diff options
author | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 2001-07-05 07:28:01 +0000 |
---|---|---|
committer | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 2001-07-05 07:28:01 +0000 |
commit | 9c9fed29c3fe7c9ed8da284d011bd0abb2193bd2 (patch) | |
tree | eb0886bd1ef2804f8bd1895f3c0914e3075b70bc | |
parent | 1b510b6486638dd0d1bc850869db78b1d48fefe3 (diff) |
On closer inspection, freeing the X509 names is bad. I should stop
coding late while half-asleep.
-rw-r--r-- | sbin/isakmpd/x509.c | 60 |
1 files changed, 3 insertions, 57 deletions
diff --git a/sbin/isakmpd/x509.c b/sbin/isakmpd/x509.c index d84de607079..9092f6da932 100644 --- a/sbin/isakmpd/x509.c +++ b/sbin/isakmpd/x509.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.c,v 1.60 2001/07/05 07:16:52 angelos Exp $ */ +/* $OpenBSD: x509.c,v 1.61 2001/07/05 07:28:00 angelos Exp $ */ /* $EOM: x509.c,v 1.54 2001/01/16 18:42:16 ho Exp $ */ /* @@ -131,18 +131,10 @@ x509_generate_kn (int id, X509 *cert) /* Missing or self-signed, ignore cert but don't report failure. */ if (!issuer || !subject || !LC (X509_name_cmp, (issuer, subject))) - { - if (issuer) - LC (X509_NAME_free, (issuer)); - if (subject) - LC (X509_NAME_free, (subject)); - return 1; - } + return 1; if (!x509_cert_get_key (cert, &key)) { - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: failed to get public key from cert")); return 0; @@ -155,16 +147,12 @@ x509_generate_kn (int id, X509 *cert) if (LKV (keynote_errno) == ERROR_MEMORY) { log_print ("x509_generate_kn: failed to get memory for public key"); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); LC (RSA_free, (key)); LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: cannot get subject key")); return 0; } if (!ikey) - { - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); + { LC (RSA_free, (key)); LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: cannot get subject key")); return 0; @@ -181,8 +169,6 @@ x509_generate_kn (int id, X509 *cert) if (LC (X509_STORE_get_by_subject, (&csc, X509_LU_X509, issuer, &obj)) != X509_LU_X509) { - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); LC (X509_STORE_CTX_cleanup, (&csc)); LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: no certificate found for issuer")); @@ -195,8 +181,6 @@ x509_generate_kn (int id, X509 *cert) if (icert == NULL) { - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: " "missing certificates, cannot construct X509 chain")); free (ikey); @@ -205,8 +189,6 @@ x509_generate_kn (int id, X509 *cert) if (!x509_cert_get_key (icert, &key)) { - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: failed to get public key from cert")); free (ikey); @@ -223,8 +205,6 @@ x509_generate_kn (int id, X509 *cert) { log_error ("x509_generate_kn: failed to get memory for public key"); free (ikey); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); LC (RSA_free, (key)); LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: cannot get issuer key")); return 0; @@ -233,8 +213,6 @@ x509_generate_kn (int id, X509 *cert) if (!skey) { free (ikey); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); LC (RSA_free, (key)); LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: cannot get issuer key")); return 0; @@ -245,8 +223,6 @@ x509_generate_kn (int id, X509 *cert) sizeof (char)); if (!buf) { - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); log_error ("x509_generate_kn: " "failed to allocate memory for KeyNote credential"); free (ikey); @@ -280,8 +256,6 @@ x509_generate_kn (int id, X509 *cert) { LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid data in " "NotValidBefore time field")); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); free (ikey); free (skey); free (buf); @@ -295,8 +269,6 @@ x509_generate_kn (int id, X509 *cert) { LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid length " "of NotValidBefore time field (%d)", tm->length)); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); free (ikey); free (skey); free (buf); @@ -316,8 +288,6 @@ x509_generate_kn (int id, X509 *cert) { LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid value in " "NotValidBefore time field")); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); free (ikey); free (skey); free (buf); @@ -336,8 +306,6 @@ x509_generate_kn (int id, X509 *cert) { LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid length of " "NotValidBefore time field (%d)", tm->length)); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); free (ikey); free (skey); free (buf); @@ -357,8 +325,6 @@ x509_generate_kn (int id, X509 *cert) { LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid value in " "NotValidBefore time field")); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); free (ikey); free (skey); free (buf); @@ -406,8 +372,6 @@ x509_generate_kn (int id, X509 *cert) { LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid data in " "NotValidAfter time field")); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); free (ikey); free (skey); free (buf); @@ -421,8 +385,6 @@ x509_generate_kn (int id, X509 *cert) { LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid length of " "NotValidAfter time field (%d)", tm->length)); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); free (ikey); free (skey); free (buf); @@ -442,8 +404,6 @@ x509_generate_kn (int id, X509 *cert) { LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid value in " "NotValidAfter time field")); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); free (ikey); free (skey); free (buf); @@ -462,8 +422,6 @@ x509_generate_kn (int id, X509 *cert) { LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid length of " "NotValidAfter time field (%d)", tm->length)); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); free (ikey); free (skey); free (buf); @@ -483,8 +441,6 @@ x509_generate_kn (int id, X509 *cert) { LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid value in " "NotValidAfter time field")); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); free (ikey); free (skey); free (buf); @@ -513,8 +469,6 @@ x509_generate_kn (int id, X509 *cert) { LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: failed to add new KeyNote credential")); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); free (buf); return 0; } @@ -528,8 +482,6 @@ x509_generate_kn (int id, X509 *cert) { LOG_DBG ((LOG_POLICY, 50, "x509_generate_kn: X509_NAME_oneline (issuer, ...) failed")); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); return 0; } @@ -537,15 +489,9 @@ x509_generate_kn (int id, X509 *cert) { LOG_DBG ((LOG_POLICY, 50, "x509_generate_kn: X509_NAME_oneline (subject, ...) failed")); - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); return 0; } - /* Don't need them anymore */ - LC (X509_NAME_free, (issuer)); - LC (X509_NAME_free, (subject)); - buf = malloc (strlen (fmt2) + strlen (isname) + strlen (subname) + 56); if (!buf) { |