void ssl_cert_free(CERT *c)
{
int i;
if (c == NULL)
return;
CRYPTO_DOWN_REF(&c->references, &i, c->lock);
REF_PRINT_COUNT("CERT", c);
if (i > 0)
return;
REF_ASSERT_ISNT(i < 0);
#ifndef OPENSSL_NO_DH
EVP_PKEY_free(c->dh_tmp);
#endif
ssl_cert_clear_certs(c);
OPENSSL_free(c->conf_sigalgs);
OPENSSL_free(c->client_sigalgs);
OPENSSL_free(c->shared_sigalgs);
OPENSSL_free(c->ctype);
X509_STORE_free(c->verify_store);
X509_STORE_free(c->chain_store);
custom_exts_free(&c->custext);
#ifndef OPENSSL_NO_PSK
OPENSSL_free(c->psk_identity_hint);
#endif
CRYPTO_THREAD_lock_free(c->lock);
OPENSSL_free(c);
}
int BIO_free(BIO *a)
{
int ret;
if (a == NULL)
return 0;
if (CRYPTO_DOWN_REF(&a->references, &ret, a->lock) <= 0)
return 0;
REF_PRINT_COUNT("BIO", a);
if (ret > 0)
return 1;
REF_ASSERT_ISNT(ret < 0);
if (a->callback != NULL || a->callback_ex != NULL) {
ret = (int)bio_call_callback(a, BIO_CB_FREE, NULL, 0, 0, 0L, 1L, NULL);
if (ret <= 0)
return ret;
}
if ((a->method != NULL) && (a->method->destroy != NULL))
a->method->destroy(a);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
CRYPTO_THREAD_lock_free(a->lock);
OPENSSL_free(a);
return 1;
}
void X509_STORE_free(X509_STORE *vfy)
{
int i;
STACK_OF(X509_LOOKUP) *sk;
X509_LOOKUP *lu;
if (vfy == NULL)
return;
i = CRYPTO_add(&vfy->references, -1, CRYPTO_LOCK_X509_STORE);
REF_PRINT_COUNT("X509_STORE", vfy);
if (i > 0)
return;
REF_ASSERT_ISNT(i < 0);
sk = vfy->get_cert_methods;
for (i = 0; i < sk_X509_LOOKUP_num(sk); i++) {
lu = sk_X509_LOOKUP_value(sk, i);
X509_LOOKUP_shutdown(lu);
X509_LOOKUP_free(lu);
}
sk_X509_LOOKUP_free(sk);
sk_X509_OBJECT_pop_free(vfy->objs, cleanup);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data);
X509_VERIFY_PARAM_free(vfy->param);
OPENSSL_free(vfy);
}
int engine_free_util(ENGINE *e, int not_locked)
{
int i;
if (e == NULL)
return 1;
#ifdef HAVE_ATOMICS
CRYPTO_DOWN_REF(&e->struct_ref, &i, global_engine_lock);
#else
if (not_locked)
CRYPTO_atomic_add(&e->struct_ref, -1, &i, global_engine_lock);
else
i = --e->struct_ref;
#endif
engine_ref_debug(e, 0, -1)
if (i > 0)
return 1;
REF_ASSERT_ISNT(i < 0);
/* Free up any dynamically allocated public key methods */
engine_pkey_meths_free(e);
engine_pkey_asn1_meths_free(e);
/*
* Give the ENGINE a chance to do any structural cleanup corresponding to
* allocation it did in its constructor (eg. unload error strings)
*/
if (e->destroy)
e->destroy(e);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ENGINE, e, &e->ex_data);
OPENSSL_free(e);
return 1;
}
/*
* Free a functional reference to a engine type. This version is only used
* internally.
*/
int engine_unlocked_finish(ENGINE *e, int unlock_for_handlers)
{
int to_return = 1;
/*
* Reduce the functional reference count here so if it's the terminating
* case, we can release the lock safely and call the finish() handler
* without risk of a race. We get a race if we leave the count until
* after and something else is calling "finish" at the same time -
* there's a chance that both threads will together take the count from 2
* to 0 without either calling finish().
