAIL; ret->decision = DECISION_FAIL;
wpabuf_free(resp); wpabuf_clear_free(resp);
return NULL; return NULL;
} }
} }
@@ -1636,7 +1636,7 @@ static struct wpabuf * eap_fast_process(struct eap_sm *sm, void *priv,
/* /*
* Application data included in the handshake message. * Application data included in the handshake message.
*/ */
wpabuf_free(data->pending_phase2_req); wpabuf_clear_free(data->pending_phase2_req);
data->pending_phase2_req = resp; data->pending_phase2_req = resp;
resp = NULL; resp = NULL;
res = eap_fast_decrypt(sm, data, ret, id, &msg, &resp); res = eap_fast_decrypt(sm, data, ret, id, &msg, &resp);
@@ -1644,7 +1644,7 @@ static struct wpabuf * eap_fast_process(struct eap_sm *sm, void *priv,
} }
if (res == 1) { if (res == 1) {
wpabuf_free(resp); wpabuf_clear_free(resp);
return eap_peer_tls_build_ack(id, EAP_TYPE_FAST, return eap_peer_tls_build_ack(id, EAP_TYPE_FAST,
data->fast_version); data->fast_version);
} }
@@ -1670,9 +1670,9 @@ static void eap_fast_deinit_for_reauth(struct eap_sm *sm, void *priv)
data->phase2_method->deinit_for_reauth(sm, data->phase2_priv); data->phase2_method->deinit_for_reauth(sm, data->phase2_priv);
os_free(data->key_block_p); os_free(data->key_block_p);
data->key_block_p = NULL; data->key_block_p = NULL;
wpabuf_free(data->pending_phase2_req); wpabuf_clear_free(data->pending_phase2_req);
data->pending_phase2_req = NULL; data->pending_phase2_req = NULL;
wpabuf_free(data->pending_resp); wpabuf_clear_free(data->pending_resp);
data->pending_resp = NULL; data->pending_resp = NULL;
} }

40
components/wpa_supplicant/src/eap_peer/eap_peap.c
View File

@@ -209,9 +209,9 @@ eap_peap_deinit(struct eap_sm *sm, void *priv)
eap_peer_tls_ssl_deinit(sm, &data->ssl); eap_peer_tls_ssl_deinit(sm, &data->ssl);
eap_peap_free_key(data); eap_peap_free_key(data);
os_free(data->session_id); os_free(data->session_id);
wpabuf_free(data->pending_phase2_req); wpabuf_clear_free(data->pending_phase2_req);
wpabuf_free(data->pending_resp); wpabuf_clear_free(data->pending_resp);
os_free(data); bin_clear_free(data, sizeof(*data));
} }
@@ -406,7 +406,7 @@ eap_tlv_build_result(struct eap_sm *sm,
wpabuf_put_be16(msg, status); /* Status */ wpabuf_put_be16(msg, status); /* Status */
if (crypto_tlv_used && eap_tlv_add_cryptobinding(sm, data, msg)) { if (crypto_tlv_used && eap_tlv_add_cryptobinding(sm, data, msg)) {
wpabuf_free(msg); wpabuf_clear_free(msg);
return NULL; return NULL;
} }
@@ -721,10 +721,11 @@ static int eap_peap_phase2_request(struct eap_sm *sm,
if (*resp == NULL) { if (*resp == NULL) {
ret->methodState = METHOD_DONE; ret->methodState = METHOD_DONE;
ret->decision = DECISION_FAIL; ret->decision = DECISION_FAIL;
wpabuf_clear_free(buf);
return -1; return -1;
} }
wpabuf_put_buf(*resp, buf); wpabuf_put_buf(*resp, buf);
wpabuf_free(buf); wpabuf_clear_free(buf);
break; break;
