aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--crypto/x509/x509_lu.c118
-rw-r--r--crypto/x509/x509_vfy.c62
2 files changed, 93 insertions, 87 deletions
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index 8dfd75591c..1e6c040145 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -68,7 +68,7 @@ X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
X509_LOOKUP *ret;
ret=(X509_LOOKUP *)OPENSSL_malloc(sizeof(X509_LOOKUP));
- if (ret == NULL) return(NULL);
+ if (ret == NULL) return NULL;
ret->init=0;
ret->skip=0;
@@ -78,9 +78,9 @@ X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
if ((method->new_item != NULL) && !method->new_item(ret))
{
OPENSSL_free(ret);
- return(NULL);
+ return NULL;
}
- return(ret);
+ return ret;
}
void X509_LOOKUP_free(X509_LOOKUP *ctx)
@@ -94,39 +94,39 @@ void X509_LOOKUP_free(X509_LOOKUP *ctx)
int X509_LOOKUP_init(X509_LOOKUP *ctx)
{
- if (ctx->method == NULL) return(0);
+ if (ctx->method == NULL) return (0);
if (ctx->method->init != NULL)
- return(ctx->method->init(ctx));
+ return ctx->method->init(ctx);
else
- return(1);
+ return 1;
}
int X509_LOOKUP_shutdown(X509_LOOKUP *ctx)
{
- if (ctx->method == NULL) return(0);
+ if (ctx->method == NULL) return 0;
if (ctx->method->shutdown != NULL)
- return(ctx->method->shutdown(ctx));
+ return ctx->method->shutdown(ctx);
else
- return(1);
+ return 1;
}
int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
char **ret)
{
- if (ctx->method == NULL) return(-1);
+ if (ctx->method == NULL) return -1;
if (ctx->method->ctrl != NULL)
- return(ctx->method->ctrl(ctx,cmd,argc,argl,ret));
+ return ctx->method->ctrl(ctx,cmd,argc,argl,ret);
else
- return(1);
+ return 1;
}
int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
X509_OBJECT *ret)
{
if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL))
- return(X509_LU_FAIL);
- if (ctx->skip) return(0);
- return(ctx->method->get_by_subject(ctx,type,name,ret));
+ return X509_LU_FAIL;
+ if (ctx->skip) return 0;
+ return ctx->method->get_by_subject(ctx,type,name,ret);
}
int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
@@ -134,24 +134,24 @@ int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
{
if ((ctx->method == NULL) ||
(ctx->method->get_by_issuer_serial == NULL))
- return(X509_LU_FAIL);
- return(ctx->method->get_by_issuer_serial(ctx,type,name,serial,ret));
+ return X509_LU_FAIL;
+ return ctx->method->get_by_issuer_serial(ctx,type,name,serial,ret);
}
int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
unsigned char *bytes, int len, X509_OBJECT *ret)
{
if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
- return(X509_LU_FAIL);
- return(ctx->method->get_by_fingerprint(ctx,type,bytes,len,ret));
+ return X509_LU_FAIL;
+ return ctx->method->get_by_fingerprint(ctx,type,bytes,len,ret);
}
int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
X509_OBJECT *ret)
{
if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL))
- return(X509_LU_FAIL);
- return(ctx->method->get_by_alias(ctx,type,str,len,ret));
+ return X509_LU_FAIL;
+ return ctx->method->get_by_alias(ctx,type,str,len,ret);
}
@@ -160,7 +160,7 @@ static int x509_object_cmp(const X509_OBJECT * const *a, const X509_OBJECT * con
int ret;
ret=((*a)->type - (*b)->type);
- if (ret) return(ret);
+ if (ret) return ret;
switch ((*a)->type)
{
case X509_LU_X509:
@@ -173,7 +173,7 @@ static int x509_object_cmp(const X509_OBJECT * const *a, const X509_OBJECT * con
/* abort(); */
return 0;
}
- return(ret);
+ return ret;
}
