Remove unnecessary NULL checks, part 5.
Finally, the ssl stack.
Change-Id: Iea10e302825947da36ad46eaf3e8e2bce060fde2
Reviewed-on: https://boringssl-review.googlesource.com/4518
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index ec2d920..85b0af9 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -199,12 +199,8 @@
if (frag == NULL) {
return;
}
- if (frag->fragment) {
- OPENSSL_free(frag->fragment);
- }
- if (frag->reassembly) {
- OPENSSL_free(frag->reassembly);
- }
+ OPENSSL_free(frag->fragment);
+ OPENSSL_free(frag->reassembly);
OPENSSL_free(frag);
}
@@ -660,12 +656,8 @@
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
err:
- if (item != NULL) {
- pitem_free(item);
- }
- if (frag != NULL) {
- dtls1_hm_fragment_free(frag);
- }
+ pitem_free(item);
+ dtls1_hm_fragment_free(frag);
*ok = 0;
return -1;
}
diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c
index 9e41618..c063247 100644
--- a/ssl/d1_clnt.c
+++ b/ssl/d1_clnt.c
@@ -510,9 +510,7 @@
end:
s->in_handshake--;
- if (buf != NULL) {
- BUF_MEM_free(buf);
- }
+ BUF_MEM_free(buf);
if (cb != NULL) {
cb(s, SSL_CB_CONNECT_EXIT, ret);
}
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index 9dadb28..3c1fd09 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -101,12 +101,8 @@
d1->sent_messages = pqueue_new();
if (!d1->buffered_messages || !d1->sent_messages) {
- if (d1->buffered_messages) {
- pqueue_free(d1->buffered_messages);
- }
- if (d1->sent_messages) {
- pqueue_free(d1->sent_messages);
- }
+ pqueue_free(d1->buffered_messages);
+ pqueue_free(d1->sent_messages);
OPENSSL_free(d1);
ssl3_free(s);
return 0;
diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index 3ae0513..3415f98 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -516,9 +516,7 @@
end:
s->in_handshake--;
- if (buf != NULL) {
- BUF_MEM_free(buf);
- }
+ BUF_MEM_free(buf);
if (cb != NULL) {
cb(s, SSL_CB_ACCEPT_EXIT, ret);
}
diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index 9ab8e1b..889a732 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -658,18 +658,14 @@
}
int ssl3_release_write_buffer(SSL *s) {
- if (s->s3->wbuf.buf != NULL) {
- OPENSSL_free(s->s3->wbuf.buf);
- s->s3->wbuf.buf = NULL;
- }
+ OPENSSL_free(s->s3->wbuf.buf);
+ s->s3->wbuf.buf = NULL;
return 1;
}
int ssl3_release_read_buffer(SSL *s) {
- if (s->s3->rbuf.buf != NULL) {
- OPENSSL_free(s->s3->rbuf.buf);
- s->s3->rbuf.buf = NULL;
- }
+ OPENSSL_free(s->s3->rbuf.buf);
+ s->s3->rbuf.buf = NULL;
return 1;
}
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index dda637d..5efccd4 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -545,10 +545,8 @@
/* clean a few things up */
ssl3_cleanup_key_block(s);
- if (s->init_buf != NULL) {
- BUF_MEM_free(s->init_buf);
- s->init_buf = NULL;
- }
+ BUF_MEM_free(s->init_buf);
+ s->init_buf = NULL;
/* Remove write buffering now. */
ssl_free_wbio_buffer(s);
@@ -588,9 +586,7 @@
end:
s->in_handshake--;
- if (buf != NULL) {
- BUF_MEM_free(buf);
- }
+ BUF_MEM_free(buf);
if (cb != NULL) {
cb(s, SSL_CB_CONNECT_EXIT, ret);
}
@@ -993,9 +989,7 @@
goto err;
}
- if (s->session->sess_cert) {
- ssl_sess_cert_free(s->session->sess_cert);
- }
+ ssl_sess_cert_free(s->session->sess_cert);
s->session->sess_cert = sc;
sc->cert_chain = sk;
@@ -1033,17 +1027,11 @@
goto f_err;
}
sc->peer_cert_type = i;
- /* Why would the following ever happen? We just created sc a couple of lines
- * ago. */
- if (sc->peer_pkeys[i].x509 != NULL) {
- X509_free(sc->peer_pkeys[i].x509);
- }
+ X509_free(sc->peer_pkeys[i].x509);
sc->peer_pkeys[i].x509 = X509_up_ref(x);
sc->peer_key = &(sc->peer_pkeys[i]);
- if (s->session->peer != NULL) {
- X509_free(s->session->peer);
- }
+ X509_free(s->session->peer);
s->session->peer = X509_up_ref(x);
s->session->verify_result = s->verify_result;
@@ -1108,10 +1096,8 @@
/* TODO(davidben): This should be reset in one place with the rest of the
* handshake state. */
- if (s->s3->tmp.peer_psk_identity_hint) {
- OPENSSL_free(s->s3->tmp.peer_psk_identity_hint);
- s->s3->tmp.peer_psk_identity_hint = NULL;
- }
+ OPENSSL_free(s->s3->tmp.peer_psk_identity_hint);
+ s->s3->tmp.peer_psk_identity_hint = NULL;
}
s->s3->tmp.reuse_message = 1;
return 1;
@@ -1122,14 +1108,10 @@
server_key_exchange_orig = server_key_exchange;
if (s->session->sess_cert != NULL) {
- if (s->session->sess_cert->peer_dh_tmp) {
- DH_free(s->session->sess_cert->peer_dh_tmp);
- s->session->sess_cert->peer_dh_tmp = NULL;
- }
- if (s->session->sess_cert->peer_ecdh_tmp) {
- EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp);
- s->session->sess_cert->peer_ecdh_tmp = NULL;
- }
+ DH_free(s->session->sess_cert->peer_dh_tmp);
+ s->session->sess_cert->peer_dh_tmp = NULL;
+ EC_KEY_free(s->session->sess_cert->peer_ecdh_tmp);
+ s->session->sess_cert->peer_ecdh_tmp = NULL;
} else {
s->session->sess_cert = ssl_sess_cert_new();
