From cfe745c560f03dc336bbf41f45f6cb27828147f7 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Tue, 18 Aug 2009 03:05:16 +0000 Subject: [PATCH] Minor code cleanups in pkinit plugin, mostly around malloc/free invocations. No functional changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22534 dc483132-0cff-0310-8789-dd5450dbe970 --- src/plugins/preauth/pkinit/pkinit.h | 4 +- src/plugins/preauth/pkinit/pkinit_clnt.c | 47 ++-- .../preauth/pkinit/pkinit_crypto_openssl.c | 212 ++++++++---------- src/plugins/preauth/pkinit/pkinit_identity.c | 38 ++-- src/plugins/preauth/pkinit/pkinit_lib.c | 88 +++----- src/plugins/preauth/pkinit/pkinit_matching.c | 6 +- src/plugins/preauth/pkinit/pkinit_srv.c | 33 +-- 7 files changed, 166 insertions(+), 262 deletions(-) diff --git a/src/plugins/preauth/pkinit/pkinit.h b/src/plugins/preauth/pkinit/pkinit.h index 380d13b15..04c64a4a8 100644 --- a/src/plugins/preauth/pkinit/pkinit.h +++ b/src/plugins/preauth/pkinit/pkinit.h @@ -225,7 +225,7 @@ struct _pkinit_req_context { pkinit_identity_opts *idopts; krb5_preauthtype pa_type; }; -typedef struct _pkinit_kdc_context *pkinit_kdc_context; +typedef struct _pkinit_req_context *pkinit_req_context; /* * KDC's (per-realm) plugin context @@ -239,7 +239,7 @@ struct _pkinit_kdc_context { char *realmname; unsigned int realmname_len; }; -typedef struct _pkinit_req_context *pkinit_req_context; +typedef struct _pkinit_kdc_context *pkinit_kdc_context; /* * KDC's per-request context diff --git a/src/plugins/preauth/pkinit/pkinit_clnt.c b/src/plugins/preauth/pkinit/pkinit_clnt.c index d8533d9f3..935ed2faf 100644 --- a/src/plugins/preauth/pkinit/pkinit_clnt.c +++ b/src/plugins/preauth/pkinit/pkinit_clnt.c @@ -151,18 +151,18 @@ pa_pkinit_gen_req(krb5_context context, * The most we'll return is two pa_data, normally just one. * We need to make room for the NULL terminator. */ - return_pa_data = (krb5_pa_data **) malloc(3 * sizeof(krb5_pa_data *)); + return_pa_data = malloc(3 * sizeof(krb5_pa_data *)); if (return_pa_data == NULL) goto cleanup; return_pa_data[1] = NULL; /* in case of an early trip to cleanup */ return_pa_data[2] = NULL; /* Terminate the list */ - return_pa_data[0] = (krb5_pa_data *) malloc(sizeof(krb5_pa_data)); + return_pa_data[0] = malloc(sizeof(krb5_pa_data)); if (return_pa_data[0] == NULL) goto cleanup; - return_pa_data[1] = (krb5_pa_data *) malloc(sizeof(krb5_pa_data)); + return_pa_data[1] = malloc(sizeof(krb5_pa_data)); if (return_pa_data[1] == NULL) goto cleanup; @@ -200,16 +200,12 @@ pa_pkinit_gen_req(krb5_context context, cleanup: if (der_req != NULL) krb5_free_data(context, der_req); - - if (out_data != NULL) - free(out_data); + free(out_data); if (retval) { if (return_pa_data) { - if (return_pa_data[0] != NULL) - free(return_pa_data[0]); - if (return_pa_data[1] != NULL) - free(return_pa_data[1]); + free(return_pa_data[0]); + free(return_pa_data[1]); free(return_pa_data); } if (out_data) { @@ -859,23 +855,19 @@ pkinit_as_rep_parse(krb5_context context, retval = 0; cleanup: - if (dh_data.data != NULL) - free(dh_data.data); - if (client_key != NULL) - free(client_key); + free(dh_data.data); + free(client_key); free_krb5_kdc_dh_key_info(&kdc_dh); free_krb5_pa_pk_as_rep(&kdc_reply); if (key_pack != NULL) { free_krb5_reply_key_pack(&key_pack); - if (cksum.contents != NULL) - free(cksum.contents); + free(cksum.contents); } if (key_pack9 != NULL) free_krb5_reply_key_pack_draft9(&key_pack9); - if (kdc_hostname != NULL) - free(kdc_hostname); + free(kdc_hostname); pkiDebug("pkinit_as_rep_parse returning %d (%s)\n", retval, error_message(retval)); @@ -1191,12 +1183,12 @@ pkinit_client_req_init(krb5_context context, void **request_context) { krb5_error_code retval = ENOMEM; - struct _pkinit_req_context *reqctx = NULL; - struct _pkinit_context *plgctx = (struct _pkinit_context *)plugin_context; + pkinit_req_context reqctx = NULL; + pkinit_context plgctx = plugin_context; *request_context = NULL; - reqctx = (struct _pkinit_req_context *) malloc(sizeof(*reqctx)); + reqctx = malloc(sizeof(*reqctx)); if (reqctx == NULL) return; memset(reqctx, 0, sizeof(*reqctx)); @@ -1253,8 +1245,7 @@ pkinit_client_req_fini(krb5_context context, void *plugin_context, void *request_context) { - struct _pkinit_req_context *reqctx = - (struct _pkinit_req_context *)request_context; + pkinit_req_context reqctx = request_context; pkiDebug("%s: received reqctx at %p\n", __FUNCTION__, reqctx); if (reqctx == NULL) @@ -1284,9 +1275,9 @@ static int pkinit_client_plugin_init(krb5_context context, void **blob) { krb5_error_code retval = ENOMEM; - struct _pkinit_context *ctx = NULL; + pkinit_context ctx = NULL; - ctx = (struct _pkinit_context *)calloc(1, sizeof(*ctx)); + ctx = calloc(1, sizeof(*ctx)); if (ctx == NULL) return ENOMEM; memset(ctx, 0, sizeof(*ctx)); @@ -1325,7 +1316,7 @@ errout: static void pkinit_client_plugin_fini(krb5_context context, void *blob) { - struct _pkinit_context *ctx = (struct _pkinit_context *)blob; + pkinit_context ctx = blob; if (ctx == NULL || ctx->magic != PKINIT_CTX_MAGIC) { pkiDebug("pkinit_lib_fini: got bad plgctx (%p)!