} }
} }
@@ -795,7 +796,7 @@ static int eap_peap_phase2_request(struct eap_sm *sm,
if (*resp == NULL) { if (*resp == NULL) {
wpa_printf(MSG_ERROR, "phase 2 response failure"); wpa_printf(MSG_ERROR, "phase 2 response failure");
wpabuf_free(data->pending_phase2_req); wpabuf_clear_free(data->pending_phase2_req);
data->pending_phase2_req = wpabuf_alloc_copy(hdr, len); data->pending_phase2_req = wpabuf_alloc_copy(hdr, len);
} }
/* /*
@@ -883,7 +884,7 @@ continue_req:
struct wpabuf *nmsg = wpabuf_alloc(sizeof(struct eap_hdr) + struct wpabuf *nmsg = wpabuf_alloc(sizeof(struct eap_hdr) +
wpabuf_len(in_decrypted)); wpabuf_len(in_decrypted));
if (nmsg == NULL) { if (nmsg == NULL) {
wpabuf_free(in_decrypted); wpabuf_clear_free(in_decrypted);
return 0; return 0;
} }
nhdr = wpabuf_put(nmsg, sizeof(*nhdr)); nhdr = wpabuf_put(nmsg, sizeof(*nhdr));
@@ -893,7 +894,7 @@ continue_req:
nhdr->length = host_to_be16(sizeof(struct eap_hdr) + nhdr->length = host_to_be16(sizeof(struct eap_hdr) +
wpabuf_len(in_decrypted)); wpabuf_len(in_decrypted));
wpabuf_free(in_decrypted); wpabuf_clear_free(in_decrypted);
in_decrypted = nmsg; in_decrypted = nmsg;
} }
@@ -945,7 +946,7 @@ continue_req:
wpa_printf(MSG_INFO, "EAP-PEAP: Too short Phase 2 " wpa_printf(MSG_INFO, "EAP-PEAP: Too short Phase 2 "
"EAP frame (len=%lu)", "EAP frame (len=%lu)",
(unsigned long) wpabuf_len(in_decrypted)); (unsigned long) wpabuf_len(in_decrypted));
wpabuf_free(in_decrypted); wpabuf_clear_free(in_decrypted);
return 0; return 0;
} }
len = be_to_host16(hdr->length); len = be_to_host16(hdr->length);
@@ -954,7 +955,7 @@ continue_req:
"Phase 2 EAP frame (len=%lu hdr->length=%lu)", "Phase 2 EAP frame (len=%lu hdr->length=%lu)",
(unsigned long) wpabuf_len(in_decrypted), (unsigned long) wpabuf_len(in_decrypted),
(unsigned long) len); (unsigned long) len);
wpabuf_free(in_decrypted); wpabuf_clear_free(in_decrypted);
return 0; return 0;
} }
if (len < wpabuf_len(in_decrypted)) { if (len < wpabuf_len(in_decrypted)) {
@@ -971,7 +972,7 @@ continue_req:
case EAP_CODE_REQUEST: case EAP_CODE_REQUEST:
if (eap_peap_phase2_request(sm, data, ret, in_decrypted, if (eap_peap_phase2_request(sm, data, ret, in_decrypted,
&resp)) { &resp)) {
wpabuf_free(in_decrypted); wpabuf_clear_free(in_decrypted);
wpa_printf(MSG_ERROR, "EAP-PEAP: Phase2 Request " wpa_printf(MSG_ERROR, "EAP-PEAP: Phase2 Request "
"processing failed"); "processing failed");
return 0; return 0;
@@ -990,7 +991,7 @@ continue_req:
"completed successfully"); "completed successfully");
ret->methodState = METHOD_DONE; ret->methodState = METHOD_DONE;
ret->decision = DECISION_FAIL; ret->decision = DECISION_FAIL;
wpabuf_free(in_decrypted); wpabuf_clear_free(in_decrypted);
return 0; return 0;
} }
wpa_printf(MSG_DEBUG, "EAP-PEAP: Version 1 - " wpa_printf(MSG_DEBUG, "EAP-PEAP: Version 1 - "
