jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

OpenSSL: Fix tls_init(NULL) with FIPS-enabled build

Browse source 
The conf argument to tls_init() may be NULL (as it is when using
hostapd), so we must check that here before dereferencing the
pointer.
This commit is contained in:
Jouni Malinen 2010-02-12 20:51:10 +02:00
parent e0b3b3cb77
commit cf123d7f4c
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/crypto/tls_openssl.c
View file

@ -667,7 +667,7 @@ void * tls_init(const struct tls_config *conf)
if (tls_openssl_ref_count == 0) { if (tls_openssl_ref_count == 0) {
#ifdef CONFIG_FIPS #ifdef CONFIG_FIPS
#ifdef OPENSSL_FIPS #ifdef OPENSSL_FIPS
if (conf->fips_mode) { if (conf && conf->fips_mode) {
if (!FIPS_mode_set(1)) { if (!FIPS_mode_set(1)) {
wpa_printf(MSG_ERROR, "Failed to enable FIPS " wpa_printf(MSG_ERROR, "Failed to enable FIPS "
"mode"); "mode");
@ -678,7 +678,7 @@ void * tls_init(const struct tls_config *conf)
wpa_printf(MSG_INFO, "Running in FIPS mode"); wpa_printf(MSG_INFO, "Running in FIPS mode");
} }
#else /* OPENSSL_FIPS */ #else /* OPENSSL_FIPS */
if (conf->fips_mode) { if (conf && conf->fips_mode) {
wpa_printf(MSG_ERROR, "FIPS mode requested, but not " wpa_printf(MSG_ERROR, "FIPS mode requested, but not "
"supported"); "supported");
return NULL; return NULL;