mirror of
https://github.com/SoftEtherVPN/SoftEtherVPN.git
synced 2024-11-22 17:39:53 +03:00
additional error handling if SSL_CTX_new failed
this is a folloup to https://github.com/SoftEtherVPN/SoftEtherVPN/pull/1873
This commit is contained in:
parent
acb6a53b31
commit
088b5c2df3
@ -824,6 +824,10 @@ void OvsProcessRecvControlPacket(OPENVPN_SERVER *s, OPENVPN_SESSION *se, OPENVPN
|
|||||||
}
|
}
|
||||||
|
|
||||||
c->SslPipe = NewSslPipeEx(true, s->Cedar->ServerX, s->Cedar->ServerK, s->Dh, true, &c->ClientCert);
|
c->SslPipe = NewSslPipeEx(true, s->Cedar->ServerX, s->Cedar->ServerK, s->Dh, true, &c->ClientCert);
|
||||||
|
if (c->SslPipe == NULL)
|
||||||
|
{
|
||||||
|
return;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
Unlock(s->Cedar->lock);
|
Unlock(s->Cedar->lock);
|
||||||
|
|
||||||
|
@ -3635,6 +3635,11 @@ bool PPPProcessEAPTlsResponse(PPP_SESSION *p, PPP_EAP *eap_packet, UINT eapSize)
|
|||||||
{
|
{
|
||||||
p->Eap_TlsCtx.Dh = DhNewFromBits(DH_PARAM_BITS_DEFAULT);
|
p->Eap_TlsCtx.Dh = DhNewFromBits(DH_PARAM_BITS_DEFAULT);
|
||||||
p->Eap_TlsCtx.SslPipe = NewSslPipeEx3(true, p->Cedar->ServerX, p->Cedar->ServerK, p->Cedar->ServerChain, p->Eap_TlsCtx.Dh, true, &(p->Eap_TlsCtx.ClientCert), p->Eap_TlsCtx.Tls13SessionTicketsCount, p->Eap_TlsCtx.DisableTls13);
|
p->Eap_TlsCtx.SslPipe = NewSslPipeEx3(true, p->Cedar->ServerX, p->Cedar->ServerK, p->Cedar->ServerChain, p->Eap_TlsCtx.Dh, true, &(p->Eap_TlsCtx.ClientCert), p->Eap_TlsCtx.Tls13SessionTicketsCount, p->Eap_TlsCtx.DisableTls13);
|
||||||
|
if (p->Eap_TlsCtx.SslPipe == NULL)
|
||||||
|
{
|
||||||
|
Debug("EAP-TLS: NewSslPipeEx3 failed\n");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// If the current frame is fragmented, or it is a possible last of a fragmented series, bufferize it
|
// If the current frame is fragmented, or it is a possible last of a fragmented series, bufferize it
|
||||||
|
@ -417,6 +417,11 @@ bool StartPeapSslClient(EAP_CLIENT *e)
|
|||||||
}
|
}
|
||||||
|
|
||||||
e->SslPipe = NewSslPipe(false, NULL, NULL, NULL);
|
e->SslPipe = NewSslPipe(false, NULL, NULL, NULL);
|
||||||
|
if (e->SslPipe == NULL)
|
||||||
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
send_fifo = e->SslPipe->RawOut->RecvFifo;
|
send_fifo = e->SslPipe->RawOut->RecvFifo;
|
||||||
recv_fifo = e->SslPipe->RawIn->SendFifo;
|
recv_fifo = e->SslPipe->RawIn->SendFifo;
|
||||||
|
|
||||||
|
@ -5724,6 +5724,10 @@ SSL_PIPE *NewSslPipeEx3(bool server_mode, X *x, K *k, LIST *chain, DH_CTX *dh, b
|
|||||||
SSL_PIPE *s;
|
SSL_PIPE *s;
|
||||||
SSL *ssl;
|
SSL *ssl;
|
||||||
SSL_CTX *ssl_ctx = NewSSLCtx(server_mode);
|
SSL_CTX *ssl_ctx = NewSSLCtx(server_mode);
|
||||||
|
if (ssl_ctx == NULL)
|
||||||
|
{
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
Lock(openssl_lock);
|
Lock(openssl_lock);
|
||||||
{
|
{
|
||||||
@ -11727,6 +11731,10 @@ bool StartSSLEx3(SOCK *sock, X *x, K *priv, LIST *chain, UINT ssl_timeout, char
|
|||||||
}
|
}
|
||||||
|
|
||||||
ssl_ctx = NewSSLCtx(sock->ServerMode);
|
ssl_ctx = NewSSLCtx(sock->ServerMode);
|
||||||
|
if (ssl_ctx == NULL)
|
||||||
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
Lock(openssl_lock);
|
Lock(openssl_lock);
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user