diff options
46 files changed, 464 insertions, 550 deletions
diff --git a/src/pluto/ac.c b/src/pluto/ac.c index 0ed890c45..8fd7a4f62 100644 --- a/src/pluto/ac.c +++ b/src/pluto/ac.c @@ -249,17 +249,16 @@ add_ietfAttr(ietfAttr_t *attr) if (cmp == 0) { /* attribute already exists, increase count */ - pfree(attr); + free(attr); list->attr->count++; return list->attr; } else { - ietfAttrList_t *el = alloc_thing(ietfAttrList_t, "ietfAttrList"); + ietfAttrList_t *el = malloc_thing(ietfAttrList_t); /* new attribute, unshare value */ - attr->value.ptr = clone_bytes(attr->value.ptr, attr->value.len - , "attr value"); + attr->value.ptr = clone_bytes(attr->value.ptr, attr->value.len); attr->count = 1; time(&attr->installed); @@ -300,8 +299,8 @@ decode_groups(char *groups, ietfAttrList_t **listp) if (groups < end) { - ietfAttr_t *attr = alloc_thing(ietfAttr_t, "ietfAttr"); - ietfAttrList_t *el = alloc_thing(ietfAttrList_t, "ietfAttrList"); + ietfAttr_t *attr = malloc_thing(ietfAttr_t); + ietfAttrList_t *el = malloc_thing(ietfAttrList_t); attr->kind = IETF_ATTRIBUTE_STRING; attr->value.ptr = groups; @@ -368,7 +367,7 @@ unshare_ietfAttrList(ietfAttrList_t **listp) while (list != NULL) { - ietfAttrList_t *el = alloc_thing(ietfAttrList_t, "ietfAttrList"); + ietfAttrList_t *el = malloc_thing(ietfAttrList_t); el->attr = list->attr; el->attr->count++; @@ -405,8 +404,8 @@ parse_ietfAttrSyntax(chunk_t blob, int level0) case IETF_ATTR_OID: case IETF_ATTR_STRING: { - ietfAttr_t *attr = alloc_thing(ietfAttr_t, "ietfAttr"); - ietfAttrList_t *el = alloc_thing(ietfAttrList_t, "ietfAttrList"); + ietfAttr_t *attr = malloc_thing(ietfAttr_t); + ietfAttrList_t *el = malloc_thing(ietfAttrList_t); attr->kind = (objectID - IETF_ATTR_OCTETS) / 2; attr->value = object; @@ -616,9 +615,9 @@ release_ietfAttr(ietfAttr_t* attr) } *plist = list->next; - pfree(attr->value.ptr); - pfree(attr); - pfree(list); + free(attr->value.ptr); + free(attr); + free(list); } } @@ -634,7 +633,7 @@ free_ietfAttrList(ietfAttrList_t* list) release_ietfAttr(el->attr); list = list->next; - pfree(el); + free(el); } } @@ -648,8 +647,8 @@ free_acert(x509acert_t *ac) { free_ietfAttrList(ac->charging); free_ietfAttrList(ac->groups); - pfreeany(ac->certificate.ptr); - pfree(ac); + free(ac->certificate.ptr); + free(ac); } } @@ -844,7 +843,7 @@ load_acerts(void) if (load_coded_file(filelist[n]->d_name, NULL, "acert", &blob, &pgp)) { - x509acert_t *ac = alloc_thing(x509acert_t, "x509acert"); + x509acert_t *ac = malloc_thing(x509acert_t); *ac = empty_ac; diff --git a/src/pluto/alg_info.c b/src/pluto/alg_info.c index ba2fead7a..f486f15d5 100644 --- a/src/pluto/alg_info.c +++ b/src/pluto/alg_info.c @@ -32,7 +32,6 @@ #include "alg_info.h" #include "constants.h" -#ifndef NO_PLUTO #include "defs.h" #include "log.h" #include "whack.h" @@ -41,28 +40,6 @@ #include "crypto.h" #include "kernel_alg.h" #include "ike_alg.h" -#else -/* - * macros/functions for compilation without pluto (eg: spi for manual conns) - */ -#include <assert.h> -#define passert(x) assert(x) -extern int debug; /* eg: spi.c */ -#define DBG(cond, action) { if (debug) { action ; } } -#define DBG_log(x, args...) fprintf(stderr, x "\n" , ##args); -#define RC_LOG_SERIOUS -#define loglog(x, args...) fprintf(stderr, ##args); -#define alloc_thing(thing, name) alloc_bytes(sizeof (thing), name) -void * alloc_bytes(size_t size, const char *name) { - void *p=malloc(size); - if (p == NULL) - fprintf(stderr, "unable to malloc %lu bytes for %s", - (unsigned long) size, name); - memset(p, '\0', size); - return p; -} -#define pfreeany(ptr) free(ptr) -#endif /* NO_PLUTO */ /* * sadb/ESP aa attrib converters @@ -235,7 +212,7 @@ modp_getbyname_esp(const char *const str, int len) void alg_info_free(struct alg_info *alg_info) { - pfreeany(alg_info); + free(alg_info); } /* @@ -244,7 +221,7 @@ alg_info_free(struct alg_info *alg_info) static void __alg_info_esp_add (struct alg_info_esp *alg_info, int ealg_id, unsigned ek_bits, int aalg_id, unsigned ak_bits) { - struct esp_info *esp_info=alg_info->esp; + struct esp_info *esp_info = alg_info->esp; unsigned cnt = alg_info->alg_info_cnt, i; /* check for overflows */ @@ -941,9 +918,8 @@ alg_info_esp_create_from_str (const char *alg_str, const char **err_p) * but this may require 2passes to know * transform count in advance. */ - alg_info_esp = alloc_thing (struct alg_info_esp, "alg_info_esp"); - if (!alg_info_esp) - goto out; + alg_info_esp = malloc_thing (struct alg_info_esp); + zero(alg_info_esp); pfs_name=index (alg_str, ';'); if (pfs_name) @@ -985,7 +961,7 @@ alg_info_esp_create_from_str (const char *alg_str, const char **err_p) out: if (ret < 0) { - pfreeany(alg_info_esp); + free(alg_info_esp); alg_info_esp = NULL; } return alg_info_esp; @@ -1001,13 +977,13 @@ alg_info_ike_create_from_str (const char *alg_str, const char **err_p) * but this may require 2passes to know * transform count in advance. */ - alg_info_ike = alloc_thing (struct alg_info_ike, "alg_info_ike"); + alg_info_ike = malloc_thing (struct alg_info_ike); + zero(alg_info_ike); alg_info_ike->alg_info_protoid = PROTO_ISAKMP; - if (alg_info_parse_str((struct alg_info *)alg_info_ike, - alg_str, err_p) < 0) + if (alg_info_parse_str((struct alg_info *)alg_info_ike, alg_str, err_p) < 0) { - pfreeany(alg_info_ike); + free(alg_info_ike); return NULL; } return alg_info_ike; diff --git a/src/pluto/asn1.c b/src/pluto/asn1.c index 0262e6977..afdabe01a 100644 --- a/src/pluto/asn1.c +++ b/src/pluto/asn1.c @@ -163,7 +163,7 @@ asn1_build_known_oid(int n) } i = oid_names[n].level + 1; - oid.ptr = alloc_bytes(2 + i, "known oid"); + oid.ptr = malloc(2 + i); oid.len = i; oid.ptr[0] = ASN1_OID; oid.ptr[1] = i; @@ -281,7 +281,7 @@ build_asn1_object(chunk_t *object, asn1_t type, size_t datalen) /* allocate memory for the asn.1 TLV object */ object->len = 1 + length.len + datalen; - object->ptr = alloc_bytes(object->len, "asn1 object"); + object->ptr = malloc(object->len); /* set position pointer at the start of the object */ pos = object->ptr; diff --git a/src/pluto/ca.c b/src/pluto/ca.c index ad21dd04c..b89a2ef3f 100644 --- a/src/pluto/ca.c +++ b/src/pluto/ca.c @@ -448,18 +448,17 @@ free_ca_info(ca_info_t* ca_info) if (ca_info == NULL) return; - pfreeany(ca_info->name); - pfreeany(ca_info->ldaphost); - pfreeany(ca_info->ldapbase); - pfreeany(ca_info->ocspuri); + free(ca_info->name); + free(ca_info->ldaphost); + free(ca_info->ldapbase); + free(ca_info->ocspuri); freeanychunk(ca_info->authName); freeanychunk(ca_info->authKeyID); freeanychunk(ca_info->authKeySerialNumber); free_generalNames(ca_info->crluri, TRUE); - - pfree(ca_info); + free(ca_info); } /* @@ -558,29 +557,28 @@ add_ca_info(const whack_message_t *msg) plog("added ca description \"%s\"", msg->name); /* create and initialize new ca_info record */ - ca = alloc_thing(ca_info_t, "ca info"); + ca = malloc_thing(ca_info_t); *ca = empty_ca_info; /* name */ - ca->name = clone_str(msg->name, "ca name"); + ca->name = clone_str(msg->name); /* authName */ - clonetochunk(ca->authName, cacert->subject.ptr - , cacert->subject.len, "authName"); + clonetochunk(ca->authName, cacert->subject.ptr, cacert->subject.len); dntoa(buf, BUF_LEN, ca->authName); DBG(DBG_CONTROL, DBG_log("authname: '%s'", buf) ) /* authSerialNumber */ - clonetochunk(ca->authKeySerialNumber, cacert->serialNumber.ptr - , cacert->serialNumber.len, "authKeySerialNumber"); + clonetochunk(ca->authKeySerialNumber, cacert->serialNumber.ptr, + cacert->serialNumber.len); /* authKeyID */ if (cacert->subjectKeyID.ptr != NULL) { - clonetochunk(ca->authKeyID, cacert->subjectKeyID.ptr - , cacert->subjectKeyID.len, "authKeyID"); + clonetochunk(ca->authKeyID, cacert->subjectKeyID.ptr, + cacert->subjectKeyID.len); datatot(cacert->subjectKeyID.ptr, cacert->subjectKeyID.len, ':' , buf, BUF_LEN); DBG(DBG_CONTROL | DBG_PARSING , @@ -589,16 +587,16 @@ add_ca_info(const whack_message_t *msg) } /* ldaphost */ - ca->ldaphost = clone_str(msg->ldaphost, "ldaphost"); + ca->ldaphost = clone_str(msg->ldaphost); /* ldapbase */ - ca->ldapbase = clone_str(msg->ldapbase, "ldapbase"); + ca->ldapbase = clone_str(msg->ldapbase); /* ocspuri */ if (msg->ocspuri != NULL) { if (strncasecmp(msg->ocspuri, "http", 4) == 0) - ca->ocspuri = clone_str(msg->ocspuri, "ocspuri"); + ca->ocspuri = clone_str(msg->ocspuri); else plog(" ignoring ocspuri with unkown protocol"); } diff --git a/src/pluto/certs.c b/src/pluto/certs.c index 92cad9cb9..53708917d 100644 --- a/src/pluto/certs.c +++ b/src/pluto/certs.c @@ -71,7 +71,7 @@ load_coded_file(const char *filename, prompt_pass_t *pass, const char *type fseek(fd, 0, SEEK_END ); blob->len = ftell(fd); rewind(fd); - blob->ptr = alloc_bytes(blob->len, type); + blob->ptr = malloc(blob->len); bytes = fread(blob->ptr, 1, blob->len, fd); fclose(fd); plog(" loaded %s file '%s' (%d bytes)", type, filename, bytes); @@ -111,7 +111,7 @@ load_coded_file(const char *filename, prompt_pass_t *pass, const char *type /* a conversion error has occured */ plog(" %s", ugh); - pfree(blob->ptr); + free(blob->ptr); *blob = empty_chunk; } else @@ -146,7 +146,7 @@ load_rsa_private_key(const char* filename, prompt_pass_t *pass if (!pkcs1_parse_private_key(blob, key)) ugh = "syntax error in PKCS#1 private key file"; } - pfree(blob.ptr); + free(blob.ptr); } else ugh = "error loading RSA private key file"; @@ -170,7 +170,7 @@ load_cert(const char *filename, const char *label, cert_t *cert) { if (pgp) { - pgpcert_t *pgpcert = alloc_thing(pgpcert_t, "pgpcert"); + pgpcert_t *pgpcert = malloc_thing(pgpcert_t); *pgpcert = empty_pgpcert; if (parse_pgp(blob, pgpcert, NULL)) { @@ -187,7 +187,7 @@ load_cert(const char *filename, const char *label, cert_t *cert) } else { - x509cert_t *x509cert = alloc_thing(x509cert_t, "x509cert"); + x509cert_t *x509cert = malloc_thing(x509cert_t); *x509cert = empty_x509cert; if (parse_x509cert(blob, 0, x509cert)) { diff --git a/src/pluto/connections.c b/src/pluto/connections.c index 0dbabd9d6..61984bcf7 100644 --- a/src/pluto/connections.c +++ b/src/pluto/connections.c @@ -175,7 +175,7 @@ connect_to_host_pair(struct connection *c) if (hp == NULL) { /* no suitable host_pair -- build one */ - hp = alloc_thing(struct host_pair, "host_pair"); + hp = malloc_thing(struct host_pair); hp->me.addr = c->spd.this.host_addr; hp->him.addr = his_addr; hp->me.port = nat_traversal_enabled ? pluto_port : c->spd.this.host_port; @@ -325,23 +325,23 @@ delete_connection(struct connection *c, bool relations) { passert(hp->pending == NULL); /* ??? must deal with this! */ list_rm(struct host_pair, next, hp, host_pairs); - pfree(hp); + free(hp); } } - if (c->kind != CK_GOING_AWAY) - pfreeany(c->spd.that.virt); - + { + free(c->spd.that.virt); + } #ifdef DEBUG cur_debugging = old_cur_debugging; #endif - pfreeany(c->name); + free(c->name); free_id_content(&c->spd.this.id); - pfreeany(c->spd.this.updown); + free(c->spd.this.updown); freeanychunk(c->spd.this.ca); free_ietfAttrList(c->spd.this.groups); free_id_content(&c->spd.that.id); - pfreeany(c->spd.that.updown); + free(c->spd.that.updown); freeanychunk(c->spd.that.ca); free_ietfAttrList(c->spd.that.groups); free_generalNames(c->requested_ca, TRUE); @@ -357,7 +357,7 @@ delete_connection(struct connection *c, bool relations) alg_info_delref((struct alg_info **)&c->alg_info_esp); alg_info_delref((struct alg_info **)&c->alg_info_ike); - pfree(c); + free(c); } /* Delete connections with the specified name */ @@ -682,21 +682,23 @@ format_connection(char *buf, size_t buf_len static void unshare_connection_strings(struct connection *c) { - c->name = clone_str(c->name, "connection name"); + c->name = clone_str(c->name); unshare_id_content(&c->spd.this.id); - c->spd.this.updown = clone_str(c->spd.this.updown, "updown"); + c->spd.this.updown = clone_str(c->spd.this.updown); scx_share(c->spd.this.sc); share_cert(c->spd.this.cert); if (c->spd.this.ca.ptr != NULL) - clonetochunk(c->spd.this.ca, c->spd.this.ca.ptr, c->spd.this.ca.len, "ca string"); + clonetochunk(c->spd.this.ca, c->spd.this.ca.ptr, c->spd.this.ca.len); unshare_id_content(&c->spd.that.id); - c->spd.that.updown = clone_str(c->spd.that.updown, "updown"); + c->spd.that.updown = clone_str(c->spd.that.updown); scx_share(c->spd.that.sc); share_cert(c->spd.that.cert); if (c->spd.that.ca.ptr != NULL) - clonetochunk(c->spd.that.ca, c->spd.that.ca.ptr, c->spd.that.ca.len, "ca string"); + { + clonetochunk(c->spd.that.ca, c->spd.that.ca.ptr, c->spd.that.ca.len); + } /* increment references to algo's */ alg_info_addref((struct alg_info *)c->alg_info_esp); @@ -976,8 +978,9 @@ add_connection(const whack_message_t *wm) && check_connection_end(&wm->left, &wm->right, wm)) { bool same_rightca, same_leftca; - struct connection *c = alloc_thing(struct connection, "struct connection"); + struct connection *c = malloc_thing(struct connection); + zero(c); c->name = wm->name; c->ikev1 = wm->ikev1; c->policy = wm->policy; @@ -1178,7 +1181,7 @@ add_connection(const whack_message_t *wm) /* Derive a template connection from a group connection and target. * Similar to instantiate(). Happens at whack --listen. * Returns name of new connection. May be NULL. - * Caller is responsible for pfreeing. + * Caller is responsible for freeing. */ char * add_group_instance(struct connection *group, const ip_subnet *target) @@ -1202,10 +1205,10 @@ add_group_instance(struct connection *group, const ip_subnet *target) } else { - t = clone_thing(*group, "group instance"); + t = clone_thing(*group); t->name = namebuf; unshare_connection_strings(t); - name = clone_str(t->name, "group instance name"); + name = clone_str(t->name); t->spd.that.client = *target; t->policy &= ~(POLICY_GROUP | POLICY_GROUTED); t->kind = isanyaddr(&t->spd.that.host_addr) && !NEVER_NEGOTIATE(t->policy) @@ -1274,7 +1277,7 @@ instantiate(struct connection *c, const ip_address *him passert(c->spd.next == NULL); c->instance_serial++; - d = clone_thing(*c, "temporary connection"); + d = clone_thing(*c); d->spd.that.allow_any = FALSE; if (his_id != NULL) @@ -1974,7 +1977,7 @@ cannot_oppo(struct connection *c * situation that we have. */ - shunt_spd = clone_thing(nc->spd, "shunt eroute policy"); + shunt_spd = clone_thing(nc->spd); shunt_spd->next = nc->spd.next; nc->spd.next = shunt_spd; @@ -2793,8 +2796,7 @@ initiate_opportunistic_body(struct find_oppo_bundle *b else { /* set up the next query */ - struct find_oppo_continuation *cr = alloc_thing(struct find_oppo_continuation - , "opportunistic continuation"); + struct find_oppo_continuation *cr = malloc_thing(struct find_oppo_continuation); struct id id; b->policy_prio = c->prio; @@ -3968,7 +3970,7 @@ show_connections_status(bool all, const char *name) if (c->ikev1 && (name == NULL || streq(c->name, name))) count++; } - array = alloc_bytes(sizeof(struct connection *)*count, "connection array"); + array = malloc(sizeof(struct connection *)*count); count=0; for (c = connections; c != NULL; c = c->ac_next) @@ -4102,7 +4104,7 @@ show_connections_status(bool all, const char *name) if (count > 0) whack_log(RC_COMMENT, BLANK_FORMAT); /* spacer */ - pfree(array); + free(array); } /* struct pending, the structure representing Quick Mode @@ -4151,7 +4153,7 @@ add_pending(int whack_sock if (already_queued) return; - p = alloc_thing(struct pending, "struct pending"); + p = malloc_thing(struct pending); p->whack_sock = whack_sock; p->isakmp_sa = isakmp_sa; p->connection = c; @@ -4208,7 +4210,7 @@ delete_pending(struct pending **pp) if (p->connection != NULL) connection_discard(p->connection); close_any(p->whack_sock); - pfree(p); + free(p); } void diff --git a/src/pluto/crl.c b/src/pluto/crl.c index 6b8280771..acb0ba40a 100644 --- a/src/pluto/crl.c +++ b/src/pluto/crl.c @@ -166,7 +166,7 @@ free_revoked_certs(revokedCert_t* revokedCerts) { revokedCert_t * revokedCert = revokedCerts; revokedCerts = revokedCert->next; - pfree(revokedCert); + free(revokedCert); } } @@ -178,8 +178,8 @@ free_crl(x509crl_t *crl) { free_revoked_certs(crl->revokedCertificates); free_generalNames(crl->distributionPoints, TRUE); - pfree(crl->certificateList.ptr); - pfree(crl); + free(crl->certificateList.ptr); + free(crl); } static void @@ -208,7 +208,7 @@ free_crls(void) bool insert_crl(chunk_t blob, chunk_t crl_uri, bool cache_crl) { - x509crl_t *crl = alloc_thing(x509crl_t, "x509crl"); + x509crl_t *crl = malloc_thing(x509crl_t); *crl = empty_x509crl; @@ -220,7 +220,7 @@ insert_crl(chunk_t blob, chunk_t crl_uri, bool cache_crl) generalName_t *gn; /* add distribution point */ - gn = alloc_thing(generalName_t, "generalName"); + gn = malloc_thing(generalName_t); gn->kind = GN_URI; gn->name = crl_uri; gn->next = crl->distributionPoints; @@ -359,7 +359,7 @@ load_crls(void) chunk_t crl_uri; crl_uri.len = 7 + sizeof(CRL_PATH) + strlen(filename); - crl_uri.ptr = alloc_bytes(crl_uri.len + 1, "crl uri"); + crl_uri.ptr = malloc(crl_uri.len + 1); /* build CRL file URI */ snprintf(crl_uri.ptr, crl_uri.len + 1, "file://%s/%s" @@ -458,7 +458,7 @@ parse_x509crl(chunk_t blob, u_int level0, x509crl_t *crl) /* put all the serial numbers and the revocation date in a chained list with revocedCertificates pointing to the first revoked certificate */ - revokedCert_t *revokedCert = alloc_thing(revokedCert_t, "revokedCert"); + revokedCert_t *revokedCert = malloc_thing(revokedCert_t); revokedCert->userCertificate = userCertificate; revokedCert->revocationDate = parse_time(object, level); revokedCert->revocationReason = REASON_UNSPECIFIED; diff --git a/src/pluto/crypto.h b/src/pluto/crypto.h index 2e249bdc9..f19c12add 100644 --- a/src/pluto/crypto.h +++ b/src/pluto/crypto.h @@ -101,9 +101,9 @@ extern void hmac_update( extern void hmac_final(u_char *output, struct hmac_ctx *ctx); #define hmac_final_chunk(ch, name, ctx) { \ - pfreeany((ch).ptr); \ + free((ch).ptr); \ (ch).len = (ctx)->hmac_digest_size; \ - (ch).ptr = alloc_bytes((ch).len, name); \ + (ch).ptr = malloc((ch).len); \ hmac_final((ch).ptr, (ctx)); \ } #endif diff --git a/src/pluto/db_ops.c b/src/pluto/db_ops.c index c27fb4744..65f9380bc 100644 --- a/src/pluto/db_ops.c +++ b/src/pluto/db_ops.c @@ -69,25 +69,6 @@ #include <assert.h> -#ifndef NO_PLUTO -#else -#define passert(x) assert(x) -extern int debug; /* eg: spi.c */ -#define DBG(cond, action) { if (debug) { action ; } } -#define DBG_log(x, args...) fprintf(stderr, x "\n" , ##args); -#define alloc_thing(thing, name) alloc_bytes(sizeof (thing), name) -void * alloc_bytes(size_t size, const char *name) { - void *p=malloc(size); - if (p == NULL) - fprintf(stderr, "unable to malloc %lu bytes for %s", - (unsigned long) size, name); - memset(p, '\0', size); - return p; -} -#define pfreeany(ptr) free(ptr) - -#endif - #ifdef NOT_YET /* * Allocator cache: @@ -121,23 +102,24 @@ struct db_ops_stats { static struct db_ops_stats db_context_st = DB_OPS_ZERO; static struct db_ops_stats db_trans_st = DB_OPS_ZERO; static struct db_ops_stats db_attrs_st = DB_OPS_ZERO; -static __inline__ void * alloc_bytes_st (size_t size, const char *str, struct db_ops_stats *st) +static __inline__ void *malloc_bytes_st(size_t size, struct db_ops_stats *st) { - void *ptr = alloc_bytes(size, str); - if (ptr) { + void *ptr = malloc(size); + if (ptr) + { st->st_curr_cnt++; st->st_total_cnt++; if (size > st->st_maxsz) st->st_maxsz=size; } return ptr; } -#define ALLOC_BYTES_ST(z,s,st) alloc_bytes_st(z, s, &st); -#define PFREE_ST(p,st) do { st.st_curr_cnt--; pfree(p); } while (0); +#define ALLOC_BYTES_ST(z,st) malloc_bytes_st(z, &st); +#define PFREE_ST(p,st) do { st.st_curr_cnt--; free(p); } while (0); #else -#define ALLOC_BYTES_ST(z,s,n) alloc_bytes(z, s); -#define PFREE_ST(p,n) pfree(p); +#define ALLOC_BYTES_ST(z,n) malloc(z); +#define PFREE_ST(p,n) free(p); #endif /* NO_DB_OPS_STATS */ /* Initialize db object @@ -153,15 +135,15 @@ db_prop_init(struct db_context *ctx, u_int8_t protoid, int max_trans, int max_at ctx->attrs0 = NULL; if (max_trans > 0) { /* quite silly if not */ - ctx->trans0 = ALLOC_BYTES_ST ( sizeof (struct db_trans) * max_trans, - "db_context->trans", db_trans_st); - if (!ctx->trans0) goto out; + ctx->trans0 = ALLOC_BYTES_ST ( sizeof(struct db_trans) * max_trans, + db_trans_st); + memset(ctx->trans0, '\0', sizeof(struct db_trans) * max_trans); } if (max_attrs > 0) { /* quite silly if not */ - ctx->attrs0 = ALLOC_BYTES_ST (sizeof (struct db_attr) * max_attrs, - "db_context->attrs", db_attrs_st); - if (!ctx->attrs0) goto out; + ctx->attrs0 = ALLOC_BYTES_ST (sizeof(struct db_attr) * max_attrs, + db_attrs_st); + memset(ctx->attrs0, '\0', sizeof(struct db_attr) * max_attrs); } ret = 0; out: @@ -190,7 +172,7 @@ db_trans_expand(struct db_context *ctx, int delta_trans) old_trans = ctx->trans0; new_trans = ALLOC_BYTES_ST ( sizeof (struct db_trans) * max_trans, - "db_context->trans (expand)", db_trans_st); + db_trans_st); if (!new_trans) goto out; memcpy(new_trans, old_trans, ctx->max_trans * sizeof(struct db_trans)); @@ -229,7 +211,7 @@ db_attrs_expand(struct db_context *ctx, int delta_attrs) old_attrs = ctx->attrs0; new_attrs = ALLOC_BYTES_ST ( sizeof (struct db_attr) * max_attrs, - "db_context->attrs (expand)", db_attrs_st); + db_attrs_st); if (!new_attrs) goto out; @@ -268,7 +250,7 @@ struct db_context * db_prop_new(u_int8_t protoid, int max_trans, int max_attrs) { struct db_context *ctx; - ctx = ALLOC_BYTES_ST ( sizeof (struct db_context), "db_context", db_context_st); + ctx = ALLOC_BYTES_ST ( sizeof (struct db_context), db_context_st); if (!ctx) goto out; if (db_prop_init(ctx, protoid, max_trans, max_attrs) < 0) { diff --git a/src/pluto/defs.c b/src/pluto/defs.c index fa4383545..395fa3b93 100644 --- a/src/pluto/defs.c +++ b/src/pluto/defs.c @@ -42,26 +42,10 @@ all_zero(const unsigned char *m, size_t len) return TRUE; } -void *alloc_bytes(size_t size, const char *name) +void *clone_bytes(const void *orig, size_t size) { void *p = malloc(size); - if (p == NULL) - { - exit_log("unable to malloc %lu bytes for %s", (unsigned long) size, name); - } - memset(p, '\0', size); - return p; -} - -void *clone_bytes(const void *orig, size_t size, const char *name) -{ - void *p = malloc(size); - - if (p == NULL) - { - exit_log("unable to malloc %lu bytes for %s", (unsigned long) size, name); - } memcpy(p, orig, size); return p; } diff --git a/src/pluto/defs.h b/src/pluto/defs.h index 3c887f303..1fbdadae9 100644 --- a/src/pluto/defs.h +++ b/src/pluto/defs.h @@ -41,17 +41,14 @@ typedef unsigned long so_serial_t; /* memory allocation */ -extern void *alloc_bytes(size_t size, const char *name); -#define alloc_thing(thing, name) (alloc_bytes(sizeof(thing), (name))) +extern void *clone_bytes(const void *orig, size_t size); -extern void *clone_bytes(const void *orig, size_t size, const char *name); -#define clone_thing(orig, name) clone_bytes((const void *)&(orig), sizeof(orig), (name)) -#define clone_str(str, name) \ - ((str) == NULL? NULL : clone_bytes((str), strlen((str))+1, (name))) +#define clone_thing(orig) clone_bytes((const void *)&(orig), sizeof(orig)) -#define pfree(ptr) free(ptr) /* ordinary stdc free */ -#define pfreeany(p) { if ((p) != NULL) pfree(p); } -#define replace(p, q) { pfreeany(p); (p) = (q); } +#define clone_str(str) \ + ((str) == NULL? NULL : clone_bytes((str), strlen((str))+1)) + +#define replace(p, q) { free(p); (p) = (q); } /* chunk