s->client_version = s->version;
s->rwstate = SSL_NOTHING;
- if (s->init_buf != NULL) {
- BUF_MEM_free(s->init_buf);
- s->init_buf = NULL;
- }
-
+ BUF_MEM_free(s->init_buf);
+ s->init_buf = NULL;
ssl_clear_cipher_ctx(s);
ssl_clear_hash_ctx(&s->read_hash);
ssl_clear_hash_ctx(&s->write_hash);
-
s->first_packet = 0;
/*
return (NULL);
}
- s = OPENSSL_malloc(sizeof(SSL));
+ s = OPENSSL_malloc(sizeof(*s));
if (s == NULL)
goto err;
- memset(s, 0, sizeof(SSL));
+ memset(s, 0, sizeof(*s));
RECORD_LAYER_init(&s->rlayer, s);
if (s->wbio != s->rbio)
BIO_free_all(s->wbio);
- if (s->init_buf != NULL)
- BUF_MEM_free(s->init_buf);
+ BUF_MEM_free(s->init_buf);
/* add extra stuff */
- if (s->cipher_list != NULL)
- sk_SSL_CIPHER_free(s->cipher_list);
- if (s->cipher_list_by_id != NULL)
- sk_SSL_CIPHER_free(s->cipher_list_by_id);
+ sk_SSL_CIPHER_free(s->cipher_list);
+ sk_SSL_CIPHER_free(s->cipher_list_by_id);
/* Make the next call work :-) */
if (s->session != NULL) {
/* Free up if allocated */
#ifndef OPENSSL_NO_TLSEXT
- if (s->tlsext_hostname)
- OPENSSL_free(s->tlsext_hostname);
+ OPENSSL_free(s->tlsext_hostname);
SSL_CTX_free(s->initial_ctx);
# ifndef OPENSSL_NO_EC
- if (s->tlsext_ecpointformatlist)
- OPENSSL_free(s->tlsext_ecpointformatlist);
- if (s->tlsext_ellipticcurvelist)
- OPENSSL_free(s->tlsext_ellipticcurvelist);
+ OPENSSL_free(s->tlsext_ecpointformatlist);
+ OPENSSL_free(s->tlsext_ellipticcurvelist);
# endif /* OPENSSL_NO_EC */
sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
- if (s->tlsext_ocsp_ids)
- sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
- if (s->tlsext_ocsp_resp)
- OPENSSL_free(s->tlsext_ocsp_resp);
- if (s->alpn_client_proto_list)
- OPENSSL_free(s->alpn_client_proto_list);
+ sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
+ OPENSSL_free(s->tlsext_ocsp_resp);
+ OPENSSL_free(s->alpn_client_proto_list);
#endif
sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
#endif /* OPENSSL_NO_KRB5 */
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
- if (s->next_proto_negotiated)
- OPENSSL_free(s->next_proto_negotiated);
+ OPENSSL_free(s->next_proto_negotiated);
#endif
#ifndef OPENSSL_NO_SRTP
- if (s->srtp_profiles)
- sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
+ sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
#endif
OPENSSL_free(s);
SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
return (NULL);
}
- if ((skp == NULL) || (*skp == NULL))
+ if ((skp == NULL) || (*skp == NULL)) {
sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */
- else {
+ if(sk == NULL) {
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ } else {
sk = *skp;
sk_SSL_CIPHER_zero(sk);
}
- if (s->cert->ciphers_raw)
- OPENSSL_free(s->cert->ciphers_raw);
+ OPENSSL_free(s->cert->ciphers_raw);
s->cert->ciphers_raw = BUF_memdup(p, num);
if (s->cert->ciphers_raw == NULL) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
unsigned protos_len)
{
- if (ctx->alpn_client_proto_list)
- OPENSSL_free(ctx->alpn_client_proto_list);
-
+ OPENSSL_free(ctx->alpn_client_proto_list);
ctx->alpn_client_proto_list = OPENSSL_malloc(protos_len);
if (!ctx->alpn_client_proto_list)
return 1;
int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
unsigned protos_len)
{
- if (ssl->alpn_client_proto_list)
