From: Fabian Keil Date: Sat, 16 Jan 2021 08:39:45 +0000 (+0100) Subject: OpenSSL: Save memory allocations in generate_key() X-Git-Tag: v_3_0_30~100 X-Git-Url: http://www.privoxy.org/gitweb/%22https:/faq/developer-manual/man-page/static/trouble.html?a=commitdiff_plain;h=2db090412d0895efe4375249db55fcf9ed059ff2;p=privoxy.git OpenSSL: Save memory allocations in generate_key() ... if the key already exists. --- diff --git a/openssl.c b/openssl.c index fe4da8fd..2af11476 100644 --- a/openssl.c +++ b/openssl.c @@ -1472,39 +1472,41 @@ exit: static int generate_key(struct client_state *csp, char **key_buf) { int ret = 0; - char* key_file_path = NULL; - BIGNUM *exp = BN_new(); - RSA *rsa = RSA_new(); - EVP_PKEY *key = EVP_PKEY_new(); + char* key_file_path; + BIGNUM *exp; + RSA *rsa; + EVP_PKEY *key; - if (exp == NULL || rsa == NULL || key == NULL) + key_file_path = make_certs_path(csp->config->certificate_directory, + (char *)csp->http->hash_of_host_hex, KEY_FILE_TYPE); + if (key_file_path == NULL) { - log_ssl_errors(LOG_LEVEL_ERROR, "RSA key memory allocation failure"); - ret = -1; - goto exit; + return -1; } - if (BN_set_word(exp, RSA_KEY_PUBLIC_EXPONENT) != 1) + /* + * Test if key already exists. If so, we don't have to create it again. + */ + if (file_exists(key_file_path) == 1) { - log_ssl_errors(LOG_LEVEL_ERROR, "Setting RSA key exponent failed"); - ret = -1; - goto exit; + freez(key_file_path); + return 0; } - key_file_path = make_certs_path(csp->config->certificate_directory, - (char *)csp->http->hash_of_host_hex, KEY_FILE_TYPE); - if (key_file_path == NULL) + exp = BN_new(); + rsa = RSA_new(); + key = EVP_PKEY_new(); + if (exp == NULL || rsa == NULL || key == NULL) { + log_ssl_errors(LOG_LEVEL_ERROR, "RSA key memory allocation failure"); ret = -1; goto exit; } - /* - * Test if key already exists. If so, we don't have to create it again. - */ - if (file_exists(key_file_path) == 1) + if (BN_set_word(exp, RSA_KEY_PUBLIC_EXPONENT) != 1) { - ret = 0; + log_ssl_errors(LOG_LEVEL_ERROR, "Setting RSA key exponent failed"); + ret = -1; goto exit; }