if (s->session->sess_cert == NULL) {
@@ -1364,17 +1346,11 @@
ssl3_send_alert(s, SSL3_AL_FATAL, al);
err:
EVP_PKEY_free(pkey);
- if (rsa != NULL) {
- RSA_free(rsa);
- }
- if (dh != NULL) {
- DH_free(dh);
- }
+ RSA_free(rsa);
+ DH_free(dh);
BN_CTX_free(bn_ctx);
EC_POINT_free(srvr_ecpoint);
- if (ecdh != NULL) {
- EC_KEY_free(ecdh);
- }
+ EC_KEY_free(ecdh);
EVP_MD_CTX_cleanup(&md_ctx);
return -1;
}
@@ -1506,18 +1482,14 @@
/* we should setup a certificate to return.... */
s->s3->tmp.cert_req = 1;
- if (s->s3->tmp.ca_names != NULL) {
- sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
- }
+ sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
s->s3->tmp.ca_names = ca_sk;
ca_sk = NULL;
ret = 1;
err:
- if (ca_sk != NULL) {
- sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
- }
+ sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
return ret;
}
@@ -1693,10 +1665,7 @@
goto err;
}
- if (s->session->psk_identity != NULL) {
- OPENSSL_free(s->session->psk_identity);
- }
-
+ OPENSSL_free(s->session->psk_identity);
s->session->psk_identity = BUF_strdup(identity);
if (s->session->psk_identity == NULL) {
OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange,
@@ -1738,9 +1707,7 @@
pkey->pkey.rsa == NULL) {
OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange,
ERR_R_INTERNAL_ERROR);
- if (pkey != NULL) {
- EVP_PKEY_free(pkey);
- }
+ EVP_PKEY_free(pkey);
goto err;
}
@@ -2007,12 +1974,8 @@
err:
BN_CTX_free(bn_ctx);
- if (encodedPoint != NULL) {
- OPENSSL_free(encodedPoint);
- }
- if (clnt_ecdh != NULL) {
- EC_KEY_free(clnt_ecdh);
- }
+ OPENSSL_free(encodedPoint);
+ EC_KEY_free(clnt_ecdh);
EVP_PKEY_free(srvr_pub_pkey);
if (pms) {
OPENSSL_cleanse(pms, pms_len);
@@ -2154,12 +2117,8 @@
SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
}
- if (x509 != NULL) {
- X509_free(x509);
- }
- if (pkey != NULL) {
- EVP_PKEY_free(pkey);
- }
+ X509_free(x509);
+ EVP_PKEY_free(pkey);
if (i && !ssl3_has_client_certificate(s)) {
i = 0;
}
@@ -2399,15 +2358,9 @@
err:
EVP_MD_CTX_cleanup(&md_ctx);
- if (public_key) {
- OPENSSL_free(public_key);
- }
- if (der_sig) {
- OPENSSL_free(der_sig);
- }
- if (sig) {
- ECDSA_SIG_free(sig);
- }
+ OPENSSL_free(public_key);
+ OPENSSL_free(der_sig);
+ ECDSA_SIG_free(sig);
return ret;
}
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 50df40c..fbe68da 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -236,12 +236,8 @@
}
int ssl3_init_finished_mac(SSL *s) {
- if (s->s3->handshake_buffer) {
- BIO_free(s->s3->handshake_buffer);
- }
- if (s->s3->handshake_dgst) {
- ssl3_free_digest_list(s);
- }
+ BIO_free(s->s3->handshake_buffer);
+ ssl3_free_digest_list(s);
s->s3->handshake_buffer = BIO_new(BIO_s_mem());
if (s->s3->handshake_buffer == NULL) {
return 0;
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 3d80565..4537e2e 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -554,47 +554,21 @@
return;
}
- if (s->s3->sniff_buffer != NULL) {
- BUF_MEM_free(s->s3->sniff_buffer);
- }
+ BUF_MEM_free(s->s3->sniff_buffer);
ssl3_cleanup_key_block(s);
- if (s->s3->rbuf.buf != NULL) {
- ssl3_release_read_buffer(s);
- }
- if (s->s3->wbuf.buf != NULL) {
- ssl3_release_write_buffer(s);
- }
- if (s->s3->tmp.dh != NULL) {
- DH_free(s->s3->tmp.dh);
- }
- if (s->s3->tmp.ecdh != NULL) {
- EC_KEY_free(s->s3->tmp.ecdh);
- }
+ ssl3_release_read_buffer(s);
+ ssl3_release_write_buffer(s);
+ DH_free(s->s3->tmp.dh);
+ EC_KEY_free(s->s3->tmp.ecdh);
- if (s->s3->tmp.ca_names != NULL) {
- sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
- }
- if (s->s3->tmp.certificate_types != NULL) {
- OPENSSL_free(s->s3->tmp.certificate_types);
- }
- if (s->s3->tmp.peer_ecpointformatlist) {
- OPENSSL_free(s->s3->tmp.peer_ecpointformatlist);
- }
- if (s->s3->tmp.peer_ellipticcurvelist) {
- OPENSSL_free(s->s3->tmp.peer_ellipticcurvelist);
- }
- if (s->s3->tmp.peer_psk_identity_hint) {
- OPENSSL_free(s->s3->tmp.peer_psk_identity_hint);
- }
- if (s->s3->handshake_buffer) {
- BIO_free(s->s3->handshake_buffer);
- }
- if (s->s3->handshake_dgst) {
- ssl3_free_digest_list(s);
- }
- if (s->s3->alpn_selected) {
- OPENSSL_free(s->s3->alpn_selected);
- }
+ sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
+ OPENSSL_free(s->s3->tmp.certificate_types);
+ OPENSSL_free(s->s3->tmp.peer_ecpointformatlist);
+ OPENSSL_free(s->s3->tmp.peer_ellipticcurvelist);
+ OPENSSL_free(s->s3->tmp.peer_psk_identity_hint);
+ BIO_free(s->s3->handshake_buffer);
+ ssl3_free_digest_list(s);
+ OPENSSL_free(s->s3->alpn_selected);
OPENSSL_cleanse(s->s3, sizeof *s->s3);
OPENSSL_free(s->s3);
@@ -661,9 +635,7 @@
OPENSSL_PUT_ERROR(SSL, ssl3_ctrl, ERR_R_DH_LIB);
return ret;
}
- if (s->cert->dh_tmp != NULL) {
- DH_free(s->cert->dh_tmp);
- }
+ DH_free(s->cert->dh_tmp);
s->cert->dh_tmp = dh;
ret = 1;
break;
@@ -692,9 +664,7 @@
