diff options
author | Rich Salz <rsalz@openssl.org> | 2015-04-30 17:57:32 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2015-04-30 17:57:32 -0400 |
commit | 4b45c6e52b208deff7da333d1c7f84bcd3986609 (patch) | |
tree | db26f7a51ad582f203dce2145a43c3e0d4376f69 /ssl/tls_srp.c | |
parent | 68dc682499ea3fe27d909c946d7abd39062d6efd (diff) | |
download | openssl-new-4b45c6e52b208deff7da333d1c7f84bcd3986609.tar.gz |
free cleanup almost the finale
Add OPENSSL_clear_free which merges cleanse and free.
(Names was picked to be similar to BN_clear_free, etc.)
Removed OPENSSL_freeFunc macro.
Fixed the small simple ones that are left:
CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl/tls_srp.c')
-rw-r--r-- | ssl/tls_srp.c | 19 |
1 files changed, 5 insertions, 14 deletions
diff --git a/ssl/tls_srp.c b/ssl/tls_srp.c index 33d398fff7..5d895ccab3 100644 --- a/ssl/tls_srp.c +++ b/ssl/tls_srp.c @@ -339,7 +339,7 @@ int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g, int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key) { BIGNUM *K = NULL, *u = NULL; - int ret = -1, tmp_len; + int ret = -1, tmp_len = 0; unsigned char *tmp = NULL; if (!SRP_Verify_A_mod_N(s->srp_ctx.A, s->srp_ctx.N)) @@ -360,10 +360,7 @@ int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key) s->method->ssl3_enc->generate_master_secret(s, master_key, tmp, tmp_len); err: - if (tmp) { - OPENSSL_cleanse(tmp, tmp_len); - OPENSSL_free(tmp); - } + OPENSSL_clear_free(tmp, tmp_len); BN_clear_free(K); BN_clear_free(u); return ret; @@ -373,7 +370,7 @@ int SRP_generate_server_master_secret(SSL *s, unsigned char *master_key) int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key) { BIGNUM *x = NULL, *u = NULL, *K = NULL; - int ret = -1, tmp_len; + int ret = -1, tmp_len = 0; char *passwd = NULL; unsigned char *tmp = NULL; @@ -407,16 +404,10 @@ int SRP_generate_client_master_secret(SSL *s, unsigned char *master_key) s->method->ssl3_enc->generate_master_secret(s, master_key, tmp, tmp_len); err: - if (tmp) { - OPENSSL_cleanse(tmp, tmp_len); - OPENSSL_free(tmp); - } + OPENSSL_clear_free(tmp, tmp_len); BN_clear_free(K); BN_clear_free(x); - if (passwd) { - OPENSSL_cleanse(passwd, strlen(passwd)); - OPENSSL_free(passwd); - } + OPENSSL_clear_free(passwd, strlen(passwd)); BN_clear_free(u); return ret; } |