commit 274efb126324f3f8a7e98b15a697c0038a9803d0 Author: Nick Mathewson nickm@torproject.org Date: Tue Sep 4 14:37:42 2018 -0400

Use FREE_AND_NULL for impl types --- src/lib/tls/tortls.c | 17 ++++++----------- src/lib/tls/tortls_internal.h | 6 +++++- src/lib/tls/tortls_nss.c | 6 +++++- src/lib/tls/tortls_openssl.c | 5 ++++- src/lib/tls/x509.c | 5 ++--- src/lib/tls/x509_internal.h | 2 ++ src/test/test_tortls.c | 6 ++---- src/test/test_x509.c | 3 +-- 8 files changed, 27 insertions(+), 23 deletions(-)

diff --git a/src/lib/tls/tortls.c b/src/lib/tls/tortls.c index 64c26f7e1..923b0db4c 100644 --- a/src/lib/tls/tortls.c +++ b/src/lib/tls/tortls.c @@ -335,12 +335,9 @@ tor_tls_context_init_certificates(tor_tls_context_t *result, tor_free(nickname); tor_free(nn2);

- if (cert) - tor_x509_cert_impl_free_(cert); - if (idcert) - tor_x509_cert_impl_free_(idcert); - if (authcert) - tor_x509_cert_impl_free_(authcert); + tor_x509_cert_impl_free(cert); + tor_x509_cert_impl_free(idcert); + tor_x509_cert_impl_free(authcert); crypto_pk_free(rsa); crypto_pk_free(rsa_auth);

@@ -379,7 +376,7 @@ tor_tls_free_(tor_tls_t *tls) size_t r,w; tor_tls_get_n_raw_bytes(tls,&r,&w); /* ensure written_by_tls is updated */ } - tor_tls_impl_free_(tls->ssl); + tor_tls_impl_free(tls->ssl); tls->ssl = NULL; #ifdef ENABLE_OPENSSL tls->negotiated_callback = NULL; @@ -424,10 +421,8 @@ tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_t **identity) rv = 0;

done: - if (cert) - tor_x509_cert_impl_free_(cert); - if (id_cert) - tor_x509_cert_impl_free_(id_cert); + tor_x509_cert_impl_free(cert); + tor_x509_cert_impl_free(id_cert); tor_x509_cert_free(peer_x509); tor_x509_cert_free(id_x509);

diff --git a/src/lib/tls/tortls_internal.h b/src/lib/tls/tortls_internal.h index b9e01e0c5..2bf221210 100644 --- a/src/lib/tls/tortls_internal.h +++ b/src/lib/tls/tortls_internal.h @@ -28,8 +28,12 @@ int tor_tls_context_init_certificates(tor_tls_context_t *result, unsigned key_lifetime, unsigned flags); void tor_tls_impl_free_(tor_tls_impl_t *ssl); +#define tor_tls_impl_free(tls) \ + FREE_AND_NULL(tor_tls_impl_t, tor_tls_impl_free_, (tls))

-void tor_tls_context_impl_free(tor_tls_context_impl_t *); +void tor_tls_context_impl_free_(tor_tls_context_impl_t *); +#define tor_tls_context_impl_free(ctx) \ + FREE_AND_NULL(tor_tls_context_impl_t, tor_tls_context_impl_free_, (ctx))

#ifdef ENABLE_OPENSSL tor_tls_t *tor_tls_get_by_ssl(const struct ssl_st *ssl); diff --git a/src/lib/tls/tortls_nss.c b/src/lib/tls/tortls_nss.c index 266455049..548a817e6 100644 --- a/src/lib/tls/tortls_nss.c +++ b/src/lib/tls/tortls_nss.c @@ -298,8 +298,10 @@ tor_tls_context_new(crypto_pk_t *identity, }

void -tor_tls_context_impl_free(tor_tls_context_impl_t *ctx) +tor_tls_context_impl_free_(tor_tls_context_impl_t *ctx) { + if (!ctx) + return; PR_Close(ctx); }

