free cleanup almost the finale
Add OPENSSL_clear_free which merges cleanse and free.
(Names was picked to be similar to BN_clear_free, etc.)
Removed OPENSSL_freeFunc macro.
Fixed the small simple ones that are left:
CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked
Reviewed-by: Richard Levitte <levitte@openssl.org>
diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c
index 73a8e07..49c157a 100644
--- a/crypto/rsa/rsa_eay.c
+++ b/crypto/rsa/rsa_eay.c
@@ -243,10 +243,7 @@
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
- if (buf != NULL) {
- OPENSSL_cleanse(buf, num);
- OPENSSL_free(buf);
- }
+ OPENSSL_clear_free(buf, num);
return (r);
}
@@ -480,10 +477,7 @@
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
- if (buf != NULL) {
- OPENSSL_cleanse(buf, num);
- OPENSSL_free(buf);
- }
+ OPENSSL_clear_free(buf, num);
return (r);
}
@@ -622,10 +616,7 @@
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
- if (buf != NULL) {
- OPENSSL_cleanse(buf, num);
- OPENSSL_free(buf);
- }
+ OPENSSL_clear_free(buf, num);
return (r);
}
@@ -725,10 +716,7 @@
BN_CTX_end(ctx);
BN_CTX_free(ctx);
}
- if (buf != NULL) {
- OPENSSL_cleanse(buf, num);
- OPENSSL_free(buf);
- }
+ OPENSSL_clear_free(buf, num);
return (r);
}
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index 5b4ce73..1430d5b 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -243,8 +243,7 @@
BN_BLINDING_free(r->blinding);
if (r->mt_blinding != NULL)
BN_BLINDING_free(r->mt_blinding);
- if (r->bignum_data != NULL)
- OPENSSL_free_locked(r->bignum_data);
+ OPENSSL_free_locked(r->bignum_data);
OPENSSL_free(r);
}
diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c
index 80709f5..c462ae1 100644
--- a/crypto/rsa/rsa_saos.c
+++ b/crypto/rsa/rsa_saos.c
@@ -96,8 +96,7 @@
else
*siglen = i;
- OPENSSL_cleanse(s, (unsigned int)j + 1);
- OPENSSL_free(s);
+ OPENSSL_clear_free(s, (unsigned int)j + 1);
return (ret);
}
@@ -139,9 +138,6 @@
ret = 1;
err:
ASN1_OCTET_STRING_free(sig);
- if (s != NULL) {
- OPENSSL_cleanse(s, (unsigned int)siglen);
- OPENSSL_free(s);
- }
+ OPENSSL_clear_free(s, (unsigned int)siglen);
return (ret);
}
diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c
index 3b2ba56..6965797 100644
--- a/crypto/rsa/rsa_sign.c
+++ b/crypto/rsa/rsa_sign.c
@@ -131,10 +131,8 @@
else
*siglen = i;
- if (type != NID_md5_sha1) {
- OPENSSL_cleanse(tmps, (unsigned int)j + 1);
- OPENSSL_free(tmps);
- }
+ if (type != NID_md5_sha1)
+ OPENSSL_clear_free(tmps, (unsigned int)j + 1);
return (ret);
}
@@ -153,8 +151,7 @@
return 0;
if (derlen == dinfolen && !memcmp(dinfo, der, derlen))
ret = 1;
- OPENSSL_cleanse(der, derlen);
- OPENSSL_free(der);
+ OPENSSL_clear_free(der, derlen);
return ret;
}
@@ -267,10 +264,7 @@
}
err:
X509_SIG_free(sig);
- if (s != NULL) {
- OPENSSL_cleanse(s, (unsigned int)siglen);
- OPENSSL_free(s);
- }
+ OPENSSL_clear_free(s, (unsigned int)siglen);
return (ret);
}
