- Set sane start values for structures that are closed or freed.
diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index c27aeb8..7321fa5 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c
@@ -92,6 +92,16 @@
int i, j, n;
char *p, *q;
+ /*
+ * Make sure memory references are valid.
+ */
+ server_fd = 0;
+ memset( &ssn, 0, sizeof( ssl_session ) );
+ memset( &ssl, 0, sizeof( ssl_context ) );
+ memset( &cacert, 0, sizeof( x509_cert ) );
+ memset( &clicert, 0, sizeof( x509_cert ) );
+ memset( &rsa, 0, sizeof( rsa_context ) );
+
if( argc == 0 )
{
usage:
@@ -149,7 +159,6 @@
* 0. Initialize the RNG and the session data
*/
havege_init( &hs );
- memset( &ssn, 0, sizeof( ssl_session ) );
/*
* 1.1. Load the trusted CA
@@ -157,8 +166,6 @@
printf( "\n . Loading the CA root certificate ..." );
fflush( stdout );
- memset( &cacert, 0, sizeof( x509_cert ) );
-
/*
* Alternatively, you may load the CA certificates from a .pem or
* .crt file by calling x509parse_crtfile( &cacert, "myca.crt" ).
@@ -181,8 +188,6 @@
printf( " . Loading the client cert. and key..." );
fflush( stdout );
- memset( &clicert, 0, sizeof( x509_cert ) );
-
if( strlen( opt.crt_file ) )
ret = x509parse_crtfile( &clicert, opt.crt_file );
else
@@ -357,7 +362,8 @@
exit:
- net_close( server_fd );
+ if( server_fd )
+ net_close( server_fd );
x509_free( &clicert );
x509_free( &cacert );
rsa_free( &rsa );