# include <sys/types.h>
#endif
-#include "o_dir.h"
+#include "internal/o_dir.h"
#include <openssl/objects.h>
#include <openssl/bio.h>
#include <openssl/pem.h>
CERT *ssl_cert_new(void)
{
- CERT *ret;
+ CERT *ret = OPENSSL_malloc(sizeof(*ret));
- ret = OPENSSL_malloc(sizeof(CERT));
if (ret == NULL) {
SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE);
return (NULL);
}
- memset(ret, 0, sizeof(CERT));
+ memset(ret, 0, sizeof(*ret));
ret->key = &(ret->pkeys[SSL_PKEY_RSA_ENC]);
ret->references = 1;
CERT *ssl_cert_dup(CERT *cert)
{
- CERT *ret;
+ CERT *ret = OPENSSL_malloc(sizeof(*ret));
int i;
- ret = OPENSSL_malloc(sizeof(CERT));
if (ret == NULL) {
SSLerr(SSL_F_SSL_CERT_DUP, ERR_R_MALLOC_FAILURE);
return (NULL);
}
- memset(ret, 0, sizeof(CERT));
-
- ret->key = &ret->pkeys[cert->key - &cert->pkeys[0]];
- /*
- * or ret->key = ret->pkeys + (cert->key - cert->pkeys), if you find that
- * more readable
- */
+ memset(ret, 0, sizeof(*ret));
+ ret->key = &ret->pkeys[cert->key - cert->pkeys];
ret->valid = cert->valid;
ret->mask_k = cert->mask_k;
ret->mask_a = cert->mask_a;
sk_X509_pop_free(cpk->chain, X509_free);
cpk->chain = NULL;
#ifndef OPENSSL_NO_TLSEXT
- if (cpk->serverinfo) {
- OPENSSL_free(cpk->serverinfo);
- cpk->serverinfo = NULL;
- cpk->serverinfo_length = 0;
- }
+ OPENSSL_free(cpk->serverinfo);
+ cpk->serverinfo = NULL;
+ cpk->serverinfo_length = 0;
#endif
/* Clear all flags apart from explicit sign */
cpk->valid_flags &= CERT_PKEY_EXPLICIT_SIGN;
#endif
ssl_cert_clear_certs(c);
- if (c->peer_sigalgs)
- OPENSSL_free(c->peer_sigalgs);
- if (c->conf_sigalgs)
- OPENSSL_free(c->conf_sigalgs);
- if (c->client_sigalgs)
- OPENSSL_free(c->client_sigalgs);
- if (c->shared_sigalgs)
- OPENSSL_free(c->shared_sigalgs);
- if (c->ctypes)
- OPENSSL_free(c->ctypes);
+ OPENSSL_free(c->peer_sigalgs);
+ OPENSSL_free(c->conf_sigalgs);
+ OPENSSL_free(c->client_sigalgs);
+ OPENSSL_free(c->shared_sigalgs);
+ OPENSSL_free(c->ctypes);
X509_STORE_free(c->verify_store);
X509_STORE_free(c->chain_store);
- if (c->ciphers_raw)
- OPENSSL_free(c->ciphers_raw);
+ OPENSSL_free(c->ciphers_raw);
#ifndef OPENSSL_NO_TLSEXT
custom_exts_free(&c->cli_ext);
custom_exts_free(&c->srv_ext);
{
SESS_CERT *ret;
- ret = OPENSSL_malloc(sizeof *ret);
+ ret = OPENSSL_malloc(sizeof(*ret));
if (ret == NULL) {
SSLerr(SSL_F_SSL_SESS_CERT_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
- memset(ret, 0, sizeof *ret);
+ memset(ret, 0, sizeof(*ret));
ret->peer_key = &(ret->peer_pkeys[SSL_PKEY_RSA_ENC]);
ret->references = 1;
X509_free(sc->peer_pkeys[i].x509);
#if 0
/*
- * We don't have the peer's private key. These lines are just
+ * We don't have the peer's private key. This line is just
* here as a reminder that we're still using a not-quite-appropriate
* data structure.
*/
- if (sc->peer_pkeys[i].privatekey != NULL)
- EVP_PKEY_free(sc->peer_pkeys[i].privatekey);
+ EVP_PKEY_free(sc->peer_pkeys[i].privatekey);
#endif
}
sk_X509_NAME_push(ret, xn);
}
}
+ goto done;
- if (0) {
err:
- sk_X509_NAME_pop_free(ret, X509_NAME_free);
- ret = NULL;
- }
+ sk_X509_NAME_pop_free(ret, X509_NAME_free);
+ ret = NULL;
+ done:
sk_X509_NAME_free(sk);
BIO_free(in);
X509_free(x);
}
ERR_clear_error();
+ goto done;
- if (0) {
err:
ret = 0;
- }
+ done:
BIO_free(in);
- if (x != NULL)
- X509_free(x);
-
+ X509_free(x);
(void)sk_X509_NAME_set_cmp_func(stack, oldcmp);
-
return ret;
}
projects / openssl.git / blobdiff