\n", ctx); @@ -1379,7 +1370,7 @@ add_string_to_array(krb5_context context, char ***array, const char *addition) } static krb5_error_code handle_gic_opt(krb5_context context, - struct _pkinit_context *plgctx, + pkinit_context plgctx, const char *attr, const char *value) { @@ -1418,7 +1409,7 @@ pkinit_client_gic_opt(krb5_context context, const char *value) { krb5_error_code retval; - struct _pkinit_context *plgctx = (struct _pkinit_context *)plugin_context; + pkinit_context plgctx = plugin_context; pkiDebug("(pkinit) received '%s' = '%s'\n", attr, value); retval = handle_gic_opt(context, plgctx, attr, value); diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c index 6e1a4b87a..e02721838 100644 --- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c @@ -268,15 +268,15 @@ unsigned char pkinit_4096_dhprime[4096/8] = { static int pkinit_oids_refs = 0; krb5_error_code -pkinit_init_plg_crypto(pkinit_plg_crypto_context *cryptoctx) { - +pkinit_init_plg_crypto(pkinit_plg_crypto_context *cryptoctx) +{ krb5_error_code retval = ENOMEM; pkinit_plg_crypto_context ctx = NULL; /* initialize openssl routines */ openssl_init(); - ctx = (pkinit_plg_crypto_context)malloc(sizeof(*ctx)); + ctx = malloc(sizeof(*ctx)); if (ctx == NULL) goto out; memset(ctx, 0, sizeof(*ctx)); @@ -318,7 +318,7 @@ pkinit_init_identity_crypto(pkinit_identity_crypto_context *idctx) krb5_error_code retval = ENOMEM; pkinit_identity_crypto_context ctx = NULL; - ctx = (pkinit_identity_crypto_context)malloc(sizeof(*ctx)); + ctx = malloc(sizeof(*ctx)); if (ctx == NULL) goto out; memset(ctx, 0, sizeof(*ctx)); @@ -358,11 +358,10 @@ pkinit_fini_identity_crypto(pkinit_identity_crypto_context idctx) krb5_error_code pkinit_init_req_crypto(pkinit_req_crypto_context *cryptoctx) { - krb5_error_code retval = ENOMEM; pkinit_req_crypto_context ctx = NULL; - ctx = (pkinit_req_crypto_context)malloc(sizeof(*ctx)); + ctx = malloc(sizeof(*ctx)); if (ctx == NULL) goto out; memset(ctx, 0, sizeof(*ctx)); @@ -684,14 +683,10 @@ pkinit_fini_pkcs11(pkinit_identity_crypto_context ctx) pkinit_C_UnloadModule(ctx->p11_module); ctx->p11_module = NULL; } - if (ctx->p11_module_name != NULL) - free(ctx->p11_module_name); - if (ctx->token_label != NULL) - free(ctx->token_label); - if (ctx->cert_id != NULL) - free(ctx->cert_id); - if (ctx->cert_label != NULL) - free(ctx->cert_label); + free(ctx->p11_module_name); + free(ctx->token_label); + free(ctx->cert_id); + free(ctx->cert_label); #endif } @@ -894,7 +889,7 @@ cms_signeddata_create(krb5_context context, alg->algorithm = OBJ_nid2obj(NID_sha1); alg->parameter = NULL; alg_len = i2d_X509_ALGOR(alg, NULL); - alg_buf = (unsigned char *)malloc(alg_len); + alg_buf = malloc(alg_len); if (alg_buf == NULL) goto cleanup2; @@ -903,13 +898,13 @@ cms_signeddata_create(krb5_context context, goto cleanup2; ASN1_OCTET_STRING_set(digest, md_data2, (int)md_len2); digest_len = i2d_ASN1_OCTET_STRING(digest, NULL); - digest_buf = (unsigned char *)malloc(digest_len); + digest_buf = malloc(digest_len); if (digest_buf == NULL) goto cleanup2; digestInfo_len = ASN1_object_size(1, (int)(alg_len + digest_len), V_ASN1_SEQUENCE); - y = digestInfo_buf = (unsigned char *)malloc(digestInfo_len); + y = digestInfo_buf = malloc(digestInfo_len); if (digestInfo_buf == NULL) goto cleanup2; ASN1_put_object(&y, 1, (int)(alg_len + digest_len), V_ASN1_SEQUENCE, @@ -987,8 +982,7 @@ cms_signeddata_create(krb5_context context, pkiDebug("failed to der encode pkcs7\n"); goto cleanup2; } - if ((p = *signed_data = - (unsigned char *) malloc((size_t)*signed_data_len)) == NULL) + if ((p = *signed_data = malloc(*signed_data_len)) == NULL) goto cleanup2; /* DER encode PKCS7 data */ @@ -1025,12 +1019,9 @@ cms_signeddata_create(krb5_context context, if (id_cryptoctx->pkcs11_method == 1 && id_cryptoctx->mech == CKM_RSA_PKCS) { EVP_MD_CTX_cleanup(&ctx2); - if (digest_buf != NULL) - free(digest_buf); - if (digestInfo_buf != NULL) - free(digestInfo_buf); - if (alg_buf != NULL) - free(alg_buf); + free(digest_buf); + free(digestInfo_buf); + free(alg_buf); if (digest != NULL) ASN1_OCTET_STRING_free(digest); } @@ -1040,8 +1031,7 @@ cms_signeddata_create(krb5_context context, cleanup: if (p7 != NULL) PKCS7_free(p7); - if (sig != NULL) - free(sig); + free(sig); return retval; } @@ -1340,7 +1330,7 @@ cms_signeddata_verify(krb5_context context, print_buffer_bin((unsigned char *)authz->data, authz->length, "/tmp/kdc_ad_initial_verified_cas"); #endif - *authz_data = (unsigned char *)malloc(authz->length); + *authz_data = malloc(authz->length); if (*authz_data == NULL) { retval = ENOMEM; goto cleanup; @@ -1471,7 +1461,7 @@ break; } *out_len = i2d_PKCS7(p7, NULL); - if (!*out_len || (p = *out = (unsigned char *)malloc(*out_len)) == NULL) { + if (!