From 77a92585c62f2350be59692b9661aa7682960754 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Tue, 24 Jan 2017 14:57:31 +0000 Subject: sk_pop_free() checks for NULL so do not bother doing it from the callers. --- src/lib/libssl/s3_clnt.c | 8 +++----- src/lib/libssl/s3_lib.c | 14 +++++--------- src/lib/libssl/s3_srvr.c | 9 ++++----- src/lib/libssl/ssl_cert.c | 13 ++++--------- src/lib/libssl/ssl_lib.c | 21 +++++++++------------ src/lib/libssl/ssl_rsa.c | 8 +++----- src/lib/libssl/t1_lib.c | 8 +++----- 7 files changed, 31 insertions(+), 50 deletions(-) (limited to 'src') diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c index e8cc0e3905..e44a025e57 100644 --- a/src/lib/libssl/s3_clnt.c +++ b/src/lib/libssl/s3_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_clnt.c,v 1.171 2017/01/24 01:39:13 jsing Exp $ */ +/* $OpenBSD: s3_clnt.c,v 1.172 2017/01/24 14:57:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1723,8 +1723,7 @@ ssl3_get_certificate_request(SSL *s) /* we should setup a certificate to return.... */ S3I(s)->tmp.cert_req = 1; S3I(s)->tmp.ctype_num = ctype_num; - if (S3I(s)->tmp.ca_names != NULL) - sk_X509_NAME_pop_free(S3I(s)->tmp.ca_names, X509_NAME_free); + sk_X509_NAME_pop_free(S3I(s)->tmp.ca_names, X509_NAME_free); S3I(s)->tmp.ca_names = ca_sk; ca_sk = NULL; @@ -1736,8 +1735,7 @@ truncated: } err: X509_NAME_free(xn); - if (ca_sk != NULL) - sk_X509_NAME_pop_free(ca_sk, X509_NAME_free); + sk_X509_NAME_pop_free(ca_sk, X509_NAME_free); return (ret); } diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c index 9d0217e95f..977c170403 100644 --- a/src/lib/libssl/s3_lib.c +++ b/src/lib/libssl/s3_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_lib.c,v 1.130 2017/01/24 09:03:21 jsing Exp $ */ +/* $OpenBSD: s3_lib.c,v 1.131 2017/01/24 14:57:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1838,8 +1838,7 @@ ssl3_free(SSL *s) explicit_bzero(S3I(s)->tmp.x25519, X25519_KEY_LENGTH); free(S3I(s)->tmp.x25519); - if (S3I(s)->tmp.ca_names != NULL) - sk_X509_NAME_pop_free(S3I(s)->tmp.ca_names, X509_NAME_free); + sk_X509_NAME_pop_free(S3I(s)->tmp.ca_names, X509_NAME_free); BIO_free(S3I(s)->handshake_buffer); tls1_free_digest_list(s); free(S3I(s)->alpn_selected); @@ -1861,8 +1860,7 @@ ssl3_clear(SSL *s) size_t rlen, wlen; tls1_cleanup_key_block(s); - if (S3I(s)->tmp.ca_names != NULL) - sk_X509_NAME_pop_free(S3I(s)->tmp.ca_names, X509_NAME_free); + sk_X509_NAME_pop_free(S3I(s)->tmp.ca_names, X509_NAME_free); DH_free(S3I(s)->tmp.dh); S3I(s)->tmp.dh = NULL; @@ -2330,10 +2328,8 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) break; case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS: - if (ctx->extra_certs) { - sk_X509_pop_free(ctx->extra_certs, X509_free); - ctx->extra_certs = NULL; - } + sk_X509_pop_free(ctx->extra_certs, X509_free); + ctx->extra_certs = NULL; break; default: diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index 3709587742..c6d340026a 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: s3_srvr.c,v 1.152 2017/01/24 12:22:23 jsing Exp $ */ +/* $OpenBSD: s3_srvr.c,v 1.153 2017/01/24 14:57:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -2595,8 +2595,7 @@ ssl3_get_client_certificate(SSL *s) goto err; } } - if (SSI(s)->sess_cert->cert_chain != NULL) - sk_X509_pop_free(SSI(s)->sess_cert->cert_chain, X509_free); + sk_X509_pop_free(SSI(s)->sess_cert->cert_chain, X509_free); SSI(s)->sess_cert->cert_chain = sk; /* @@ -2617,8 +2616,8 @@ f_err: } err: X509_free(x); - if (sk != NULL) - sk_X509_pop_free(sk, X509_free); + sk_X509_pop_free(sk, X509_free); + return (ret); } diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c index c23e789bf8..9ce8585d46 100644 --- a/src/lib/libssl/ssl_cert.c +++ b/src/lib/libssl/ssl_cert.