*/
e->funct_ref--;
engine_ref_debug(e, 1, -1);
if ((e->funct_ref == 0) && e->finish) {
if (unlock_for_handlers)
CRYPTO_THREAD_unlock(global_engine_lock);
to_return = e->finish(e);
if (unlock_for_handlers)
CRYPTO_THREAD_write_lock(global_engine_lock);
if (!to_return)
return 0;
}
REF_ASSERT_ISNT(e->funct_ref < 0);
/* Release the structural reference too */
if (!engine_free_util(e, 0)) {
ENGINEerr(ENGINE_F_ENGINE_UNLOCKED_FINISH, ENGINE_R_FINISH_FAILED);
return 0;
}
return to_return;
}
void DSA_free(DSA *r)
{
int i;
if (r == NULL)
return;
CRYPTO_DOWN_REF(&r->references, &i, r->lock);
REF_PRINT_COUNT("DSA", r);
if (i > 0)
return;
REF_ASSERT_ISNT(i < 0);
if (r->meth->finish)
r->meth->finish(r);
#ifndef OPENSSL_NO_ENGINE
ENGINE_finish(r->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
CRYPTO_THREAD_lock_free(r->lock);
BN_clear_free(r->p);
BN_clear_free(r->q);
BN_clear_free(r->g);
BN_clear_free(r->pub_key);
BN_clear_free(r->priv_key);
OPENSSL_free(r);
}
int DSO_free(DSO *dso)
{
int i;
if (dso == NULL)
return (1);
if (CRYPTO_DOWN_REF(&dso->references, &i, dso->lock) <= 0)
return 0;
REF_PRINT_COUNT("DSO", dso);
if (i > 0)
return 1;
REF_ASSERT_ISNT(i < 0);
if ((dso->flags & DSO_FLAG_NO_UNLOAD_ON_FREE) == 0) {
if ((dso->meth->dso_unload != NULL) && !dso->meth->dso_unload(dso)) {
DSOerr(DSO_F_DSO_FREE, DSO_R_UNLOAD_FAILED);
return 0;
}
}
if ((dso->meth->finish != NULL) && !dso->meth->finish(dso)) {
DSOerr(DSO_F_DSO_FREE, DSO_R_FINISH_FAILED);
return 0;
}
sk_void_free(dso->meth_data);
OPENSSL_free(dso->filename);
OPENSSL_free(dso->loaded_filename);
CRYPTO_THREAD_lock_free(dso->lock);
OPENSSL_free(dso);
return 1;
}
void EC_KEY_free(EC_KEY *r)
{
int i;
if (r == NULL)
return;
CRYPTO_DOWN_REF(&r->references, &i, r->lock);
REF_PRINT_COUNT("EC_KEY", r);
if (i > 0)
return;
REF_ASSERT_ISNT(i < 0);
if (r->meth->finish != NULL)
r->meth->finish(r);
#ifndef OPENSSL_NO_ENGINE
ENGINE_finish(r->engine);
#endif
if (r->group && r->group->meth->keyfinish)
r->group->meth->keyfinish(r);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, r, &r->ex_data);
CRYPTO_THREAD_lock_free(r->lock);
EC_GROUP_free(r->group);
EC_POINT_free(r->pub_key);
BN_clear_free(r->priv_key);
OPENSSL_clear_free((void *)r, sizeof(EC_KEY));
}
void DSA_free(DSA *r)
{
int i;
if (r == NULL)
return;
i = CRYPTO_add(&r->references, -1, CRYPTO_LOCK_DSA);
REF_PRINT_COUNT("DSA", r);
if (i > 0)
return;
REF_ASSERT_ISNT(i < 0);
if (r->meth->finish)
r->meth->finish(r);
#ifndef OPENSSL_NO_ENGINE
if (r->engine)
ENGINE_finish(r->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DSA, r, &r->ex_data);
BN_clear_free(r->p);
BN_clear_free(r->q);
BN_clear_free(r->g);
BN_clear_free(r->pub_key);
BN_clear_free(r->priv_key);
BN_clear_free(r->kinv);
BN_clear_free(r->r);
OPENSSL_free(r);
}
int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
{
const ASN1_AUX *aux;
int *lck, ret;
CRYPTO_RWLOCK **lock;
if ((it->itype != ASN1_ITYPE_SEQUENCE)
&& (it->itype != ASN1_ITYPE_NDEF_SEQUENCE))
return 0;
aux = it->funcs;
if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT))
return 0;
