aboutsummaryrefslogtreecommitdiffstats
path: root/ssl
diff options
context:
space:
mode:
authorRich Salz <rsalz@openssl.org>2015-05-01 10:02:07 -0400
committerRich Salz <rsalz@openssl.org>2015-05-01 10:02:07 -0400
commitb548a1f11c06ccdfa4f52a539912d22d77ee309e (patch)
tree37ff8792ddf09e4805aa3ba76b805923d3c52734 /ssl
parent33fbca83dcd05b77f807fab205c4523b8cfe85b5 (diff)
downloadopenssl-b548a1f11c06ccdfa4f52a539912d22d77ee309e.tar.gz
free null cleanup finale
Don't check for NULL before calling OPENSSL_free Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r--ssl/bio_ssl.c3
-rw-r--r--ssl/d1_both.c9
-rw-r--r--ssl/record/rec_layer_d1.c21
-rw-r--r--ssl/record/ssl3_buffer.c15
-rw-r--r--ssl/record/ssl3_record.c3
-rw-r--r--ssl/s3_clnt.c36
-rw-r--r--ssl/s3_lib.c23
-rw-r--r--ssl/s3_srvr.c15
-rw-r--r--ssl/ssl_asn1.c6
-rw-r--r--ssl/ssl_ciph.c2
-rw-r--r--ssl/ssl_conf.c12
-rw-r--r--ssl/ssl_lib.c18
-rw-r--r--ssl/ssl_sess.c7
-rw-r--r--ssl/t1_enc.c6
-rw-r--r--ssl/t1_ext.c3
-rw-r--r--ssl/t1_lib.c78
16 files changed, 86 insertions, 171 deletions
diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c
index da98ea03d8..284d3ad133 100644
--- a/ssl/bio_ssl.c
+++ b/ssl/bio_ssl.c
@@ -130,8 +130,7 @@ static int ssl_free(BIO *a)
a->init = 0;
a->flags = 0;
}
- if (a->ptr != NULL)
- OPENSSL_free(a->ptr);
+ OPENSSL_free(a->ptr);
return (1);
}
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index 2a76474b98..7b7f8760d1 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -189,8 +189,7 @@ static hm_fragment *dtls1_hm_fragment_new(unsigned long frag_len,
if (reassembly) {
bitmask = OPENSSL_malloc(RSMBLY_BITMASK_SIZE(frag_len));
if (bitmask == NULL) {
- if (buf != NULL)
- OPENSSL_free(buf);
+ OPENSSL_free(buf);
OPENSSL_free(frag);
return NULL;
}
@@ -211,10 +210,8 @@ void dtls1_hm_fragment_free(hm_fragment *frag)
EVP_MD_CTX_destroy(frag->msg_header.
saved_retransmit_state.write_hash);
}
- if (frag->fragment)
- OPENSSL_free(frag->fragment);
- if (frag->reassembly)
- OPENSSL_free(frag->reassembly);
+ OPENSSL_free(frag->fragment);
+ OPENSSL_free(frag->reassembly);
OPENSSL_free(frag);
}
diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c
index 3183bcf79c..a78f150c34 100644
--- a/ssl/record/rec_layer_d1.c
+++ b/ssl/record/rec_layer_d1.c
@@ -177,27 +177,21 @@ void DTLS_RECORD_LAYER_clear(RECORD_LAYER *rl)
while ((item = pqueue_pop(d->unprocessed_rcds.q)) != NULL) {
rdata = (DTLS1_RECORD_DATA *)item->data;
- if (rdata->rbuf.buf) {
- OPENSSL_free(rdata->rbuf.buf);
- }
+ OPENSSL_free(rdata->rbuf.buf);
OPENSSL_free(item->data);
pitem_free(item);
}
while ((item = pqueue_pop(d->processed_rcds.q)) != NULL) {
rdata = (DTLS1_RECORD_DATA *)item->data;
- if (rdata->rbuf.buf) {
- OPENSSL_free(rdata->rbuf.buf);
- }
+ OPENSSL_free(rdata->rbuf.buf);
OPENSSL_free(item->data);
pitem_free(item);
}
while ((item = pqueue_pop(d->buffered_app_data.q)) != NULL) {
rdata = (DTLS1_RECORD_DATA *)item->data;
