diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-12-18 16:15:49 +0100 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-12-21 12:11:49 +0100 |
commit | 79b2a2f2eedb9d6b24a3f6748332328cf54568fb (patch) | |
tree | 31d61a9636cccc6a378871407b11fc1fc89aa8c6 /ssl | |
parent | 0d4c52320d245be80bd69346fdda4b12b4961eae (diff) | |
download | openssl-new-79b2a2f2eedb9d6b24a3f6748332328cf54568fb.tar.gz |
add OSSL_STACK_OF_X509_free() for commonly used pattern
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17307)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s3_lib.c | 2 | ||||
-rw-r--r-- | ssl/ssl_cert.c | 12 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 6 | ||||
-rw-r--r-- | ssl/ssl_rsa.c | 2 | ||||
-rw-r--r-- | ssl/ssl_sess.c | 2 | ||||
-rw-r--r-- | ssl/statem/statem_clnt.c | 2 | ||||
-rw-r--r-- | ssl/statem/statem_srvr.c | 4 |
7 files changed, 15 insertions, 15 deletions
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 874b36fad0..120b5cedeb 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -3956,7 +3956,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) break; case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS: - sk_X509_pop_free(ctx->extra_certs, X509_free); + OSSL_STACK_OF_X509_free(ctx->extra_certs); ctx->extra_certs = NULL; break; diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 82028ec5b7..4cfd005ebe 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -212,7 +212,7 @@ void ssl_cert_clear_certs(CERT *c) cpk->x509 = NULL; EVP_PKEY_free(cpk->privatekey); cpk->privatekey = NULL; - sk_X509_pop_free(cpk->chain, X509_free); + OSSL_STACK_OF_X509_free(cpk->chain); cpk->chain = NULL; OPENSSL_free(cpk->serverinfo); cpk->serverinfo = NULL; @@ -264,7 +264,7 @@ int ssl_cert_set0_chain(SSL *s, SSL_CTX *ctx, STACK_OF(X509) *chain) return 0; } } - sk_X509_pop_free(cpk->chain, X509_free); + OSSL_STACK_OF_X509_free(cpk->chain); cpk->chain = chain; return 1; } @@ -278,7 +278,7 @@ int ssl_cert_set1_chain(SSL *s, SSL_CTX *ctx, STACK_OF(X509) *chain) if (!dchain) return 0; if (!ssl_cert_set0_chain(s, ctx, dchain)) { - sk_X509_pop_free(dchain, X509_free); + OSSL_STACK_OF_X509_free(dchain); return 0; } return 1; @@ -440,7 +440,7 @@ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) } s->verify_result = X509_STORE_CTX_get_error(ctx); - sk_X509_pop_free(s->verified_chain, X509_free); + OSSL_STACK_OF_X509_free(s->verified_chain); s->verified_chain = NULL; if (X509_STORE_CTX_get0_chain(ctx) != NULL) { s->verified_chain = X509_STORE_CTX_get1_chain(ctx); @@ -940,12 +940,12 @@ int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags) rv = ssl_security_cert(s, ctx, x, 0, 0); if (rv != 1) { ERR_raise(ERR_LIB_SSL, rv); - sk_X509_pop_free(chain, X509_free); + OSSL_STACK_OF_X509_free(chain); rv = 0; goto err; } } - sk_X509_pop_free(cpk->chain, X509_free); + OSSL_STACK_OF_X509_free(cpk->chain); cpk->chain = chain; if (rv == 0) rv = 1; diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index dc5f7d2173..20fe8bc786 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -172,7 +172,7 @@ static void dane_final(SSL_DANE *dane) sk_danetls_record_pop_free(dane->trecs, tlsa_free); dane->trecs = NULL; - sk_X509_pop_free(dane->certs, X509_free); + OSSL_STACK_OF_X509_free(dane->certs); dane->certs = NULL; X509_free(dane->mcert); @@ -1243,7 +1243,7 @@ void SSL_free(SSL *s) sk_X509_NAME_pop_free(s->ca_names, X509_NAME_free); sk_X509_NAME_pop_free(s->client_ca_names, X509_NAME_free); - sk_X509_pop_free(s->verified_chain, X509_free); + OSSL_STACK_OF_X509_free(s->verified_chain); if (s->method != NULL) s->method->ssl_free(s); @@ -3430,7 +3430,7 @@ void SSL_CTX_free(SSL_CTX *a) ssl_cert_free(a->cert); sk_X509_NAME_pop_free(a->ca_names, X509_NAME_free); sk_X509_NAME_pop_free(a->client_ca_names, X509_NAME_free); - sk_X509_pop_free(a->extra_certs, X509_free); + OSSL_STACK_OF_X509_free(a->extra_certs); a->comp_methods = NULL; #ifndef OPENSSL_NO_SRTP sk_SRTP_PROTECTION_PROFILE_free(a->srtp_profiles); diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 5509389aa2..bba0051437 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -955,7 +955,7 @@ static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *pr } } - sk_X509_pop_free(c->pkeys[i].chain, X509_free); + OSSL_STACK_OF_X509_free(c->pkeys[i].chain); c->pkeys[i].chain = dup_chain; X509_free(c->pkeys[i].x509); diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 0e756c37c1..765ae89916 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -828,7 +828,7 @@ void SSL_SESSION_free(SSL_SESSION *ss) OPENSSL_cleanse(ss->master_key, sizeof(ss->master_key)); OPENSSL_cleanse(ss->session_id, sizeof(ss->session_id)); X509_free(ss->peer); - sk_X509_pop_free(ss->peer_chain, X509_free); + OSSL_STACK_OF_X509_free(ss->peer_chain); OPENSSL_free(ss->ext.hostname); OPENSSL_free(ss->ext.tick); #ifndef OPENSSL_NO_PSK diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 12f77690cd..10e778d681 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1841,7 +1841,7 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt) err: X509_free(x); - sk_X509_pop_free(s->session->peer_chain, X509_free); + OSSL_STACK_OF_X509_free(s->session->peer_chain); s->session->peer_chain = NULL; return MSG_PROCESS_ERROR; } diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 271f5b4400..cda9b32156 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -3554,7 +3554,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt) s->session->peer = sk_X509_shift(sk); s->session->verify_result = s->verify_result; - sk_X509_pop_free(s->session->peer_chain, X509_free); + OSSL_STACK_OF_X509_free(s->session->peer_chain); s->session->peer_chain = sk; sk = NULL; @@ -3589,7 +3589,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt) err: X509_free(x); - sk_X509_pop_free(sk, X509_free); + OSSL_STACK_OF_X509_free(sk); return ret; } |