diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-12-18 16:15:49 +0100 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-12-21 12:11:49 +0100 |
commit | 79b2a2f2eedb9d6b24a3f6748332328cf54568fb (patch) | |
tree | 31d61a9636cccc6a378871407b11fc1fc89aa8c6 /crypto/cmp | |
parent | 0d4c52320d245be80bd69346fdda4b12b4961eae (diff) |
add OSSL_STACK_OF_X509_free() for commonly used pattern
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17307)
Diffstat (limited to 'crypto/cmp')
-rw-r--r-- | crypto/cmp/cmp_client.c | 2 | ||||
-rw-r--r-- | crypto/cmp/cmp_ctx.c | 21 | ||||
-rw-r--r-- | crypto/cmp/cmp_server.c | 4 | ||||
-rw-r--r-- | crypto/cmp/cmp_vfy.c | 2 |
4 files changed, 13 insertions, 16 deletions
diff --git a/crypto/cmp/cmp_client.c b/crypto/cmp/cmp_client.c index c7674ce088..4a7a87ff74 100644 --- a/crypto/cmp/cmp_client.c +++ b/crypto/cmp/cmp_client.c @@ -514,7 +514,7 @@ int OSSL_CMP_certConf_cb(OSSL_CMP_CTX *ctx, X509 *cert, int fail_info, "success building approximate chain for newly enrolled cert"); } (void)ossl_cmp_ctx_set1_newChain(ctx, chain); - sk_X509_pop_free(chain, X509_free); + OSSL_STACK_OF_X509_free(chain); return fail_info; } diff --git a/crypto/cmp/cmp_ctx.c b/crypto/cmp/cmp_ctx.c index 8b53a8a237..75418a60b8 100644 --- a/crypto/cmp/cmp_ctx.c +++ b/crypto/cmp/cmp_ctx.c @@ -61,9 +61,6 @@ DEFINE_OSSL_set0_NAME(OSSL_CMP_CTX, trustedStore, trusted, X509_STORE) /* Get current list of non-trusted intermediate certs */ DEFINE_OSSL_CMP_CTX_get0(untrusted, STACK_OF(X509)) -#define X509_STACK_free(certs) \ - sk_X509_pop_free(certs, X509_free) - /* * Set untrusted certificates for path construction in authentication of * the CMP server and potentially others (TLS server, newly enrolled cert). @@ -79,11 +76,11 @@ int OSSL_CMP_CTX_set1_untrusted(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs) if (!ossl_x509_add_certs_new(&untrusted, certs, X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP)) goto err; - X509_STACK_free(ctx->untrusted); + OSSL_STACK_OF_X509_free(ctx->untrusted); ctx->untrusted = untrusted; return 1; err: - X509_STACK_free(untrusted); + OSSL_STACK_OF_X509_free(untrusted); return 0; } @@ -202,10 +199,10 @@ void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx) X509_free(ctx->validatedSrvCert); X509_NAME_free(ctx->expected_sender); X509_STORE_free(ctx->trusted); - X509_STACK_free(ctx->untrusted); + OSSL_STACK_OF_X509_free(ctx->untrusted); X509_free(ctx->cert); - X509_STACK_free(ctx->chain); + OSSL_STACK_OF_X509_free(ctx->chain); EVP_PKEY_free(ctx->pkey); ASN1_OCTET_STRING_free(ctx->referenceValue); if (ctx->secretValue != NULL) @@ -219,7 +216,7 @@ void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx) ASN1_OCTET_STRING_free(ctx->senderNonce); ASN1_OCTET_STRING_free(ctx->recipNonce); OSSL_CMP_ITAVs_free(ctx->geninfo_ITAVs); - X509_STACK_free(ctx->extraCertsOut); + OSSL_STACK_OF_X509_free(ctx->extraCertsOut); EVP_PKEY_free(ctx->newPkey); X509_NAME_free(ctx->issuer); @@ -234,9 +231,9 @@ void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx) OSSL_CMP_PKIFREETEXT_free(ctx->statusString); X509_free(ctx->newCert); - X509_STACK_free(ctx->newChain); - X509_STACK_free(ctx->caPubs); - X509_STACK_free(ctx->extraCertsIn); + OSSL_STACK_OF_X509_free(ctx->newChain); + OSSL_STACK_OF_X509_free(ctx->caPubs); + OSSL_STACK_OF_X509_free(ctx->extraCertsIn); OPENSSL_free(ctx); } @@ -469,7 +466,7 @@ int PREFIX##_set1_##FIELD(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs) \ ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); \ return 0; \ } \ - X509_STACK_free(ctx->FIELD); \ + OSSL_STACK_OF_X509_free(ctx->FIELD); \ ctx->FIELD = NULL; \ return certs == NULL || (ctx->FIELD = X509_chain_up_ref(certs)) != NULL; \ } diff --git a/crypto/cmp/cmp_server.c b/crypto/cmp/cmp_server.c index c32737d0e3..bf5c5fdb57 100644 --- a/crypto/cmp/cmp_server.c +++ b/crypto/cmp/cmp_server.c @@ -234,8 +234,8 @@ static OSSL_CMP_MSG *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx, err: OSSL_CMP_PKISI_free(si); X509_free(certOut); - sk_X509_pop_free(chainOut, X509_free); - sk_X509_pop_free(caPubs, X509_free); + OSSL_STACK_OF_X509_free(chainOut); + OSSL_STACK_OF_X509_free(caPubs); return msg; } diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c index bea7e506b6..e5ca1083d7 100644 --- a/crypto/cmp/cmp_vfy.c +++ b/crypto/cmp/cmp_vfy.c @@ -432,7 +432,7 @@ static int check_msg_all_certs(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg, : "certs in trusted store", msg->extraCerts, ctx->untrusted, msg, mode_3gpp); - sk_X509_pop_free(trusted, X509_free); + OSSL_STACK_OF_X509_free(trusted); } return ret; } |