end:
- if (xis)
- sk_X509_INFO_pop_free(xis, X509_INFO_free);
+ sk_X509_INFO_pop_free(xis, X509_INFO_free);
if (rv == 0) {
if (pcerts) {
BIO_free_all(Sout);
BIO_free_all(out);
BIO_free_all(in);
-
- if (cert_sk)
- sk_X509_pop_free(cert_sk, X509_free);
+ sk_X509_pop_free(cert_sk, X509_free);
if (ret)
ERR_print_errors(bio_err);
if (sigopts)
sk_OPENSSL_STRING_free(sigopts);
EVP_PKEY_free(pkey);
- if (x509)
- X509_free(x509);
+ X509_free(x509);
X509_CRL_free(crl);
NCONF_free(conf);
NCONF_free(extconf);
ext_copy, selfsign);
end:
- if (req != NULL)
- X509_REQ_free(req);
+ X509_REQ_free(req);
BIO_free(in);
return (ok);
}
ext_copy, 0);
end:
- if (rreq != NULL)
- X509_REQ_free(rreq);
- if (req != NULL)
- X509_free(req);
+ X509_REQ_free(rreq);
+ X509_free(req);
return (ok);
}
if (push != NULL) {
if (!X509_NAME_add_entry(subject, push, -1, 0)) {
- if (push != NULL)
- X509_NAME_ENTRY_free(push);
+ X509_NAME_ENTRY_free(push);
BIO_printf(bio_err, "Memory allocation failure\n");
goto end;
}
/*
* Free the current entries if any, there should not be any I believe
*/
- if (ci->extensions != NULL)
- sk_X509_EXTENSION_pop_free(ci->extensions, X509_EXTENSION_free);
+ sk_X509_EXTENSION_pop_free(ci->extensions, X509_EXTENSION_free);
ci->extensions = NULL;
if (row[i] != NULL)
OPENSSL_free(row[i]);
- if (CAname != NULL)
- X509_NAME_free(CAname);
- if (subject != NULL)
- X509_NAME_free(subject);
- if ((dn_subject != NULL) && !email_dn)
+ X509_NAME_free(CAname);
+ X509_NAME_free(subject);
+ if (dn_subject != subject)
X509_NAME_free(dn_subject);
ASN1_UTCTIME_free(tmptm);
- if (ok <= 0) {
- if (ret != NULL)
- X509_free(ret);
- ret = NULL;
- } else
+ if (ok <= 0)
+ X509_free(ret);
+ else
*xret = ret;
return (ok);
}
verbose, req, ext_sect, lconf, certopt, nameopt, default_op,
ext_copy, 0);
end:
- if (req != NULL)
- X509_REQ_free(req);
+ X509_REQ_free(req);
if (parms != NULL)
CONF_free(parms);
if (spki != NULL)
NETSCAPE_SPKI_free(spki);
- if (ne != NULL)
- X509_NAME_ENTRY_free(ne);
+ X509_NAME_ENTRY_free(ne);
return (ok);
}
BIO_free(in);
BIO_free_all(out);
PKCS7_free(p7);
- if (crl != NULL)
- X509_CRL_free(crl);
+ X509_CRL_free(crl);
return (ret);
}
end:
/* never need to OPENSSL_free x */
BIO_free(in);
- if (sk != NULL)
- sk_X509_INFO_free(sk);
+ sk_X509_INFO_free(sk);
return (ret);
}
ERR_print_errors(bio_err);
X509_free(signer);
X509_STORE_free(store);
- if (vpm)
- X509_VERIFY_PARAM_free(vpm);
+ X509_VERIFY_PARAM_free(vpm);
EVP_PKEY_free(key);
EVP_PKEY_free(rkey);
X509_free(cert);
export_end:
EVP_PKEY_free(key);
- if (certs)
- sk_X509_pop_free(certs, X509_free);
- if (ucert)
- X509_free(ucert);
+ sk_X509_pop_free(certs, X509_free);
+ X509_free(ucert);
goto end;
{
SSL_EXCERT *curr;
while (exc) {
- if (exc->cert)
- X509_free(exc->cert);
+ X509_free(exc->cert);
EVP_PKEY_free(exc->key);
- if (exc->chain)
- sk_X509_pop_free(exc->chain, X509_free);
+ sk_X509_pop_free(exc->chain, X509_free);
curr = exc;
exc = exc->next;
OPENSSL_free(curr);
BIO_printf(bio_err, "Hash used: %s\n", OBJ_nid2sn(nid));
} else
BIO_puts(bio_err, "No peer certificate\n");
- if (peer)
- X509_free(peer);
+ X509_free(peer);
#ifndef OPENSSL_NO_EC
ssl_print_point_formats(bio_err, s);
if (SSL_is_server(s))
}
rv = 1;
err:
- if (vfy)
