static fr_tls_server_conf_t *construct_tls(TIDC_INSTANCE *inst, home_server_t *hs, TID_SRVR_BLK *server) { fr_tls_server_conf_t *tls; unsigned char *key_buf = NULL; ssize_t keylen; char *hexbuf = NULL; DH *aaa_server_dh; tls = talloc_zero( hs, fr_tls_server_conf_t); if (!tls) return NULL; aaa_server_dh = tid_srvr_get_dh(server); keylen = tr_compute_dh_key(&key_buf, aaa_server_dh->pub_key, tidc_get_dh(inst)); if (keylen <= 0) { DEBUG2("DH error"); goto error; } hexbuf = talloc_size(tls, keylen*2 + 1); if (!hexbuf) goto error; tr_bin_to_hex(key_buf, keylen, hexbuf, 2*keylen + 1); tls->psk_password = hexbuf; tls->psk_identity = talloc_strdup(tls, tid_srvr_get_key_name(server)->buf); tls->cipher_list = talloc_strdup(tls, "PSK"); tls->fragment_size = 4200; tls->ctx = tls_init_ctx(tls, 1); if (!tls->ctx) goto error; memset(key_buf, 0, keylen); tr_dh_free(key_buf); return tls; error: if (key_buf) { memset(key_buf, 0, keylen); tr_dh_free(key_buf); } if (hexbuf) memset(hexbuf, 0, keylen*2); if (tls) talloc_free(tls); return NULL; }
void tr_cryptoDestruct (tr_crypto * crypto) { tr_dh_secret_free (crypto->mySecret); tr_dh_free (crypto->dh); tr_rc4_free (crypto->enc_key); tr_rc4_free (crypto->dec_key); }