X509_STORE *X509_STORE_new(void)
@@ -181,7 +181,7 @@ X509_STORE *X509_STORE_new(void)
X509_STORE *ret;
if ((ret=(X509_STORE *)OPENSSL_malloc(sizeof(X509_STORE))) == NULL)
- return(NULL);
+ return NULL;
ret->objs = sk_X509_OBJECT_new(x509_object_cmp);
ret->cache=1;
ret->get_cert_methods=sk_X509_LOOKUP_new_null();
@@ -190,7 +190,7 @@ X509_STORE *X509_STORE_new(void)
memset(&ret->ex_data,0,sizeof(CRYPTO_EX_DATA));
ret->references=1;
ret->depth=0;
- return(ret);
+ return ret;
}
static void cleanup(X509_OBJECT *a)
@@ -217,7 +217,7 @@ void X509_STORE_free(X509_STORE *vfy)
STACK_OF(X509_LOOKUP) *sk;
X509_LOOKUP *lu;
- if(vfy == NULL)
+ if (vfy == NULL)
return;
sk=vfy->get_cert_methods;
@@ -246,22 +246,22 @@ X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
lu=sk_X509_LOOKUP_value(sk,i);
if (m == lu->method)
{
- return(lu);
+ return lu;
}
}
/* a new one */
lu=X509_LOOKUP_new(m);
if (lu == NULL)
- return(NULL);
+ return NULL;
else
{
lu->store_ctx=v;
if (sk_X509_LOOKUP_push(v->get_cert_methods,lu))
- return(lu);
+ return lu;
else
{
X509_LOOKUP_free(lu);
- return(NULL);
+ return NULL;
}
}
}
@@ -285,7 +285,7 @@ int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
if (j < 0)
{
vs->current_method=j;
- return(j);
+ return j;
}
else if (j)
{
@@ -295,7 +295,7 @@ int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
}
vs->current_method=0;
if (tmp == NULL)
- return(0);
+ return 0;
}
/* if (ret->data.ptr != NULL)
@@ -306,7 +306,7 @@ int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
X509_OBJECT_up_ref_count(ret);
- return(1);
+ return 1;
}
int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
@@ -314,12 +314,12 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
X509_OBJECT *obj;
int ret=1;
- if (x == NULL) return(0);
+ if (x == NULL) return 0;
obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
if (obj == NULL)
{
X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE);
- return(0);
+ return 0;
}
obj->type=X509_LU_X509;
obj->data.x509=x;
@@ -340,7 +340,7 @@ int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
- return(ret);
+ return ret;
}
int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
@@ -348,12 +348,12 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
X509_OBJECT *obj;
int ret=1;
- if (x == NULL) return(0);
+ if (x == NULL) return 0;
obj=(X509_OBJECT *)OPENSSL_malloc(sizeof(X509_OBJECT));
if (obj == NULL)
{
X509err(X509_F_X509_STORE_ADD_CRL,ERR_R_MALLOC_FAILURE);
- return(0);
+ return 0;
}
obj->type=X509_LU_CRL;
obj->data.crl=x;
@@ -373,7 +373,7 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
- return(ret);
+ return ret;
}
void X509_OBJECT_up_ref_count(X509_OBJECT *a)
@@ -437,7 +437,7 @@ X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, int type,
{
int idx;
idx = X509_OBJECT_idx_by_subject(h, type, name);
- if(idx==-1) return NULL;
+ if (idx==-1) return NULL;
return sk_X509_OBJECT_value(h, idx);
}
@@ -446,13 +446,16 @@ X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x
int idx, i;
X509_OBJECT *obj;
idx = sk_X509_OBJECT_find(h, x);
- if(idx == -1) return NULL;
- if(x->type != X509_LU_X509) return sk_X509_OBJECT_value(h, idx);
- for(i = idx; i < sk_X509_OBJECT_num(h); i++) {
+ if (idx == -1) return NULL;
+ if (x->type != X509_LU_X509) return sk_X509_OBJECT_value(h, idx);
+ for (i = idx; i < sk_X509_OBJECT_num(h); i++)
+ {
obj = sk_X509_OBJECT_value(h, i);
- if(x509_object_cmp((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x)) return NULL;
