summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2014-06-07 14:10:36 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2014-06-07 14:10:36 +0000
commit2a4c7be9e03b4902fd9aa64d0cb8817e519b2bd3 (patch)
tree0df64ad16139e60a57eac59781f50a3ec08a3462 /lib
parent56d5e81b5bc6cfaeab3002af4692f2cc26869fc6 (diff)
The DH_free, EC_KEY_free, EVP_PKEY_free and RSA_free functions all have
implicit NULL checks, so there is no point ensuring that the pointer is non-NULL before calling them.
Diffstat (limited to 'lib')
-rw-r--r--lib/libssl/d1_clnt.c10
-rw-r--r--lib/libssl/s3_clnt.c21
-rw-r--r--lib/libssl/s3_lib.c41
-rw-r--r--lib/libssl/s3_srvr.c17
-rw-r--r--lib/libssl/ssl_cert.c34
5 files changed, 44 insertions, 79 deletions
diff --git a/lib/libssl/d1_clnt.c b/lib/libssl/d1_clnt.c
index ef4a74e0af3..8ff4d8e3694 100644
--- a/lib/libssl/d1_clnt.c
+++ b/lib/libssl/d1_clnt.c
@@ -1211,8 +1211,7 @@ dtls1_send_client_key_exchange(SSL *s)
/* Free allocated memory */
BN_CTX_free(bn_ctx);
free(encodedPoint);
- if (clnt_ecdh != NULL)
- EC_KEY_free(clnt_ecdh);
+ EC_KEY_free(clnt_ecdh);
EVP_PKEY_free(srvr_pub_pkey);
}
@@ -1321,11 +1320,11 @@ psk_err:
/* SSL3_ST_CW_KEY_EXCH_B */
return (dtls1_do_write(s, SSL3_RT_HANDSHAKE));
+
err:
BN_CTX_free(bn_ctx);
free(encodedPoint);
- if (clnt_ecdh != NULL)
- EC_KEY_free(clnt_ecdh);
+ EC_KEY_free(clnt_ecdh);
EVP_PKEY_free(srvr_pub_pkey);
return (-1);
}
@@ -1447,8 +1446,7 @@ dtls1_send_client_certificate(SSL *s)
if (x509 != NULL)
X509_free(x509);
- if (pkey != NULL)
- EVP_PKEY_free(pkey);
+ EVP_PKEY_free(pkey);
if (i == 0) {
if (s->version == SSL3_VERSION) {
s->s3->tmp.cert_req = 0;
diff --git a/lib/libssl/s3_clnt.c b/lib/libssl/s3_clnt.c
index d1455cffc11..f2c7dd24421 100644
--- a/lib/libssl/s3_clnt.c
+++ b/lib/libssl/s3_clnt.c
@@ -1674,14 +1674,11 @@ f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
err:
EVP_PKEY_free(pkey);
- if (rsa != NULL)
- RSA_free(rsa);
- if (dh != NULL)
- DH_free(dh);
+ RSA_free(rsa);
+ DH_free(dh);
BN_CTX_free(bn_ctx);
EC_POINT_free(srvr_ecpoint);
- if (ecdh != NULL)
- EC_KEY_free(ecdh);
+ EC_KEY_free(ecdh);
EVP_MD_CTX_cleanup(&md_ctx);
return (-1);
}
@@ -2333,8 +2330,7 @@ ssl3_send_client_key_exchange(SSL *s)
/* Free allocated memory */
BN_CTX_free(bn_ctx);
free(encodedPoint);
- if (clnt_ecdh != NULL)
- EC_KEY_free(clnt_ecdh);
+ EC_KEY_free(clnt_ecdh);
EVP_PKEY_free(srvr_pub_pkey);
} else if (alg_k & SSL_kGOST) {
/* GOST key exchange message creation */
@@ -2444,7 +2440,7 @@ ssl3_send_client_key_exchange(SSL *s)
s->session->master_key_length =
s->method->ssl3_enc->generate_master_secret(s,
s->session->master_key, premaster_secret, 32);
- EVP_PKEY_free(pub_key);
+ EVP_PKEY_free(pub_key);
}
#ifndef OPENSSL_NO_PSK
@@ -2543,11 +2539,11 @@ psk_err:
/* SSL3_ST_CW_KEY_EXCH_B */
return (ssl3_do_write(s, SSL3_RT_HANDSHAKE));
+
err:
BN_CTX_free(bn_ctx);
free(encodedPoint);
- if (clnt_ecdh != NULL)
- EC_KEY_free(clnt_ecdh);
+ EC_KEY_free(clnt_ecdh);
EVP_PKEY_free(srvr_pub_pkey);