*out_len || (p = *out = malloc(*out_len)) == NULL) { retval = ENOMEM; goto cleanup; } @@ -1491,10 +1481,8 @@ cleanup: PKCS7_free(p7); if (in != NULL) BIO_free(in); - if (signed_data != NULL) - free(signed_data); - if (enc_data != NULL) - free(enc_data); + free(signed_data); + free(enc_data); if (encerts != NULL) sk_X509_free(encerts); @@ -1656,10 +1644,8 @@ cms_envelopeddata_verify(krb5_context context, PKCS7_free(p7); if (out != NULL) BIO_free(out); - if (tmp_buf != NULL) - free(tmp_buf); - if (tmp_buf2 != NULL) - free(tmp_buf2); + free(tmp_buf); + free(tmp_buf2); return retval; } @@ -1949,8 +1935,7 @@ pkinit_octetstring2key(krb5_context context, size_t keybytes, keylength, offset; krb5_data random_data; - - if ((buf = (unsigned char *) malloc(dh_key_len)) == NULL) { + if ((buf = malloc(dh_key_len)) == NULL) { retval = ENOMEM; goto cleanup; } @@ -1995,8 +1980,7 @@ pkinit_octetstring2key(krb5_context context, retval = krb5_c_random_to_key(context, etype, &random_data, key_block); cleanup: - if (buf != NULL) - free(buf); + free(buf); if (retval && key_block->contents != NULL && key_block->length != 0) { memset(key_block->contents, 0, key_block->length); key_block->length = 0; @@ -2093,8 +2077,7 @@ client_create_dh(krb5_context context, if ((pub_key = BN_to_ASN1_INTEGER(cryptoctx->dh->pub_key, NULL)) == NULL) goto cleanup; *dh_pubkey_len = i2d_ASN1_INTEGER(pub_key, NULL); - if ((buf = *dh_pubkey = (unsigned char *) - malloc((size_t) *dh_pubkey_len)) == NULL) { + if ((buf = *dh_pubkey = malloc(*dh_pubkey_len)) == NULL) { retval = ENOMEM; goto cleanup; } @@ -2110,11 +2093,9 @@ client_create_dh(krb5_context context, if (cryptoctx->dh != NULL) DH_free(cryptoctx->dh); cryptoctx->dh = NULL; - if (*dh_params != NULL) - free(*dh_params); + free(*dh_params); *dh_params = NULL; - if (*dh_pubkey != NULL) - free(*dh_pubkey); + free(*dh_pubkey); *dh_pubkey = NULL; if (pub_key != NULL) ASN1_INTEGER_free(pub_key); @@ -2149,8 +2130,7 @@ client_process_dh(krb5_context context, } *client_key_len = DH_size(cryptoctx->dh); - if ((*client_key = (unsigned char *) - malloc((size_t) *client_key_len)) == NULL) { + if ((*client_key = malloc(*client_key_len)) == NULL) { retval = ENOMEM; goto cleanup; } @@ -2178,8 +2158,7 @@ client_process_dh(krb5_context context, return retval; cleanup: - if (*client_key != NULL) - free(*client_key); + free(*client_key); *client_key = NULL; if (pub_key != NULL) ASN1_INTEGER_free(pub_key); @@ -2294,7 +2273,7 @@ server_process_dh(krb5_context context, /* generate DH session key */ *server_key_len = DH_size(dh_server); - if ((*server_key = (unsigned char *) malloc((size_t)*server_key_len)) == NULL) + if ((*server_key = malloc(*server_key_len)) == NULL) goto cleanup; DH_compute_key(*server_key, dh->pub_key, dh_server); @@ -2316,7 +2295,7 @@ server_process_dh(krb5_context context, if ((pub_key = BN_to_ASN1_INTEGER(dh_server->pub_key, NULL)) == NULL) goto cleanup; *dh_pubkey_len = i2d_ASN1_INTEGER(pub_key, NULL); - if ((p = *dh_pubkey = (unsigned char *) malloc((size_t)*dh_pubkey_len)) == NULL) + if ((p = *dh_pubkey = malloc(*dh_pubkey_len)) == NULL) goto cleanup; i2d_ASN1_INTEGER(pub_key, &p); if (pub_key != NULL) @@ -2331,10 +2310,8 @@ server_process_dh(krb5_context context, cleanup: if (dh_server != NULL) DH_free(dh_server); - if (*dh_pubkey != NULL) - free(*dh_pubkey); - if (*server_key != NULL) - free(*server_key); + free(*dh_pubkey); + free(*server_key); return retval; } @@ -2374,7 +2351,7 @@ pkinit_encode_dh_params(BIGNUM *p, BIGNUM *g, BIGNUM *q, r = ASN1_object_size(1, bufsize, V_ASN1_SEQUENCE); - tmp = *buf = (unsigned char *)malloc((size_t) r); + tmp = *buf = malloc((size_t) r); if (tmp == NULL) goto cleanup; @@ -2503,7 +2480,7 @@ pkinit_create_sequence_of_principal_identifiers( print_buffer_bin((unsigned char *)td_certifiers->data, td_certifiers->length, "/tmp/kdc_td_certifiers"); #endif - typed_data = malloc (2 * sizeof(krb5_typed_data *)); + typed_data = malloc(2 * sizeof(krb5_typed_data *)); if (typed_data == NULL) { retval = ENOMEM; goto cleanup; @@ -2527,9 +2504,9 @@ pkinit_create_sequence_of_principal_identifiers( print_buffer_bin((unsigned char *)data->data, data->length, "/tmp/kdc_edata"); #endif - *out_data = (krb5_data *)malloc(sizeof(krb5_data)); + *out_data = malloc(sizeof(krb5_data)); (*out_data)->length = data->length; - (*out_data)->data = (char *)malloc(data->length); + (*out_data)->data = malloc(data->length); memcpy((*out_data)->data, data->data, data->length); retval = 0; @@ -2539,16 +2516,12 @@ cleanup: free_krb5_external_principal_identifier(&krb5_trusted_certifiers); if (data != NULL) { - if (data->data != NULL) - free(data->data); + free(data->data); free(data); } - if (td_certifiers != NULL) - free(td_certifiers); - - if (typed_data != NULL) - free_krb5_typed_data(&typed_data); + free(td_certifiers); + free_krb5_typed_data(&typed_data); return retval; } @@ -2629,30 +2602,30 @@ pkinit_create_td_dh_parameters(krb5_context context, if (algId == NULL) goto cleanup; algId[3] = NULL; - algId[0] = (krb5_algorithm_identifier *)malloc(sizeof(krb5_algorithm_identifier)); + algId[0] = malloc(sizeof(krb5_algorithm_identifier)); if (algId[0] == NULL) goto cleanup; - algId[0]->parameters.data = (unsigned char *)malloc(buf2_len); + algId[0]->parameters.data = malloc(buf2_len); if (algId[0]->parameters.data == NULL) goto cleanup; memcpy(algId[0]->parameters.data, buf2, buf2_len); algId[0]->parameters.length = buf2_len; algId[0]->algorithm = dh_oid; - algId[1] = (krb5_algorithm_identifier *)malloc(sizeof(krb5_algorithm_identifier)); + algId[1] = malloc(sizeof(krb5_algorithm_identifier)); if (algId[1] == NULL) goto cleanup; - algId[1]->parameters.data = (unsigned char *)malloc(buf3_len); + algId[1]->parameters.data = malloc(buf3_len); if (algId[1]->parameters.data == NULL) goto cleanup; memcpy(algId[1]->parameters.data, buf3, buf3_len); algId[1]->parameters.length = buf3_len; algId[1]->algorithm = dh_oid; - algId[2] = (krb5_algorithm_identifier *)malloc(sizeof(krb5_algorithm_identifier)); + algId[2] = malloc(sizeof(krb5_algorithm_identifier)); if (algId[2] == NULL) goto cleanup; - algId[2]->parameters.data = (unsigned char *)malloc(buf1_len); + algId[2]->parameters.data = malloc(buf1_len); if (algId[2]->parameters.data == NULL) goto cleanup; memcpy(algId[2]->parameters.data, buf1, buf1_len); @@ -2664,20 +2637,20 @@ pkinit_create_td_dh_parameters(krb5_context context, if (algId == NULL) goto cleanup; algId[2] = NULL; - algId[0] = (krb5_algorithm_identifier *)malloc(sizeof(krb5_algorithm_identifier)); + algId[0] = malloc(sizeof(krb5_algorithm_identifier)); if (algId[0] == NULL) goto cleanup; - algId[0]->parameters.data = (unsigned char *)malloc(buf2_len); + algId[0]->parameters.data = malloc(buf2_len); if (algId[0]->parameters.data == NULL) goto cleanup; memcpy(algId[0]->parameters.data, buf2, buf2_len); algId[0]->parameters.length = buf2_len; algId[0]->algorithm = dh_oid; - algId[1] = (krb5_algorithm_identifier *)malloc(sizeof(krb5_algorithm_identifier)); + algId[1] = malloc(sizeof(krb5_algorithm_identifier)); if (algId[1] == NULL) goto cleanup; - algId[1]->parameters.data = (unsigned char *)malloc(buf3_len); + algId[1]->parameters.data = malloc(buf3_len); if (algId[1]->parameters.data == NULL) goto cleanup; memcpy(algId[1]->parameters.data, buf3, buf3_len); @@ -2689,10 +2662,10 @@ pkinit_create_td_dh_parameters(krb5_context context, if (algId == NULL) goto cleanup; algId[1] = NULL; - algId[0] = (krb5_algorithm_identifier *)malloc(sizeof(krb5_algorithm_identifier)); + algId[0] = malloc(sizeof(krb5_algorithm_identifier)); if (algId[0] == NULL) goto cleanup; - algId[0]->parameters.data = (unsigned char *)malloc(buf3_len); + algId[0]->parameters.data = malloc(buf3_len); if (algId[0]->parameters.data == NULL) goto cleanup; memcpy(algId[0]->parameters.data, buf3, buf3_len); @@ -2707,7 +2680,7 @@ pkinit_create_td_dh_parameters(krb5_context context, print_buffer_bin((unsigned char *)encoded_algId->data, encoded_algId->length, "/tmp/kdc_td_dh_params"); #endif - typed_data = malloc (2 * sizeof(krb5_typed_data *)); + typed_data = malloc(2 * sizeof(krb5_typed_data *)); if (typed_data == NULL) { retval = ENOMEM; goto cleanup; @@ -2731,11 +2704,11 @@ pkinit_create_td_dh_parameters(krb5_context context, print_buffer_bin((unsigned char *)data->data, data->length, "/tmp/kdc_edata"); #endif - *out_data = (krb5_data *)malloc(sizeof(krb5_data)); + *out_data = malloc(sizeof(krb5_data)); if (*out_data == NULL) goto cleanup; (*out_data)->length = data->length; - (*out_data)->data = (char *)malloc(data->length); + (*out_data)->data = malloc(data->length); if ((*out_data)->data == NULL) { free(*out_data); *out_data = NULL; @@ -2746,26 +2719,19 @@ pkinit_create_td_dh_parameters(krb5_context context, retval = 0; cleanup: - if (buf1 != NULL) - free(buf1); - if (buf2 != NULL) - free(buf2); - if (buf3 != NULL) - free(buf3); + free(buf1); + free(buf2); + free(buf3); if (data != NULL) { - if (data->data != NULL) - free(data->data); + free(data->data); free(data); } - if (typed_data != NULL) - free_krb5_typed_data(&typed_data); - if (encoded_algId != NULL) - free(encoded_algId); + free_krb5_typed_data(&typed_data); + free(encoded_algId); if (algId != NULL) { while(algId[i] != NULL) { - if (algId[i]->parameters.data != NULL) - free(algId[i]->parameters.data); + free(algId[i]->parameters.data); free(algId[i]); i++; } @@ -3021,7 +2987,7 @@ wrap_signeddata(unsigned char *data, unsigned int data_len, tot_len = ASN1_object_size(1, (int)(orig_len+oid_len), V_ASN1_SEQUENCE); } - p = *out = (unsigned char *)malloc(tot_len); + p = *out = malloc(tot_len); if (p == NULL) return -1; if (is_longhorn_server == 0) { @@ -3074,7 +3040,7 @@ wrap_signeddata(unsigned char *data, unsigned int data_len, tot_len = ASN1_object_size(1, (int)(oid_len), V_ASN1_SEQUENCE); - p = *out = (unsigned char *)malloc(tot_len); + p = *out = malloc(tot_len); if (p == NULL) return -1; @@ -3116,7 +3082,7 @@ wrap_signeddata(unsigned char *data, unsigned int data_len, tot_len = ASN1_object_size(1, (int)(orig_len+oid_len), V_ASN1_SEQUENCE); - p = *out = (unsigned char *)malloc(tot_len); + p = *out = malloc(tot_len); if (p == NULL) return -1; ASN1_put_object(&p, 1, (int)(orig_len+oid_len), @@ -3159,7 +3125,7 @@ prepare_enc_data(unsigned char *indata, asn1_const_Finish(&c); - *outdata = (unsigned char *)malloc((size_t)Tlen); + *outdata = malloc((size_t)Tlen); if (outdata == NULL) { retval = ENOMEM; goto cleanup; @@ -3230,7 +3196,7 @@ pkinit_login(krb5_context context, if (asprintf(&prompt, "%.