- X509_STORE_free(vfy);
- if (ch)
- X509_STORE_free(ch);
+ X509_STORE_free(vfy);
+ X509_STORE_free(ch);
return rv;
}
OPENSSL_free(next_proto.data);
#endif
SSL_CTX_free(ctx);
- if (cert)
- X509_free(cert);
+ X509_free(cert);
if (crls)
sk_X509_CRL_pop_free(crls, X509_CRL_free);
EVP_PKEY_free(key);
- if (chain)
- sk_X509_pop_free(chain, X509_free);
+ sk_X509_pop_free(chain, X509_free);
if (pass)
OPENSSL_free(pass);
- if (vpm)
- X509_VERIFY_PARAM_free(vpm);
+ X509_VERIFY_PARAM_free(vpm);
ssl_excert_free(exc);
sk_OPENSSL_STRING_free(ssl_args);
SSL_CONF_CTX_free(cctx);
}
}
BIO_printf(bio, "---\n");
- if (peer != NULL)
- X509_free(peer);
+ X509_free(peer);
/* flush, or debugging output gets mixed with http response */
(void)BIO_flush(bio);
}
ret = 0;
end:
SSL_CTX_free(ctx);
- if (s_cert)
- X509_free(s_cert);
- if (crls)
- sk_X509_CRL_pop_free(crls, X509_CRL_free);
- if (s_dcert)
- X509_free(s_dcert);
+ X509_free(s_cert);
+ sk_X509_CRL_pop_free(crls, X509_CRL_free);
+ X509_free(s_dcert);
EVP_PKEY_free(s_key);
EVP_PKEY_free(s_dkey);
- if (s_chain)
- sk_X509_pop_free(s_chain, X509_free);
- if (s_dchain)
- sk_X509_pop_free(s_dchain, X509_free);
+ sk_X509_pop_free(s_chain, X509_free);
+ sk_X509_pop_free(s_dchain, X509_free);
if (pass)
OPENSSL_free(pass);
if (dpass)
OPENSSL_free(dpass);
- if (vpm)
- X509_VERIFY_PARAM_free(vpm);
+ X509_VERIFY_PARAM_free(vpm);
free_sessions();
#ifndef OPENSSL_NO_TLSEXT
if (tlscstatp.host)
OPENSSL_free(tlscstatp.port);
if (tlscstatp.path)
OPENSSL_free(tlscstatp.path);
+ if (ctx2 != NULL)
SSL_CTX_free(ctx2);
- if (s_cert2)
- X509_free(s_cert2);
+ X509_free(s_cert2);
EVP_PKEY_free(s_key2);
BIO_free(serverinfo_in);
# ifndef OPENSSL_NO_NEXTPROTONEG
ERR_print_errors(bio_err);
sk_X509_pop_free(encerts, X509_free);
sk_X509_pop_free(other, X509_free);
- if (vpm)
- X509_VERIFY_PARAM_free(vpm);
+ X509_VERIFY_PARAM_free(vpm);
if (sksigners)
sk_OPENSSL_STRING_free(sksigners);
if (skkeys)
}
end:
- if (vpm)
- X509_VERIFY_PARAM_free(vpm);
- if (store != NULL)
- X509_STORE_free(store);
+ X509_VERIFY_PARAM_free(vpm);
+ X509_STORE_free(store);
sk_X509_pop_free(untrusted, X509_free);
sk_X509_pop_free(trusted, X509_free);
sk_X509_CRL_pop_free(crls, X509_CRL_free);
}
sk_X509_pop_free(chain, X509_free);
}
- if (x != NULL)
- X509_free(x);
+ X509_free(x);
return (ret);
}
}
#endif
- if (x->x509 != NULL)
- X509_free(x->x509);
- if (x->crl != NULL)
- X509_CRL_free(x->crl);
- if (x->x_pkey != NULL)
- X509_PKEY_free(x->x_pkey);
+ X509_free(x->x509);
+ X509_CRL_free(x->crl);
+ X509_PKEY_free(x->x_pkey);
if (x->enc_data != NULL)
OPENSSL_free(x->enc_data);
OPENSSL_free(x);
}
#endif
- if (x->enc_algor != NULL)
- X509_ALGOR_free(x->enc_algor);
+ X509_ALGOR_free(x->enc_algor);
ASN1_OCTET_STRING_free(x->enc_pkey);
EVP_PKEY_free(x->dec_pkey);
if ((x->key_data != NULL) && (x->key_free))
goto error;
}
- if (*x != NULL)
- X509_PUBKEY_free(*x);
-
+ X509_PUBKEY_free(*x);
*x = pk;
-
return 1;
+
error:
- if (pk != NULL)
- X509_PUBKEY_free(pk);
+ X509_PUBKEY_free(pk);
return 0;
}
if (operation == ASN1_OP_FREE_POST) {
CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
EVP_PKEY_free(si->pkey);
- if (si->signer)
- X509_free(si->signer);
+ X509_free(si->signer);
if (si->pctx)
