[PATCH 14/24] wolfssl: remove unnecessary WOLFSSL_X509_STORE manipulation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Setting a new WOLFSSL_X509_STORE is not necessary when calling  wolfSSL_CTX_load_verify_locations().

Signed-off-by: Juliusz Sosinowicz <juliusz@xxxxxxxxxxx>
---
 src/crypto/tls_wolfssl.c | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/src/crypto/tls_wolfssl.c b/src/crypto/tls_wolfssl.c
index 4016b6a46b..f126c37479 100644
--- a/src/crypto/tls_wolfssl.c
+++ b/src/crypto/tls_wolfssl.c
@@ -1383,15 +1383,8 @@ static int tls_connection_ca_cert(void *tls_ctx, struct tls_connection *conn,
 	}
 
 	if (ca_cert || ca_path) {
-		WOLFSSL_X509_STORE *cm = wolfSSL_X509_STORE_new();
-
-		if (!cm) {
-			wpa_printf(MSG_INFO,
-				   "SSL: failed to create certificate store");
-			return -1;
-		}
-		wolfSSL_CTX_set_cert_store(ctx, cm);
-
+		wpa_printf(MSG_DEBUG, "SSL: loading CA's from '%s' and '%s'",
+				ca_cert ? ca_cert : "N/A", ca_path ? ca_path : "N/A");
 		if (wolfSSL_CTX_load_verify_locations(ctx, ca_cert, ca_path) !=
 		    SSL_SUCCESS) {
 			wpa_printf(MSG_INFO,
@@ -1408,6 +1401,7 @@ static int tls_connection_ca_cert(void *tls_ctx, struct tls_connection *conn,
 				return -1;
 			}
 		}
+		wpa_printf(MSG_DEBUG, "SSL: Loaded ca_cert or ca_path");
 		return 0;
 	}
 
-- 
2.34.1


_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux