diff options
author | KaoruToda <kunnpuu@gmail.com> | 2017-10-20 22:58:46 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2017-10-20 22:58:46 -0400 |
commit | b2555168ecf6e88ad9aeb0ad4f7b7a714901d575 (patch) | |
tree | b6fd7dd897650fd824bcbfaaac76825e867a9cc6 | |
parent | 9b02dc97e4963969da69675a871dbe80e6d31cda (diff) | |
download | openssl-b2555168ecf6e88ad9aeb0ad4f7b7a714901d575.tar.gz |
Various clean-ups
Add a check for NULL return in t1_lib.c.
Since return type of ssl_cert_lookup_by_idx is pointer and unify coding
style, I changed from zero to NULL in ssl_cert.c.
Remove unnecessary space for ++.
Fix incorrect condition
Expression is always false because 'else if' condition matches previous
condition. SInce the next line of 'else if' condition has substituted
TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2, the 'else if'
condition should compare with NID_X9_62_characteristic_two_field.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4562)
-rw-r--r-- | ssl/ssl_cert.c | 2 | ||||
-rw-r--r-- | ssl/t1_lib.c | 6 |
2 files changed, 5 insertions, 3 deletions
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 3de3c2c7c5..43b084d607 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -1002,6 +1002,6 @@ const SSL_CERT_LOOKUP *ssl_cert_lookup_by_pkey(const EVP_PKEY *pk, size_t *pidx) const SSL_CERT_LOOKUP *ssl_cert_lookup_by_idx(size_t idx) { if (idx >= OSSL_NELEM(ssl_cert_info)) - return 0; + return NULL; return &ssl_cert_info[idx]; } diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index bb097ed938..28b25e122f 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -445,7 +445,7 @@ static int tls1_check_pkey_comp(SSL *s, EVP_PKEY *pkey) if (field_type == NID_X9_62_prime_field) comp_id = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_prime; - else if (field_type == NID_X9_62_prime_field) + else if (field_type == NID_X9_62_characteristic_two_field) comp_id = TLSEXT_ECPOINTFORMAT_ansiX962_compressed_char2; else return 0; @@ -1403,7 +1403,7 @@ void ssl_set_sig_mask(uint32_t *pmask_a, SSL *s, int op) * in disabled_mask. */ sigalgslen = tls12_get_psigalgs(s, 1, &sigalgs); - for (i = 0; i < sigalgslen; i ++, sigalgs++) { + for (i = 0; i < sigalgslen; i++, sigalgs++) { const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(*sigalgs); const SSL_CERT_LOOKUP *clu; @@ -1411,6 +1411,8 @@ void ssl_set_sig_mask(uint32_t *pmask_a, SSL *s, int op) continue; clu = ssl_cert_lookup_by_idx(lu->sig_idx); + if (clu == NULL) + continue; /* If algorithm is disabled see if we can enable it */ if ((clu->amask & disabled_mask) != 0 |