- if (rdata->rbuf.buf) {
- OPENSSL_free(rdata->rbuf.buf);
- }
+ OPENSSL_free(rdata->rbuf.buf);
OPENSSL_free(item->data);
pitem_free(item);
}
@@ -271,8 +265,7 @@ int dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
rdata = OPENSSL_malloc(sizeof(DTLS1_RECORD_DATA));
item = pitem_new(priority, rdata);
if (rdata == NULL || item == NULL) {
- if (rdata != NULL)
- OPENSSL_free(rdata);
+ OPENSSL_free(rdata);
if (item != NULL)
pitem_free(item);
@@ -304,8 +297,7 @@ int dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
if (!ssl3_setup_buffers(s)) {
SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
- if (rdata->rbuf.buf != NULL)
- OPENSSL_free(rdata->rbuf.buf);
+ OPENSSL_free(rdata->rbuf.buf);
OPENSSL_free(rdata);
pitem_free(item);
return (-1);
@@ -314,8 +306,7 @@ int dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned char *priority)
/* insert should not fail, since duplicates are dropped */
if (pqueue_insert(queue->q, item) == NULL) {
SSLerr(SSL_F_DTLS1_BUFFER_RECORD, ERR_R_INTERNAL_ERROR);
- if (rdata->rbuf.buf != NULL)
- OPENSSL_free(rdata->rbuf.buf);
+ OPENSSL_free(rdata->rbuf.buf);
OPENSSL_free(rdata);
pitem_free(item);
return (-1);
diff --git a/ssl/record/ssl3_buffer.c b/ssl/record/ssl3_buffer.c
index 732420e27b..5a8d34c6fb 100644
--- a/ssl/record/ssl3_buffer.c
+++ b/ssl/record/ssl3_buffer.c
@@ -122,8 +122,7 @@ void SSL3_BUFFER_set_data(SSL3_BUFFER *b, const unsigned char *d, int n)
void SSL3_BUFFER_release(SSL3_BUFFER *b)
{
- if (b->buf != NULL)
- OPENSSL_free(b->buf);
+ OPENSSL_free(b->buf);
b->buf = NULL;
}
@@ -224,10 +223,8 @@ int ssl3_release_write_buffer(SSL *s)
wb = RECORD_LAYER_get_wbuf(&s->rlayer);
- if (wb->buf != NULL) {
- OPENSSL_free(wb->buf);
- wb->buf = NULL;
- }
+ OPENSSL_free(wb->buf);
+ wb->buf = NULL;
return 1;
}
@@ -236,9 +233,7 @@ int ssl3_release_read_buffer(SSL *s)
SSL3_BUFFER *b;
b = RECORD_LAYER_get_rbuf(&s->rlayer);
- if (b->buf != NULL) {
- OPENSSL_free(b->buf);
- b->buf = NULL;
- }
+ OPENSSL_free(b->buf);
+ b->buf = NULL;
return 1;
}
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index 33d0b302f0..1e6f88ea1e 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -139,8 +139,7 @@ void SSL3_RECORD_clear(SSL3_RECORD *r)
void SSL3_RECORD_release(SSL3_RECORD *r)
{
- if (r->comp != NULL)
- OPENSSL_free(r->comp);
+ OPENSSL_free(r->comp);
r->comp = NULL;
}
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 71756cda2e..52ddec1455 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1401,8 +1401,7 @@ int ssl3_get_key_exchange(SSL *s)
*/
if (alg_k & SSL_kPSK) {
s->session->sess_cert = ssl_sess_cert_new();
- if (s->ctx->psk_identity_hint)
- OPENSSL_free(s->ctx->psk_identity_hint);
+ OPENSSL_free(s->ctx->psk_identity_hint);
s->ctx->psk_identity_hint = NULL;
}
#endif
@@ -1471,8 +1470,7 @@ int ssl3_get_key_exchange(SSL *s)
*/
memcpy(tmp_id_hint, p, i);
memset(tmp_id_hint + i, 0, PSK_MAX_IDENTITY_LEN + 1 - i);
