diff options
-rw-r--r-- | usr.sbin/acme-client/acctproc.c | 56 | ||||
-rw-r--r-- | usr.sbin/acme-client/chngproc.c | 16 | ||||
-rw-r--r-- | usr.sbin/acme-client/keyproc.c | 22 | ||||
-rw-r--r-- | usr.sbin/acme-client/main.c | 26 |
4 files changed, 41 insertions, 79 deletions
diff --git a/usr.sbin/acme-client/acctproc.c b/usr.sbin/acme-client/acctproc.c index eb2da4482e5..31dff740ba9 100644 --- a/usr.sbin/acme-client/acctproc.c +++ b/usr.sbin/acme-client/acctproc.c @@ -1,4 +1,4 @@ -/* $Id: acctproc.c,v 1.7 2016/09/13 16:04:51 deraadt Exp $ */ +/* $Id: acctproc.c,v 1.8 2016/09/13 16:49:28 deraadt Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -73,11 +73,9 @@ bn2string(const BIGNUM *bn) static char * op_thumb_rsa(EVP_PKEY *pkey) { - char *exp, *mod, *json; + char *exp = NULL, *mod = NULL, *json = NULL; RSA *r; - exp = mod = json = NULL; - if (NULL == (r = EVP_PKEY_get1_RSA(pkey))) warnx("EVP_PKEY_get1_RSA"); else if (NULL == (mod = bn2string(r->n))) @@ -98,17 +96,11 @@ op_thumb_rsa(EVP_PKEY *pkey) static int op_thumbprint(int fd, EVP_PKEY *pkey) { - char *thumb, *dig64; - int rc; + char *thumb = NULL, *dig64 = NULL; + EVP_MD_CTX *ctx = NULL; + unsigned char *dig = NULL; unsigned int digsz; - unsigned char *dig; - - EVP_MD_CTX *ctx; - - rc = 0; - thumb = dig64 = NULL; - dig = NULL; - ctx = NULL; + int rc = 0; /* Construct the thumbprint input itself. */ @@ -164,12 +156,12 @@ out: static int op_sign_rsa(char **head, char **prot, EVP_PKEY *pkey, const char *nonce) { + char *exp = NULL, *mod = NULL; + int rc = 0; RSA *r; - char *exp, *mod; - int rc; - *head = *prot = exp = mod = NULL; - rc = 0; + *head = NULL; + *prot = NULL; /* * First, extract relevant portions of our private key. @@ -202,19 +194,13 @@ op_sign_rsa(char **head, char **prot, EVP_PKEY *pkey, const char *nonce) static int op_sign(int fd, EVP_PKEY *pkey) { - char *nonce, *pay, - *pay64, *prot, *prot64, *head, - *sign, *dig64, *fin; - int cc, rc; + char *nonce = NULL, *pay = NULL, *pay64 = NULL; + char *prot = NULL, *prot64 = NULL, *head = NULL; + char *sign = NULL, *dig64 = NULL, *fin = NULL; + unsigned char *dig = NULL; + EVP_MD_CTX *ctx = NULL; + int cc, rc = 0; unsigned int digsz; - unsigned char *dig; - EVP_MD_CTX *ctx; - - rc = 0; - pay = nonce = head = fin = - sign = prot = prot64 = pay64 = dig64 = NULL; - dig = NULL; - ctx = NULL; /* Read our payload and nonce from the requestor. */ @@ -316,17 +302,13 @@ out: int acctproc(int netsock, const char *acctkey, int newacct) { - FILE *f; - EVP_PKEY *pkey; + FILE *f = NULL; + EVP_PKEY *pkey = NULL; long lval; enum acctop op; - int rc, cc; + int rc = 0, cc; mode_t prev; - f = NULL; - pkey = NULL; - rc = 0; - /* * First, open our private key file read-only or write-only if * we're creating from scratch. diff --git a/usr.sbin/acme-client/chngproc.c b/usr.sbin/acme-client/chngproc.c index 055e1622f40..e9fd0474786 100644 --- a/usr.sbin/acme-client/chngproc.c +++ b/usr.sbin/acme-client/chngproc.c @@ -1,4 +1,4 @@ -/* $Id: chngproc.c,v 1.5 2016/09/13 16:00:26 deraadt Exp $ */ +/* $Id: chngproc.c,v 