diff --git a/apps/app_rand.c b/apps/app_rand.c index 0d44af903b..8a85cc9114 100644 --- a/apps/app_rand.c +++ b/apps/app_rand.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -19,18 +19,19 @@ int app_RAND_load_file(const char *file, int dont_warn) int consider_randfile = (file == NULL); char buffer[200]; - if (file == NULL) + if (file == NULL) { file = RAND_file_name(buffer, sizeof buffer); #ifndef OPENSSL_NO_EGD - else if (RAND_egd(file) > 0) { + } else if (RAND_egd(file) > 0) { /* * we try if the given filename is an EGD socket. if it is, we don't * write anything back to the file. */ egdsocket = 1; return 1; - } #endif + } + if (file == NULL || !RAND_load_file(file, -1)) { if (RAND_status() == 0) { if (!dont_warn) { diff --git a/apps/apps.c b/apps/apps.c index 15cf4a76f0..a89d4eb5e6 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -140,9 +140,8 @@ int ctx_set_verify_locations(SSL_CTX *ctx, const char *CAfile, int ctx_set_ctlog_list_file(SSL_CTX *ctx, const char *path) { - if (path == NULL) { + if (path == NULL) return SSL_CTX_set_default_ctlog_list_file(ctx); - } return SSL_CTX_set_ctlog_list_file(ctx, path); } @@ -312,8 +311,7 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp) if (ok >= 0) do { ok = UI_process(ui); - } - while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0)); + } while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0)); OPENSSL_clear_free(buff, (unsigned int)bufsiz); @@ -342,22 +340,24 @@ static char *app_get_pass(const char *arg, int keepbio); int app_passwd(const char *arg1, const char *arg2, char **pass1, char **pass2) { int same; - if (!arg2 || !arg1 || strcmp(arg1, arg2)) + if (arg2 == NULL || arg1 == NULL || strcmp(arg1, arg2)) same = 0; else same = 1; - if (arg1) { + if (arg1 != NULL) { *pass1 = app_get_pass(arg1, same); - if (!*pass1) + if (*pass1 == NULL) return 0; - } else if (pass1) + } else if (pass1 != NULL) { *pass1 = NULL; - if (arg2) { + } + if (arg2 != NULL) { *pass2 = app_get_pass(arg2, same ? 2 : 0); - if (!*pass2) + if (*pass2 == NULL) return 0; - } else if (pass2) + } else if (pass2 != NULL) { *pass2 = NULL; + } return 1; } @@ -371,16 +371,16 @@ static char *app_get_pass(const char *arg, int keepbio) return OPENSSL_strdup(arg + 5); if (strncmp(arg, "env:", 4) == 0) { tmp = getenv(arg + 4); - if (!tmp) { + if (tmp == NULL) { BIO_printf(bio_err, "Can't read environment variable %s\n", arg + 4); return NULL; } return OPENSSL_strdup(tmp); } - if (!keepbio || !pwdbio) { + if (!keepbio || pwdbio == NULL) { if (strncmp(arg, "file:", 5) == 0) { pwdbio = BIO_new_file(arg + 5, "r"); - if (!pwdbio) { + if (pwdbio == NULL) { BIO_printf(bio_err, "Can't open file %s\n", arg + 5); return NULL; } @@ -429,7 +429,7 @@ static char *app_get_pass(const char *arg, int keepbio) return NULL; } tmp = strchr(tpass, '\n'); - if (tmp) + if (tmp != NULL) *tmp = 0; return OPENSSL_strdup(tpass); } @@ -454,6 +454,7 @@ static CONF *app_load_config_(BIO *in, const char *filename) NCONF_free(conf); return NULL; } + CONF *app_load_config(const char *filename) { BIO *in; @@ -467,6 +468,7 @@ CONF *app_load_config(const char *filename) BIO_free(in); return conf; } + CONF *app_load_config_quiet(const char *filename) { BIO *in; @@ -540,9 +542,9 @@ static int load_pkcs12(BIO *in, const char *desc, goto die; } /* See if an empty password will do */ - if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, NULL, 0)) + if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, NULL, 0)) { pass = ""; - else { + } else { if (!pem_cb) pem_cb = (pem_password_cb *)password_callback; len = pem_cb(tpass, PEM_BUFSIZE, 0, cb_data); @@ -603,8 +605,7 @@ static int load_cert_crl_http(const char *url, X509 **pcert, X509_CRL **pcrl) OPENSSL_free(host); OPENSSL_free(path); OPENSSL_free(port); - if (bio) - BIO_free_all(bio); + BIO_free_all(bio); OCSP_REQ_CTX_free(rctx); if (rv != 1) { BIO_printf(bio_err, "Error loading %s from %s\n", @@ -630,17 +631,18 @@ X509 *load_cert(const char *file, int format, const char *cert_descrip) if (file == NULL) { unbuffer(stdin); cert = dup_bio_in(format); - } else + } else { cert = bio_open_default(file, 'r', format); + } if (cert == NULL) goto end; - if (format == FORMAT_ASN1) + if (format == FORMAT_ASN1) { x = d2i_X509_bio(cert, NULL); - else if (format == FORMAT_PEM) + } else if (format == FORMAT_PEM) { x = PEM_read_bio_X509_AUX(cert, NULL, (pem_password_cb *)password_callback, NULL); - else if (format == FORMAT_PKCS12) { + } else if (format == FORMAT_PKCS12) { if (!load_pkcs12(cert, cert_descrip, NULL, NULL, NULL, &x, NULL)) goto end; } else { @@ -671,11 +673,11 @@ X509_CRL *load_crl(const char *infile, int format) in = bio_open_default(infile, 'r', format); if (in == NULL) goto end; - if (format == FORMAT_ASN1) + if (format == FORMAT_ASN1) { x = d2i_X509_CRL_bio(in, NULL); - else if (format == FORMAT_PEM) + } else if (format == FORMAT_PEM) { x = PEM_read_bio_X509_CRL(in, NULL, NULL, NULL); - else { + } else { BIO_printf(bio_err, "bad input format specified for input crl\n"); goto end; } @@ -705,9 +707,9 @@ EVP_PKEY *load_key(const char *file, int format, int maybe_stdin, goto end; } if (format == FORMAT_ENGINE) { - if (e == NULL) + if (e == NULL) { BIO_printf(bio_err, "no engine specified\n"); - else { + } else { #ifndef OPENSSL_NO_ENGINE if (ENGINE_init(e)) { pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data); @@ -726,8 +728,9 @@ EVP_PKEY *load_key(const char *file, int format, int maybe_stdin, if (file == NULL && maybe_stdin) { unbuffer(stdin); key = dup_bio_in(format); - } else + } else { key = bio_open_default(file, 'r', format); + } if (key == NULL) goto end; if (format == FORMAT_ASN1) { @@ -736,21 +739,19 @@ EVP_PKEY *load_key(const char *file, int format, int maybe_stdin, pkey = PEM_read_bio_PrivateKey(key, NULL, (pem_password_cb *)password_callback, &cb_data); - } - else if (format == FORMAT_PKCS12) { + } else if (format == FORMAT_PKCS12) { if (!load_pkcs12(key, key_descrip, (pem_password_cb *)password_callback, &cb_data, &pkey, NULL, NULL)) goto end; - } #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) && !defined (OPENSSL_NO_RC4) - else if (format == FORMAT_MSBLOB) + } else if (format == FORMAT_MSBLOB) { pkey = b2i_PrivateKey_bio(key); - else if (format == FORMAT_PVK) + } else if (format == FORMAT_PVK) { pkey = b2i_PVK_bio(key, (pem_password_cb *)password_callback, &cb_data); #endif - else { + } else { BIO_printf(bio_err, "bad input format specified for key file\n"); goto end; } @@ -778,9 +779,9 @@ EVP_PKEY *load_pubkey(const char *file, int format, int maybe_stdin, goto end; } if (format == FORMAT_ENGINE) { - if (e == NULL) + if (e == NULL) { BIO_printf(bio_err, "no engine specified\n"); - else { + } else { #ifndef OPENSSL_NO_ENGINE pkey = ENGINE_load_public_key(e, file, ui_method, &cb_data); if (pkey == NULL) { @@ -796,14 +797,14 @@ EVP_PKEY *load_pubkey(const char *file, int format, int maybe_stdin, if (file == NULL && maybe_stdin) { unbuffer(stdin); key = dup_bio_in(format); - } else + } else { key = bio_open_default(file, 'r', format); + } if (key == NULL) goto end; if (format == FORMAT_ASN1) { pkey = d2i_PUBKEY_bio(key, NULL); - } - else if (format == FORMAT_ASN1RSA) { + } else if (format == FORMAT_ASN1RSA) { #ifndef OPENSSL_NO_RSA RSA *rsa; rsa = d2i_RSAPublicKey_bio(key, NULL); @@ -833,16 +834,15 @@ EVP_PKEY *load_pubkey(const char *file, int format, int maybe_stdin, BIO_printf(bio_err, "RSA keys not supported\n"); #endif pkey = NULL; - } - else if (format == FORMAT_PEM) { + } else if (format == FORMAT_PEM) { pkey = PEM_read_bio_PUBKEY(key, NULL, (pem_password_cb *)password_callback, &cb_data); - } #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) - else if (format == FORMAT_MSBLOB) + } else if (format == FORMAT_MSBLOB) { pkey = b2i_PublicKey_bio(key); #endif + } end: BIO_free(key); if (pkey == NULL) @@ -880,36 +880,36 @@ static int load_certs_crls(const char *file, int format, BIO_free(bio); - if (pcerts && *pcerts == NULL) { + if (pcerts != NULL && *pcerts == NULL) { *pcerts = sk_X509_new_null(); - if (!*pcerts) + if (*pcerts == NULL) goto end; } - if (pcrls && *pcrls == NULL) { + if (pcrls != NULL && *pcrls == NULL) { *pcrls = sk_X509_CRL_new_null(); - if (!*pcrls) + if (*pcrls == NULL) goto end; } for (i = 0; i < sk_X509_INFO_num(xis); i++) { xi = sk_X509_INFO_value(xis, i); - if (xi->x509 && pcerts) { + if (xi->x509 != NULL && pcerts != NULL) { if (!sk_X509_push(*pcerts, xi->x509)) goto end; xi->x509 = NULL; } - if (xi->crl && pcrls) { + if (xi->crl != NULL && pcrls != NULL) { if (!sk_X509_CRL_push(*pcrls, xi->crl)) goto end; xi->crl = NULL; } } - if (pcerts && sk_X509_num(*pcerts) > 0) + if (pcerts != NULL && sk_X509_num(*pcerts) > 0) rv = 1; - if (pcrls && sk_X509_CRL_num(*pcrls) > 0) + if (pcrls != NULL && sk_X509_CRL_num(*pcrls) > 0) rv = 1; end: @@ -917,11 +917,11 @@ static int load_certs_crls(const char *file, int format, sk_X509_INFO_pop_free(xis, X509_INFO_free); if (rv == 0) { - if (pcerts) { + if (pcerts != NULL) { sk_X509_pop_free(*pcerts, X509_free); *pcerts = NULL; } - if (pcrls) { + if (pcrls != NULL) { sk_X509_CRL_pop_free(*pcrls, X509_CRL_free); *pcrls = NULL; } @@ -1126,8 +1126,9 @@ static int set_table_opts(unsigned long *flags, const char *arg, } else if (c == '+') { c = 1; arg++; - } else + } else { c = 1; + } for (ptbl = in_tbl; ptbl->name; ptbl++) { if (strcasecmp(arg, ptbl->name) == 0) { @@ -1172,9 +1173,9 @@ void print_bignum_var(BIO *out, const BIGNUM *in, const char *var, int len, unsigned char *buffer) { BIO_printf(out, " static unsigned char %s_%d[] = {", var, len); - if (BN_is_zero(in)) + if (BN_is_zero(in)) { BIO_printf(out, "\n\t0x00"); - else { + } else { int i, l; l = BN_bn2bin(in, buffer); @@ -1189,6 +1190,7 @@ void print_bignum_var(BIO *out, const BIGNUM *in, const char *var, } BIO_printf(out, "\n };\n"); } + void print_array(BIO *out, const char* title, int len, const unsigned char* d) { int i; @@ -1222,8 +1224,9 @@ X509_STORE *setup_verify(const char *CAfile, const char *CApath, int noCAfile, i BIO_printf(bio_err, "Error loading file %s\n", CAfile); goto end; } - } else + } else { X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT); + } } if (CApath != NULL || !noCApath) { @@ -1235,8 +1238,9 @@ X509_STORE *setup_verify(const char *CAfile, const char *CApath, int noCAfile, i BIO_printf(bio_err, "Error loading directory %s\n", CApath); goto end; } - } else + } else { X509_LOOKUP_add_dir(lookup, NULL, X509_FILETYPE_DEFAULT); + } } ERR_clear_error(); @@ -1267,7 +1271,7 @@ ENGINE *setup_engine(const char *engine, int debug) ENGINE *e = NULL; #ifndef OPENSSL_NO_ENGINE - if (engine) { + if (engine != NULL) { if (strcmp(engine, "auto") == 0) { BIO_printf(bio_err, "enabling auto ENGINE support\n"); ENGINE_register_all_complete(); @@ -1873,8 +1877,9 @@ static void nodes_print(const char *name, STACK_OF(X509_POLICY_NODE) *nodes) node = sk_X509_POLICY_NODE_value(nodes, i); X509_POLICY_NODE_print(bio_err, node, 2); } - } else + } else { BIO_puts(bio_err, " \n"); + } } void policies_print(X509_STORE_CTX *ctx) @@ -1919,8 +1924,9 @@ unsigned char *next_protos_parse(size_t *outlen, const char *in) } out[start] = i - start; start = i + 1; - } else + } else { out[i + 1] = in[i]; + } } *outlen = len + 1; @@ -2229,9 +2235,9 @@ double app_tminterval(int stop, int usertime) if (usertime) now = rus.tms_utime; - if (stop == TM_START) + if (stop == TM_START) { tmstart = now; - else { + } else { long int tck = sysconf(_SC_CLK_TCK); ret = (now - tmstart) / (double)tck; } @@ -2368,7 +2374,7 @@ int raw_read_stdin(void *buf, int siz) return (-1); } #elif defined(__VMS) -#include +# include int raw_read_stdin(void *buf, int siz) { diff --git a/apps/asn1pars.c b/apps/asn1pars.c index c4b2038bdd..048d65f748 100644 --- a/apps/asn1pars.c +++ b/apps/asn1pars.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -194,9 +194,7 @@ int asn1parse_main(int argc, char **argv) ERR_print_errors(bio_err); goto end; } - } - - else { + } else { if (informat == FORMAT_PEM) { BIO *tmp; @@ -273,7 +271,7 @@ int asn1parse_main(int argc, char **argv) if ((length == 0) || ((long)length > num)) length = (unsigned int)num; - if (derout) { + if (derout != NULL) { if (BIO_write(derout, str + offset, length) != (int)length) { BIO_printf(bio_err, "Error writing output\n"); ERR_print_errors(bio_err); @@ -323,12 +321,12 @@ static int do_generate(char *genstr, const char *genconf, BUF_MEM *buf) unsigned char *p; ASN1_TYPE *atyp = NULL; - if (genconf) { + if (genconf != NULL) { if ((cnf = app_load_config(genconf)) == NULL) goto err; - if (!genstr) + if (genstr == NULL) genstr = NCONF_get_string(cnf, "default", "asn1"); - if (!genstr) { + if (genstr == NULL) { BIO_printf(bio_err, "Can't find 'asn1' in '%s'\n", genconf); goto err; } @@ -338,7 +336,7 @@ static int do_generate(char *genstr, const char *genconf, BUF_MEM *buf) NCONF_free(cnf); cnf = NULL; - if (!atyp) + if (atyp == NULL) return -1; len = i2d_ASN1_TYPE(atyp, NULL); diff --git a/apps/ca.c b/apps/ca.c index 7e6e1031b0..91d962ff56 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -471,17 +471,17 @@ end_of_options: app_RAND_load_file(randfile, 0); f = NCONF_get_string(conf, section, STRING_MASK); - if (!f) + if (f == NULL) ERR_clear_error(); - if (f && !ASN1_STRING_set_default_mask_asc(f)) { + if (f != NULL && !ASN1_STRING_set_default_mask_asc(f)) { BIO_printf(bio_err, "Invalid global string mask setting %s\n", f); goto end; } if (chtype != MBSTRING_UTF8) { f = NCONF_get_string(conf, section, UTF8_IN); - if (!f) + if (f == NULL) ERR_clear_error(); else if (strcmp(f, "yes") == 0) chtype = MBSTRING_UTF8; @@ -489,9 +489,9 @@ end_of_options: db_attr.unique_subject = 1; p = NCONF_get_string(conf, section, ENV_UNIQUE_SUBJECT); - if (p) { + if (p != NULL) db_attr.unique_subject = parse_yesno(p, 1); - } else + else ERR_clear_error(); /*****************************************************************/ @@ -520,7 +520,7 @@ end_of_options: && (keyfile = lookup_conf(conf, section, ENV_PRIVATE_KEY)) == NULL) goto end; - if (!key) { + if (key == NULL) { free_key = 1; if (!app_passwd(passinarg, NULL, &key, NULL)) { BIO_printf(bio_err, "Error getting password\n"); @@ -528,12 +528,11 @@ end_of_options: } } pkey = load_key(keyfile, keyformat, 0, key, e, "CA private key"); - if (key) + if (key != NULL) OPENSSL_cleanse(key, strlen(key)); - if (pkey == NULL) { + if (pkey == NULL) /* load_key() has already printed an appropriate message */ goto end; - } /*****************************************************************/ /* we need a certificate */ @@ -568,7 +567,7 @@ end_of_options: f = NCONF_get_string(conf, section, ENV_NAMEOPT); - if (f) { + if (f != NULL) { if (!set_nameopt(f)) { BIO_printf(bio_err, "Invalid name options: \"%s\"\n", f); goto end; @@ -578,24 +577,26 @@ end_of_options: f = NCONF_get_string(conf, section, ENV_CERTOPT); - if (f) { + if (f != NULL) { if (!set_cert_ex(&certopt, f)) { BIO_printf(bio_err, "Invalid certificate options: \"%s\"\n", f); goto end; } default_op = 0; - } else + } else { ERR_clear_error(); + } f = NCONF_get_string(conf, section, ENV_EXTCOPY); - if (f) { + if (f != NULL) { if (!set_ext_copy(&ext_copy, f)) { BIO_printf(bio_err, "Invalid extension copy option: \"%s\"\n", f); goto end; } - } else + } else { ERR_clear_error(); + } /*****************************************************************/ /* lookup where to write new certificates */ @@ -774,17 +775,17 @@ end_of_options: if (serialfile == NULL) goto end; - if (!extconf) { + if (extconf == NULL) { /* * no '-extfile' option, so we look for extensions in the main * configuration file */ - if (!extensions) { + if (extensions == NULL) { extensions = NCONF_get_string(conf, section, ENV_EXTENSIONS); - if (!extensions) + if (extensions == NULL) ERR_clear_error(); } - if (extensions) { + if (extensions != NULL) { /* Check syntax of file */ X509V3_CTX ctx; X509V3_set_ctx_test(&ctx); @@ -805,7 +806,7 @@ end_of_options: if (startdate == NULL) ERR_clear_error(); } - if (startdate && !ASN1_TIME_set_string_X509(NULL, startdate)) { + if (startdate != NULL && !ASN1_TIME_set_string_X509(NULL, startdate)) { BIO_printf(bio_err, "start date is invalid, it should be YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ\n"); goto end; @@ -818,7 +819,7 @@ end_of_options: if (enddate == NULL) ERR_clear_error(); } - if (enddate && !ASN1_TIME_set_string_X509(NULL, enddate)) { + if (enddate != NULL && !ASN1_TIME_set_string_X509(NULL, enddate)) { BIO_printf(bio_err, "end date is invalid, it should be YYMMDDHHMMSSZ or YYYYMMDDHHMMSSZ\n"); goto end; @@ -828,7 +829,7 @@ end_of_options: if (!NCONF_get_number(conf, section, ENV_DEFAULT_DAYS, &days)) days = 0; } - if (!enddate && (days == 0)) { + if (enddate == NULL && (days == 0)) { BIO_printf(bio_err, "cannot lookup how many days to certify for\n"); goto end; @@ -839,9 +840,9 @@ end_of_options: goto end; } if (verbose) { - if (BN_is_zero(serial)) + if (BN_is_zero(serial)) { BIO_printf(bio_err, "next serial number is 00\n"); - else { + } else { if ((f = BN_bn2hex(serial)) == NULL) goto end; BIO_printf(bio_err, "next serial number is %s\n", f); @@ -1045,12 +1046,12 @@ end_of_options: /*****************************************************************/ if (gencrl) { int crl_v2 = 0; - if (!crl_ext) { + if (crl_ext == NULL) { crl_ext = NCONF_get_string(conf, section, ENV_CRLEXT); - if (!crl_ext) + if (crl_ext == NULL) ERR_clear_error(); } - if (crl_ext) { + if (crl_ext != NULL) { /* Check syntax of file */ X509V3_CTX ctx; X509V3_set_ctx_test(&ctx); @@ -1141,12 +1142,12 @@ end_of_options: /* Add any extensions asked for */ - if (crl_ext || crlnumberfile != NULL) { + if (crl_ext != NULL || crlnumberfile != NULL) { X509V3_CTX crlctx; X509V3_set_ctx(&crlctx, x509, NULL, NULL, crl, 0); X509V3_set_nconf(&crlctx, conf); - if (crl_ext) + if (crl_ext != NULL) if (!X509V3_EXT_CRL_add_nconf(conf, &crlctx, crl_ext, crl)) goto end; if (crlnumberfile != NULL) { @@ -1160,7 +1161,7 @@ end_of_options: goto end; } } - if (crl_ext || crl_v2) { + if (crl_ext != NULL || crl_v2) { if (!X509_CRL_set_version(crl, 1)) goto end; /* version 2 CRL */ } @@ -1297,8 +1298,9 @@ static int certify(X509 **xret, const char *infile, EVP_PKEY *pkey, X509 *x509, "Signature did not match the certificate request\n"); ERR_print_errors(bio_err); goto end; - } else + } else { BIO_printf(bio_err, "Signature ok\n"); + } ok = do_body(xret, pkey, x509, dgst, sigopts, policy, db, serial, subj, chtype, multirdn, email_dn, startdate, enddate, days, batch, @@ -1346,8 +1348,9 @@ static int certify_cert(X509 **xret, const char *infile, EVP_PKEY *pkey, X509 *x ok = 0; BIO_printf(bio_err, "Signature did not match the certificate\n"); goto end; - } else + } else { BIO_printf(bio_err, "Signature ok\n"); + } if ((rreq = X509_to_X509_REQ(req, NULL, NULL)) == NULL) goto end; @@ -1502,8 +1505,9 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, "The %s field needed to be supplied and was missing\n", cv->name); goto end; - } else + } else { push = tne; + } } else if (strcmp(cv->value, "match") == 0) { int last2; @@ -1578,9 +1582,9 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, * And add it later on because of the method extensions are added (altName) */ - if (email_dn) + if (email_dn) { dn_subject = subject; - else { + } else { X509_NAME_ENTRY *tmpne; /* * Its best to dup the subject DN and then delete any email addresses @@ -1718,7 +1722,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, else X509V3_set_ctx(&ctx, x509, ret, req, NULL, 0); - if (extconf) { + if (extconf != NULL) { if (verbose) BIO_printf(bio_err, "Extra configuration file found\n"); @@ -2505,9 +2509,9 @@ int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold, goto end; } - if (reason_code == 7) + if (reason_code == 7) { reason_code = OCSP_REVOKED_STATUS_REMOVEFROMCRL; - else if (reason_code == 8) { /* Hold instruction */ + } else if (reason_code == 8) { /* Hold instruction */ if (!arg_str) { BIO_printf(bio_err, "missing hold instruction\n"); goto end; diff --git a/apps/ciphers.c b/apps/ciphers.c index 531bf8db23..3cbcc5e2b6 100644 --- a/apps/ciphers.c +++ b/apps/ciphers.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/apps/cms.c b/apps/cms.c index 3db36fee02..25ee7e8524 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -1,5 +1,5 @@ /* - * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2008-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -477,7 +477,7 @@ int cms_main(int argc, char **argv) break; case OPT_SIGNER: /* If previous -signer argument add signer to list */ - if (signerfile) { + if (signerfile != NULL) { if (sksigners == NULL && (sksigners = sk_OPENSSL_STRING_new_null()) == NULL) goto end; @@ -494,7 +494,7 @@ int cms_main(int argc, char **argv) break; case OPT_INKEY: /* If previous -inkey argument add signer to list */ - if (keyfile) { + if (keyfile != NULL) { if (signerfile == NULL) { BIO_puts(bio_err, "Illegal -inkey without -signer\n"); goto end; @@ -525,8 +525,9 @@ int cms_main(int argc, char **argv) goto end; sk_X509_push(encerts, cert); cert = NULL; - } else + } else { recipfile = opt_arg(); + } break; case OPT_CIPHER: if (!opt_cipher(opt_unknown(), &cipher)) @@ -535,12 +536,12 @@ int cms_main(int argc, char **argv) case OPT_KEYOPT: keyidx = -1; if (operation == SMIME_ENCRYPT) { - if (encerts) + if (encerts != NULL) keyidx += sk_X509_num(encerts); } else { - if (keyfile || signerfile) + if (keyfile != NULL || signerfile != NULL) keyidx++; - if (skkeys) + if (skkeys != NULL) keyidx += sk_OPENSSL_STRING_num(skkeys); } if (keyidx < 0) { @@ -586,60 +587,61 @@ int cms_main(int argc, char **argv) argc = opt_num_rest(); argv = opt_rest(); - if (((rr_allorfirst != -1) || rr_from) && !rr_to) { + if ((rr_allorfirst != -1 || rr_from != NULL) && rr_to == NULL) { BIO_puts(bio_err, "No Signed Receipts Recipients\n"); goto opthelp; } - if (!(operation & SMIME_SIGNERS) && (rr_to || rr_from)) { + if (!(operation & SMIME_SIGNERS) && (rr_to != NULL || rr_from != NULL)) { BIO_puts(bio_err, "Signed receipts only allowed with -sign\n"); goto opthelp; } - if (!(operation & SMIME_SIGNERS) && (skkeys || sksigners)) { + if (!(operation & SMIME_SIGNERS) && (skkeys != NULL || sksigners != NULL)) { BIO_puts(bio_err, "Multiple signers or keys not allowed\n"); goto opthelp; } if (operation & SMIME_SIGNERS) { - if (keyfile && !signerfile) { + if (keyfile != NULL && signerfile == NULL) { BIO_puts(bio_err, "Illegal -inkey without -signer\n"); goto opthelp; } /* Check to see if any final signer needs to be appended */ - if (signerfile) { - if (!sksigners + if (signerfile != NULL) { + if (sksigners == NULL && (sksigners = sk_OPENSSL_STRING_new_null()) == NULL) goto end; sk_OPENSSL_STRING_push(sksigners, signerfile); - if (!skkeys && (skkeys = sk_OPENSSL_STRING_new_null()) == NULL) + if (skkeys == NULL && (skkeys = sk_OPENSSL_STRING_new_null()) == NULL) goto end; - if (!keyfile) + if (keyfile == NULL) keyfile = signerfile; sk_OPENSSL_STRING_push(skkeys, keyfile); } - if (!sksigners) { + if (sksigners == NULL) { BIO_printf(bio_err, "No signer certificate specified\n"); goto opthelp; } signerfile = NULL; keyfile = NULL; need_rand = 1; - } - - else if (operation == SMIME_DECRYPT) { - if (!recipfile && !keyfile && !secret_key && !pwri_pass) { + } else if (operation == SMIME_DECRYPT) { + if (recipfile == NULL && keyfile == NULL + && secret_key == NULL && pwri_pass == NULL) { BIO_printf(bio_err, "No recipient certificate or key specified\n"); goto opthelp; } } else if (operation == SMIME_ENCRYPT) { - if (*argv == NULL && !secret_key && !pwri_pass && !encerts) { + if (*argv == NULL && secret_key == NULL + && pwri_pass == NULL && encerts == NULL) { BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n"); goto opthelp; } need_rand = 1; - } else if (!operation) + } else if (!operation) { goto opthelp; + } if (!app_passwd(passinarg, NULL, &passin, NULL)) { BIO_printf(bio_err, "Error getting password\n"); @@ -658,15 +660,13 @@ int cms_main(int argc, char **argv) if (!(operation & SMIME_SIGNERS)) flags &= ~CMS_DETACHED; - if (!(operation & SMIME_OP)) { + if (!(operation & SMIME_OP)) if (flags & CMS_BINARY) outformat = FORMAT_BINARY; - } - if (!(operation & SMIME_IP)) { + if (!(operation & SMIME_IP)) if (flags & CMS_BINARY) informat = FORMAT_BINARY; - } if (operation == SMIME_ENCRYPT) { if (!cipher) { @@ -683,7 +683,7 @@ int cms_main(int argc, char **argv) goto end; } - if (*argv && !encerts) + if (*argv && encerts == NULL) if ((encerts = sk_X509_new_null()) == NULL) goto end; while (*argv) { @@ -696,7 +696,7 @@ int cms_main(int argc, char **argv) } } - if (certfile) { + if (certfile != NULL) { if (!load_certs(certfile, &other, FORMAT_PEM, NULL, "certificate file")) { ERR_print_errors(bio_err); @@ -704,7 +704,7 @@ int cms_main(int argc, char **argv) } } - if (recipfile && (operation == SMIME_DECRYPT)) { + if (recipfile != NULL && (operation == SMIME_DECRYPT)) { if ((recip = load_cert(recipfile, FORMAT_PEM, "recipient certificate file")) == NULL) { ERR_print_errors(bio_err); @@ -721,17 +721,18 @@ int cms_main(int argc, char **argv) } if (operation == SMIME_DECRYPT) { - if (!keyfile) + if (keyfile == NULL) keyfile = recipfile; } else if ((operation == SMIME_SIGN) || (operation == SMIME_SIGN_RECEIPT)) { - if (!keyfile) + if (keyfile == NULL) keyfile = signerfile; - } else + } else { keyfile = NULL; + } - if (keyfile) { + if (keyfile != NULL) { key = load_key(keyfile, keyform, 0, passin, e, "signing key file"); - if (!key) + if (key == NULL) goto end; } @@ -740,29 +741,29 @@ int cms_main(int argc, char **argv) goto end; if (operation & SMIME_IP) { - if (informat == FORMAT_SMIME) + if (informat == FORMAT_SMIME) { cms = SMIME_read_CMS(in, &indata); - else if (informat == FORMAT_PEM) + } else if (informat == FORMAT_PEM) { cms = PEM_read_bio_CMS(in, NULL, NULL, NULL); - else if (informat == FORMAT_ASN1) + } else if (informat == FORMAT_ASN1) { cms = d2i_CMS_bio(in, NULL); - else { + } else { BIO_printf(bio_err, "Bad input format for CMS file\n"); goto end; } - if (!cms) { + if (cms == NULL) { BIO_printf(bio_err, "Error reading S/MIME message\n"); goto end; } - if (contfile) { + if (contfile != NULL) { BIO_free(indata); if ((indata = BIO_new_file(contfile, "rb")) == NULL) { BIO_printf(bio_err, "Can't read content file %s\n", contfile); goto end; } } - if (certsoutfile) { + if (certsoutfile != NULL) { STACK_OF(X509) *allcerts; allcerts = CMS_get1_certs(cms); if (!save_certs(certsoutfile, allcerts)) { @@ -775,25 +776,25 @@ int cms_main(int argc, char **argv) } } - if (rctfile) { + if (rctfile != NULL) { char *rctmode = (rctformat == FORMAT_ASN1) ? "rb" : "r"; if ((rctin = BIO_new_file(rctfile, rctmode)) == NULL) { BIO_printf(bio_err, "Can't open receipt file %s\n", rctfile); goto end; } - if (rctformat == FORMAT_SMIME) + if (rctformat == FORMAT_SMIME) { rcms = SMIME_read_CMS(rctin, NULL); - else if (rctformat == FORMAT_PEM) + } else if (rctformat == FORMAT_PEM) { rcms = PEM_read_bio_CMS(rctin, NULL, NULL, NULL); - else if (rctformat == FORMAT_ASN1) + } else if (rctformat == FORMAT_ASN1) { rcms = d2i_CMS_bio(rctin, NULL); - else { + } else { BIO_printf(bio_err, "Bad input format for receipt\n"); goto end; } - if (!rcms) { + if (rcms == NULL) { BIO_printf(bio_err, "Error reading receipt\n"); goto end; } @@ -823,7 +824,7 @@ int cms_main(int argc, char **argv) int i; flags |= CMS_PARTIAL; cms = CMS_encrypt(NULL, in, cipher, flags); - if (!cms) + if (cms == NULL) goto end; for (i = 0; i < sk_X509_num(encerts); i++) { CMS_RecipientInfo *ri; @@ -837,9 +838,9 @@ int cms_main(int argc, char **argv) } } ri = CMS_add1_recipient_cert(cms, x, tflags); - if (!ri) + if (ri == NULL) goto end; - if (kparam) { + if (kparam != NULL) { EVP_PKEY_CTX *pctx; pctx = CMS_RecipientInfo_get0_pkey_ctx(ri); if (!cms_set_pkey_param(pctx, kparam->param)) @@ -853,7 +854,7 @@ int cms_main(int argc, char **argv) } } - if (secret_key) { + if (secret_key != NULL) { if (!CMS_add0_recipient_key(cms, NID_undef, secret_key, secret_keylen, secret_keyid, secret_keyidlen, @@ -863,13 +864,13 @@ int cms_main(int argc, char **argv) secret_key = NULL; secret_keyid = NULL; } - if (pwri_pass) { + if (pwri_pass != NULL) { pwri_tmp = (unsigned char *)OPENSSL_strdup((char *)pwri_pass); - if (!pwri_tmp) + if (pwri_tmp == NULL) goto end; - if (!CMS_add0_recipient_password(cms, - -1, NID_undef, NID_undef, - pwri_tmp, -1, NULL)) + if (CMS_add0_recipient_password(cms, + -1, NID_undef, NID_undef, + pwri_tmp, -1, NULL) == NULL) goto end; pwri_tmp = NULL; } @@ -886,11 +887,11 @@ int cms_main(int argc, char **argv) STACK_OF(CMS_SignerInfo) *sis; CMS_SignerInfo *si; sis = CMS_get0_SignerInfos(cms); - if (!sis) + if (sis == NULL) goto end; si = sk_CMS_SignerInfo_value(sis, 0); srcms = CMS_sign_receipt(si, signer, key, other, flags); - if (!srcms) + if (srcms == NULL) goto end; CMS_ContentInfo_free(cms); cms = srcms; @@ -908,21 +909,22 @@ int cms_main(int argc, char **argv) } flags |= CMS_PARTIAL; cms = CMS_sign(NULL, NULL, other, in, flags); - if (!cms) + if (cms == NULL) goto end; - if (econtent_type) + if (econtent_type != NULL) CMS_set1_eContentType(cms, econtent_type); - if (rr_to) { + if (rr_to != NULL) { rr = make_receipt_request(rr_to, rr_allorfirst, rr_from); - if (!rr) { + if (rr == NULL) { BIO_puts(bio_err, "Signed Receipt Request Creation Error\n"); goto end; } } - } else + } else { flags |= CMS_REUSE_DIGEST; + } for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) { CMS_SignerInfo *si; cms_key_param *kparam; @@ -931,10 +933,10 @@ int cms_main(int argc, char **argv) keyfile = sk_OPENSSL_STRING_value(skkeys, i); signer = load_cert(signerfile, FORMAT_PEM, "signer certificate"); - if (!signer) + if (signer == NULL) goto end; key = load_key(keyfile, keyform, 0, passin, e, "signing key file"); - if (!key) + if (key == NULL) goto end; for (kparam = key_first; kparam; kparam = kparam->next) { if (kparam->idx == i) { @@ -943,15 +945,15 @@ int cms_main(int argc, char **argv) } } si = CMS_add1_signer(cms, signer, key, sign_md, tflags); - if (!si) + if (si == NULL) goto end; - if (kparam) { + if (kparam != NULL) { EVP_PKEY_CTX *pctx; pctx = CMS_SignerInfo_get0_pkey_ctx(si); if (!cms_set_pkey_param(pctx, kparam->param)) goto end; } - if (rr && !CMS_add1_ReceiptRequest(si, rr)) + if (rr != NULL && !CMS_add1_ReceiptRequest(si, rr)) goto end; X509_free(signer); signer = NULL; @@ -965,7 +967,7 @@ int cms_main(int argc, char **argv) } } - if (!cms) { + if (cms == NULL) { BIO_printf(bio_err, "Error creating CMS structure\n"); goto end; } @@ -975,7 +977,7 @@ int cms_main(int argc, char **argv) if (flags & CMS_DEBUG_DECRYPT) CMS_decrypt(cms, NULL, NULL, NULL, NULL, flags); - if (secret_key) { + if (secret_key != NULL) { if (!CMS_decrypt_set1_key(cms, secret_key, secret_keylen, secret_keyid, secret_keyidlen)) { @@ -984,14 +986,14 @@ int cms_main(int argc, char **argv) } } - if (key) { + if (key != NULL) { if (!CMS_decrypt_set1_pkey(cms, key, recip)) { BIO_puts(bio_err, "Error decrypting CMS using private key\n"); goto end; } } - if (pwri_pass) { + if (pwri_pass != NULL) { if (!CMS_decrypt_set1_password(cms, pwri_pass, -1)) { BIO_puts(bio_err, "Error decrypting CMS using password\n"); goto end; @@ -1009,9 +1011,9 @@ int cms_main(int argc, char **argv) if (!CMS_uncompress(cms, indata, out, flags)) goto end; } else if (operation == SMIME_DIGEST_VERIFY) { - if (CMS_digest_verify(cms, indata, out, flags) > 0) + if (CMS_digest_verify(cms, indata, out, flags) > 0) { BIO_printf(bio_err, "Verification successful\n"); - else { + } else { BIO_printf(bio_err, "Verification failure\n"); goto end; } @@ -1020,15 +1022,15 @@ int cms_main(int argc, char **argv) indata, out, flags)) goto end; } else if (operation == SMIME_VERIFY) { - if (CMS_verify(cms, other, store, indata, out, flags) > 0) + if (CMS_verify(cms, other, store, indata, out, flags) > 0) { BIO_printf(bio_err, "Verification successful\n"); - else { + } else { BIO_printf(bio_err, "Verification failure\n"); if (verify_retcode) ret = verify_err + 32; goto end; } - if (signerfile) { + if (signerfile != NULL) { STACK_OF(X509) *signers; signers = CMS_get0_signers(cms); if (!save_certs(signerfile, signers)) { @@ -1043,9 +1045,9 @@ int cms_main(int argc, char **argv) receipt_request_print(cms); } else if (operation == SMIME_VERIFY_RECEIPT) { - if (CMS_verify_receipt(rcms, cms, other, store, flags) > 0) + if (CMS_verify_receipt(rcms, cms, other, store, flags) > 0) { BIO_printf(bio_err, "Verification successful\n"); - else { + } else { BIO_printf(bio_err, "Verification failure\n"); goto end; } @@ -1064,11 +1066,11 @@ int cms_main(int argc, char **argv) ret = SMIME_write_CMS(out, cms, indata, flags); else ret = SMIME_write_CMS(out, cms, in, flags); - } else if (outformat == FORMAT_PEM) + } else if (outformat == FORMAT_PEM) { ret = PEM_write_bio_CMS_stream(out, cms, in, flags); - else if (outformat == FORMAT_ASN1) + } else if (outformat == FORMAT_ASN1) { ret = i2d_CMS_bio_stream(out, cms, in, flags); - else { + } else { BIO_printf(bio_err, "Bad output format for CMS file\n"); goto end; } @@ -1122,10 +1124,10 @@ static int save_certs(char *signerfile, STACK_OF(X509) *signers) { int i; BIO *tmp; - if (!signerfile) + if (signerfile == NULL) return 1; tmp = BIO_new_file(signerfile, "w"); - if (!tmp) + if (tmp == NULL) return 0; for (i = 0; i < sk_X509_num(signers); i++) PEM_write_bio_X509(tmp, sk_X509_value(signers, i)); @@ -1185,9 +1187,9 @@ static void receipt_request_print(CMS_ContentInfo *cms) si = sk_CMS_SignerInfo_value(sis, i); rv = CMS_get1_ReceiptRequest(si, &rr); BIO_printf(bio_err, "Signer %d:\n", i + 1); - if (rv == 0) + if (rv == 0) { BIO_puts(bio_err, " No Receipt Request\n"); - else if (rv < 0) { + } else if (rv < 0) { BIO_puts(bio_err, " Receipt Request Parse Error\n"); ERR_print_errors(bio_err); } else { @@ -1200,15 +1202,16 @@ static void receipt_request_print(CMS_ContentInfo *cms) id = (const char *)ASN1_STRING_get0_data(scid); BIO_dump_indent(bio_err, id, idlen, 4); BIO_puts(bio_err, " Receipts From"); - if (rlist) { + if (rlist != NULL) { BIO_puts(bio_err, " List:\n"); gnames_stack_print(rlist); - } else if (allorfirst == 1) + } else if (allorfirst == 1) { BIO_puts(bio_err, ": First Tier\n"); - else if (allorfirst == 0) + } else if (allorfirst == 0) { BIO_puts(bio_err, ": All\n"); - else + } else { BIO_printf(bio_err, " Unknown (%d)\n", allorfirst); + } BIO_puts(bio_err, " Receipts To:\n"); gnames_stack_print(rto); } @@ -1223,12 +1226,12 @@ static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK_OF(OPENSSL_STRING) *ns) GENERAL_NAMES *gens = NULL; GENERAL_NAME *gen = NULL; ret = sk_GENERAL_NAMES_new_null(); - if (!ret) + if (ret == NULL) goto err; for (i = 0; i < sk_OPENSSL_STRING_num(ns); i++) { char *str = sk_OPENSSL_STRING_value(ns, i); gen = a2i_GENERAL_NAME(NULL, NULL, NULL, GEN_EMAIL, str, 0); - if (!gen) + if (gen == NULL) goto err; gens = GENERAL_NAMES_new(); if (gens == NULL) @@ -1257,14 +1260,15 @@ static CMS_ReceiptRequest *make_receipt_request(STACK_OF(OPENSSL_STRING) STACK_OF(GENERAL_NAMES) *rct_to = NULL, *rct_from = NULL; CMS_ReceiptRequest *rr; rct_to = make_names_stack(rr_to); - if (!rct_to) + if (rct_to == NULL) goto err; - if (rr_from) { + if (rr_from != NULL) { rct_from = make_names_stack(rr_from); - if (!rct_from) + if (rct_from == NULL) goto err; - } else + } else { rct_from = NULL; + } rr = CMS_ReceiptRequest_create0(NULL, -1, rr_allorfirst, rct_from, rct_to); return rr; diff --git a/apps/crl2p7.c b/apps/crl2p7.c index cb2461e2e0..95b71e44f1 100644 --- a/apps/crl2p7.c +++ b/apps/crl2p7.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -131,7 +131,7 @@ int crl2pkcs7_main(int argc, char **argv) goto end; p7s->cert = cert_stack; - if (certflst) + if (certflst != NULL) for (i = 0; i < sk_OPENSSL_STRING_num(certflst); i++) { certfile = sk_OPENSSL_STRING_value(certflst, i); if (add_certs_from_file(cert_stack, certfile) < 0) { diff --git a/apps/dgst.c b/apps/dgst.c index 48ab5493c7..545c032737 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -190,7 +190,7 @@ int dgst_main(int argc, char **argv) goto end; } - if (do_verify && !sigfile) { + if (do_verify && sigfile == NULL) { BIO_printf(bio_err, "No signature to verify: use the -signature option\n"); goto end; @@ -217,30 +217,30 @@ int dgst_main(int argc, char **argv) } if (out_bin == -1) { - if (keyfile) + if (keyfile != NULL) out_bin = 1; else out_bin = 0; } - if (randfile) + if (randfile != NULL) app_RAND_load_file(randfile, 0); out = bio_open_default(outfile, 'w', out_bin ? FORMAT_BINARY : FORMAT_TEXT); if (out == NULL) goto end; - if ((! !mac_name + ! !keyfile + ! !hmac_key) > 1) { + if ((!(mac_name == NULL) + !(keyfile == NULL) + !(hmac_key == NULL)) > 1) { BIO_printf(bio_err, "MAC and Signing key cannot both be specified\n"); goto end; } - if (keyfile) { + if (keyfile != NULL) { if (want_pub) sigkey = load_pubkey(keyfile, keyform, 0, NULL, e, "key file"); else sigkey = load_key(keyfile, keyform, 0, passin, e, "key file"); - if (!sigkey) { + if (sigkey == NULL) { /* * load_[pub]key() has already printed an appropriate message */ @@ -248,12 +248,12 @@ int dgst_main(int argc, char **argv) } } - if (mac_name) { + if (mac_name != NULL) { EVP_PKEY_CTX *mac_ctx = NULL; int r = 0; if (!init_gen_str(&mac_ctx, mac_name, impl, 0)) goto mac_end; - if (macopts) { + if (macopts != NULL) { char *macopt; for (i = 0; i < sk_OPENSSL_STRING_num(macopts); i++) { macopt = sk_OPENSSL_STRING_value(macopts, i); @@ -277,14 +277,14 @@ int dgst_main(int argc, char **argv) goto end; } - if (hmac_key) { + if (hmac_key != NULL) { sigkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, impl, (unsigned char *)hmac_key, -1); - if (!sigkey) + if (sigkey == NULL) goto end; } - if (sigkey) { + if (sigkey != NULL) { EVP_MD_CTX *mctx = NULL; EVP_PKEY_CTX *pctx = NULL; int r; @@ -302,7 +302,7 @@ int dgst_main(int argc, char **argv) ERR_print_errors(bio_err); goto end; } - if (sigopts) { + if (sigopts != NULL) { char *sigopt; for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++) { sigopt = sk_OPENSSL_STRING_value(sigopts, i); @@ -331,9 +331,9 @@ int dgst_main(int argc, char **argv) } } - if (sigfile && sigkey) { + if (sigfile != NULL && sigkey != NULL) { BIO *sigbio = BIO_new_file(sigfile, "rb"); - if (!sigbio) { + if (sigbio == NULL) { BIO_printf(bio_err, "Error opening signature file %s\n", sigfile); ERR_print_errors(bio_err); goto end; @@ -363,14 +363,14 @@ int dgst_main(int argc, char **argv) } else { const char *md_name = NULL, *sig_name = NULL; if (!out_bin) { - if (sigkey) { + if (sigkey != NULL) { const EVP_PKEY_ASN1_METHOD *ameth; ameth = EVP_PKEY_get0_asn1(sigkey); if (ameth) EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, &sig_name, ameth); } - if (md) + if (md != NULL) md_name = EVP_MD_name(md); } ret = 0; @@ -380,9 +380,10 @@ int dgst_main(int argc, char **argv) perror(argv[i]); ret++; continue; - } else + } else { r = do_fp(out, buf, inp, separator, out_bin, sigkey, sigbuf, siglen, sig_name, md_name, argv[i]); + } if (r) ret = r; (void)BIO_reset(bmd); @@ -420,13 +421,13 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, if (i == 0) break; } - if (sigin) { + if (sigin != NULL) { EVP_MD_CTX *ctx; BIO_get_md_ctx(bp, &ctx); i = EVP_DigestVerifyFinal(ctx, sigin, (unsigned int)siglen); - if (i > 0) + if (i > 0) { BIO_printf(out, "Verified OK\n"); - else if (i == 0) { + } else if (i == 0) { BIO_printf(out, "Verification Failure\n"); return 1; } else { @@ -436,7 +437,7 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, } return 0; } - if (key) { + if (key != NULL) { EVP_MD_CTX *ctx; BIO_get_md_ctx(bp, &ctx); len = BUFSIZE; @@ -453,22 +454,23 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, } } - if (binout) + if (binout) { BIO_write(out, buf, len); - else if (sep == 2) { + } else if (sep == 2) { for (i = 0; i < (int)len; i++) BIO_printf(out, "%02x", buf[i]); BIO_printf(out, " *%s\n", file); } else { - if (sig_name) { + if (sig_name != NULL) { BIO_puts(out, sig_name); - if (md_name) + if (md_name != NULL) BIO_printf(out, "-%s", md_name); BIO_printf(out, "(%s)= ", file); - } else if (md_name) + } else if (md_name != NULL) { BIO_printf(out, "%s(%s)= ", md_name, file); - else + } else { BIO_printf(out, "(%s)= ", file); + } for (i = 0; i < (int)len; i++) { if (sep && (i != 0)) BIO_printf(out, ":"); diff --git a/apps/dhparam.c b/apps/dhparam.c index 6cd059fd16..fc3a51ead4 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -138,7 +138,7 @@ int dhparam_main(int argc, char **argv) argc = opt_num_rest(); argv = opt_rest(); - if (argv[0] && (!opt_int(argv[0], &num) || num <= 0)) + if (argv[0] != NULL && (!opt_int(argv[0], &num) || num <= 0)) goto end; if (g && !num) @@ -354,10 +354,11 @@ int dhparam_main(int argc, char **argv) i = i2d_DHxparams_bio(out, dh); else i = i2d_DHparams_bio(out, dh); - } else if (q != NULL) + } else if (q != NULL) { i = PEM_write_bio_DHxparams(out, dh); - else + } else { i = PEM_write_bio_DHparams(out, dh); + } if (!i) { BIO_printf(bio_err, "unable to write DH parameters\n"); ERR_print_errors(bio_err); diff --git a/apps/dsa.c b/apps/dsa.c index dddc5b816c..89599fc5c2 100644 --- a/apps/dsa.c +++ b/apps/dsa.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -161,7 +161,7 @@ int dsa_main(int argc, char **argv) else pkey = load_key(infile, informat, 1, passin, e, "Private Key"); - if (pkey) { + if (pkey != NULL) { dsa = EVP_PKEY_get1_DSA(pkey); EVP_PKEY_free(pkey); } @@ -199,16 +199,16 @@ int dsa_main(int argc, char **argv) } BIO_printf(bio_err, "writing DSA key\n"); if (outformat == FORMAT_ASN1) { - if (pubin || pubout) + if (pubin || pubout) { i = i2d_DSA_PUBKEY_bio(out, dsa); - else { + } else { assert(private); i = i2d_DSAPrivateKey_bio(out, dsa); } } else if (outformat == FORMAT_PEM) { - if (pubin || pubout) + if (pubin || pubout) { i = PEM_write_bio_DSA_PUBKEY(out, dsa); - else { + } else { assert(private); i = PEM_write_bio_DSAPrivateKey(out, dsa, enc, NULL, 0, NULL, passout); @@ -232,10 +232,9 @@ int dsa_main(int argc, char **argv) # else i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout); # endif - } - else if (pubin || pubout) + } else if (pubin || pubout) { i = i2b_PublicKey_bio(out, pk); - else { + } else { assert(private); i = i2b_PrivateKey_bio(out, pk); } diff --git a/apps/dsaparam.c b/apps/dsaparam.c index 26fcf1e9d7..cf0a10b109 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -155,10 +155,11 @@ int dsaparam_main(int argc, char **argv) BIO_printf(bio_err, "Error, DSA key generation failed\n"); goto end; } - } else if (informat == FORMAT_ASN1) + } else if (informat == FORMAT_ASN1) { dsa = d2i_DSAparams_bio(in, NULL); - else + } else { dsa = PEM_read_bio_DSAparams(in, NULL, NULL, NULL); + } if (dsa == NULL) { BIO_printf(bio_err, "unable to load DSA parameters\n"); ERR_print_errors(bio_err); diff --git a/apps/ec.c b/apps/ec.c index 06f357d1dd..859623e2a3 100644 --- a/apps/ec.c +++ b/apps/ec.c @@ -244,20 +244,20 @@ int ec_main(int argc, char **argv) BIO_printf(bio_err, "writing EC key\n"); if (outformat == FORMAT_ASN1) { - if (param_out) + if (param_out) { i = i2d_ECPKParameters_bio(out, group); - else if (pubin || pubout) + } else if (pubin || pubout) { i = i2d_EC_PUBKEY_bio(out, eckey); - else { + } else { assert(private); i = i2d_ECPrivateKey_bio(out, eckey); } } else { - if (param_out) + if (param_out) { i = PEM_write_bio_ECPKParameters(out, group); - else if (pubin || pubout) + } else if (pubin || pubout) { i = PEM_write_bio_EC_PUBKEY(out, eckey); - else { + } else { assert(private); i = PEM_write_bio_ECPrivateKey(out, eckey, enc, NULL, 0, NULL, passout); @@ -267,8 +267,9 @@ int ec_main(int argc, char **argv) if (!i) { BIO_printf(bio_err, "unable to write private key\n"); ERR_print_errors(bio_err); - } else + } else { ret = 0; + } end: BIO_free(in); BIO_free_all(out); diff --git a/apps/ecparam.c b/apps/ecparam.c index 7d4cef1006..a3696c9d95 100644 --- a/apps/ecparam.c +++ b/apps/ecparam.c @@ -1,5 +1,5 @@ /* - * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2002-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -232,8 +232,9 @@ int ecparam_main(int argc, char **argv) BIO_printf(bio_err, "using curve name prime256v1 " "instead of secp256r1\n"); nid = NID_X9_62_prime256v1; - } else + } else { nid = OBJ_sn2nid(curve_name); + } if (nid == 0) nid = EC_curve_nist2nid(curve_name); @@ -250,10 +251,11 @@ int ecparam_main(int argc, char **argv) } EC_GROUP_set_asn1_flag(group, asn1_flag); EC_GROUP_set_point_conversion_form(group, form); - } else if (informat == FORMAT_ASN1) + } else if (informat == FORMAT_ASN1) { group = d2i_ECPKParameters_bio(in, NULL); - else + } else { group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL); + } if (group == NULL) { BIO_printf(bio_err, "unable to load elliptic curve parameters\n"); ERR_print_errors(bio_err); diff --git a/apps/enc.c b/apps/enc.c index 157cb943b6..1ff1d6bf91 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -113,13 +113,13 @@ int enc_main(int argc, char **argv) /* first check the program name */ prog = opt_progname(argv[0]); - if (strcmp(prog, "base64") == 0) + if (strcmp(prog, "base64") == 0) { base64 = 1; #ifdef ZLIB - else if (strcmp(prog, "zlib") == 0) + } else if (strcmp(prog, "zlib") == 0) { do_zlib = 1; #endif - else { + } else { cipher = EVP_get_cipherbyname(prog); if (cipher == NULL && strcmp(prog, "enc") != 0) { BIO_printf(bio_err, "%s is not a known cipher\n", prog); @@ -292,12 +292,13 @@ int enc_main(int argc, char **argv) if (infile == NULL) { in = dup_bio_in(informat); - } else + } else { in = bio_open_default(infile, 'r', informat); + } if (in == NULL) goto end; - if (!str && passarg) { + if (str == NULL && passarg != NULL) { if (!app_passwd(passarg, NULL, &pass, NULL)) { BIO_printf(bio_err, "Error getting password\n"); goto end; @@ -393,17 +394,18 @@ int enc_main(int argc, char **argv) unsigned char *sptr; size_t str_len = strlen(str); - if (nosalt) + if (nosalt) { sptr = NULL; - else { + } else { if (enc) { if (hsalt) { if (!set_hex(hsalt, salt, sizeof salt)) { BIO_printf(bio_err, "invalid hex salt value\n"); goto end; } - } else if (RAND_bytes(salt, sizeof salt) <= 0) + } else if (RAND_bytes(salt, sizeof salt) <= 0) { goto end; + } /* * If -P option then don't bother writing */ diff --git a/apps/engine.c b/apps/engine.c index 1ead525fb8..49f53ee34f 100644 --- a/apps/engine.c +++ b/apps/engine.c @@ -1,5 +1,5 @@ /* - * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -147,7 +147,7 @@ static int util_verbose(ENGINE *e, int verbose, BIO *out, const char *indent) } cmds = sk_OPENSSL_STRING_new_null(); - if (!cmds) + if (cmds == NULL) goto err; do { @@ -249,9 +249,9 @@ static void util_do_cmds(ENGINE *e, STACK_OF(OPENSSL_STRING) *cmds, if (!ENGINE_ctrl_cmd_string(e, buf, arg, 0)) res = 0; } - if (res) + if (res) { BIO_printf(out, "[Success]: %s\n", cmd); - else { + } else { BIO_printf(out, "[Failure]: %s\n", cmd); ERR_print_errors(out); } @@ -380,7 +380,7 @@ int engine_main(int argc, char **argv) goto end; fn_c = ENGINE_get_ciphers(e); - if (!fn_c) + if (fn_c == NULL) goto skip_ciphers; n = fn_c(e, NULL, &nids, 0); for (k = 0; k < n; ++k) @@ -389,7 +389,7 @@ int engine_main(int argc, char **argv) skip_ciphers: fn_d = ENGINE_get_digests(e); - if (!fn_d) + if (fn_d == NULL) goto skip_digests; n = fn_d(e, NULL, &nids, 0); for (k = 0; k < n; ++k) @@ -398,14 +398,14 @@ int engine_main(int argc, char **argv) skip_digests: fn_pk = ENGINE_get_pkey_meths(e); - if (!fn_pk) + if (fn_pk == NULL) goto skip_pmeths; n = fn_pk(e, NULL, &nids, 0); for (k = 0; k < n; ++k) if (!append_buf(&cap_buf, &cap_size, OBJ_nid2sn(nids[k]))) goto end; skip_pmeths: - if (cap_buf && (*cap_buf != '\0')) + if (cap_buf != NULL && (*cap_buf != '\0')) BIO_printf(out, " [%s]\n", cap_buf); OPENSSL_free(cap_buf); diff --git a/apps/errstr.c b/apps/errstr.c index 6bbbe2f6ae..8b993fa20e 100644 --- a/apps/errstr.c +++ b/apps/errstr.