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_cert.c,v 1.58 2017/01/23 06:45:30 beck Exp $ */ +/* $OpenBSD: ssl_cert.c,v 1.59 2017/01/24 14:57:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -395,9 +395,7 @@ ssl_sess_cert_free(SESS_CERT *sc) if (i > 0) return; - /* i == 0 */ - if (sc->cert_chain != NULL) - sk_X509_pop_free(sc->cert_chain, X509_free); + sk_X509_pop_free(sc->cert_chain, X509_free); for (i = 0; i < SSL_PKEY_NUM; i++) X509_free(sc->peer_pkeys[i].x509); @@ -459,9 +457,7 @@ static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list, STACK_OF(X509_NAME) *name_list) { - if (*ca_list != NULL) - sk_X509_NAME_pop_free(*ca_list, X509_NAME_free); - + sk_X509_NAME_pop_free(*ca_list, X509_NAME_free); *ca_list = name_list; } @@ -611,8 +607,7 @@ SSL_load_client_CA_file(const char *file) if (0) { err: - if (ret != NULL) - sk_X509_NAME_pop_free(ret, X509_NAME_free); + sk_X509_NAME_pop_free(ret, X509_NAME_free); ret = NULL; } if (sk != NULL) diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c index 21d2d231d1..bdf6bc6ee3 100644 --- a/src/lib/libssl/ssl_lib.c +++ b/src/lib/libssl/ssl_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_lib.c,v 1.146 2017/01/24 13:34:26 jsing Exp $ */ +/* $OpenBSD: ssl_lib.c,v 1.147 2017/01/24 14:57:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -561,17 +561,16 @@ SSL_free(SSL *s) free(s->tlsext_hostname); SSL_CTX_free(s->initial_ctx); + free(s->internal->tlsext_ecpointformatlist); free(s->internal->tlsext_supportedgroups); - if (s->internal->tlsext_ocsp_exts) - sk_X509_EXTENSION_pop_free(s->internal->tlsext_ocsp_exts, - X509_EXTENSION_free); - if (s->internal->tlsext_ocsp_ids) - sk_OCSP_RESPID_pop_free(s->internal->tlsext_ocsp_ids, OCSP_RESPID_free); + + sk_X509_EXTENSION_pop_free(s->internal->tlsext_ocsp_exts, + X509_EXTENSION_free); + sk_OCSP_RESPID_pop_free(s->internal->tlsext_ocsp_ids, OCSP_RESPID_free); free(s->internal->tlsext_ocsp_resp); - if (s->internal->client_CA != NULL) - sk_X509_NAME_pop_free(s->internal->client_CA, X509_NAME_free); + sk_X509_NAME_pop_free(s->internal->client_CA, X509_NAME_free); if (s->method != NULL) s->method->internal->ssl_free(s); @@ -2011,10 +2010,8 @@ SSL_CTX_free(SSL_CTX *ctx) sk_SSL_CIPHER_free(ctx->cipher_list); sk_SSL_CIPHER_free(ctx->internal->cipher_list_by_id); ssl_cert_free(ctx->internal->cert); - if (ctx->internal->client_CA != NULL) - sk_X509_NAME_pop_free(ctx->internal->client_CA, X509_NAME_free); - if (ctx->extra_certs != NULL) - sk_X509_pop_free(ctx->extra_certs, X509_free); + sk_X509_NAME_pop_free(ctx->internal->client_CA, X509_NAME_free); + sk_X509_pop_free(ctx->extra_certs, X509_free); #ifndef OPENSSL_NO_SRTP if (ctx->internal->srtp_profiles) diff --git a/src/lib/libssl/ssl_rsa.c b/src/lib/libssl/ssl_rsa.c index 82c8cc0a87..03eedc0d8a 100644 --- a/src/lib/libssl/ssl_rsa.c +++ b/src/lib/libssl/ssl_rsa.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_rsa.c,v 1.24 2017/01/23 22:34:38 beck Exp $ */ +/* $OpenBSD: ssl_rsa.c,v 1.25 2017/01/24 14:57:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -671,10 +671,8 @@ ssl_ctx_use_certificate_chain_bio(SSL_CTX *ctx, BIO *in) int r; unsigned long err; - if (ctx->extra_certs != NULL) { - sk_X509_pop_free(ctx->extra_certs, X509_free); - ctx->extra_certs = NULL; - } + sk_X509_pop_free(ctx->extra_certs, X509_free); + ctx->extra_certs = NULL; while ((ca = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback, diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 23e1a2d350..9b60d664e5 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: t1_lib.c,v 1.110 2017/01/24 12:24:07 jsing Exp $ */ +/* $OpenBSD: t1_lib.c,v 1.111 2017/01/24 14:57:31 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1593,10 +1593,8 @@ ssl_parse_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char *d, } sdata = data; if (dsize > 0) { - if (s->internal->tlsext_ocsp_exts) { - sk_X509_EXTENSION_pop_free(s->internal->tlsext_ocsp_exts, - X509_EXTENSION_free); - } + sk_X509_EXTENSION_pop_free(s->internal->tlsext_ocsp_exts, + X509_EXTENSION_free); s->internal->tlsext_ocsp_exts = d2i_X509_EXTENSIONS(NULL, -- cgit v1.2.3-55-g6feb