- if (s->ctx->psk_identity_hint != NULL)
- OPENSSL_free(s->ctx->psk_identity_hint);
+ OPENSSL_free(s->ctx->psk_identity_hint);
s->ctx->psk_identity_hint = BUF_strdup(tmp_id_hint);
if (s->ctx->psk_identity_hint == NULL) {
al = SSL_AD_HANDSHAKE_FAILURE;
@@ -2054,10 +2052,8 @@ int ssl3_get_certificate_request(SSL *s)
/* get the certificate types */
ctype_num = *(p++);
- if (s->cert->ctypes) {
- OPENSSL_free(s->cert->ctypes);
- s->cert->ctypes = NULL;
- }
+ OPENSSL_free(s->cert->ctypes);
+ s->cert->ctypes = NULL;
if (ctype_num > SSL3_CT_NUMBER) {
/* If we exceed static buffer copy all to cert structure */
s->cert->ctypes = OPENSSL_malloc(ctype_num);
@@ -2193,10 +2189,8 @@ int ssl3_get_new_session_ticket(SSL *s)
SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, SSL_R_LENGTH_MISMATCH);
goto f_err;
}
- if (s->session->tlsext_tick) {
- OPENSSL_free(s->session->tlsext_tick);
- s->session->tlsext_ticklen = 0;
- }
+ OPENSSL_free(s->session->tlsext_tick);
+ s->session->tlsext_ticklen = 0;
s->session->tlsext_tick = OPENSSL_malloc(ticklen);
if (!s->session->tlsext_tick) {
SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE);
@@ -2257,8 +2251,7 @@ int ssl3_get_cert_status(SSL *s)
SSLerr(SSL_F_SSL3_GET_CERT_STATUS, SSL_R_LENGTH_MISMATCH);
goto f_err;
}
- if (s->tlsext_ocsp_resp)
- OPENSSL_free(s->tlsext_ocsp_resp);
+ OPENSSL_free(s->tlsext_ocsp_resp);
s->tlsext_ocsp_resp = BUF_memdup(p, resplen);
if (!s->tlsext_ocsp_resp) {
al = SSL_AD_INTERNAL_ERROR;
@@ -2786,8 +2779,7 @@ int ssl3_send_client_key_exchange(SSL *s)
/* Free allocated memory */
BN_CTX_free(bn_ctx);
- if (encodedPoint != NULL)
- OPENSSL_free(encodedPoint);
+ OPENSSL_free(encodedPoint);
EC_KEY_free(clnt_ecdh);
EVP_PKEY_free(srvr_pub_pkey);
}
@@ -2919,8 +2911,7 @@ int ssl3_send_client_key_exchange(SSL *s)
ERR_R_INTERNAL_ERROR);
goto err;
}
- if (s->session->srp_username != NULL)
- OPENSSL_free(s->session->srp_username);
+ OPENSSL_free(s->session->srp_username);
s->session->srp_username = BUF_strdup(s->srp_ctx.login);
if (s->session->srp_username == NULL) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
@@ -2985,8 +2976,7 @@ int ssl3_send_client_key_exchange(SSL *s)
t += psk_len;
s2n(psk_len, t);
- if (s->session->psk_identity_hint != NULL)
- OPENSSL_free(s->session->psk_identity_hint);
+ OPENSSL_free(s->session->psk_identity_hint);
s->session->psk_identity_hint =
BUF_strdup(s->ctx->psk_identity_hint);
if (s->ctx->psk_identity_hint != NULL
@@ -2996,8 +2986,7 @@ int ssl3_send_client_key_exchange(SSL *s)
goto psk_err;
}
- if (s->session->psk_identity != NULL)
- OPENSSL_free(s->session->psk_identity);
+ OPENSSL_free(s->session->psk_identity);
s->session->psk_identity = BUF_strdup(identity);
if (s->session->psk_identity == NULL) {
SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,
@@ -3090,8 +3079,7 @@ int ssl3_send_client_key_exchange(SSL *s)
s->cert->pms = NULL;