*s PIN%s", (int) sizeof (tip->label), tip->label, warning) < 0) return ENOMEM; - rdat.data = (char *)malloc(tip->ulMaxPinLen + 2); + rdat.data = malloc(tip->ulMaxPinLen + 2); rdat.length = tip->ulMaxPinLen + 1; kprompt.prompt = prompt; @@ -3255,8 +3221,7 @@ pkinit_login(krb5_context context, r = KRB5KDC_ERR_PREAUTH_FAILED; } } - if (rdat.data) - free(rdat.data); + free(rdat.data); return r; } @@ -3290,14 +3255,14 @@ pkinit_open_session(krb5_context context, if (cctx->slotid != PK_NOSLOT) { /* A slot was specified, so that's the only one in the list */ count = 1; - slotlist = (CK_SLOT_ID_PTR) malloc(sizeof (CK_SLOT_ID)); + slotlist = malloc(sizeof(CK_SLOT_ID)); slotlist[0] = cctx->slotid; } else { if (cctx->p11->C_GetSlotList(TRUE, NULL, &count) != CKR_OK) return KRB5KDC_ERR_PREAUTH_FAILED; if (count == 0) return KRB5KDC_ERR_PREAUTH_FAILED; - slotlist = (CK_SLOT_ID_PTR) malloc(count * sizeof (CK_SLOT_ID)); + slotlist = malloc(count * sizeof (CK_SLOT_ID)); if (cctx->p11->C_GetSlotList(TRUE, slotlist, &count) != CKR_OK) return KRB5KDC_ERR_PREAUTH_FAILED; } @@ -3490,7 +3455,7 @@ pkinit_decode_data_pkcs11(krb5_context context, return KRB5KDC_ERR_PREAUTH_FAILED; } pkiDebug("data_len = %d\n", data_len); - cp = (unsigned char *)malloc((size_t) data_len); + cp = malloc((size_t) data_len); if (cp == NULL) return ENOMEM; len = data_len; @@ -3592,7 +3557,7 @@ pkinit_sign_data_pkcs11(krb5_context context, * get that. So guess, and if it's too small, re-malloc. */ len = PK_SIGLEN_GUESS; - cp = (unsigned char *)malloc((size_t) len); + cp = malloc((size_t) len); if (cp == NULL) return ENOMEM; @@ -3601,7 +3566,7 @@ pkinit_sign_data_pkcs11(krb5_context context, if (r == CKR_BUFFER_TOO_SMALL || (r == CKR_OK && len >= PK_SIGLEN_GUESS)) { free(cp); pkiDebug("C_Sign realloc %d\n", (int) len); - cp = (unsigned char *)malloc((size_t) len); + cp = malloc((size_t) len); r = id_cryptoctx->p11->C_Sign(id_cryptoctx->session, data, (CK_ULONG) data_len, cp, &len); } @@ -3655,7 +3620,7 @@ decode_data(unsigned char **out_data, unsigned int *out_data_len, } buf_len = EVP_PKEY_size(pkey); - buf = (unsigned char *)malloc((size_t) buf_len + 10); + buf = malloc((size_t) buf_len + 10); if (buf == NULL) goto cleanup; @@ -3687,7 +3652,7 @@ create_signature(unsigned char **sig, unsigned int *sig_len, EVP_VerifyInit(&md_ctx, EVP_sha1()); EVP_SignUpdate(&md_ctx, data, data_len); *sig_len = EVP_PKEY_size(pkey); - if ((*sig = (unsigned char *) malloc((size_t) *sig_len)) == NULL) + if ((*sig = malloc(*sig_len)) == NULL) goto cleanup; EVP_SignFinal(&md_ctx, *sig, sig_len, pkey); @@ -4071,7 +4036,7 @@ pkinit_get_certs_pkcs11(krb5_context context, pkiDebug("C_GetMechanismList: %s\n", pkinit_pkcs11_code_to_text(r)); return KRB5KDC_ERR_PREAUTH_FAILED; } - mechp = (CK_MECHANISM_TYPE_PTR) malloc(count * sizeof (CK_MECHANISM_TYPE)); + mechp = malloc(count * sizeof (CK_MECHANISM_TYPE)); if (mechp == NULL) return ENOMEM; if ((r = id_cryptoctx->p11->C_GetMechanismList(id_cryptoctx->slotid, @@ -4209,8 +4174,7 @@ free_cred_info(krb5_context context, if (cred->key != NULL) EVP_PKEY_free(cred->key); #ifndef WITHOUT_PKCS11 - if (cred->cert_id != NULL) - free(cred->cert_id); + free(cred->cert_id); #endif free(cred); } @@ -4981,7 +4945,7 @@ create_identifiers_from_stack(STACK_OF(X509) *sk, krb5_cas[sk_size] = NULL; for (i = 0; i < sk_size; i++) { - krb5_cas[i] = (krb5_external_principal_identifier *)malloc(sizeof(krb5_external_principal_identifier)); + krb5_cas[i] = malloc(sizeof(krb5_external_principal_identifier)); x = sk_X509_value(sk, i); @@ -4995,7 +4959,7 @@ create_identifiers_from_stack(STACK_OF(X509) *sk, xn = X509_get_subject_name(x); len = i2d_X509_NAME(xn, NULL); - if ((p = krb5_cas[i]->subjectName.data = (unsigned char *)malloc((size_t) len)) == NULL) + if ((p = krb5_cas[i]->subjectName.data = malloc((size_t) len)) == NULL) goto cleanup; i2d_X509_NAME(xn, &p); krb5_cas[i]->subjectName.length = len; @@ -5014,7 +4978,7 @@ if (longhorn == 0) { /* XXX Longhorn doesn't like this */ is->serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(x)); len = i2d_PKCS7_ISSUER_AND_SERIAL(is, NULL); if ((p = krb5_cas[i]->issuerAndSerialNumber.data = - (unsigned char *)malloc((size_t) len)) == NULL) + malloc((size_t) len)) == NULL) goto cleanup; i2d_PKCS7_ISSUER_AND_SERIAL(is, &p); krb5_cas[i]->issuerAndSerialNumber.length = len; @@ -5038,7 +5002,7 @@ if (longhorn == 0) { /* XXX Longhorn doesn't like this */ NULL))) { len = i2d_ASN1_OCTET_STRING(ikeyid, NULL); if ((p = krb5_cas[i]->subjectKeyIdentifier.data = - (unsigned char *)malloc((size_t) len)) == NULL) + malloc((size_t) len)) == NULL) goto