EVP_MD_CTX_cleanup(&si->mctx);
}
if (ri->type == CMS_RECIPINFO_TRANS) {
CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
EVP_PKEY_free(ktri->pkey);
- if (ktri->recip)
- X509_free(ktri->recip);
+ X509_free(ktri->recip);
EVP_PKEY_CTX_free(ktri->pctx);
} else if (ri->type == CMS_RECIPINFO_KEK) {
CMS_KEKRecipientInfo *kekri = ri->d.kekri;
EVP_CIPHER_CTX_cleanup(&ctx);
if (ri)
M_ASN1_free_of(ri, CMS_RecipientInfo);
- if (encalg)
- X509_ALGOR_free(encalg);
+ X509_ALGOR_free(encalg);
return NULL;
}
EVP_PKEY_free(si->pkey);
si->pkey = X509_get_pubkey(signer);
}
- if (si->signer)
- X509_free(si->signer);
+ X509_free(si->signer);
si->signer = signer;
}
if (out != tmpout)
BIO_free_all(tmpout);
- if (cms_certs)
- sk_X509_pop_free(cms_certs, X509_free);
- if (crls)
- sk_X509_CRL_pop_free(crls, X509_CRL_free);
+ sk_X509_pop_free(cms_certs, X509_free);
+ sk_X509_CRL_pop_free(crls, X509_CRL_free);
return ret;
}
rv = 1;
err:
- if (kekalg)
- X509_ALGOR_free(kekalg);
- if (dukm)
- OPENSSL_free(dukm);
+ X509_ALGOR_free(kekalg);
+ OPENSSL_free(dukm);
return rv;
}
rv = 1;
err:
- if (penc)
- OPENSSL_free(penc);
- if (wrap_alg)
- X509_ALGOR_free(wrap_alg);
+ OPENSSL_free(penc);
+ X509_ALGOR_free(wrap_alg);
return rv;
}
rv = 1;
err:
- if (kekalg)
- X509_ALGOR_free(kekalg);
- if (der)
- OPENSSL_free(der);
+ X509_ALGOR_free(kekalg);
+ OPENSSL_free(der);
return rv;
}
rv = 1;
err:
- if (penc)
- OPENSSL_free(penc);
- if (wrap_alg)
- X509_ALGOR_free(wrap_alg);
+ OPENSSL_free(penc);
+ X509_ALGOR_free(wrap_alg);
return rv;
}
}
#endif
EVP_PKEY_free_it(x);
- if (x->attributes)
- sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
+ sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
OPENSSL_free(x);
}
}
end:
- if (chain)
- sk_X509_pop_free(chain, X509_free);
+ sk_X509_pop_free(chain, X509_free);
if (bs->certs && certs)
sk_X509_free(untrusted);
return ret;
}
ok = 1;
err:
- if (xi != NULL)
- X509_INFO_free(xi);
+ X509_INFO_free(xi);
if (!ok) {
for (i = 0; ((int)i) < sk_X509_INFO_num(ret); i++) {
xi = sk_X509_INFO_value(ret, i);
goto err;
x = NULL;
}
- if (x)
- X509_free(x);
+ X509_free(x);
}
- if (ocerts)
- sk_X509_pop_free(ocerts, X509_free);
+ sk_X509_pop_free(ocerts, X509_free);
return 1;
if (pkey)
EVP_PKEY_free(*pkey);
- if (cert && *cert)
+ if (cert)
X509_free(*cert);
- if (x)
- X509_free(x);
- if (ocerts)
- sk_X509_pop_free(ocerts, X509_free);
+ X509_free(x);
+ sk_X509_pop_free(ocerts, X509_free);
return 0;
}
{
int i;
- if (p7si->auth_attr != NULL)
- sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr, X509_ATTRIBUTE_free);
+ sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr, X509_ATTRIBUTE_free);
p7si->auth_attr = sk_X509_ATTRIBUTE_dup(sk);
if (p7si->auth_attr == NULL)
return 0;
{
int i;
- if (p7si->unauth_attr != NULL)
- sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, X509_ATTRIBUTE_free);
+ sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, X509_ATTRIBUTE_free);
p7si->unauth_attr = sk_X509_ATTRIBUTE_dup(sk);
if (p7si->unauth_attr == NULL)
return 0;
}
return si;
err:
- if (smcap)
- sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
+ sk_X509_ALGOR_pop_free(smcap, X509_ALGOR_free);
return NULL;
}
rv = rsa_pss_param_print(bp, pss, maskHash, indent);