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -50,9 +50,9 @@ int errstr_main(int argc, char **argv) ret = 0; for (argv = opt_rest(); *argv; argv++) { - if (sscanf(*argv, "%lx", &l) == 0) + if (sscanf(*argv, "%lx", &l) == 0) { ret++; - else { + } else { /* We're not really an SSL application so this won't auto-init, but * we're still interested in SSL error strings */ diff --git a/apps/genpkey.c b/apps/genpkey.c index 8f556f371b..469ea1c943 100644 --- a/apps/genpkey.c +++ b/apps/genpkey.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -156,9 +156,9 @@ int genpkey_main(int argc, char **argv) } } - if (do_param) + if (do_param) { rv = PEM_write_bio_Parameters(out, pkey); - else if (outformat == FORMAT_PEM) { + } else if (outformat == FORMAT_PEM) { assert(private); rv = PEM_write_bio_PrivateKey(out, pkey, cipher, NULL, 0, NULL, pass); } else if (outformat == FORMAT_ASN1) { diff --git a/apps/ocsp.c b/apps/ocsp.c index c461e76ea3..0b938328d4 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -1,5 +1,5 @@ /* - * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -219,10 +219,10 @@ int ocsp_main(int argc, char **argv) char *prog; reqnames = sk_OPENSSL_STRING_new_null(); - if (!reqnames) + if (reqnames == NULL) goto end; ids = sk_OCSP_CERTID_new_null(); - if (!ids) + if (ids == NULL) goto end; if ((vpm = X509_VERIFY_PARAM_new()) == NULL) return 1; @@ -471,64 +471,65 @@ int ocsp_main(int argc, char **argv) goto opthelp; /* Have we anything to do? */ - if (!req && !reqin && !respin && !(port && ridx_filename)) + if (req == NULL&& reqin == NULL + && respin == NULL && !(port != NULL && ridx_filename != NULL)) goto opthelp; out = bio_open_default(outfile, 'w', FORMAT_TEXT); if (out == NULL) goto end; - if (!req && (add_nonce != 2)) + if (req == NULL && (add_nonce != 2)) add_nonce = 0; - if (!req && reqin) { + if (req == NULL && reqin != NULL) { derbio = bio_open_default(reqin, 'r', FORMAT_ASN1); if (derbio == NULL) goto end; req = d2i_OCSP_REQUEST_bio(derbio, NULL); BIO_free(derbio); - if (!req) { + if (req == NULL) { BIO_printf(bio_err, "Error reading OCSP request\n"); goto end; } } - if (!req && port) { + if (req == NULL && port != NULL) { acbio = init_responder(port); - if (!acbio) + if (acbio == NULL) goto end; } - if (rsignfile) { - if (!rkeyfile) + if (rsignfile != NULL) { + if (rkeyfile == NULL) rkeyfile = rsignfile; rsigner = load_cert(rsignfile, FORMAT_PEM, "responder certificate"); - if (!rsigner) { + if (rsigner == NULL) { BIO_printf(bio_err, "Error loading responder certificate\n"); goto end; } if (!load_certs(rca_filename, &rca_cert, FORMAT_PEM, NULL, "CA certificate")) goto end; - if (rcertfile) { + if (rcertfile != NULL) { if (!load_certs(rcertfile, &rother, FORMAT_PEM, NULL, "responder other certificates")) goto end; } rkey = load_key(rkeyfile, FORMAT_PEM, 0, NULL, NULL, "responder private key"); - if (!rkey) + if (rkey == NULL) goto end; } - if (acbio) + if (acbio != NULL) BIO_printf(bio_err, "Waiting for OCSP client connections...\n"); - redo_accept: +redo_accept: - if (acbio) { + if (acbio != NULL) { if (!do_responder(&req, &cbio, acbio)) goto end; - if (!req) { + if (req == NULL) { resp = OCSP_response_create(OCSP_RESPONSE_STATUS_MALFORMEDREQUEST, NULL); @@ -537,30 +538,32 @@ int ocsp_main(int argc, char **argv) } } - if (!req && (signfile || reqout || host || add_nonce || ridx_filename)) { + if (req == NULL + && (signfile != NULL || reqout != NULL + || host != NULL || add_nonce || ridx_filename != NULL)) { BIO_printf(bio_err, "Need an OCSP request for this operation!\n"); goto end; } - if (req && add_nonce) + if (req != NULL && add_nonce) OCSP_request_add1_nonce(req, NULL, -1); - if (signfile) { - if (!keyfile) + if (signfile != NULL) { + if (keyfile == NULL) keyfile = signfile; signer = load_cert(signfile, FORMAT_PEM, "signer certificate"); - if (!signer) { + if (signer == NULL) { BIO_printf(bio_err, "Error loading signer certificate\n"); goto end; } - if (sign_certfile) { + if (sign_certfile != NULL) { if (!load_certs(sign_certfile, &sign_other, FORMAT_PEM, NULL, "signer certificates")) goto end; } key = load_key(keyfile, FORMAT_PEM, 0, NULL, NULL, "signer private key"); - if (!key) + if (key == NULL) goto end; if (!OCSP_request_sign @@ -570,10 +573,10 @@ int ocsp_main(int argc, char **argv) } } - if (req_text && req) + if (req_text && req != NULL) OCSP_REQUEST_print(out, req, 0); - if (reqout) { + if (reqout != NULL) { derbio = bio_open_default(reqout, 'w', FORMAT_ASN1); if (derbio == NULL) goto end; @@ -581,43 +584,44 @@ int ocsp_main(int argc, char **argv) BIO_free(derbio); } - if (ridx_filename && (!rkey || !rsigner || !rca_cert)) { + if (ridx_filename != NULL + && (rkey == NULL || rsigner == NULL || rca_cert == NULL)) { BIO_printf(bio_err, "Need a responder certificate, key and CA for this operation!\n"); goto end; } - if (ridx_filename && !rdb) { + if (ridx_filename != NULL && rdb == NULL) { rdb = load_index(ridx_filename, NULL); - if (!rdb) + if (rdb == NULL) goto end; if (!index_index(rdb)) goto end; } - if (rdb) { + if (rdb != NULL) { make_ocsp_response(&resp, req, rdb, rca_cert, rsigner, rkey, rsign_md, rother, rflags, nmin, ndays, badsig); - if (cbio) + if (cbio != NULL) send_ocsp_response(cbio, resp); - } else if (host) { + } else if (host != NULL) { # ifndef OPENSSL_NO_SOCK resp = process_responder(req, host, path, port, use_ssl, headers, req_timeout); - if (!resp) + if (resp == NULL) goto end; # else BIO_printf(bio_err, "Error creating connect BIO - sockets not supported.\n"); goto end; # endif - } else if (respin) { + } else if (respin != NULL) { derbio = bio_open_default(respin, 'r', FORMAT_ASN1); if (derbio == NULL) goto end; resp = d2i_OCSP_RESPONSE_bio(derbio, NULL); BIO_free(derbio); - if (!resp) { + if (resp == NULL) { BIO_printf(bio_err, "Error reading OCSP response\n"); goto end; } @@ -628,7 +632,7 @@ int ocsp_main(int argc, char **argv) done_resp: - if (respout) { + if (respout != NULL) { derbio = bio_open_default(respout, 'w', FORMAT_ASN1); if (derbio == NULL) goto end; @@ -650,7 +654,7 @@ int ocsp_main(int argc, char **argv) OCSP_RESPONSE_print(out, resp, 0); /* If running as responder don't verify our own response */ - if (cbio) { + if (cbio != NULL) { /* If not unlimited, see if we took all we should. */ if (accept_count != -1 && --accept_count <= 0) { ret = 0; @@ -664,26 +668,26 @@ int ocsp_main(int argc, char **argv) resp = NULL; goto redo_accept; } - if (ridx_filename) { + if (ridx_filename != NULL) { ret = 0; goto end; } - if (!store) { + if (store == NULL) { store = setup_verify(CAfile, CApath, noCAfile, noCApath); if (!store) goto end; } if (vpmtouched) X509_STORE_set1_param(store, vpm); - if (verify_certfile) { + if (verify_certfile != NULL) { if (!load_certs(verify_certfile, &verify_other, FORMAT_PEM, NULL, "validator certificate")) goto end; } bs = OCSP_response_get1_basic(resp); - if (!bs) { + if (bs == NULL) { BIO_printf(bio_err, "Error parsing response\n"); goto end; } @@ -691,7 +695,7 @@ int ocsp_main(int argc, char **argv) ret = 0; if (!noverify) { - if (req && ((i = OCSP_check_nonce(req, bs)) <= 0)) { + if (req != NULL && ((i = OCSP_check_nonce(req, bs)) <= 0)) { if (i == -1) BIO_printf(bio_err, "WARNING: no nonce in response\n"); else { @@ -711,9 +715,9 @@ int ocsp_main(int argc, char **argv) BIO_printf(bio_err, "Response Verify Failure\n"); ERR_print_errors(bio_err); ret = 1; - } else + } else { BIO_printf(bio_err, "Response verify OK\n"); - + } } print_ocsp_summary(out, bs, req, reqnames, ids, nsec, maxage); @@ -753,7 +757,8 @@ static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, STACK_OF(OCSP_CERTID) *ids) { OCSP_CERTID *id; - if (!issuer) { + + if (issuer == NULL) { BIO_printf(bio_err, "No issuer certificate specified\n"); return 0; } @@ -762,7 +767,7 @@ static int add_ocsp_cert(OCSP_REQUEST **req, X509 *cert, if (*req == NULL) goto err; id = OCSP_cert_to_id(cert_id_md, cert, issuer); - if (!id || !sk_OCSP_CERTID_push(ids, id)) + if (id == NULL || !sk_OCSP_CERTID_push(ids, id)) goto err; if (!OCSP_request_add0_id(*req, id)) goto err; @@ -781,7 +786,8 @@ static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, X509_NAME *iname; ASN1_BIT_STRING *ikey; ASN1_INTEGER *sno; - if (!issuer) { + + if (issuer == NULL) { BIO_printf(bio_err, "No issuer certificate specified\n"); return 0; } @@ -792,7 +798,7 @@ static int add_ocsp_serial(OCSP_REQUEST **req, char *serial, iname = X509_get_subject_name(issuer); ikey = X509_get0_pubkey_bitstr(issuer); sno = s2i_ASN1_INTEGER(NULL, serial); - if (!sno) { + if (sno == NULL) { BIO_printf(bio_err, "Error converting serial number %s\n", serial); return 0; } @@ -819,7 +825,7 @@ static void print_ocsp_summary(BIO *out, OCSP_BASICRESP *bs, OCSP_REQUEST *req, int i, status, reason; ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd; - if (!bs || !req || !sk_OPENSSL_STRING_num(names) + if (bs == NULL || req == NULL || !sk_OPENSSL_STRING_num(names) || !sk_OCSP_CERTID_num(ids)) return; @@ -905,7 +911,7 @@ static void make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, OCSP_id_get0_info(NULL, &cert_id_md_oid, NULL, NULL, cid); cert_id_md = EVP_get_digestbyobj(cert_id_md_oid); - if (!cert_id_md) { + if (cert_id_md == NULL) { *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_INTERNALERROR, NULL); goto end; @@ -928,15 +934,15 @@ static void make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, } OCSP_id_get0_info(NULL, NULL, NULL, &serial, cid); inf = lookup_serial(db, serial); - if (!inf) + if (inf == NULL) { OCSP_basic_add1_status(bs, cid, V_OCSP_CERTSTATUS_UNKNOWN, 0, NULL, thisupd, nextupd); - else if (inf[DB_type][0] == DB_TYPE_VAL) + } else if (inf[DB_type][0] == DB_TYPE_VAL) { OCSP_basic_add1_status(bs, cid, V_OCSP_CERTSTATUS_GOOD, 0, NULL, thisupd, nextupd); - else if (inf[DB_type][0] == DB_TYPE_REV) { + } else if (inf[DB_type][0] == DB_TYPE_REV) { ASN1_OBJECT *inst = NULL; ASN1_TIME *revtm = NULL; ASN1_GENERALIZEDTIME *invtm = NULL; @@ -946,10 +952,10 @@ static void make_ocsp_response(OCSP_RESPONSE **resp, OCSP_REQUEST *req, single = OCSP_basic_add1_status(bs, cid, V_OCSP_CERTSTATUS_REVOKED, reason, revtm, thisupd, nextupd); - if (invtm) + if (invtm != NULL) OCSP_SINGLERESP_add1_ext_i2d(single, NID_invalidity_date, invtm, 0, 0); - else if (inst) + else if (inst != NULL) OCSP_SINGLERESP_add1_ext_i2d(single, NID_hold_instruction_code, inst, 0, 0); @@ -1134,13 +1140,14 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio) } /* Try to read OCSP request */ - if (getbio) { + if (getbio != NULL) { req = d2i_OCSP_REQUEST_bio(getbio, NULL); BIO_free_all(getbio); - } else + } else { req = d2i_OCSP_REQUEST_bio(cbio, NULL); + } - if (!req) { + if (req == NULL) { BIO_printf(bio_err, "Error parsing OCSP request\n"); ERR_print_errors(bio_err); } @@ -1156,7 +1163,7 @@ static int send_ocsp_response(BIO *cbio, OCSP_RESPONSE *resp) char http_resp[] = "HTTP/1.0 200 OK\r\nContent-type: application/ocsp-response\r\n" "Content-Length: %d\r\n\r\n"; - if (!cbio) + if (cbio == NULL) return 0; BIO_printf(cbio, http_resp, i2d_OCSP_RESPONSE(resp, NULL)); i2d_OCSP_RESPONSE_bio(cbio, resp); @@ -1234,11 +1241,11 @@ static OCSP_RESPONSE *query_responder(BIO *cbio, const char *host, openssl_fdset(fd, &confds); tv.tv_usec = 0; tv.tv_sec = req_timeout; - if (BIO_should_read(cbio)) + if (BIO_should_read(cbio)) { rv = select(fd + 1, (void *)&confds, NULL, NULL, &tv); - else if (BIO_should_write(cbio)) + } else if (BIO_should_write(cbio)) { rv = select(fd + 1, NULL, (void *)&confds, NULL, &tv); - else { + } else { BIO_puts(bio_err, "Unexpected retry condition\n"); goto err; } @@ -1269,11 +1276,11 @@ OCSP_RESPONSE *process_responder(OCSP_REQUEST *req, OCSP_RESPONSE *resp = NULL; cbio = BIO_new_connect(host); - if (!cbio) { + if (cbio == NULL) { BIO_printf(bio_err, "Error creating connect BIO\n"); goto end; } - if (port) + if (port != NULL) BIO_set_conn_port(cbio, port); if (use_ssl == 1) { BIO *sbio; @@ -1288,7 +1295,7 @@ OCSP_RESPONSE *process_responder(OCSP_REQUEST *req, } resp = query_responder(cbio, host, path, headers, req, req_timeout); - if (!resp) + if (resp == NULL) BIO_printf(bio_err, "Error querying OCSP responder\n"); end: BIO_free_all(cbio); diff --git a/apps/openssl.c b/apps/openssl.c index e42ee1e6e9..b2d4e6f208 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -258,12 +258,12 @@ const OPTIONS exit_options[] = { static void list_cipher_fn(const EVP_CIPHER *c, const char *from, const char *to, void *arg) { - if (c) + if (c != NULL) { BIO_printf(arg, "%s\n", EVP_CIPHER_name(c)); - else { - if (!from) + } else { + if (from == NULL) from = ""; - if (!to) + if (to == NULL) to = ""; BIO_printf(arg, "%s => %s\n", from, to); } @@ -272,12 +272,12 @@ static void list_cipher_fn(const EVP_CIPHER *c, static void list_md_fn(const EVP_MD *m, const char *from, const char *to, void *arg) { - if (m) + if (m != NULL) { BIO_printf(arg, "%s\n", EVP_MD_name(m)); - else { - if (!from) + } else { + if (from == NULL) from = ""; - if (!to) + if (to == NULL) to = ""; BIO_printf((BIO *)arg, "%s => %s\n", from, to); } diff --git a/apps/opt.c b/apps/opt.c index 499a0b576a..a261bf55c7 100644 --- a/apps/opt.c +++ b/apps/opt.