Treat boolean functions as booleans

Use "!x" instead of "x <= 0", as these functions never return a negative
value.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

diff --git a/apps/s_client.c b/apps/s_client.c
index 725dcd3a837f2b19ceee4e26b2a35a45c38f1336..25f51487f1c05a3ef3b5f5bd50f6f5bd563f5cad 100644 (file)
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1669,7 +1669,7 @@ int s_client_main(int argc, char **argv)
         goto end;
     }
 
-    if (ctx_set_ctlog_list_file(ctx, ctlog_file) <= 0) {
+    if (!ctx_set_ctlog_list_file(ctx, ctlog_file)) {
         ERR_print_errors(bio_err);
         goto end;
     }

diff --git a/crypto/ct/ct_log.c b/crypto/ct/ct_log.c
index 4f3fe3c7940301b40df800311fa1ad0569653632..f2af35b73306ab062f9cecffadedd7ad0633f58a 100644 (file)
--- a/crypto/ct/ct_log.c
+++ b/crypto/ct/ct_log.c
@@ -243,26 +243,24 @@ int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file)
     if (load_ctx->conf == NULL)
         goto end;
 
-    ret = NCONF_load(load_ctx->conf, file, NULL);
-    if (ret <= 0) {
+    if (NCONF_load(load_ctx->conf, file, NULL) <= 0) {
         CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);
         goto end;
     }
 
     enabled_logs = NCONF_get_string(load_ctx->conf, NULL, "enabled_logs");
     if (enabled_logs == NULL) {
-        ret = 0;
         CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);
         goto end;
     }
 
-    ret = CONF_parse_list(enabled_logs, ',', 1, ctlog_store_load_log, load_ctx);
-    if (ret == 1 && load_ctx->invalid_log_entries > 0) {
-        ret = 0;
+    if (!CONF_parse_list(enabled_logs, ',', 1, ctlog_store_load_log, load_ctx) ||
+        load_ctx->invalid_log_entries > 0) {
         CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID);
         goto end;
     }
 
+    ret = 1;
 end:
     NCONF_free(load_ctx->conf);
     ctlog_store_load_ctx_free(load_ctx);

diff --git a/crypto/ct/ct_prn.c b/crypto/ct/ct_prn.c
index 3983c3cb3b1c49cd9c13497e7bd1f6b92ddc9b4d..bb669d577a53d6f567b9b22b46124fdff4faace1 100644 (file)
--- a/crypto/ct/ct_prn.c
+++ b/crypto/ct/ct_prn.c
@@ -69,7 +69,7 @@ static void SCT_signature_algorithms_print(const SCT *sct, BIO *out)
 {
     int nid = SCT_get_signature_nid(sct);
 
-    if (nid <= 0)
+    if (nid == NID_undef)
         BIO_printf(out, "%02X%02X", sct->hash_alg, sct->sig_alg);
     else
         BIO_printf(out, "%s", OBJ_nid2ln(nid));

diff --git a/crypto/ct/ct_vfy.c b/crypto/ct/ct_vfy.c
index 236678363bd91d9365fd3fece9003db8eb5ea55e..9895231d1bab601f1f9385c013478823d10bd457 100644 (file)
--- a/crypto/ct/ct_vfy.c
+++ b/crypto/ct/ct_vfy.c
@@ -204,13 +204,13 @@ static int sct_ctx_update(EVP_MD_CTX *ctx, const SCT_CTX *sctx, const SCT *sct)
 int SCT_verify(const SCT_CTX *sctx, const SCT *sct)
 {
     EVP_MD_CTX *ctx = NULL;
-    int ret = -1;
+    int ret = 0;
 
     if (!SCT_is_complete(sct) || sctx->pkey == NULL ||
         sct->entry_type == CT_LOG_ENTRY_TYPE_NOT_SET ||
         (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT && sctx->ihash == NULL)) {
         CTerr(CT_F_SCT_VERIFY, CT_R_SCT_NOT_SET);
-        return -1;
+        return 0;
     }
     if (sct->version != SCT_VERSION_V1) {
         CTerr(CT_F_SCT_VERIFY, CT_R_SCT_UNSUPPORTED_VERSION);
@@ -251,7 +251,7 @@ int SCT_verify_v1(SCT *sct, X509 *cert, X509 *preissuer,
 
     if (!SCT_is_complete(sct)) {
         CTerr(CT_F_SCT_VERIFY_V1, CT_R_SCT_NOT_SET);
-        return -1;
+        return 0;
     }
 
     if (sct->version != 0) {
@@ -263,22 +263,17 @@ int SCT_verify_v1(SCT *sct, X509 *cert, X509 *preissuer,
     if (sctx == NULL)
         goto done;
 
-    ret = SCT_CTX_set1_pubkey(sctx, log_pubkey);
-    if (ret <= 0)
+    if (!SCT_CTX_set1_pubkey(sctx, log_pubkey))
         goto done;
 
-    ret = SCT_CTX_set1_cert(sctx, cert, preissuer);
-    if (ret <= 0)
+    if (!SCT_CTX_set1_cert(sctx, cert, preissuer))
         goto done;
 
-    if (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT) {
-        ret = SCT_CTX_set1_issuer(sctx, issuer_cert);
-        if (ret <= 0)
-            goto done;
-    }
+    if (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT &&
+        !SCT_CTX_set1_issuer(sctx, issuer_cert))
+        goto done;
 
     ret = SCT_verify(sctx, sct);
-
 done:
     SCT_CTX_free(sctx);
     return ret;

diff --git a/include/openssl/ct.h b/include/openssl/ct.h
index 0f29f3c82c70fbc5899c29f90e81663bde0ef01c..fa5175f29d7e6c7fd9066999ddeb4031cefa0c5f 100644 (file)
--- a/include/openssl/ct.h
+++ b/include/openssl/ct.h
@@ -347,15 +347,13 @@ void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent,
 
 /*
  * Verifies an SCT with the given context.
- * Returns 1 if the SCT verifies successfully, 0 if it cannot be verified and a
- * negative integer if an error occurs.
+ * Returns 1 if the SCT verifies successfully, 0 otherwise.
  */
 __owur int SCT_verify(const SCT_CTX *sctx, const SCT *sct);
 
 /*
  * Verifies an SCT against the provided data.
- * Returns 1 if the SCT verifies successfully, 0 if it cannot be verified and a
- * negative integer if an error occurs.
+ * Returns 1 if the SCT verifies successfully, 0 otherwise.
  */
 __owur int SCT_verify_v1(SCT *sct, X509 *cert, X509 *preissuer,
                   X509_PUBKEY *log_pubkey, X509 *issuer_cert);