#ifndef OPENSSL_NO_EC
BN_CTX_free(bn_ctx);
- if (encodedPoint != NULL)
- OPENSSL_free(encodedPoint);
+ OPENSSL_free(encodedPoint);
EC_KEY_free(clnt_ecdh);
EVP_PKEY_free(srvr_pub_pkey);
#endif
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 190d0f1b93..16a60c6167 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3187,11 +3187,9 @@ void ssl3_clear(SSL *s)
s->version = SSL3_VERSION;
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
- if (s->next_proto_negotiated) {
- OPENSSL_free(s->next_proto_negotiated);
- s->next_proto_negotiated = NULL;
- s->next_proto_negotiated_len = 0;
- }
+ OPENSSL_free(s->next_proto_negotiated);
+ s->next_proto_negotiated = NULL;
+ s->next_proto_negotiated_len = 0;
#endif
}
@@ -3331,8 +3329,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
#ifndef OPENSSL_NO_TLSEXT
case SSL_CTRL_SET_TLSEXT_HOSTNAME:
if (larg == TLSEXT_NAMETYPE_host_name) {
- if (s->tlsext_hostname != NULL)
- OPENSSL_free(s->tlsext_hostname);
+ OPENSSL_free(s->tlsext_hostname);
s->tlsext_hostname = NULL;
ret = 1;
@@ -3386,8 +3383,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
return s->tlsext_ocsp_resplen;
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
- if (s->tlsext_ocsp_resp)
- OPENSSL_free(s->tlsext_ocsp_resp);
+ OPENSSL_free(s->tlsext_ocsp_resp);
s->tlsext_ocsp_resp = parg;
s->tlsext_ocsp_resplen = larg;
ret = 1;
@@ -3833,8 +3829,7 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
# ifndef OPENSSL_NO_SRP
case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
ctx->srp_ctx.srp_Mask |= SSL_kSRP;
- if (ctx->srp_ctx.login != NULL)
- OPENSSL_free(ctx->srp_ctx.login);
+ OPENSSL_free(ctx->srp_ctx.login);
ctx->srp_ctx.login = NULL;
if (parg == NULL)
break;
@@ -4281,10 +4276,8 @@ int ssl3_get_req_cert_type(SSL *s, unsigned char *p)
static int ssl3_set_req_cert_type(CERT *c, const unsigned char *p, size_t len)
{
- if (c->ctypes) {
- OPENSSL_free(c->ctypes);
- c->ctypes = NULL;
- }
+ OPENSSL_free(c->ctypes);
+ c->ctypes = NULL;
if (!p || !len)
return 1;
if (len > 0xff)
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 77420a1e7a..3e5c57af5e 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -2019,8 +2019,7 @@ int ssl3_send_server_key_exchange(SSL *s)
ssl3_send_alert(s, SSL3_AL_FATAL, al);
err:
#ifndef OPENSSL_NO_EC
- if (encodedPoint != NULL)
- OPENSSL_free(encodedPoint);
+ OPENSSL_free(encodedPoint);
BN_CTX_free(bn_ctx);
#endif
EVP_MD_CTX_cleanup(&md_ctx);
@@ -2763,16 +2762,14 @@ int ssl3_get_client_key_exchange(SSL *s)
t += psk_len;
s2n(psk_len, t);
- if (s->session->psk_identity != NULL)
- OPENSSL_free(s->session->psk_identity);
+ OPENSSL_free(s->session->psk_identity);
s->session->psk_identity = BUF_strdup((char *)p);
if (s->session->psk_identity == NULL) {
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
goto psk_err;
}
- if (s->session->psk_identity_hint != NULL)
- OPENSSL_free(s->session->psk_identity_hint);
+ OPENSSL_free(s->session->psk_identity_hint);
s->session->psk_identity_hint = BUF_strdup(s->ctx->psk_identity_hint);
if (s->ctx->psk_identity_hint != NULL &&
s->session->psk_identity_hint == NULL) {
@@ -2821,8 +2818,7 @@ int ssl3_get_client_key_exchange(SSL *s)
SSL_R_BAD_SRP_PARAMETERS);
goto f_err;
}
- if (s->session->srp_username != NULL)
- OPENSSL_free(s->session->srp_username);
+ OPENSSL_free(s->session->srp_username);
s->session->srp_username = BUF_strdup(s->srp_ctx.login);
if (s->session->srp_username == NULL) {
SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE);
@@ -3473,8 +3469,7 @@ int ssl3_send_newsession_ticket(SSL *s)
/* SSL3_ST_SW_SESSION_TICKET_B */
return ssl_do_write(s);
err:
- if (senc)
- OPENSSL_free(senc);
+ OPENSSL_free(senc);
EVP_CIPHER_CTX_cleanup(&ctx);
HMAC_CTX_cleanup(&hctx);
return -1;
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index b6e784924d..2a07a9b596 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -285,10 +285,8 @@ int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
static int ssl_session_strndup(char **pdst, ASN1_OCTET_STRING *src)
{
- if (*pdst) {
- OPENSSL_free(*pdst);
- *pdst = NULL;
- }
+ OPENSSL_free(*pdst);
+ *pdst = NULL;
if (src == NULL)
return 1;
*pdst = BUF_strndup((char *)src->data, src->length);
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 14decbc149..41af4f663e 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1560,7 +1560,7 @@ STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(const SSL_METHOD *ssl_method, STACK
if (ok && (strlen(rule_p) > 0))
ok = ssl_cipher_process_rulestr(rule_p, &head, &tail, ca_list, c);
- OPENSSL_free((void *)ca_list); /* Not needed anymore */
+ OPENSSL_free(ca_list); /* Not needed anymore */
if (!ok) { /* Rule processing failure */
OPENSSL_free(co_list);
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index 97b4fb9414..5a19a75dbf 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -380,8 +380,7 @@ static int cmd_Certificate(SSL_CONF_CTX *cctx, const char *value)
}
if (rv > 0 && c && cctx->flags & SSL_CONF_FLAG_REQUIRE_PRIVATE) {
char **pfilename = &cctx->cert_filename[c->key - c->pkeys];
- if (*pfilename)
- OPENSSL_free(*pfilename);
+ OPENSSL_free(*pfilename);
*pfilename = BUF_strdup(value);
if (!*pfilename)
rv = 0;
@@ -659,11 +658,9 @@ void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx)
if (cctx) {
size_t i;
for (i = 0; i < SSL_PKEY_NUM; i++) {
- if (cctx->cert_filename[i])
- OPENSSL_free(cctx->cert_filename[i]);
+ OPENSSL_free(cctx->cert_filename[i]);
}
- if (cctx->prefix)
- OPENSSL_free(cctx->prefix);
+ OPENSSL_free(cctx->prefix);
OPENSSL_free(cctx);
}
}
@@ -688,8 +685,7 @@ int SSL_CONF_CTX_set1_prefix(SSL_CONF_CTX *cctx, const char *pre)
if (tmp == NULL)
return 0;
}
- if (cctx->prefix)
- OPENSSL_free(cctx->prefix);
+ OPENSSL_free(cctx->prefix);
cctx->prefix = tmp;
if (tmp)
cctx->prefixlen = strlen(tmp);
