Use p==NULL not !p (in if statements, mainly)

[thirdparty/openssl.git] / crypto / ocsp / ocsp_ext.c

diff --git a/crypto/ocsp/ocsp_ext.c b/crypto/ocsp/ocsp_ext.c
index 04ae17f8a7dbe23b034c542c0ce27826397e846f..63a8332c15114ec96d5e81af16a715a3e14327af 100644 (file)
--- a/crypto/ocsp/ocsp_ext.c
+++ b/crypto/ocsp/ocsp_ext.c
@@ -319,15 +319,14 @@ static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts,
     ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL);
     if (val)
         memcpy(tmpval, val, len);
-    else
-        RAND_pseudo_bytes(tmpval, len);
+    else if (RAND_bytes(tmpval, len) <= 0)
+        goto err;
     if (!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce,
                          &os, 0, X509V3_ADD_REPLACE))
         goto err;
     ret = 1;
  err:
-    if (os.data)
-        OPENSSL_free(os.data);
+    OPENSSL_free(os.data);
     return ret;
 }
 
@@ -388,7 +387,8 @@ int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs)
      */
     req_ext = OCSP_REQUEST_get_ext(req, req_idx);
     resp_ext = OCSP_BASICRESP_get_ext(bs, resp_idx);
-    if (ASN1_OCTET_STRING_cmp(req_ext->value, resp_ext->value))
+    if (ASN1_OCTET_STRING_cmp(X509_EXTENSION_get_data(req_ext),
+                              X509_EXTENSION_get_data(resp_ext)))
         return 0;
     return 1;
 }
@@ -415,30 +415,29 @@ X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim)
     X509_EXTENSION *x = NULL;
     OCSP_CRLID *cid = NULL;
 
-    if (!(cid = OCSP_CRLID_new()))
+    if ((cid = OCSP_CRLID_new()) == NULL)
         goto err;
     if (url) {
-        if (!(cid->crlUrl = ASN1_IA5STRING_new()))
+        if ((cid->crlUrl = ASN1_IA5STRING_new()) == NULL)
             goto err;
         if (!(ASN1_STRING_set(cid->crlUrl, url, -1)))
             goto err;
     }
     if (n) {
-        if (!(cid->crlNum = ASN1_INTEGER_new()))
+        if ((cid->crlNum = ASN1_INTEGER_new()) == NULL)
             goto err;
         if (!(ASN1_INTEGER_set(cid->crlNum, *n)))
             goto err;
     }
     if (tim) {
-        if (!(cid->crlTime = ASN1_GENERALIZEDTIME_new()))
+        if ((cid->crlTime = ASN1_GENERALIZEDTIME_new()) == NULL)
             goto err;
         if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim)))
             goto err;
     }
     x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid);
  err:
-    if (cid)
-        OCSP_CRLID_free(cid);
+    OCSP_CRLID_free(cid);
     return x;
 }
 
@@ -450,7 +449,7 @@ X509_EXTENSION *OCSP_accept_responses_new(char **oids)
     ASN1_OBJECT *o = NULL;
     X509_EXTENSION *x = NULL;
 
-    if (!(sk = sk_ASN1_OBJECT_new_null()))
+    if ((sk = sk_ASN1_OBJECT_new_null()) == NULL)
         goto err;
     while (oids && *oids) {
         if ((nid = OBJ_txt2nid(*oids)) != NID_undef && (o = OBJ_nid2obj(nid)))
@@ -459,8 +458,7 @@ X509_EXTENSION *OCSP_accept_responses_new(char **oids)
     }
     x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk);
  err:
-    if (sk)
-        sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
+    sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
     return x;
 }
 
@@ -470,14 +468,13 @@ X509_EXTENSION *OCSP_archive_cutoff_new(char *tim)
     X509_EXTENSION *x = NULL;
     ASN1_GENERALIZEDTIME *gt = NULL;
 
-    if (!(gt = ASN1_GENERALIZEDTIME_new()))
+    if ((gt = ASN1_GENERALIZEDTIME_new()) == NULL)
         goto err;
     if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim)))
         goto err;
     x = X509V3_EXT_i2d(NID_id_pkix_OCSP_archiveCutoff, 0, gt);
  err:
-    if (gt)
-        ASN1_GENERALIZEDTIME_free(gt);
+    ASN1_GENERALIZEDTIME_free(gt);
     return x;
 }
 
@@ -493,20 +490,21 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls)
     OCSP_SERVICELOC *sloc = NULL;
     ACCESS_DESCRIPTION *ad = NULL;
 
-    if (!(sloc = OCSP_SERVICELOC_new()))
+    if ((sloc = OCSP_SERVICELOC_new()) == NULL)
         goto err;
-    if (!(sloc->issuer = X509_NAME_dup(issuer)))
+    if ((sloc->issuer = X509_NAME_dup(issuer)) == NULL)
         goto err;
-    if (urls && *urls && !(sloc->locator = sk_ACCESS_DESCRIPTION_new_null()))
+    if (urls && *urls
+        && (sloc->locator = sk_ACCESS_DESCRIPTION_new_null()) == NULL)
         goto err;
     while (urls && *urls) {
-        if (!(ad = ACCESS_DESCRIPTION_new()))
+        if ((ad = ACCESS_DESCRIPTION_new()) == NULL)
             goto err;
-        if (!(ad->method = OBJ_nid2obj(NID_ad_OCSP)))
+        if ((ad->method = OBJ_nid2obj(NID_ad_OCSP)) == NULL)
             goto err;
-        if (!(ad->location = GENERAL_NAME_new()))
+        if ((ad->location = GENERAL_NAME_new()) == NULL)
             goto err;
-        if (!(ia5 = ASN1_IA5STRING_new()))
+        if ((ia5 = ASN1_IA5STRING_new()) == NULL)
             goto err;
         if (!ASN1_STRING_set((ASN1_STRING *)ia5, *urls, -1))
             goto err;
@@ -518,7 +516,6 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls)
     }
     x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc);
  err:
-    if (sloc)
-        OCSP_SERVICELOC_free(sloc);
+    OCSP_SERVICELOC_free(sloc);
     return x;
 }