OpenSSL: Save memory allocations in generate_key()

... if the key already exists.

diff --git a/openssl.c b/openssl.c
index fe4da8f..2af1147 100644 (file)
--- a/openssl.c
+++ b/openssl.c
@@ -1472,39 +1472,41 @@ exit:
 static int generate_key(struct client_state *csp, char **key_buf)
 {
    int ret = 0;
-   char* key_file_path = NULL;
-   BIGNUM *exp = BN_new();
-   RSA *rsa = RSA_new();
-   EVP_PKEY *key = EVP_PKEY_new();
+   char* key_file_path;
+   BIGNUM *exp;
+   RSA *rsa;
+   EVP_PKEY *key;
 
-   if (exp == NULL || rsa == NULL || key == NULL)
+   key_file_path = make_certs_path(csp->config->certificate_directory,
+      (char *)csp->http->hash_of_host_hex, KEY_FILE_TYPE);
+   if (key_file_path == NULL)
    {
-      log_ssl_errors(LOG_LEVEL_ERROR, "RSA key memory allocation failure");
-      ret = -1;
-      goto exit;
+      return -1;
    }
 
-   if (BN_set_word(exp, RSA_KEY_PUBLIC_EXPONENT) != 1)
+   /*
+    * Test if key already exists. If so, we don't have to create it again.
+    */
+   if (file_exists(key_file_path) == 1)
    {
-      log_ssl_errors(LOG_LEVEL_ERROR, "Setting RSA key exponent failed");
-      ret = -1;
-      goto exit;
+      freez(key_file_path);
+      return 0;
    }
 
-   key_file_path = make_certs_path(csp->config->certificate_directory,
-      (char *)csp->http->hash_of_host_hex, KEY_FILE_TYPE);
-   if (key_file_path == NULL)
+   exp = BN_new();
+   rsa = RSA_new();
+   key = EVP_PKEY_new();
+   if (exp == NULL || rsa == NULL || key == NULL)
    {
+      log_ssl_errors(LOG_LEVEL_ERROR, "RSA key memory allocation failure");
       ret = -1;
       goto exit;
    }
 
-   /*
-    * Test if key already exists. If so, we don't have to create it again.
-    */
-   if (file_exists(key_file_path) == 1)
+   if (BN_set_word(exp, RSA_KEY_PUBLIC_EXPONENT) != 1)
    {
-      ret = 0;
+      log_ssl_errors(LOG_LEVEL_ERROR, "Setting RSA key exponent failed");
+      ret = -1;
       goto exit;
    }