summaryrefslogtreecommitdiff
path: root/sbin
diff options
context:
space:
mode:
Diffstat (limited to 'sbin')
-rw-r--r--sbin/isakmpd/ike_auth.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/sbin/isakmpd/ike_auth.c b/sbin/isakmpd/ike_auth.c
index 85c984447b3..bff2778c975 100644
--- a/sbin/isakmpd/ike_auth.c
+++ b/sbin/isakmpd/ike_auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ike_auth.c,v 1.103 2005/05/26 06:11:09 hshoexer Exp $ */
+/* $OpenBSD: ike_auth.c,v 1.104 2005/07/14 12:50:08 moritz Exp $ */
/* $EOM: ike_auth.c,v 1.59 2000/11/21 00:21:31 angelos Exp $ */
/*
@@ -984,6 +984,7 @@ skipcert:
/* Enable RSA blinding. */
if (RSA_blinding_on(sent_key, NULL) != 1) {
log_error("rsa_sig_encode_hash: RSA_blinding_on () failed.");
+ RSA_free(sent_key);
return -1;
}
/* XXX hashsize is not necessarily prf->blocksize. */
@@ -991,10 +992,12 @@ skipcert:
if (!buf) {
log_error("rsa_sig_encode_hash: malloc (%lu) failed",
(unsigned long)hashsize);
+ RSA_free(sent_key);
return -1;
}
if (ike_auth_hash(exchange, buf) == -1) {
free(buf);
+ RSA_free(sent_key);
return -1;
}
snprintf(header, sizeof header, "rsa_sig_encode_hash: HASH_%c",
@@ -1005,6 +1008,8 @@ skipcert:
if (!data) {
log_error("rsa_sig_encode_hash: malloc (%d) failed",
RSA_size(sent_key));
+ free(buf);
+ RSA_free(sent_key);
return -1;
}
sigsize = RSA_private_encrypt(hashsize, buf, data, sent_key,
@@ -1021,6 +1026,7 @@ skipcert:
datalen = (u_int32_t) sigsize;
free(buf);
+ RSA_free(sent_key);
buf = realloc(data, ISAKMP_SIG_SZ + datalen);
if (!buf) {