/* BEWARE: This function gets called for both client and server SIDs !! * If the unreferenced sid is not in the cache, Free sid and its contents. */ static void ssl_DestroySID(sslSessionID *sid) { int i; SSL_TRC(8, ("SSL: destroy sid: sid=0x%x cached=%d", sid, sid->cached)); PORT_Assert(sid->references == 0); PORT_Assert(sid->cached != in_client_cache); if (sid->version < SSL_LIBRARY_VERSION_3_0) { SECITEM_ZfreeItem(&sid->u.ssl2.masterKey, PR_FALSE); SECITEM_ZfreeItem(&sid->u.ssl2.cipherArg, PR_FALSE); } else { if (sid->u.ssl3.locked.sessionTicket.ticket.data) { SECITEM_FreeItem(&sid->u.ssl3.locked.sessionTicket.ticket, PR_FALSE); } if (sid->u.ssl3.srvName.data) { SECITEM_FreeItem(&sid->u.ssl3.srvName, PR_FALSE); } if (sid->u.ssl3.originalHandshakeHash.data) { SECITEM_FreeItem(&sid->u.ssl3.originalHandshakeHash, PR_FALSE); } if (sid->u.ssl3.signedCertTimestamps.data) { SECITEM_FreeItem(&sid->u.ssl3.signedCertTimestamps, PR_FALSE); } if (sid->u.ssl3.lock) { NSSRWLock_Destroy(sid->u.ssl3.lock); } } if (sid->peerID != NULL) PORT_Free((void *)sid->peerID); /* CONST */ if (sid->urlSvrName != NULL) PORT_Free((void *)sid->urlSvrName); /* CONST */ if ( sid->peerCert ) { CERT_DestroyCertificate(sid->peerCert); } for (i = 0; i < MAX_PEER_CERT_CHAIN_SIZE && sid->peerCertChain[i]; i++) { CERT_DestroyCertificate(sid->peerCertChain[i]); } if (sid->peerCertStatus.items) { SECITEM_FreeArray(&sid->peerCertStatus, PR_FALSE); } if ( sid->localCert ) { CERT_DestroyCertificate(sid->localCert); } PORT_ZFree(sid, sizeof(sslSessionID)); }
static SECStatus ssl_PopulateOCSPResponses(sslServerCert *sc, const SECItemArray *stapledOCSPResponses) { if (sc->certStatusArray) { SECITEM_FreeArray(sc->certStatusArray, PR_TRUE); } if (stapledOCSPResponses) { sc->certStatusArray = SECITEM_DupArray(NULL, stapledOCSPResponses); return sc->certStatusArray ? SECSuccess : SECFailure; } else { sc->certStatusArray = NULL; } return SECSuccess; }
void ssl_FreeServerCert(sslServerCert *sc) { if (!sc) { return; } if (sc->serverCert) { CERT_DestroyCertificate(sc->serverCert); } if (sc->serverCertChain) { CERT_DestroyCertificateList(sc->serverCertChain); } if (sc->serverKeyPair) { ssl_FreeKeyPair(sc->serverKeyPair); } if (sc->certStatusArray) { SECITEM_FreeArray(sc->certStatusArray, PR_TRUE); } if (sc->signedCertTimestamps.len) { SECITEM_FreeItem(&sc->signedCertTimestamps, PR_FALSE); } PORT_ZFree(sc, sizeof(*sc)); }