Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

OpenSSL: Fix tls_init(NULL) with FIPS-enabled build

The conf argument to tls_init() may be NULL (as it is when using
hostapd), so we must check that here before dereferencing the
pointer.
Jouni Malinen 15 years ago
parent
e0b3b3cb77
commit
cf123d7f4c
1 changed files with 2 additions and 2 deletions
Split View Show Diff Stats
  1. 2 2
      src/crypto/tls_openssl.c

+ 2 - 2
src/crypto/tls_openssl.c
View File 

@@ -667,7 +667,7 @@ void * tls_init(const struct tls_config *conf)
 
 	if (tls_openssl_ref_count == 0) {
 
 #ifdef CONFIG_FIPS
 
 #ifdef OPENSSL_FIPS
 
-		if (conf->fips_mode) {
 
+		if (conf && conf->fips_mode) {
 
 			if (!FIPS_mode_set(1)) {
 
 				wpa_printf(MSG_ERROR, "Failed to enable FIPS "
 
 					   "mode");
 
@@ -678,7 +678,7 @@ void * tls_init(const struct tls_config *conf)
 
 				wpa_printf(MSG_INFO, "Running in FIPS mode");
 
 		}
 
 #else /* OPENSSL_FIPS */
 
-		if (conf->fips_mode) {
 
+		if (conf && conf->fips_mode) {
 
 			wpa_printf(MSG_ERROR, "FIPS mode requested, but not "
 
 				   "supported");
 
 			return NULL;