X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=apps%2Fca.c;h=abce53489618e75e801bacd99911d1c79985544f;hp=b703b425ae7934aa0e75d9b49f9881a057d072ec;hb=ff660b93126931ec37b4c4734e4ad4f4ef3c81db;hpb=23a1d5e97cd543d2b8e1b01dbf0f619b2e5ce540

diff --git a/apps/ca.c b/apps/ca.c
index b703b425ae..abce534896 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -514,10 +514,8 @@ end_of_options:
                        errorline, configfile);
         goto end;
     }
-    if (tofree) {
-        OPENSSL_free(tofree);
-        tofree = NULL;
-    }
+    OPENSSL_free(tofree);
+    tofree = NULL;
 
     /* Lets get the config section we are using */
     if (section == NULL) {
@@ -705,24 +703,13 @@ end_of_options:
 #ifndef OPENSSL_SYS_VMS
         /*
          * outdir is a directory spec, but access() for VMS demands a
-         * filename.  In any case, stat(), below, will catch the problem if
-         * outdir is not a directory spec, and the fopen() or open() will
-         * catch an error if there is no write access.
-         *
-         * Presumably, this problem could also be solved by using the DEC C
-         * routines to convert the directory syntax to Unixly, and give that
-         * to access().  However, time's too short to do that just now.
+         * filename.  We could use the DEC C routine to convert the
+         * directory syntax to Unixly, and give that to app_isdir,
+         * but for now the fopen will catch the error if it's not a
+         * directory
          */
-        if (app_access(outdir, R_OK | W_OK | X_OK) != 0)
-        {
-            BIO_printf(bio_err, "I am unable to access the %s directory\n",
-                       outdir);
-            perror(outdir);
-            goto end;
-        }
-
         if (app_isdir(outdir) <= 0) {
-            BIO_printf(bio_err, "%s need to be a directory\n", outdir);
+            BIO_printf(bio_err, "%s: %s is not a directory\n", prog, outdir);
             perror(outdir);
             goto end;
         }
@@ -1331,8 +1318,7 @@ end_of_options:
         /*****************************************************************/
     ret = 0;
  end:
-    if (tofree)
-        OPENSSL_free(tofree);
+    OPENSSL_free(tofree);
     BIO_free_all(Cout);
     BIO_free_all(Sout);
     BIO_free_all(out);
@@ -1342,13 +1328,12 @@ end_of_options:
     if (ret)
         ERR_print_errors(bio_err);
     app_RAND_write_file(randfile);
-    if (free_key && key)
+    if (free_key)
         OPENSSL_free(key);
     BN_free(serial);
     BN_free(crlnumber);
     free_index(db);
-    if (sigopts)
-        sk_OPENSSL_STRING_free(sigopts);
+    sk_OPENSSL_STRING_free(sigopts);
     EVP_PKEY_free(pkey);
     X509_free(x509);
     X509_CRL_free(crl);
@@ -1985,7 +1970,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
     row[DB_type][0] = 'V';
     row[DB_type][1] = '\0';
 
-    irow = app_malloc(sizeof(char *) * (DB_NUMBER + 1), "row space");
+    irow = app_malloc(sizeof(*irow) * (DB_NUMBER + 1), "row space");
     for (i = 0; i < DB_NUMBER; i++) {
         irow[i] = row[i];
         row[i] = NULL;
@@ -2000,8 +1985,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
     ok = 1;
  end:
     for (i = 0; i < DB_NUMBER; i++)
-        if (row[i] != NULL)
-            OPENSSL_free(row[i]);
+        OPENSSL_free(row[i]);
 
     X509_NAME_free(CAname);
     X509_NAME_free(subject);
@@ -2159,10 +2143,8 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey,
                  ext_copy, 0);
  end:
     X509_REQ_free(req);
-    if (parms != NULL)
-        CONF_free(parms);
-    if (spki != NULL)
-        NETSCAPE_SPKI_free(spki);
+    CONF_free(parms);
+    NETSCAPE_SPKI_free(spki);
     X509_NAME_ENTRY_free(ne);
 
     return (ok);
@@ -2225,7 +2207,7 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
         row[DB_type][0] = 'V';
         row[DB_type][1] = '\0';
 
-        irow = app_malloc(sizeof(char *) * (DB_NUMBER + 1), "row ptr");
+        irow = app_malloc(sizeof(*irow) * (DB_NUMBER + 1), "row ptr");
         for (i = 0; i < DB_NUMBER; i++) {
             irow[i] = row[i];
             row[i] = NULL;
@@ -2271,8 +2253,7 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
     ok = 1;
  end:
     for (i = 0; i < DB_NUMBER; i++) {
-        if (row[i] != NULL)
-            OPENSSL_free(row[i]);
+        OPENSSL_free(row[i]);
     }
     return (ok);
 }
@@ -2339,8 +2320,7 @@ static int get_certificate_status(const char *serial, CA_DB *db)
     }
  end:
     for (i = 0; i < DB_NUMBER; i++) {
-        if (row[i] != NULL)
-            OPENSSL_free(row[i]);
+        OPENSSL_free(row[i]);
     }
     return (ok);
 }
@@ -2417,7 +2397,7 @@ static const char *crl_reasons[] = {
     "CAkeyTime"
 };
 
-#define NUM_REASONS (sizeof(crl_reasons) / sizeof(char *))
+#define NUM_REASONS OSSL_NELEM(crl_reasons)
 
 /*
  * Given revocation information convert to a DB string. The format of the
@@ -2564,8 +2544,7 @@ int make_revoked(X509_REVOKED *rev, const char *str)
 
  end:
 
-    if (tmp)
-        OPENSSL_free(tmp);
+    OPENSSL_free(tmp);
     ASN1_OBJECT_free(hold);
     ASN1_GENERALIZEDTIME_free(comp_time);
     ASN1_ENUMERATED_free(rtmp);
@@ -2719,8 +2698,7 @@ int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
 
  end:
 
-    if (tmp)
-        OPENSSL_free(tmp);
+    OPENSSL_free(tmp);
     ASN1_GENERALIZEDTIME_free(comp_time);
 
     return ret;