case SSL_CTRL_SET_TLSEXT_HOSTNAME:
if (larg == TLSEXT_NAMETYPE_host_name) {
- if (s->tlsext_hostname != NULL) {
- OPENSSL_free(s->tlsext_hostname);
- }
+ OPENSSL_free(s->tlsext_hostname);
s->tlsext_hostname = NULL;
ret = 1;
@@ -846,9 +816,7 @@
OPENSSL_PUT_ERROR(SSL, ssl3_ctrl, SSL_R_CHANNEL_ID_NOT_P256);
break;
}
- if (s->tlsext_channel_id_private) {
- EVP_PKEY_free(s->tlsext_channel_id_private);
- }
+ EVP_PKEY_free(s->tlsext_channel_id_private);
s->tlsext_channel_id_private = EVP_PKEY_dup((EVP_PKEY *)parg);
ret = 1;
break;
@@ -927,9 +895,7 @@
DH_free(new);
return 0;
}
- if (cert->dh_tmp != NULL) {
- DH_free(cert->dh_tmp);
- }
+ DH_free(cert->dh_tmp);
cert->dh_tmp = new;
return 1;
}
@@ -1026,10 +992,8 @@
break;
case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
- if (ctx->extra_certs) {
- sk_X509_pop_free(ctx->extra_certs, X509_free);
- ctx->extra_certs = NULL;
- }
+ sk_X509_pop_free(ctx->extra_certs, X509_free);
+ ctx->extra_certs = NULL;
break;
case SSL_CTRL_CHAIN:
@@ -1063,9 +1027,7 @@
OPENSSL_PUT_ERROR(SSL, ssl3_ctx_ctrl, SSL_R_CHANNEL_ID_NOT_P256);
break;
}
- if (ctx->tlsext_channel_id_private) {
- EVP_PKEY_free(ctx->tlsext_channel_id_private);
- }
+ EVP_PKEY_free(ctx->tlsext_channel_id_private);
ctx->tlsext_channel_id_private = EVP_PKEY_dup((EVP_PKEY *)parg);
break;
@@ -1266,12 +1228,10 @@
}
static int ssl3_set_req_cert_type(CERT *c, const uint8_t *p, size_t len) {
- if (c->client_certificate_types) {
- OPENSSL_free(c->client_certificate_types);
- c->client_certificate_types = NULL;
- }
-
+ OPENSSL_free(c->client_certificate_types);
+ c->client_certificate_types = NULL;
c->num_client_certificate_types = 0;
+
if (!p || !len) {
return 1;
}
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 8f5712e..b7fc545 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -644,7 +644,7 @@
/* If we aren't retaining peer certificates then we can discard it
* now. */
- if (s->session->peer && s->ctx->retain_only_sha256_of_client_certs) {
+ if (s->ctx->retain_only_sha256_of_client_certs) {
X509_free(s->session->peer);
s->session->peer = NULL;
}
@@ -681,9 +681,7 @@
end:
s->in_handshake--;
- if (buf != NULL) {
- BUF_MEM_free(buf);
- }
+ BUF_MEM_free(buf);
if (cb != NULL) {
cb(s, SSL_CB_ACCEPT_EXIT, ret);
}
@@ -1215,9 +1213,7 @@
}
err:
- if (ciphers != NULL) {
- sk_SSL_CIPHER_free(ciphers);
- }
+ sk_SSL_CIPHER_free(ciphers);
return ret;
}
@@ -1608,9 +1604,7 @@
f_err:
ssl3_send_alert(s, SSL3_AL_FATAL, al);
err:
- if (encodedPoint != NULL) {
- OPENSSL_free(encodedPoint);
- }
+ OPENSSL_free(encodedPoint);
BN_CTX_free(bn_ctx);
EVP_MD_CTX_cleanup(&md_ctx);
return -1;
@@ -2105,14 +2099,10 @@
}
OPENSSL_free(premaster_secret);
}
- if (decrypt_buf) {
- OPENSSL_free(decrypt_buf);
- }
+ OPENSSL_free(decrypt_buf);
EVP_PKEY_free(clnt_pub_pkey);
EC_POINT_free(clnt_ecpoint);
- if (srvr_ecdh != NULL) {
- EC_KEY_free(srvr_ecdh);
- }
+ EC_KEY_free(srvr_ecdh);
BN_CTX_free(bn_ctx);
return -1;
@@ -2351,11 +2341,7 @@
}
}
- if (s->session->peer != NULL) {
- /* This should not be needed */
- X509_free(s->session->peer);
- }
-
+ X509_free(s->session->peer);
s->session->peer = sk_X509_shift(sk);
s->session->verify_result = s->verify_result;
@@ -2368,9 +2354,7 @@
goto err;
}
}
- if (s->session->sess_cert->cert_chain != NULL) {
- sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
- }
+ sk_X509_pop_free(s->session->sess_cert->cert_chain, X509_free);
s->session->sess_cert->cert_chain = sk;
/* Inconsistency alert: cert_chain does *not* include the peer's own
* certificate, while we do include it in s3_clnt.c */
@@ -2385,12 +2369,8 @@
}
err:
- if (x != NULL) {
- X509_free(x);
- }
- if (sk != NULL) {
- sk_X509_pop_free(sk, X509_free);
- }
+ X509_free(x);
+ sk_X509_pop_free(sk, X509_free);
return ret;
}
@@ -2539,9 +2519,7 @@
ret = ssl_do_write(s);
err:
- if (session != NULL) {
- OPENSSL_free(session);
- }
+ OPENSSL_free(session);
EVP_CIPHER_CTX_cleanup(&ctx);
HMAC_CTX_cleanup(&hctx);
return ret;
@@ -2731,14 +2709,8 @@
BN_free(&y);
BN_free(sig.r);
BN_free(sig.s);
- if (key) {
- EC_KEY_free(key);
- }
- if (point) {
- EC_POINT_free(point);
- }
- if (p256) {
- EC_GROUP_free(p256);
- }
+ EC_KEY_free(key);
+ EC_POINT_free(point);
+ EC_GROUP_free(p256);
return ret;
}
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 3bca0c9..eb0c725 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -382,7 +382,7 @@
OPENSSL_PUT_ERROR(SSL, d2i_SSL_SESSION, ERR_R_MALLOC_FAILURE);
return 0;
}
- } else if (*out) {
+ } else {
OPENSSL_free(*out);
*out = NULL;
}
@@ -526,10 +526,8 @@
ret->time = session_time;
ret->timeout = timeout;
- if (ret->peer != NULL) {
- X509_free(ret->peer);
- ret->peer = NULL;
- }
+ X509_free(ret->peer);
+ ret->peer = NULL;
if (has_peer) {
const uint8_t *ptr;
ptr = CBS_data(&peer);
@@ -585,8 +583,6 @@
return ret;
err:
- if (allocated) {
