aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/gnutls_hooks.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c
index 4155158..0718e20 100644
--- a/src/gnutls_hooks.c
+++ b/src/gnutls_hooks.c
@@ -46,6 +46,9 @@ static void mgs_add_common_pgpcert_vars(request_rec * r, gnutls_openpgp_crt_t ce
46 46
47static apr_status_t mgs_cleanup_pre_config(void *data) 47static apr_status_t mgs_cleanup_pre_config(void *data)
48{ 48{
49 gnutls_free(session_ticket_key.data);
50 session_ticket_key.data = NULL;
51 session_ticket_key.size = 0;
49 gnutls_global_deinit(); 52 gnutls_global_deinit();
50 return APR_SUCCESS; 53 return APR_SUCCESS;
51} 54}
@@ -1035,7 +1038,7 @@ static int mgs_cert_verify(request_rec * r, mgs_handle_t * ctxt)
1035{ 1038{
1036 const gnutls_datum_t *cert_list; 1039 const gnutls_datum_t *cert_list;
1037 unsigned int cert_list_size, status, expired; 1040 unsigned int cert_list_size, status, expired;
1038 int rv, ret; 1041 int rv = GNUTLS_E_NO_CERTIFICATE_FOUND, ret;
1039 unsigned int ch_size = 0; 1042 unsigned int ch_size = 0;
1040 union { 1043 union {
1041 gnutls_x509_crt_t x509[MAX_CHAIN_SIZE]; 1044 gnutls_x509_crt_t x509[MAX_CHAIN_SIZE];
@@ -1064,7 +1067,7 @@ static int mgs_cert_verify(request_rec * r, mgs_handle_t * ctxt)
1064 ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, 1067 ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
1065 "GnuTLS: A Chain of %d certificate(s) was provided for validation", cert_list_size); 1068 "GnuTLS: A Chain of %d certificate(s) was provided for validation", cert_list_size);
1066 1069
1067 for (ch_size =0; ch_size<cert_list_size; ch_size++) { 1070 for (ch_size = 0; ch_size<cert_list_size; ch_size++) {
1068 gnutls_x509_crt_init(&cert.x509[ch_size]); 1071 gnutls_x509_crt_init(&cert.x509[ch_size]);
1069 rv = gnutls_x509_crt_import(cert.x509[ch_size], &cert_list[ch_size], GNUTLS_X509_FMT_DER); 1072 rv = gnutls_x509_crt_import(cert.x509[ch_size], &cert_list[ch_size], GNUTLS_X509_FMT_DER);
1070 // When failure to import, leave the loop 1073 // When failure to import, leave the loop