This allows removal of goto jumps during loading of the credentials
and will simplify the diff in following commits.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
crypto/tlscredsx509.c | 35 +++++++++++++++--------------------
1 file changed, 15 insertions(+), 20 deletions(-)
diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c
index 8fe6cc8e93..e5b869a35f 100644
--- a/crypto/tlscredsx509.c
+++ b/crypto/tlscredsx509.c
@@ -562,10 +562,12 @@ static int
qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
Error **errp)
{
- char *cacert = NULL, *cacrl = NULL, *cert = NULL,
- *key = NULL, *dhparams = NULL;
+ g_autofree char *cacert = NULL;
+ g_autofree char *cacrl = NULL;
+ g_autofree char *cert = NULL;
+ g_autofree char *key = NULL;
+ g_autofree char *dhparams = NULL;
int ret;
- int rv = -1;
if (!creds->parent_obj.dir) {
error_setg(errp, "Missing 'dir' property value");
@@ -590,7 +592,7 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
qcrypto_tls_creds_get_path(&creds->parent_obj,
QCRYPTO_TLS_CREDS_DH_PARAMS,
false, &dhparams, errp) < 0) {
- goto cleanup;
+ return -1;
}
} else {
if (qcrypto_tls_creds_get_path(&creds->parent_obj,
@@ -602,7 +604,7 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
qcrypto_tls_creds_get_path(&creds->parent_obj,
QCRYPTO_TLS_CREDS_X509_CLIENT_KEY,
false, &key, errp) < 0) {
- goto cleanup;
+ return -1;
}
}
@@ -610,14 +612,14 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
qcrypto_tls_creds_x509_sanity_check(creds,
creds->parent_obj.endpoint == QCRYPTO_TLS_CREDS_ENDPOINT_SERVER,
cacert, cert, errp) < 0) {
- goto cleanup;
+ return -1;
}
ret = gnutls_certificate_allocate_credentials(&creds->data);
if (ret < 0) {
error_setg(errp, "Cannot allocate credentials: '%s'",
gnutls_strerror(ret));
- goto cleanup;
+ return -1;
}
ret = gnutls_certificate_set_x509_trust_file(creds->data,
@@ -626,7 +628,7 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
if (ret < 0) {
error_setg(errp, "Cannot load CA certificate '%s': %s",
cacert, gnutls_strerror(ret));
- goto cleanup;
+ return -1;
}
if (cert != NULL && key != NULL) {
@@ -635,7 +637,7 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
password = qcrypto_secret_lookup_as_utf8(creds->passwordid,
errp);
if (!password) {
- goto cleanup;
+ return -1;
}
}
ret = gnutls_certificate_set_x509_key_file2(creds->data,
@@ -647,7 +649,7 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
if (ret < 0) {
error_setg(errp, "Cannot load certificate '%s' & key '%s': %s",
cert, key, gnutls_strerror(ret));
- goto cleanup;
+ return -1;
}
}
@@ -658,7 +660,7 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
if (ret < 0) {
error_setg(errp, "Cannot load CRL '%s': %s",
cacrl, gnutls_strerror(ret));
- goto cleanup;
+ return -1;
}
}
@@ -666,20 +668,13 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
if (qcrypto_tls_creds_get_dh_params_file(&creds->parent_obj, dhparams,
&creds->parent_obj.dh_params,
errp) < 0) {
- goto cleanup;
+ return -1;
}
gnutls_certificate_set_dh_params(creds->data,
creds->parent_obj.dh_params);
}
- rv = 0;
- cleanup:
- g_free(cacert);
- g_free(cacrl);
- g_free(cert);
- g_free(key);
- g_free(dhparams);
- return rv;
+ return 0;
}
--
2.51.1
Hi
On Thu, Oct 30, 2025 at 6:48 PM Daniel P. Berrangé <berrange@redhat.com>
wrote:
> This allows removal of goto jumps during loading of the credentials
> and will simplify the diff in following commits.
>
>
If you want, you could also g_autofree password.
