X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;ds=sidebyside;f=libraries%2Flibldap%2Ftls.c;h=2070e28d80da407566d3d95f0a001809996f71f2;hb=f8e5ed25e96805959f9a385212d7bad2a1c5eff3;hp=e5290018a924c47013c99911c79d8e89cf8b88dd;hpb=d554a31b589675c209ed5801f52864fc8cec1b81;p=openldap

diff --git a/libraries/libldap/tls.c b/libraries/libldap/tls.c
index e5290018a9..2070e28d80 100644
--- a/libraries/libldap/tls.c
+++ b/libraries/libldap/tls.c
@@ -16,6 +16,7 @@
 #include <ac/string.h>
 #include <ac/time.h>
 #include <ac/unistd.h>
+#include <ac/param.h>
 
 #include "ldap-int.h"
 
@@ -826,30 +827,30 @@ ldap_pvt_tls_set_option( struct ldapoptions *lo, int option, void *arg )
 
 	switch( option ) {
 	case LDAP_OPT_X_TLS_CACERTFILE:
-		if ( tls_opt_cacertfile ) free( tls_opt_cacertfile );
+		if ( tls_opt_cacertfile ) LDAP_FREE( tls_opt_cacertfile );
 		tls_opt_cacertfile = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
 		break;
 	case LDAP_OPT_X_TLS_CACERTDIR:
-		if ( tls_opt_cacertdir ) free( tls_opt_cacertdir );
+		if ( tls_opt_cacertdir ) LDAP_FREE( tls_opt_cacertdir );
 		tls_opt_cacertdir = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
 		break;
 	case LDAP_OPT_X_TLS_CERTFILE:
-		if ( tls_opt_certfile ) free( tls_opt_certfile );
+		if ( tls_opt_certfile ) LDAP_FREE( tls_opt_certfile );
 		tls_opt_certfile = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
 		break;
 	case LDAP_OPT_X_TLS_KEYFILE:
-		if ( tls_opt_keyfile ) free( tls_opt_keyfile );
+		if ( tls_opt_keyfile ) LDAP_FREE( tls_opt_keyfile );
 		tls_opt_keyfile = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
 		break;
 	case LDAP_OPT_X_TLS_REQUIRE_CERT:
 		tls_opt_require_cert = * (int *) arg;
 		break;
 	case LDAP_OPT_X_TLS_CIPHER_SUITE:
-		if ( tls_opt_ciphersuite ) free( tls_opt_ciphersuite );
+		if ( tls_opt_ciphersuite ) LDAP_FREE( tls_opt_ciphersuite );
 		tls_opt_ciphersuite = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
 		break;
 	case LDAP_OPT_X_TLS_RANDOM_FILE:
-		if (tls_opt_randfile ) free (tls_opt_randfile );
+		if (tls_opt_randfile ) LDAP_FREE (tls_opt_randfile );
 		tls_opt_randfile = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
 		break;
 	default:
@@ -861,7 +862,7 @@ ldap_pvt_tls_set_option( struct ldapoptions *lo, int option, void *arg )
 int
 ldap_pvt_tls_start ( LDAP *ld, Sockbuf *sb, void *ctx_arg )
 {
-	ldap_pvt_tls_init();
+	(void) ldap_pvt_tls_init();
 
 	/*
 	 * Fortunately, the lib uses blocking io...
@@ -992,9 +993,7 @@ tls_seed_PRNG( const char *randfile )
 {
 #ifndef URANDOM_DEVICE
 	/* no /dev/urandom (or equiv) */
-
-	char buffer[1024];
-	static int egdsocket = 0;
+	char buffer[MAXPATHLEN];
 
 	if (randfile == NULL) {
 		/* The seed file is $RANDFILE if defined, otherwise $HOME/.rnd.
@@ -1002,17 +1001,16 @@ tls_seed_PRNG( const char *randfile )
 		 * an error occurs.    - From RAND_file_name() man page.
 		 * The fact is that when $HOME is NULL, .rnd is used.
 		 */
-		randfile = RAND_file_name(buffer, sizeof( buffer ));
+		randfile = RAND_file_name( buffer, sizeof( buffer ) );
 
 	} else if (RAND_egd(randfile) > 0) {
 		/* EGD socket */
-		egdsocket = 1;
 		return 0;
 	}
 
 	if (randfile == NULL) {
 		Debug( LDAP_DEBUG_ANY,
-			"TLS: Use configuration file or $RANDFILE to define seed file",
+			"TLS: Use configuration file or $RANDFILE to define seed PRNG\n",
 			0, 0, 0);
 		return -1;
 	}
@@ -1021,7 +1019,7 @@ tls_seed_PRNG( const char *randfile )
 
 	if (RAND_status() == 0) {
 		Debug( LDAP_DEBUG_ANY,
-			"TLS: PRNG has not been seeded with enough data",
+			"TLS: PRNG not been seeded with enough data\n",
 			0, 0, 0);
 		return -1;
 	}