From: Rob Percival Date: Mon, 7 Mar 2016 18:38:06 +0000 (+0000) Subject: Treat boolean functions as booleans X-Git-Tag: OpenSSL_1_1_0-pre4~143 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=70073f3e3aeb3b7dd15f20b557a8340a197d976e;p=oweals%2Fopenssl.git Treat boolean functions as booleans Use "!x" instead of "x <= 0", as these functions never return a negative value. Reviewed-by: Emilia Käsper Reviewed-by: Rich Salz --- diff --git a/apps/s_client.c b/apps/s_client.c index 725dcd3a83..25f51487f1 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1669,7 +1669,7 @@ int s_client_main(int argc, char **argv) goto end; } - if (ctx_set_ctlog_list_file(ctx, ctlog_file) <= 0) { + if (!ctx_set_ctlog_list_file(ctx, ctlog_file)) { ERR_print_errors(bio_err); goto end; } diff --git a/crypto/ct/ct_log.c b/crypto/ct/ct_log.c index 4f3fe3c794..f2af35b733 100644 --- a/crypto/ct/ct_log.c +++ b/crypto/ct/ct_log.c @@ -243,26 +243,24 @@ int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file) if (load_ctx->conf == NULL) goto end; - ret = NCONF_load(load_ctx->conf, file, NULL); - if (ret <= 0) { + if (NCONF_load(load_ctx->conf, file, NULL) <= 0) { CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID); goto end; } enabled_logs = NCONF_get_string(load_ctx->conf, NULL, "enabled_logs"); if (enabled_logs == NULL) { - ret = 0; CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID); goto end; } - ret = CONF_parse_list(enabled_logs, ',', 1, ctlog_store_load_log, load_ctx); - if (ret == 1 && load_ctx->invalid_log_entries > 0) { - ret = 0; + if (!CONF_parse_list(enabled_logs, ',', 1, ctlog_store_load_log, load_ctx) || + load_ctx->invalid_log_entries > 0) { CTerr(CT_F_CTLOG_STORE_LOAD_FILE, CT_R_LOG_CONF_INVALID); goto end; } + ret = 1; end: NCONF_free(load_ctx->conf); ctlog_store_load_ctx_free(load_ctx); diff --git a/crypto/ct/ct_prn.c b/crypto/ct/ct_prn.c index 3983c3cb3b..bb669d577a 100644 --- a/crypto/ct/ct_prn.c +++ b/crypto/ct/ct_prn.c @@ -69,7 +69,7 @@ static void SCT_signature_algorithms_print(const SCT *sct, BIO *out) { int nid = SCT_get_signature_nid(sct); - if (nid <= 0) + if (nid == NID_undef) BIO_printf(out, "%02X%02X", sct->hash_alg, sct->sig_alg); else BIO_printf(out, "%s", OBJ_nid2ln(nid)); diff --git a/crypto/ct/ct_vfy.c b/crypto/ct/ct_vfy.c index 236678363b..9895231d1b 100644 --- a/crypto/ct/ct_vfy.c +++ b/crypto/ct/ct_vfy.c @@ -204,13 +204,13 @@ static int sct_ctx_update(EVP_MD_CTX *ctx, const SCT_CTX *sctx, const SCT *sct) int SCT_verify(const SCT_CTX *sctx, const SCT *sct) { EVP_MD_CTX *ctx = NULL; - int ret = -1; + int ret = 0; if (!SCT_is_complete(sct) || sctx->pkey == NULL || sct->entry_type == CT_LOG_ENTRY_TYPE_NOT_SET || (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT && sctx->ihash == NULL)) { CTerr(CT_F_SCT_VERIFY, CT_R_SCT_NOT_SET); - return -1; + return 0; } if (sct->version != SCT_VERSION_V1) { CTerr(CT_F_SCT_VERIFY, CT_R_SCT_UNSUPPORTED_VERSION); @@ -251,7 +251,7 @@ int SCT_verify_v1(SCT *sct, X509 *cert, X509 *preissuer, if (!SCT_is_complete(sct)) { CTerr(CT_F_SCT_VERIFY_V1, CT_R_SCT_NOT_SET); - return -1; + return 0; } if (sct->version != 0) { @@ -263,22 +263,17 @@ int SCT_verify_v1(SCT *sct, X509 *cert, X509 *preissuer, if (sctx == NULL) goto done; - ret = SCT_CTX_set1_pubkey(sctx, log_pubkey); - if (ret <= 0) + if (!SCT_CTX_set1_pubkey(sctx, log_pubkey)) goto done; - ret = SCT_CTX_set1_cert(sctx, cert, preissuer); - if (ret <= 0) + if (!SCT_CTX_set1_cert(sctx, cert, preissuer)) goto done; - if (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT) { - ret = SCT_CTX_set1_issuer(sctx, issuer_cert); - if (ret <= 0) - goto done; - } + if (sct->entry_type == CT_LOG_ENTRY_TYPE_PRECERT && + !SCT_CTX_set1_issuer(sctx, issuer_cert)) + goto done; ret = SCT_verify(sctx, sct); - done: SCT_CTX_free(sctx); return ret; diff --git a/include/openssl/ct.h b/include/openssl/ct.h index 0f29f3c82c..fa5175f29d 100644 --- a/include/openssl/ct.h +++ b/include/openssl/ct.h @@ -347,15 +347,13 @@ void SCT_LIST_print(const STACK_OF(SCT) *sct_list, BIO *out, int indent, /* * Verifies an SCT with the given context. - * Returns 1 if the SCT verifies successfully, 0 if it cannot be verified and a - * negative integer if an error occurs. + * Returns 1 if the SCT verifies successfully, 0 otherwise. */ __owur int SCT_verify(const SCT_CTX *sctx, const SCT *sct); /* * Verifies an SCT against the provided data. - * Returns 1 if the SCT verifies successfully, 0 if it cannot be verified and a - * negative integer if an error occurs. + * Returns 1 if the SCT verifies successfully, 0 otherwise. */ __owur int SCT_verify_v1(SCT *sct, X509 *cert, X509 *preissuer, X509_PUBKEY *log_pubkey, X509 *issuer_cert);