@@ -1000,7 +1001,7 @@ continue_req:
ret->methodState = METHOD_DONE; ret->methodState = METHOD_DONE;
data->phase2_success = 1; data->phase2_success = 1;
if (data->peap_outer_success == 2) { if (data->peap_outer_success == 2) {
wpabuf_free(in_decrypted); wpabuf_clear_free(in_decrypted);
wpa_printf(MSG_DEBUG, "EAP-PEAP: Use TLS ACK " wpa_printf(MSG_DEBUG, "EAP-PEAP: Use TLS ACK "
"to finish authentication"); "to finish authentication");
return 1; return 1;
@@ -1046,7 +1047,7 @@ continue_req:
break; break;
} }
wpabuf_free(in_decrypted); wpabuf_clear_free(in_decrypted);
if (resp) { if (resp) {
int skip_change2 = 0; int skip_change2 = 0;
@@ -1078,7 +1079,7 @@ continue_req:
wpa_printf(MSG_INFO, "EAP-PEAP: Failed to encrypt " wpa_printf(MSG_INFO, "EAP-PEAP: Failed to encrypt "
"a Phase 2 frame"); "a Phase 2 frame");
} }
wpabuf_free(resp); wpabuf_clear_free(resp);
} }
return 0; return 0;
@@ -1178,7 +1179,7 @@ static struct wpabuf * eap_peap_process(struct eap_sm *sm, void *priv,
if (sm->waiting_ext_cert_check) { if (sm->waiting_ext_cert_check) {
wpa_printf(MSG_DEBUG, wpa_printf(MSG_DEBUG,
"EAP-PEAP: Waiting external server certificate validation"); "EAP-PEAP: Waiting external server certificate validation");
wpabuf_free(data->pending_resp); wpabuf_clear_free(data->pending_resp);
data->pending_resp = resp; data->pending_resp = resp;
return NULL; return NULL;
} }
@@ -1261,6 +1262,7 @@ static struct wpabuf * eap_peap_process(struct eap_sm *sm, void *priv,
* Application data included in the handshake message. * Application data included in the handshake message.
*/ */
wpabuf_free(data->pending_phase2_req); wpabuf_free(data->pending_phase2_req);
wpabuf_clear_free(data->pending_phase2_req);
data->pending_phase2_req = resp; data->pending_phase2_req = resp;
resp = NULL; resp = NULL;
wpabuf_set(&msg, pos, left); wpabuf_set(&msg, pos, left);
@@ -1274,7 +1276,7 @@ static struct wpabuf * eap_peap_process(struct eap_sm *sm, void *priv,
} }
if (res == 1) { if (res == 1) {
wpabuf_free(resp); wpabuf_clear_free(resp);
return eap_peer_tls_build_ack(id, EAP_TYPE_PEAP, return eap_peer_tls_build_ack(id, EAP_TYPE_PEAP,
data->peap_version); data->peap_version);
} }
@@ -1297,9 +1299,9 @@ static void
eap_peap_deinit_for_reauth(struct eap_sm *sm, void *priv) eap_peap_deinit_for_reauth(struct eap_sm *sm, void *priv)
{ {
struct eap_peap_data *data = priv; struct eap_peap_data *data = priv;
wpabuf_free(data->pending_phase2_req); wpabuf_clear_free(data->pending_phase2_req);
data->pending_phase2_req = NULL; data->pending_phase2_req = NULL;
wpabuf_free(data->pending_resp); wpabuf_clear_free(data->pending_resp);
data->pending_resp = NULL; data->pending_resp = NULL;
data->crypto_binding_used = 0; data->crypto_binding_used = 0;
} }

43
components/wpa_supplicant/src/eap_peer/eap_ttls.c
View File

