Use FREE_AND_NULL for impl types

274efb12 · Nick Mathewson · ad94d43f · 274efb12 · 274efb12 · 274efb12
Commit 274efb12 authored Sep 04, 2018 by Nick Mathewson 🐕
--- a/src/lib/tls/tortls.c
+++ b/src/lib/tls/tortls.c
@@ -335,12 +335,9 @@ tor_tls_context_init_certificates(tor_tls_context_t *result,
  tor_free(nickname);
  tor_free(nn2);

-  if (cert)
-    tor_x509_cert_impl_free_(cert);
-  if (idcert)
-    tor_x509_cert_impl_free_(idcert);
-  if (authcert)
-    tor_x509_cert_impl_free_(authcert);
+  tor_x509_cert_impl_free(cert);
+  tor_x509_cert_impl_free(idcert);
+  tor_x509_cert_impl_free(authcert);
  crypto_pk_free(rsa);
  crypto_pk_free(rsa_auth);

@@ -379,7 +376,7 @@ tor_tls_free_(tor_tls_t *tls)
    size_t r,w;
    tor_tls_get_n_raw_bytes(tls,&r,&w); /* ensure written_by_tls is updated */
  }
-  tor_tls_impl_free_(tls->ssl);
+  tor_tls_impl_free(tls->ssl);
  tls->ssl = NULL;
 #ifdef ENABLE_OPENSSL
  tls->negotiated_callback = NULL;
@@ -424,10 +421,8 @@ tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_t **identity)
  rv = 0;

 done:
-  if (cert)
-    tor_x509_cert_impl_free_(cert);
-  if (id_cert)
-    tor_x509_cert_impl_free_(id_cert);
+  tor_x509_cert_impl_free(cert);
+  tor_x509_cert_impl_free(id_cert);
  tor_x509_cert_free(peer_x509);
  tor_x509_cert_free(id_x509);


--- a/src/lib/tls/tortls_internal.h
+++ b/src/lib/tls/tortls_internal.h
@@ -28,8 +28,12 @@ int tor_tls_context_init_certificates(tor_tls_context_t *result,
                                      unsigned key_lifetime,
                                      unsigned flags);
 void tor_tls_impl_free_(tor_tls_impl_t *ssl);
+#define tor_tls_impl_free(tls) \
+  FREE_AND_NULL(tor_tls_impl_t, tor_tls_impl_free_, (tls))

-void tor_tls_context_impl_free(tor_tls_context_impl_t *);
+void tor_tls_context_impl_free_(tor_tls_context_impl_t *);
+#define tor_tls_context_impl_free(ctx) \
+  FREE_AND_NULL(tor_tls_context_impl_t, tor_tls_context_impl_free_, (ctx))

 #ifdef ENABLE_OPENSSL
 tor_tls_t *tor_tls_get_by_ssl(const struct ssl_st *ssl);

--- a/src/lib/tls/tortls_nss.c
+++ b/src/lib/tls/tortls_nss.c
@@ -298,8 +298,10 @@ tor_tls_context_new(crypto_pk_t *identity,
 }

 void
-tor_tls_context_impl_free(tor_tls_context_impl_t *ctx)
+tor_tls_context_impl_free_(tor_tls_context_impl_t *ctx)
 {
+  if (!ctx)
+    return;
  PR_Close(ctx);
 }

@@ -409,6 +411,8 @@ tor_tls_impl_free_(tor_tls_impl_t *tls)
 {
  // XXXX This will close the underlying fd, which our OpenSSL version does
  // not do!
+  if (!tls)
+    return;

  PR_Close(tls);
 }

--- a/src/lib/tls/tortls_openssl.c
+++ b/src/lib/tls/tortls_openssl.c
@@ -496,7 +496,7 @@ tor_tls_cert_matches_key,(const tor_tls_t *tls, const tor_x509_cert_t *cert))
 }

 void
-tor_tls_context_impl_free(struct ssl_ctx_st *ctx)
+tor_tls_context_impl_free_(struct ssl_ctx_st *ctx)
 {
  if (!ctx)
    return;
@@ -1150,6 +1150,9 @@ tor_tls_assert_renegotiation_unblocked(tor_tls_t *tls)
 void
 tor_tls_impl_free_(tor_tls_impl_t *ssl)
 {
+  if (!ssl)
+    return;
+
 #ifdef SSL_set_tlsext_host_name
  SSL_set_tlsext_host_name(ssl, NULL);
 #endif

--- a/src/lib/tls/x509.c
+++ b/src/lib/tls/x509.c
@@ -76,8 +76,7 @@ tor_x509_cert_free_(tor_x509_cert_t *cert)
 {
  if (! cert)
    return;
-  if (cert->cert)
-    tor_x509_cert_impl_free_(cert->cert);
+  tor_x509_cert_impl_free(cert->cert);
 #ifdef ENABLE_OPENSSL
  tor_free(cert->encoded);
 #endif
@@ -131,7 +130,7 @@ tor_x509_cert_new,(tor_x509_cert_impl_t *x509_cert))
 err:
  tor_free(cert);
  log_err(LD_CRYPTO, "Couldn't wrap encoded X509 certificate.");
-  tor_x509_cert_impl_free_(x509_cert);
+  tor_x509_cert_impl_free(x509_cert);
  return NULL;
 }


--- a/src/lib/tls/x509_internal.h
+++ b/src/lib/tls/x509_internal.h
@@ -41,6 +41,8 @@ int tor_x509_check_cert_lifetime_internal(int severity,
                                          int future_tolerance);

 void tor_x509_cert_impl_free_(tor_x509_cert_impl_t *cert);
+#define tor_x509_cert_impl_free(cert) \
+  FREE_AND_NULL(tor_x509_cert_impl_t, tor_x509_cert_impl_free_, (cert))
 tor_x509_cert_impl_t *tor_x509_cert_impl_dup_(tor_x509_cert_impl_t *cert);
 #ifdef ENABLE_OPENSSL
 int tor_x509_cert_set_cached_der_encoding(tor_x509_cert_t *cert);

--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -496,10 +496,8 @@ test_tortls_verify(void *ignored)

 done:
  UNMOCK(try_to_extract_certs_from_tls);
-  if (cert1)
-    tor_x509_cert_impl_free_(cert1);
-  if (cert2)
-    tor_x509_cert_impl_free_(cert2);
+  tor_x509_cert_impl_free(cert1);
+  tor_x509_cert_impl_free(cert2);
  tor_free(tls);
  crypto_pk_free(k);
 }

--- a/src/test/test_x509.c
+++ b/src/test/test_x509.c
@@ -57,8 +57,7 @@ test_x509_cert_new_failing_digest(void *arg)
 done:
  crypto_pk_free(pk1);
  crypto_pk_free(pk2);
-  if (impl)
-    tor_x509_cert_impl_free_(impl);
+  tor_x509_cert_impl_free(impl);
  UNMOCK(crypto_digest);
  teardown_capture_of_logs();
 }