aboutsummaryrefslogtreecommitdiffstats
path: root/src/eap_server/eap_tls_common.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/eap_server/eap_tls_common.c')
-rw-r--r--src/eap_server/eap_tls_common.c42
1 files changed, 21 insertions, 21 deletions
diff --git a/src/eap_server/eap_tls_common.c b/src/eap_server/eap_tls_common.c
index ebd6afa..60c9e8e 100644
--- a/src/eap_server/eap_tls_common.c
+++ b/src/eap_server/eap_tls_common.c
@@ -58,8 +58,8 @@ int eap_server_tls_ssl_init(struct eap_sm *sm, struct eap_ssl_data *data,
void eap_server_tls_ssl_deinit(struct eap_sm *sm, struct eap_ssl_data *data)
{
tls_connection_deinit(sm->ssl_ctx, data->conn);
- free(data->tls_in);
- free(data->tls_out);
+ os_free(data->tls_in);
+ os_free(data->tls_out);
}
@@ -69,7 +69,7 @@ u8 * eap_server_tls_derive_key(struct eap_sm *sm, struct eap_ssl_data *data,
struct tls_keys keys;
u8 *rnd = NULL, *out;
- out = malloc(len);
+ out = os_malloc(len);
if (out == NULL)
return NULL;
@@ -84,24 +84,24 @@ u8 * eap_server_tls_derive_key(struct eap_sm *sm, struct eap_ssl_data *data,
keys.master_key == NULL)
goto fail;
- rnd = malloc(keys.client_random_len + keys.server_random_len);
+ rnd = os_malloc(keys.client_random_len + keys.server_random_len);
if (rnd == NULL)
goto fail;
- memcpy(rnd, keys.client_random, keys.client_random_len);
- memcpy(rnd + keys.client_random_len, keys.server_random,
- keys.server_random_len);
+ os_memcpy(rnd, keys.client_random, keys.client_random_len);
+ os_memcpy(rnd + keys.client_random_len, keys.server_random,
+ keys.server_random_len);
if (tls_prf(keys.master_key, keys.master_key_len,
label, rnd, keys.client_random_len +
keys.server_random_len, out, len))
goto fail;
- free(rnd);
+ os_free(rnd);
return out;
fail:
- free(out);
- free(rnd);
+ os_free(out);
+ os_free(rnd);
return NULL;
}
@@ -116,23 +116,23 @@ int eap_server_tls_data_reassemble(struct eap_sm *sm,
if (data->tls_in_len + *in_len > 65536) {
/* Limit length to avoid rogue peers from causing large
* memory allocations. */
- free(data->tls_in);
+ os_free(data->tls_in);
data->tls_in = NULL;
data->tls_in_len = 0;
wpa_printf(MSG_INFO, "SSL: Too long TLS fragment (size"
" over 64 kB)");
return -1;
}
- buf = realloc(data->tls_in, data->tls_in_len + *in_len);
+ buf = os_realloc(data->tls_in, data->tls_in_len + *in_len);
if (buf == NULL) {
- free(data->tls_in);
+ os_free(data->tls_in);
data->tls_in = NULL;
data->tls_in_len = 0;
wpa_printf(MSG_INFO, "SSL: Could not allocate memory "
"for TLS data");
return -1;
}
- memcpy(buf + data->tls_in_len, *in_data, *in_len);
+ os_memcpy(buf + data->tls_in_len, *in_data, *in_len);
data->tls_in = buf;
data->tls_in_len += *in_len;
if (*in_len > data->tls_in_left) {
@@ -178,7 +178,7 @@ int eap_server_tls_process_helper(struct eap_sm *sm, struct eap_ssl_data *data,
wpa_printf(MSG_INFO, "SSL: eap_tls_process_helper - "
"pending tls_out data even though "
"tls_out_len = 0");
- free(data->tls_out);
+ os_free(data->tls_out);
WPA_ASSERT(data->tls_out == NULL);
}
data->tls_out = tls_connection_server_handshake(
@@ -187,7 +187,7 @@ int eap_server_tls_process_helper(struct eap_sm *sm, struct eap_ssl_data *data,
/* Clear reassembled input data (if the buffer was needed). */
data->tls_in_left = data->tls_in_total = data->tls_in_len = 0;
- free(data->tls_in);
+ os_free(data->tls_in);
data->tls_in = NULL;
}
@@ -201,7 +201,7 @@ int eap_server_tls_process_helper(struct eap_sm *sm, struct eap_ssl_data *data,
* needing more that should have been catched above based on
* the TLS Message Length field. */
wpa_printf(MSG_DEBUG, "SSL: No data to be sent out");
- free(data->tls_out);
+ os_free(data->tls_out);
data->tls_out = NULL;
if (tls_connection_get_read_alerts(sm->ssl_ctx, data->conn)) {
@@ -233,7 +233,7 @@ int eap_server_tls_buildReq_helper(struct eap_sm *sm,
*out_len = 0;
- req = malloc(sizeof(struct eap_hdr) + 2 + 4 + data->tls_out_limit);
+ req = os_malloc(sizeof(struct eap_hdr) + 2 + 4 + data->tls_out_limit);
if (req == NULL) {
*out_data = NULL;
return -1;
@@ -258,7 +258,7 @@ int eap_server_tls_buildReq_helper(struct eap_sm *sm,
wpa_printf(MSG_DEBUG, "SSL: sending %lu bytes, more fragments "
"will follow", (unsigned long) len);
}
- memcpy(pos, &data->tls_out[data->tls_out_pos], len);
+ os_memcpy(pos, &data->tls_out[data->tls_out_pos], len);
data->tls_out_pos += len;
*out_len = (pos - (u8 *) req) + len;
req->length = host_to_be16(*out_len);
@@ -267,7 +267,7 @@ int eap_server_tls_buildReq_helper(struct eap_sm *sm,
if (!(*flags & EAP_TLS_FLAGS_MORE_FRAGMENTS)) {
data->tls_out_len = 0;
data->tls_out_pos = 0;
- free(data->tls_out);
+ os_free(data->tls_out);
data->tls_out = NULL;
}
@@ -282,7 +282,7 @@ u8 * eap_server_tls_build_ack(size_t *reqDataLen, u8 id, int eap_type,
u8 *pos;
*reqDataLen = sizeof(struct eap_hdr) + 2;
- req = malloc(*reqDataLen);
+ req = os_malloc(*reqDataLen);
if (req == NULL)
return NULL;
wpa_printf(MSG_DEBUG, "SSL: Building ACK");