@@ -146,8 +146,8 @@ static void eap_ttls_deinit(struct eap_sm *sm, void *priv)
eap_peer_tls_ssl_deinit(sm, &data->ssl); eap_peer_tls_ssl_deinit(sm, &data->ssl);
eap_ttls_free_key(data); eap_ttls_free_key(data);
os_free(data->session_id); os_free(data->session_id);
wpabuf_free(data->pending_phase2_req); wpabuf_clear_free(data->pending_phase2_req);
wpabuf_free(data->pending_resp); wpabuf_clear_free(data->pending_resp);
os_free(data); os_free(data);
} }
@@ -197,7 +197,7 @@ static int eap_ttls_avp_encapsulate(struct wpabuf **resp, u32 avp_code,
msg = wpabuf_alloc(sizeof(struct ttls_avp) + wpabuf_len(*resp) + 4); msg = wpabuf_alloc(sizeof(struct ttls_avp) + wpabuf_len(*resp) + 4);
if (msg == NULL) { if (msg == NULL) {
wpabuf_free(*resp); wpabuf_clear_free(*resp);
*resp = NULL; *resp = NULL;
return -1; return -1;
} }
@@ -207,7 +207,7 @@ static int eap_ttls_avp_encapsulate(struct wpabuf **resp, u32 avp_code,
os_memcpy(pos, wpabuf_head(*resp), wpabuf_len(*resp)); os_memcpy(pos, wpabuf_head(*resp), wpabuf_len(*resp));
pos += wpabuf_len(*resp); pos += wpabuf_len(*resp);
AVP_PAD(avp, pos); AVP_PAD(avp, pos);
wpabuf_free(*resp); wpabuf_clear_free(*resp);
wpabuf_put(msg, pos - avp); wpabuf_put(msg, pos - avp);
*resp = msg; *resp = msg;
return 0; return 0;
@@ -457,7 +457,7 @@ static int eap_ttls_phase2_request_mschapv2(struct eap_sm *sm,
challenge = eap_ttls_implicit_challenge( challenge = eap_ttls_implicit_challenge(
sm, data, EAP_TTLS_MSCHAPV2_CHALLENGE_LEN + 1); sm, data, EAP_TTLS_MSCHAPV2_CHALLENGE_LEN + 1);
if (challenge == NULL) { if (challenge == NULL) {
wpabuf_free(msg); wpabuf_clear_free(msg);
wpa_printf(MSG_ERROR, "EAP-TTLS/MSCHAPV2: Failed to derive " wpa_printf(MSG_ERROR, "EAP-TTLS/MSCHAPV2: Failed to derive "
"implicit challenge"); "implicit challenge");
return -1; return -1;
@@ -476,7 +476,7 @@ static int eap_ttls_phase2_request_mschapv2(struct eap_sm *sm,
*pos++ = 0; /* Flags */ *pos++ = 0; /* Flags */
if (os_get_random(pos, EAP_TTLS_MSCHAPV2_CHALLENGE_LEN) < 0) { if (os_get_random(pos, EAP_TTLS_MSCHAPV2_CHALLENGE_LEN) < 0) {
os_free(challenge); os_free(challenge);
wpabuf_free(msg); wpabuf_clear_free(msg);
wpa_printf(MSG_ERROR, "EAP-TTLS/MSCHAPV2: Failed to get " wpa_printf(MSG_ERROR, "EAP-TTLS/MSCHAPV2: Failed to get "
"random data for peer challenge"); "random data for peer challenge");
return -1; return -1;
@@ -490,7 +490,7 @@ static int eap_ttls_phase2_request_mschapv2(struct eap_sm *sm,
peer_challenge, pos, data->auth_response, peer_challenge, pos, data->auth_response,
data->master_key)) { data->master_key)) {
os_free(challenge); os_free(challenge);
wpabuf_free(msg); wpabuf_clear_free(msg);
wpa_printf(MSG_ERROR, "EAP-TTLS/MSCHAPV2: Failed to derive " wpa_printf(MSG_ERROR, "EAP-TTLS/MSCHAPV2: Failed to derive "
"response"); "response");
return -1; return -1;
@@ -562,7 +562,7 @@ static int eap_ttls_phase2_request_mschap(struct eap_sm *sm,