- SSL_SESSION_free(allocated);
- }
+ SSL_SESSION_free(allocated);
return NULL;
}
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 384cf26..a21256f 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -314,35 +314,17 @@
return;
}
- if (c->dh_tmp) {
- DH_free(c->dh_tmp);
- }
+ DH_free(c->dh_tmp);
ssl_cert_clear_certs(c);
- if (c->peer_sigalgs) {
- OPENSSL_free(c->peer_sigalgs);
- }
- if (c->conf_sigalgs) {
- OPENSSL_free(c->conf_sigalgs);
- }
- if (c->client_sigalgs) {
- OPENSSL_free(c->client_sigalgs);
- }
- if (c->shared_sigalgs) {
- OPENSSL_free(c->shared_sigalgs);
- }
- if (c->client_certificate_types) {
- OPENSSL_free(c->client_certificate_types);
- }
- if (c->verify_store) {
- X509_STORE_free(c->verify_store);
- }
- if (c->chain_store) {
- X509_STORE_free(c->chain_store);
- }
- if (c->ciphers_raw) {
- OPENSSL_free(c->ciphers_raw);
- }
+ OPENSSL_free(c->peer_sigalgs);
+ OPENSSL_free(c->conf_sigalgs);
+ OPENSSL_free(c->client_sigalgs);
+ OPENSSL_free(c->shared_sigalgs);
+ OPENSSL_free(c->client_certificate_types);
+ X509_STORE_free(c->verify_store);
+ X509_STORE_free(c->chain_store);
+ OPENSSL_free(c->ciphers_raw);
OPENSSL_free(c);
}
@@ -352,9 +334,7 @@
if (!cpk) {
return 0;
}
- if (cpk->chain) {
- sk_X509_pop_free(cpk->chain, X509_free);
- }
+ sk_X509_pop_free(cpk->chain, X509_free);
cpk->chain = chain;
return 1;
}
@@ -453,22 +433,14 @@
return;
}
- if (sc->cert_chain != NULL) {
- sk_X509_pop_free(sc->cert_chain, X509_free);
- }
+ sk_X509_pop_free(sc->cert_chain, X509_free);
for (i = 0; i < SSL_PKEY_NUM; i++) {
- if (sc->peer_pkeys[i].x509 != NULL) {
- X509_free(sc->peer_pkeys[i].x509);
- }
+ X509_free(sc->peer_pkeys[i].x509);
}
- if (sc->peer_dh_tmp != NULL) {
- DH_free(sc->peer_dh_tmp);
- }
- if (sc->peer_ecdh_tmp != NULL) {
- EC_KEY_free(sc->peer_ecdh_tmp);
- }
+ DH_free(sc->peer_dh_tmp);
+ EC_KEY_free(sc->peer_ecdh_tmp);
OPENSSL_free(sc);
}
@@ -527,10 +499,7 @@
static void set_client_CA_list(STACK_OF(X509_NAME) * *ca_list,
STACK_OF(X509_NAME) * name_list) {
- if (*ca_list != NULL) {
- sk_X509_NAME_pop_free(*ca_list, X509_NAME_free);
- }
-
+ sk_X509_NAME_pop_free(*ca_list, X509_NAME_free);
*ca_list = name_list;
}
@@ -673,21 +642,13 @@
if (0) {
err:
- if (ret != NULL) {
- sk_X509_NAME_pop_free(ret, X509_NAME_free);
- }
+ sk_X509_NAME_pop_free(ret, X509_NAME_free);
ret = NULL;
}
- if (sk != NULL) {
- sk_X509_NAME_free(sk);
- }
- if (in != NULL) {
- BIO_free(in);
- }
- if (x != NULL) {
- X509_free(x);
- }
+ sk_X509_NAME_free(sk);
+ BIO_free(in);
+ X509_free(x);
if (ret != NULL) {
ERR_clear_error();
}
@@ -748,12 +709,8 @@
ret = 0;
}
- if (in != NULL) {
- BIO_free(in);
- }
- if (x != NULL) {
- X509_free(x);
- }
+ BIO_free(in);
+ X509_free(x);
(void) sk_X509_NAME_set_cmp_func(stack, oldcmp);
@@ -1024,9 +981,7 @@
pstore = &c->verify_store;
}
- if (*pstore) {
- X509_STORE_free(*pstore);
- }
+ X509_STORE_free(*pstore);
*pstore = store;
if (ref && store) {
diff --git a/ssl/ssl_cipher.c b/ssl/ssl_cipher.c
index 857b2a4..7e0ade8 100644
--- a/ssl/ssl_cipher.c
+++ b/ssl/ssl_cipher.c
@@ -1003,9 +1003,7 @@
pref_list = NULL;
if (out_cipher_list_by_id != NULL) {
- if (*out_cipher_list_by_id != NULL) {
- sk_SSL_CIPHER_free(*out_cipher_list_by_id);
- }
+ sk_SSL_CIPHER_free(*out_cipher_list_by_id);
*out_cipher_list_by_id = tmp_cipher_list;
tmp_cipher_list = NULL;
(void) sk_SSL_CIPHER_set_cmp_func(*out_cipher_list_by_id,
@@ -1020,24 +1018,14 @@
return cipherstack;
err:
- if (co_list) {
- OPENSSL_free(co_list);
- }
- if (in_group_flags) {
- OPENSSL_free(in_group_flags);
- }
- if (cipherstack) {
- sk_SSL_CIPHER_free(cipherstack);
- }
- if (tmp_cipher_list) {
- sk_SSL_CIPHER_free(tmp_cipher_list);
- }
- if (pref_list && pref_list->in_group_flags) {
+ OPENSSL_free(co_list);
+ OPENSSL_free(in_group_flags);
+ sk_SSL_CIPHER_free(cipherstack);
+ sk_SSL_CIPHER_free(tmp_cipher_list);
+ if (pref_list) {
OPENSSL_free(pref_list->in_group_flags);
}
- if (pref_list) {
- OPENSSL_free(pref_list);
- }
+ OPENSSL_free(pref_list);
return NULL;
}
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 2d0bec7..696b13b 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -205,21 +205,17 @@
s->rwstate = SSL_NOTHING;
s->rstate = SSL_ST_READ_HEADER;
- if (s->init_buf != NULL) {
- BUF_MEM_free(s->init_buf);
- s->init_buf = NULL;
- }
+ BUF_MEM_free(s->init_buf);
+ s->init_buf = NULL;
s->packet = NULL;
s->packet_length = 0;
ssl_clear_cipher_ctx(s);
- if (s->next_proto_negotiated) {
- OPENSSL_free(s->next_proto_negotiated);
- s->next_proto_negotiated = NULL;
- s->next_proto_negotiated_len = 0;
- }
+ OPENSSL_free(s->next_proto_negotiated);
+ s->next_proto_negotiated = NULL;
+ s->next_proto_negotiated_len = 0;
/* The s->d1->mtu is simultaneously configuration (preserved across
* clear) and connection-specific state (gets reset).
