git.ipfire.org Git - thirdparty/krb5.git/commit

author	sashan <anedvedicky@gmail.com>
	Mon, 26 Feb 2018 01:03:49 +0000 (02:03 +0100)
committer	Greg Hudson <ghudson@mit.edu>
	Mon, 26 Feb 2018 18:36:13 +0000 (13:36 -0500)
commit	09685a2e571b9877269765ce2b7abf1cd5a23219
tree	01677b6d3398cb143b87ec2dbe6f80490a4e9c2b	tree
parent	e8909878b3ff95f4a9caf3a8cc80ce9d11a7d3e0	commit \| diff

Improve PKINIT DH output parameter handling

Apply current practices for output parameter handling and memory
management to client_create_dh(), client_process_dh(), and
server_process_dh(). Initialize the output arguments at the
beginning, use local variables to hold their values until success is
guaranteed, and transfer memory to the output arguments at the end.
Use a cleanup label which runs on both success and failure.

The client_create_dh() cleanup code conditionalizes on retval, which
we usually try to avoid, as it needs to clean up a cryptoctx field on
error only.

[ghudson@mit.edu: wrote commit message; added similar changes to
client_create_dh() and client_process_dh()]

src/plugins/preauth/pkinit/pkinit_crypto.h		diff \| blob \| blame \| history
src/plugins/preauth/pkinit/pkinit_crypto_openssl.c		diff \| blob \| blame \| history