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 7319cd85df..5b56ac79e3 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -570,22 +570,17 @@ void SSL_free(SSL *s)
/* Free up if allocated */
#ifndef OPENSSL_NO_TLSEXT
- if (s->tlsext_hostname)
- OPENSSL_free(s->tlsext_hostname);
+ OPENSSL_free(s->tlsext_hostname);
SSL_CTX_free(s->initial_ctx);
# ifndef OPENSSL_NO_EC
- if (s->tlsext_ecpointformatlist)
- OPENSSL_free(s->tlsext_ecpointformatlist);
- if (s->tlsext_ellipticcurvelist)
- OPENSSL_free(s->tlsext_ellipticcurvelist);
+ OPENSSL_free(s->tlsext_ecpointformatlist);
+ OPENSSL_free(s->tlsext_ellipticcurvelist);
# endif /* OPENSSL_NO_EC */
sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, X509_EXTENSION_free);
if (s->tlsext_ocsp_ids)
sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free);
- if (s->tlsext_ocsp_resp)
- OPENSSL_free(s->tlsext_ocsp_resp);
- if (s->alpn_client_proto_list)
- OPENSSL_free(s->alpn_client_proto_list);
+ OPENSSL_free(s->tlsext_ocsp_resp);
+ OPENSSL_free(s->alpn_client_proto_list);
#endif
sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
@@ -603,8 +598,7 @@ void SSL_free(SSL *s)
#endif /* OPENSSL_NO_KRB5 */
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
- if (s->next_proto_negotiated)
- OPENSSL_free(s->next_proto_negotiated);
+ OPENSSL_free(s->next_proto_negotiated);
#endif
#ifndef OPENSSL_NO_SRTP
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 34b6fac2bc..a376875803 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -931,11 +931,8 @@ int SSL_set_session_ticket_ext_cb(SSL *s, tls_session_ticket_ext_cb_fn cb,
int SSL_set_session_ticket_ext(SSL *s, void *ext_data, int ext_len)
{
if (s->version >= TLS1_VERSION) {
- if (s->tlsext_session_ticket) {
- OPENSSL_free(s->tlsext_session_ticket);
- s->tlsext_session_ticket = NULL;
- }
-
+ OPENSSL_free(s->tlsext_session_ticket);
+ s->tlsext_session_ticket = NULL;
s->tlsext_session_ticket =
OPENSSL_malloc(sizeof(TLS_SESSION_TICKET_EXT) + ext_len);
if (!s->tlsext_session_ticket) {
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index edb65582f0..e87d4b3963 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -953,10 +953,8 @@ int tls1_export_keying_material(SSL *s, unsigned char *out, size_t olen,
SSLerr(SSL_F_TLS1_EXPORT_KEYING_MATERIAL, ERR_R_MALLOC_FAILURE);
rv = 0;
ret:
- if (buff != NULL)
- OPENSSL_free(buff);
- if (val != NULL)
- OPENSSL_free(val);
+ OPENSSL_free(buff);
+ OPENSSL_free(val);
return (rv);
}
diff --git a/ssl/t1_ext.c b/ssl/t1_ext.c
index ce54f4fa15..193cae886a 100644
--- a/ssl/t1_ext.c
+++ b/ssl/t1_ext.c
@@ -195,8 +195,7 @@ int custom_exts_copy(custom_ext_methods *dst, const custom_ext_methods *src)
void custom_exts_free(custom_ext_methods *exts)
{
- if (exts->meths)
- OPENSSL_free(exts->meths);
+ OPENSSL_free(exts->meths);
}
/* Set callbacks for a custom extension. */