if (pss)
RSA_PSS_PARAMS_free(pss);
- if (maskHash)
- X509_ALGOR_free(maskHash);
+ X509_ALGOR_free(maskHash);
if (!rv)
return 0;
} else if (!sig && BIO_puts(bp, "\n") <= 0)
stmp = NULL;
err:
ASN1_STRING_free(stmp);
- if (algtmp)
- X509_ALGOR_free(algtmp);
+ X509_ALGOR_free(algtmp);
if (*palg)
return 1;
return 0;
err:
RSA_PSS_PARAMS_free(pss);
- if (maskHash)
- X509_ALGOR_free(maskHash);
+ X509_ALGOR_free(maskHash);
return rv;
}
err:
RSA_OAEP_PARAMS_free(oaep);
- if (maskHash)
- X509_ALGOR_free(maskHash);
+ X509_ALGOR_free(maskHash);
return rv;
}
ret = 1;
}
err:
- if (sig != NULL)
- X509_SIG_free(sig);
+ X509_SIG_free(sig);
if (s != NULL) {
OPENSSL_cleanse(s, (unsigned int)siglen);
OPENSSL_free(s);
TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE);
return 0;
}
- if (ctx->signer_cert)
- X509_free(ctx->signer_cert);
+ X509_free(ctx->signer_cert);
ctx->signer_cert = signer;
CRYPTO_add(&ctx->signer_cert->references, +1, CRYPTO_LOCK_X509);
return 1;
int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs)
{
- if (ctx->certs) {
- sk_X509_pop_free(ctx->certs, X509_free);
- ctx->certs = NULL;
- }
+ sk_X509_pop_free(ctx->certs, X509_free);
+ ctx->certs = NULL;
if (!certs)
return 1;
if (!(ctx->certs = X509_chain_up_ref(certs))) {
goto err;
}
err:
- if (x != NULL)
- X509_free(x);
+ X509_free(x);
BIO_free(in);
return (ret);
}
goto err;
}
err:
- if (x != NULL)
- X509_CRL_free(x);
+ X509_CRL_free(x);
BIO_free(in);
return (ret);
}
err:
X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_MALLOC_FAILURE);
err2:
- if (new_attr != NULL)
- X509_ATTRIBUTE_free(new_attr);
- if (sk != NULL)
- sk_X509_ATTRIBUTE_free(sk);
+ X509_ATTRIBUTE_free(new_attr);
+ sk_X509_ATTRIBUTE_free(sk);
return (NULL);
}
static void cleanup(X509_OBJECT *a)
{
+ if (!a)
+ return;
if (a->type == X509_LU_X509) {
X509_free(a->data.x509);
} else if (a->type == X509_LU_CRL) {
sk_X509_OBJECT_pop_free(vfy->objs, cleanup);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data);
- if (vfy->param)
- X509_VERIFY_PARAM_free(vfy->param);
+ X509_VERIFY_PARAM_free(vfy->param);
OPENSSL_free(vfy);
}
void X509_OBJECT_free_contents(X509_OBJECT *a)
{
+ if (!a)
+ return;
switch (a->type) {
case X509_LU_X509:
X509_free(a->data.x509);
if (!X509_sign(ret, pkey, EVP_md5()))
goto err;
- if (0) {
+ return ret;
+
err:
- X509_free(ret);
- ret = NULL;
- }
- return (ret);
+ X509_free(ret);
+ return NULL;
}
err:
X509err(X509_F_X509V3_ADD_EXT, ERR_R_MALLOC_FAILURE);
err2:
- if (new_ex != NULL)
- X509_EXTENSION_free(new_ex);
- if (sk != NULL)
- sk_X509_EXTENSION_free(sk);
+ X509_EXTENSION_free(new_ex);
+ sk_X509_EXTENSION_free(sk);
return (NULL);
}
end:
X509_get_pubkey_parameters(NULL, ctx->chain);
}
- if (sktmp != NULL)
- sk_X509_free(sktmp);
- if (chain_ss != NULL)
- X509_free(chain_ss);
+ sk_X509_free(sktmp);
+ X509_free(chain_ss);
return ok;
}
}
if (best_crl) {
- if (*pcrl)
- X509_CRL_free(*pcrl);
+ X509_CRL_free(*pcrl);
*pcrl = best_crl;
*pissuer = best_crl_issuer;
*pscore = best_score;
memerr:
X509err(X509_F_X509_CRL_DIFF, ERR_R_MALLOC_FAILURE);
- if (crl)
- X509_CRL_free(crl);
+ X509_CRL_free(crl);
return NULL;
}
void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
{
+ if (!ctx)
+ return;
X509_STORE_CTX_cleanup(ctx);
