diff options
65 files changed, 189 insertions, 355 deletions
diff --git a/apps/apps.c b/apps/apps.c index 5eadc72cfd..9475fe3ccd 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -971,8 +971,7 @@ static int load_certs_crls(const char *file, int format, end: - if (xis) - sk_X509_INFO_pop_free(xis, X509_INFO_free); + sk_X509_INFO_pop_free(xis, X509_INFO_free); if (rv == 0) { if (pcerts) { @@ -1349,9 +1349,7 @@ end_of_options: BIO_free_all(Sout); BIO_free_all(out); BIO_free_all(in); - - if (cert_sk) - sk_X509_pop_free(cert_sk, X509_free); + sk_X509_pop_free(cert_sk, X509_free); if (ret) ERR_print_errors(bio_err); @@ -1364,8 +1362,7 @@ end_of_options: if (sigopts) sk_OPENSSL_STRING_free(sigopts); EVP_PKEY_free(pkey); - if (x509) - X509_free(x509); + X509_free(x509); X509_CRL_free(crl); NCONF_free(conf); NCONF_free(extconf); @@ -1440,8 +1437,7 @@ static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, ext_copy, selfsign); end: - if (req != NULL) - X509_REQ_free(req); + X509_REQ_free(req); BIO_free(in); return (ok); } @@ -1495,10 +1491,8 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509, ext_copy, 0); end: - if (rreq != NULL) - X509_REQ_free(rreq); - if (req != NULL) - X509_free(req); + X509_REQ_free(rreq); + X509_free(req); return (ok); } @@ -1700,8 +1694,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, if (push != NULL) { if (!X509_NAME_add_entry(subject, push, -1, 0)) { - if (push != NULL) - X509_NAME_ENTRY_free(push); + X509_NAME_ENTRY_free(push); BIO_printf(bio_err, "Memory allocation failure\n"); goto end; } @@ -1876,8 +1869,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, /* * Free the current entries if any, there should not be any I believe */ - if (ci->extensions != NULL) - sk_X509_EXTENSION_pop_free(ci->extensions, X509_EXTENSION_free); + sk_X509_EXTENSION_pop_free(ci->extensions, X509_EXTENSION_free); ci->extensions = NULL; @@ -2027,18 +2019,14 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, if (row[i] != NULL) OPENSSL_free(row[i]); - if (CAname != NULL) - X509_NAME_free(CAname); - if (subject != NULL) - X509_NAME_free(subject); - if ((dn_subject != NULL) && !email_dn) + X509_NAME_free(CAname); + X509_NAME_free(subject); + if (dn_subject != subject) X509_NAME_free(dn_subject); ASN1_UTCTIME_free(tmptm); - if (ok <= 0) { - if (ret != NULL) - X509_free(ret); - ret = NULL; - } else + if (ok <= 0) + X509_free(ret); + else *xret = ret; return (ok); } @@ -2186,14 +2174,12 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, verbose, req, ext_sect, lconf, certopt, nameopt, default_op, ext_copy, 0); end: - if (req != NULL) - X509_REQ_free(req); + X509_REQ_free(req); if (parms != NULL) CONF_free(parms); if (spki != NULL) NETSCAPE_SPKI_free(spki); - if (ne != NULL) - X509_NAME_ENTRY_free(ne); + X509_NAME_ENTRY_free(ne); return (ok); } diff --git a/apps/crl2p7.c b/apps/crl2p7.c index d75b6674a5..fb2b085ead 100644 --- a/apps/crl2p7.c +++ b/apps/crl2p7.c @@ -215,8 +215,7 @@ int crl2pkcs7_main(int argc, char **argv) BIO_free(in); BIO_free_all(out); PKCS7_free(p7); - if (crl != NULL) - X509_CRL_free(crl); + X509_CRL_free(crl); return (ret); } @@ -267,7 +266,6 @@ static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile) end: /* never need to OPENSSL_free x */ BIO_free(in); - if (sk != NULL) - sk_X509_INFO_free(sk); + sk_X509_INFO_free(sk); return (ret); } diff --git a/apps/ocsp.c b/apps/ocsp.c index fb60e3b669..680cc0a79e 