summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAngelos D. Keromytis <angelos@cvs.openbsd.org>2001-07-05 07:28:01 +0000
committerAngelos D. Keromytis <angelos@cvs.openbsd.org>2001-07-05 07:28:01 +0000
commit9c9fed29c3fe7c9ed8da284d011bd0abb2193bd2 (patch)
treeeb0886bd1ef2804f8bd1895f3c0914e3075b70bc
parent1b510b6486638dd0d1bc850869db78b1d48fefe3 (diff)
On closer inspection, freeing the X509 names is bad. I should stop
coding late while half-asleep.
-rw-r--r--sbin/isakmpd/x509.c60
1 files changed, 3 insertions, 57 deletions
diff --git a/sbin/isakmpd/x509.c b/sbin/isakmpd/x509.c
index d84de607079..9092f6da932 100644
--- a/sbin/isakmpd/x509.c
+++ b/sbin/isakmpd/x509.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.c,v 1.60 2001/07/05 07:16:52 angelos Exp $ */
+/* $OpenBSD: x509.c,v 1.61 2001/07/05 07:28:00 angelos Exp $ */
/* $EOM: x509.c,v 1.54 2001/01/16 18:42:16 ho Exp $ */
/*
@@ -131,18 +131,10 @@ x509_generate_kn (int id, X509 *cert)
/* Missing or self-signed, ignore cert but don't report failure. */
if (!issuer || !subject || !LC (X509_name_cmp, (issuer, subject)))
- {
- if (issuer)
- LC (X509_NAME_free, (issuer));
- if (subject)
- LC (X509_NAME_free, (subject));
- return 1;
- }
+ return 1;
if (!x509_cert_get_key (cert, &key))
{
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
LOG_DBG ((LOG_POLICY, 30,
"x509_generate_kn: failed to get public key from cert"));
return 0;
@@ -155,16 +147,12 @@ x509_generate_kn (int id, X509 *cert)
if (LKV (keynote_errno) == ERROR_MEMORY)
{
log_print ("x509_generate_kn: failed to get memory for public key");
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
LC (RSA_free, (key));
LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: cannot get subject key"));
return 0;
}
if (!ikey)
- {
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
+ {
LC (RSA_free, (key));
LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: cannot get subject key"));
return 0;
@@ -181,8 +169,6 @@ x509_generate_kn (int id, X509 *cert)
if (LC (X509_STORE_get_by_subject, (&csc, X509_LU_X509, issuer, &obj)) !=
X509_LU_X509)
{
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
LC (X509_STORE_CTX_cleanup, (&csc));
LOG_DBG ((LOG_POLICY, 30,
"x509_generate_kn: no certificate found for issuer"));
@@ -195,8 +181,6 @@ x509_generate_kn (int id, X509 *cert)
if (icert == NULL)
{
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: "
"missing certificates, cannot construct X509 chain"));
free (ikey);
@@ -205,8 +189,6 @@ x509_generate_kn (int id, X509 *cert)
if (!x509_cert_get_key (icert, &key))
{
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
LOG_DBG ((LOG_POLICY, 30,
"x509_generate_kn: failed to get public key from cert"));
free (ikey);
@@ -223,8 +205,6 @@ x509_generate_kn (int id, X509 *cert)
{
log_error ("x509_generate_kn: failed to get memory for public key");
free (ikey);
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
LC (RSA_free, (key));
LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: cannot get issuer key"));
return 0;
@@ -233,8 +213,6 @@ x509_generate_kn (int id, X509 *cert)
if (!skey)
{
free (ikey);
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
LC (RSA_free, (key));
LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: cannot get issuer key"));
return 0;
@@ -245,8 +223,6 @@ x509_generate_kn (int id, X509 *cert)
sizeof (char));
if (!buf)
{
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
log_error ("x509_generate_kn: "
"failed to allocate memory for KeyNote credential");
free (ikey);
@@ -280,8 +256,6 @@ x509_generate_kn (int id, X509 *cert)
{
LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid data in "
"NotValidBefore time field"));
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
free (ikey);
free (skey);
free (buf);
@@ -295,8 +269,6 @@ x509_generate_kn (int id, X509 *cert)
{
LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid length "
"of NotValidBefore time field (%d)", tm->length));
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
free (ikey);
free (skey);
free (buf);
@@ -316,8 +288,6 @@ x509_generate_kn (int id, X509 *cert)
{
LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid value in "
"NotValidBefore time field"));
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
free (ikey);
free (skey);
free (buf);
@@ -336,8 +306,6 @@ x509_generate_kn (int id, X509 *cert)
{
LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid length of "
"NotValidBefore time field (%d)", tm->length));
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
free (ikey);
free (skey);
free (buf);
@@ -357,8 +325,6 @@ x509_generate_kn (int id, X509 *cert)
{
LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid value in "
"NotValidBefore time field"));
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
free (ikey);
free (skey);
free (buf);
@@ -406,8 +372,6 @@ x509_generate_kn (int id, X509 *cert)
{
LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid data in "
"NotValidAfter time field"));
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
free (ikey);
free (skey);
free (buf);
@@ -421,8 +385,6 @@ x509_generate_kn (int id, X509 *cert)
{
LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid length of "
"NotValidAfter time field (%d)", tm->length));
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
free (ikey);
free (skey);
free (buf);
@@ -442,8 +404,6 @@ x509_generate_kn (int id, X509 *cert)
{
LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid value in "
"NotValidAfter time field"));
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
free (ikey);
free (skey);
free (buf);
@@ -462,8 +422,6 @@ x509_generate_kn (int id, X509 *cert)
{
LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid length of "
"NotValidAfter time field (%d)", tm->length));
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
free (ikey);
free (skey);
free (buf);
@@ -483,8 +441,6 @@ x509_generate_kn (int id, X509 *cert)
{
LOG_DBG ((LOG_POLICY, 30, "x509_generate_kn: invalid value in "
"NotValidAfter time field"));
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
free (ikey);
free (skey);
free (buf);
@@ -513,8 +469,6 @@ x509_generate_kn (int id, X509 *cert)
{
LOG_DBG ((LOG_POLICY, 30,
"x509_generate_kn: failed to add new KeyNote credential"));
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
free (buf);
return 0;
}
@@ -528,8 +482,6 @@ x509_generate_kn (int id, X509 *cert)
{
LOG_DBG ((LOG_POLICY, 50,
"x509_generate_kn: X509_NAME_oneline (issuer, ...) failed"));
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
return 0;
}
@@ -537,15 +489,9 @@ x509_generate_kn (int id, X509 *cert)
{
LOG_DBG ((LOG_POLICY, 50,
"x509_generate_kn: X509_NAME_oneline (subject, ...) failed"));
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
return 0;
}
- /* Don't need them anymore */
- LC (X509_NAME_free, (issuer));
- LC (X509_NAME_free, (subject));
-
buf = malloc (strlen (fmt2) + strlen (isname) + strlen (subname) + 56);
if (!buf)
{