1.6 2016/09/13 16:49:28 deraadt Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -29,20 +29,12 @@ int chngproc(int netsock, const char *root, int remote) { - int rc; + char *tok = NULL, *th = NULL, *fmt = NULL, **fs = NULL; + size_t i, fsz = 0; + int rc = 0, fd = -1, cc; long lval; enum chngop op; - char *tok, *th, *fmt; - char **fs; - size_t i, fsz; void *pp; - int fd, cc; - - rc = 0; - th = tok = fmt = NULL; - fd = -1; - fs = NULL; - fsz = 0; if (chroot(root) == -1) { warn("chroot"); diff --git a/usr.sbin/acme-client/keyproc.c b/usr.sbin/acme-client/keyproc.c index 107803656b1..19debdbb2b3 100644 --- a/usr.sbin/acme-client/keyproc.c +++ b/usr.sbin/acme-client/keyproc.c @@ -1,4 +1,4 @@ -/* $Id: keyproc.c,v 1.5 2016/09/13 16:01:37 deraadt Exp $ */ +/* $Id: keyproc.c,v 1.6 2016/09/13 16:49:28 deraadt Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -77,23 +77,17 @@ int keyproc(int netsock, const char *keyfile, const char **alts, size_t altsz, int newkey) { - char *der64, *der, *dercp, *sans, *san; + char *der64 = NULL, *der = NULL, *dercp; + char *sans = NULL, *san = NULL; FILE *f; size_t i, sansz; void *pp; - EVP_PKEY *pkey; - X509_REQ *x; - X509_NAME *name; - int len, rc, cc, nid; + EVP_PKEY *pkey = NULL; + X509_REQ *x = NULL; + X509_NAME *name = NULL; + int len, rc = 0, cc, nid; mode_t prev; - STACK_OF(X509_EXTENSION) *exts; - - x = NULL; - pkey = NULL; - name = NULL; - der = der64 = sans = san = NULL; - rc = 0; - exts = NULL; + STACK_OF(X509_EXTENSION) *exts = NULL; /* * First, open our private key file read-only or write-only if diff --git a/usr.sbin/acme-client/main.c b/usr.sbin/acme-client/main.c index 44a8f4f408b..5231230b468 100644 --- a/usr.sbin/acme-client/main.c +++ b/usr.sbin/acme-client/main.c @@ -1,4 +1,4 @@ -/* $Id: main.c,v 1.11 2016/09/13 16:04:51 deraadt Exp $ */ +/* $Id: main.c,v 1.12 2016/09/13 16:49:28 deraadt Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -81,25 +81,19 @@ doasprintf(const char *fmt, ...) int main(int argc, char *argv[]) { - const char *domain, *agreement; - char *certdir, *acctkey, *chngdir, *keyfile; - int key_fds[2], acct_fds[2], chng_fds[2], - cert_fds[2], file_fds[2], dns_fds[2], - rvk_fds[2]; + const char *domain, *agreement = NULL, **alts = NULL; + char *certdir = NULL, *acctkey = NULL, *chngdir = NULL; + char *keyfile = NULL; + int key_fds[2], acct_fds[2], chng_fds[2], cert_fds[2]; + int file_fds[2], dns_fds[2], rvk_fds[2]; + int newacct = 0, remote = 0, backup = 0; + int force = 0, multidir = 0, newkey = 0; + int c, rc, revocate = 0; + int authority = DEFAULT_AUTHORITY; pid_t pids[COMP__MAX]; - int c, rc, newacct, remote, revocate, force, - multidir, newkey, backup, authority; extern int verbose; extern enum comp proccomp; size_t i, altsz, ne; - const char **alts; - - alts = NULL; - newacct = remote = revocate = verbose = force = - multidir = newkey = backup = 0; - authority = DEFAULT_AUTHORITY; - certdir = keyfile = acctkey = chngdir = NULL; - agreement = NULL; while (-1 != (c = getopt(argc, argv, "bFmnNrs:tva:f:c:C:k:"))) switch (c) { |