return (-1);
}
@@ -2726,8 +2722,7 @@ ssl3_send_client_certificate(SSL *s)
if (x509 != NULL)
X509_free(x509);
- if (pkey != NULL)
- EVP_PKEY_free(pkey);
+ EVP_PKEY_free(pkey);
if (i == 0) {
if (s->version == SSL3_VERSION) {
s->s3->tmp.cert_req = 0;
diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index 3b6eefd99b8..d8066720f9e 100644
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -2333,16 +2333,13 @@ ssl3_free(SSL *s)
if (s->s3->wbuf.buf != NULL)
ssl3_release_write_buffer(s);
free(s->s3->rrec.comp);
- if (s->s3->tmp.dh != NULL)
- DH_free(s->s3->tmp.dh);
- if (s->s3->tmp.ecdh != NULL)
- EC_KEY_free(s->s3->tmp.ecdh);
+ DH_free(s->s3->tmp.dh);
+ EC_KEY_free(s->s3->tmp.ecdh);
if (s->s3->tmp.ca_names != NULL)
sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
- if (s->s3->handshake_buffer) {
+ if (s->s3->handshake_buffer)
BIO_free(s->s3->handshake_buffer);
- }
if (s->s3->handshake_dgst)
ssl3_free_digest_list(s);
OPENSSL_cleanse(s->s3, sizeof *s->s3);
@@ -2371,14 +2368,11 @@ ssl3_clear(SSL *s)
free(s->s3->rrec.comp);
s->s3->rrec.comp = NULL;
- if (s->s3->tmp.dh != NULL) {
- DH_free(s->s3->tmp.dh);
- s->s3->tmp.dh = NULL;
- }
- if (s->s3->tmp.ecdh != NULL) {
- EC_KEY_free(s->s3->tmp.ecdh);
- s->s3->tmp.ecdh = NULL;
- }
+ DH_free(s->s3->tmp.dh);
+ s->s3->tmp.dh = NULL;
+ EC_KEY_free(s->s3->tmp.ecdh);
+ s->s3->tmp.ecdh = NULL;
+
s->s3->is_probably_safari = 0;
rp = s->s3->rbuf.buf;
@@ -2470,8 +2464,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
ERR_R_RSA_LIB);
return (ret);
}
- if (s->cert->rsa_tmp != NULL)
- RSA_free(s->cert->rsa_tmp);
+ RSA_free(s->cert->rsa_tmp);
s->cert->rsa_tmp = rsa;
ret = 1;
}
@@ -2504,8 +2497,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
return (ret);
}
}
- if (s->cert->dh_tmp != NULL)
- DH_free(s->cert->dh_tmp);
+ DH_free(s->cert->dh_tmp);
s->cert->dh_tmp = dh;
ret = 1;
}
@@ -2540,8 +2532,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
return (ret);
}
}
- if (s->cert->ecdh_tmp != NULL)
- EC_KEY_free(s->cert->ecdh_tmp);
+ EC_KEY_free(s->cert->ecdh_tmp);
s->cert->ecdh_tmp = ecdh;
ret = 1;
}
@@ -2729,8 +2720,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
ERR_R_RSA_LIB);
return (0);
} else {
- if (cert->rsa_tmp != NULL)
- RSA_free(cert->rsa_tmp);
+ RSA_free(cert->rsa_tmp);
cert->rsa_tmp = rsa;
return (1);
}
@@ -2761,8 +2751,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
return 0;
}
}
- if (cert->dh_tmp != NULL)
- DH_free(cert->dh_tmp);
+ DH_free(cert->dh_tmp);
cert->dh_tmp = new;
return 1;
}
@@ -2798,9 +2787,7 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
}
}
- if (cert->ecdh_tmp != NULL) {
- EC_KEY_free(cert->ecdh_tmp);
- }
+ EC_KEY_free(cert->ecdh_tmp);
cert->ecdh_tmp = ecdh;
return 1;
}
diff --git a/lib/libssl/s3_srvr.c b/lib/libssl/s3_srvr.c
index 552f8290b5f..bd22569ef0a 100644
--- a/lib/libssl/s3_srvr.c
+++ b/lib/libssl/s3_srvr.c
@@ -866,14 +866,10 @@ ssl3_check_client_hello(SSL *s)
* which will now be aborted. (A full SSL_clear would be too
* much.)
