From: Alberto Leiva Popper Date: Fri, 30 Jan 2026 22:29:58 +0000 (-0600) Subject: Improve NID API usage X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e9e10f66784aa82e825cd1d9a115a7368f722f50;p=thirdparty%2FFORT-validator.git Improve NID API usage The code was seemingly assuming that NID_undef == 0. --- diff --git a/src/nid.c b/src/nid.c index b801b95e..06fd46ec 100644 --- a/src/nid.c +++ b/src/nid.c @@ -25,18 +25,20 @@ register_oid(const char *oid, const char *sn, const char *ln) /* Note: Object has to be registered for OBJ_txt2nid to work. */ nid = OBJ_txt2nid(oid); - if (nid == NID_undef) { - /* Note: Implicit object registration happens in OBJ_create. */ - nid = OBJ_create(oid, sn, ln); - if (nid == 0) - return op_crypto_err("Unable to register the %s NID.", sn); - pr_op_debug("%s registered. Its nid is %d.", sn, nid); - - } else { - pr_op_debug("%s retrieved. Its nid is %d.", sn, nid); + if (nid != NID_undef) { + pr_op_debug("%s retrieved. NID: %d", sn, nid); + return nid; } - return nid; + /* Note: Implicit object registration happens in OBJ_create. */ + nid = OBJ_create(oid, sn, ln); + if (nid != NID_undef) { + pr_op_debug("%s registered. NID: %d", sn, nid); + return nid; + } + + op_crypto_err("Unable to register the %s NID.", sn); + return NID_undef; } /** @@ -50,67 +52,67 @@ nid_init(void) ct_roa_nid = register_oid("1.2.840.113549.1.9.16.1.24", "id-ct-routeOriginAuthz", "RPKI ROA (Content type)"); - if (ct_roa_nid == 0) + if (ct_roa_nid == NID_undef) return -EINVAL; ct_mft_nid = register_oid("1.2.840.113549.1.9.16.1.26", "id-ct-rpkiManifest", "RPKI Manifest (Content type)"); - if (ct_mft_nid == 0) + if (ct_mft_nid == NID_undef) return -EINVAL; ct_gbr_nid = register_oid("1.2.840.113549.1.9.16.1.35", "id-ct-rpkiGhostbusters", "RPKI Ghostbusters (Content type)"); - if (ct_gbr_nid == 0) + if (ct_gbr_nid == NID_undef) return -EINVAL; rpki_manifest_nid = register_oid("1.3.6.1.5.5.7.48.10", "rpkiManifest", "RPKI Manifest (RFC 6487)"); - if (rpki_manifest_nid == 0) + if (rpki_manifest_nid == NID_undef) return -EINVAL; signed_object_nid = register_oid("1.3.6.1.5.5.7.48.11", "signedObject", "RPKI Signed Object (RFC 6487)"); - if (signed_object_nid == 0) + if (signed_object_nid == NID_undef) return -EINVAL; rpki_notify_nid = register_oid("1.3.6.1.5.5.7.48.13", "rpkiNotify", "RPKI Update Notification File (RFC 8182)"); - if (rpki_notify_nid == 0) + if (rpki_notify_nid == NID_undef) return -EINVAL; cert_policy_rpki_nid = register_oid("1.3.6.1.5.5.7.14.2", "id-cp-ipAddr-asNumber (RFC 6484)", "Certificate Policy (CP) for the Resource PKI (RPKI)"); - if (cert_policy_rpki_nid == 0) + if (cert_policy_rpki_nid == NID_undef) return -EINVAL; cert_policy_rpki_v2_nid = register_oid("1.3.6.1.5.5.7.14.3", "id-cp-ipAddr-asNumber-v2 (RFC 8360)", "Certificate Policy for Use with Validation Reconsidered in the RPKI"); - if (cert_policy_rpki_v2_nid == 0) + if (cert_policy_rpki_v2_nid == NID_undef) return -EINVAL; ip_addr_blocks_v2_nid = register_oid("1.3.6.1.5.5.7.1.28", "id-pe-ipAddrBlocks-v2", "Amended IP Resources (RFC 8360)"); - if (ip_addr_blocks_v2_nid == 0) + if (ip_addr_blocks_v2_nid == NID_undef) return -EINVAL; autonomous_sys_ids_v2_nid = register_oid("1.3.6.1.5.5.7.1.29", "id-pe-autonomousSysIds-v2", "Amended AS Resources (RFC 8360)"); - if (autonomous_sys_ids_v2_nid == 0) + if (autonomous_sys_ids_v2_nid == NID_undef) return -EINVAL; bgpsec_router_nid = register_oid("1.3.6.1.5.5.7.3.30", "id-kp-bgpsec-router", "BGPsec Extended Key Usage (RFC 8209)"); - if (bgpsec_router_nid == 0) + if (bgpsec_router_nid == NID_undef) return -EINVAL; return 0;