lck = offset2ptr(*pval, aux->ref_offset);
lock = offset2ptr(*pval, aux->ref_lock);
if (op == 0) {
*lck = 1;
*lock = CRYPTO_THREAD_lock_new();
if (*lock == NULL)
return 0;
return 1;
}
CRYPTO_atomic_add(lck, op, &ret, *lock);
#ifdef REF_PRINT
fprintf(stderr, "%p:%4d:%s\n", it, *lck, it->sname);
#endif
REF_ASSERT_ISNT(ret < 0);
if (ret == 0)
CRYPTO_THREAD_lock_free(*lock);
return ret;
}
int BIO_free(BIO *a)
{
int i;
if (a == NULL)
return 0;
if (CRYPTO_atomic_add(&a->references, -1, &i, a->lock) <= 0)
return 0;
REF_PRINT_COUNT("BIO", a);
if (i > 0)
return 1;
REF_ASSERT_ISNT(i < 0);
if ((a->callback != NULL) &&
((i = (int)a->callback(a, BIO_CB_FREE, NULL, 0, 0L, 1L)) <= 0))
return i;
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
CRYPTO_THREAD_lock_free(a->lock);
if ((a->method != NULL) && (a->method->destroy != NULL))
a->method->destroy(a);
OPENSSL_free(a);
return 1;
}
int DSA_up_ref(DSA *r)
{
int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_DSA);
REF_PRINT_COUNT("DSA", r);
REF_ASSERT_ISNT(i < 2);
return ((i > 1) ? 1 : 0);
}
int X509_STORE_up_ref(X509_STORE *vfy)
{
int i;
if (CRYPTO_atomic_add(&vfy->references, 1, &i, vfy->lock) <= 0)
return 0;
REF_PRINT_COUNT("X509_STORE", a);
REF_ASSERT_ISNT(i < 2);
return ((i > 1) ? 1 : 0);
}
int EC_KEY_up_ref(EC_KEY *r)
{
int i;
if (CRYPTO_UP_REF(&r->references, &i, r->lock) <= 0)
return 0;
REF_PRINT_COUNT("EC_KEY", r);
REF_ASSERT_ISNT(i < 2);
return ((i > 1) ? 1 : 0);
}
int X509_up_ref(X509 *x)
{
int i;
if (CRYPTO_UP_REF(&x->references, &i, x->lock) <= 0)
return 0;
REF_PRINT_COUNT("X509", x);
REF_ASSERT_ISNT(i < 2);
return ((i > 1) ? 1 : 0);
}
int RSA_up_ref(RSA *r)
{
int i;
if (CRYPTO_UP_REF(&r->references, &i, r->lock) <= 0)
return 0;
REF_PRINT_COUNT("RSA", r);
REF_ASSERT_ISNT(i < 2);
return i > 1 ? 1 : 0;
}
int X509_CRL_up_ref(X509_CRL *crl)
{
int i;
if (CRYPTO_atomic_add(&crl->references, 1, &i, crl->lock) <= 0)
return 0;
REF_PRINT_COUNT("X509_CRL", crl);
REF_ASSERT_ISNT(i < 2);
return ((i > 1) ? 1 : 0);
}
int DSA_up_ref(DSA *r)
{
int i;
if (CRYPTO_atomic_add(&r->references, 1, &i, r->lock) <= 0)
return 0;
REF_PRINT_COUNT("DSA", r);
REF_ASSERT_ISNT(i < 2);
return ((i > 1) ? 1 : 0);
}
int BIO_up_ref(BIO *a)
{
int i;
if (CRYPTO_atomic_add(&a->references, 1, &i, a->lock) <= 0)
return 0;
REF_PRINT_COUNT("BIO", a);
REF_ASSERT_ISNT(i < 2);
return ((i > 1) ? 1 : 0);
}
int SSL_SESSION_up_ref(SSL_SESSION *ss)
{
int i;
if (CRYPTO_UP_REF(&ss->references, &i, ss->lock) <= 0)
return 0;
REF_PRINT_COUNT("SSL_SESSION", ss);
REF_ASSERT_ISNT(i < 2);
return ((i > 1) ? 1 : 0);
}
int EVP_PKEY_up_ref(EVP_PKEY *pkey)
{
int i;
if (CRYPTO_UP_REF(&pkey->references, &i, pkey->lock) <= 0)
return 0;
REF_PRINT_COUNT("EVP_PKEY", pkey);
REF_ASSERT_ISNT(i < 2);
return ((i > 1) ? 1 : 0);
}
int DSO_up_ref(DSO *dso)
{
int i;
if (dso == NULL) {
DSOerr(DSO_F_DSO_UP_REF, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (CRYPTO_UP_REF(&dso->references, &i, dso->lock) <= 0)
return 0;
REF_PRINT_COUNT("DSO", r);
REF_ASSERT_ISNT(i < 2);
return ((i > 1) ? 1 : 0);
}
void EVP_PKEY_free(EVP_PKEY *x)
{
int i;
if (x == NULL)
