|
@@ -170,6 +170,15 @@ static void * eap_peap_init(struct eap_sm *sm)
|
|
|
}
|
|
|
|
|
|
|
|
|
+static void eap_peap_free_key(struct eap_peap_data *data)
|
|
|
+{
|
|
|
+ if (data->key_data) {
|
|
|
+ bin_clear_free(data->key_data, EAP_TLS_KEY_LEN);
|
|
|
+ data->key_data = NULL;
|
|
|
+ }
|
|
|
+}
|
|
|
+
|
|
|
+
|
|
|
static void eap_peap_deinit(struct eap_sm *sm, void *priv)
|
|
|
{
|
|
|
struct eap_peap_data *data = priv;
|
|
@@ -179,7 +188,7 @@ static void eap_peap_deinit(struct eap_sm *sm, void *priv)
|
|
|
data->phase2_method->deinit(sm, data->phase2_priv);
|
|
|
os_free(data->phase2_types);
|
|
|
eap_peer_tls_ssl_deinit(sm, &data->ssl);
|
|
|
- os_free(data->key_data);
|
|
|
+ eap_peap_free_key(data);
|
|
|
os_free(data->session_id);
|
|
|
wpabuf_free(data->pending_phase2_req);
|
|
|
os_free(data);
|
|
@@ -1005,7 +1014,7 @@ static struct wpabuf * eap_peap_process(struct eap_sm *sm, void *priv,
|
|
|
char *label;
|
|
|
wpa_printf(MSG_DEBUG,
|
|
|
"EAP-PEAP: TLS done, proceed to Phase 2");
|
|
|
- os_free(data->key_data);
|
|
|
+ eap_peap_free_key(data);
|
|
|
/* draft-josefsson-ppext-eap-tls-eap-05.txt
|
|
|
* specifies that PEAPv1 would use "client PEAP
|
|
|
* encryption" as the label. However, most existing
|
|
@@ -1115,8 +1124,7 @@ static void eap_peap_deinit_for_reauth(struct eap_sm *sm, void *priv)
|
|
|
static void * eap_peap_init_for_reauth(struct eap_sm *sm, void *priv)
|
|
|
{
|
|
|
struct eap_peap_data *data = priv;
|
|
|
- os_free(data->key_data);
|
|
|
- data->key_data = NULL;
|
|
|
+ eap_peap_free_key(data);
|
|
|
os_free(data->session_id);
|
|
|
data->session_id = NULL;
|
|
|
if (eap_peer_tls_reauth_init(sm, &data->ssl)) {
|