OPENSSL_free(ctx);
}
X509_VERIFY_PARAM_free(ctx->param);
ctx->param = NULL;
}
- if (ctx->tree != NULL) {
- X509_policy_tree_free(ctx->tree);
- ctx->tree = NULL;
- }
- if (ctx->chain != NULL) {
- sk_X509_pop_free(ctx->chain, X509_free);
- ctx->chain = NULL;
- }
+ X509_policy_tree_free(ctx->tree);
+ ctx->tree = NULL;
+ sk_X509_pop_free(ctx->chain, X509_free);
+ ctx->chain = NULL;
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE_CTX, ctx, &(ctx->ex_data));
memset(&ctx->ex_data, 0, sizeof(CRYPTO_EX_DATA));
}
void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param)
{
- if (ctx->param)
- X509_VERIFY_PARAM_free(ctx->param);
+ X509_VERIFY_PARAM_free(ctx->param);
ctx->param = param;
}
{
X509_VERIFY_PARAM *param;
X509_VERIFY_PARAM_ID *paramid;
+
param = OPENSSL_malloc(sizeof(X509_VERIFY_PARAM));
if (!param)
return NULL;
void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param)
{
- if (param == NULL)
+ if (!param)
return;
x509_verify_param_zero(param);
OPENSSL_free(param->id);
void X509_VERIFY_PARAM_table_cleanup(void)
{
- if (param_table)
- sk_X509_VERIFY_PARAM_pop_free(param_table, X509_VERIFY_PARAM_free);
+ sk_X509_VERIFY_PARAM_pop_free(param_table, X509_VERIFY_PARAM_free);
param_table = NULL;
}
}
return (1);
err:
- if (new_name != NULL)
- X509_NAME_ENTRY_free(new_name);
+ X509_NAME_ENTRY_free(new_name);
return (0);
}
ASN1_TYPE_set(val, atrtype, value);
return (ret);
err:
- if (ret != NULL)
- X509_ATTRIBUTE_free(ret);
+ X509_ATTRIBUTE_free(ret);
ASN1_TYPE_free(val);
return (NULL);
}
memerr:
ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE);
if (ret) {
- if (ret->entries)
- sk_X509_NAME_ENTRY_free(ret->entries);
+ sk_X509_NAME_ENTRY_free(ret->entries);
OPENSSL_free(ret);
}
return 0;
static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
X509_NAME *a;
+
if (!pval || !*pval)
return;
a = (X509_NAME *)*pval;
*in = p;
return ret;
err:
- if (nm.x != NULL)
- X509_NAME_free(nm.x);
+ X509_NAME_free(nm.x);
ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
return 0;
}
err:
- if (tmpentry)
- X509_NAME_ENTRY_free(tmpentry);
- if (intname)
- sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname,
- local_sk_X509_NAME_ENTRY_pop_free);
+ X509_NAME_ENTRY_free(tmpentry);
+ sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname,
+ local_sk_X509_NAME_ENTRY_pop_free);
return ret;
}
return;
if (cache->anyPolicy)
policy_data_free(cache->anyPolicy);
- if (cache->data)
- sk_X509_POLICY_DATA_pop_free(cache->data, policy_data_free);
+ sk_X509_POLICY_DATA_pop_free(cache->data, policy_data_free);
OPENSSL_free(cache);
}
sk_X509_POLICY_NODE_pop_free(tree->user_policies, exnode_free);
for (i = 0, curr = tree->levels; i < tree->nlevel; i++, curr++) {
- if (curr->cert)
- X509_free(curr->cert);
- if (curr->nodes)
- sk_X509_POLICY_NODE_pop_free(curr->nodes, policy_node_free);
+ X509_free(curr->cert);
+ sk_X509_POLICY_NODE_pop_free(curr->nodes, policy_node_free);
if (curr->anyPolicy)
policy_node_free(curr->anyPolicy);
}
- if (tree->extra_data)
- sk_X509_POLICY_DATA_pop_free(tree->extra_data, policy_data_free);
-
+ sk_X509_POLICY_DATA_pop_free(tree->extra_data, policy_data_free);
OPENSSL_free(tree->levels);
OPENSSL_free(tree);
err:
if (fnm)