*/
- if (s->s3->tmp.dh != NULL) {
- DH_free(s->s3->tmp.dh);
- s->s3->tmp.dh = NULL;
- }
- if (s->s3->tmp.ecdh != NULL) {
- EC_KEY_free(s->s3->tmp.ecdh);
- s->s3->tmp.ecdh = NULL;
- }
+ DH_free(s->s3->tmp.dh);
+ s->s3->tmp.dh = NULL;
+ EC_KEY_free(s->s3->tmp.ecdh);
+ s->s3->tmp.ecdh = NULL;
s->s3->flags |= SSL3_FLAGS_SGC_RESTART_DONE;
return (2);
}
@@ -2465,7 +2461,7 @@ ssl3_get_client_key_exchange(SSL *s)
ret = 2;
else
ret = 1;
- gerr:
+gerr:
EVP_PKEY_free(client_pub_pkey);
EVP_PKEY_CTX_free(pkey_ctx);
if (ret)
@@ -2485,8 +2481,7 @@ f_err:
err:
EVP_PKEY_free(clnt_pub_pkey);
EC_POINT_free(clnt_ecpoint);
- if (srvr_ecdh != NULL)
- EC_KEY_free(srvr_ecdh);
+ EC_KEY_free(srvr_ecdh);
BN_CTX_free(bn_ctx);
return (-1);
}
diff --git a/lib/libssl/ssl_cert.c b/lib/libssl/ssl_cert.c
index 4c3af758694..44efb64deac 100644
--- a/lib/libssl/ssl_cert.c
+++ b/lib/libssl/ssl_cert.c
@@ -299,18 +299,14 @@ ssl_cert_dup(CERT *cert)
return (ret);
err:
- if (ret->rsa_tmp != NULL)
- RSA_free(ret->rsa_tmp);
- if (ret->dh_tmp != NULL)
- DH_free(ret->dh_tmp);
- if (ret->ecdh_tmp != NULL)
- EC_KEY_free(ret->ecdh_tmp);
+ RSA_free(ret->rsa_tmp);
+ DH_free(ret->dh_tmp);
+ EC_KEY_free(ret->ecdh_tmp);
for (i = 0; i < SSL_PKEY_NUM; i++) {
if (ret->pkeys[i].x509 != NULL)
X509_free(ret->pkeys[i].x509);
- if (ret->pkeys[i].privatekey != NULL)
- EVP_PKEY_free(ret->pkeys[i].privatekey);
+ EVP_PKEY_free(ret->pkeys[i].privatekey);
}
return NULL;
@@ -329,19 +325,16 @@ ssl_cert_free(CERT *c)
if (i > 0)
return;
- if (c->rsa_tmp)
- RSA_free(c->rsa_tmp);
- if (c->dh_tmp)
- DH_free(c->dh_tmp);
- if (c->ecdh_tmp)
- EC_KEY_free(c->ecdh_tmp);
+ RSA_free(c->rsa_tmp);
+ DH_free(c->dh_tmp);
+ EC_KEY_free(c->ecdh_tmp);
for (i = 0; i < SSL_PKEY_NUM; i++) {
if (c->pkeys[i].x509 != NULL)
X509_free(c->pkeys[i].x509);
- if (c->pkeys[i].privatekey != NULL)
- EVP_PKEY_free(c->pkeys[i].privatekey);
+ EVP_PKEY_free(c->pkeys[i].privatekey);
}
+
free(c);
}
@@ -408,12 +401,9 @@ ssl_sess_cert_free(SESS_CERT *sc)
X509_free(sc->peer_pkeys[i].x509);
}
- if (sc->peer_rsa_tmp != NULL)
- RSA_free(sc->peer_rsa_tmp);
- if (sc->peer_dh_tmp != NULL)
- DH_free(sc->peer_dh_tmp);
- if (sc->peer_ecdh_tmp != NULL)
- EC_KEY_free(sc->peer_ecdh_tmp);
+ RSA_free(sc->peer_rsa_tmp);
+ DH_free(sc->peer_dh_tmp);
+ EC_KEY_free(sc->peer_ecdh_tmp);
free(sc);
}