is a simple pointer-and-size abstraction */ @@ -63,15 +60,21 @@ struct chunk { typedef struct chunk chunk_t; #define setchunk(ch, addr, size) { (ch).ptr = (addr); (ch).len = (size); } + #define strchunk(str) { str, sizeof(str) } -/* NOTE: freeanychunk, unlike pfreeany, NULLs .ptr */ -#define freeanychunk(ch) { pfreeany((ch).ptr); (ch).ptr = NULL; } -#define clonetochunk(ch, addr, size, name) \ - { (ch).ptr = clone_bytes((addr), (ch).len = (size), name); } -#define clonereplacechunk(ch, addr, size, name) \ - { pfreeany((ch).ptr); clonetochunk(ch, addr, size, name); } + +/* NOTE: freeanychunk NULLs .ptr */ +#define freeanychunk(ch) { free((ch).ptr); (ch).ptr = NULL; } + +#define clonetochunk(ch, addr, size) \ + { (ch).ptr = clone_bytes((addr), (ch).len = (size)); } + +#define clonereplacechunk(ch, addr, size) \ + { free((ch).ptr); clonetochunk(ch, addr, size); } + #define chunkcpy(dst, chunk) \ { memcpy(dst, chunk.ptr, chunk.len); dst += chunk.len;} + #define same_chunk(a, b) \ ( (a).len == (b).len && memcmp((a).ptr, (b).ptr, (b).len) == 0 ) diff --git a/src/pluto/demux.c b/src/pluto/demux.c index 94a7f714d..32e527e40 100644 --- a/src/pluto/demux.c +++ b/src/pluto/demux.c @@ -954,12 +954,12 @@ free_md_pool(void) if (md == NULL) break; md_pool = md->next; - pfree(md); + free(md); } } static struct msg_digest * -alloc_md(void) +malloc_md(void) { struct msg_digest *md = md_pool; @@ -971,7 +971,7 @@ alloc_md(void) static const struct msg_digest blank_md; if (md == NULL) - md = alloc_thing(struct msg_digest, "msg_digest"); + md = malloc_thing(struct msg_digest); else md_pool = md->next; @@ -991,7 +991,7 @@ void release_md(struct msg_digest *md) { freeanychunk(md->raw_packet); - pfreeany(md->packet_pbs.start); + free(md->packet_pbs.start); md->packet_pbs.start = NULL; md->next = md_pool; md_pool = md; @@ -1030,7 +1030,7 @@ comm_handle(const struct iface *ifp) return; /* no normal message to read */ #endif /* defined(IP_RECVERR) && defined(MSG_ERRQUEUE) */ - md = alloc_md(); + md = malloc_md(); md->iface = ifp; if (read_packet(md)) @@ -1069,7 +1069,7 @@ read_packet(struct msg_digest *md) happy(anyaddr(addrtypeof(&ifp->addr), &md->sender)); zero(&from.sa); ioctl(ifp->fd, FIONREAD, &packet_len); - buffer = alloc_bytes(packet_len, "buffer read packet"); + buffer = malloc(packet_len); packet_len = recvfrom(ifp->fd, buffer, packet_len, 0 , &from.sa, &from_len); @@ -1171,9 +1171,9 @@ read_packet(struct msg_digest *md) return FALSE; } packet_len -= sizeof(u_int32_t); - buffer_nat = alloc_bytes(packet_len, "buffer read packet"); + buffer_nat = malloc(packet_len); memcpy(buffer_nat, buffer + sizeof(u_int32_t), packet_len); - pfree(buffer); + free(buffer); buffer = buffer_nat; } @@ -1793,8 +1793,7 @@ process_packet(struct msg_digest **mdp) /* XXX Detect weak keys */ /* grab a copy of raw packet (for duplicate packet detection) */ - clonetochunk(md->raw_packet, md->packet_pbs.start - , pbs_room(&md->packet_pbs), "raw packet"); + clonetochunk(md->raw_packet, md->packet_pbs.start, pbs_room(&md->packet_pbs)); /* Decrypt everything after header */ if (!new_iv_set) @@ -2128,7 +2127,7 @@ complete_state_transition(struct msg_digest **mdp, stf_status result) /* replace previous receive packet with latest */ - pfreeany(st->st_rpacket.ptr); + free(st->st_rpacket.ptr); if (md->encrypted) { @@ -2140,7 +2139,7 @@ complete_state_transition(struct msg_digest **mdp, stf_status result) { clonetochunk(st->st_rpacket , md->packet_pbs.start - , pbs_room(&md->packet_pbs), "raw packet"); + , pbs_room(&md->packet_pbs)); } /* free previous transmit packet */ @@ -2151,8 +2150,7 @@ complete_state_transition(struct msg_digest **mdp, stf_status result) { close_output_pbs(&md->reply); /* good form, but actually a no-op */ - clonetochunk(st->st_tpacket, md->reply.start - , pbs_offset(&md->reply), "reply packet"); + clonetochunk(st->st_tpacket, md->reply.start, pbs_offset(&md->reply)); if (nat_traversal_enabled) nat_traversal_change_port_lookup(md, md->st); diff --git a/src/pluto/dnskey.c b/src/pluto/dnskey.c index 3472d1ee0..065f85d47 100644 --- a/src/pluto/dnskey.c +++ b/src/pluto/dnskey.c @@ -445,7 +445,7 @@ process_txt_rr_body(u_char *str }); gi.next = *gwip; - *gwip = clone_thing(gi, "gateway info"); + *gwip = clone_thing(gi); unshare_id_content(&(*gwip)->gw_id); unshare_id_content(&(*gwip)->client_id); } @@ -1327,7 +1327,7 @@ gw_delref(struct gw_info **gwp) if (gw->gw_key_present) unreference_key(&gw->key); gw_delref(&gw->next); - pfree(gw); /* trickery could make this a tail-call */ + free(gw); /* trickery could make this a tail-call */ } *gwp = NULL; } @@ -1415,7 +1415,7 @@ release_adns_continuation(struct adns_continuation *cr) cr->previous->next = cr->next; } - pfree(cr); + free(cr); } err_t @@ -1725,8 +1725,8 @@ process_lwdnsq_answer(char *ts) /* record the SIG records for posterity */ if (cr->last_info != NULL) { - pfreeany(cr->last_info->dns_sig); - cr->last_info->dns_sig = clone_str(rest, "sigrecord"); + free(cr->last_info->dns_sig); + cr->last_info->dns_sig = clone_str(rest); } } else if (strcaseeq(atype, "A")) diff --git a/src/pluto/fetch.c b/src/pluto/fetch.c index e33de6168..0d5e060c1 100644 --- a/src/pluto/fetch.c +++ b/src/pluto/fetch.c @@ -276,11 +276,11 @@ wake_fetch_thread(const char *who) static void free_fetch_request(fetch_req_t *req) { - pfree(req->issuer.ptr); - pfreeany(req->authKeySerialNumber.ptr); - pfreeany(req->authKeyID.ptr); + free(req->issuer.ptr); + free(req->authKeySerialNumber.ptr); + free(req->authKeyID.ptr); free_generalNames(req->distributionPoints, TRUE); - pfree(req); + free(req); } /* writes data into a dynamically resizeable chunk_t @@ -333,7 +333,7 @@ fetch_curl(char *url, chunk_t *blob) if (res == CURLE_OK) { blob->len = response.len; - blob->ptr = alloc_bytes(response.len, "curl blob"); + blob->ptr = malloc(response.len); memcpy(blob->ptr, response.ptr, response.len); } else @@ -377,7 +377,7 @@ parse_ldap_result(LDAP * ldap, LDAPMessage *result, chunk_t *blob) if (values[0] != NULL) { blob->len = values[0]->bv_len; - blob->ptr = alloc_bytes(blob->len, "ldap blob"); + blob->ptr = malloc(blob->len); memcpy(blob->ptr, values[0]->bv_val, blob->len); if (values[1] != NULL) { @@ -531,12 +531,12 @@ fetch_asn1_blob(char *url, chunk_t *blob) else { ugh = "blob coded in unknown format"; - pfree(blob->ptr); + free(blob->ptr); } } else { - pfree(blob->ptr); + free(blob->ptr); } } return ugh; @@ -570,7 +570,7 @@ complete_uri(chunk_t distPoint, const char *ldaphost) if (symbol != NULL && symbol - ptr == 0 && ldaphost != NULL) { - uri = alloc_bytes(distPoint.len+strlen(ldaphost)+1, "uri"); + uri = malloc(distPoint.len + strlen(ldaphost) + 1); /* insert the ldaphost into the uri */ sprintf(uri, "%.*s%s%.*s" @@ -584,7 +584,7 @@ complete_uri(chunk_t distPoint, const char *ldaphost) } /* default action: copy distributionPoint without change */ - uri = alloc_bytes(distPoint.len+1, "uri"); + uri = malloc(distPoint.len + 1); sprintf(uri, "%.*s", (int)distPoint.len, distPoint.ptr); return uri; } @@ -620,7 +620,7 @@ fetch_crls(bool cache_crls) char *uri = complete_uri(gn->name, ldaphost); err_t ugh = fetch_asn1_blob(uri, &blob); - pfree(uri); + free(uri); if (ugh != NULL) { @@ -630,7 +630,7 @@ fetch_crls(bool cache_crls) { chunk_t crl_uri; - clonetochunk(crl_uri, gn->name.ptr, gn->name.len, "crl uri"); + clonetochunk(crl_uri, gn->name.ptr, gn->name.len); if (insert_crl(blob, crl_uri, cache_crls)) { DBG(DBG_CONTROL, @@ -692,7 +692,7 @@ fetch_ocsp_status(ocsp_location_t* location) { char errorbuffer[CURL_ERROR_SIZE]; struct curl_slist *headers = NULL; - char* uri = alloc_bytes(location->uri.len+1, "ocsp uri"); + char* uri = malloc(location->uri.len + 1); /* we need a null terminated string for curl */ memcpy(uri, location->uri.ptr, location->uri.len); @@ -729,7 +729,7 @@ fetch_ocsp_status(ocsp_location_t* location) } curl_slist_free_all(headers); curl_easy_cleanup(curl); - pfree(uri); + free(uri); /* not using freeanychunk because of realloc (no leak detective) */ curl_free(response.ptr); } @@ -917,9 +917,8 @@ add_distribution_points(const generalName_t *newPoints ,generalName_t **distribu if (add) { /* clone additional distribution point */ - gn = clone_thing(*newPoints, "generalName"); - clonetochunk(gn->name, newPoints->name.ptr, newPoints->name.len - , "crl uri"); + gn = clone_thing(*newPoints); + clonetochunk(gn->name, newPoints->name.ptr, newPoints->name.len); /* insert additional CRL distribution point */ gn->next = *distributionPoints; @@ -934,22 +933,22 @@ fetch_req_t* build_crl_fetch_request(chunk_t issuer, chunk_t authKeySerialNumber , chunk_t authKeyID, const generalName_t *gn) { - fetch_req_t *req = alloc_thing(fetch_req_t, "fetch request"); + fetch_req_t *req = malloc_thing(fetch_req_t); *req = empty_fetch_req; /* note current time */ req->installed = time(NULL); /* clone fields */ - clonetochunk(req->issuer, issuer.ptr, issuer.len, "issuer"); + clonetochunk(req->issuer, issuer.ptr, issuer.len); if (authKeySerialNumber.ptr != NULL) { clonetochunk(req->authKeySerialNumber, authKeySerialNumber.ptr - , authKeySerialNumber.len, "authKeySerialNumber"); + , authKeySerialNumber.len); } if (authKeyID.ptr != NULL) { - clonetochunk(req->authKeyID, authKeyID.ptr, authKeyID.len, "authKeyID"); + clonetochunk(req->authKeyID, authKeyID.ptr, authKeyID.len); } /* copy distribution points */ diff --git a/src/pluto/foodgroups.c b/src/pluto/foodgroups.c index b4a81546e..c779ec31b 100644 --- a/src/pluto/foodgroups.c +++ b/src/pluto/foodgroups.c @@ -133,9 +133,9 @@ read_foodgroup(struct fg_groups *g) if (plen > fg_path_space) { - pfreeany(fg_path); + free(fg_path); fg_path_space = plen + 10; - fg_path = alloc_bytes(fg_path_space, "policy group path"); + fg_path = malloc(fg_path_space); } snprintf(fg_path, fg_path_space, "%s/%s", policygroups_dir, fgn); if (!lexopen(&flp_space, fg_path, TRUE)) @@ -219,7 +219,7 @@ read_foodgroup(struct fg_groups *g) } else { - struct fg_targets *f = alloc_thing(struct fg_targets, "fg_target"); + struct fg_targets *f = malloc_thing(struct fg_targets); f->next = *pp; f->group = g; @@ -254,8 +254,8 @@ free_targets(void) struct fg_targets *t = targets; targets = t->next; - pfreeany(t->name); - pfree(t); + free(t->name); + free(t); } } @@ -346,7 +346,7 @@ load_groups(void) void add_group(struct connection *c) { - struct fg_groups *g = alloc_thing(struct fg_groups, "policy group"); + struct fg_groups *g = malloc_thing(struct fg_groups); g->next = groups; groups = g; @@ -448,7 +448,7 @@ delete_group(const struct connection *c) { *pp = t->next; remove_group_instance(t->group->connection, t->name); - pfree(t); + free(t); /* pp is ready for next iteration */ } else @@ -458,5 +458,5 @@ delete_group(const struct connection *c) } } - pfree(g); + free(g); } diff --git a/src/pluto/gcryptfix.c b/src/pluto/gcryptfix.c index 0c46e575e..db360cbe5 100644 --- a/src/pluto/gcryptfix.c +++ b/src/pluto/gcryptfix.c @@ -27,7 +27,7 @@ MPI mpi_alloc( unsigned nlimbs UNUSED ) { - MPI n = alloc_bytes(sizeof *n, "mpi_alloc"); + MPI n = malloc(sizeof *n); mpz_init(n); return n; @@ -42,7 +42,7 @@ mpi_alloc_secure( unsigned nlimbs ) MPI mpi_alloc_set_ui( unsigned long u) { - MPI n = alloc_bytes(sizeof *n, "mpi_copy"); + MPI n = malloc(sizeof *n); mpz_init_set_ui(n, u); return n; @@ -51,7 +51,7 @@ mpi_alloc_set_ui( unsigned long u) MPI mpi_copy( MPI a ) { - MPI n = alloc_bytes(sizeof *n, "mpi_copy"); + MPI n = malloc(sizeof *n); mpz_init_set(n, a); return n; @@ -61,7 +61,7 @@ void mpi_free( MPI a ) { mpz_clear(a); - pfree(a); + free(a); } int @@ -146,7 +146,7 @@ u_char * get_random_bits(size_t nbits, int