sk_GENERAL_NAME_pop_free(fnm, GENERAL_NAME_free);
- if (rnm)
- sk_X509_NAME_ENTRY_pop_free(rnm, X509_NAME_ENTRY_free);
+ sk_X509_NAME_ENTRY_pop_free(rnm, X509_NAME_ENTRY_free);
return -1;
}
break;
case ASN1_OP_FREE_POST:
- if (dpn->dpname)
- X509_NAME_free(dpn->dpname);
+ X509_NAME_free(dpn->dpname);
break;
}
return 1;
if (cms)
CMS_ContentInfo_free(cms);
- if (rcert)
- X509_free(rcert);
+ X509_free(rcert);
EVP_PKEY_free(rkey);
BIO_free(in);
if (cms)
CMS_ContentInfo_free(cms);
- if (rcert)
- X509_free(rcert);
+ X509_free(rcert);
EVP_PKEY_free(rkey);
BIO_free(in);
if (cms)
CMS_ContentInfo_free(cms);
- if (rcert)
- X509_free(rcert);
- if (recips)
- sk_X509_pop_free(recips, X509_free);
+ X509_free(rcert);
+ sk_X509_pop_free(recips, X509_free);
BIO_free(in);
BIO_free(out);
if (cms)
CMS_ContentInfo_free(cms);
- if (rcert)
- X509_free(rcert);
- if (recips)
- sk_X509_pop_free(recips, X509_free);
+ X509_free(rcert);
+ sk_X509_pop_free(recips, X509_free);
BIO_free(in);
BIO_free(out);
if (cms)
CMS_ContentInfo_free(cms);
- if (scert)
- X509_free(scert);
+ X509_free(scert);
EVP_PKEY_free(skey);
BIO_free(in);
if (cms)
CMS_ContentInfo_free(cms);
- if (scert)
- X509_free(scert);
+ X509_free(scert);
EVP_PKEY_free(skey);
-
- if (scert2)
- X509_free(scert2);
+ X509_free(scert2);
EVP_PKEY_free(skey2);
-
BIO_free(in);
BIO_free(out);
BIO_free(tbio);
if (cms)
CMS_ContentInfo_free(cms);
- if (cacert)
- X509_free(cacert);
+ X509_free(cacert);
BIO_free(in);
BIO_free(out);
peercert = SSL_get_peer_certificate(ssl);
tls_get_x509_subject_name_oneline(peercert, &peer);
- if (peercert != NULL)
- X509_free(peercert);
+ X509_free(peercert);
}
if (peer.str[0] == '\0')
v_ok = '0'; /* no cert at all */
ERR_print_errors_fp(stderr);
}
PKCS7_free(p7);
- if (rcert)
- X509_free(rcert);
+ X509_free(rcert);
EVP_PKEY_free(rkey);
BIO_free(in);
BIO_free(out);
ERR_print_errors_fp(stderr);
}
PKCS7_free(p7);
- if (rcert)
- X509_free(rcert);
- if (recips)
- sk_X509_pop_free(recips, X509_free);
+ X509_free(rcert);
+ sk_X509_pop_free(recips, X509_free);
BIO_free(in);
BIO_free(out);
BIO_free(tbio);
ERR_print_errors_fp(stderr);
}
PKCS7_free(p7);
- if (scert)
- X509_free(scert);
+ X509_free(scert);
EVP_PKEY_free(skey);
BIO_free(in);
BIO_free(out);
ERR_print_errors_fp(stderr);
}
PKCS7_free(p7);
- if (scert)
- X509_free(scert);
+ X509_free(scert);
EVP_PKEY_free(skey);
- if (scert2)
- X509_free(scert2);
+ X509_free(scert2);
EVP_PKEY_free(skey2);
BIO_free(in);
BIO_free(out);
ERR_print_errors_fp(stderr);
}
PKCS7_free(p7);
- if (cacert)
- X509_free(cacert);
+ X509_free(cacert);
BIO_free(in);
BIO_free(out);
BIO_free(tbio);
pk = NULL;
ok = 1;
err:
- if (pk != NULL)
- X509_PUBKEY_free(pk);
+ X509_PUBKEY_free(pk);
return (ok);
}
X509_STORE_CTX_free() completely frees up B<ctx>. After this call B<ctx>
is no longer valid.
+If B<ctx> is NULL nothing is done.
X509_STORE_CTX_init() sets up B<ctx> for a subsequent verification operation.
The trusted certificate store is set to B<store>, the end entity certificate
X509_new() allocates and initializes a X509 structure.
X509_free() frees up the B<X509> structure B<a>.
+If B<a> is NULL nothing is done.
=head1 RETURN VALUES
* Why would the following ever happen? We just created sc a couple
* of lines ago.