- OPENSSL_free(ssl->alpn_client_proto_list);
-
+ OPENSSL_free(ssl->alpn_client_proto_list);
ssl->alpn_client_proto_list = OPENSSL_malloc(protos_len);
if (!ssl->alpn_client_proto_list)
return 1;
SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
goto err;
}
- ret = OPENSSL_malloc(sizeof(SSL_CTX));
+ ret = OPENSSL_malloc(sizeof(*ret));
if (ret == NULL)
goto err;
- memset(ret, 0, sizeof(SSL_CTX));
+ memset(ret, 0, sizeof(*ret));
ret->method = meth;
ret->get_session_cb = 0;
ret->generate_session_id = 0;
- memset((char *)&ret->stats, 0, sizeof(ret->stats));
+ memset(&ret->stats, 0, sizeof(ret->stats));
ret->references = 1;
ret->quiet_shutdown = 0;
SSL_CTX_flush_sessions(a, 0);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_CTX, a, &a->ex_data);
-
- if (a->sessions != NULL)
- lh_SSL_SESSION_free(a->sessions);
-
+ lh_SSL_SESSION_free(a->sessions);
X509_STORE_free(a->cert_store);
- if (a->cipher_list != NULL)
- sk_SSL_CIPHER_free(a->cipher_list);
- if (a->cipher_list_by_id != NULL)
- sk_SSL_CIPHER_free(a->cipher_list_by_id);
+ sk_SSL_CIPHER_free(a->cipher_list);
+ sk_SSL_CIPHER_free(a->cipher_list_by_id);
ssl_cert_free(a->cert);
sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
sk_X509_pop_free(a->extra_certs, X509_free);
a->comp_methods = NULL;
-
#ifndef OPENSSL_NO_SRTP
- if (a->srtp_profiles)
- sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
+ sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles);
#endif
-
#ifndef OPENSSL_NO_PSK
- if (a->psk_identity_hint)
- OPENSSL_free(a->psk_identity_hint);
+ OPENSSL_free(a->psk_identity_hint);
#endif
#ifndef OPENSSL_NO_SRP
SSL_CTX_SRP_CTX_free(a);
#ifndef OPENSSL_NO_TLSEXT
# ifndef OPENSSL_NO_EC
- if (a->tlsext_ecpointformatlist)
- OPENSSL_free(a->tlsext_ecpointformatlist);
- if (a->tlsext_ellipticcurvelist)
- OPENSSL_free(a->tlsext_ellipticcurvelist);
-# endif /* OPENSSL_NO_EC */
- if (a->alpn_client_proto_list != NULL)
- OPENSSL_free(a->alpn_client_proto_list);
+ OPENSSL_free(a->tlsext_ecpointformatlist);
+ OPENSSL_free(a->tlsext_ellipticcurvelist);
+# endif
+ OPENSSL_free(a->alpn_client_proto_list);
#endif
OPENSSL_free(a);
}
}
}
+ return ret;
- if (0) {
err:
- SSL_free(ret);
- ret = NULL;
- }
- return (ret);
+ SSL_free(ret);
+ return NULL;
}
void ssl_clear_cipher_ctx(SSL *s)
s->enc_write_ctx = NULL;
}
#ifndef OPENSSL_NO_COMP
- if (s->expand != NULL) {
- COMP_CTX_free(s->expand);
- s->expand = NULL;
- }
- if (s->compress != NULL) {
- COMP_CTX_free(s->compress);
- s->compress = NULL;
- }
+ COMP_CTX_free(s->expand);
+ s->expand = NULL;
+ COMP_CTX_free(s->compress);
+ s->compress = NULL;
#endif
}
SSL_R_DATA_LENGTH_TOO_LONG);
return 0;
}
- if (ctx->psk_identity_hint != NULL)
- OPENSSL_free(ctx->psk_identity_hint);
+ OPENSSL_free(ctx->psk_identity_hint);
if (identity_hint != NULL) {
ctx->psk_identity_hint = BUF_strdup(identity_hint);
if (ctx->psk_identity_hint == NULL)
SSLerr(SSL_F_SSL_USE_PSK_IDENTITY_HINT, SSL_R_DATA_LENGTH_TOO_LONG);
return 0;
}
- if (s->session->psk_identity_hint != NULL)
- OPENSSL_free(s->session->psk_identity_hint);
+ OPENSSL_free(s->session->psk_identity_hint);
if (identity_hint != NULL) {
s->session->psk_identity_hint = BUF_strdup(identity_hint);
if (s->session->psk_identity_hint == NULL)