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -181,10 +181,10 @@ int opt_format_error(const char *s, unsigned long flags) { OPT_PAIR *ap; - if (flags == OPT_FMT_PEMDER) + if (flags == OPT_FMT_PEMDER) { BIO_printf(bio_err, "%s: Bad format \"%s\"; must be pem or der\n", prog, s); - else { + } else { BIO_printf(bio_err, "%s: Bad format \"%s\"; must be one of:\n", prog, s); for (ap = formats; ap->name; ap++) @@ -264,8 +264,9 @@ int opt_format(const char *s, unsigned long flags, int *result) if ((flags & OPT_FMT_PKCS12) == 0) return opt_format_error(s, flags); *result = FORMAT_PKCS12; - } else + } else { return 0; + } break; } return 1; @@ -275,7 +276,7 @@ int opt_format(const char *s, unsigned long flags, int *result) int opt_cipher(const char *name, const EVP_CIPHER **cipherp) { *cipherp = EVP_get_cipherbyname(name); - if (*cipherp) + if (*cipherp != NULL) return 1; BIO_printf(bio_err, "%s: Unknown cipher %s\n", prog, name); return 0; @@ -287,7 +288,7 @@ int opt_cipher(const char *name, const EVP_CIPHER **cipherp) int opt_md(const char *name, const EVP_MD **mdp) { *mdp = EVP_get_digestbyname(name); - if (*mdp) + if (*mdp != NULL) return 1; BIO_printf(bio_err, "%s: Unknown digest %s\n", prog, name); return 0; diff --git a/apps/passwd.c b/apps/passwd.c index 1dc1e37ca4..c87369760c 100644 --- a/apps/passwd.c +++ b/apps/passwd.c @@ -1,5 +1,5 @@ /* - * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -187,7 +187,7 @@ int passwd_main(int argc, char **argv) argc = opt_num_rest(); argv = opt_rest(); - if (*argv) { + if (*argv != NULL) { if (pw_source_defined) goto opthelp; pw_source_defined = 1; diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 8280676cb3..439622ad91 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -285,7 +285,7 @@ int pkcs12_main(int argc, char **argv) private = 1; - if (passarg) { + if (passarg != NULL) { if (export_cert) passoutarg = passarg; else @@ -297,14 +297,14 @@ int pkcs12_main(int argc, char **argv) goto end; } - if (!cpass) { + if (cpass == NULL) { if (export_cert) cpass = passout; else cpass = passin; } - if (cpass) { + if (cpass != NULL) { mpass = cpass; noprompt = 1; } else { @@ -312,7 +312,7 @@ int pkcs12_main(int argc, char **argv) mpass = macpass; } - if (export_cert || inrand) { + if (export_cert || inrand != NULL) { app_RAND_load_file(NULL, (inrand != NULL)); if (inrand != NULL) BIO_printf(bio_err, "%ld semi-random bytes loaded\n", @@ -320,6 +320,7 @@ int pkcs12_main(int argc, char **argv) } if (twopass) { + /* To avoid bit rot */ if (1) { #ifndef OPENSSL_NO_UI if (EVP_read_pw_string @@ -353,7 +354,7 @@ int pkcs12_main(int argc, char **argv) if (!(options & NOKEYS)) { key = load_key(keyname ? keyname : infile, FORMAT_PEM, 1, passin, e, "private key"); - if (!key) + if (key == NULL) goto export_end; } @@ -363,7 +364,7 @@ int pkcs12_main(int argc, char **argv) "certificates")) goto export_end; - if (key) { + if (key != NULL) { /* Look for matching private key */ for (i = 0; i < sk_X509_num(certs); i++) { x = sk_X509_value(certs, i); @@ -377,7 +378,7 @@ int pkcs12_main(int argc, char **argv) break; } } - if (!ucert) { + if (ucert == NULL) { BIO_printf(bio_err, "No certificate matches private key\n"); goto export_end; @@ -387,7 +388,7 @@ int pkcs12_main(int argc, char **argv) } /* Add any more certificates asked for */ - if (certfile) { + if (certfile != NULL) { if (!load_certs(certfile, &certs, FORMAT_PEM, NULL, "certificates from certfile")) goto export_end; @@ -429,15 +430,16 @@ int pkcs12_main(int argc, char **argv) X509_alias_set1(sk_X509_value(certs, i), catmp, -1); } - if (csp_name && key) + if (csp_name != NULL && key != NULL) EVP_PKEY_add1_attr_by_NID(key, NID_ms_csp_name, MBSTRING_ASC, (unsigned char *)csp_name, -1); - if (add_lmk && key) + if (add_lmk && key != NULL) EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, -1); if (!noprompt) { + /* To avoid bit rot */ if (1) { #ifndef OPENSSL_NO_UI if (EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", @@ -609,8 +611,9 @@ int dump_certs_keys_p12(BIO *out, const PKCS12 *p12, const char *pass, alg_print(p7->d.encrypted->enc_data->algorithm); } bags = PKCS12_unpack_p7encdata(p7, pass, passlen); - } else + } else { continue; + } if (!bags) goto err; if (!dump_certs_pkeys_bags(out, bags, pass, passlen, @@ -874,8 +877,9 @@ int print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst, if (attr_nid == NID_undef) { i2a_ASN1_OBJECT(out, attr_obj); BIO_printf(out, ": "); - } else + } else { BIO_printf(out, "%s: ", OBJ_nid2ln(attr_nid)); + } if (X509_ATTRIBUTE_count(attr)) { av = X509_ATTRIBUTE_get0_type(attr, 0); @@ -903,8 +907,9 @@ int print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst, BIO_printf(out, "\n", av->type); break; } - } else + } else { BIO_printf(out, "\n"); + } } return 1; } diff --git a/apps/pkcs8.c b/apps/pkcs8.c index 7ee23a2215..e964a3b619 100644 --- a/apps/pkcs8.c +++ b/apps/pkcs8.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -196,7 +196,7 @@ int pkcs8_main(int argc, char **argv) if (topk8) { pkey = load_key(infile, informat, 1, passin, e, "key"); - if (!pkey) + if (pkey == NULL) goto end; if ((p8inf = EVP_PKEY2PKCS8(pkey)) == NULL) { BIO_printf(bio_err, "Error converting key\n"); @@ -205,11 +205,11 @@ int pkcs8_main(int argc, char **argv) } if (nocrypt) { assert(private); - if (outformat == FORMAT_PEM) + if (outformat == FORMAT_PEM) { PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8inf); - else if (outformat == FORMAT_ASN1) + } else if (outformat == FORMAT_ASN1) { i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8inf); - else { + } else { BIO_printf(bio_err, "Bad format specified for key\n"); goto end; } @@ -232,9 +232,10 @@ int pkcs8_main(int argc, char **argv) ERR_print_errors(bio_err); goto end; } - if (passout) + if (passout != NULL) { p8pass = passout; - else if (1) { + } else if (1) { + /* To avoid bit rot */ #ifndef OPENSSL_NO_UI p8pass = pass; if (EVP_read_pw_string @@ -272,32 +273,32 @@ int pkcs8_main(int argc, char **argv) } if (nocrypt) { - if (informat == FORMAT_PEM) + if (informat == FORMAT_PEM) { p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in, NULL, NULL, NULL); - else if (informat == FORMAT_ASN1) + } else if (informat == FORMAT_ASN1) { p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(in, NULL); - else { + } else { BIO_printf(bio_err, "Bad format specified for key\n"); goto end; } } else { - if (informat == FORMAT_PEM) + if (informat == FORMAT_PEM) { p8 = PEM_read_bio_PKCS8(in, NULL, NULL, NULL); - else if (informat == FORMAT_ASN1) + } else if (informat == FORMAT_ASN1) { p8 = d2i_PKCS8_bio(in, NULL); - else { + } else { BIO_printf(bio_err, "Bad format specified for key\n"); goto end; } - if (!p8) { + if (p8 == NULL) { BIO_printf(bio_err, "Error reading key\n"); ERR_print_errors(bio_err); goto end; } - if (passin) + if (passin != NULL) { p8pass = passin; - else if (1) { + } else if (1) { #ifndef OPENSSL_NO_UI p8pass = pass; if (EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0)) { @@ -312,7 +313,7 @@ int pkcs8_main(int argc, char **argv) p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass)); } - if (!p8inf) { + if (p8inf == NULL) { BIO_printf(bio_err, "Error decrypting key\n"); ERR_print_errors(bio_err); goto end; diff --git a/apps/pkey.c b/apps/pkey.c index 14896d3e46..e8e32bacda 100644 --- a/apps/pkey.c +++ b/apps/pkey.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -136,14 +136,14 @@ int pkey_main(int argc, char **argv) pkey = load_pubkey(infile, informat, 1, passin, e, "Public Key"); else pkey = load_key(infile, informat, 1, passin, e, "key"); - if (!pkey) + if (pkey == NULL) goto end; if (!noout) { if (outformat == FORMAT_PEM) { - if (pubout) + if (pubout) { PEM_write_bio_PUBKEY(out, pkey); - else { + } else { assert(private); if (traditional) PEM_write_bio_PrivateKey_traditional(out, pkey, cipher, @@ -154,9 +154,9 @@ int pkey_main(int argc, char **argv) NULL, 0, NULL, passout); } } else if (outformat == FORMAT_ASN1) { - if (pubout) + if (pubout) { i2d_PUBKEY_bio(out, pkey); - else { + } else { assert(private); i2d_PrivateKey_bio(out, pkey); } @@ -164,13 +164,12 @@ int pkey_main(int argc, char **argv) BIO_printf(bio_err, "Bad format specified for key\n"); goto end; } - } if (text) { - if (pubtext) + if (pubtext) { EVP_PKEY_print_public(out, pkey, 0, NULL); - else { + } else { assert(private); EVP_PKEY_print_private(out, pkey, 0, NULL); } diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c index fe07ea7645..9ac247509a 100644 --- a/apps/pkeyparam.c +++ b/apps/pkeyparam.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -80,7 +80,7 @@ int pkeyparam_main(int argc, char **argv) if (out == NULL) goto end; pkey = PEM_read_bio_Parameters(in, NULL); - if (!pkey) { + if (pkey == NULL) { BIO_printf(bio_err, "Error reading parameters\n"); ERR_print_errors(bio_err); goto end; diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index 3ba75adf05..90e9ae3b5c 100644 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -226,13 +226,13 @@ int pkeyutl_main(int argc, char **argv) } } - if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY)) { + if (sigfile != NULL && (pkey_op != EVP_PKEY_OP_VERIFY)) { BIO_printf(bio_err, "%s: Signature file specified for non verify\n", prog); goto end; } - if (!sigfile && (pkey_op == EVP_PKEY_OP_VERIFY)) { + if (sigfile == NULL && (pkey_op == EVP_PKEY_OP_VERIFY)) { BIO_printf(bio_err, "%s: No signature file specified for verify\n", prog); goto end; @@ -250,9 +250,10 @@ int pkeyutl_main(int argc, char **argv) if (out == NULL) goto end; - if (sigfile) { + if (sigfile != NULL) { BIO *sigbio = BIO_new_file(sigfile, "rb"); - if (!sigbio) { + + if (sigbio == NULL) { BIO_printf(bio_err, "Can't open signature file %s\n", sigfile); goto end; } @@ -264,7 +265,7 @@ int pkeyutl_main(int argc, char **argv) } } - if (in) { + if (in != NULL) { /* Read the input data */ buf_inlen = bio_to_mem(&buf_in, keysize * 10, in); if (buf_inlen < 0) { @@ -289,8 +290,9 @@ int pkeyutl_main(int argc, char **argv) if (rv == 1) { BIO_puts(out, "Signature Verified Successfully\n"); ret = 0; - } else + } else { BIO_puts(out, "Signature Verification Failure\n"); + } goto end; } if (kdflen != 0) { @@ -316,10 +318,11 @@ int pkeyutl_main(int argc, char **argv) if (asn1parse) { if (!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1)) ERR_print_errors(bio_err); - } else if (hexdump) + } else if (hexdump) { BIO_dump(out, (char *)buf_out, buf_outlen); - else + } else { BIO_write(out, buf_out, buf_outlen); + } end: EVP_PKEY_CTX_free(ctx); @@ -381,7 +384,7 @@ static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize, impl = e; #endif - if (kdfalg) { + if (kdfalg != NULL) { int kdfnid = OBJ_sn2nid(kdfalg); if (kdfnid == NID_undef) goto end; @@ -444,7 +447,7 @@ static int setup_peer(EVP_PKEY_CTX *ctx, int peerform, const char *file, if (peerform == FORMAT_ENGINE) engine = e; peer = load_pubkey(file, peerform, 0, NULL, engine, "Peer Key"); - if (!peer) { + if (peer == NULL) { BIO_printf(bio_err, "Error reading peer key %s\n", file); ERR_print_errors(bio_err); return 0; diff --git a/apps/progs.pl b/apps/progs.pl index 94a4962415..7713440938 100644 --- a/apps/progs.pl +++ b/apps/progs.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -32,7 +32,7 @@ print <<'EOF'; * WARNING: do not edit! * Generated by apps/progs.pl * - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/apps/rehash.c b/apps/rehash.c index 52c005e748..e3c02448fb 100644 --- a/apps/rehash.c +++ b/apps/rehash.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -254,11 +254,11 @@ static int do_file(const char *filename, const char *fullpath, enum Hash h) goto end; } x = sk_X509_INFO_value(inf, 0); - if (x->x509) { + if (x->x509 != NULL) { type = TYPE_CERT; name = X509_get_subject_name(x->x509); X509_digest(x->x509, evpmd, digest, NULL); - } else if (x->crl) { + } else if (x->crl != NULL) { type = TYPE_CRL; name = X509_CRL_get_issuer(x->crl); X509_CRL_digest(x->crl, evpmd, digest, NULL); @@ -266,7 +266,7 @@ static int do_file(const char *filename, const char *fullpath, enum Hash h) ++errs; goto end; } - if (name) { + if (name != NULL) { if ((h == HASH_NEW) || (h == HASH_BOTH)) errs += add_entry(type, X509_NAME_hash(name), filename, digest, 1, ~0); if ((h == HASH_OLD) || (h == HASH_BOTH)) @@ -499,8 +499,8 @@ int rehash_main(int argc, char **argv) evpmd = EVP_sha1(); evpmdsize = EVP_MD_size(evpmd); - if (*argv) { - while (*argv) + if (*argv != NULL) { + while (*argv != NULL) errs += do_dir(*argv++, h); } else if ((env = getenv("SSL_CERT_DIR")) != NULL) { m = OPENSSL_strdup(env); diff --git a/apps/req.c b/apps/req.c index a47dfcffaf..34d906566c 100644 --- a/apps/req.c +++ b/apps/req.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -371,21 +371,21 @@ int req_main(int argc, char **argv) if (md_alg == NULL) { p = NCONF_get_string(req_conf, SECTION, "default_md"); - if (p == NULL) + if (p == NULL) { ERR_clear_error(); - else { + } else { if (!opt_md(p, &md_alg)) goto opthelp; digest = md_alg; } } - if (!extensions) { + if (extensions == NULL) { extensions = NCONF_get_string(req_conf, SECTION, V3_EXTENSIONS); - if (!extensions) + if (extensions == NULL) ERR_clear_error(); } - if (extensions) { + if (extensions != NULL) { /* Check syntax of file */ X509V3_CTX ctx; X509V3_set_ctx_test(&ctx); @@ -412,28 +412,28 @@ int req_main(int argc, char **argv) } p = NCONF_get_string(req_conf, SECTION, STRING_MASK); - if (!p) + if (p == NULL) ERR_clear_error(); - if (p && !ASN1_STRING_set_default_mask_asc(p)) { + if (p != NULL && !ASN1_STRING_set_default_mask_asc(p)) { BIO_printf(bio_err, "Invalid global string mask setting %s\n", p); goto end; } if (chtype != MBSTRING_UTF8) { p = NCONF_get_string(req_conf, SECTION, UTF8_IN); - if (!p) + if (p == NULL) ERR_clear_error(); else if (strcmp(p, "yes") == 0) chtype = MBSTRING_UTF8; } - if (!req_exts) { + if (req_exts == NULL) { req_exts = NCONF_get_string(req_conf, SECTION, REQ_EXTENSIONS); - if (!req_exts) + if (req_exts == NULL) ERR_clear_error(); } - if (req_exts) { + if (req_exts != NULL) { /* Check syntax of file */ X509V3_CTX ctx; X509V3_set_ctx_test(&ctx); @@ -448,7 +448,7 @@ int req_main(int argc, char **argv) if (keyfile != NULL) { pkey = load_key(keyfile, keyform, 0, passin, e, "Private Key"); - if (!pkey) { + if (pkey == NULL) { /* load_key() has already printed an appropriate message */ goto end; } else { @@ -464,17 +464,17 @@ int req_main(int argc, char **argv) if (randfile == NULL) ERR_clear_error(); app_RAND_load_file(randfile, 0); - if (inrand) + if (inrand != NULL) app_RAND_load_files(inrand); if (!NCONF_get_number(req_conf, SECTION, BITS, &newkey)) { newkey = DEFAULT_KEY_LENGTH; } - if (keyalg) { + if (keyalg != NULL) { genctx = set_keygen_ctx(keyalg, &pkey_type, &newkey, &keyalgstr, gen_eng); - if (!genctx) + if (genctx == NULL) goto end; } @@ -486,14 +486,14 @@ int req_main(int argc, char **argv) goto end; } - if (!genctx) { + if (genctx == NULL) { genctx = set_keygen_ctx(NULL, &pkey_type, &newkey, &keyalgstr, gen_eng); if (!genctx) goto end; } - if (pkeyopts) { + if (pkeyopts != NULL) { char *genopt; for (i = 0; i < sk_OPENSSL_STRING_num(pkeyopts); i++) { genopt = sk_OPENSSL_STRING_value(pkeyopts, i); @@ -610,9 +610,9 @@ int req_main(int argc, char **argv) goto end; /* Set version to V3 */ - if (extensions && !X509_set_version(x509ss, 2)) + if (extensions != NULL && !X509_set_version(x509ss, 2)) goto end; - if (serial) { + if (serial != NULL) { if (!X509_set_serialNumber(x509ss, serial)) goto end; } else { @@ -637,9 +637,9 @@ int req_main(int argc, char **argv) X509V3_set_nconf(&ext_ctx, req_conf); /* Add extensions */ - if (extensions && !X509V3_EXT_add_nconf(req_conf, - &ext_ctx, extensions, - x509ss)) { + if (extensions != NULL && !X509V3_EXT_add_nconf(req_conf, + &ext_ctx, extensions, + x509ss)) { BIO_printf(bio_err, "Error Loading extension section %s\n", extensions); goto end; @@ -668,9 +668,9 @@ int req_main(int argc, char **argv) X509V3_set_nconf(&ext_ctx, req_conf); /* Add extensions */ - if (req_exts && !X509V3_EXT_REQ_add_nconf(req_conf, - &ext_ctx, req_exts, - req)) { + if (req_exts != NULL + && !X509V3_EXT_REQ_add_nconf(req_conf, &ext_ctx, + req_exts, req)) { BIO_printf(bio_err, "Error Loading extension section %s\n", req_exts); goto end; @@ -723,8 +723,9 @@ int req_main(int argc, char **argv) } else if (i == 0) { BIO_printf(bio_err, "verify failure\n"); ERR_print_errors(bio_err); - } else /* if (i > 0) */ + } else { /* if (i > 0) */ BIO_printf(bio_err, "verify OK\n"); + } } if (noout && !text && !modulus && !subject && !pubkey) { @@ -951,7 +952,8 @@ static int prompt_info(X509_REQ *req, if (sk_CONF_VALUE_num(dn_sk)) { i = -1; - start:for (;;) { + start: + for ( ; ; ) { i++; if (sk_CONF_VALUE_num(dn_sk) <= i) break; @@ -976,8 +978,9 @@ static int prompt_info(X509_REQ *req, if (*type == '+') { mval = -1; type++; - } else + } else { mval = 0; + } /* If OBJ not recognised ignore it */ if ((nid = OBJ_txt2nid(type)) == NID_undef) goto start; @@ -1030,7 +1033,8 @@ static int prompt_info(X509_REQ *req, } i = -1; - start2: for (;;) { + start2: + for ( ; ; ) { i++; if ((attr_sk == NULL) || (sk_CONF_VALUE_num(attr_sk) <= i)) break; @@ -1128,8 +1132,9 @@ static int auto_info(X509_REQ *req, STACK_OF(CONF_VALUE) *dn_sk, if (plus_char) { type++; mval = -1; - } else + } else { mval = 0; + } if (!X509_NAME_add_entry_by_txt(subj, type, chtype, (unsigned char *)v->value, -1, -1, mval)) @@ -1178,19 +1183,20 @@ static int add_DN_object(X509_NAME *n, char *text, const char *def, } if (buf[0] == '\0') - return (0); - else if (buf[0] == '\n') { + return 0; + if (buf[0] == '\n') { if ((def == NULL) || (def[0] == '\0')) - return (1); + return 1; OPENSSL_strlcpy(buf, def, sizeof buf); OPENSSL_strlcat(buf, "\n", sizeof buf); - } else if ((buf[0] == '.') && (buf[1] == '\n')) - return (1); + } else if ((buf[0] == '.') && (buf[1] == '\n')) { + return 1; + } i = strlen(buf); if (buf[i - 1] != '\n') { BIO_printf(bio_err, "weird input :-(\n"); - return (0); + return 0; } buf[--i] = '\0'; #ifdef CHARSET_EBCDIC @@ -1237,19 +1243,20 @@ static int add_attribute_object(X509_REQ *req, char *text, const char *def, } if (buf[0] == '\0') - return (0); - else if (buf[0] == '\n') { + return 0; + if (buf[0] == '\n') { if ((def == NULL) || (def[0] == '\0')) - return (1); + return 1; OPENSSL_strlcpy(buf, def, sizeof buf); OPENSSL_strlcat(buf, "\n", sizeof buf); - } else if ((buf[0] == '.') && (buf[1] == '\n')) - return (1); + } else if ((buf[0] == '.') && (buf[1] == '\n')) { + return 1; + } i = strlen(buf); if (buf[i - 1] != '\n') { BIO_printf(bio_err, "weird input :-(\n"); - return (0); + return 0; } buf[--i] = '\0'; #ifdef CHARSET_EBCDIC @@ -1320,15 +1327,15 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr, *pkey_type = EVP_PKEY_RSA; keylen = atol(gstr); *pkeylen = keylen; - } else if (strncmp(gstr, "param:", 6) == 0) + } else if (strncmp(gstr, "param:", 6) == 0) { paramfile = gstr + 6; - else { + } else { const char *p = strchr(gstr, ':'); int len; ENGINE *tmpeng; const EVP_PKEY_ASN1_METHOD *ameth; - if (p) + if (p != NULL) len = p - gstr; else len = strlen(gstr); @@ -1339,7 +1346,7 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr, ameth = EVP_PKEY_asn1_find_str(&tmpeng, gstr, len); - if (!ameth) { + if (ameth == NULL) { BIO_printf(bio_err, "Unknown algorithm %.*s\n", len, gstr); return NULL; } @@ -1349,28 +1356,31 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr, ENGINE_finish(tmpeng); #endif if (*pkey_type == EVP_PKEY_RSA) { - if (p) { + if (p != NULL) { keylen = atol(p + 1); *pkeylen = keylen; - } else + } else { keylen = *pkeylen; - } else if (p) + } + } else if (p != NULL) { paramfile = p + 1; + } } - if (paramfile) { + if (paramfile != NULL) { pbio = BIO_new_file(paramfile, "r"); - if (!pbio) { + if (pbio == NULL) { BIO_printf(bio_err, "Can't open parameter file %s\n", paramfile); return NULL; } param = PEM_read_bio_Parameters(pbio, NULL); - if (!param) { + if (param == NULL) { X509 *x; + (void)BIO_reset(pbio); x = PEM_read_bio_X509(pbio, NULL, NULL, NULL); - if (x) { + if (x != NULL) { param = X509_get_pubkey(x); X509_free(x); } @@ -1378,25 +1388,26 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr, BIO_free(pbio); - if (!param) { + if (param == NULL) { BIO_printf(bio_err, "Error reading parameter file %s\n", paramfile); return NULL; } - if (*pkey_type == -1) + if (*pkey_type == -1) { *pkey_type = EVP_PKEY_id(param); - else if (*pkey_type != EVP_PKEY_base_id(param)) { + } else if (*pkey_type != EVP_PKEY_base_id(param)) { BIO_printf(bio_err, "Key Type does not match parameters\n"); EVP_PKEY_free(param); return NULL; } } - if (palgnam) { + if (palgnam != NULL) { const EVP_PKEY_ASN1_METHOD *ameth; ENGINE *tmpeng; const char *anam; + ameth = EVP_PKEY_asn1_find(&tmpeng, *pkey_type); - if (!ameth) { + if (ameth == NULL) { BIO_puts(bio_err, "Internal error: can't find key algorithm\n"); return NULL; } @@ -1407,12 +1418,13 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr, #endif } - if (param) { + if (param != NULL) { gctx = EVP_PKEY_CTX_new(param, keygen_engine); *pkeylen = EVP_PKEY_bits(param); EVP_PKEY_free(param); - } else + } else { gctx = EVP_PKEY_CTX_new_id(*pkey_type, keygen_engine); + } if (gctx == NULL) { BIO_puts(bio_err, "Error allocating keygen context\n"); diff --git a/apps/rsa.c b/apps/rsa.c index 5462f4bc2b..5adb93d7f5 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -176,12 +176,14 @@ int rsa_main(int argc, char **argv) tmpformat = FORMAT_PEMRSA; else if (informat == FORMAT_ASN1) tmpformat = FORMAT_ASN1RSA; - } else + } else { tmpformat = informat; + } pkey = load_pubkey(infile, tmpformat, 1, passin, e, "Public Key"); - } else + } else { pkey = load_key(infile, informat, 1, passin, e, "Private Key"); + } if (pkey != NULL) rsa = EVP_PKEY_get1_RSA(pkey); @@ -217,9 +219,9 @@ int rsa_main(int argc, char **argv) if (check) { int r = RSA_check_key(rsa); - if (r == 1) + if (r == 1) { BIO_printf(out, "RSA key ok\n"); - else if (r == 0) { + } else if (r == 0) { unsigned long err; while ((err = ERR_peek_error()) != 0 && @@ -251,8 +253,7 @@ int rsa_main(int argc, char **argv) assert(private); i = i2d_RSAPrivateKey_bio(out, rsa); } - } - else if (outformat == FORMAT_PEM) { + } else if (outformat == FORMAT_PEM) { if (pubout || pubin) { if (pubout == 2) i = PEM_write_bio_RSAPublicKey(out, rsa); @@ -297,8 +298,9 @@ int rsa_main(int argc, char **argv) if (i <= 0) { BIO_printf(bio_err, "unable to write key\n"); ERR_print_errors(bio_err); - } else + } else { ret = 0; + } end: release_engine(e); BIO_free_all(out); diff --git a/apps/rsautl.c b/apps/rsautl.c index e5c1524813..c8a2650fc8 100644 --- a/apps/rsautl.c +++ b/apps/rsautl.c @@ -1,5 +1,5 @@ /* - * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -190,14 +190,13 @@ int rsautl_main(int argc, char **argv) break; } - if (!pkey) { + if (pkey == NULL) return 1; - } rsa = EVP_PKEY_get1_RSA(pkey); EVP_PKEY_free(pkey); - if (!rsa) { + if (rsa == NULL) { BIO_printf(bio_err, "Error getting RSA key\n"); ERR_print_errors(bio_err); goto end; @@ -261,10 +260,11 @@ int rsautl_main(int argc, char **argv) if (!ASN1_parse_dump(out, rsa_out, rsa_outlen, 1, -1)) { ERR_print_errors(bio_err); } - } else if (hexdump) + } else if (hexdump) { BIO_dump(out, (char *)rsa_out, rsa_outlen); - else + } else { BIO_write(out, rsa_out, rsa_outlen); + } end: RSA_free(rsa); release_engine(e); diff --git a/apps/s_apps.h b/apps/s_apps.h index 07b5a7ae4e..6ee2b0c8ca 100644 --- a/apps/s_apps.h +++ b/apps/s_apps.h @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/apps/s_cb.c b/apps/s_cb.c index edbc2b85c2..f2906a5f12 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -53,13 +53,14 @@ int verify_callback(int ok, X509_STORE_CTX *ctx) if (!verify_args.quiet || !ok) { BIO_printf(bio_err, "depth=%d ", depth); - if (err_cert) { + if (err_cert != NULL) { X509_NAME_print_ex(bio_err, X509_get_subject_name(err_cert), 0, get_nameopt()); BIO_puts(bio_err, "\n"); - } else + } else { BIO_puts(bio_err, "\n"); + } } if (!ok) { BIO_printf(bio_err, "verify error:num=%d:%s\n", err, @@ -206,7 +207,7 @@ static void ssl_print_client_cert_types(BIO *bio, SSL *s) if (i) BIO_puts(bio, ", "); - if (cname) + if (cname != NULL) BIO_puts(bio, cname); else BIO_printf(bio, "UNKNOWN (%d),", cert_type); @@ -342,13 +343,13 @@ int ssl_print_groups(BIO *out, SSL *s, int noshared) BIO_puts(out, ":"); nid = groups[i]; /* If unrecognised print out hex version */ - if (nid & TLSEXT_nid_unknown) + if (nid & TLSEXT_nid_unknown) { BIO_printf(out, "0x%04X", nid & 0xFFFF); - else { + } else { /* TODO(TLS1.3): Get group name here */ /* Use NIST name for curve if it exists */ gname = EC_curve_nid2nist(nid); - if (!gname) + if (gname == NULL) gname = OBJ_nid2sn(nid); BIO_printf(out, "%s", gname); } @@ -366,7 +367,7 @@ int ssl_print_groups(BIO *out, SSL *s, int noshared) nid = SSL_get_shared_group(s, i); /* TODO(TLS1.3): Convert for DH groups */ gname = EC_curve_nid2nist(nid); - if (!gname) + if (gname == NULL) gname = OBJ_nid2sn(nid); BIO_printf(out, "%s", gname); } @@ -376,6 +377,7 @@ int ssl_print_groups(BIO *out, SSL *s, int noshared) return 1; } #endif + int ssl_print_tmp_key(BIO *out, SSL *s) { EVP_PKEY *key; @@ -399,7 +401,7 @@ int ssl_print_tmp_key(BIO *out, SSL *s) nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); EC_KEY_free(ec); cname = EC_curve_nid2nist(nid); - if (!cname) + if (cname == NULL) cname = OBJ_nid2sn(nid); BIO_printf(out, "ECDH, %s, %d bits\n", cname, EVP_PKEY_bits(key)); } @@ -461,10 +463,9 @@ void apps_ssl_info_callback(const SSL *s, int where, int ret) if (ret == 0) BIO_printf(bio_err, "%s:failed in %s\n", str, SSL_state_string_long(s)); - else if (ret < 0) { + else if (ret < 0) BIO_printf(bio_err, "%s:error in %s\n", str, SSL_state_string_long(s)); - } } } @@ -478,6 +479,7 @@ static STRINT_PAIR ssl_versions[] = { {"DTLS 1.0 (bad)", DTLS1_BAD_VER}, {NULL} }; + static STRINT_PAIR alert_types[] = { {" close_notify", 0}, {" end_of_early_data", 1}, @@ -813,19 +815,19 @@ static int set_cert_cb(SSL *ssl, void *arg) #endif SSL_certs_clear(ssl); - if (!exc) + if (exc == NULL) return 1; /* * Go to end of list and traverse backwards since we prepend newer * entries this retains the original order. */ - while (exc->next) + while (exc->next != NULL) exc = exc->next; i = 0; - while (exc) { + while (exc != NULL) { i++; rv = SSL_check_chain(ssl, exc->cert, exc->key, exc->chain); BIO_printf(bio_err, "Checking cert chain %d:\nSubject: ", i); @@ -846,8 +848,9 @@ static int set_cert_cb(SSL *ssl, void *arg) if (exc->build_chain) { if (!SSL_build_cert_chain(ssl, 0)) return 0; - } else if (exc->chain) + } else if (exc->chain != NULL) { SSL_set1_chain(ssl, exc->chain); + } } exc = exc->prev; } @@ -884,7 +887,7 @@ void ssl_excert_free(SSL_EXCERT *exc) { SSL_EXCERT *curr; - if (!exc) + if (exc == NULL) return; while (exc) { X509_free(exc->cert); @@ -899,33 +902,33 @@ void ssl_excert_free(SSL_EXCERT *exc) int load_excert(SSL_EXCERT **pexc) { SSL_EXCERT *exc = *pexc; - if (!exc) + if (exc == NULL) return 1; /* If nothing in list, free and set to NULL */ - if (!exc->certfile && !exc->next) { + if (exc->certfile == NULL && exc->next == NULL) { ssl_excert_free(exc); *pexc = NULL; return 1; } for (; exc; exc = exc->next) { - if (!exc->certfile) { + if (exc->certfile == NULL) { BIO_printf(bio_err, "Missing filename\n"); return 0; } exc->cert = load_cert(exc->certfile, exc->certform, "Server Certificate"); - if (!exc->cert) + if (exc->cert == NULL) return 0; - if (exc->keyfile) { + if (exc->keyfile != NULL) { exc->key = load_key(exc->keyfile, exc->keyform, 0, NULL, NULL, "Server Key"); } else { exc->key = load_key(exc->certfile, exc->certform, 0, NULL, NULL, "Server Key"); } - if (!exc->key) + if (exc->key == NULL) return 0; - if (exc->chainfile) { + if (exc->chainfile != NULL) { if (!load_certs(exc->chainfile, &exc->chain, FORMAT_PEM, NULL, "Server Chain")) return 0; @@ -957,7 +960,7 @@ int args_excert(int opt, SSL_EXCERT **pexc) case OPT_X__LAST: return 0; case OPT_X_CERT: - if (exc->certfile && !ssl_excert_prepend(&exc)) { + if (exc->certfile != NULL && !ssl_excert_prepend(&exc)) { BIO_printf(bio_err, "%s: Error adding xcert\n", opt_getprog()); goto err; } @@ -965,14 +968,14 @@ int args_excert(int opt, SSL_EXCERT **pexc) exc->certfile = opt_arg(); break; case OPT_X_KEY: - if (exc->keyfile) { + if (exc->keyfile != NULL) { BIO_printf(bio_err, "%s: Key already specified\n", opt_getprog()); goto err; } exc->keyfile = opt_arg(); break; case OPT_X_CHAIN: - if (exc->chainfile) { + if (exc->chainfile != NULL) { BIO_printf(bio_err, "%s: Chain already specified\n", opt_getprog()); goto err; @@ -1015,11 +1018,11 @@ static void print_raw_cipherlist(SSL *s) const SSL_CIPHER *c = SSL_CIPHER_find(s, rlist); if (i) BIO_puts(bio_err, ":"); - if (c) + if (c != NULL) { BIO_puts(bio_err, SSL_CIPHER_get_name(c)); - else if (!memcmp(rlist, scsv_id, num)) + } else if (memcmp(rlist, scsv_id, num) == 0) { BIO_puts(bio_err, "SCSV"); - else { + } else { size_t j; BIO_puts(bio_err, "0x"); for (j = 0; j < num; j++) @@ -1114,7 +1117,7 @@ void print_ssl_summary(SSL *s) BIO_printf(bio_err, "Ciphersuite: %s\n", SSL_CIPHER_get_name(c)); do_print_sigalgs(bio_err, s, 0); peer = SSL_get_peer_certificate(s); - if (peer) { + if (peer != NULL) { int nid; BIO_puts(bio_err, "Peer certificate: "); @@ -1126,8 +1129,9 @@ void print_ssl_summary(SSL *s) if (SSL_get_peer_signature_type_nid(s, &nid)) BIO_printf(bio_err, "Signature type: %s\n", get_sigtype(nid)); print_verify_detail(s, bio_err); - } else + } else { BIO_puts(bio_err, "No peer certificate\n"); + } X509_free(peer); #ifndef OPENSSL_NO_EC ssl_print_point_formats(bio_err, s); @@ -1151,7 +1155,7 @@ int config_ctx(SSL_CONF_CTX *cctx, STACK_OF(OPENSSL_STRING) *str, const char *flag = sk_OPENSSL_STRING_value(str, i); const char *arg = sk_OPENSSL_STRING_value(str, i + 1); if (SSL_CONF_cmd(cctx, flag, arg) <= 0) { - if (arg) + if (arg != NULL) BIO_printf(bio_err, "Error with command: \"%s %s\"\n", flag, arg); else @@ -1285,7 +1289,7 @@ static int security_callback_debug(const SSL *s, const SSL_CTX *ctx, cert_md = 1; break; } - if (nm) + if (nm != NULL) BIO_printf(sdb->out, "%s=", nm); switch (op & SSL_SECOP_OTHER_TYPE) { diff --git a/apps/s_client.c b/apps/s_client.c index 84dad97a04..663ab49f51 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -154,8 +154,9 @@ static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *identity, if (c_debug) BIO_printf(bio_c_out, "NULL received PSK identity hint, continuing anyway\n"); - } else if (c_debug) + } else if (c_debug) { BIO_printf(bio_c_out, "Received PSK identity hint '%s'\n", hint); + } /* * lookup PSK identity and PSK key based on the given identity hint here @@ -1423,7 +1424,7 @@ int s_client_main(int argc, char **argv) if (argc != 0) goto opthelp; - if (proxystr) { + if (proxystr != NULL) { int res; char *tmp_host = host, *tmp_port = port; if (connectstr == NULL) { @@ -1496,7 +1497,7 @@ int s_client_main(int argc, char **argv) if (key_file == NULL) key_file = cert_file; - if (key_file) { + if (key_file != NULL) { key = load_key(key_file, key_format, 0, pass, e, "client certificate private key file"); if (key == NULL) { @@ -1505,7 +1506,7 @@ int s_client_main(int argc, char **argv) } } - if (cert_file) { + if (cert_file != NULL) { cert = load_cert(cert_file, cert_format, "client certificate file"); if (cert == NULL) { ERR_print_errors(bio_err); @@ -1513,13 +1514,13 @@ int s_client_main(int argc, char **argv) } } - if (chain_file) { + if (chain_file != NULL) { if (!load_certs(chain_file, &chain, FORMAT_PEM, NULL, "client certificate chain")) goto end; } - if (crl_file) { + if (crl_file != NULL) { X509_CRL *crl; crl = load_crl(crl_file, crl_format); if (crl == NULL) { @@ -1552,7 +1553,7 @@ int s_client_main(int argc, char **argv) if (bio_c_out == NULL) { if (c_quiet && !c_debug) { bio_c_out = BIO_new(BIO_s_null()); - if (c_msg && !bio_c_msg) + if (c_msg && bio_c_msg == NULL) bio_c_msg = dup_bio_out(FORMAT_TEXT); } else if (bio_c_out == NULL) bio_c_out = dup_bio_out(FORMAT_TEXT); @@ -1573,7 +1574,7 @@ int s_client_main(int argc, char **argv) if (sdebug) ssl_ctx_security_debug(ctx, sdebug); - if (ssl_config) { + if (ssl_config != NULL) { if (SSL_CTX_config(ctx, ssl_config) == 0) { BIO_printf(bio_err, "Error using configuration \"%s\"\n", ssl_config); @@ -1672,11 +1673,11 @@ int s_client_main(int argc, char **argv) } #endif - if (exc) + if (exc != NULL) ssl_ctx_set_excert(ctx, exc); #if !defined(OPENSSL_NO_NEXTPROTONEG) - if (next_proto.data) + if (next_proto.data != NULL) SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto); #endif if (alpn_in) { @@ -1782,7 +1783,7 @@ int s_client_main(int argc, char **argv) * come at any time. Therefore we use a callback to write out the session * when we know about it. This approach works for < TLSv1.3 as well. */ - if (sess_out) { + if (sess_out != NULL) { SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_NO_INTERNAL_STORE); SSL_CTX_sess_set_new_cb(ctx, new_session_cb); @@ -1792,17 +1793,17 @@ int s_client_main(int argc, char **argv) goto end; con = SSL_new(ctx); - if (sess_in) { + if (sess_in != NULL) { SSL_SESSION *sess; BIO *stmp = BIO_new_file(sess_in, "r"); - if (!stmp) { + if (stmp == NULL) { BIO_printf(bio_err, "Can't open session file %s\n", sess_in); ERR_print_errors(bio_err); goto end; } sess = PEM_read_bio_SSL_SESSION(stmp, NULL, 0, NULL); BIO_free(stmp); - if (!sess) { + if (sess == NULL) { BIO_printf(bio_err, "Can't open session file %s\n", sess_in); ERR_print_errors(bio_err); goto end; @@ -1920,9 +1921,10 @@ int s_client_main(int argc, char **argv) BIO_free(sbio); goto shut; } - } else + } else { /* want to do MTU discovery */ BIO_ctrl(sbio, BIO_CTRL_DGRAM_MTU_DISCOVER, 0, NULL); + } } else #endif /* OPENSSL_NO_DTLS */ sbio = BIO_new_socket(s, BIO_NOCLOSE); @@ -3170,12 +3172,12 @@ static int ocsp_resp_cb(SSL *s, void *arg) OCSP_RESPONSE *rsp; len = SSL_get_tlsext_status_ocsp_resp(s, &p); BIO_puts(arg, "OCSP response: "); - if (!p) { + if (p == NULL) { BIO_puts(arg, "no response sent\n"); return 1; } rsp = d2i_OCSP_RESPONSE(NULL, &p, len); - if (!rsp) { + if (rsp == NULL) { BIO_puts(arg, "response parse error\n"); BIO_dump_indent(arg, (char *)p, len, 4); return 0; diff --git a/apps/s_server.c b/apps/s_server.c index 4c92a53f75..26947c31f3 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -161,7 +161,7 @@ static unsigned int psk_server_cb(SSL *ssl, const char *identity, if (s_debug) BIO_printf(bio_s_out, "psk_server_cb\n"); - if (!identity) { + if (identity == NULL) { BIO_printf(bio_err, "Error: client did not send PSK identity\n"); goto out_err; } @@ -435,17 +435,17 @@ static int ssl_servername_cb(SSL *s, int *ad, void *arg) { tlsextctx *p = (tlsextctx *) arg; const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); - if (servername && p->biodebug) + if (servername != NULL && p->biodebug != NULL) BIO_printf(p->biodebug, "Hostname in TLS extension: \"%s\"\n", servername); - if (!p->servername) + if (p->servername == NULL) return SSL_TLSEXT_ERR_NOACK; - if (servername) { + if (servername != NULL) { if (strcasecmp(servername, p->servername)) return p->extension_error; - if (ctx2) { + if (ctx2 != NULL) { BIO_printf(p->biodebug, "Switching server context.\n"); SSL_set_SSL_CTX(s, ctx2); } @@ -493,7 +493,7 @@ static int get_ocsp_resp_from_responder(SSL *s, tlsextstatusctx *srctx, /* Build up OCSP query from server certificate */ x = SSL_get_certificate(s); aia = X509_get1_ocsp(x); - if (aia) { + if (aia != NULL) { if (!OCSP_parse_url(sk_OPENSSL_STRING_value(aia, 0), &host, &port, &path, &use_ssl)) { BIO_puts(bio_err, "cert_status: can't parse AIA URL\n"); @@ -503,7 +503,7 @@ static int get_ocsp_resp_from_responder(SSL *s, tlsextstatusctx *srctx, BIO_printf(bio_err, "cert_status: AIA URL: %s\n", sk_OPENSSL_STRING_value(aia, 0)); } else { - if (!srctx->host) { + if (srctx->host == NULL) { BIO_puts(bio_err, "cert_status: no AIA and no default responder URL\n"); goto done; @@ -529,7 +529,7 @@ static int get_ocsp_resp_from_responder(SSL *s, tlsextstatusctx *srctx, } id = OCSP_cert_to_id(NULL, x, X509_OBJECT_get0_X509(obj)); X509_OBJECT_free(obj); - if (!id) + if (id == NULL) goto err; req = OCSP_REQUEST_new(); if (req == NULL) @@ -1584,7 +1584,7 @@ int s_server_main(int argc, char *argv[]) if (nocert == 0) { s_key = load_key(s_key_file, s_key_format, 0, pass, engine, "server certificate private key file"); - if (!s_key) { + if (s_key == NULL) { ERR_print_errors(bio_err); goto end; } @@ -1592,20 +1592,20 @@ int s_server_main(int argc, char *argv[]) s_cert = load_cert(s_cert_file, s_cert_format, "server certificate file"); - if (!s_cert) { + if (s_cert == NULL) { ERR_print_errors(bio_err); goto end; } - if (s_chain_file) { + if (s_chain_file != NULL) { if (!load_certs(s_chain_file, &s_chain, FORMAT_PEM, NULL, "server certificate chain")) goto end; } - if (tlsextcbp.servername) { + if (tlsextcbp.servername != NULL) { s_key2 = load_key(s_key_file2, s_key_format, 0, pass, engine, "second server certificate private key file"); - if (!s_key2) { + if (s_key2 == NULL) { ERR_print_errors(bio_err); goto end; } @@ -1613,7 +1613,7 @@ int s_server_main(int argc, char *argv[]) s_cert2 = load_cert(s_cert_file2, s_cert_format, "second server certificate file"); - if (!s_cert2) { + if (s_cert2 == NULL) { ERR_print_errors(bio_err); goto end; } @@ -1633,16 +1633,16 @@ int s_server_main(int argc, char *argv[]) goto end; } - if (crl_file) { + if (crl_file != NULL) { X509_CRL *crl; crl = load_crl(crl_file, crl_format); - if (!crl) { + if (crl == NULL) { BIO_puts(bio_err, "Error loading CRL\n"); ERR_print_errors(bio_err); goto end; } crls = sk_X509_CRL_new_null(); - if (!crls || !sk_X509_CRL_push(crls, crl)) { + if (crls == NULL || !sk_X509_CRL_push(crls, crl)) { BIO_puts(bio_err, "Error adding CRL\n"); ERR_print_errors(bio_err); X509_CRL_free(crl); @@ -1650,14 +1650,14 @@ int s_server_main(int argc, char *argv[]) } } - if (s_dcert_file) { + if (s_dcert_file != NULL) { if (s_dkey_file == NULL) s_dkey_file = s_dcert_file; s_dkey = load_key(s_dkey_file, s_dkey_format, 0, dpass, engine, "second certificate private key file"); - if (!s_dkey) { + if (s_dkey == NULL) { ERR_print_errors(bio_err); goto end; } @@ -1665,11 +1665,11 @@ int s_server_main(int argc, char *argv[]) s_dcert = load_cert(s_dcert_file, s_dcert_format, "second server certificate file"); - if (!s_dcert) { + if (s_dcert == NULL) { ERR_print_errors(bio_err); goto end; } - if (s_dchain_file) { + if (s_dchain_file != NULL) { if (!load_certs(s_dchain_file, &s_dchain, FORMAT_PEM, NULL, "second server certificate chain")) goto end; @@ -1689,7 +1689,7 @@ int s_server_main(int argc, char *argv[]) if (bio_s_out == NULL) { if (s_quiet && !s_debug) { bio_s_out = BIO_new(BIO_s_null()); - if (s_msg && !bio_s_msg) + if (s_msg && bio_s_msg == NULL) bio_s_msg = dup_bio_out(FORMAT_TEXT); } else { if (bio_s_out == NULL) @@ -1740,7 +1740,7 @@ int s_server_main(int argc, char *argv[]) BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix); } SSL_CTX_set_quiet_shutdown(ctx, 1); - if (exc) + if (exc != NULL) ssl_ctx_set_excert(ctx, exc); if (state) @@ -1819,7 +1819,7 @@ int s_server_main(int argc, char *argv[]) } } - if (ctx2) { + if (ctx2 != NULL) { BIO_printf(bio_s_out, "Setting secondary ctx parameters\n"); if (sdebug) @@ -1837,7 +1837,7 @@ int s_server_main(int argc, char *argv[]) BIO_printf(bio_err, "id_prefix '%s' set.\n", session_id_prefix); } SSL_CTX_set_quiet_shutdown(ctx2, 1); - if (exc) + if (exc != NULL) ssl_ctx_set_excert(ctx2, exc); if (state) @@ -1880,9 +1880,9 @@ int s_server_main(int argc, char *argv[]) if (!no_dhe) { DH *dh = NULL; - if (dhfile) + if (dhfile != NULL) dh = load_dh_param(dhfile); - else if (s_cert_file) + else if (s_cert_file != NULL) dh = load_dh_param(s_cert_file); if (dh != NULL) { @@ -1892,16 +1892,16 @@ int s_server_main(int argc, char *argv[]) } (void)BIO_flush(bio_s_out); - if (dh == NULL) + if (dh == NULL) { SSL_CTX_set_dh_auto(ctx, 1); - else if (!SSL_CTX_set_tmp_dh(ctx, dh)) { + } else if (!SSL_CTX_set_tmp_dh(ctx, dh)) { BIO_puts(bio_err, "Error setting temp DH parameters\n"); ERR_print_errors(bio_err); DH_free(dh); goto end; } - if (ctx2) { + if (ctx2 != NULL) { if (!dhfile) { DH *dh2 = load_dh_param(s_cert_file2); if (dh2 != NULL) { @@ -1912,9 +1912,9 @@ int s_server_main(int argc, char *argv[]) dh = dh2; } } - if (dh == NULL) + if (dh == NULL) { SSL_CTX_set_dh_auto(ctx2, 1); - else if (!SSL_CTX_set_tmp_dh(ctx2, dh)) { + } else if (!SSL_CTX_set_tmp_dh(ctx2, dh)) { BIO_puts(bio_err, "Error setting temp DH parameters\n"); ERR_print_errors(bio_err); DH_free(dh); @@ -1934,7 +1934,8 @@ int s_server_main(int argc, char *argv[]) goto end; } - if (ctx2 && !set_cert_key_stuff(ctx2, s_cert2, s_key2, NULL, build_chain)) + if (ctx2 != NULL + && !set_cert_key_stuff(ctx2, s_cert2, s_key2, NULL, build_chain)) goto end; if (s_dcert != NULL) { @@ -1946,7 +1947,7 @@ int s_server_main(int argc, char *argv[]) SSL_CTX_set_not_resumable_session_callback(ctx, not_resumable_sess_cb); - if (ctx2) + if (ctx2 != NULL) SSL_CTX_set_not_resumable_session_callback(ctx2, not_resumable_sess_cb); } @@ -1977,7 +1978,7 @@ int s_server_main(int argc, char *argv[]) SSL_CTX_set_cookie_generate_cb(ctx, generate_cookie_callback); SSL_CTX_set_cookie_verify_cb(ctx, verify_cookie_callback); - if (ctx2) { + if (ctx2 != NULL) { SSL_CTX_set_verify(ctx2, s_server_verify, verify_callback); if (!SSL_CTX_set_session_id_context(ctx2, (void *)&s_server_session_id_context, @@ -2373,8 +2374,9 @@ static int sv_body(int s, int stype, int prot, unsigned char *context) } } assert(lf_num == 0); - } else + } else { i = raw_read_stdin(buf, bufsize); + } if (!s_quiet && !s_brief) { if ((i <= 0) || (buf[0] == 'Q')) { @@ -2868,7 +2870,7 @@ static int www_body(int s, int stype, int prot, unsigned char *context) SSL_set_tlsext_debug_arg(con, bio_s_out); } - if (context + if (context != NULL && !SSL_set_session_id_context(con, context, strlen((char *)context))) goto err; @@ -3237,7 +3239,7 @@ static int rev_body(int s, int stype, int prot, unsigned char *context) SSL_set_tlsext_debug_callback(con, tlsext_cb); SSL_set_tlsext_debug_arg(con, bio_s_out); } - if (context + if (context != NULL && !SSL_set_session_id_context(con, context, strlen((char *)context))) { ERR_print_errors(bio_err); diff --git a/apps/s_time.c b/apps/s_time.c index 998ef72b88..bae2524af5 100644 --- a/apps/s_time.c +++ b/apps/s_time.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -245,9 +245,9 @@ int s_time_main(int argc, char **argv) BIO_closesocket(SSL_get_fd(scon)); nConn += 1; - if (SSL_session_reused(scon)) + if (SSL_session_reused(scon)) { ver = 'r'; - else { + } else { ver = SSL_version(scon); if (ver == TLS1_VERSION) ver = 't'; @@ -318,7 +318,7 @@ int s_time_main(int argc, char **argv) if ((doConnection(scon, host, ctx)) == NULL) goto end; - if (www_path) { + if (www_path != NULL) { BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n", www_path); if (SSL_write(scon, buf, strlen(buf)) <= 0) @@ -334,9 +334,9 @@ int s_time_main(int argc, char **argv) BIO_closesocket(SSL_get_fd(scon)); nConn += 1; - if (SSL_session_reused(scon)) + if (SSL_session_reused(scon)) { ver = 'r'; - else { + } else { ver = SSL_version(scon); if (ver == TLS1_VERSION) ver = 't'; diff --git a/apps/sess_id.c b/apps/sess_id.c index 38624cf47b..b9f249e5ac 100644 --- a/apps/sess_id.c +++ b/apps/sess_id.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -100,14 +100,14 @@ int sess_id_main(int argc, char **argv) } peer = SSL_SESSION_get0_peer(x); - if (context) { + if (context != NULL) { size_t ctx_len = strlen(context); if (ctx_len > SSL_MAX_SID_CTX_LENGTH) { BIO_printf(bio_err, "Context too long\n"); goto end; } if (!SSL_SESSION_set1_id_context(x, (unsigned char *)context, - ctx_len)) { + ctx_len)) { BIO_printf(bio_err, "Error setting id context\n"); goto end; } @@ -131,13 +131,13 @@ int sess_id_main(int argc, char **argv) } if (!noout && !cert) { - if (outformat == FORMAT_ASN1) + if (outformat == FORMAT_ASN1) { i = i2d_SSL_SESSION_bio(out, x); - else if (outformat == FORMAT_PEM) + } else if (outformat == FORMAT_PEM) { i = PEM_write_bio_SSL_SESSION(out, x); - else if (outformat == FORMAT_NSS) + } else if (outformat == FORMAT_NSS) { i = SSL_SESSION_print_keylog(out, x); - else { + } else { BIO_printf(bio_err, "bad output format specified for outfile\n"); goto end; } @@ -146,11 +146,11 @@ int sess_id_main(int argc, char **argv) goto end; } } else if (!noout && (peer != NULL)) { /* just print the certificate */ - if (outformat == FORMAT_ASN1) + if (outformat == FORMAT_ASN1) { i = (int)i2d_X509_bio(out, peer); - else if (outformat == FORMAT_PEM) + } else if (outformat == FORMAT_PEM) { i = PEM_write_bio_X509(out, peer); - else { + } else { BIO_printf(bio_err, "bad output format specified for outfile\n"); goto end; } diff --git a/apps/smime.c b/apps/smime.c index abc139e807..babe4ef488 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -245,7 +245,7 @@ int smime_main(int argc, char **argv) break; case OPT_SIGNER: /* If previous -signer argument add signer to list */ - if (signerfile) { + if (signerfile != NULL) { if (sksigners == NULL && (sksigners = sk_OPENSSL_STRING_new_null()) == NULL) goto end; @@ -273,7 +273,7 @@ int smime_main(int argc, char **argv) break; case OPT_INKEY: /* If previous -inkey argument add signer to list */ - if (keyfile) { + if (keyfile != NULL) { if (signerfile == NULL) { BIO_printf(bio_err, "%s: Must have -signer before -inkey\n", prog); @@ -323,7 +323,7 @@ int smime_main(int argc, char **argv) argc = opt_num_rest(); argv = opt_rest(); - if (!(operation & SMIME_SIGNERS) && (skkeys || sksigners)) { + if (!