challenge = eap_ttls_implicit_challenge( challenge = eap_ttls_implicit_challenge(
sm, data, EAP_TTLS_MSCHAP_CHALLENGE_LEN + 1); sm, data, EAP_TTLS_MSCHAP_CHALLENGE_LEN + 1);
if (challenge == NULL) { if (challenge == NULL) {
wpabuf_free(msg); wpabuf_clear_free(msg);
wpa_printf(MSG_ERROR, "EAP-TTLS/MSCHAP: Failed to derive " wpa_printf(MSG_ERROR, "EAP-TTLS/MSCHAP: Failed to derive "
"implicit challenge"); "implicit challenge");
return -1; return -1;
@@ -586,7 +586,7 @@ static int eap_ttls_phase2_request_mschap(struct eap_sm *sm,
if (challenge_response(challenge, password, pos)) { if (challenge_response(challenge, password, pos)) {
wpa_printf(MSG_ERROR, wpa_printf(MSG_ERROR,
"EAP-TTLS/MSCHAP: Failed derive password hash"); "EAP-TTLS/MSCHAP: Failed derive password hash");
wpabuf_free(msg); wpabuf_clear_free(msg);
return -1; return -1;
} }
@@ -598,7 +598,7 @@ static int eap_ttls_phase2_request_mschap(struct eap_sm *sm,
pos)) { pos)) {
wpa_printf(MSG_ERROR, wpa_printf(MSG_ERROR,
"EAP-TTLS/MSCHAP: Failed derive password"); "EAP-TTLS/MSCHAP: Failed derive password");
wpabuf_free(msg); wpabuf_clear_free(msg);
return -1; return -1;
} }
@@ -716,7 +716,7 @@ static int eap_ttls_phase2_request_chap(struct eap_sm *sm,
challenge = eap_ttls_implicit_challenge( challenge = eap_ttls_implicit_challenge(
sm, data, EAP_TTLS_CHAP_CHALLENGE_LEN + 1); sm, data, EAP_TTLS_CHAP_CHALLENGE_LEN + 1);
if (challenge == NULL) { if (challenge == NULL) {
wpabuf_free(msg); wpabuf_clear_free(msg);
wpa_printf(MSG_ERROR, "EAP-TTLS/CHAP: Failed to derive " wpa_printf(MSG_ERROR, "EAP-TTLS/CHAP: Failed to derive "
"implicit challenge"); "implicit challenge");
return -1; return -1;
@@ -1024,9 +1024,10 @@ static int eap_ttls_encrypt_response(struct eap_sm *sm,
data->ttls_version, identifier, data->ttls_version, identifier,
resp, out_data)) { resp, out_data)) {
wpa_printf(MSG_ERROR, "EAP-TTLS: Failed to encrypt a Phase 2 frame"); wpa_printf(MSG_ERROR, "EAP-TTLS: Failed to encrypt a Phase 2 frame");
wpabuf_clear_free(resp);
return -1; return -1;
} }
wpabuf_free(resp); wpabuf_clear_free(resp);
return 0; return 0;
} }
@@ -1246,7 +1247,7 @@ static int eap_ttls_process_decrypted(struct eap_sm *sm,
config->pending_req_password || config->pending_req_password ||
config->pending_req_otp || config->pending_req_otp ||
config->pending_req_new_password) { config->pending_req_new_password) {
wpabuf_free(data->pending_phase2_req); wpabuf_clear_free(data->pending_phase2_req);
data->pending_phase2_req = wpabuf_dup(in_decrypted); data->pending_phase2_req = wpabuf_dup(in_decrypted);
} }
@@ -1288,7 +1289,7 @@ static int eap_ttls_implicit_identity_request(struct eap_sm *sm,
* processing when EAP request is re-processed after * processing when EAP request is re-processed after
* user input. * user input.