@@ -365,9 +361,7 @@
return s;
err:
- if (s != NULL) {
- SSL_free(s);
- }
+ SSL_free(s);
OPENSSL_PUT_ERROR(SSL, SSL_new, ERR_R_MALLOC_FAILURE);
return NULL;
@@ -492,12 +486,7 @@
return ret;
err:
- if (ret && ret->ciphers) {
- sk_SSL_CIPHER_free(ret->ciphers);
- }
- if (ret) {
- OPENSSL_free(ret);
- }
+ ssl_cipher_preference_list_free(ret);
return NULL;
}
@@ -524,12 +513,7 @@
return ret;
err:
- if (ret && ret->ciphers) {
- sk_SSL_CIPHER_free(ret->ciphers);
- }
- if (ret) {
- OPENSSL_free(ret);
- }
+ ssl_cipher_preference_list_free(ret);
return NULL;
}
@@ -544,9 +528,7 @@
return;
}
- if (s->param) {
- X509_VERIFY_PARAM_free(s->param);
- }
+ X509_VERIFY_PARAM_free(s->param);
CRYPTO_free_ex_data(&g_ex_data_class_ssl, s, &s->ex_data);
@@ -559,74 +541,40 @@
s->bbio = NULL;
}
- if (s->rbio != NULL) {
- BIO_free_all(s->rbio);
- }
-
- if (s->wbio != NULL && s->wbio != s->rbio) {
+ int free_wbio = s->wbio != s->rbio;
+ BIO_free_all(s->rbio);
+ if (free_wbio) {
BIO_free_all(s->wbio);
}
- if (s->init_buf != NULL) {
- BUF_MEM_free(s->init_buf);
- }
+ BUF_MEM_free(s->init_buf);
/* add extra stuff */
- if (s->cipher_list != NULL) {
- ssl_cipher_preference_list_free(s->cipher_list);
- }
- if (s->cipher_list_by_id != NULL) {
- sk_SSL_CIPHER_free(s->cipher_list_by_id);
- }
+ ssl_cipher_preference_list_free(s->cipher_list);
+ sk_SSL_CIPHER_free(s->cipher_list_by_id);
- if (s->session != NULL) {
- ssl_clear_bad_session(s);
- SSL_SESSION_free(s->session);
- }
+ ssl_clear_bad_session(s);
+ SSL_SESSION_free(s->session);
ssl_clear_cipher_ctx(s);
- if (s->cert != NULL) {
- ssl_cert_free(s->cert);
- }
+ ssl_cert_free(s->cert);
- if (s->tlsext_hostname) {
- OPENSSL_free(s->tlsext_hostname);
- }
- if (s->initial_ctx) {
- SSL_CTX_free(s->initial_ctx);
- }
- if (s->tlsext_ecpointformatlist) {
- OPENSSL_free(s->tlsext_ecpointformatlist);
- }
- if (s->tlsext_ellipticcurvelist) {
- OPENSSL_free(s->tlsext_ellipticcurvelist);
- }
- if (s->alpn_client_proto_list) {
- OPENSSL_free(s->alpn_client_proto_list);
- }
- if (s->tlsext_channel_id_private) {
- EVP_PKEY_free(s->tlsext_channel_id_private);
- }
- if (s->psk_identity_hint) {
- OPENSSL_free(s->psk_identity_hint);
- }
- if (s->client_CA != NULL) {
- sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
- }
- if (s->next_proto_negotiated) {
- OPENSSL_free(s->next_proto_negotiated);
- }
- if (s->srtp_profiles) {
- sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
- }
+ OPENSSL_free(s->tlsext_hostname);
+ SSL_CTX_free(s->initial_ctx);
+ OPENSSL_free(s->tlsext_ecpointformatlist);
+ OPENSSL_free(s->tlsext_ellipticcurvelist);
+ OPENSSL_free(s->alpn_client_proto_list);
+ EVP_PKEY_free(s->tlsext_channel_id_private);
+ OPENSSL_free(s->psk_identity_hint);
+ sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free);
+ OPENSSL_free(s->next_proto_negotiated);
+ sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles);
if (s->method != NULL) {
s->method->ssl_free(s);
}
- if (s->ctx) {
- SSL_CTX_free(s->ctx);
- }
+ SSL_CTX_free(s->ctx);
OPENSSL_free(s);
}
@@ -640,10 +588,10 @@
}
}
- if (s->rbio != NULL && s->rbio != rbio) {
+ if (s->rbio != rbio) {
BIO_free_all(s->rbio);
}
- if (s->wbio != NULL && s->wbio != wbio && s->rbio != s->wbio) {
+ if (s->wbio != wbio && s->rbio != s->wbio) {
BIO_free_all(s->wbio);
}
s->rbio = rbio;
@@ -1455,9 +1403,7 @@
return sk;
err:
- if (sk != NULL) {
- sk_SSL_CIPHER_free(sk);
- }
+ sk_SSL_CIPHER_free(sk);
return NULL;
}
@@ -1645,10 +1591,7 @@
int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const uint8_t *protos,
unsigned protos_len) {
- if (ctx->alpn_client_proto_list) {
- OPENSSL_free(ctx->alpn_client_proto_list);
- }
-
+ OPENSSL_free(ctx->alpn_client_proto_list);
ctx->alpn_client_proto_list = BUF_memdup(protos, protos_len);
if (!ctx->alpn_client_proto_list) {
return 1;
@@ -1659,10 +1602,7 @@
}
int SSL_set_alpn_protos(SSL *ssl, const uint8_t *protos, unsigned protos_len) {
- if (ssl->alpn_client_proto_list) {
- OPENSSL_free(ssl->alpn_client_proto_list);
- }
-
+ OPENSSL_free(ssl->alpn_client_proto_list);
