Use thread save settings alloc_str function where appropriate

4 files changed, 22 insertions, 9 deletions

diff --git a/src/libcharon/plugins/eap_radius/eap_radius.c b/src/libcharon/plugins/eap_radius/eap_radius.c
index b93a1f5f6..08b46c68c 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius.c
+++ b/src/libcharon/plugins/eap_radius/eap_radius.c
@@ -387,6 +387,7 @@ METHOD(eap_method_t, destroy, void,
 	this->peer->destroy(this->peer);
 	this->server->destroy(this->server);
 	this->client->destroy(this->client);
+	free(this->id_prefix);
 	free(this);
 }
 
@@ -414,7 +415,7 @@ eap_radius_t *eap_radius_create(identification_t *server, identification_t *peer
 		.type = EAP_RADIUS,
 		.eap_start = lib->settings->get_bool(lib->settings,
 								"charon.plugins.eap-radius.eap_start", FALSE),
-		.id_prefix = lib->settings->get_str(lib->settings,
+		.id_prefix = lib->settings->alloc_str(lib->settings,
 								"charon.plugins.eap-radius.id_prefix", ""),
 		.class_group = lib->settings->get_bool(lib->settings,
 								"charon.plugins.eap-radius.class_group", FALSE),
@@ -425,6 +426,7 @@ eap_radius_t *eap_radius_create(identification_t *server, identification_t *peer
 	this->client = radius_client_create();
 	if (!this->client)
 	{
+		free(this->id_prefix);
 		free(this);
 		return NULL;
 	}
diff --git a/src/libcharon/plugins/eap_radius/eap_radius_plugin.c b/src/libcharon/plugins/eap_radius/eap_radius_plugin.c
index 9b1525662..8ca5f3956 100644
--- a/src/libcharon/plugins/eap_radius/eap_radius_plugin.c
+++ b/src/libcharon/plugins/eap_radius/eap_radius_plugin.c
@@ -65,18 +65,19 @@ static void load_servers(private_eap_radius_plugin_t *this)
 	char *nas_identifier, *secret, *address, *section;
 	int port, sockets, preference;
 
-	address = lib->settings->get_str(lib->settings,
+	address = lib->settings->alloc_str(lib->settings,
 					"charon.plugins.eap-radius.server", NULL);
 	if (address)
 	{	/* legacy configuration */
-		secret = lib->settings->get_str(lib->settings,
+		secret = lib->settings->alloc_str(lib->settings,
 					"charon.plugins.eap-radius.secret", NULL);
 		if (!secret)
 		{
 			DBG1(DBG_CFG, "no RADUIS secret defined");
+			free(address);
 			return;
 		}
-		nas_identifier = lib->settings->get_str(lib->settings,
+		nas_identifier = lib->settings->alloc_str(lib->settings,
 					"charon.plugins.eap-radius.nas_identifier", "strongSwan");
 		port = lib->settings->get_int(lib->settings,
 					"charon.plugins.eap-radius.port", RADIUS_PORT);
@@ -84,6 +85,9 @@ static void load_servers(private_eap_radius_plugin_t *this)
 					"charon.plugins.eap-radius.sockets", 1);
 		server = radius_server_create(address, port, nas_identifier,
 									  secret, sockets, 0);
+		free(address);
+		free(nas_identifier);
+		free(secret);
 		if (!server)
 		{
 			DBG1(DBG_CFG, "no RADUIS server defined");
@@ -97,21 +101,22 @@ static void load_servers(private_eap_radius_plugin_t *this)
 										"charon.plugins.eap-radius.servers");
 	while (enumerator->enumerate(enumerator, &section))
 	{
-		address = lib->settings->get_str(lib->settings,
+		address = lib->settings->alloc_str(lib->settings,
 			"charon.plugins.eap-radius.servers.%s.address", NULL, section);
 		if (!address)
 		{
 			DBG1(DBG_CFG, "RADIUS server '%s' misses address, skipped", section);
 			continue;
 		}
-		secret = lib->settings->get_str(lib->settings,
+		secret = lib->settings->alloc_str(lib->settings,
 			"charon.plugins.eap-radius.servers.%s.secret", NULL, section);
 		if (!secret)
 		{
 			DBG1(DBG_CFG, "RADIUS server '%s' misses secret, skipped", section);
+			free(address);
 			continue;
 		}
-		nas_identifier = lib->settings->get_str(lib->settings,
+		nas_identifier = lib->settings->alloc_str(lib->settings,
 			"charon.plugins.eap-radius.servers.%s.nas_identifier",
 			"strongSwan", section);
 		port = lib->settings->get_int(lib->settings,
@@ -122,6 +127,9 @@ static void load_servers(private_eap_radius_plugin_t *this)
 			"charon.plugins.eap-radius.servers.%s.preference", 0, section);
 		server = radius_server_create(address, port, nas_identifier,
 									  secret, sockets, preference);
+		free(address);
+		free(nas_identifier);
+		free(secret);
 		if (!server)
 		{
 			DBG1(DBG_CFG, "loading RADIUS server '%s' failed, skipped", section);
diff --git a/src/libcharon/plugins/eap_radius/radius_server.c b/src/libcharon/plugins/eap_radius/radius_server.c
index d16628091..7cd1477c3 100644
--- a/src/libcharon/plugins/eap_radius/radius_server.c
+++ b/src/libcharon/plugins/eap_radius/radius_server.c
@@ -176,6 +176,7 @@ METHOD(radius_server_t, destroy, void,
 		this->condvar->destroy(this->condvar);
 		this->sockets->destroy_offset(this->sockets,
 									  offsetof(radius_socket_t, destroy));
+		free(this->nas_identifier.ptr);
 		free(this);
 	}
 }
@@ -200,7 +201,8 @@ radius_server_t *radius_server_create(char *server, u_int16_t port,
 			.destroy = _destroy,
 		},
 		.reachable = TRUE,
-		.nas_identifier = chunk_create(nas_identifier, strlen(nas_identifier)),
+		.nas_identifier = chunk_clone(chunk_create(nas_identifier,
+												   strlen(nas_identifier))),
 		.socket_count = sockets,
 		.sockets = linked_list_create(),
 		.mutex = mutex_create(MUTEX_TYPE_DEFAULT),
diff --git a/src/libcharon/plugins/eap_radius/radius_socket.c b/src/libcharon/plugins/eap_radius/radius_socket.c
index f46c27ede..df5f5b089 100644
--- a/src/libcharon/plugins/eap_radius/radius_socket.c
+++ b/src/libcharon/plugins/eap_radius/radius_socket.c
@@ -257,6 +257,7 @@ METHOD(radius_socket_t, destroy, void,
 	DESTROY_IF(this->hasher);
 	DESTROY_IF(this->signer);
 	DESTROY_IF(this->rng);
+	chunk_clear(&this->secret);
 	close(this->fd);
 	free(this);
 }
@@ -300,7 +301,7 @@ radius_socket_t *radius_socket_create(host_t *host, chunk_t secret)
 		destroy(this);
 		return NULL;
 	}
-	this->secret = secret;
+	this->secret = chunk_clone(secret);
 	this->signer->set_key(this->signer, secret);
 	/* we use a random identifier, helps if we restart often */
 	this->identifier = random();