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -735,8 +735,7 @@ int ocsp_main(int argc, char **argv) ERR_print_errors(bio_err); X509_free(signer); X509_STORE_free(store); - if (vpm) - X509_VERIFY_PARAM_free(vpm); + X509_VERIFY_PARAM_free(vpm); EVP_PKEY_free(key); EVP_PKEY_free(rkey); X509_free(cert); diff --git a/apps/pkcs12.c b/apps/pkcs12.c index ec7a1d94e1..b4b37305bb 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -504,10 +504,8 @@ int pkcs12_main(int argc, char **argv) export_end: EVP_PKEY_free(key); - if (certs) - sk_X509_pop_free(certs, X509_free); - if (ucert) - X509_free(ucert); + sk_X509_pop_free(certs, X509_free); + X509_free(ucert); goto end; diff --git a/apps/s_cb.c b/apps/s_cb.c index 76aeadbda3..1d026b6514 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -1219,11 +1219,9 @@ void ssl_excert_free(SSL_EXCERT *exc) { SSL_EXCERT *curr; while (exc) { - if (exc->cert) - X509_free(exc->cert); + X509_free(exc->cert); EVP_PKEY_free(exc->key); - if (exc->chain) - sk_X509_pop_free(exc->chain, X509_free); + sk_X509_pop_free(exc->chain, X509_free); curr = exc; exc = exc->next; OPENSSL_free(curr); @@ -1385,8 +1383,7 @@ void print_ssl_summary(SSL *s) BIO_printf(bio_err, "Hash used: %s\n", OBJ_nid2sn(nid)); } else BIO_puts(bio_err, "No peer certificate\n"); - if (peer) - X509_free(peer); + X509_free(peer); #ifndef OPENSSL_NO_EC ssl_print_point_formats(bio_err, s); if (SSL_is_server(s)) @@ -1501,10 +1498,8 @@ int ssl_load_stores(SSL_CTX *ctx, } rv = 1; err: - if (vfy) - X509_STORE_free(vfy); - if (ch) - X509_STORE_free(ch); + X509_STORE_free(vfy); + X509_STORE_free(ch); return rv; } diff --git a/apps/s_client.c b/apps/s_client.c index 9d0d6f0cb4..fdd1f5c5ab 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1998,17 +1998,14 @@ int s_client_main(int argc, char **argv) OPENSSL_free(next_proto.data); #endif SSL_CTX_free(ctx); - if (cert) - X509_free(cert); + X509_free(cert); if (crls) sk_X509_CRL_pop_free(crls, X509_CRL_free); EVP_PKEY_free(key); - if (chain) - sk_X509_pop_free(chain, X509_free); + sk_X509_pop_free(chain, X509_free); if (pass) OPENSSL_free(pass); - if (vpm) - X509_VERIFY_PARAM_free(vpm); + X509_VERIFY_PARAM_free(vpm); ssl_excert_free(exc); sk_OPENSSL_STRING_free(ssl_args); SSL_CONF_CTX_free(cctx); @@ -2197,8 +2194,7 @@ static void print_stuff(BIO *bio, SSL *s, int full) } } BIO_printf(bio, "---\n"); - if (peer != NULL) - X509_free(peer); + X509_free(peer); /* flush, or debugging output gets mixed with http response */ (void)BIO_flush(bio); } diff --git a/apps/s_server.c b/apps/s_server.c index 701f52da63..f8bec24f3e 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1925,24 +1925,18 @@ int s_server_main(int argc, char *argv[]) ret = 0; end: SSL_CTX_free(ctx); - if (s_cert) - X509_free(s_cert); - if (crls) - sk_X509_CRL_pop_free(crls, X509_CRL_free); - if (s_dcert) - X509_free(s_dcert); + X509_free(s_cert); + sk_X509_CRL_pop_free(crls, X509_CRL_free); + X509_free(s_dcert); EVP_PKEY_free(s_key); EVP_PKEY_free(s_dkey); - if (s_chain) - sk_X509_pop_free(s_chain, X509_free); - if (s_dchain) - sk_X509_pop_free(s_dchain, X509_free); + sk_X509_pop_free(s_chain, X509_free); + sk_X509_pop_free(s_dchain, X509_free); if (pass) OPENSSL_free(pass); if (dpass) OPENSSL_free(dpass); - if (vpm) - X509_VERIFY_PARAM_free(vpm); + X509_VERIFY_PARAM_free(vpm); free_sessions(); #ifndef OPENSSL_NO_TLSEXT if (tlscstatp.host) @@ -1951,9 +1945,9 @@ int s_server_main(int argc, char *argv[]) OPENSSL_free(tlscstatp.port); if (tlscstatp.path) OPENSSL_free(tlscstatp.path); + if (ctx2 != NULL) SSL_CTX_free(ctx2); - if (s_cert2) - X509_free(s_cert2); + X509_free(s_cert2); EVP_PKEY_free(s_key2); BIO_free(serverinfo_in); # ifndef OPENSSL_NO_NEXTPROTONEG diff --git a/apps/smime.c b/apps/smime.c index 21e9daa694..0fda865565 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -650,8 +650,7 @@ int smime_main(int argc, char **argv) ERR_print_errors(bio_err); sk_X509_pop_free(encerts, X509_free); sk_X509_pop_free(other, X509_free); - if (vpm) - X509_VERIFY_PARAM_free(vpm); + X509_VERIFY_PARAM_free(vpm); if (sksigners) sk_OPENSSL_STRING_free(sksigners); if (skkeys) diff --git a/apps/verify.c b/apps/verify.c index 1faca9675e..f4e18f0535 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -221,10 +221,8 @@ int verify_main(int argc, char **argv) } end: - if (vpm) - X509_VERIFY_PARAM_free(vpm); - if (store != NULL) - X509_STORE_free(store); + X509_VERIFY_PARAM_free(vpm); + X509_STORE_free(store); sk_X509_pop_free(untrusted, X509_free); sk_X509_pop_free(trusted, X509_free); sk_X509_CRL_pop_free(crls, X509_CRL_free); @@ -283,8 +281,7 @@ static int check(X509_STORE *ctx, char *file, } sk_X509_pop_free(chain, X509_free); } - if (x != NULL) - X509_free(x); + X509_free(x); return (ret); } diff --git a/crypto/asn1/x_info.c b/crypto/asn1/x_info.c index fff54c808e..4783fc48a9 100644 --- a/crypto/asn1/x_info.c +++ b/crypto/asn1/x_info.c @@ -103,12 +103,9 @@ void X509_INFO_free(X509_INFO *x) } #endif - if (x->x509 != NULL) - X509_free(x->x509); - if (x->crl != NULL) - X509_CRL_free(x->crl); - if (x->x_pkey != NULL) - X509_PKEY_free(x->x_pkey); + X509_free(x->x509); + X509_CRL_free(x->crl); + X509_PKEY_free(x->x_pkey); if (x->enc_data != NULL) OPENSSL_free(x->enc_data); OPENSSL_free(x); diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c index 98e4a3d491..fc5de8a96f 100644 --- a/crypto/asn1/x_pkey.c +++ b/crypto/asn1/x_pkey.c @@ -110,8 +110,7 @@ void X509_PKEY_free(X509_PKEY *x) } #endif - if (x->enc_algor != NULL) - X509_ALGOR_free(x->enc_algor); + X509_ALGOR_free(x->enc_algor); ASN1_OCTET_STRING_free(x->enc_pkey); EVP_PKEY_free(x->dec_pkey); if ((x->key_data != NULL) && (x->key_free)) diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index 3c72997f03..158c24062e 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -112,15 +112,12 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) goto error; } - if (*x != NULL) - X509_PUBKEY_free(*x); - + X509_PUBKEY_free(*x); *x = pk; - return 1; + error: - if (pk != NULL) - X509_PUBKEY_free(pk); + X509_PUBKEY_free(pk); return 0; } diff --git a/crypto/cms/cms_asn1.c b/crypto/cms/cms_asn1.c index 03de7af204..2b61768847 100644 --- a/crypto/cms/cms_asn1.c +++ b/crypto/cms/cms_asn1.c @@ -94,8 +94,7 @@ static int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, if (operation == ASN1_OP_FREE_POST) { CMS_SignerInfo *si = (CMS_SignerInfo *)*pval; EVP_PKEY_free(si->pkey); - if (si->signer) - X509_free(si->signer); + X509_free(si->signer); if (si->pctx) EVP_MD_CTX_cleanup(&si->mctx); } @@ -248,8 +247,7 @@ static int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, if (ri->type == CMS_RECIPINFO_TRANS) { CMS_KeyTransRecipientInfo *ktri = ri->d.ktri; EVP_PKEY_free(ktri->pkey); - if (ktri->recip) - X509_free(ktri->recip); + X509_free(ktri->recip); EVP_PKEY_CTX_free(ktri->pctx); } else