projects
/
platform
/
upstream
/
openconnect.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
88d01c9
)
Fix GnuTLS PIN cache leak when only *key* is PKCS#11 and not certificate.
author
David Woodhouse
<David.Woodhouse@intel.com>
Wed, 13 Jun 2012 15:30:18 +0000
(16:30 +0100)
committer
David Woodhouse
<David.Woodhouse@intel.com>
Wed, 13 Jun 2012 15:30:18 +0000
(16:30 +0100)
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
gnutls.c
patch
|
blob
|
history
diff --git
a/gnutls.c
b/gnutls.c
index
23edd75
..
c4d8141
100644
(file)
--- a/
gnutls.c
+++ b/
gnutls.c
@@
-1454,7
+1454,8
@@
void openconnect_close_https(struct openconnect_info *vpninfo, int final)
gnutls_certificate_free_credentials(vpninfo->https_cred);
vpninfo->https_cred = NULL;
#ifdef HAVE_P11KIT
- if (!strncmp(vpninfo->cert, "pkcs11:", 7)) {
+ if (!strncmp(vpninfo->cert, "pkcs11:", 7) ||
+ !strncmp(vpninfo->sslkey, "pkcs11:", 7)) {
char pin_source[40];
sprintf(pin_source, "openconnect:%p", vpninfo);