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
> ---
> crypto/tlscredsx509.c | 35 +++++++++++++++--------------------
> 1 file changed, 15 insertions(+), 20 deletions(-)
>
> diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c
> index 8fe6cc8e93..e5b869a35f 100644
> --- a/crypto/tlscredsx509.c
> +++ b/crypto/tlscredsx509.c
> @@ -562,10 +562,12 @@ static int
> qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
> Error **errp)
> {
> - char *cacert = NULL, *cacrl = NULL, *cert = NULL,
> - *key = NULL, *dhparams = NULL;
> + g_autofree char *cacert = NULL;
> + g_autofree char *cacrl = NULL;
> + g_autofree char *cert = NULL;
> + g_autofree char *key = NULL;
> + g_autofree char *dhparams = NULL;
> int ret;
> - int rv = -1;
>
> if (!creds->parent_obj.dir) {
> error_setg(errp, "Missing 'dir' property value");
> @@ -590,7 +592,7 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
> qcrypto_tls_creds_get_path(&creds->parent_obj,
> QCRYPTO_TLS_CREDS_DH_PARAMS,
> false, &dhparams, errp) < 0) {
> - goto cleanup;
> + return -1;
> }
> } else {
> if (qcrypto_tls_creds_get_path(&creds->parent_obj,
> @@ -602,7 +604,7 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
> qcrypto_tls_creds_get_path(&creds->parent_obj,
> QCRYPTO_TLS_CREDS_X509_CLIENT_KEY,
> false, &key, errp) < 0) {
> - goto cleanup;
> + return -1;
> }
> }
>
> @@ -610,14 +612,14 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509
> *creds,
> qcrypto_tls_creds_x509_sanity_check(creds,
> creds->parent_obj.endpoint ==
> QCRYPTO_TLS_CREDS_ENDPOINT_SERVER,
> cacert, cert, errp) < 0) {
> - goto cleanup;
> + return -1;
> }
>
> ret = gnutls_certificate_allocate_credentials(&creds->data);
> if (ret < 0) {
> error_setg(errp, "Cannot allocate credentials: '%s'",
> gnutls_strerror(ret));
> - goto cleanup;
> + return -1;
> }
>
> ret = gnutls_certificate_set_x509_trust_file(creds->data,
> @@ -626,7 +628,7 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
> if (ret < 0) {
> error_setg(errp, "Cannot load CA certificate '%s': %s",
> cacert, gnutls_strerror(ret));
> - goto cleanup;
> + return -1;
> }
>
> if (cert != NULL && key != NULL) {
> @@ -635,7 +637,7 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
> password = qcrypto_secret_lookup_as_utf8(creds->passwordid,
> errp);
> if (!password) {
> - goto cleanup;
> + return -1;
> }
> }
> ret = gnutls_certificate_set_x509_key_file2(creds->data,
> @@ -647,7 +649,7 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
> if (ret < 0) {
> error_setg(errp, "Cannot load certificate '%s' & key '%s':
> %s",
> cert, key, gnutls_strerror(ret));
> - goto cleanup;
> + return -1;
> }
> }
>
> @@ -658,7 +660,7 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
> if (ret < 0) {
> error_setg(errp, "Cannot load CRL '%s': %s",
> cacrl, gnutls_strerror(ret));
> - goto cleanup;
> + return -1;
> }
> }
>
> @@ -666,20 +668,13 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509
> *creds,
> if (qcrypto_tls_creds_get_dh_params_file(&creds->parent_obj,
> dhparams,
>
> &creds->parent_obj.dh_params,
> errp) < 0) {
> - goto cleanup;
> + return -1;
> }
> gnutls_certificate_set_dh_params(creds->data,
> creds->parent_obj.dh_params);
> }
>
> - rv = 0;
> - cleanup:
> - g_free(cacert);
> - g_free(cacrl);
> - g_free(cert);
> - g_free(key);
> - g_free(dhparams);
> - return rv;
> + return 0;
> }
>
>
> --
> 2.51.1
>
>
On Thu, Oct 30, 2025 at 11:23:44PM +0400, Marc-André Lureau wrote: > Hi > > On Thu, Oct 30, 2025 at 6:48 PM Daniel P. Berrangé <berrange@redhat.com> > wrote: > > > This allows removal of goto jumps during loading of the credentials > > and will simplify the diff in following commits. > > > > > If you want, you could also g_autofree password. Yes, I'll add that. > > Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> > > > > Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> > With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
© 2016 - 2025 Red Hat, Inc.