(operation & SMIME_SIGNERS) && (skkeys != NULL || sksigners != NULL)) { BIO_puts(bio_err, "Multiple signers or keys not allowed\n"); goto opthelp; } @@ -334,8 +334,8 @@ int smime_main(int argc, char **argv) BIO_puts(bio_err, "Illegal -inkey without -signer\n"); goto opthelp; } - if (signerfile) { - if (!sksigners + if (signerfile != NULL) { + if (sksigners == NULL && (sksigners = sk_OPENSSL_STRING_new_null()) == NULL) goto end; sk_OPENSSL_STRING_push(sksigners, signerfile); @@ -345,7 +345,7 @@ int smime_main(int argc, char **argv) keyfile = signerfile; sk_OPENSSL_STRING_push(skkeys, keyfile); } - if (!sksigners) { + if (sksigners == NULL) { BIO_printf(bio_err, "No signer certificate specified\n"); goto opthelp; } @@ -353,7 +353,7 @@ int smime_main(int argc, char **argv) keyfile = NULL; need_rand = 1; } else if (operation == SMIME_DECRYPT) { - if (!recipfile && !keyfile) { + if (recipfile == NULL && keyfile == NULL) { BIO_printf(bio_err, "No recipient certificate or key specified\n"); goto opthelp; @@ -364,8 +364,9 @@ int smime_main(int argc, char **argv) goto opthelp; } need_rand = 1; - } else if (!operation) + } else if (!operation) { goto opthelp; + } if (!app_passwd(passinarg, NULL, &passin, NULL)) { BIO_printf(bio_err, "Error getting password\n"); @@ -395,7 +396,7 @@ int smime_main(int argc, char **argv) } if (operation == SMIME_ENCRYPT) { - if (!cipher) { + if (cipher == NULL) { #ifndef OPENSSL_NO_DES cipher = EVP_des_ede3_cbc(); #else @@ -404,9 +405,9 @@ int smime_main(int argc, char **argv) #endif } encerts = sk_X509_new_null(); - if (!encerts) + if (encerts == NULL) goto end; - while (*argv) { + while (*argv != NULL) { cert = load_cert(*argv, FORMAT_PEM, "recipient certificate file"); if (cert == NULL) @@ -417,7 +418,7 @@ int smime_main(int argc, char **argv) } } - if (certfile) { + if (certfile != NULL) { if (!load_certs(certfile, &other, FORMAT_PEM, NULL, "certificate file")) { ERR_print_errors(bio_err); @@ -425,7 +426,7 @@ int smime_main(int argc, char **argv) } } - if (recipfile && (operation == SMIME_DECRYPT)) { + if (recipfile != NULL && (operation == SMIME_DECRYPT)) { if ((recip = load_cert(recipfile, FORMAT_PEM, "recipient certificate file")) == NULL) { ERR_print_errors(bio_err); @@ -434,17 +435,18 @@ int smime_main(int argc, char **argv) } if (operation == SMIME_DECRYPT) { - if (!keyfile) + if (keyfile == NULL) keyfile = recipfile; } else if (operation == SMIME_SIGN) { - if (!keyfile) + if (keyfile == NULL) keyfile = signerfile; - } else + } else { keyfile = NULL; + } - if (keyfile) { + if (keyfile != NULL) { key = load_key(keyfile, keyform, 0, passin, e, "signing key file"); - if (!key) + if (key == NULL) goto end; } @@ -453,22 +455,22 @@ int smime_main(int argc, char **argv) goto end; if (operation & SMIME_IP) { - if (informat == FORMAT_SMIME) + if (informat == FORMAT_SMIME) { p7 = SMIME_read_PKCS7(in, &indata); - else if (informat == FORMAT_PEM) + } else if (informat == FORMAT_PEM) { p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL); - else if (informat == FORMAT_ASN1) + } else if (informat == FORMAT_ASN1) { p7 = d2i_PKCS7_bio(in, NULL); - else { + } else { BIO_printf(bio_err, "Bad input format for PKCS#7 file\n"); goto end; } - if (!p7) { + if (p7 == NULL) { BIO_printf(bio_err, "Error reading S/MIME message\n"); goto end; } - if (contfile) { + if (contfile != NULL) { BIO_free(indata); if ((indata = BIO_new_file(contfile, "rb")) == NULL) { BIO_printf(bio_err, "Can't read content file %s\n", contfile); @@ -505,11 +507,12 @@ int smime_main(int argc, char **argv) if (flags & PKCS7_DETACHED) { if (outformat == FORMAT_SMIME) flags |= PKCS7_STREAM; - } else if (indef) + } else if (indef) { flags |= PKCS7_STREAM; + } flags |= PKCS7_PARTIAL; p7 = PKCS7_sign(NULL, NULL, other, in, flags); - if (!p7) + if (p7 == NULL) goto end; if (flags & PKCS7_NOCERTS) { for (i = 0; i < sk_X509_num(other); i++) { @@ -517,17 +520,18 @@ int smime_main(int argc, char **argv) PKCS7_add_certificate(p7, x); } } - } else + } else { flags |= PKCS7_REUSE_DIGEST; + } for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) { signerfile = sk_OPENSSL_STRING_value(sksigners, i); keyfile = sk_OPENSSL_STRING_value(skkeys, i); signer = load_cert(signerfile, FORMAT_PEM, "signer certificate"); - if (!signer) + if (signer == NULL) goto end; key = load_key(keyfile, keyform, 0, passin, e, "signing key file"); - if (!key) + if (key == NULL) goto end; if (!PKCS7_sign_add_signer(p7, signer, key, sign_md, flags)) goto end; @@ -543,7 +547,7 @@ int smime_main(int argc, char **argv) } } - if (!p7) { + if (p7 == NULL) { BIO_printf(bio_err, "Error creating PKCS#7 structure\n"); goto end; } @@ -569,9 +573,9 @@ int smime_main(int argc, char **argv) goto end; } sk_X509_free(signers); - } else if (operation == SMIME_PK7OUT) + } else if (operation == SMIME_PK7OUT) { PEM_write_bio_PKCS7(out, p7); - else { + } else { if (to) BIO_printf(out, "To: %s%s", to, mime_eol); if (from) @@ -583,11 +587,11 @@ int smime_main(int argc, char **argv) rv = SMIME_write_PKCS7(out, p7, indata, flags); else rv = SMIME_write_PKCS7(out, p7, in, flags); - } else if (outformat == FORMAT_PEM) + } else if (outformat == FORMAT_PEM) { rv = PEM_write_bio_PKCS7_stream(out, p7, in, flags); - else if (outformat == FORMAT_ASN1) + } else if (outformat == FORMAT_ASN1) { rv = i2d_PKCS7_bio_stream(out, p7, in, flags); - else { + } else { BIO_printf(bio_err, "Bad output format for PKCS#7 file\n"); goto end; } @@ -626,10 +630,11 @@ static int save_certs(char *signerfile, STACK_OF(X509) *signers) { int i; BIO *tmp; - if (!signerfile) + + if (signerfile == NULL) return 1; tmp = BIO_new_file(signerfile, "w"); - if (!tmp) + if (tmp == NULL) return 0; for (i = 0; i < sk_X509_num(signers); i++) PEM_write_bio_X509(tmp, sk_X509_value(signers, i)); @@ -652,5 +657,4 @@ static int smime_cb(int ok, X509_STORE_CTX *ctx) policies_print(ctx); return ok; - } diff --git a/apps/speed.c b/apps/speed.c index fdc0f7c87a..3a1f9602ca 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -2640,7 +2640,7 @@ int speed_main(int argc, char **argv) EVP_PKEY_CTX_free(pctx); pctx = NULL; } - if (!kctx || /* keygen ctx is not null */ + if (kctx == NULL || /* keygen ctx is not null */ !EVP_PKEY_keygen_init(kctx) /* init keygen ctx */ ) { ecdh_checks = 0; BIO_printf(bio_err, "ECDH keygen failure.\n"); diff --git a/apps/srp.c b/apps/srp.c index 3b19f86312..c31830e3e6 100644 --- a/apps/srp.c +++ b/apps/srp.c @@ -1,5 +1,5 @@ /* - * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2004-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -139,8 +139,8 @@ static char *srp_verify_user(const char *user, const char *srp_verifier, BIO_printf(bio_err, "Pass %s\n", password); OPENSSL_assert(srp_usersalt != NULL); - if (!(gNid = SRP_create_verifier(user, password, &srp_usersalt, - &verifier, N, g)) ) { + if ((gNid = SRP_create_verifier(user, password, &srp_usersalt, + &verifier, N, g)) == NULL) { BIO_printf(bio_err, "Internal error validating SRP verifier\n"); } else { if (strcmp(verifier, srp_verifier)) @@ -170,8 +170,8 @@ static char *srp_create_user(char *user, char **srp_verifier, if (verbose) BIO_printf(bio_err, "Creating\n user=\"%s\"\n g=\"%s\"\n N=\"%s\"\n", user, g, N); - if (!(gNid = SRP_create_verifier(user, password, &salt, - srp_verifier, N, g)) ) { + if ((gNid = SRP_create_verifier(user, password, &salt, + srp_verifier, N, g)) == NULL) { BIO_printf(bio_err, "Internal error creating SRP verifier\n"); } else { *srp_usersalt = salt; @@ -283,7 +283,7 @@ int srp_main(int argc, char **argv) argc = opt_num_rest(); argv = opt_rest(); - if (srpvfile && configfile) { + if (srpvfile != NULL && configfile != NULL) { BIO_printf(bio_err, "-srpvfile and -configfile cannot be specified together.\n"); goto end; @@ -299,7 +299,7 @@ int srp_main(int argc, char **argv) "Need at least one user for options -add, -delete, -modify. \n"); goto opthelp; } - if ((passinarg || passoutarg) && argc != 1) { + if ((passinarg != NULL || passoutarg != NULL) && argc != 1) { BIO_printf(bio_err, "-passin, -passout arguments only valid with one user.\n"); goto opthelp; @@ -310,8 +310,8 @@ int srp_main(int argc, char **argv) goto end; } - if (!srpvfile) { - if (!configfile) + if (srpvfile == NULL) { + if (configfile == NULL) configfile = default_config_file; if (verbose) @@ -399,17 +399,15 @@ int srp_main(int argc, char **argv) if (user != NULL && verbose > 1) BIO_printf(bio_err, "Processing user \"%s\"\n", user); - if ((userindex = get_index(db, user, 'U')) >= 0) { + if ((userindex = get_index(db, user, 'U')) >= 0) print_user(db, userindex, (verbose > 0) || mode == OPT_LIST); - } if (mode == OPT_LIST) { if (user == NULL) { BIO_printf(bio_err, "List all users\n"); - for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) { + for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) print_user(db, i, 1); - } } else if (userindex < 0) { BIO_printf(bio_err, "user \"%s\" does not exist, ignored. t\n", user); @@ -606,7 +604,7 @@ int srp_main(int argc, char **argv) OPENSSL_free(passout); if (ret) ERR_print_errors(bio_err); - if (randfile) + if (randfile != NULL) app_RAND_write_file(randfile); NCONF_free(conf); free_index(db); diff --git a/apps/testdsa.h b/apps/testdsa.h index 3da1fa03b4..3c4b459db1 100644 --- a/apps/testdsa.h +++ b/apps/testdsa.h @@ -1,5 +1,5 @@ /* - * Copyright 1998-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1998-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/apps/ts.c b/apps/ts.c index f4bd7f6857..636c777db1 100644 --- a/apps/ts.c +++ b/apps/ts.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -498,7 +498,7 @@ static int create_digest(BIO *input, const char *digest, const EVP_MD *md, if (md_value_len < 0) return 0; - if (input) { + if (input != NULL) { unsigned char buffer[4096]; int length; @@ -590,7 +590,7 @@ static int reply_command(CONF *conf, const char *section, const char *engine, } else { response = create_response(conf, section, engine, queryfile, passin, inkey, md, signer, chain, policy); - if (response) + if (response != NULL) BIO_printf(bio_err, "Response has been generated.\n"); else BIO_printf(bio_err, "Response is not generated.\n"); @@ -746,13 +746,14 @@ static ASN1_INTEGER *serial_cb(TS_RESP_CTX *ctx, void *data) const char *serial_file = (const char *)data; ASN1_INTEGER *serial = next_serial(serial_file); - if (!serial) { + if (serial == NULL) { TS_RESP_CTX_set_status_info(ctx, TS_STATUS_REJECTION, "Error during serial number " "generation."); TS_RESP_CTX_add_failure_info(ctx, TS_INFO_ADD_INFO_NOT_AVAILABLE); - } else + } else { save_ts_serial(serial_file, serial); + } return serial; } @@ -915,8 +916,9 @@ static TS_VERIFY_CTX *create_verify_ctx(const char *data, const char *digest, goto err; if ((ctx = TS_REQ_to_TS_VERIFY_CTX(request, NULL)) == NULL) goto err; - } else + } else { return NULL; + } /* Add the signature verification flag and arguments. */ TS_VERIFY_CTX_add_flags(ctx, f | TS_VFY_SIGNATURE); diff --git a/apps/verify.c b/apps/verify.c index 2608660d81..a814649987 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -228,9 +228,9 @@ static int check(X509_STORE *ctx, const char *file, (file == NULL) ? "stdin" : file); goto end; } - if (tchain) + if (tchain != NULL) X509_STORE_CTX_set0_trusted_stack(csc, tchain); - if (crls) + if (crls != NULL) X509_STORE_CTX_set0_crls(csc, crls); i = X509_verify_cert(csc); if (i > 0 && X509_STORE_CTX_get_error(csc) == X509_V_OK) { @@ -273,7 +273,7 @@ static int cb(int ok, X509_STORE_CTX *ctx) X509 *current_cert = X509_STORE_CTX_get_current_cert(ctx); if (!ok) { - if (current_cert) { + if (current_cert != NULL) { X509_NAME_print_ex(bio_err, X509_get_subject_name(current_cert), 0, get_nameopt()); diff --git a/apps/version.c b/apps/version.c index 28523b7bee..24f1a80fdf 100644 --- a/apps/version.c +++ b/apps/version.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -97,12 +97,11 @@ int version_main(int argc, char **argv) version = 1; if (version) { - if (OpenSSL_version_num() == OPENSSL_VERSION_NUMBER) { + if (OpenSSL_version_num() == OPENSSL_VERSION_NUMBER) printf("%s\n", OpenSSL_version(OPENSSL_VERSION)); - } else { + else printf("%s (Library: %s)\n", OPENSSL_VERSION_TEXT, OpenSSL_version(OPENSSL_VERSION)); - } } if (date) printf("%s\n", OpenSSL_version(OPENSSL_BUILT_ON)); diff --git a/apps/x509.c b/apps/x509.c index 41d6e4aa28..689d5a2465 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -462,7 +462,7 @@ int x509_main(int argc, char **argv) goto end; } - if (fkeyfile) { + if (fkeyfile != NULL) { fkey = load_pubkey(fkeyfile, keyformat, 0, NULL, e, "Forced key"); if (fkey == NULL) goto end; @@ -476,13 +476,13 @@ int x509_main(int argc, char **argv) goto end; } - if (extfile) { + if (extfile != NULL) { X509V3_CTX ctx2; if ((extconf = app_load_config(extfile)) == NULL) goto end; - if (!extsect) { + if (extsect == NULL) { extsect = NCONF_get_string(extconf, "default", "extensions"); - if (!extsect) { + if (extsect == NULL) { ERR_clear_error(); extsect = "default"; } @@ -530,8 +530,9 @@ int x509_main(int argc, char **argv) BIO_printf(bio_err, "Signature did not match the certificate request\n"); goto end; - } else + } else { BIO_printf(bio_err, "Signature ok\n"); + } print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), get_nameopt()); @@ -547,8 +548,9 @@ int x509_main(int argc, char **argv) goto end; ASN1_INTEGER_free(sno); sno = NULL; - } else if (!X509_set_serialNumber(x, sno)) + } else if (!X509_set_serialNumber(x, sno)) { goto end; + } if (!X509_set_issuer_name(x, X509_REQ_get_subject_name(req))) goto end; @@ -557,14 +559,15 @@ int x509_main(int argc, char **argv) if (!set_cert_times(x, NULL, NULL, days)) goto end; - if (fkey) + if (fkey != NULL) { X509_set_pubkey(x, fkey); - else { + } else { pkey = X509_REQ_get0_pubkey(req); X509_set_pubkey(x, pkey); } - } else + } else { x = load_cert(infile, informat, "Certificate"); + } if (x == NULL) goto end; @@ -587,7 +590,7 @@ int x509_main(int argc, char **argv) if (clrreject) X509_reject_clear(x); - if (trust) { + if (trust != NULL) { for (i = 0; i < sk_ASN1_OBJECT_num(trust); i++) { objtmp = sk_ASN1_OBJECT_value(trust, i); X509_add1_trust_object(x, objtmp); @@ -595,7 +598,7 @@ int x509_main(int argc, char **argv) objtmp = NULL; } - if (reject) { + if (reject != NULL) { for (i = 0; i < sk_ASN1_OBJECT_num(reject); i++) { objtmp = sk_ASN1_OBJECT_value(reject, i); X509_add1_reject_object(x, objtmp); @@ -754,7 +757,7 @@ int x509_main(int argc, char **argv) unsigned char md[EVP_MAX_MD_SIZE]; const EVP_MD *fdig = digest; - if (!fdig) + if (fdig == NULL) fdig = EVP_sha1(); if (!X509_digest(x, fdig, md, &n)) { @@ -850,9 +853,9 @@ int x509_main(int argc, char **argv) goto end; } - if (outformat == FORMAT_ASN1) + if (outformat == FORMAT_ASN1) { i = i2d_X509_bio(out, x); - else if (outformat == FORMAT_PEM) { + } else if (outformat == FORMAT_PEM) { if (trustout) i = PEM_write_bio_X509_AUX(out, x); else @@ -910,8 +913,9 @@ static ASN1_INTEGER *x509_load_serial(const char *CAfile, const char *serialfile break; } OPENSSL_strlcat(buf, POSTFIX, len); - } else + } else { OPENSSL_strlcpy(buf, serialfile, len); + } serial = load_serial(buf, create, NULL); if (serial == NULL) @@ -988,7 +992,7 @@ static int x509_certify(X509_STORE *ctx, const char *CAfile, const EVP_MD *diges X509_delete_ext(x, 0); } - if (conf) { + if (conf != NULL) { X509V3_CTX ctx2; X509_set_version(x, 2); /* version 3 certificate */ X509V3_set_ctx(&ctx2, xca, x, NULL, NULL, 0); @@ -1057,7 +1061,7 @@ static int sign(X509 *x, EVP_PKEY *pkey, int days, int clrext, while (X509_get_ext_count(x) > 0) X509_delete_ext(x, 0); } - if (conf) { + if (conf != NULL) { X509V3_CTX ctx; X509_set_version(x, 2); /* version 3 certificate */ X509V3_set_ctx(&ctx, x, x, NULL, NULL, 0);