if (ri->type == CMS_RECIPINFO_KEK) { CMS_KEKRecipientInfo *kekri = ri->d.kekri; diff --git a/crypto/cms/cms_pwri.c b/crypto/cms/cms_pwri.c index e11b1fa4ac..ece5ce3640 100644 --- a/crypto/cms/cms_pwri.c +++ b/crypto/cms/cms_pwri.c @@ -204,8 +204,7 @@ CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, EVP_CIPHER_CTX_cleanup(&ctx); if (ri) M_ASN1_free_of(ri, CMS_RecipientInfo); - if (encalg) - X509_ALGOR_free(encalg); + X509_ALGOR_free(encalg); return NULL; } diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c index c0a9780acf..31398acfe3 100644 --- a/crypto/cms/cms_sd.c +++ b/crypto/cms/cms_sd.c @@ -489,8 +489,7 @@ void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer) EVP_PKEY_free(si->pkey); si->pkey = X509_get_pubkey(signer); } - if (si->signer) - X509_free(si->signer); + X509_free(si->signer); si->signer = signer; } diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c index f491ec9e77..8066602c9f 100644 --- a/crypto/cms/cms_smime.c +++ b/crypto/cms/cms_smime.c @@ -455,10 +455,8 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, if (out != tmpout) BIO_free_all(tmpout); - if (cms_certs) - sk_X509_pop_free(cms_certs, X509_free); - if (crls) - sk_X509_CRL_pop_free(crls, X509_CRL_free); + sk_X509_pop_free(cms_certs, X509_free); + sk_X509_CRL_pop_free(crls, X509_CRL_free); return ret; } diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index 8cd90b6b78..f3abe0774f 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -782,10 +782,8 @@ static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri) rv = 1; err: - if (kekalg) - X509_ALGOR_free(kekalg); - if (dukm) - OPENSSL_free(dukm); + X509_ALGOR_free(kekalg); + OPENSSL_free(dukm); return rv; } @@ -945,10 +943,8 @@ static int dh_cms_encrypt(CMS_RecipientInfo *ri) rv = 1; err: - if (penc) - OPENSSL_free(penc); - if (wrap_alg) - X509_ALGOR_free(wrap_alg); + OPENSSL_free(penc); + X509_ALGOR_free(wrap_alg); return rv; } diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index 5a7b0b744f..6b34be38d7 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -796,10 +796,8 @@ static int ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri) rv = 1; err: - if (kekalg) - X509_ALGOR_free(kekalg); - if (der) - OPENSSL_free(der); + X509_ALGOR_free(kekalg); + OPENSSL_free(der); return rv; } @@ -967,10 +965,8 @@ static int ecdh_cms_encrypt(CMS_RecipientInfo *ri) rv = 1; err: - if (penc) - OPENSSL_free(penc); - if (wrap_alg) - X509_ALGOR_free(wrap_alg); + OPENSSL_free(penc); + X509_ALGOR_free(wrap_alg); return rv; } diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index c9e971ed85..c163e47829 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -401,8 +401,7 @@ void EVP_PKEY_free(EVP_PKEY *x) } #endif EVP_PKEY_free_it(x); - if (x->attributes) - sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); + sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free); OPENSSL_free(x); } diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c index 40a3b017b8..9bf1ff502a 100644 --- a/crypto/ocsp/ocsp_vfy.c +++ b/crypto/ocsp/ocsp_vfy.c @@ -171,8 +171,7 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs, } end: - if (chain) - sk_X509_pop_free(chain, X509_free); + sk_X509_pop_free(chain, X509_free); if (bs->certs && certs) sk_X509_free(untrusted); return ret; diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index b8147415f5..0e7338bd1d 100644 --- a/c |