level UNUSED, int secure UNUSED) { size_t nbytes = (nbits+7)/8; - u_char *b = alloc_bytes(nbytes, "random bytes"); + u_char *b = malloc(nbytes); get_rnd_bytes(b, nbytes); return b; diff --git a/src/pluto/gcryptfix.h b/src/pluto/gcryptfix.h index 0bcd64b15..2173e35dd 100644 --- a/src/pluto/gcryptfix.h +++ b/src/pluto/gcryptfix.h @@ -76,13 +76,13 @@ extern void log_mpidump( const char *text, MPI a ); #define m_alloc_ptrs_clear(pp, n) { \ int c = (n); \ - (pp) = alloc_bytes((n) * sizeof(*(pp)), "m_alloc_ptrs_clear"); \ + (pp) = malloc((n) * sizeof(*(pp))); \ while (c > 0) (pp)[--c] = NULL; \ } extern u_char *get_random_bits(size_t nbits, int level, int secure); -#define m_alloc(sz) alloc_bytes((sz), "m_alloc") /* not initialized */ -#define m_free(n) pfree(n) /* always freeing something from get_random_bits */ +#define m_alloc(sz) malloc((sz)) /* not initialized */ +#define m_free(n) free(n) /* always freeing something from get_random_bits */ /* declarations from gnupg-1.0.0/include/cipher.h */ /*-- primegen.c --*/ diff --git a/src/pluto/id.c b/src/pluto/id.c index 5bbf5312d..d299f3780 100644 --- a/src/pluto/id.c +++ b/src/pluto/id.c @@ -88,7 +88,7 @@ calc_myid_str(enum myid_state s) char buf[BUF_LEN]; idtoa(&myids[s], buf, BUF_LEN); - replace(myid_str[s], clone_str(buf, "myid string")); + replace(myid_str[s], clone_str(buf)); } @@ -145,7 +145,7 @@ set_myFQDN(void) if (!strcaseeq(FQDN, "localhost.localdomain")) { - clonetochunk(myids[MYID_HOSTNAME].name, FQDN, strlen(FQDN), "my FQDN"); + clonetochunk(myids[MYID_HOSTNAME].name, FQDN, strlen(FQDN)); myids[MYID_HOSTNAME].kind = ID_FQDN; calc_myid_str(MYID_HOSTNAME); } @@ -365,7 +365,7 @@ unshare_id_content(struct id *id) case ID_USER_FQDN: case ID_DER_ASN1_DN: case ID_KEY_ID: - id->name.ptr = clone_bytes(id->name.ptr, id->name.len, "keep id name"); + id->name.ptr = clone_bytes(id->name.ptr, id->name.len); break; case ID_MYID: case ID_NONE: diff --git a/src/pluto/ipsec_doi.c b/src/pluto/ipsec_doi.c index f22cdbd04..31a6d6d94 100644 --- a/src/pluto/ipsec_doi.c +++ b/src/pluto/ipsec_doi.c @@ -206,7 +206,7 @@ accept_KE(chunk_t *dest, const char *val_name /* XXX Could send notification back */ return INVALID_KEY_INFORMATION; } - clonereplacechunk(*dest, pbs->cur, pbs_left(pbs), val_name); + clonereplacechunk(*dest, pbs->cur, pbs_left(pbs)); DBG_cond_dump_chunk(DBG_CRYPT, "DH public value received:\n", *dest); return NOTHING_WRONG; } @@ -254,7 +254,7 @@ build_and_ship_nonce(chunk_t *n, pb_stream *outs, u_int8_t np , const char *name) { freeanychunk(*n); - setchunk(*n, alloc_bytes(DEFAULT_NONCE_SIZE, name), DEFAULT_NONCE_SIZE); + setchunk(*n, malloc(DEFAULT_NONCE_SIZE), DEFAULT_NONCE_SIZE); get_rnd_bytes(n->ptr, DEFAULT_NONCE_SIZE); return out_generic_chunk(np, &isakmp_nonce_desc, outs, *n, name); } @@ -284,7 +284,7 @@ collect_rw_ca_candidates(struct msg_digest *md, generalName_t **top) } if (new_entry) { - gn = alloc_thing(generalName_t, "generalName"); + gn = malloc_thing(generalName_t); gn->kind = GN_DIRECTORY_NAME; gn->name = d->spd.that.ca; gn->next = *top; @@ -962,8 +962,7 @@ main_outI1(int whack_sock, struct connection *c, struct state *predecessor /* save initiator SA for later HASH */ passert(st->st_p1isa.ptr == NULL); /* no leak! (MUST be first time) */ - clonetochunk(st->st_p1isa, sa_start, rbody.cur - sa_start - , "sa in main_outI1"); + clonetochunk(st->st_p1isa, sa_start, rbody.cur - sa_start); } /* if enabled send Pluto Vendor ID */ @@ -1034,9 +1033,7 @@ main_outI1(int whack_sock, struct connection *c, struct state *predecessor close_message(&rbody); close_output_pbs(&reply); - - clonetochunk(st->st_tpacket, reply.start, pbs_offset(&reply) - , "reply packet for main_outI1"); + clonetochunk(st->st_tpacket, reply.start, pbs_offset(&reply)); /* Transmit */ @@ -1193,11 +1190,11 @@ skeyid_digisig(struct state *st) * so we have to build a temporary concatentation. */ nir.len = st->st_ni.len + st->st_nr.len; - nir.ptr = alloc_bytes(nir.len, "Ni + Nr in skeyid_digisig"); + nir.ptr = malloc(nir.len); memcpy(nir.ptr, st->st_ni.ptr, st->st_ni.len); memcpy(nir.ptr+st->st_ni.len, st->st_nr.ptr, st->st_nr.len); hmac_init_chunk(&ctx, st->st_oakley.hasher, nir); - pfree(nir.ptr); + free(nir.ptr); hmac_update_chunk(&ctx, st->st_shared); hmac_final_chunk(st->st_skeyid, "st_skeyid in skeyid_digisig()", &ctx); @@ -1319,7 +1316,7 @@ generate_skeyids_iv(struct state *st) } k = keytemp; } - clonereplacechunk(st->st_enc_key, k, keysize, "st_enc_key"); + clonereplacechunk(st->st_enc_key, k, keysize); } DBG(DBG_CRYPT, @@ -1538,7 +1535,7 @@ try_RSA_signature(const u_char hash_val[MAX_DIGEST_LEN], size_t hash_len temp_s = mpz_to_n(c, sig_len); /* back to octets */ memcpy(s, temp_s.ptr, sig_len); - pfree(temp_s.ptr); + free(temp_s.ptr); mpz_clear(c); } @@ -1849,7 +1846,7 @@ accept_nonce(struct msg_digest *md, chunk_t *dest, const char *name) , name , MINIMUM_NONCE_SIZE, MAXIMUM_NONCE_SIZE); return PAYLOAD_MALFORMED; /* ??? */ } - clonereplacechunk(*dest, nonce_pbs->cur, len, "nonce"); + clonereplacechunk(*dest, nonce_pbs->cur, len); return NOTHING_WRONG; } @@ -2206,8 +2203,7 @@ quick_outI1(int whack_sock } /* save packet, now that we know its size */ - clonetochunk(st->st_tpacket, reply.start, pbs_offset(&reply) - , "reply packet from quick_outI1"); + clonetochunk(st->st_tpacket, reply.start, pbs_offset(&reply)); /* send the packet */ @@ -2314,8 +2310,8 @@ decode_cr(struct msg_digest *md, struct connection *c) if (!is_asn1(ca_name)) continue; - gn = alloc_thing(generalName_t, "generalName"); - clonetochunk(ca_name, ca_name.ptr,ca_name.len, "ca name"); + gn = malloc_thing(generalName_t); + clonetochunk(ca_name, ca_name.ptr,ca_name.len); gn->kind = GN_DIRECTORY_NAME; gn->name = ca_name; gn->next = c->requested_ca; @@ -2895,8 +2891,8 @@ compute_proto_keymat(struct state *st ctx_peer = ctx_me; /* duplicate initial conditions */ needed_space = needed_len + pad_up(needed_len, ctx_me.hmac_digest_size); - replace(pi->our_keymat, alloc_bytes(needed_space, "keymat in compute_keymat()")); - replace(pi->peer_keymat, alloc_bytes(needed_space, "peer_keymat in quick_inI1_outR1()")); + replace(pi->our_keymat, malloc(needed_space)); + replace(pi->peer_keymat, malloc(needed_space)); for (i = 0;; ) { @@ -3225,7 +3221,7 @@ main_inI1_outR1(struct msg_digest *md) close_message(&md->rbody); /* save initiator SA for HASH */ - clonereplacechunk(st->st_p1isa, sa_pd->pbs.start, pbs_room(&sa_pd->pbs), "sa in main_inI1_outR1()"); + clonereplacechunk(st->st_p1isa, sa_pd->pbs.start, pbs_room(&sa_pd->pbs)); return STF_OK; } @@ -3750,8 +3746,7 @@ main_id_and_auth(struct msg_digest *md if (r == STF_SUSPEND) { /* initiate/resume asynchronous DNS lookup for key */ - struct key_continuation *nkc - = alloc_thing(struct key_continuation, "key continuation"); + struct key_continuation *nkc = malloc_thing(struct key_continuation); enum key_oppo_step step_done = kc == NULL? kos_null : kc->step; err_t ugh = NULL; @@ -4377,8 +4372,7 @@ quick_inI1_outR1_start_query(struct verify_oppo_bundle *b struct msg_digest *md = b->md; struct state *p1st = md->st; struct connection *c = p1st->st_connection; - struct verify_oppo_continuation *vc - = alloc_thing(struct verify_oppo_continuation, "verify continuation"); + struct verify_oppo_continuation *vc = malloc_thing(struct verify_oppo_continuation); struct id id /* subject of query */ , *our_id /* needed for myid playing */ , our_id_space; /* ephemeral: no need for unshare_id_content */ diff --git a/src/pluto/kernel.c b/src/pluto/kernel.c index 98841bcee..59a505733 100644 --- a/src/pluto/kernel.c +++ b/src/pluto/kernel.c @@ -189,9 +189,9 @@ record_and_initiate_opportunistic(const ip_subnet *ours * which can't do this itself. */ { - struct bare_shunt *bs = alloc_thing(struct bare_shunt, "bare shunt"); + struct bare_shunt *bs = malloc_thing(struct bare_shunt); - bs->why = clone_str(why, "story for bare shunt"); + bs->why = clone_str(why); bs->ours = *ours; bs->his = *his; bs->transport_proto = transport_proto; @@ -233,7 +233,7 @@ record_and_initiate_opportunistic(const ip_subnet *ours && portof(&his->addr) == portof(&p->his.addr)) { *pp = p->next; - pfree(p); + free(p); break; } } @@ -897,8 +897,8 @@ free_bare_shunt(struct bare_shunt **pp) *pp = p->next; DBG_bare_shunt("delete", p); - pfree(p->why); - pfree(p); + free(p->why); + free(p); } } @@ -1024,13 +1024,13 @@ replace_bare_shunt(const ip_address *src, const ip_address *dst , 0, null_proto_info , SHUNT_PATIENCE, ERO_ADD, why)) { - struct bare_shunt *bs = alloc_thing(struct bare_shunt, "bare shunt"); + struct bare_shunt *bs = malloc_thing(struct bare_shunt); bs->ours = this_broad_client; bs->his = that_broad_client; bs->transport_proto = 0; bs->said.proto = SA_INT; - bs->why = clone_str(why, "bare shunt story"); + bs->why = clone_str(why); bs->policy_prio = policy_prio; bs->said.spi = htonl(shunt_spi); bs->said.dst = *null_host; @@ -1428,7 +1428,7 @@ scan_proc_shunts(void) struct eroute_info *p = orphaned_holds; orphaned_holds = p->next; - pfree(orphaned_holds); + free(orphaned_holds); } /* decode the /proc file. Don't do anything strenuous to it @@ -1582,7 +1582,7 @@ scan_proc_shunts(void) , ourst, ourport, hist, hisport, sat, eri.transport_proto) ) eri.next = orphaned_holds; - orphaned_holds = clone_thing(eri, "orphaned %hold"); + orphaned_holds = clone_thing(eri); } break; @@ -1607,7 +1607,7 @@ scan_proc_shunts(void) else if (nw - bs->last_activity > SHUNT_PATIENCE) { eri.next = expired; - expired = clone_thing(eri, "expired %pass"); + expired = clone_thing(eri); } } } @@ -1643,7 +1643,7 @@ scan_proc_shunts(void) , SPI_PASS /* not used because we are deleting. This value is a filler */ , FALSE, p->transport_proto, "delete expired bare shunts"); expired = p->next; - pfree(p); + free(p); } } diff --git a/src/pluto/kernel_alg.c b/src/pluto/kernel_alg.c index 2918e9cf1..885890f39 100644 --- a/src/pluto/kernel_alg.c +++ b/src/pluto/kernel_alg.c @@ -38,22 +38,10 @@ #include "kernel.h" #include "kernel_alg.h" #include "alg_info.h" - -#ifndef NO_PLUTO #include "log.h" #include "whack.h" #include "db_ops.h" -#else -/* - * macros/functions for compilation without pluto (eg: spi for manual conns) - */ -extern int debug; -#include <assert.h> -#define passert(x) assert(x) -#define DBG(cond, action) { if (debug) { action ; } } -#define DBG_log(x, args...) fprintf(stderr, x "\n" , ##args); -#define plog(x, args...) fprintf(stderr, x "\n" , ##args); -#endif /* NO_PLUTO */ + /* ALG storage */ static struct sadb_alg esp_aalg[SADB_AALG_MAX+1]; static struct sadb_alg esp_ealg[SADB_EALG_MAX+1]; diff --git a/src/pluto/kernel_pfkey.c b/src/pluto/kernel_pfkey.c index b047d32d9..04c24f5f2 100644 --- a/src/pluto/kernel_pfkey.c +++ b/src/pluto/kernel_pfkey.c @@ -280,7 +280,7 @@ pfkey_get_response(pfkey_buf *buf, pfkey_seq_t seq) { /* Not for us: queue it. */ size_t bl = buf->msg.sadb_msg_len * IPSEC_PFKEYv2_ALIGN; - pfkey_item *it = alloc_bytes(offsetof(pfkey_item, buf) + bl, "pfkey_item"); + pfkey_item *it = malloc(offsetof(pfkey_item, buf) + bl); memcpy(&it->buf, buf, bl); @@ -447,7 +447,7 @@ pfkey_dequeue(void) pfkey_async(&it->buf); pfkey_iq_head = it->next; - pfree(it); + free(it); } /* Handle any orphaned holds, but only if no pfkey input is pending. @@ -898,7 +898,7 @@ pfkey_close(void) pfkey_item *it = pfkey_iq_head; pfkey_iq_head = it->next; - pfree(it); + free(it); } close(pfkeyfd); diff --git a/src/pluto/keys.c b/src/pluto/keys.c index 0c9f53929..89034d61b 100644 --- a/src/pluto/keys.c +++ b/src/pluto/keys.c @@ -82,7 +82,7 @@ struct secret { static pubkey_t* allocate_RSA_public_key(const cert_t cert) { - pubkey_t *pk = alloc_thing(pubkey_t, "pubkey"); + pubkey_t *pk = malloc_thing(pubkey_t); chunk_t e = empty_chunk, n = empty_chunk; switch (cert.type) @@ -99,6 +99,7 @@ allocate_RSA_public_key(const cert_t cert) plog("RSA public key allocation error"); } + zero(pk); init_RSA_public_key(&pk->u.rsa, e, n); DBG(DBG_RAW, RSA_show_public_key(&pk->u.rsa) @@ -131,7 +132,7 @@ free_public_key(pubkey_t *pk) default: bad_case(pk->alg); } - pfree(pk); + free(pk); } secret_t *secrets = NULL; @@ -410,7 +411,7 @@ process_psk_secret(chunk_t *psk) if (*tok == '"' || *tok == '\'') { - clonetochunk(*psk, tok+1, flp->cur - tok - 2, "PSK"); + clonetochunk(*psk, tok+1, flp->cur - tok - 2); (void) shift(); } else @@ -427,7 +428,7 @@ process_psk_secret(chunk_t *psk) } else { - clonetochunk(*psk, buf, sz, "PSK"); + clonetochunk(*psk, buf, sz); (void) shift(); } } @@ -609,7 +610,7 @@ process_xauth(secret_t *s) , user_name.len , user_name.ptr); clonetochunk(s->u.xauth_secret.user_name - , user_name.ptr, user_name.len, "xauth user name"); + , user_name.ptr, user_name.len); if (!shift()) return "missing xauth user password"; @@ -737,7 +738,7 @@ process_pin(secret_t *s, int whackfd) { shift(); /* pin will be entered via pin pad during verification */ - clonetochunk(sc->pin, "", 0, "empty pin"); + clonetochunk(sc->pin, "", 0); sc->pinpad = TRUE; sc->valid = TRUE; pin_status = "pin entry via pad"; @@ -858,7 +859,7 @@ process_secret(secret_t *s, int whackfd) { loglog(RC_LOG_SERIOUS, "\"%s\" line %d: %s" , flp->filename, flp->lino, ugh); - pfree(s); + free(s); } else if (flushline("expected record boundary in key")) { @@ -931,8 +932,9 @@ process_secret_records(int whackfd) else { /* expecting a list of indices and then the key info */ - secret_t *s = alloc_thing(secret_t, "secret"); + secret_t *s = malloc_thing(secret_t); + zero(s); s->ids = NULL; s->kind = PPK_PSK; /* default */ setchunk(s->u.preshared_secret, NULL, 0); @@ -986,8 +988,7 @@ process_secret_records(int whackfd) } else { - id_list_t *i = alloc_thing(id_list_t - , "id_list"); + id_list_t *i = malloc_thing(id_list_t); i->id = id; unshare_id_content(&i->id); @@ -1090,19 +1091,19 @@ free_preshared_secrets(void) { ni = i->next; /* grab before freeing i */ free_id_content(&i->id); - pfree(i); + free(i); } switch (s->kind) { case PPK_PSK: - pfree(s->u.preshared_secret.ptr); + free(s->u.preshared_secret.ptr); break; case PPK_RSA: free_RSA_private_content(&s->u.RSA_private_key); break; case PPK_XAUTH: - pfree(s->u.xauth_secret.user_name.ptr); - pfree(s->u.xauth_secret.user_password.ptr); + free(s->u.xauth_secret.user_name.ptr); + free(s->u.xauth_secret.user_password.ptr); break; case PPK_PIN: scx_release(s->u.smartcard); @@ -1110,7 +1111,7 @@ free_preshared_secrets(void) default: bad_case(s->kind); } - pfree(s); + free(s); } secrets = NULL; } @@ -1132,8 +1133,9 @@ load_preshared_secrets(int whackfd) pubkey_t * public_key_from_rsa(const RSA_public_key_t *k) { - pubkey_t *p = alloc_thing(pubkey_t, "pubkey"); + pubkey_t *p = malloc_thing(pubkey_t); + zero(p); p->id = empty_id; /* don't know, doesn't matter */ p->issuer = empty_chunk; p->serial = empty_chunk; @@ -1162,7 +1164,7 @@ free_public_keyentry(pubkey_list_t *p) if (p->key != NULL) unreference_key(&p->key); - pfree(p); + free(p); return nxt; } @@ -1196,7 +1198,7 @@ transfer_to_public_keys(struct gw_info *gateways_from_dns for (gwp = gateways_from_dns; gwp != NULL; gwp = gwp->next) { - pubkey_list_t *pl = alloc_thing(pubkey_list_t, "from TXT"); + pubkey_list_t *pl = malloc_thing(pubkey_list_t); pl->key = gwp->key; /* note: this is a transfer */ gwp->key = NULL; /* really, it is! */ @@ -1277,17 +1279,21 @@ unpack_RSA_public_key(RSA_public_key_t *rsa, const chunk_t *pubkey) static void install_public_key(pubkey_t *pk, pubkey_list_t **head) { - pubkey_list_t *p = alloc_thing(pubkey_list_t, "pubkey entry"); + pubkey_list_t *p = malloc_thing(pubkey_list_t); unshare_id_content(&pk->id); /* copy issuer dn */ if (pk->issuer.ptr != NULL) - pk->issuer.ptr = clone_bytes(pk->issuer.ptr, pk->issuer.len, "issuer dn"); + { + pk->issuer.ptr = clone_bytes(pk->issuer.ptr, pk->issuer.len); + } /* copy serial number */ if (pk->serial.ptr != NULL) - pk->serial.ptr = clone_bytes(pk->serial.ptr, pk->serial.len, "serialNumber"); + { + pk->serial.ptr = clone_bytes(pk->serial.ptr, pk->serial.len); + } /* store the time the public key was installed */ time(&pk->installed_time); @@ -1352,15 +1358,14 @@ unreference_key(pubkey_t **pkp) } err_t -add_public_key(const struct id *id -, enum dns_auth_level dns_auth_level -, enum pubkey_alg alg -, const chunk_t *key -, pubkey_list_t **head) +add_public_key(const struct id *id, enum dns_auth_level dns_auth_level, + enum pubkey_alg alg, const chunk_t *key, pubkey_list_t **head) { - pubkey_t *pk = alloc_thing(pubkey_t, "pubkey"); + pubkey_t *pk; + + pk = malloc_thing(pubkey_t); zero(pk); - /* first: algorithm-specific decoding of key chunk */ + /* first: algorithm-specific decoding of key chunk */ switch (alg) { case PUBKEY_ALG_RSA: @@ -1369,7 +1374,7 @@ add_public_key(const struct id *id if (ugh != NULL) { - pfree(pk); + free(pk); return ugh; } } diff --git a/src/pluto/log.c b/src/pluto/log.c index 6c4719a74..7a30d7e31 100644 --- a/src/pluto/log.c +++ b/src/pluto/log.c @@ -244,7 +244,7 @@ perpeer_logfree(struct connection *c) perpeer_logclose(c); if (c->log_file_name != NULL) { - pfree(c->log_file_name); + free(c->log_file_name); c->log_file_name = NULL; c->log_file_err = FALSE; } @@ -282,7 +282,7 @@ open_peerlog(struct connection *c) + strlen(base_perpeer_logdir) + sizeof("//.log") + 1; - c->log_file_name = alloc_bytes(lf_len, "per-peer log file name"); + c->log_file_name = malloc(lf_len); fprintf(stderr, "base dir |%s| dname |%s| peername |%s|" , base_perpeer_logdir, dname, peername); @@ -299,7 +299,7 @@ open_peerlog(struct connection *c) int bpl_len = strlen(base_perpeer_logdir); char *slashloc; - dname = clone_str(c->log_file_name, "temp copy of file name"); + dname = clone_str(c->log_file_name); dname = dirname(dname); if (access(dname, W_OK) != 0) @@ -311,7 +311,7 @@ open_peerlog(struct connection *c) syslog(LOG_CRIT, "can not write to %s: %s" , dname, strerror(errno)); c->log_file_err = TRUE; - pfree(dname); + free(dname); return; } } @@ -338,7 +338,7 @@ open_peerlog(struct connection *c) syslog(LOG_CRIT, "can not create dir %s: %s" , dname, strerror(errno)); c->log_file_err = TRUE; - pfree(dname); + free(dname); return; } syslog(LOG_DEBUG, "created new directory %s", dname); @@ -346,8 +346,7 @@ open_peerlog(struct connection *c) slashloc++; } } - - pfree(dname); + free(dname); } c->log_file = fopen(c->log_file_name, "a"); diff --git a/src/pluto/modecfg.c b/src/pluto/modecfg.c index 97e3b818d..2c8b274a1 100644 --- a/src/pluto/modecfg.c +++ b/src/pluto/modecfg.c @@ -531,7 +531,7 @@ modecfg_send_msg(struct state *st, int isama_type, internal_addr_t *ia) ); freeanychunk(st->st_tpacket); - clonetochunk(st->st_tpacket, msg.start, pbs_offset(&msg), "ModeCfg msg"); + clonetochunk(st->st_tpacket, msg.start, pbs_offset(&msg)); /* Transmit */ send_packet(st, "ModeCfg msg"); @@ -1093,8 +1093,7 @@ xauth_inI0(struct msg_digest *md) { /* send XAUTH reply msg and then delete ISAKMP SA */ freeanychunk(st->st_tpacket); - clonetochunk(st->st_tpacket, md->reply.start - , pbs_offset(&md->reply), "XAUTH reply msg"); + clonetochunk(st->st_tpacket, md->reply.start, pbs_offset(&md->reply)); send_packet(st, "XAUTH reply msg"); delete_state(st); return STF_IGNORE; @@ -1225,8 +1224,7 @@ xauth_inI1(struct msg_digest *md) { /* send XAUTH ack msg and then delete ISAKMP SA */ freeanychunk(st->st_tpacket); - clonetochunk(st->st_tpacket, md->reply.start - , pbs_offset(&md->reply), "XAUTH ack msg"); + clonetochunk(st->st_tpacket, md->reply.start, pbs_offset(&md->reply)); send_packet(st, "XAUTH ack msg"); delete_state(st); return STF_IGNORE; diff --git a/src/pluto/mp_defs.c b/src/pluto/mp_defs.c index 9ba4e4f5a..66b4717c1 100644 --- a/src/pluto/mp_defs.c +++ b/src/pluto/mp_defs.c @@ -32,7 +32,7 @@ mpz_to_n(const MP_INT *mp, size_t bytes) int i; r.len = bytes; - r.ptr = alloc_bytes(r.len, "host representation of large integer"); + r.ptr = malloc(r.len); mpz_init(&temp1); mpz_init(&temp2); diff --git a/src/pluto/ocsp.c b/src/pluto/ocsp.c index 84e8876c2..68dd4a4ba 100644 --- a/src/pluto/ocsp.c +++ b/src/pluto/ocsp.c @@ -489,7 +489,7 @@ static void free_certinfo(ocsp_certinfo_t *certinfo) { freeanychunk(certinfo->serialNumber); - pfree(certinfo); + free(certinfo); } /* @@ -520,7 +520,7 @@ free_ocsp_location(ocsp_location_t* location) freeanychunk(location->authKeySerialNumber); freeanychunk(location->uri); free_certinfos(location->certinfo); - pfree(location); + free(location); } /* @@ -554,7 +554,7 @@ free_ocsp_cache(void) void free_ocsp(void) { - pfreeany(ocsp_default_uri.ptr); + free(ocsp_default_uri.ptr); free_ocsp_cache(); } @@ -849,7 +849,7 @@ build_request_list(ocsp_location_t *location) /* build request for every certificate in list * and store them in a chained list */ - request_list_t *req = alloc_thing(request_list_t, "ocsp request"); + request_list_t *req = malloc_thing(request_list_t); req->request = build_request(location, certinfo); req->next = reqs; @@ -869,7 +869,7 @@ build_request_list(ocsp_location_t *location) mv_chunk(&pos, req->request); reqs = reqs->next; - pfree(req); + free(req); } return requestList; @@ -893,7 +893,7 @@ static chunk_t build_nonce_extension(ocsp_location_t *location) { /* generate a random nonce */ - location->nonce.ptr = alloc_bytes(NONCE_LENGTH, "ocsp nonce"), + location->nonce.ptr = malloc(NONCE_LENGTH), location->nonce.len = NONCE_LENGTH; get_rnd_bytes(location->nonce.ptr, NONCE_LENGTH); @@ -1155,9 +1155,9 @@ parse_basic_ocsp_response(chunk_t blob, int level0, response_t *res) case BASIC_RESPONSE_CERTIFICATE: { chunk_t blob; - x509cert_t *cert = alloc_thing(x509cert_t, "ocspcert"); + x509cert_t *cert = malloc_thing(x509cert_t); - clonetochunk(blob, object.ptr, object.len, "ocspcert blob"); + clonetochunk(blob, object.ptr, object.len); *cert = empty_x509cert; if (parse_x509cert(blob, level+1, cert) @@ -1324,35 +1324,33 @@ parse_ocsp_single_response(chunk_t blob, int level0, single_response_t *sres) ocsp_location_t* add_ocsp_location(const ocsp_location_t *loc, ocsp_location_t **chain) { - ocsp_location_t *location = alloc_thing(ocsp_location_t, "ocsp location"); + ocsp_location_t *location = malloc_thing(ocsp_location_t); /* unshare location fields */ - clonetochunk(location->issuer - , loc->issuer.ptr, loc->issuer.len - , "ocsp issuer"); + clonetochunk(location->issuer, loc->issuer.ptr, loc->issuer.len); - clonetochunk(location->authNameID - , loc->authNameID.ptr, loc->authNameID.len - , "ocsp authNameID"); + clonetochunk(location->authNameID, loc->authNameID.ptr, loc->authNameID.len); if (loc->authKeyID.ptr == NULL) + { location->authKeyID = empty_chunk; + } else - clonetochunk(location->authKeyID - , loc->authKeyID.ptr, loc->authKeyID.len - , "ocsp authKeyID"); + { + clonetochunk(location->authKeyID, loc->authKeyID.ptr, loc->authKeyID.len); + } if (loc->authKeySerialNumber.ptr == NULL) + { location->authKeySerialNumber = empty_chunk; + } else + { clonetochunk(location->authKeySerialNumber - , loc->authKeySerialNumber.ptr, loc->authKeySerialNumber.len - , "ocsp authKeySerialNumber"); - - clonetochunk(location->uri - , loc->uri.ptr, loc->uri.len - , "ocsp uri"); + , loc->authKeySerialNumber.ptr, loc->authKeySerialNumber.len); + } + clonetochunk(location->uri, loc->uri.ptr, loc->uri.len); location->certinfo = NULL; /* insert new ocsp location in front of chain */ @@ -1399,9 +1397,8 @@ add_certinfo(ocsp_location_t *loc, ocsp_certinfo_t *info, ocsp_location_t **chai if (cmp != 0) { /* add a new certinfo entry */ - ocsp_certinfo_t *cnew = alloc_thing(ocsp_certinfo_t, "ocsp certinfo"); - clonetochunk(cnew->serialNumber, info->serialNumber.ptr - , info->serialNumber.len, "serialNumber"); + ocsp_certinfo_t *cnew = malloc_thing(ocsp_certinfo_t); + clonetochunk(cnew->serialNumber, info->serialNumber.ptr, info->serialNumber.len); cnew->next = certinfo; *certinfop = cnew; certinfo = cnew; diff --git a/src/pluto/pem.c b/src/pluto/pem.c index 396eb3d1c..633163de5 100644 --- a/src/pluto/pem.c +++ b/src/pluto/pem.c @@ -286,17 +286,17 @@ pem_decrypt(chunk_t *blob, chunk_t *iv, prompt_pass_t *pass, const char* label) return ugh; } - clonetochunk(blob_copy, blob->ptr, blob->len, "blob copy"); + clonetochunk(blob_copy, blob->ptr, blob->len); if (pem_decrypt_3des(blob, iv, pass->secret)) { whack_log(RC_SUCCESS, "valid passphrase"); - pfree(blob_copy.ptr); + free(blob_copy.ptr); return NULL; } /* blob is useless after wrong decryption, restore the original */ - pfree(blob->ptr); + free(blob->ptr); *blob = blob_copy; } whack_log(RC_LOG_SERIOUS, ugh); diff --git a/src/pluto/pgp.c b/src/pluto/pgp.c index f6744fd8a..71bf284cf 100644 --- a/src/pluto/pgp.c +++ b/src/pluto/pgp.c @@ -600,9 +600,8 @@ free_pgpcert(pgpcert_t *cert) { if (cert != NULL) { - if (cert->certificate.ptr != NULL) - pfree(cert->certificate.ptr); - pfree(cert); + free(cert->certificate.ptr); + free(cert); } } diff --git a/src/pluto/pkcs1.c b/src/pluto/pkcs1.c index bc07848e9..6dcc0659c 100644 --- a/src/pluto/pkcs1.c +++ b/src/pluto/pkcs1.c @@ -417,7 +417,7 @@ sign_hash(const RSA_private_key_t *k, const u_char *hash_val, size_t hash_len /* PKCS#1 v1.5 8.4 integer-to-octet-string conversion */ ch = mpz_to_n(t1, sig_len); memcpy(sig_val, ch.ptr, sig_len); - pfree(ch.ptr); + free(ch.ptr); mpz_clear(t1); mpz_clear(t2); @@ -545,7 +545,7 @@ RSA_decrypt(const RSA_private_key_t *key, chunk_t in, chunk_t *out) return FALSE; } - clonetochunk(*out, pos, padded.len, "decrypted data"); + clonetochunk(*out, pos, padded.len); freeanychunk(padded); return TRUE; } @@ -598,7 +598,7 @@ pkcs1_build_signature(chunk_t tbs, int hash_alg, const RSA_private_key_t *key pos = build_asn1_object(&signatureValue, ASN1_OCTET_STRING, siglen); } sign_hash(key, digestInfo.ptr, digestInfo.len, pos, siglen); - pfree(digestInfo.ptr); + free(digestInfo.ptr); return signatureValue; } diff --git a/src/pluto/pkcs7.c b/src/pluto/pkcs7.c index 905d4caba..812cbac13 100644 --- a/src/pluto/pkcs7.c +++ b/src/pluto/pkcs7.c @@ -285,11 +285,9 @@ pkcs7_parse_signedData(chunk_t blob, contentInfo_t *data, x509cert_t **cert { chunk_t cert_blob; - x509cert_t *newcert = alloc_thing(x509cert_t - , "pkcs7 wrapped x509cert"); + x509cert_t *newcert = malloc_thing(x509cert_t); - clonetochunk(cert_blob, object.ptr, object.len - , "pkcs7 cert blob"); + clonetochunk(cert_blob, object.ptr, object.len); *newcert = empty_x509cert; DBG(DBG_CONTROL | DBG_PARSING, @@ -521,7 +519,7 @@ pkcs7_parse_envelopedData(chunk_t blob, chunk_t *data } data->len = encrypted_content.len; - data->ptr = alloc_bytes(data->len, "decrypted data"); + data->ptr = malloc(data->len); switch (content_enc_alg) { @@ -568,7 +566,7 @@ pkcs7_parse_envelopedData(chunk_t blob, chunk_t *data failed: freeanychunk(symmetric_key); - pfreeany(data->ptr); + free(data->ptr); return FALSE; } @@ -679,8 +677,7 @@ pkcs7_build_signedData(chunk_t data, chunk_t attributes, const x509cert_t *cert { encryptedDigest = pkcs1_build_signature(attributes, digest_alg , key, FALSE); - clonetochunk(authenticatedAttributes, attributes.ptr, attributes.len - , "authenticatedAttributes"); + clonetochunk(authenticatedAttributes, attributes.ptr, attributes.len); *authenticatedAttributes.ptr = ASN1_CONTEXT_C_0; } else @@ -746,7 +743,7 @@ pkcs7_build_envelopedData(chunk_t data, const x509cert_t *cert, int cipher) padding += DES_CBC_BLOCK_SIZE; out.len = data.len + padding; - out.ptr = alloc_bytes(out.len, "DES-encrypted output"); + out.ptr = malloc(out.len); DBG(DBG_CONTROL, DBG_log("padding %d bytes of data to multiple DES block size of %d bytes" diff --git a/src/pluto/plutomain.c b/src/pluto/plutomain.c index 18ff7c987..e03f76b79 100644 --- a/src/pluto/plutomain.c +++ b/src/pluto/plutomain.c @@ -239,6 +239,7 @@ main(int argc, char **argv) cap_t caps; int keep[] = { CAP_NET_ADMIN, CAP_NET_BIND_SERVICE }; #endif /* CAPABILITIES */ + library_init(STRONGSWAN_CONF); /* handle arguments */ diff --git a/src/pluto/primegen.c b/src/pluto/primegen.c index 159490345..ae260f8c3 100644 --- a/src/pluto/primegen.c +++ b/src/pluto/primegen.c @@ -162,7 +162,7 @@ generate_elg_prime( int mode, unsigned pbits, unsigned qbits, } /* init m_out_of_n() */ #ifdef PLUTO - perms = alloc_bytes( m, "perms" ); + perms = malloc(m); #else perms = m_alloc_clear( m ); #endif diff --git a/src/pluto/rcv_whack.c b/src/pluto/rcv_whack.c index f8f672395..4a0c03751 100644 --- a/src/pluto/rcv_whack.c +++ b/src/pluto/rcv_whack.c @@ -129,10 +129,11 @@ key_add_merge(struct key_add_common *oc, const struct id *keyid) key_add_ugh(keyid, oc->diag[kaa]); for (kaa = ka_TXT; kaa != ka_roof; kaa++) - pfreeany(oc->diag[kaa]); - + { + free(oc->diag[kaa]); + } close(oc->whack_fd); - pfree(oc); + free(oc); } } @@ -147,7 +148,7 @@ key_add_continue(struct adns_continuation *ac, err_t ugh) if (ugh != NULL) { - oc->diag[kc->lookingfor] = clone_str(ugh, "key add error"); + oc->diag[kc->lookingfor] = clone_str(ugh); } else { @@ -182,9 +183,7 @@ key_add_request(const whack_message_t *msg) if (msg->keyval.len == 0) { - struct key_add_common *oc - = alloc_thing(struct key_add_common - , "key add common things"); + struct key_add_common *oc = malloc_thing(struct key_add_common); enum key_add_attempt kaa; /* initialize state shared by queries */ @@ -194,14 +193,14 @@ key_add_request(const whack_message_t *msg) for (kaa = ka_TXT; kaa != ka_roof; kaa++) { - struct key_add_continuation *kc - = alloc_thing(struct key_add_continuation - , "key add continuation"); + struct key_add_continuation *kc; oc->diag[kaa] = NULL; oc->refCount++; + kc = malloc_thing(struct key_add_continuation); kc->common = oc; kc->lookingfor = kaa; + switch (kaa) { case ka_TXT: @@ -225,7 +224,7 @@ key_add_request(const whack_message_t *msg) } if (ugh != NULL) { - oc->diag[kaa] = clone_str(ugh, "early key add failure"); + oc->diag[kaa] = clone_str(ugh); oc->refCount--; } } diff --git a/src/pluto/server.c b/src/pluto/server.c index cae16294e..3b2529286 100644 --- a/src/pluto/server.c +++ b/src/pluto/server.c @@ -170,10 +170,10 @@ free_dead_ifaces(void) if (p->change == IFN_DELETE) { *pp = p->next; /* advance *pp */ - pfree(p->vname); - pfree(p->rname); + free(p->vname); + free(p->rname); close(p->fd); - pfree(p); + free(p); } else { @@ -310,7 +310,7 @@ find_raw_ifaces4(void) DBG(DBG_CONTROL, DBG_log("found %s with address %s" , ri.name, ip_str(&ri.addr))); ri.next = rifaces; - rifaces = clone_thing(ri, "struct raw_iface"); + rifaces = clone_thing(ri); } close(master_sock); @@ -393,7 +393,7 @@ find_raw_ifaces6(void) , DBG_log("found %s with address %s" , ri.name, sb)); ri.next = rifaces; - rifaces = clone_thing(ri, "struct raw_iface"); + rifaces = clone_thing(ri); } } fclose(proc_sock); @@ -663,9 +663,10 @@ add_entry: nat_traversal_espinudp_socket(fd, ESPINUDP_WITH_NON_IKE); } - q = alloc_thing(struct iface, "struct iface"); - q->rname = clone_str(ifp->name, "real device name"); - q->vname = clone_str(v->name, "virtual device name"); + q = malloc_thing(struct iface); + zero(q); + q->rname = clone_str(ifp->name); + q->vname = clone_str(v->name); q->addr = ifp->addr; q->fd = fd; q->next = interfaces; @@ -682,9 +683,10 @@ add_entry: break; nat_traversal_espinudp_socket(fd, ESPINUDP_WITH_NON_ESP); - q = alloc_thing(struct iface, "struct iface"); - q->rname = clone_str(ifp->name, "real device name"); - q->vname = clone_str(v->name, "virtual device name"); + q = malloc_thing(struct iface); + zero(q); + q->rname = clone_str(ifp->name); + q->vname = clone_str(v->name); q->addr = ifp->addr; setportof(htons(NAT_T_IKE_FLOAT_PORT), &q->addr); q->fd = fd; @@ -731,7 +733,7 @@ add_entry: struct raw_iface *t = rifaces; rifaces = t->next; - pfree(t); + free(t); } } diff --git a/src/pluto/smartcard.c b/src/pluto/smartcard.c index 64c36c7c9..21592aaf2 100644 --- a/src/pluto/smartcard.c +++ b/src/pluto/smartcard.c @@ -397,7 +397,7 @@ scx_unload_pkcs11_module(scx_pkcs11_module_t *mod) return CKR_FUNCTION_FAILED; memset(mod, 0, sizeof(*mod)); - pfree(mod); + free(mod); return CKR_OK; } @@ -417,7 +417,7 @@ scx_load_pkcs11_module(const char *name, CK_FUNCTION_LIST_PTR_PTR funcs) if (handle == NULL) return NULL; - mod = alloc_thing(scx_pkcs11_module_t, "scx_pkcs11_module"); + mod = malloc_thing(scx_pkcs11_module_t); mod->_magic = SCX_MAGIC; mod->handle = handle; @@ -465,13 +465,13 @@ scx_find_cert_object(CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object return FALSE; } - pfreeany(sc->label); + free(sc->label); - hex_id = alloc_bytes(attr[0].ulValueLen, "hex id"); + hex_id = malloc(attr[0].ulValueLen); hex_len = attr[0].ulValueLen; - sc->label = alloc_bytes(attr[1].ulValueLen + 1, "sc label"); + sc->label = malloc(attr[1].ulValueLen + 1); label_len = attr[1].ulValueLen; - blob.ptr = alloc_bytes(attr[2].ulValueLen, "x509cert blob"); + blob.ptr = malloc(attr[2].ulValueLen); blob.len = attr[2].ulValueLen; attr[0].pValue = hex_id; @@ -484,24 +484,24 @@ scx_find_cert_object(CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object { plog("couldn't read the attributes: %s" , enum_show(&pkcs11_return_names, rv)); - pfree(hex_id); - pfreeany(sc->label); - pfree(blob.ptr); + free(hex_id); + free(sc->label); + free(blob.ptr); return FALSE; } - pfreeany(sc->id); + free(sc->id); /* convert id from hex to ASCII */ - sc->id = alloc_bytes(2*hex_len + 1, " sc id"); + sc->id = malloc(2*hex_len + 1); datatot(hex_id, hex_len, 16, sc->id, 2*hex_len + 1); - pfree(hex_id); + free(hex_id); /* safeguard in case the label is not null terminated */ sc->label[label_len] = '\0'; /* parse the retrieved cert */ - x509cert = alloc_thing(x509cert_t, "x509cert"); + x509cert = malloc_thing(x509cert_t); *x509cert = empty_x509cert; x509cert->smartcard = TRUE; @@ -556,7 +556,7 @@ scx_find_cert_objects(CK_SLOT_ID slot, CK_SESSION_HANDLE session) break; /* create and initialize a new smartcard object */ - sc = alloc_thing(smartcard_t, "smartcard"); + sc = malloc_thing(smartcard_t); *sc = empty_sc; sc->any_slot = FALSE; sc->slot = slot; @@ -635,13 +635,13 @@ scx_find_all_cert_objects(void) rv = pkcs11_functions->C_GetSlotList(FALSE, NULL_PTR, &slot_count); /* allocate memory for the slots */ - slots = (CK_SLOT_ID *)alloc_bytes(slot_count * sizeof(CK_SLOT_ID), "slots"); + slots = (CK_SLOT_ID *)malloc(slot_count * sizeof(CK_SLOT_ID)); rv = pkcs11_functions->C_GetSlotList(FALSE, slots, &slot_count); if (rv != CKR_OK) { plog("error in C_GetSlotList: %s", enum_show(&pkcs11_return_names, rv)); - pfreeany(slots); + free(slots); return; } @@ -687,7 +687,7 @@ scx_find_all_cert_objects(void) , enum_show(&pkcs11_return_names, rv)); } } - pfreeany(slots); + free(slots); } #endif @@ -941,14 +941,14 @@ scx_establish_context(smartcard_t *sc) rv = pkcs11_functions->C_GetSlotList(FALSE, NULL_PTR, &slot_count); /* allocate memory for the slots */ - slots = (CK_SLOT_ID *)alloc_bytes(slot_count * sizeof(CK_SLOT_ID), "slots"); + slots = (CK_SLOT_ID *)malloc(slot_count * sizeof(CK_SLOT_ID)); rv = pkcs11_functions->C_GetSlotList(FALSE, slots, &slot_count); if (rv != CKR_OK) { plog("error in C_GetSlotList: %s" , enum_show(&pkcs11_return_names, rv)); - pfreeany(slots); + free(slots); return FALSE; } @@ -960,7 +960,7 @@ scx_establish_context(smartcard_t *sc) if (id_found) break; } - pfreeany(slots) + free(slots); } if (id_found) @@ -1163,7 +1163,7 @@ smartcard_t* scx_parse_number_slot_id(const char *number_slot_id) { int len = strlen(number_slot_id); - smartcard_t *sc = alloc_thing(smartcard_t, "smartcard"); + smartcard_t *sc = malloc_thing(smartcard_t); /* assign default values */ *sc = empty_sc; @@ -1212,7 +1212,7 @@ scx_parse_number_slot_id(const char *number_slot_id) } } /* unshare the id string */ - sc->id = clone_str(sc->id, "key id"); + sc->id = clone_str(sc->id); return sc; } @@ -1448,24 +1448,24 @@ scx_encrypt(smartcard_t *sc, const u_char *in, size_t inlen DBG(DBG_CONTROL, DBG_log("doing RSA encryption in software") ) - attr[0].pValue = alloc_bytes(attr[0].ulValueLen, "modulus"); - attr[1].pValue = alloc_bytes(attr[1].ulValueLen, "exponent"); + attr[0].pValue = malloc(attr[0].ulValueLen); + attr[1].pValue = malloc(attr[1].ulValueLen); rv = pkcs11_functions->C_GetAttributeValue(sc->session, object, attr, 2); if (rv != CKR_OK) { plog("couldn't read modulus and public exponent: %s" , enum_show(&pkcs11_return_names, rv)); - pfree(attr[0].pValue); - pfree(attr[1].pValue); + free(attr[0].pValue); + free(attr[1].pValue); scx_release_context(sc); return FALSE; } rsa.k = attr[0].ulValueLen; n_to_mpz(&rsa.n, attr[0].pValue, attr[0].ulValueLen); n_to_mpz(&rsa.e, attr[1].pValue, attr[1].ulValueLen); - pfree(attr[0].pValue); - pfree(attr[1].pValue); + free(attr[0].pValue); + free(attr[1].pValue); cipher_text = RSA_encrypt(&rsa, plain_text); free_RSA_public_content(&rsa); @@ -1759,7 +1759,7 @@ scx_get_pin(smartcard_t *sc, int whackfd) /* verify the pin */ if (scx_verify_pin(sc)) { - clonetochunk(sc->pin, pin, strlen(pin), "pin"); + clonetochunk(sc->pin, pin, strlen(pin)); break; } @@ -1789,7 +1789,7 @@ scx_free_pin(chunk_t *pin) { /* clear pin field in memory */ memset(pin->ptr, '\0', pin->len); - pfree(pin->ptr); + free(pin->ptr); *pin = empty_chunk; } } @@ -1803,10 +1803,10 @@ scx_free(smartcard_t *sc) if (sc != NULL) { scx_release_context(sc); - pfreeany(sc->id); - pfreeany(sc->label); + free(sc->id); + free(sc->label); scx_free_pin(&sc->pin); - pfree(sc); + free(sc); } } diff --git a/src/pluto/state.c b/src/pluto/state.c index 0b223e615..c506ebc5b 100644 --- a/src/pluto/state.c +++ b/src/pluto/state.c @@ -95,7 +95,7 @@ reserve_msgid(struct state *isakmp_sa, msgid_t msgid) if (p->msgid == msgid) return FALSE; - p = alloc_thing(struct msgid_list, "msgid"); + p = malloc_thing(struct msgid_list); p->msgid = msgid; p->next = isakmp_sa->st_used_msgids; isakmp_sa->st_used_msgids = p; @@ -171,7 +171,7 @@ new_state(void) static so_serial_t next_so = SOS_FIRST; struct state *st; - st = clone_thing(blank_state, "struct state in new_state()"); + st = clone_thing(blank_state); st->st_serialno = next_so++; passert(next_so > SOS_FIRST); /* overflow can't happen! */ st->st_whack_sock = NULL_FD; @@ -344,7 +344,7 @@ delete_state(struct state *st) { struct msgid_list *q = p; p = p->next; - pfree(q); + free(q); } } @@ -353,25 +353,25 @@ delete_state(struct state *st) if (st->st_sec_in_use) mpz_clear(&(st->st_sec)); - pfreeany(st->st_tpacket.ptr); - pfreeany(st->st_rpacket.ptr); - pfreeany(st->st_p1isa.ptr); - pfreeany(st->st_gi.ptr); - pfreeany(st->st_gr.ptr); - pfreeany(st->st_shared.ptr); - pfreeany(st->st_ni.ptr); - pfreeany(st->st_nr.ptr); - pfreeany(st->st_skeyid.ptr); - pfreeany(st->st_skeyid_d.ptr); - pfreeany(st->st_skeyid_a.ptr); - pfreeany(st->st_skeyid_e.ptr); - pfreeany(st->st_enc_key.ptr); - pfreeany(st->st_ah.our_keymat); - pfreeany(st->st_ah.peer_keymat); - pfreeany(st->st_esp.our_keymat); - pfreeany(st->st_esp.peer_keymat); - - pfree(st); + free(st->st_tpacket.ptr); + free(st->st_rpacket.ptr); + free(st->st_p1isa.ptr); + free(st->st_gi.ptr); + free(st->st_gr.ptr); + free(st->st_shared.ptr); + free(st->st_ni.ptr); + free(st->st_nr.ptr); + free(st->st_skeyid.ptr); + free(st->st_skeyid_d.ptr); + free(st->st_skeyid_a.ptr); + free(st->st_skeyid_e.ptr); + free(st->st_enc_key.ptr); + free(st->st_ah.our_keymat); + free(st->st_ah.peer_keymat); + free(st->st_esp.our_keymat); + free(st->st_esp.peer_keymat); + + free(st); } /* @@ -538,13 +538,13 @@ duplicate_state(struct state *st) nst->st_oakley = st->st_oakley; nst->st_modecfg = st->st_modecfg; -# define clone_chunk(ch, name) \ - clonetochunk(nst->ch, st->ch.ptr, st->ch.len, name) +# define clone_chunk(ch) \ + clonetochunk(nst->ch, st->ch.ptr, st->ch.len) - clone_chunk(st_skeyid_d, "st_skeyid_d in duplicate_state"); - clone_chunk(st_skeyid_a, "st_skeyid_a in duplicate_state"); - clone_chunk(st_skeyid_e, "st_skeyid_e in duplicate_state"); - clone_chunk(st_enc_key, "st_enc_key in duplicate_state"); + clone_chunk(st_skeyid_d); + clone_chunk(st_skeyid_a); + clone_chunk(st_skeyid_e); + clone_chunk(st_enc_key); # undef clone_chunk @@ -880,7 +880,7 @@ show_states_status(bool all, const char *name) } /* build the array */ - array = alloc_bytes(sizeof(struct state *)*count, "state array"); + array = malloc(sizeof(struct state *)*count); count = 0; for (i = 0; i < STATE_TABLE_SIZE; i++) { @@ -918,7 +918,7 @@ show_states_status(bool all, const char *name) whack_log(RC_COMMENT, BLANK_FORMAT); /* spacer */ /* free the array */ - pfree(array); + free(array); } /* Given that we've used up a range of unused CPI's, diff --git a/src/pluto/timer.c b/src/pluto/timer.c index 860ed0042..89ba41a9f 100644 --- a/src/pluto/timer.c +++ b/src/pluto/timer.c @@ -72,7 +72,7 @@ static struct event *evlist = (struct event *) NULL; void event_schedule(enum event_type type, time_t tm, struct state *st) { - struct event *ev = alloc_thing(struct event, "struct event in event_schedule()"); + struct event *ev = malloc_thing(struct event); ev->ev_type = type; ev->ev_time = tm + now(); @@ -432,7 +432,7 @@ handle_timer_event(void) , enum_show(&timer_event_names, type)); } - pfree(ev); + free(ev); reset_cur_state(); } @@ -490,8 +490,10 @@ delete_event(struct state *st) *ev = (*ev)->ev_next; if (st->st_event->ev_type == EVENT_RETRANSMIT) + { st->st_retransmit = 0; - pfree(st->st_event); + } + free(st->st_event); st->st_event = (struct event *) NULL; break; @@ -521,7 +523,7 @@ delete_dpd_event(struct state *st) if ((*ev) == st->st_dpd_event) { *ev = (*ev)->ev_next; - pfree(st->st_dpd_event); + free(st->st_dpd_event); st->st_dpd_event = (struct event *) NULL; break; } diff --git a/src/pluto/virtual.c b/src/pluto/virtual.c index 9deceb224..748eda227 100644 --- a/src/pluto/virtual.c +++ b/src/pluto/virtual.c @@ -119,24 +119,20 @@ init_virtual_ip(const char *private_list) /** Allocate **/ if (private_net_ok_len) { - private_net_ok = (ip_subnet *)alloc_bytes( - (private_net_ok_len*sizeof(ip_subnet)), - "private_net_ok subnets"); + private_net_ok = (ip_subnet *)malloc(private_net_ok_len * sizeof(ip_subnet)); } if (private_net_ko_len) { - private_net_ko = (ip_subnet *)alloc_bytes( - (private_net_ko_len*sizeof(ip_subnet)), - "private_net_ko subnets"); + private_net_ko = (ip_subnet *)malloc(private_net_ko_len * sizeof(ip_subnet)); } if ((private_net_ok_len && !private_net_ok) || (private_net_ko_len && !private_net_ko)) { loglog(RC_LOG_SERIOUS, "can't alloc in init_virtual_ip"); - pfreeany(private_net_ok); + free(private_net_ok); private_net_ok = NULL; - pfreeany(private_net_ko); + free(private_net_ko); private_net_ko = NULL; } else @@ -237,9 +233,8 @@ struct virtual_t str = *next ? next+1 : NULL; } - v = (struct virtual_t *)alloc_bytes( - sizeof(struct virtual_t) + (n_net*sizeof(ip_subnet)), - "virtual description"); + v = (struct virtual_t *)malloc(sizeof(struct virtual_t) + + (n_net * sizeof(ip_subnet))); if (!v) goto fail; v->flags = flags; diff --git a/src/pluto/x509.c b/src/pluto/x509.c index 1f9a431ac..9e54d1ac7 100644 --- a/src/pluto/x509.c +++ b/src/pluto/x509.c @@ -1215,10 +1215,10 @@ free_generalNames(generalName_t* gn, bool free_name) generalName_t *gn_top = gn; if (free_name) { - pfree(gn->name.ptr); + free(gn->name.ptr); } gn = gn->next; - pfree(gn_top); + free(gn_top); } } @@ -1232,8 +1232,8 @@ free_x509cert(x509cert_t *cert) { free_generalNames(cert->subjectAltName, FALSE); free_generalNames(cert->crlDistributionPoints, FALSE); - pfreeany(cert->certificate.ptr); - pfree(cert); + free(cert->certificate.ptr); + free(cert); cert = NULL; } } @@ -1383,7 +1383,7 @@ decrypt_sig(chunk_t sig, int alg, const x509cert_t *issuer_cert, /* free memory */ free_RSA_public_content(&rsa); - pfree(decrypted.ptr); + free(decrypted.ptr); mpz_clear(s); return TRUE; } @@ -1634,7 +1634,7 @@ parse_generalName(chunk_t blob, int level0) if (valid_gn) { - generalName_t *gn = alloc_thing(generalName_t, "generalName"); + generalName_t *gn = malloc_thing(generalName_t); gn->kind = (objectID - GN_OBJ_OTHER_NAME) / 2; gn->name = object; gn->next = NULL; diff --git a/src/scepclient/pkcs10.c b/src/scepclient/pkcs10.c index 86267f508..fc5b5ff2c 100644 --- a/src/scepclient/pkcs10.c +++ b/src/scepclient/pkcs10.c @@ -95,7 +95,7 @@ pkcs10_add_subjectAltName(generalName_t **subjectAltNames, generalNames_t kind break; } - gn = alloc_thing(generalName_t, "subjectAltName"); + gn = malloc_thing(generalName_t); gn->kind = kind; gn->name = asn1_simple_object(asn1_type, name); gn->next = *subjectAltNames; @@ -193,7 +193,7 @@ pkcs10_t* pkcs10_build(RSA_private_key_t *key, chunk_t subject, chunk_t challengePassword , generalName_t *subjectAltNames, int signature_alg) { - pkcs10_t *pkcs10 = alloc_thing(pkcs10_t, "pkcs10_t"); + pkcs10_t *pkcs10 = malloc_thing(pkcs10_t); pkcs10->subject = subject; pkcs10->private_key = key; @@ -215,6 +215,6 @@ pkcs10_free(pkcs10_t *pkcs10) if (pkcs10 != NULL) { freeanychunk(pkcs10->request); - pfree(pkcs10); + free(pkcs10); } } diff --git a/src/scepclient/scep.c b/src/scepclient/scep.c index 75a23878b..a867815a8 100644 --- a/src/scepclient/scep.c +++ b/src/scepclient/scep.c @@ -276,7 +276,7 @@ scep_generate_pkcs10_fingerprint(chunk_t pkcs10, chunk_t *fingerprint) /* the fingerprint is the MD5 hash in hexadecimal format */ compute_digest(pkcs10, OID_MD5, &digest); fingerprint->len = 2*digest.len; - fingerprint->ptr = alloc_bytes(fingerprint->len + 1, "fingerprint"); + fingerprint->ptr = malloc(fingerprint->len + 1); datatot(digest.ptr, digest.len, 16, fingerprint->ptr, fingerprint->len + 1); } @@ -296,14 +296,14 @@ scep_generate_transaction_id(const RSA_public_key_t *rsak u_char *pos; compute_digest(public_key, OID_MD5, &digest); - pfree(public_key.ptr); + free(public_key.ptr); /* is the most significant bit of the digest set? */ msb_set = (*digest.ptr & 0x80) == 0x80; /* allocate space for the serialNumber */ serialNumber->len = msb_set + digest.len; - serialNumber->ptr = alloc_bytes(serialNumber->len, "serialNumber"); + serialNumber->ptr = malloc(serialNumber->len); /* the serial number as the two's complement of the digest */ pos = serialNumber->ptr; @@ -315,7 +315,7 @@ scep_generate_transaction_id(const RSA_public_key_t *rsak /* the transaction id is the serial number in hex format */ transID->len = 2*digest.len; - transID->ptr = alloc_bytes(transID->len + 1, "transID"); + transID->ptr = malloc(transID->len + 1); datatot(digest.ptr, digest.len, 16, transID->ptr, transID->len + 1); } @@ -415,7 +415,7 @@ escape_http_request(chunk_t req) /* compute and allocate the size of the base64-encoded request */ int len = 1 + 4*((req.len + 2)/3); - char *encoded_req = alloc_bytes(len, "encoded request"); + char *encoded_req = malloc(len); /* do the base64 conversion */ len = datatot(req.ptr, req.len, 64, encoded_req, len); @@ -431,7 +431,7 @@ escape_http_request(chunk_t req) plus++; } - escaped_req = alloc_bytes(len + 3*(lines + plus), "escaped request"); + escaped_req = malloc(len + 3*(lines + plus)); /* escape special characters in the request */ p1 = encoded_req; @@ -457,7 +457,7 @@ escape_http_request(chunk_t req) n++; } *p2 = '\0'; - pfreeany(encoded_req); + free(encoded_req); return escaped_req; } #endif @@ -498,10 +498,10 @@ scep_http_request(const char *url, chunk_t pkcs7, scep_op_t op /* form complete url */ int len = strlen(url) + 20 + strlen(operation) + strlen(escaped_req) + 1; - complete_url = alloc_bytes(len, "complete url"); + complete_url = malloc(len); snprintf(complete_url, len, "%s?operation=%s&message=%s" , url, operation, escaped_req); - pfreeany(escaped_req); + free(escaped_req); curl_easy_setopt(curl, CURLOPT_HTTPGET, TRUE); headers = curl_slist_append(headers, "Pragma:"); @@ -515,7 +515,7 @@ scep_http_request(const char *url, chunk_t pkcs7, scep_op_t op /* form complete url */ int len = strlen(url) + 11 + strlen(operation) + 1; - complete_url = alloc_bytes(len, "complete url"); + complete_url = malloc(len); snprintf(complete_url, len, "%s?operation=%s", url, operation); curl_easy_setopt(curl, CURLOPT_HTTPGET, FALSE); @@ -533,7 +533,7 @@ scep_http_request(const char *url, chunk_t pkcs7, scep_op_t op /* form complete url */ int len = strlen(url) + 32 + strlen(operation) + 1; - complete_url = alloc_bytes(len, "complete url"); + complete_url = malloc(len); snprintf(complete_url, len, "%s?operation=%s&message=CAIdentifier" , url, operation); @@ -567,7 +567,7 @@ scep_http_request(const char *url, chunk_t pkcs7, scep_op_t op } curl_slist_free_all(headers); curl_easy_cleanup(curl); - pfreeany(complete_url); + free(complete_url); return (res == CURLE_OK); #else /* !LIBCURL */ diff --git a/src/scepclient/scepclient.c b/src/scepclient/scepclient.c index 8f9e81b8b..6ab1cf26d 100644 --- a/src/scepclient/scepclient.c +++ b/src/scepclient/scepclient.c @@ -146,7 +146,7 @@ exit_scepclient(err_t message, ...) if (private_key != NULL) { free_RSA_private_content(private_key); - pfree(private_key); + free(private_key); } freeanychunk(pkcs1); freeanychunk(pkcs7); @@ -703,7 +703,7 @@ int main(int argc, char **argv) /* * input of PKCS#1 file */ - private_key = alloc_thing(RSA_private_key_t, "RSA_private_key_t"); + private_key = malloc_thing(RSA_private_key_t); if (filetype_in & PKCS1) /* load an RSA key pair from file */ { @@ -767,7 +767,7 @@ int main(int argc, char **argv) if (ugh != NULL) exit_scepclient(ugh); - clonetochunk(subject, dn.ptr, dn.len, "subject dn"); + clonetochunk(subject, dn.ptr, dn.len); DBG(DBG_CONTROL, DBG_log("building pkcs10 object:") @@ -820,7 +820,7 @@ int main(int argc, char **argv) plog(" transaction ID: %.*s", (int)transID.len, transID.ptr); /* generate a self-signed X.509 certificate */ - x509_signer = alloc_thing(x509cert_t, "signer cert"); + x509_signer = malloc_thing(x509cert_t); *x509_signer = empty_x509cert; x509_signer->serialNumber = serialNumber; x509_signer->sigAlg = OID_SHA1_WITH_RSA; diff --git a/src/starter/args.c b/src/starter/args.c index 825824586..1027c307c 100644 --- a/src/starter/args.c +++ b/src/starter/args.c @@ -269,8 +269,10 @@ free_list(char **list) char **s; for (s = list; *s; s++) - pfree(*s); - pfree(list); + { + free(*s); + } + free(list); } char ** @@ -279,7 +281,7 @@ new_list(char *value) char *val, *b, *e, *end, **ret; int count; - val = value ? clone_str(value, "list value") : NULL; + val = value ? clone_str(value) : NULL; if (!val) return NULL; end = val + strlen(val); @@ -293,20 +295,20 @@ new_list(char *value) } if (count == 0) { - pfree(val); + free(val); return NULL; } - ret = (char **)alloc_bytes((count+1) * sizeof(char *), "list"); + ret = (char **)malloc((count+1) * sizeof(char *)); for (b = val, count = 0; b < end; ) { for (e = b; (*e != '\0'); e++); if (e != b) - ret[count++] = clone_str(b, "list value"); + ret[count++] = clone_str(b); b = e + 1; } ret[count] = NULL; - pfree(val); + free(val); return ret; } @@ -455,10 +457,10 @@ assign_arg(kw_token_t token, kw_token_t first, kw_list_t *kw, char *base char **cp = (char **)p; /* free any existing string */ - pfreeany(*cp); + free(*cp); /* assign the new string */ - *cp = clone_str(kw->value, "str_value"); + *cp = clone_str(kw->value); } break; case ARG_LST: @@ -521,7 +523,7 @@ free_args(kw_token_t first, kw_token_t last, char *base) { char **cp = (char **)p; - pfreeany(*cp); + free(*cp); *cp = NULL; } break; @@ -557,7 +559,7 @@ clone_args(kw_token_t first, kw_token_t last, char *base1, char *base2) char **cp1 = (char **)(base1 + token_info[token].offset); char **cp2 = (char **)(base2 + token_info[token].offset); - *cp1 = clone_str(*cp2, "cloned str"); + *cp1 = clone_str(*cp2); } } } diff --git a/src/starter/confread.c b/src/starter/confread.c index d2b1b4974..cc7138a99 100644 --- a/src/starter/confread.c +++ b/src/starter/confread.c @@ -75,8 +75,8 @@ static void default_values(starter_config_t *cfg) cfg->conn_default.policy = POLICY_ENCRYPT | POLICY_TUNNEL | POLICY_RSASIG | POLICY_PFS | POLICY_MOBIKE; - cfg->conn_default.ike = clone_str(ike_defaults, "ike_defaults"); - cfg->conn_default.esp = clone_str(esp_defaults, "esp_defaults"); + cfg->conn_default.ike = clone_str(ike_defaults); + cfg->conn_default.esp = clone_str(esp_defaults); cfg->conn_default.sa_ike_life_seconds = OAKLEY_ISAKMP_SA_LIFETIME_DEFAULT; cfg->conn_default.sa_ipsec_life_seconds = PLUTO_SA_LIFE_DURATION_DEFAULT; cfg->conn_default.sa_rekey_margin = SA_REPLACEMENT_MARGIN_DEFAULT; @@ -193,7 +193,7 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token if (streq(value, "%modeconfig") || streq(value, "%modecfg") || streq(value, "%config") || streq(value, "%cfg")) { - pfree(end->srcip); + free(end->srcip); end->srcip = NULL; end->modecfg = TRUE; } @@ -336,7 +336,7 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token plog("# bad subnet: %s=%s [%s]", name, value, ugh); goto err; } - end->subnet = clone_str(value, "subnetwithin"); + end->subnet = clone_str(value); break; } case KW_PROTOPORT: @@ -356,7 +356,7 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token if (cfg->defaultroute.defined) { addrtot(&cfg->defaultroute.addr, 0, buf, sizeof(buf)); - end->srcip = clone_str(buf, "natip"); + end->srcip = clone_str(buf); } else { @@ -375,7 +375,7 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token plog("# bad addr: %s=%s [%s]", name, value, ugh); goto err; } - end->srcip = clone_str(value, "srcip"); + end->srcip = clone_str(value); } end->has_natip = TRUE; conn->policy |= POLICY_TUNNEL; @@ -426,7 +426,7 @@ handle_firewall( const char *label, starter_end_t *end, starter_config_t *cfg) } else { - end->updown = clone_str(firewall_defaults, "firewall_defaults"); + end->updown = clone_str(firewall_defaults); end->firewall = FALSE; } } @@ -467,9 +467,9 @@ load_conn(starter_conn_t *conn, kw_list_t *kw, starter_config_t *cfg) { if (cfg->parse_also) { - also_t *also = alloc_thing(also_t, "also_t"); + also_t *also = malloc_thing(also_t); - also->name = clone_str(kw->value, "also"); + also->name = clone_str(kw->value); also->next = conn->also; conn->also = also; @@ -698,7 +698,7 @@ static void conn_default(char *name, starter_conn_t *conn, starter_conn_t *def) { memcpy(conn, def, sizeof(starter_conn_t)); - conn->name = clone_str(name, "conn name"); + conn->name = clone_str(name); clone_args(KW_CONN_FIRST, KW_CONN_LAST, (char *)conn, (char *)def); clone_args(KW_END_FIRST, KW_END_LAST, (char *)&conn->left, (char *)&def->left); @@ -727,9 +727,9 @@ load_ca(starter_ca_t *ca, kw_list_t *kw, starter_config_t *cfg) { if (cfg->parse_also) { - also_t *also = alloc_thing(also_t, "also_t"); + also_t *also = malloc_thing(also_t); - also->name = clone_str(kw->value, "also"); + also->name = clone_str(kw->value); also->next = ca->also; ca->also = also; @@ -766,7 +766,7 @@ static void ca_default(char *name, starter_ca_t *ca, starter_ca_t *def) { memcpy(ca, def, sizeof(starter_ca_t)); - ca->name = clone_str(name, "ca name"); + ca->name = clone_str(name); clone_args(KW_CA_FIRST, KW_CA_LAST, (char *)ca, (char *)def); } @@ -896,8 +896,8 @@ free_also(also_t *head) also_t *also = head; head = also->next; - pfree(also->name); - pfree(also); + free(also->name); + free(also); } } @@ -942,7 +942,7 @@ confread_free(starter_config_t *cfg) conn = conn->next; confread_free_conn(conn_aux); - pfree(conn_aux); + free(conn_aux); } confread_free_ca(&cfg->ca_default); @@ -953,10 +953,10 @@ confread_free(starter_config_t *cfg) ca = ca->next; confread_free_ca(ca_aux); - pfree(ca_aux); + free(ca_aux); } - pfree(cfg); + free(cfg); } /* @@ -980,7 +980,7 @@ confread_load(const char *file) { return NULL; } - cfg = (starter_config_t *)alloc_thing(starter_config_t, "starter_config_t"); + cfg = malloc_thing(starter_config_t); /* set default values */ default_values(cfg); @@ -1021,7 +1021,7 @@ confread_load(const char *file) DBG(DBG_CONTROL, DBG_log("Loading ca '%s'", sca->name) ) - ca = (starter_ca_t *)alloc_thing(starter_ca_t, "starter_ca_t"); + ca = malloc_thing(starter_ca_t); ca_default(sca->name, ca, &cfg->ca_default); ca->kw = sca->kw; @@ -1092,7 +1092,7 @@ confread_load(const char *file) DBG(DBG_CONTROL, DBG_log("Loading conn '%s'", sconn->name) ) - conn = (starter_conn_t *)alloc_thing(starter_conn_t, "starter_conn_t"); + conn = malloc_thing(starter_conn_t); conn_default(sconn->name, conn, &cfg->conn_default); conn->kw = sconn->kw; diff --git a/src/starter/parser.y b/src/starter/parser.y index d61ca0628..63b23902b 100644 --- a/src/starter/parser.y +++ b/src/starter/parser.y @@ -80,10 +80,9 @@ section_or_include: } kw_section | CONN STRING EOL { - section_list_t *section = (section_list_t *)alloc_thing(section_list_t - , "section_list_t"); + section_list_t *section = malloc_thing(section_list_t); - section->name = clone_str($2, "conn section name"); + section->name = clone_str($2); section->kw = NULL; section->next = NULL; _parser_kw = &(section->kw); @@ -97,9 +96,8 @@ section_or_include: } kw_section | CA STRING EOL { - section_list_t *section = (section_list_t *)alloc_thing(section_list_t - , "section_list_t"); - section->name = clone_str($2, "ca section name"); + section_list_t *section = malloc_thing(section_list_t); + section->name = clone_str($2); section->kw = NULL; section->next = NULL; _parser_kw = &(section->kw); @@ -138,9 +136,9 @@ statement_kw: } else if (_parser_kw) { - new = (kw_list_t *)alloc_thing(kw_list_t, "kw_list_t"); + new = (kw_list_t *)malloc_thing(kw_list_t); new->entry = entry; - new->value = clone_str($3, "kw_list value"); + new->value = clone_str($3); new->next = NULL; if (_parser_kw_last) _parser_kw_last->next = new; @@ -179,7 +177,7 @@ parser_load_conf(const char *file) memset(parser_errstring, 0, ERRSTRING_LEN+1); - cfg = (config_parsed_t *)alloc_thing(config_parsed_t, "config_parsed_t"); + cfg = (config_parsed_t *)malloc_thing(config_parsed_t); if (cfg) { memset(cfg, 0, sizeof(config_parsed_t)); @@ -247,9 +245,8 @@ parser_free_kwlist(kw_list_t *list) { elt = list; list = list->next; - if (elt->value) - pfree(elt->value); - pfree(elt); + free(elt->value); + free(elt); } } @@ -264,20 +261,18 @@ parser_free_conf(config_parsed_t *cfg) { sec = cfg->conn_first; cfg->conn_first = cfg->conn_first->next; - if (sec->name) - pfree(sec->name); + free(sec->name); parser_free_kwlist(sec->kw); - pfree(sec); + free(sec); } while (cfg->ca_first) { sec = cfg->ca_first; cfg->ca_first = cfg->ca_first->next; - if (sec->name) - pfree(sec->name); + free(sec->name); parser_free_kwlist(sec->kw); - pfree(sec); + free(sec); } - pfree(cfg); + free(cfg); } } |