ssl->alpn_client_proto_list = BUF_memdup(protos, protos_len);
if (!ssl->alpn_client_proto_list) {
return 1;
@@ -1867,9 +1807,7 @@
err:
OPENSSL_PUT_ERROR(SSL, SSL_CTX_new, ERR_R_MALLOC_FAILURE);
err2:
- if (ret != NULL) {
- SSL_CTX_free(ret);
- }
+ SSL_CTX_free(ret);
return NULL;
}
@@ -1879,9 +1817,7 @@
return;
}
- if (ctx->param) {
- X509_VERIFY_PARAM_free(ctx->param);
- }
+ X509_VERIFY_PARAM_free(ctx->param);
/* Free internal session cache. However: the remove_cb() may reference the
* ex_data of SSL_CTX, thus the ex_data store can only be removed after the
@@ -1889,57 +1825,25 @@
* the session cache, the most secure solution seems to be: empty (flush) the
* cache, then free ex_data, then finally free the cache. (See ticket
* [openssl.org #212].) */
- if (ctx->sessions != NULL) {
- SSL_CTX_flush_sessions(ctx, 0);
- }
+ SSL_CTX_flush_sessions(ctx, 0);
CRYPTO_free_ex_data(&g_ex_data_class_ssl_ctx, ctx, &ctx->ex_data);
- if (ctx->sessions != NULL) {
- lh_SSL_SESSION_free(ctx->sessions);
- }
- if (ctx->cert_store != NULL) {
- X509_STORE_free(ctx->cert_store);
- }
- if (ctx->cipher_list != NULL) {
- ssl_cipher_preference_list_free(ctx->cipher_list);
- }
- if (ctx->cipher_list_by_id != NULL) {
- sk_SSL_CIPHER_free(ctx->cipher_list_by_id);
- }
- if (ctx->cipher_list_tls11 != NULL) {
- ssl_cipher_preference_list_free(ctx->cipher_list_tls11);
- }
- if (ctx->cert != NULL) {
- ssl_cert_free(ctx->cert);
- }
- if (ctx->client_CA != NULL) {
- sk_X509_NAME_pop_free(ctx->client_CA, X509_NAME_free);
- }
- if (ctx->extra_certs != NULL) {
- sk_X509_pop_free(ctx->extra_certs, X509_free);
- }
- if (ctx->srtp_profiles) {
- sk_SRTP_PROTECTION_PROFILE_free(ctx->srtp_profiles);
- }
- if (ctx->psk_identity_hint) {
- OPENSSL_free(ctx->psk_identity_hint);
- }
- if (ctx->tlsext_ecpointformatlist) {
- OPENSSL_free(ctx->tlsext_ecpointformatlist);
- }
- if (ctx->tlsext_ellipticcurvelist) {
- OPENSSL_free(ctx->tlsext_ellipticcurvelist);
- }
- if (ctx->alpn_client_proto_list != NULL) {
- OPENSSL_free(ctx->alpn_client_proto_list);
- }
- if (ctx->tlsext_channel_id_private) {
- EVP_PKEY_free(ctx->tlsext_channel_id_private);
- }
- if (ctx->keylog_bio) {
- BIO_free(ctx->keylog_bio);
- }
+ lh_SSL_SESSION_free(ctx->sessions);
+ X509_STORE_free(ctx->cert_store);
+ ssl_cipher_preference_list_free(ctx->cipher_list);
+ sk_SSL_CIPHER_free(ctx->cipher_list_by_id);
+ ssl_cipher_preference_list_free(ctx->cipher_list_tls11);
+ ssl_cert_free(ctx->cert);
+ sk_X509_NAME_pop_free(ctx->client_CA, X509_NAME_free);
+ sk_X509_pop_free(ctx->extra_certs, X509_free);
+ sk_SRTP_PROTECTION_PROFILE_free(ctx->srtp_profiles);
+ OPENSSL_free(ctx->psk_identity_hint);
+ OPENSSL_free(ctx->tlsext_ecpointformatlist);
+ OPENSSL_free(ctx->tlsext_ellipticcurvelist);
+ OPENSSL_free(ctx->alpn_client_proto_list);
+ EVP_PKEY_free(ctx->tlsext_channel_id_private);
+ BIO_free(ctx->keylog_bio);
OPENSSL_free(ctx);
}
@@ -2487,15 +2391,11 @@
ctx = ssl->initial_ctx;
}
- if (ssl->cert != NULL) {
- ssl_cert_free(ssl->cert);
- }
-
+ ssl_cert_free(ssl->cert);
ssl->cert = ssl_cert_dup(ctx->cert);
+
CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX);
- if (ssl->ctx != NULL) {
- SSL_CTX_free(ssl->ctx); /* decrement reference count */
- }
+ SSL_CTX_free(ssl->ctx); /* decrement reference count */
ssl->ctx = ctx;
ssl->sid_ctx_length = ctx->sid_ctx_length;
@@ -2576,9 +2476,7 @@
}
void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store) {
- if (ctx->cert_store != NULL) {
- X509_STORE_free(ctx->cert_store);
- }
+ X509_STORE_free(ctx->cert_store);
ctx->cert_store = store;
}
@@ -2626,9 +2524,7 @@
return 0;
}
- if (ctx->psk_identity_hint != NULL) {
- OPENSSL_free(ctx->psk_identity_hint);
- }
+ OPENSSL_free(ctx->psk_identity_hint);
if (identity_hint != NULL) {
ctx->psk_identity_hint = BUF_strdup(identity_hint);
@@ -2654,10 +2550,8 @@
}
/* Clear currently configured hint, if any. */
- if (s->psk_identity_hint != NULL) {
- OPENSSL_free(s->psk_identity_hint);
- s->psk_identity_hint = NULL;
- }
+ OPENSSL_free(s->psk_identity_hint);
+ s->psk_identity_hint = NULL;
if (identity_hint != NULL) {