*/ */
wpabuf_free(data->pending_phase2_req); wpabuf_clear_free(data->pending_phase2_req);
data->pending_phase2_req = wpabuf_alloc(0); data->pending_phase2_req = wpabuf_alloc(0);
} }
@@ -1361,7 +1362,7 @@ static int eap_ttls_decrypt(struct eap_sm *sm, struct eap_ttls_data *data,
in_decrypted = data->pending_phase2_req; in_decrypted = data->pending_phase2_req;
data->pending_phase2_req = NULL; data->pending_phase2_req = NULL;
if (wpabuf_len(in_decrypted) == 0) { if (wpabuf_len(in_decrypted) == 0) {
wpabuf_free(in_decrypted); wpabuf_clear_free(in_decrypted);
return eap_ttls_implicit_identity_request( return eap_ttls_implicit_identity_request(
sm, data, ret, identifier, out_data); sm, data, ret, identifier, out_data);
} }
@@ -1397,7 +1398,7 @@ continue_req:
&parse, in_decrypted, out_data); &parse, in_decrypted, out_data);
done: done:
wpabuf_free(in_decrypted); wpabuf_clear_free(in_decrypted);
os_free(parse.eapdata); os_free(parse.eapdata);
if (retval < 0) { if (retval < 0) {
@@ -1458,7 +1459,7 @@ static int eap_ttls_process_handshake(struct eap_sm *sm,
if (sm->waiting_ext_cert_check) { if (sm->waiting_ext_cert_check) {
wpa_printf(MSG_DEBUG, wpa_printf(MSG_DEBUG,
"EAP-TTLS: Waiting external server certificate validation"); "EAP-TTLS: Waiting external server certificate validation");
wpabuf_free(data->pending_resp); wpabuf_clear_free(data->pending_resp);
data->pending_resp = *out_data; data->pending_resp = *out_data;
*out_data = NULL; *out_data = NULL;
return 0; return 0;
@@ -1493,7 +1494,7 @@ static int eap_ttls_process_handshake(struct eap_sm *sm,
/* /*
* Application data included in the handshake message. * Application data included in the handshake message.
*/ */
wpabuf_free(data->pending_phase2_req); wpabuf_clear_free(data->pending_phase2_req);
data->pending_phase2_req = *out_data; data->pending_phase2_req = *out_data;
*out_data = NULL; *out_data = NULL;
wpabuf_set(&msg, in_data, in_len); wpabuf_set(&msg, in_data, in_len);
@@ -1582,7 +1583,7 @@ static struct wpabuf * eap_ttls_process(struct eap_sm *sm, void *priv,
/* FIX: what about res == -1? Could just move all error processing into /* FIX: what about res == -1? Could just move all error processing into
* the other functions and get rid of this res==1 case here. */ * the other functions and get rid of this res==1 case here. */
if (res == 1) { if (res == 1) {
wpabuf_free(resp); wpabuf_clear_free(resp);
return eap_peer_tls_build_ack(id, EAP_TYPE_TTLS, return eap_peer_tls_build_ack(id, EAP_TYPE_TTLS,
data->ttls_version); data->ttls_version);
} }
@@ -1602,9 +1603,9 @@ static bool eap_ttls_has_reauth_data(struct eap_sm *sm, void *priv)
static void eap_ttls_deinit_for_reauth(struct eap_sm *sm, void *priv) static void eap_ttls_deinit_for_reauth(struct eap_sm *sm, void *priv)
{ {
struct eap_ttls_data *data = priv; struct eap_ttls_data *data = priv;
wpabuf_free(data->pending_phase2_req); wpabuf_clear_free(data->pending_phase2_req);
data->pending_phase2_req = NULL; data->pending_phase2_req = NULL;
wpabuf_free(data->pending_resp); wpabuf_clear_free(data->pending_resp);
data->pending_resp = NULL; data->pending_resp = NULL;
#ifdef EAP_TNC #ifdef EAP_TNC
data->ready_for_tnc = 0; data->ready_for_tnc = 0;