@@ -230,7 +230,6 @@ create_interface(struct tuntap *tt, const char *dev)
}
snprintf(tt->dco.ifname, IFNAMSIZ, "%s", ifr.ifr_data);
- tt->actual_name = string_alloc(tt->dco.ifname, NULL);
/* see "Interface Flags" in ifnet(9) */
int i = IFF_POINTOPOINT | IFF_MULTICAST;
@@ -3876,6 +3876,8 @@ do_close_tls(struct context *c)
md_ctx_cleanup(c->c2.pulled_options_state);
md_ctx_free(c->c2.pulled_options_state);
}
+
+ tls_auth_standalone_free(c->c2.tls_auth_standalone);
}
/*
@@ -1361,6 +1361,17 @@ tls_auth_standalone_init(struct tls_options *tls_options,
return tas;
}
+void
+tls_auth_standalone_free(struct tls_auth_standalone *tas)
+{
+ if (!tas)
+ {
+ return;
+ }
+
+ packet_id_free(&tas->tls_wrap.opt.packet_id);
+}
+
/*
* Set local and remote option compatibility strings.
* Used to verify compatibility of local and remote option
@@ -180,6 +180,12 @@ void tls_multi_init_finalize(struct tls_multi *multi, int tls_mtu);
struct tls_auth_standalone *tls_auth_standalone_init(struct tls_options *tls_options,
struct gc_arena *gc);
+/**
+ * Frees a standalone tls-auth verification object.
+ * @param tas the object to free. May be NULL.
+ */
+void tls_auth_standalone_free(struct tls_auth_standalone *tas);
+
/*
* Setups the control channel frame size parameters from the data channel
* parameters
The open_tun_dco_generic already allocates the actual_name string, this shadows the allocation in the FreeBSD/Linux specific methods. The HMAC leaks are just forgotten frees/deinitialisations. Change-Id: I3c344af047abe94c0178bde1781eb450f10d157d Signed-off-by: Arne Schwabe <arne@rfc2549.org> --- src/openvpn/dco_freebsd.c | 1 - src/openvpn/init.c | 2 ++ src/openvpn/ssl.c | 11 +++++++++++ src/openvpn/ssl.h | 6 ++++++ 4 files changed, 19 insertions(+), 1 deletion(-)