*/
- if (sc->peer_pkeys[i].x509 != NULL)
- X509_free(sc->peer_pkeys[i].x509);
+ X509_free(sc->peer_pkeys[i].x509);
sc->peer_pkeys[i].x509 = x;
sc->peer_key = &(sc->peer_pkeys[i]);
- if (s->session->peer != NULL)
- X509_free(s->session->peer);
+ X509_free(s->session->peer);
CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
s->session->peer = x;
} else {
sc->peer_cert_type = i;
sc->peer_key = NULL;
- if (s->session->peer != NULL)
- X509_free(s->session->peer);
+ X509_free(s->session->peer);
s->session->peer = NULL;
}
s->session->verify_result = s->verify_result;
/* we should setup a certificate to return.... */
s->s3->tmp.cert_req = 1;
s->s3->tmp.ctype_num = ctype_num;
- if (s->s3->tmp.ca_names != NULL)
- sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
+ sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
s->s3->tmp.ca_names = ca_sk;
ca_sk = NULL;
ret = 1;
err:
- if (ca_sk != NULL)
- sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
+ sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
return (ret);
}
SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
}
- if (x509 != NULL)
- X509_free(x509);
+ X509_free(x509);
if (pkey != NULL)
EVP_PKEY_free(pkey);
if (i && !ssl3_check_client_certificate(s))
EC_KEY_free(s->s3->tmp.ecdh);
#endif
- if (s->s3->tmp.ca_names != NULL)
- sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
+ sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
BIO_free(s->s3->handshake_buffer);
if (s->s3->handshake_dgst)
ssl3_free_digest_list(s);
int init_extra;
ssl3_cleanup_key_block(s);
- if (s->s3->tmp.ca_names != NULL)
- sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
+ sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
#ifndef OPENSSL_NO_DH
DH_free(s->s3->tmp.dh);
break;
case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
- if (ctx->extra_certs) {
- sk_X509_pop_free(ctx->extra_certs, X509_free);
- ctx->extra_certs = NULL;
- }
+ sk_X509_pop_free(ctx->extra_certs, X509_free);
+ ctx->extra_certs = NULL;
break;
case SSL_CTRL_CHAIN:
EVP_PKEY_free(pkey);
}
- if (s->session->peer != NULL) /* This should not be needed */
- X509_free(s->session->peer);
+ X509_free(s->session->peer);
s->session->peer = sk_X509_shift(sk);
s->session->verify_result = s->verify_result;
goto err;
}
}
- if (s->session->sess_cert->cert_chain != NULL)
- sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
+ sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
s->session->sess_cert->cert_chain = sk;
/*
* Inconsistency alert: cert_chain does *not* include the peer's own
ssl3_send_alert(s, SSL3_AL_FATAL, al);
}
err:
- if (x != NULL)
- X509_free(x);
- if (sk != NULL)
- sk_X509_pop_free(sk, X509_free);
+ X509_free(x);
+ sk_X509_pop_free(sk, X509_free);
return (ret);
}
return;
for (i = 0; i < SSL_PKEY_NUM; i++) {
CERT_PKEY *cpk = c->pkeys + i;
- if (cpk->x509) {
- X509_free(cpk->x509);
- cpk->x509 = NULL;
- }
+ X509_free(cpk->x509);
+ cpk->x509 = NULL;
EVP_PKEY_free(cpk->privatekey);
cpk->privatekey = NULL;
- if (cpk->chain) {
- sk_X509_pop_free(cpk->chain, X509_free);
- cpk->chain = NULL;
- }
+ sk_X509_pop_free(cpk->chain, X509_free);
+ cpk->chain = NULL;
#ifndef OPENSSL_NO_TLSEXT
if (cpk->serverinfo) {
OPENSSL_free(cpk->serverinfo);
OPENSSL_free(c->shared_sigalgs);
if (c->ctypes)
OPENSSL_free(c->ctypes);
- if (c->verify_store)
- X509_STORE_free(c->verify_store);
- if (c->chain_store)
- X509_STORE_free(c->chain_store);
+ X509_STORE_free(c->verify_store);
+ X509_STORE_free(c->chain_store);
if (c->ciphers_raw)
OPENSSL_free(c->ciphers_raw);
#ifndef OPENSSL_NO_TLSEXT
CERT_PKEY *cpk = s ? s->cert->key : ctx->cert->key;
if (!cpk)
return 0;
- if (cpk->chain)
- sk_X509_pop_free(cpk->chain, X509_free);
+ sk_X509_pop_free(cpk->chain, X509_free);
for (i = 0; i < sk_X509_num(chain); i++) {
r = ssl_security_cert(s, ctx, sk_X509_value(chain, i), 0, 0);
if (r != 1) {
#endif
/* i == 0 */
- if (sc->cert_chain != NULL)
- sk_X509_pop_free(sc->cert_chain, X509_free);
+ sk_X509_pop_free(sc->cert_chain, X509_free);
for (i = 0; i < SSL_PKEY_NUM; i++) {