- if((x->type != X509_LU_X509) || !X509_cmp(obj->data.x509, x->data.x509)) return obj;
- }
+ if (x509_object_cmp((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x))
+ return NULL;
+ if ((x->type != X509_LU_X509) || !X509_cmp(obj->data.x509, x->data.x509))
+ return obj;
+ }
return NULL;
}
@@ -494,28 +497,31 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
return 0;
}
/* If certificate matches all OK */
- if(ctx->check_issued(ctx, x, obj.data.x509)) {
- *issuer = obj.data.x509;
- return 1;
- }
+ if (ctx->check_issued(ctx, x, obj.data.x509))
+ {
+ *issuer = obj.data.x509;
+ return 1;
+ }
X509_OBJECT_free_contents(&obj);
/* Else find index of first matching cert */
idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn);
/* This shouldn't normally happen since we already have one match */
- if(idx == -1) return 0;
+ if (idx == -1) return 0;
/* Look through all matching certificates for a suitable issuer */
- for(i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++) {
+ for (i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++)
+ {
pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i);
/* See if we've ran out of matches */
- if(pobj->type != X509_LU_X509) return 0;
- if(X509_NAME_cmp(xn, X509_get_subject_name(pobj->data.x509))) return 0;
- if(ctx->check_issued(ctx, x, pobj->data.x509)) {
+ if (pobj->type != X509_LU_X509) return 0;
+ if (X509_NAME_cmp(xn, X509_get_subject_name(pobj->data.x509))) return 0;
+ if (ctx->check_issued(ctx, x, pobj->data.x509))
+ {
*issuer = pobj->data.x509;
X509_OBJECT_up_ref_count(pobj);
return 1;
+ }
}
- }
return 0;
}
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 767b74be53..db62c9f6a3 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -87,13 +87,13 @@ static STACK *x509_store_method=NULL;
static int null_callback(int ok, X509_STORE_CTX *e)
{
- return (ok);
+ return ok;
}
#if 0
static int x509_subject_cmp(X509 **a, X509 **b)
{
- return (X509_subject_name_cmp(*a,*b));
+ return X509_subject_name_cmp(*a,*b);
}
#endif
@@ -109,7 +109,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
if (ctx->cert == NULL)
{
X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
- return (-1);
+ return -1;
}
cb=ctx->verify_cb;
@@ -250,7 +250,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
{
X509_free(xtmp);
X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
- return (0);
+ return 0;
}
num++;
}
@@ -311,7 +311,7 @@ end:
}
if (sktmp != NULL) sk_X509_free(sktmp);
if (chain_ss != NULL) X509_free(chain_ss);
- return (ok);
+ return ok;
}
@@ -409,7 +409,7 @@ static int check_chain_purpose(X509_STORE_CTX *ctx)
}
ok = 1;
end:
- return (ok);
+ return ok;
#endif
}
@@ -436,7 +436,7 @@ static int check_trust(X509_STORE_CTX *ctx)
else
ctx->error = X509_V_ERR_CERT_UNTRUSTED;
ok = cb(0, ctx);
- return (ok);
+ return ok;
#endif
}
@@ -556,7 +556,7 @@ static int internal_verify(X509_STORE_CTX *ctx)
}
ok=1;
end:
- return (ok);
+ return ok;
}
int X509_cmp_current_time(ASN1_TIME *ctm)
@@ -577,7 +577,7 @@ int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time)
str=(char *)ctm->data;
if (ctm->type == V_ASN1_UTCTIME)
{
- if ((i < 11) || (i > 17)) return (0);
+ if ((i < 11) || (i > 17)) return 0;
memcpy(p,str,10);
p+=10;
str+=10;
@@ -612,7 +612,7 @@ int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time)
else
{
if ((*str != '+') && (str[5] != '-'))
- return (0);
+ return 0;
offset=((str[1]-'0')*10+(str[2]-'0'))*60;
offset+=(str[3]-'0')*10+(str[4]-'0');
if (*str == '-')
@@ -631,14 +631,14 @@ int X509_cmp_time(ASN1_TIME *ctm, time_t *cmp_time)