s->psk_identity_hint = BUF_strdup(identity_hint);
@@ -2740,9 +2634,7 @@
}
void SSL_CTX_set_keylog_bio(SSL_CTX *ctx, BIO *keylog_bio) {
- if (ctx->keylog_bio != NULL) {
- BIO_free(ctx->keylog_bio);
- }
+ BIO_free(ctx->keylog_bio);
ctx->keylog_bio = keylog_bio;
}
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index 45c9891..372748d 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -114,12 +114,8 @@
ret = SSL_use_certificate(ssl, x);
end:
- if (x != NULL) {
- X509_free(x);
- }
- if (in != NULL) {
- BIO_free(in);
- }
+ X509_free(x);
+ BIO_free(in);
return ret;
}
@@ -183,9 +179,7 @@
}
}
- if (c->pkeys[i].privatekey != NULL) {
- EVP_PKEY_free(c->pkeys[i].privatekey);
- }
+ EVP_PKEY_free(c->pkeys[i].privatekey);
c->pkeys[i].privatekey = EVP_PKEY_dup(pkey);
c->key = &(c->pkeys[i]);
@@ -229,9 +223,7 @@
RSA_free(rsa);
end:
- if (in != NULL) {
- BIO_free(in);
- }
+ BIO_free(in);
return ret;
}
@@ -300,9 +292,7 @@
EVP_PKEY_free(pkey);
end:
- if (in != NULL) {
- BIO_free(in);
- }
+ BIO_free(in);
return ret;
}
@@ -367,9 +357,7 @@
EVP_PKEY_free(pkey);
- if (c->pkeys[i].x509 != NULL) {
- X509_free(c->pkeys[i].x509);
- }
+ X509_free(c->pkeys[i].x509);
c->pkeys[i].x509 = X509_up_ref(x);
c->key = &(c->pkeys[i]);
@@ -414,12 +402,8 @@
ret = SSL_CTX_use_certificate(ctx, x);
end:
- if (x != NULL) {
- X509_free(x);
- }
- if (in != NULL) {
- BIO_free(in);
- }
+ X509_free(x);
+ BIO_free(in);
return ret;
}
@@ -499,9 +483,7 @@
RSA_free(rsa);
end:
- if (in != NULL) {
- BIO_free(in);
- }
+ BIO_free(in);
return ret;
}
@@ -567,9 +549,7 @@
EVP_PKEY_free(pkey);
end:
- if (in != NULL) {
- BIO_free(in);
- }
+ BIO_free(in);
return ret;
}
@@ -660,11 +640,7 @@
}
end:
- if (x != NULL) {
- X509_free(x);
- }
- if (in != NULL) {
- BIO_free(in);
- }
+ X509_free(x);
+ BIO_free(in);
return ret;
}
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 75cc41f..f3f280c 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -272,10 +272,8 @@
ss->timeout = s->initial_ctx->session_timeout;
}
- if (s->session != NULL) {
- SSL_SESSION_free(s->session);
- s->session = NULL;
- }
+ SSL_SESSION_free(s->session);
+ s->session = NULL;
if (session) {
if (s->version == SSL3_VERSION || s->version == TLS1_VERSION ||
@@ -496,9 +494,7 @@
goto err;
}
- if (s->session != NULL) {
- SSL_SESSION_free(s->session);
- }
+ SSL_SESSION_free(s->session);
s->session = ret;
s->verify_result = s->session->verify_result;
return 1;
@@ -626,27 +622,13 @@
OPENSSL_cleanse(session->master_key, sizeof(session->master_key));
OPENSSL_cleanse(session->session_id, sizeof(session->session_id));
- if (session->sess_cert != NULL) {
- ssl_sess_cert_free(session->sess_cert);
- }
- if (session->peer != NULL) {
- X509_free(session->peer);
- }
- if (session->tlsext_hostname != NULL) {
- OPENSSL_free(session->tlsext_hostname);
- }
- if (session->tlsext_tick != NULL) {
- OPENSSL_free(session->tlsext_tick);
- }
- if (session->tlsext_signed_cert_timestamp_list != NULL) {
- OPENSSL_free(session->tlsext_signed_cert_timestamp_list);
- }
- if (session->ocsp_response != NULL) {
- OPENSSL_free(session->ocsp_response);
- }
- if (session->psk_identity != NULL) {
- OPENSSL_free(session->psk_identity);
- }
+ ssl_sess_cert_free(session->sess_cert);
+ X509_free(session->peer);
+ OPENSSL_free(session->tlsext_hostname);
+ OPENSSL_free(session->tlsext_tick);
+ OPENSSL_free(session->tlsext_signed_cert_timestamp_list);
+ OPENSSL_free(session->ocsp_response);
+ OPENSSL_free(session->psk_identity);
OPENSSL_cleanse(session, sizeof(*session));
OPENSSL_free(session);
}
@@ -656,9 +638,7 @@
return 1;
}
- if (s->session != NULL) {
- SSL_SESSION_free(s->session);
- }
+ SSL_SESSION_free(s->session);
s->session = session;
if (session != NULL) {
SSL_SESSION_up_ref(session);
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 1e495b3..4be839c 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -245,9 +245,7 @@
ret = 1;
done:
- if (extension_types) {
- OPENSSL_free(extension_types);
- }
+ OPENSSL_free(extension_types);
return ret;
}
@@ -489,9 +487,7 @@
}
}
- if (*out_curve_ids) {
- OPENSSL_free(*out_curve_ids);