return;
i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_EVP_PKEY);
REF_PRINT_COUNT("EVP_PKEY", x);
if (i > 0)
return;
REF_ASSERT_ISNT(i < 0);
EVP_PKEY_free_it(x);
sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
OPENSSL_free(x);
}
void EVP_PKEY_free(EVP_PKEY *x)
{
int i;
if (x == NULL)
return;
CRYPTO_DOWN_REF(&x->references, &i, x->lock);
REF_PRINT_COUNT("EVP_PKEY", x);
if (i > 0)
return;
REF_ASSERT_ISNT(i < 0);
EVP_PKEY_free_it(x);
CRYPTO_THREAD_lock_free(x->lock);
sk_X509_ATTRIBUTE_pop_free(x->attributes, X509_ATTRIBUTE_free);
OPENSSL_free(x);
}
void SSL_SESSION_free(SSL_SESSION *ss)
{
int i;
if (ss == NULL)
return;
CRYPTO_DOWN_REF(&ss->references, &i, ss->lock);
REF_PRINT_COUNT("SSL_SESSION", ss);
if (i > 0)
return;
REF_ASSERT_ISNT(i < 0);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data);
OPENSSL_cleanse(ss->master_key, sizeof ss->master_key);
OPENSSL_cleanse(ss->session_id, sizeof ss->session_id);
X509_free(ss->peer);
sk_X509_pop_free(ss->peer_chain, X509_free);
sk_SSL_CIPHER_free(ss->ciphers);
OPENSSL_free(ss->ext.hostname);
OPENSSL_free(ss->ext.tick);
#ifndef OPENSSL_NO_EC
OPENSSL_free(ss->ext.ecpointformats);
ss->ext.ecpointformats = NULL;
ss->ext.ecpointformats_len = 0;
OPENSSL_free(ss->ext.supportedgroups);
ss->ext.supportedgroups = NULL;
ss->ext.supportedgroups_len = 0;
#endif /* OPENSSL_NO_EC */
#ifndef OPENSSL_NO_PSK
OPENSSL_free(ss->psk_identity_hint);
OPENSSL_free(ss->psk_identity);
#endif
#ifndef OPENSSL_NO_SRP
OPENSSL_free(ss->srp_username);
#endif
OPENSSL_free(ss->ext.alpn_selected);
OPENSSL_free(ss->ext.tick_nonce);
CRYPTO_THREAD_lock_free(ss->lock);
OPENSSL_clear_free(ss, sizeof(*ss));
}
void RSA_free(RSA *r)
{
int i;
if (r == NULL)
return;
CRYPTO_DOWN_REF(&r->references, &i, r->lock);
REF_PRINT_COUNT("RSA", r);
if (i > 0)
return;
REF_ASSERT_ISNT(i < 0);
if (r->meth->finish)
r->meth->finish(r);
#ifndef OPENSSL_NO_ENGINE
ENGINE_finish(r->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
CRYPTO_THREAD_lock_free(r->lock);
BN_clear_free(r->n);
BN_clear_free(r->e);
BN_clear_free(r->d);
BN_clear_free(r->p);
BN_clear_free(r->q);
BN_clear_free(r->dmp1);
BN_clear_free(r->dmq1);
BN_clear_free(r->iqmp);
RSA_PSS_PARAMS_free(r->pss);
sk_RSA_PRIME_INFO_pop_free(r->prime_infos, rsa_multip_info_free);
BN_BLINDING_free(r->blinding);
BN_BLINDING_free(r->mt_blinding);
OPENSSL_free(r->bignum_data);
OPENSSL_free(r);
}
void RSA_free(RSA *r)
{
int i;
if (r == NULL)
return;
CRYPTO_atomic_add(&r->references, -1, &i, r->lock);
REF_PRINT_COUNT("RSA", r);
if (i > 0)
return;
REF_ASSERT_ISNT(i < 0);
if (r->meth != NULL && r->meth->finish != NULL)
r->meth->finish(r);
#ifndef OPENSSL_NO_ENGINE
ENGINE_finish(r->engine);
#endif
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
CRYPTO_THREAD_lock_free(r->lock);
BN_clear_free(r->n);
BN_clear_free(r->e);
BN_clear_free(r->d);
BN_clear_free(r->p);
BN_clear_free(r->q);
BN_clear_free(r->dmp1);
BN_clear_free(r->dmq1);
BN_clear_free(r->iqmp);
BN_BLINDING_free(r->blinding);
BN_BLINDING_free(r->mt_blinding);
OPENSSL_free(r->bignum_data);
OPENSSL_free(r);
}