generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Treat boolean functions as booleans

Browse Source 
Use "!x" instead of "x <= 0", as these functions never return a negative
value.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Rob Percival
2016-03-07 18:38:06 +00:00
committed by Rich Salz
parent 8c92c4eac0
commit 70073f3e3a
5 changed files with 16 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
apps/s_client.c
View File

@@ -1669,7 +1669,7 @@ int s_client_main(int argc, char **argv)
goto end; goto end;
} }
if (ctx_set_ctlog_list_file(ctx, ctlog_file) <= 0) { if (!ctx_set_ctlog_list_file(ctx, ctlog_file)) {
ERR_print_errors(bio_err); ERR_print_errors(bio_err);
goto end; goto end;
} }

10
crypto/ct/ct_log.c
View File

@@ -243,26 +243,24 @@ int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file)
if (load_ctx->conf == NULL) if (load_ctx->conf == NULL)
goto end; goto end;
ret = NCONF_load(load_ctx->conf, file, NULL); if (NCONF_load(load_ctx->conf, file, NULL) <= 0) {
if (ret <= 0) {
CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID); CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);
goto end; goto end;
} }
enabled_logs = NCONF_get_string(load_ctx->conf, NULL, "enabled_logs"); enabled_logs = NCONF_get_string(load_ctx->conf, NULL, "enabled_logs");
if (enabled_logs == NULL) { if (enabled_logs == NULL) {
ret = 0;
CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID); CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);
goto end; goto end;
} }
ret = CONF_parse_list(enabled_logs, ',', 1, ctlog_store_load_log, load_ctx); if (!CONF_parse_list(enabled_logs, ',', 1, ctlog_store_load_log, load_ctx) ||
if (ret == 1 && load_ctx->invalid_log_entries > 0) { load_ctx->invalid_log_entries > 0) {
ret = 0;
CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID); CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);
goto end; goto end;
} }
ret = 1;
end: end:
NCONF_free(load_ctx->conf); NCONF_free(load_ctx->conf);
ctlog_store_load_ctx_free(load_ctx); ctlog_store_load_ctx_free(load_ctx);

2
crypto/ct/ct_prn.c
View File

@@ -69,7 +69,7 @@ static void SCT_signature_algorithms_print(const SCT *sct, BIO *out)
{ {
int nid = SCT_get_signature_nid(sct); int nid = SCT_get_signature_nid(sct);
if (nid <= 0) if (nid == NID_undef)
BIO_printf(out, "%02X%02X", sct->hash_alg, sct->sig_alg); BIO_printf(out, "%02X%02X", sct->hash_alg, sct->sig_alg);
else else
BIO_printf(out, "%s", OBJ_nid2ln(nid)); BIO_printf(out, "%s", OBJ_nid2ln(nid));

21
crypto/ct/ct_vfy.c
View File

@@ -204,13 +204,13 @@ static int sct_ctx_update(EVP_MD_CTX *ctx, const SCT_CTX *sctx, const SCT *sct)
int SCT_verify(const SCT_CTX *sctx, const SCT *sct) int SCT_verify(const SCT_CTX *sctx, const SCT *sct)
{ {
EVP_MD_CTX *ctx = NULL; EVP_MD_CTX *ctx = NULL;
int ret = -1; int ret = 0;
if (!SCT_is_complete(sct) || sctx->pkey == NULL || if (!SCT_is_complete(sct) || sctx->pkey == NULL ||
sct->entry_type == CT_LOG_ENTRY_TYPE_NOT_SET || sct->entry_type == CT_LOG_ENTRY_TYPE_NOT_SET ||
(sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT && sctx->ihash == NULL)) { (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT && sctx->ihash == NULL)) {
CTerr(CT_F_SCT_VERIFY, CT_R_SCT_NOT_SET); CTerr(CT_F_SCT_VERIFY, CT_R_SCT_NOT_SET);
return -1; return 0;
} }
if (sct->version != SCT_VERSION_V1) { if (sct->version != SCT_VERSION_V1) {
CTerr(CT_F_SCT_VERIFY, CT_R_SCT_UNSUPPORTED_VERSION); CTerr(CT_F_SCT_VERIFY, CT_R_SCT_UNSUPPORTED_VERSION);
@@ -251,7 +251,7 @@ int SCT_verify_v1(SCT *sct, X509 *cert, X509 *preissuer,
if (!SCT_is_complete(sct)) { if (!SCT_is_complete(sct)) {
CTerr(CT_F_SCT_VERIFY_V1, CT_R_SCT_NOT_SET); CTerr(CT_F_SCT_VERIFY_V1, CT_R_SCT_NOT_SET);
return -1; return 0;
} }
if (sct->version != 0) { if (sct->version != 0) {
@@ -263,22 +263,17 @@ int SCT_verify_v1(SCT *sct, X509 *cert, X509 *preissuer,
if (sctx == NULL) if (sctx == NULL)
goto done; goto done;
ret = SCT_CTX_set1_pubkey(sctx, log_pubkey); if (!SCT_CTX_set1_pubkey(sctx, log_pubkey))
if (ret <= 0)
goto done; goto done;
ret = SCT_CTX_set1_cert(sctx, cert, preissuer); if (!SCT_CTX_set1_cert(sctx, cert, preissuer))
if (ret <= 0)
goto done; goto done;
if (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT) { if (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT &&
ret = SCT_CTX_set1_issuer(sctx, issuer_cert); !SCT_CTX_set1_issuer(sctx, issuer_cert))
if (ret <= 0) goto done;
goto done;
}
ret = SCT_verify(sctx, sct); ret = SCT_verify(sctx, sct);
done: done:
SCT_CTX_free(sctx); SCT_CTX_free(sctx);
return ret; return ret;

6
include/openssl/ct.h
View File

@@ -347,15 +347,13 @@ void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent,
/* /*
* Verifies an SCT with the given context. * Verifies an SCT with the given context.
* Returns 1 if the SCT verifies successfully, 0 if it cannot be verified and a * Returns 1 if the SCT verifies successfully, 0 otherwise.
* negative integer if an error occurs.
*/ */
__owur int SCT_verify(const SCT_CTX *sctx, const SCT *sct); __owur int SCT_verify(const SCT_CTX *sctx, const SCT *sct);
/* /*
* Verifies an SCT against the provided data. * Verifies an SCT against the provided data.
* Returns 1 if the SCT verifies successfully, 0 if it cannot be verified and a * Returns 1 if the SCT verifies successfully, 0 otherwise.
* negative integer if an error occurs.
*/ */
__owur int SCT_verify_v1(SCT *sct, X509 *cert, X509 *preissuer, __owur int SCT_verify_v1(SCT *sct, X509 *cert, X509 *preissuer,
X509_PUBKEY *log_pubkey, X509 *issuer_cert); X509_PUBKEY *log_pubkey, X509 *issuer_cert);