void openconnect_reset_ssl(struct openconnect_info *vpninfo)
{
vpninfo->got_cancel_cmd = 0;
openconnect_close_https(vpninfo, 0);
if (vpninfo->peer_addr) {
free(vpninfo->peer_addr);
vpninfo->peer_addr = NULL;
}
openconnect_clear_cookies(vpninfo);
}
void openconnect_reset_ssl(struct openconnect_info *vpninfo)
{
vpninfo->got_cancel_cmd = 0;
openconnect_close_https(vpninfo, 0);
free(vpninfo->peer_addr);
vpninfo->peer_addr = NULL;
vpninfo->dtls_tos_optname = 0;
free(vpninfo->ip_info.gateway_addr);
vpninfo->ip_info.gateway_addr = NULL;
openconnect_clear_cookies(vpninfo);
}
void openconnect_vpninfo_free(struct openconnect_info *vpninfo)
{
openconnect_close_https(vpninfo, 1);
if (vpninfo->proto->udp_shutdown)
vpninfo->proto->udp_shutdown(vpninfo);
if (vpninfo->tncc_fd != -1)
closesocket(vpninfo->tncc_fd);
if (vpninfo->cmd_fd_write != -1) {
closesocket(vpninfo->cmd_fd);
closesocket(vpninfo->cmd_fd_write);
}
#ifdef HAVE_ICONV
if (vpninfo->ic_utf8_to_legacy != (iconv_t)-1)
iconv_close(vpninfo->ic_utf8_to_legacy);
if (vpninfo->ic_legacy_to_utf8 != (iconv_t)-1)
iconv_close(vpninfo->ic_legacy_to_utf8);
#endif
#ifdef _WIN32
if (vpninfo->cmd_event)
CloseHandle(vpninfo->cmd_event);
if (vpninfo->ssl_event)
CloseHandle(vpninfo->ssl_event);
if (vpninfo->dtls_event)
CloseHandle(vpninfo->dtls_event);
#endif
free(vpninfo->peer_addr);
free(vpninfo->ip_info.gateway_addr);
free_optlist(vpninfo->csd_env);
free_optlist(vpninfo->script_env);
free_optlist(vpninfo->cookies);
free_optlist(vpninfo->cstp_options);
free_optlist(vpninfo->dtls_options);
free_split_routes(vpninfo);
free(vpninfo->hostname);
free(vpninfo->unique_hostname);
free(vpninfo->urlpath);
free(vpninfo->redirect_url);
free(vpninfo->cookie);
free(vpninfo->proxy_type);
free(vpninfo->proxy);
free(vpninfo->proxy_user);
free(vpninfo->proxy_pass);
free(vpninfo->vpnc_script);
free(vpninfo->cafile);
free(vpninfo->ifname);
free(vpninfo->dtls_cipher);
#ifdef OPENCONNECT_GNUTLS
gnutls_free(vpninfo->cstp_cipher); /* In OpenSSL this is const */
#ifdef HAVE_DTLS
gnutls_free(vpninfo->gnutls_dtls_cipher);
#endif
#endif
free(vpninfo->dtls_addr);
if (vpninfo->csd_scriptname) {
unlink(vpninfo->csd_scriptname);
free(vpninfo->csd_scriptname);
}
free(vpninfo->mobile_platform_version);
free(vpninfo->mobile_device_type);
free(vpninfo->mobile_device_uniqueid);
free(vpninfo->csd_token);
free(vpninfo->csd_ticket);
free(vpninfo->csd_stuburl);
free(vpninfo->csd_starturl);
free(vpninfo->csd_waiturl);
free(vpninfo->csd_preurl);
free(vpninfo->platname);
if (vpninfo->opaque_srvdata)
xmlFreeNode(vpninfo->opaque_srvdata);
free(vpninfo->profile_url);
free(vpninfo->profile_sha1);
/* These are const in openconnect itself, but for consistency of
the library API we do take ownership of the strings we're given,
and thus we have to free them too. */
if (vpninfo->cert != vpninfo->sslkey)
free((void *)vpninfo->sslkey);
free((void *)vpninfo->cert);
if (vpninfo->peer_cert) {
#if defined(OPENCONNECT_OPENSSL)
X509_free(vpninfo->peer_cert);
#elif defined(OPENCONNECT_GNUTLS)
gnutls_x509_crt_deinit(vpninfo->peer_cert);
#endif
vpninfo->peer_cert = NULL;
}
while (vpninfo->pin_cache) {
struct pin_cache *cache = vpninfo->pin_cache;
free(cache->token);
memset(cache->pin, 0x5a, strlen(cache->pin));
free(cache->pin);
vpninfo->pin_cache = cache->next;
free(cache);
}
free(vpninfo->peer_cert_sha1);
free(vpninfo->peer_cert_sha256);
free(vpninfo->localname);
free(vpninfo->useragent);
free(vpninfo->authgroup);
#ifdef HAVE_LIBSTOKEN
if (vpninfo->stoken_pin)
free(vpninfo->stoken_pin);
if (vpninfo->stoken_ctx)
stoken_destroy(vpninfo->stoken_ctx);
#endif
if (vpninfo->oath_secret) {
#ifdef HAVE_LIBPSKC
if (vpninfo->pskc)
pskc_done(vpninfo->pskc);
else
#endif /* HAVE_LIBPSKC */
free(vpninfo->oath_secret);
}
#ifdef HAVE_LIBPCSCLITE
if (vpninfo->token_mode == OC_TOKEN_MODE_YUBIOATH) {
SCardDisconnect(vpninfo->pcsc_card, SCARD_LEAVE_CARD);
SCardReleaseContext(vpninfo->pcsc_ctx);
}
memset(vpninfo->yubikey_pwhash, 0, sizeof(vpninfo->yubikey_pwhash));
free(vpninfo->yubikey_objname);
#endif
#ifdef HAVE_LIBP11
if (vpninfo->pkcs11_ctx) {
if (vpninfo->pkcs11_slot_list)
PKCS11_release_all_slots(vpninfo->pkcs11_ctx,
vpninfo->pkcs11_slot_list,
vpninfo->pkcs11_slot_count);
PKCS11_CTX_unload(vpninfo->pkcs11_ctx);
PKCS11_CTX_free(vpninfo->pkcs11_ctx);
}
free(vpninfo->pkcs11_cert_id);
#endif
/* These check strm->state so they are safe to call multiple times */
inflateEnd(&vpninfo->inflate_strm);
deflateEnd(&vpninfo->deflate_strm);
free(vpninfo->deflate_pkt);
free(vpninfo->tun_pkt);
free(vpninfo->dtls_pkt);
free(vpninfo->cstp_pkt);
free(vpninfo);
}
