Clean up return paths in openconnect_obtain_cookie()

This should fix a potential leak of orig_host and orig_path, and cleans
the code up to have a single exit once the fun starts.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

http.c

@@ -1071,7 +1071,7 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo)
 newgroup:
 	result = xmlpost_initial_req(vpninfo, request_body, sizeof(request_body), 0);
 	if (result < 0)
-		return result;
+		goto out;
 
 	orig_host = strdup(vpninfo->hostname);
 	orig_path = vpninfo->urlpath ? strdup(vpninfo->urlpath) : NULL;
@@ -1098,21 +1098,21 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo)
 				}
 				openconnect_close_https(vpninfo, 0);
 			} else {
-				free(orig_host);
-				return -EIO;
+				result = -EIO;
+				goto out;
 			}
 		}
 
-		buflen = do_https_request(vpninfo, method, request_body_type, request_body,
+		result = do_https_request(vpninfo, method, request_body_type, request_body,
 					  &form_buf, 0);
-		if (vpninfo->got_cancel_cmd)
-			return 1;
-		if (buflen == -EINVAL)
-			goto fail;
-		if (buflen < 0) {
-			free(orig_host);
-			return buflen;
+		if (vpninfo->got_cancel_cmd) {
+			result = 1;
+			goto out;
 		}
+		if (result == -EINVAL)
+			goto fail;
+		if (result < 0)
+			goto out;
 
 		/* Some ASAs forget to send the TLS cert request on the initial connection.
 		 * If we have a client cert, disable HTTP keepalive until we get a real
@@ -1164,9 +1164,6 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo)
 	if (vpninfo->xmlpost)
 		vpn_progress(vpninfo, PRG_INFO, _("XML POST enabled\n"));
 
-	free (orig_host);
-	free (orig_path);
-
 	/* Step 4: Run the CSD trojan, if applicable */
 	if (vpninfo->csd_starturl && vpninfo->csd_waiturl) {
 		buflen = 0;
@@ -1300,6 +1297,9 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo)
 	fetch_config(vpninfo);
 
 out:
+	free (orig_host);
+	free (orig_path);
+
 	free(form_path);
 	free(form_buf);
 	free_auth_form(form);