j=(buff2[0]-'0')*10+(buff2[1]-'0');
if (j < 50) j+=100;
- if (i < j) return (-1);
- if (i > j) return (1);
+ if (i < j) return -1;
+ if (i > j) return 1;
}
i=strcmp(buff1,buff2);
if (i == 0) /* wait a second then return younger :-) */
- return (-1);
+ return -1;
else
- return (i);
+ return i;
}
ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj)
@@ -655,7 +655,7 @@ ASN1_TIME *X509_time_adj(ASN1_TIME *s, long adj, time_t *in_tm)
t+=adj;
if (!s) return ASN1_TIME_set(s, t);
- if (s->type == V_ASN1_UTCTIME) return (ASN1_UTCTIME_set(s,t));
+ if (s->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_set(s,t);
return ASN1_GENERALIZEDTIME_set(s, t);
}
@@ -664,7 +664,7 @@ int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
EVP_PKEY *ktmp=NULL,*ktmp2;
int i,j;
- if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return (1);
+ if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return 1;
for (i=0; i<sk_X509_num(chain); i++)
{
@@ -672,7 +672,7 @@ int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
if (ktmp == NULL)
{
X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
- return (0);
+ return 0;
}
if (!EVP_PKEY_missing_parameters(ktmp))
break;
@@ -685,7 +685,7 @@ int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
if (ktmp == NULL)
{
X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
- return (0);
+ return 0;
}
/* first, populate the other certs */
@@ -698,31 +698,31 @@ int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp);
EVP_PKEY_free(ktmp);
- return (1);
+ return 1;
}
int X509_STORE_CTX_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
x509_store_ctx_num++;
- return (CRYPTO_get_ex_new_index(x509_store_ctx_num-1,
+ return CRYPTO_get_ex_new_index(x509_store_ctx_num-1,
&x509_store_ctx_method,
- argl,argp,new_func,dup_func,free_func));
+ argl,argp,new_func,dup_func,free_func);
}
int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)
{
- return (CRYPTO_set_ex_data(&ctx->ex_data,idx,data));
+ return CRYPTO_set_ex_data(&ctx->ex_data,idx,data);
}
void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx)
{
- return (CRYPTO_get_ex_data(&ctx->ex_data,idx));
+ return CRYPTO_get_ex_data(&ctx->ex_data,idx);
}
int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
{
- return (ctx->error);
+ return ctx->error;
}
void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
@@ -732,17 +732,17 @@ void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
{
- return (ctx->error_depth);
+ return ctx->error_depth;
}
X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
{
- return (ctx->current_cert);
+ return ctx->current_cert;
}
STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
{
- return (ctx->chain);
+ return ctx->chain;
}
STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
@@ -756,7 +756,7 @@ STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx)
x = sk_X509_value(chain, i);
CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509);
}
- return (chain);
+ return chain;
}
void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
@@ -903,13 +903,13 @@ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags)
{
- ctx->flags |= flags;
+ ctx->flags |= flags;
}
void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t)
{
- ctx->check_time = t;
- ctx->flags |= X509_V_FLAG_USE_CHECK_TIME;
+ ctx->check_time = t;
+ ctx->flags |= X509_V_FLAG_USE_CHECK_TIME;
}
IMPLEMENT_STACK_OF(X509)
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-21 03:08:10 +0000