Use digest tables for defaults.

[openssl.git] / ssl / ssl_conf.c

diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index d93f947eb144e1d94f88b3e92c3e08298391e283..ad20f4434c79499c39316731ecdc4ea6f136892e 100644 (file)
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -486,13 +486,13 @@ static int cmd_DHParameters(SSL_CONF_CTX *cctx, const char *value)
     DH *dh = NULL;
     BIO *in = NULL;
     if (cctx->ctx || cctx->ssl) {
-        in = BIO_new(BIO_s_file_internal());
-        if (!in)
+        in = BIO_new(BIO_s_file());
+        if (in == NULL)
             goto end;
         if (BIO_read_filename(in, value) <= 0)
             goto end;
         dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
-        if (!dh)
+        if (dh == NULL)
             goto end;
     } else
         return 1;
@@ -771,24 +771,8 @@ int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd)
 
 SSL_CONF_CTX *SSL_CONF_CTX_new(void)
 {
-    SSL_CONF_CTX *ret = OPENSSL_malloc(sizeof(*ret));
-    size_t i;
+    SSL_CONF_CTX *ret = OPENSSL_zalloc(sizeof(*ret));
 
-    if (ret) {
-        ret->flags = 0;
-        ret->prefix = NULL;
-        ret->prefixlen = 0;
-        ret->ssl = NULL;
-        ret->ctx = NULL;
-        ret->poptions = NULL;
-        ret->pcert_flags = NULL;
-        ret->pvfy_flags = NULL;
-        ret->tbl = NULL;
-        ret->ntbl = 0;
-        for (i = 0; i < SSL_PKEY_NUM; i++)
-            ret->cert_filename[i] = NULL;
-        ret->canames = NULL;
-    }
     return ret;
 }
 
@@ -832,8 +816,8 @@ void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx)
         for (i = 0; i < SSL_PKEY_NUM; i++)
             OPENSSL_free(cctx->cert_filename[i]);
         OPENSSL_free(cctx->prefix);
-        OPENSSL_free(cctx);
         sk_X509_NAME_pop_free(cctx->canames, X509_NAME_free);
+        OPENSSL_free(cctx);
     }
 }