@@ -409,6 +411,8 @@ tor_tls_impl_free_(tor_tls_impl_t *tls) { // XXXX This will close the underlying fd, which our OpenSSL version does // not do! + if (!tls) + return;

PR_Close(tls); } diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c index 6ff03ee81..370e7e436 100644 --- a/src/lib/tls/tortls_openssl.c +++ b/src/lib/tls/tortls_openssl.c @@ -496,7 +496,7 @@ tor_tls_cert_matches_key,(const tor_tls_t *tls, const tor_x509_cert_t *cert)) }

void -tor_tls_context_impl_free(struct ssl_ctx_st *ctx) +tor_tls_context_impl_free_(struct ssl_ctx_st *ctx) { if (!ctx) return; @@ -1150,6 +1150,9 @@ tor_tls_assert_renegotiation_unblocked(tor_tls_t *tls) void tor_tls_impl_free_(tor_tls_impl_t *ssl) { + if (!ssl) + return; + #ifdef SSL_set_tlsext_host_name SSL_set_tlsext_host_name(ssl, NULL); #endif diff --git a/src/lib/tls/x509.c b/src/lib/tls/x509.c index 2e7020646..442cdf2c7 100644 --- a/src/lib/tls/x509.c +++ b/src/lib/tls/x509.c @@ -76,8 +76,7 @@ tor_x509_cert_free_(tor_x509_cert_t *cert) { if (! cert) return; - if (cert->cert) - tor_x509_cert_impl_free_(cert->cert); + tor_x509_cert_impl_free(cert->cert); #ifdef ENABLE_OPENSSL tor_free(cert->encoded); #endif @@ -131,7 +130,7 @@ tor_x509_cert_new,(tor_x509_cert_impl_t *x509_cert)) err: tor_free(cert); log_err(LD_CRYPTO, "Couldn't wrap encoded X509 certificate."); - tor_x509_cert_impl_free_(x509_cert); + tor_x509_cert_impl_free(x509_cert); return NULL; }

diff --git a/src/lib/tls/x509_internal.h b/src/lib/tls/x509_internal.h index c08705cb2..139ecedd2 100644 --- a/src/lib/tls/x509_internal.h +++ b/src/lib/tls/x509_internal.h @@ -41,6 +41,8 @@ int tor_x509_check_cert_lifetime_internal(int severity, int future_tolerance);

void tor_x509_cert_impl_free_(tor_x509_cert_impl_t *cert); +#define tor_x509_cert_impl_free(cert) \ + FREE_AND_NULL(tor_x509_cert_impl_t, tor_x509_cert_impl_free_, (cert)) tor_x509_cert_impl_t *tor_x509_cert_impl_dup_(tor_x509_cert_impl_t *cert); #ifdef ENABLE_OPENSSL int tor_x509_cert_set_cached_der_encoding(tor_x509_cert_t *cert); diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index b260310ad..8e8487a40 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -496,10 +496,8 @@ test_tortls_verify(void *ignored)

done: UNMOCK(try_to_extract_certs_from_tls); - if (cert1) - tor_x509_cert_impl_free_(cert1); - if (cert2) - tor_x509_cert_impl_free_(cert2); + tor_x509_cert_impl_free(cert1); + tor_x509_cert_impl_free(cert2); tor_free(tls); crypto_pk_free(k); } diff --git a/src/test/test_x509.c b/src/test/test_x509.c index 9163977bd..9ec0657d8 100644 --- a/src/test/test_x509.c +++ b/src/test/test_x509.c @@ -57,8 +57,7 @@ test_x509_cert_new_failing_digest(void *arg) done: crypto_pk_free(pk1); crypto_pk_free(pk2); - if (impl) - tor_x509_cert_impl_free_(impl); + tor_x509_cert_impl_free(impl); UNMOCK(crypto_digest); teardown_capture_of_logs(); }