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index b77074a0a5..31ebfdde45 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -209,9 +209,7 @@ int tls1_new(SSL *s)
void tls1_free(SSL *s)
{
#ifndef OPENSSL_NO_TLSEXT
- if (s->tlsext_session_ticket) {
- OPENSSL_free(s->tlsext_session_ticket);
- }
+ OPENSSL_free(s->tlsext_session_ticket);
#endif /* OPENSSL_NO_TLSEXT */
ssl3_free(s);
}
@@ -576,8 +574,7 @@ int tls1_set_curves(unsigned char **pext, size_t *pextlen,
dup_list |= idmask;
s2n(id, p);
}
- if (*pext)
- OPENSSL_free(*pext);
+ OPENSSL_free(*pext);
*pext = clist;
*pextlen = ncurves * 2;
return 1;
@@ -1779,8 +1776,7 @@ static int tls1_alpn_handle_client_hello(SSL *s, const unsigned char *data,
r = s->ctx->alpn_select_cb(s, &selected, &selected_len, data, data_len,
s->ctx->alpn_select_cb_arg);
if (r == SSL_TLSEXT_ERR_OK) {
- if (s->s3->alpn_selected)
- OPENSSL_free(s->s3->alpn_selected);
+ OPENSSL_free(s->s3->alpn_selected);
s->s3->alpn_selected = OPENSSL_malloc(selected_len);
if (!s->s3->alpn_selected) {
*al = SSL_AD_INTERNAL_ERROR;
@@ -1894,10 +1890,8 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
s->s3->next_proto_neg_seen = 0;
# endif
- if (s->s3->alpn_selected) {
- OPENSSL_free(s->s3->alpn_selected);
- s->s3->alpn_selected = NULL;
- }
+ OPENSSL_free(s->s3->alpn_selected);
+ s->s3->alpn_selected = NULL;
# ifndef OPENSSL_NO_HEARTBEATS
s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
@@ -1909,19 +1903,15 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
# endif /* !OPENSSL_NO_EC */
/* Clear any signature algorithms extension received */
- if (s->cert->peer_sigalgs) {
- OPENSSL_free(s->cert->peer_sigalgs);
- s->cert->peer_sigalgs = NULL;
- }
+ OPENSSL_free(s->cert->peer_sigalgs);
+ s->cert->peer_sigalgs = NULL;
# ifdef TLSEXT_TYPE_encrypt_then_mac
s->s3->flags &= ~TLS1_FLAGS_ENCRYPT_THEN_MAC;
# endif
# ifndef OPENSSL_NO_SRP
- if (s->srp_ctx.login != NULL) {
- OPENSSL_free(s->srp_ctx.login);
- s->srp_ctx.login = NULL;
- }
+ OPENSSL_free(s->srp_ctx.login);
+ s->srp_ctx.login = NULL;
# endif
s->srtp_profile = NULL;
@@ -2078,10 +2068,8 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
return 0;
}
if (!s->hit) {
- if (s->session->tlsext_ecpointformatlist) {
- OPENSSL_free(s->session->tlsext_ecpointformatlist);
- s->session->tlsext_ecpointformatlist = NULL;
- }
+ OPENSSL_free(s->session->tlsext_ecpointformatlist);
+ s->session->tlsext_ecpointformatlist = NULL;
s->session->tlsext_ecpointformatlist_length = 0;
if ((s->session->tlsext_ecpointformatlist =
OPENSSL_malloc(ecpointformatlist_length)) == NULL) {
@@ -2387,10 +2375,8 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p,
# endif
s->tlsext_ticket_expected = 0;
- if (s->s3->alpn_selected) {
- OPENSSL_free(s->s3->alpn_selected);
- s->s3->alpn_selected = NULL;
- }
+ OPENSSL_free(s->s3->alpn_selected);
+ s->s3->alpn_selected = NULL;
# ifndef OPENSSL_NO_HEARTBEATS
s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
