From d2a7efdbf3cf1a329025720a011cf0296f20c30f Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Mon, 27 Sep 2010 21:29:27 -0400 Subject: [PATCH 008/150] - factor out a little cleanup code --- src/plugins/preauth/pkinit/pkinit_crypto_nss.c | 65 ++++++++++++------------ 1 files changed, 33 insertions(+), 32 deletions(-) diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_nss.c b/src/plugins/preauth/pkinit/pkinit_crypto_nss.c index 5ea7c0d..3556e5b 100644 --- a/src/plugins/preauth/pkinit/pkinit_crypto_nss.c +++ b/src/plugins/preauth/pkinit/pkinit_crypto_nss.c @@ -800,6 +800,16 @@ create_issuerAndSerial(krb5_context context, /* Populate a list of AlgorithmIdentifier structures with the OIDs of the key * wrap algorithms that we support. */ +static void +free_n_algorithm_identifiers(krb5_algorithm_identifier **ids, int i) +{ + while (i >= 0) { + free(ids[i]->algorithm.data); + free(ids[i]); + i--; + } + free(ids); +} krb5_error_code create_krb5_supportedCMSTypes(krb5_context context, pkinit_plg_crypto_context plg_cryptoctx, @@ -823,12 +833,7 @@ create_krb5_supportedCMSTypes(krb5_context context, for (i = 0; i < (sizeof(oids) / sizeof(oids[0])); i++) { id = malloc(sizeof(*id)); if (id == NULL) { - while (i > 0) { - i--; - free(ids[i]->algorithm.data); - free(ids[i]); - } - free(ids); + free_n_algorithm_identifiers(ids, i - 1); return ENOMEM; } memset(id, 0, sizeof(*id)); @@ -836,12 +841,8 @@ create_krb5_supportedCMSTypes(krb5_context context, oid = SECOID_FindOIDByTag(oids[i]); if (secitem_to_buf_len(&oid->oid, &id->algorithm.data, &id->algorithm.length) != 0) { - while (i > 0) { - i--; - free(ids[i]->algorithm.data); - free(ids[i]); - } - free(ids); + free(ids[i]); + free_n_algorithm_identifiers(ids, i - 1); return ENOMEM; } } @@ -865,6 +866,18 @@ create_krb5_trustedCas(krb5_context context, /* Populate a list of trusted certifiers with the list of the root certificates * that we trust. */ +static void +free_n_principal_identifiers(krb5_external_principal_identifier **ids, int i) +{ + while (i >= 0) { + free(ids[i]->subjectKeyIdentifier.data); + free(ids[i]->issuerAndSerialNumber.data); + free(ids[i]->subjectName.data); + free(ids[i]); + i--; + } + free(ids); +} krb5_error_code create_krb5_trustedCertifiers(krb5_context context, pkinit_plg_crypto_context plg_cryptoctx, @@ -898,34 +911,22 @@ create_krb5_trustedCertifiers(krb5_context context, for (i = 0; i < n; i++) { id = malloc(sizeof(*id)); if (id == NULL) { - /* Free the earlier items. */ - while (i > 0) { - i--; - free(ids[i]->subjectKeyIdentifier.data); - free(ids[i]->issuerAndSerialNumber.data); - free(ids[i]->subjectName.data); - free(ids[i]); - } + free_n_principal_identifiers(ids, i - 1); return ENOMEM; } memset(id, 0, sizeof(*id)); - /* Use the certificate's subject key ID if it's + /* Use the certificate's subject key ID iff it's * actually in the certificate. */ if ((node->cert->keyIDGenerated ? - secitem_to_buf_len(&node->cert->subjectKeyID, - &id->subjectKeyIdentifier.data, - &id->subjectKeyIdentifier.length) : secitem_to_buf_len(&node->cert->derSubject, &id->subjectName.data, - &id->subjectName.length)) != 0) { + &id->subjectName.length) : + secitem_to_buf_len(&node->cert->subjectKeyID, + &id->subjectKeyIdentifier.data, + &id->subjectKeyIdentifier.length)) != 0) { /* Free the earlier items. */ - while (i > 0) { - i--; - free(ids[i]->subjectKeyIdentifier.data); - free(ids[i]->issuerAndSerialNumber.data); - free(ids[i]->subjectName.data); - free(ids[i]); - } + free(ids[i]); + free_n_principal_identifiers(ids, i - 1); return ENOMEM; } ids[i] = id; -- 1.7.6.4