cleanup; i2d_ASN1_OCTET_STRING(ikeyid, &p); krb5_cas[i]->subjectKeyIdentifier.length = len; @@ -5113,7 +5077,7 @@ create_krb5_supportedCMSTypes(krb5_context context, if (loids == NULL) goto cleanup; loids[1] = NULL; - loids[0] = (krb5_algorithm_identifier *)malloc(sizeof(krb5_algorithm_identifier)); + loids[0] = malloc(sizeof(krb5_algorithm_identifier)); if (loids[0] == NULL) { free(loids); goto cleanup; @@ -5182,7 +5146,7 @@ create_krb5_trustedCas(krb5_context context, krb5_cas[sk_size] = NULL; for (i = 0; i < sk_size; i++) { - krb5_cas[i] = (krb5_trusted_ca *)malloc(sizeof(krb5_trusted_ca)); + krb5_cas[i] = malloc(sizeof(krb5_trusted_ca)); if (krb5_cas[i] == NULL) goto cleanup; x = sk_X509_value(sk, i); @@ -5201,7 +5165,7 @@ create_krb5_trustedCas(krb5_context context, xn = X509_get_subject_name(x); len = i2d_X509_NAME(xn, NULL); if ((p = krb5_cas[i]->u.caName.data = - (unsigned char *)malloc((size_t) len)) == NULL) + malloc((size_t) len)) == NULL) goto cleanup; i2d_X509_NAME(xn, &p); krb5_cas[i]->u.caName.length = len; @@ -5216,7 +5180,7 @@ create_krb5_trustedCas(krb5_context context, is->serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(x)); len = i2d_PKCS7_ISSUER_AND_SERIAL(is, NULL); if ((p = krb5_cas[i]->u.issuerAndSerial.data = - (unsigned char *)malloc((size_t) len)) == NULL) + malloc((size_t) len)) == NULL) goto cleanup; i2d_PKCS7_ISSUER_AND_SERIAL(is, &p); krb5_cas[i]->u.issuerAndSerial.length = len; @@ -5264,7 +5228,7 @@ create_issuerAndSerial(krb5_context context, M_ASN1_INTEGER_free(is->serial); is->serial = M_ASN1_INTEGER_dup(X509_get_serialNumber(cert)); len = i2d_PKCS7_ISSUER_AND_SERIAL(is, NULL); - if ((p = *out = (unsigned char *)malloc((size_t) len)) == NULL) + if ((p = *out = malloc((size_t) len)) == NULL) goto cleanup; i2d_PKCS7_ISSUER_AND_SERIAL(is, &p); *out_len = len; @@ -5557,7 +5521,7 @@ der_decode_data(unsigned char *data, long data_len, if ((s = d2i_ASN1_BIT_STRING(NULL, &p, data_len)) == NULL) goto cleanup; *out_len = s->length; - if ((*out = (unsigned char *) malloc((size_t) *out_len + 1)) == NULL) { + if ((*out = malloc((size_t) *out_len + 1)) == NULL) { retval = ENOMEM; goto cleanup; } diff --git a/src/plugins/preauth/pkinit/pkinit_identity.c b/src/plugins/preauth/pkinit/pkinit_identity.c index fc4d08d71..b71f7c945 100644 --- a/src/plugins/preauth/pkinit/pkinit_identity.c +++ b/src/plugins/preauth/pkinit/pkinit_identity.c @@ -113,7 +113,7 @@ pkinit_init_identity_opts(pkinit_identity_opts **idopts) pkinit_identity_opts *opts = NULL; *idopts = NULL; - opts = (pkinit_identity_opts *) calloc(1, sizeof(pkinit_identity_opts)); + opts = calloc(1, sizeof(pkinit_identity_opts)); if (opts == NULL) return ENOMEM; @@ -238,19 +238,13 @@ pkinit_fini_identity_opts(pkinit_identity_opts *idopts) free_list(idopts->crls); free_list(idopts->identity_alt); - if (idopts->cert_filename != NULL) - free(idopts->cert_filename); - if (idopts->key_filename != NULL) - free(idopts->key_filename); + free(idopts->cert_filename); + free(idopts->key_filename); #ifndef WITHOUT_PKCS11 - if (idopts->p11_module_name != NULL) - free(idopts->p11_module_name); - if (idopts->token_label != NULL) - free(idopts->token_label); - if (idopts->cert_id_string != NULL) - free(idopts->cert_id_string); - if (idopts->cert_label != NULL) - free(idopts->cert_label); + free(idopts->p11_module_name); + free(idopts->token_label); + free(idopts->cert_id_string); + free(idopts->cert_label); #endif free(idopts); } @@ -277,8 +271,7 @@ parse_pkcs11_options(krb5_context context, /* If there is no "=", this is a pkcs11 module name */ if (vp == NULL) { - if (idopts->p11_module_name != NULL) - free(idopts->p11_module_name); + free(idopts->p11_module_name); idopts->p11_module_name = strdup(cp); if (idopts->p11_module_name == NULL) goto cleanup; @@ -286,8 +279,7 @@ parse_pkcs11_options(krb5_context context, } *vp++ = '\0'; if (!strcmp(cp, "module_name")) { - if (idopts->p11_module_name != NULL) - free(idopts->p11_module_name); + free(idopts->p11_module_name); idopts->p11_module_name = strdup(vp); if (idopts->p11_module_name == NULL) goto cleanup; @@ -303,20 +295,17 @@ parse_pkcs11_options(krb5_context context, } idopts->slotid = slotid; } else if (!strcmp(cp, "token")) { - if (idopts->token_label != NULL) - free(idopts->token_label); + free(idopts->token_label); idopts->token_label = strdup(vp); if (idopts->token_label == NULL) goto cleanup; } else if (!strcmp(cp, "certid")) { - if (idopts->cert_id_string != NULL) - free(idopts->cert_id_string); + free(idopts->cert_id_string); idopts->cert_id_string = strdup(vp); if (idopts->cert_id_string == NULL) goto cleanup; } else if (!strcmp(cp, "certlabel")) { - if (idopts->cert_label != NULL) - free(idopts->cert_label); + free(idopts->cert_label); idopts->cert_label = strdup(vp); if (idopts->cert_label == NULL) goto cleanup; @@ -357,8 +346,7 @@ parse_fs_options(krb5_context context, retval = 0; cleanup: - if (certname != NULL) - free(certname); + free(certname); return retval; } diff --git a/src/plugins/preauth/pkinit/pkinit_lib.c b/src/plugins/preauth/pkinit/pkinit_lib.c index bab1bec8d..88b9e69bd 100644 --- a/src/plugins/preauth/pkinit/pkinit_lib.c +++ b/src/plugins/preauth/pkinit/pkinit_lib.c @@ -53,7 +53,7 @@ pkinit_init_req_opts(pkinit_req_opts **reqopts) pkinit_req_opts *opts = NULL; *reqopts = NULL; - opts = (pkinit_req_opts *) calloc(1, sizeof(pkinit_req_opts)); + opts = calloc(1, sizeof(*opts)); if (opts == NULL) return retval; @@ -74,8 +74,7 @@ pkinit_init_req_opts(pkinit_req_opts **reqopts) void pkinit_fini_req_opts(pkinit_req_opts *opts) { - if (opts != NULL) - free(opts); + free(opts); return; } @@ -86,7 +85,7 @@ pkinit_init_plg_opts(pkinit_plg_opts **plgopts) pkinit_plg_opts *opts = NULL; *plgopts = NULL; - opts = (pkinit_plg_opts *) calloc(1, sizeof(pkinit_plg_opts)); + opts = calloc(1, sizeof(pkinit_plg_opts)); if (opts == NULL) return retval; @@ -106,8 +105,7 @@ pkinit_init_plg_opts(pkinit_plg_opts **plgopts) void pkinit_fini_plg_opts(pkinit_plg_opts *opts) { - if (opts != NULL) - free(opts); + free(opts); return; } @@ -115,12 +113,10 @@ void free_krb5_pa_pk_as_req(krb5_pa_pk_as_req **in) { if (*in == NULL) return; - if ((*in)->signedAuthPack.data != NULL) - free((*in)->signedAuthPack.data); + free((*in)->signedAuthPack.data); if ((*in)->trustedCertifiers != NULL) free_krb5_external_principal_identifier(&(*in)->trustedCertifiers); - if ((*in)->kdcPkId.data != NULL) - free((*in)->kdcPkId.data); + free((*in)->kdcPkId.data); free(*in); } @@ -128,12 +124,9 @@ void free_krb5_pa_pk_as_req_draft9(krb5_pa_pk_as_req_draft9 **in) { if (*in == NULL) return; - if ((*in)->signedAuthPack.data != NULL) - free((*in)->signedAuthPack.data); - if ((*in)->kdcCert.data != NULL) - free((*in)->kdcCert.data); - if ((*in)->encryptionCert.data != NULL) - free((*in)->encryptionCert.data); + free((*in)->signedAuthPack.data); + free((*in)->kdcCert.data); + free((*in)->encryptionCert.data); if ((*in)->trustedCertifiers != NULL) free_krb5_trusted_ca(&(*in)->trustedCertifiers); free(*in); @@ -143,10 +136,8 @@ void free_krb5_reply_key_pack(krb5_reply_key_pack **in) { if (*in == NULL) return; - if ((*in)->replyKey.contents != NULL) - free((*in)->replyKey.contents); - if ((*in)->asChecksum.contents != NULL) - free((*in)->asChecksum.contents); + free((*in)->replyKey.contents); + free((*in)->asChecksum.contents); free(*in); } @@ -154,8 +145,7 @@ void free_krb5_reply_key_pack_draft9(krb5_reply_key_pack_draft9 **in) { if (*in == NULL) return; - if ((*in)->replyKey.contents != NULL) - free((*in)->replyKey.contents); + free((*in)->replyKey.contents); free(*in); } @@ -164,16 +154,12 @@ free_krb5_auth_pack(krb5_auth_pack **in) { if ((*in) == NULL) return; if ((*in)->clientPublicValue != NULL) { - if ((*in)->clientPublicValue->algorithm.algorithm.data != NULL) - free((*in)->clientPublicValue->algorithm.algorithm.data); - if ((*in)->clientPublicValue->algorithm.parameters.data != NULL) - free((*in)->clientPublicValue->algorithm.parameters.data); - if ((*in)->clientPublicValue->subjectPublicKey.data != NULL) - free((*in)->clientPublicValue->subjectPublicKey.data); + free((*in)->clientPublicValue->algorithm.algorithm.data); + free((*in)->clientPublicValue->algorithm.parameters.data); + free((*in)->clientPublicValue->subjectPublicKey.data); free((*in)->clientPublicValue); } - if ((*in)->pkAuthenticator.paChecksum.contents != NULL) - free((*in)->pkAuthenticator.paChecksum.contents); + free((*in)->pkAuthenticator.paChecksum.contents); if ((*in)->supportedCMSTypes != NULL) free_krb5_algorithm_identifiers(&((*in)->supportedCMSTypes)); free(*in); @@ -194,12 +180,10 @@ free_krb5_pa_pk_as_rep(krb5_pa_pk_as_rep **in) if (*in == NULL) return; switch ((*in)->choice) { case choice_pa_pk_as_rep_dhInfo: - if ((*in)->u.dh_Info.dhSignedData.data != NULL) - free((*in)->u.dh_Info.dhSignedData.data); + free((*in)->u.dh_Info.dhSignedData.data); break; case choice_pa_pk_as_rep_encKeyPack: - if ((*in)->u.encKeyPack.data != NULL) - free((*in)->u.encKeyPack.data); + free((*in)->u.encKeyPack.data); break; default: break; @@ -211,8 +195,7 @@ void free_krb5_pa_pk_as_rep_draft9(krb5_pa_pk_as_rep_draft9 **in) { if (*in == NULL) return; - if ((*in)->u.encKeyPack.data != NULL) - free((*in)->u.encKeyPack.data); + free((*in)->u.encKeyPack.data); free(*in); } @@ -222,12 +205,9 @@ free_krb5_external_principal_identifier(krb5_external_principal_identifier ***in int i = 0; if (*in == NULL) return; while ((*in)[i] != NULL) { - if ((*in)[i]->subjectName.data != NULL) - free((*in)[i]->subjectName.data); - if ((*in)[i]->issuerAndSerialNumber.data != NULL) - free((*in)[i]->issuerAndSerialNumber.data); - if ((*in)[i]->subjectKeyIdentifier.data != NULL) - free((*in)[i]->subjectKeyIdentifier.data); + free((*in)[i]->subjectName.data); + free((*in)[i]->issuerAndSerialNumber.data); + free((*in)[i]->subjectKeyIdentifier.data); free((*in)[i]); i++; } @@ -244,12 +224,10 @@ free_krb5_trusted_ca(krb5_trusted_ca ***in) case choice_trusted_cas_principalName: break; case choice_trusted_cas_caName: - if ((*in)[i]->u.caName.data != NULL) - free((*in)[i]->u.caName.data); + free((*in)[i]->u.caName.data); break; case choice_trusted_cas_issuerAndSerial: - if ((*in)[i]->u.issuerAndSerial.data != NULL) - free((*in)[i]->u.issuerAndSerial.data); + free((*in)[i]->u.issuerAndSerial.data); break; case choice_trusted_cas_UNKNOWN: break; @@ -266,8 +244,7 @@ free_krb5_typed_data(krb5_typed_data ***in) int i = 0; if (*in == NULL) return; while ((*in)[i] != NULL) { - if ((*in)[i]->data != NULL) - free((*in)[i]->data); + free((*in)[i]->data); free((*in)[i]); i++; } @@ -279,10 +256,8 @@ free_krb5_algorithm_identifier(krb5_algorithm_identifier *in) { if (in == NULL) return; - if (in->algorithm.data != NULL) - free(in->algorithm.data); - if (in->parameters.data != NULL) - free(in->parameters.data); + free(in->algorithm.data); + free(in->parameters.data); free(in); } @@ -302,10 +277,8 @@ void free_krb5_subject_pk_info(krb5_subject_pk_info **in) { if ((*in) == NULL) return; - if ((*in)->algorithm.parameters.data != NULL) - free((*in)->algorithm.parameters.data); - if ((*in)->subjectPublicKey.data != NULL) - free((*in)->subjectPublicKey.data); + free((*in)->algorithm.parameters.data); + free((*in)->subjectPublicKey.data); free(*in); } @@ -313,8 +286,7 @@ void free_krb5_kdc_dh_key_info(krb5_kdc_dh_key_info **in) { if (*in == NULL) return; - if ((*in)->subjectPublicKey.data != NULL) - free((*in)->subjectPublicKey.data); + free((*in)->subjectPublicKey.data); free(*in); } diff --git a/src/plugins/preauth/pkinit/pkinit_matching.c b/src/plugins/preauth/pkinit/pkinit_matching.c index d089ab0dd..778ae38c9 100644 --- a/src/plugins/preauth/pkinit/pkinit_matching.c +++ b/src/plugins/preauth/pkinit/pkinit_matching.c @@ -154,8 +154,7 @@ free_rule_component(krb5_context context, return 0; if (rc->kwval_type == kwvaltype_regexp) { - if (rc->regsrc) - free(rc->regsrc); + free(rc->regsrc); regfree(&rc->regexp); } free(rc); @@ -365,8 +364,7 @@ parse_rule_component(krb5_context context, *ret_rule = rc; retval = 0; out: - if (value != NULL) - free(value); + free(value); if (retval && rc != NULL) free_rule_component(context, rc); pkiDebug("%s: returning %d\n", __FUNCTION__, retval); diff --git a/src/plugins/preauth/pkinit/pkinit_srv.c b/src/plugins/preauth/pkinit/pkinit_srv.c index fefa0a56e..1de10da1f 100644 --- a/src/plugins/preauth/pkinit/pkinit_srv.c +++ b/src/plugins/preauth/pkinit/pkinit_srv.c @@ -610,8 +610,7 @@ pkinit_server_verify_padata(krb5_context context, switch ((int)data->pa_type) { case KRB5_PADATA_PK_AS_REQ: free_krb5_pa_pk_as_req(&reqp); - if (cksum.contents != NULL) - free(cksum.contents); + free(cksum.contents); if (der_req != NULL) krb5_free_data(context, der_req); break; @@ -621,10 +620,8 @@ pkinit_server_verify_padata(krb5_context context, } if (tmp_as_req != NULL) k5int_krb5_free_kdc_req(context, tmp_as_req); - if (authp_data.data != NULL) - free(authp_data.data); - if (krb5_authz.data != NULL) - free(krb5_authz.data); + free(authp_data.data); + free(krb5_authz.data); if (reqctx != NULL) pkinit_fini_kdc_req_context(context, reqctx); if (auth_pack != NULL) @@ -977,7 +974,7 @@ pkinit_server_return_padata(krb5_context context, "/tmp/kdc_as_rep"); #endif - *send_pa = (krb5_pa_data *) malloc(sizeof(krb5_pa_data)); + *send_pa = malloc(sizeof(krb5_pa_data)); if (*send_pa == NULL) { retval = ENOMEM; free(out_data->data); @@ -1001,20 +998,15 @@ pkinit_server_return_padata(krb5_context context, cleanup: pkinit_fini_kdc_req_context(context, reqctx); - if (scratch.data != NULL) - free(scratch.data); - if (out_data != NULL) - free(out_data); + free(scratch.data); + free(out_data); if (encoded_dhkey_info != NULL) krb5_free_data(context, encoded_dhkey_info); if (encoded_key_pack != NULL) krb5_free_data(context, encoded_key_pack); - if (dh_pubkey != NULL) - free(dh_pubkey); - if (server_key != NULL) - free(server_key); - if (cksum_types != NULL) - free(cksum_types); + free(dh_pubkey); + free(server_key); + free(cksum_types); switch ((int)padata->pa_type) { case KRB5_PADATA_PK_AS_REQ: @@ -1186,7 +1178,7 @@ pkinit_server_plugin_init_realm(krb5_context context, const char *realmname, *pplgctx = NULL; - plgctx = (pkinit_kdc_context) calloc(1, sizeof(*plgctx)); + plgctx = calloc(1, sizeof(*plgctx)); if (plgctx == NULL) goto errout; @@ -1254,8 +1246,7 @@ pkinit_server_plugin_init(krb5_context context, void **blob, for (i = 0; realmnames[i] != NULL; i++) {}; numrealms = i; - realm_contexts = (pkinit_kdc_context *) - calloc(numrealms+1, sizeof(pkinit_kdc_context)); + realm_contexts = calloc(numrealms+1, sizeof(pkinit_kdc_context)); if (realm_contexts == NULL) return ENOMEM; @@ -1321,7 +1312,7 @@ pkinit_init_kdc_req_context(krb5_context context, void **ctx) krb5_error_code retval = ENOMEM; pkinit_kdc_req_context reqctx = NULL; - reqctx = (pkinit_kdc_req_context)malloc(sizeof(*reqctx)); + reqctx = malloc(sizeof(*reqctx)); if (reqctx == NULL) return retval; memset(reqctx, 0, sizeof(*reqctx)); -- 2.26.2