Commit b2555168 authored by KaoruToda's avatar KaoruToda Committed by Rich Salz
Browse files

Various clean-ups 



Add a check for NULL return in t1_lib.c.
    Since return type of ssl_cert_lookup_by_idx is pointer and unify coding
    style, I changed from zero to NULL in ssl_cert.c.

Remove unnecessary space for ++.

Fix incorrect condition
    Expression is always false because 'else if' condition matches previous
    condition.  SInce the next line of 'else if' condition has substituted
    TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2, the 'else if'
    condition should compare with NID_X9_62_characteristic_two_field.

Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4562)
parent 9b02dc97

ssl/ssl_cert.c

+1 −1
Original line number Original line Diff line number Diff line
@@ -1002,6 +1002,6 @@ const SSL_CERT_LOOKUP *ssl_cert_lookup_by_pkey(const EVP_PKEY *pk, size_t *pidx) 
const SSL_CERT_LOOKUP *ssl_cert_lookup_by_idx(size_t idx)

const SSL_CERT_LOOKUP *ssl_cert_lookup_by_idx(size_t idx)

{

{

    if (idx >= OSSL_NELEM(ssl_cert_info))

    if (idx >= OSSL_NELEM(ssl_cert_info))

        return 0;

        return NULL;

    return &ssl_cert_info[idx];

    return &ssl_cert_info[idx];

}
 
}

ssl/t1_lib.c

+4 −2
Original line number Original line Diff line number Diff line
@@ -445,7 +445,7 @@ static int tls1_check_pkey_comp(SSL *s, EVP_PKEY *pkey) 




        if (field_type == NID_X9_62_prime_field)

        if (field_type == NID_X9_62_prime_field)

            comp_id = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;

            comp_id = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime;

        else if (field_type == NID_X9_62_prime_field)

        else if (field_type == NID_X9_62_characteristic_two_field)

            comp_id = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;

            comp_id = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2;

        else

        else

            return 0;

            return 0;
@@ -1411,6 +1411,8 @@ void ssl_set_sig_mask(uint32_t *pmask_a, SSL *s, int op) 
            continue;

            continue;





        clu = ssl_cert_lookup_by_idx(lu->sig_idx);

        clu = ssl_cert_lookup_by_idx(lu->sig_idx);

	if (clu == NULL)

		continue;





        /* If algorithm is disabled see if we can enable it */

        /* If algorithm is disabled see if we can enable it */

        if ((clu->amask & disabled_mask) != 0

        if ((clu->amask & disabled_mask) != 0