@@ -2442,8 +2428,7 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p,
}
if (!s->hit) {
s->session->tlsext_ecpointformatlist_length = 0;
- if (s->session->tlsext_ecpointformatlist != NULL)
- OPENSSL_free(s->session->tlsext_ecpointformatlist);
+ OPENSSL_free(s->session->tlsext_ecpointformatlist);
if ((s->session->tlsext_ecpointformatlist =
OPENSSL_malloc(ecpointformatlist_length)) == NULL) {
*al = TLS1_AD_INTERNAL_ERROR;
@@ -2548,8 +2533,7 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p,
*al = TLS1_AD_DECODE_ERROR;
return 0;
}
- if (s->s3->alpn_selected)
- OPENSSL_free(s->s3->alpn_selected);
+ OPENSSL_free(s->s3->alpn_selected);
s->s3->alpn_selected = OPENSSL_malloc(len);
if (!s->s3->alpn_selected) {
*al = TLS1_AD_INTERNAL_ERROR;
@@ -2704,11 +2688,9 @@ int tls1_set_server_sigalgs(SSL *s)
int al;
size_t i;
/* Clear any shared sigtnature algorithms */
- if (s->cert->shared_sigalgs) {
- OPENSSL_free(s->cert->shared_sigalgs);
- s->cert->shared_sigalgs = NULL;
- s->cert->shared_sigalgslen = 0;
- }
+ OPENSSL_free(s->cert->shared_sigalgs);
+ s->cert->shared_sigalgs = NULL;
+ s->cert->shared_sigalgslen = 0;
/* Clear certificate digests and validity flags */
for (i = 0; i < SSL_PKEY_NUM; i++) {
s->cert->pkeys[i].digest = NULL;
@@ -2860,10 +2842,8 @@ int ssl_check_serverhello_tlsext(SSL *s)
* Set resp to NULL, resplen to -1 so callback knows there is no
* response.
*/
- if (s->tlsext_ocsp_resp) {
- OPENSSL_free(s->tlsext_ocsp_resp);
- s->tlsext_ocsp_resp = NULL;
- }
+ OPENSSL_free(s->tlsext_ocsp_resp);
+ s->tlsext_ocsp_resp = NULL;
s->tlsext_ocsp_resplen = -1;
r = s->ctx->tlsext_status_cb(s, s->ctx->tlsext_status_arg);
if (r == 0) {
@@ -3408,11 +3388,10 @@ static int tls1_set_shared_sigalgs(SSL *s)
TLS_SIGALGS *salgs = NULL;
CERT *c = s->cert;
unsigned int is_suiteb = tls1_suiteb(s);
- if (c->shared_sigalgs) {
- OPENSSL_free(c->shared_sigalgs);
- c->shared_sigalgs = NULL;
- c->shared_sigalgslen = 0;
- }
+
+ OPENSSL_free(c->shared_sigalgs);
+ c->shared_sigalgs = NULL;
+ c->shared_sigalgslen = 0;
/* If client use client signature algorithms if not NULL */
if (!s->server && c->client_sigalgs && !is_suiteb) {
conf = c->client_sigalgs;
@@ -3459,8 +3438,7 @@ int tls1_save_sigalgs(SSL *s, const unsigned char *data, int dsize)
if (!c)
return 0;
- if (c->peer_sigalgs)
- OPENSSL_free(c->peer_sigalgs);
+ OPENSSL_free(c->peer_sigalgs);
c->peer_sigalgs = OPENSSL_malloc(dsize);
if (!c->peer_sigalgs)
return 0;
@@ -3840,13 +3818,11 @@ int tls1_set_sigalgs(CERT *c, const int *psig_nids, size_t salglen,
}
if (client) {
- if (c->client_sigalgs)
- OPENSSL_free(c->client_sigalgs);
+ OPENSSL_free(c->client_sigalgs);
c->client_sigalgs = sigalgs;
c->client_sigalgslen = salglen;
} else {
- if (c->conf_sigalgs)
- OPENSSL_free(c->conf_sigalgs);
+ OPENSSL_free(c->conf_sigalgs);
c->conf_sigalgs = sigalgs;
c->conf_sigalgslen = salglen;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-25 23:52:38 +0000