- if (sc->peer_pkeys[i].x509 != NULL)
- X509_free(sc->peer_pkeys[i].x509);
+ X509_free(sc->peer_pkeys[i].x509);
#if 0
/*
* We don't have the peer's private key. These lines are just
static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,
STACK_OF(X509_NAME) *name_list)
{
- if (*ca_list != NULL)
- sk_X509_NAME_pop_free(*ca_list, X509_NAME_free);
-
+ sk_X509_NAME_pop_free(*ca_list, X509_NAME_free);
*ca_list = name_list;
}
if (0) {
err:
- if (ret != NULL)
- sk_X509_NAME_pop_free(ret, X509_NAME_free);
+ sk_X509_NAME_pop_free(ret, X509_NAME_free);
ret = NULL;
}
- if (sk != NULL)
- sk_X509_NAME_free(sk);
+ sk_X509_NAME_free(sk);
BIO_free(in);
- if (x != NULL)
- X509_free(x);
+ X509_free(x);
if (ret != NULL)
ERR_clear_error();
return (ret);
goto err;
}
}
- if (cpk->chain)
- sk_X509_pop_free(cpk->chain, X509_free);
+ sk_X509_pop_free(cpk->chain, X509_free);
cpk->chain = chain;
if (rv == 0)
rv = 1;
pstore = &c->chain_store;
else
pstore = &c->verify_store;
- if (*pstore)
- X509_STORE_free(*pstore);
+ X509_STORE_free(*pstore);
*pstore = store;
if (ref && store)
CRYPTO_add(&store->references, 1, CRYPTO_LOCK_X509_STORE);
}
#endif
- if (s->param)
- X509_VERIFY_PARAM_free(s->param);
-
+ X509_VERIFY_PARAM_free(s->param);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data);
if (s->bbio != NULL) {
if (s->tlsext_ellipticcurvelist)
OPENSSL_free(s->tlsext_ellipticcurvelist);
# endif /* OPENSSL_NO_EC */
- if (s->tlsext_ocsp_exts)
- sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
+ sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
if (s->tlsext_ocsp_ids)
sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
if (s->tlsext_ocsp_resp)
OPENSSL_free(s->alpn_client_proto_list);
#endif
- if (s->client_CA != NULL)
- sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
+ sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
if (s->method != NULL)
s->method->ssl_free(s);
}
#endif
- if (a->param)
- X509_VERIFY_PARAM_free(a->param);
+ X509_VERIFY_PARAM_free(a->param);
/*
* Free internal session cache. However: the remove_cb() may reference
if (a->sessions != NULL)
lh_SSL_SESSION_free(a->sessions);
- if (a->cert_store != NULL)
- X509_STORE_free(a->cert_store);
+ X509_STORE_free(a->cert_store);
if (a->cipher_list != NULL)
sk_SSL_CIPHER_free(a->cipher_list);
if (a->cipher_list_by_id != NULL)
sk_SSL_CIPHER_free(a->cipher_list_by_id);
ssl_cert_free(a->cert);
- if (a->client_CA != NULL)
- sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
- if (a->extra_certs != NULL)
- sk_X509_pop_free(a->extra_certs, X509_free);
+ sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free);
+ sk_X509_pop_free(a->extra_certs, X509_free);
a->comp_methods = NULL;
#ifndef OPENSSL_NO_SRTP
void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
{
- if (ctx->cert_store != NULL)
- X509_STORE_free(ctx->cert_store);
+ X509_STORE_free(ctx->cert_store);
ctx->cert_store = store;
}
ret = SSL_use_certificate(ssl, x);
end:
- if (x != NULL)
- X509_free(x);
+ X509_free(x);
BIO_free(in);
return (ret);
}
EVP_PKEY_free(pkey);
- if (c->pkeys[i].x509 != NULL)
- X509_free(c->pkeys[i].x509);
+ X509_free(c->pkeys[i].x509);
CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
c->pkeys[i].x509 = x;
c->key = &(c->pkeys[i]);
ret = SSL_CTX_use_certificate(ctx, x);
end:
- if (x != NULL)
- X509_free(x);
+ X509_free(x);
BIO_free(in);
return (ret);
}
OPENSSL_cleanse(ss->master_key, sizeof ss->master_key);
OPENSSL_cleanse(ss->session_id, sizeof ss->session_id);
ssl_sess_cert_free(ss->sess_cert);
- if (ss->peer != NULL)
- X509_free(ss->peer);
+ X509_free(ss->peer);
if (ss->ciphers != NULL)
sk_SSL_CIPHER_free(ss->ciphers);
#ifndef OPENSSL_NO_TLSEXT
}
sdata = data;
if (dsize > 0) {
- if (s->tlsext_ocsp_exts) {
- sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
- X509_EXTENSION_free);
- }
-
+ sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts,
+ X509_EXTENSION_free);
s->tlsext_ocsp_exts =
d2i_X509_EXTENSIONS(NULL, &sdata, dsize);
if (!s->tlsext_ocsp_exts || (data + dsize != sdata)) {
projects / oweals / openssl.git / commitdiff