add OSSL_STACK_OF_X509_free() for commonly used pattern

Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17307)
author: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2021-12-18 16:15:49 +0100
committer: Dr. David von Oheimb <dev@ddvo.net> 2021-12-21 12:11:49 +0100
commit: 79b2a2f2eedb9d6b24a3f6748332328cf54568fb (patch)
tree: 31d61a9636cccc6a378871407b11fc1fc89aa8c6 /crypto/cmp
parent: 0d4c52320d245be80bd69346fdda4b12b4961eae (diff)
4 files changed, 13 insertions, 16 deletions
diff --git a/crypto/cmp/cmp_client.c b/crypto/cmp/cmp_client.c
index c7674ce088..4a7a87ff74 100644
--- a/crypto/cmp/cmp_client.c
+++ b/crypto/cmp/cmp_client.c
@@ -514,7 +514,7 @@ int OSSL_CMP_certConf_cb(OSSL_CMP_CTX *ctx, X509 *cert, int fail_info,
                        "success building approximate chain for newly enrolled cert");
     }
     (void)ossl_cmp_ctx_set1_newChain(ctx, chain);
-    sk_X509_pop_free(chain, X509_free);
+    OSSL_STACK_OF_X509_free(chain);
 
     return fail_info;
 }
diff --git a/crypto/cmp/cmp_ctx.c b/crypto/cmp/cmp_ctx.c
index 8b53a8a237..75418a60b8 100644
--- a/crypto/cmp/cmp_ctx.c
+++ b/crypto/cmp/cmp_ctx.c
@@ -61,9 +61,6 @@ DEFINE_OSSL_set0_NAME(OSSL_CMP_CTX, trustedStore, trusted, X509_STORE)
 /* Get current list of non-trusted intermediate certs */
 DEFINE_OSSL_CMP_CTX_get0(untrusted, STACK_OF(X509))
 
-#define X509_STACK_free(certs) \
-    sk_X509_pop_free(certs, X509_free)
-
 /*
  * Set untrusted certificates for path construction in authentication of
  * the CMP server and potentially others (TLS server, newly enrolled cert).
@@ -79,11 +76,11 @@ int OSSL_CMP_CTX_set1_untrusted(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs)
     if (!ossl_x509_add_certs_new(&untrusted, certs,
                                  X509_ADD_FLAG_UP_REF | X509_ADD_FLAG_NO_DUP))
         goto err;
-    X509_STACK_free(ctx->untrusted);
+    OSSL_STACK_OF_X509_free(ctx->untrusted);
     ctx->untrusted = untrusted;
     return 1;
  err:
-    X509_STACK_free(untrusted);
+    OSSL_STACK_OF_X509_free(untrusted);
     return 0;
 }
 
@@ -202,10 +199,10 @@ void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx)
     X509_free(ctx->validatedSrvCert);
     X509_NAME_free(ctx->expected_sender);
     X509_STORE_free(ctx->trusted);
-    X509_STACK_free(ctx->untrusted);
+    OSSL_STACK_OF_X509_free(ctx->untrusted);
 
     X509_free(ctx->cert);
-    X509_STACK_free(ctx->chain);
+    OSSL_STACK_OF_X509_free(ctx->chain);
     EVP_PKEY_free(ctx->pkey);
     ASN1_OCTET_STRING_free(ctx->referenceValue);
     if (ctx->secretValue != NULL)
@@ -219,7 +216,7 @@ void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx)
     ASN1_OCTET_STRING_free(ctx->senderNonce);
     ASN1_OCTET_STRING_free(ctx->recipNonce);
     OSSL_CMP_ITAVs_free(ctx->geninfo_ITAVs);
-    X509_STACK_free(ctx->extraCertsOut);
+    OSSL_STACK_OF_X509_free(ctx->extraCertsOut);
 
     EVP_PKEY_free(ctx->newPkey);
     X509_NAME_free(ctx->issuer);
@@ -234,9 +231,9 @@ void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx)
 
     OSSL_CMP_PKIFREETEXT_free(ctx->statusString);
     X509_free(ctx->newCert);
-    X509_STACK_free(ctx->newChain);
-    X509_STACK_free(ctx->caPubs);
-    X509_STACK_free(ctx->extraCertsIn);
+    OSSL_STACK_OF_X509_free(ctx->newChain);
+    OSSL_STACK_OF_X509_free(ctx->caPubs);
+    OSSL_STACK_OF_X509_free(ctx->extraCertsIn);
 
     OPENSSL_free(ctx);
 }
@@ -469,7 +466,7 @@ int PREFIX##_set1_##FIELD(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs) \
         ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); \
         return 0; \
     } \
-    X509_STACK_free(ctx->FIELD); \
+    OSSL_STACK_OF_X509_free(ctx->FIELD); \
     ctx->FIELD = NULL; \
     return certs == NULL || (ctx->FIELD = X509_chain_up_ref(certs)) != NULL; \
 }
diff --git a/crypto/cmp/cmp_server.c b/crypto/cmp/cmp_server.c
index c32737d0e3..bf5c5fdb57 100644
--- a/crypto/cmp/cmp_server.c
+++ b/crypto/cmp/cmp_server.c
@@ -234,8 +234,8 @@ static OSSL_CMP_MSG *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
  err:
     OSSL_CMP_PKISI_free(si);
     X509_free(certOut);
-    sk_X509_pop_free(chainOut, X509_free);
-    sk_X509_pop_free(caPubs, X509_free);
+    OSSL_STACK_OF_X509_free(chainOut);
+    OSSL_STACK_OF_X509_free(caPubs);
     return msg;
 }
 
diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c
index bea7e506b6..e5ca1083d7 100644
--- a/crypto/cmp/cmp_vfy.c
+++ b/crypto/cmp/cmp_vfy.c
@@ -432,7 +432,7 @@ static int check_msg_all_certs(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg,
                                              : "certs in trusted store",
                                    msg->extraCerts, ctx->untrusted,
                                    msg, mode_3gpp);
-        sk_X509_pop_free(trusted, X509_free);
+        OSSL_STACK_OF_X509_free(trusted);
     }
     return ret;
 }
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2021-12-18 16:15:49 +0100
committer	Dr. David von Oheimb <dev@ddvo.net>	2021-12-21 12:11:49 +0100
commit	79b2a2f2eedb9d6b24a3f6748332328cf54568fb (patch)
tree	31d61a9636cccc6a378871407b11fc1fc89aa8c6 /crypto/cmp
parent	0d4c52320d245be80bd69346fdda4b12b4961eae (diff)