- }
+ OPENSSL_free(*out_curve_ids);
*out_curve_ids = curve_ids;
*out_curve_ids_len = ncurves;
@@ -626,9 +622,7 @@
ret = 1;
done:
- if (pkey) {
- EVP_PKEY_free(pkey);
- }
+ EVP_PKEY_free(pkey);
return ret;
}
@@ -1346,9 +1340,7 @@
s, &selected, &selected_len, CBS_data(&protocol_name_list),
CBS_len(&protocol_name_list), s->ctx->alpn_select_cb_arg);
if (r == SSL_TLSEXT_ERR_OK) {
- if (s->s3->alpn_selected) {
- OPENSSL_free(s->s3->alpn_selected);
- }
+ OPENSSL_free(s->s3->alpn_selected);
s->s3->alpn_selected = BUF_memdup(selected, selected_len);
if (!s->s3->alpn_selected) {
*out_alert = SSL_AD_INTERNAL_ERROR;
@@ -1374,37 +1366,27 @@
s->s3->tmp.certificate_status_expected = 0;
s->s3->tmp.extended_master_secret = 0;
- if (s->s3->alpn_selected) {
- OPENSSL_free(s->s3->alpn_selected);
- s->s3->alpn_selected = NULL;
- }
+ OPENSSL_free(s->s3->alpn_selected);
+ s->s3->alpn_selected = NULL;
/* Clear any signature algorithms extension received */
- if (s->cert->peer_sigalgs) {
- OPENSSL_free(s->cert->peer_sigalgs);
- s->cert->peer_sigalgs = NULL;
- s->cert->peer_sigalgslen = 0;
- }
+ OPENSSL_free(s->cert->peer_sigalgs);
+ s->cert->peer_sigalgs = NULL;
+ s->cert->peer_sigalgslen = 0;
/* Clear any shared signature algorithms */
- if (s->cert->shared_sigalgs) {
- OPENSSL_free(s->cert->shared_sigalgs);
- s->cert->shared_sigalgs = NULL;
- s->cert->shared_sigalgslen = 0;
- }
+ OPENSSL_free(s->cert->shared_sigalgs);
+ s->cert->shared_sigalgs = NULL;
+ s->cert->shared_sigalgslen = 0;
/* Clear ECC extensions */
- if (s->s3->tmp.peer_ecpointformatlist != 0) {
- OPENSSL_free(s->s3->tmp.peer_ecpointformatlist);
- s->s3->tmp.peer_ecpointformatlist = NULL;
- s->s3->tmp.peer_ecpointformatlist_length = 0;
- }
+ OPENSSL_free(s->s3->tmp.peer_ecpointformatlist);
+ s->s3->tmp.peer_ecpointformatlist = NULL;
+ s->s3->tmp.peer_ecpointformatlist_length = 0;
- if (s->s3->tmp.peer_ellipticcurvelist != 0) {
- OPENSSL_free(s->s3->tmp.peer_ellipticcurvelist);
- s->s3->tmp.peer_ellipticcurvelist = NULL;
- s->s3->tmp.peer_ellipticcurvelist_length = 0;
- }
+ OPENSSL_free(s->s3->tmp.peer_ellipticcurvelist);
+ s->s3->tmp.peer_ellipticcurvelist = NULL;
+ s->s3->tmp.peer_ellipticcurvelist_length = 0;
/* There may be no extensions. */
if (CBS_len(cbs) == 0) {
@@ -1546,10 +1528,8 @@
return 0;
}
- if (s->s3->tmp.peer_ellipticcurvelist) {
- OPENSSL_free(s->s3->tmp.peer_ellipticcurvelist);
- s->s3->tmp.peer_ellipticcurvelist_length = 0;
- }
+ OPENSSL_free(s->s3->tmp.peer_ellipticcurvelist);
+ s->s3->tmp.peer_ellipticcurvelist_length = 0;
s->s3->tmp.peer_ellipticcurvelist =
(uint16_t *)OPENSSL_malloc(CBS_len(&elliptic_curve_list));
@@ -1731,17 +1711,13 @@
s->s3->tmp.extended_master_secret = 0;
s->srtp_profile = NULL;
- if (s->s3->alpn_selected) {
- OPENSSL_free(s->s3->alpn_selected);
- s->s3->alpn_selected = NULL;
- }
+ OPENSSL_free(s->s3->alpn_selected);
+ s->s3->alpn_selected = NULL;
/* Clear ECC extensions */
- if (s->s3->tmp.peer_ecpointformatlist != 0) {
- OPENSSL_free(s->s3->tmp.peer_ecpointformatlist);
- s->s3->tmp.peer_ecpointformatlist = NULL;
- s->s3->tmp.peer_ecpointformatlist_length = 0;
- }
+ OPENSSL_free(s->s3->tmp.peer_ecpointformatlist);
+ s->s3->tmp.peer_ecpointformatlist = NULL;
+ s->s3->tmp.peer_ecpointformatlist_length = 0;
/* There may be no extensions. */
if (CBS_len(cbs) == 0) {
@@ -2424,11 +2400,9 @@
TLS_SIGALGS *salgs = NULL;
CERT *c = s->cert;
- if (c->shared_sigalgs) {
- OPENSSL_free(c->shared_sigalgs);
- c->shared_sigalgs = NULL;
- c->shared_sigalgslen = 0;
- }
+ OPENSSL_free(c->shared_sigalgs);
+ c->shared_sigalgs = NULL;
+ c->shared_sigalgslen = 0;
/* If client use client signature algorithms if not NULL */
if (!s->server && c->client_sigalgs) {
@@ -2662,15 +2636,11 @@
}
if (client) {
- if (c->client_sigalgs) {
- OPENSSL_free(c->client_sigalgs);
- }
+ OPENSSL_free(c->client_sigalgs);
c->client_sigalgs = sigalgs;
c->client_sigalgslen = salglen;
} else {
- if (c->conf_sigalgs) {
- OPENSSL_free(c->conf_sigalgs);
- }
+ OPENSSL_free(c->conf_sigalgs);
c->conf_sigalgs = sigalgs;
c->conf_sigalgslen = salglen;
}