summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJob Snijders <job@cvs.openbsd.org>2021-09-02 21:12:29 +0000
committerJob Snijders <job@cvs.openbsd.org>2021-09-02 21:12:29 +0000
commit3ca1456b604180ae467392b1810d0dfc3d0dc57b (patch)
treef868f119cb5466896ed44d3ed9a3efbc85b89246
parent43a0f11590682b82118a71176e5ddba691d2c114 (diff)
Fix OPENSSL_assert() and assert()
OK tb@
-rw-r--r--lib/libcrypto/x509/x509_addr.c13
-rw-r--r--lib/libcrypto/x509/x509_asid.c39
2 files changed, 17 insertions, 35 deletions
diff --git a/lib/libcrypto/x509/x509_addr.c b/lib/libcrypto/x509/x509_addr.c
index 7a35b21332b..0781ce37a97 100644
--- a/lib/libcrypto/x509/x509_addr.c
+++ b/lib/libcrypto/x509/x509_addr.c
@@ -1063,8 +1063,7 @@ int X509v3_addr_canonize(IPAddrBlocks *addr)
}
(void)sk_IPAddressFamily_set_cmp_func(addr, IPAddressFamily_cmp);
sk_IPAddressFamily_sort(addr);
- if (!OPENSSL_assert(X509v3_addr_is_canonical(addr)))
- return 0;
+ OPENSSL_assert(X509v3_addr_is_canonical(addr));
return 1;
}
@@ -1362,13 +1361,9 @@ static int addr_validate_path_internal(X509_STORE_CTX *ctx,
int i, j, ret = 1;
X509 *x;
- if (!OPENSSL_assert(chain != NULL && sk_X509_num(chain) > 0)
- || !OPENSSL_assert(ctx != NULL || ext != NULL)
- || !OPENSSL_assert(ctx == NULL || ctx->verify_cb != NULL)) {
- if (ctx != NULL)
- ctx->error = X509_V_ERR_UNSPECIFIED;
- return 0;
- }
+ OPENSSL_assert(chain != NULL && sk_X509_num(chain) > 0);
+ OPENSSL_assert(ctx != NULL || ext != NULL);
+ OPENSSL_assert(ctx == NULL || ctx->verify_cb != NULL);
/*
* Figure out where to start. If we don't have an extension to
diff --git a/lib/libcrypto/x509/x509_asid.c b/lib/libcrypto/x509/x509_asid.c
index 9a0992b8a64..e774b097dca 100644
--- a/lib/libcrypto/x509/x509_asid.c
+++ b/lib/libcrypto/x509/x509_asid.c
@@ -304,11 +304,11 @@ static int ASIdOrRange_cmp(const ASIdOrRange *const *a_,
const ASIdOrRange *a = *a_, *b = *b_;
/* XXX: these asserts need to be replaced */
- assert((a->type == ASIdOrRange_id && a->u.id != NULL) ||
+ OPENSSL_assert((a->type == ASIdOrRange_id && a->u.id != NULL) ||
(a->type == ASIdOrRange_range && a->u.range != NULL &&
a->u.range->min != NULL && a->u.range->max != NULL));
- assert((b->type == ASIdOrRange_id && b->u.id != NULL) ||
+ OPENSSL_assert((b->type == ASIdOrRange_id && b->u.id != NULL) ||
(b->type == ASIdOrRange_range && b->u.range != NULL &&
b->u.range->min != NULL && b->u.range->max != NULL));
@@ -414,8 +414,8 @@ int X509v3_asid_add_id_or_range(ASIdentifiers *asid,
static int extract_min_max(ASIdOrRange *aor,
ASN1_INTEGER **min, ASN1_INTEGER **max)
{
- if (!OPENSSL_assert(aor != NULL))
- return 0;
+ OPENSSL_assert(aor != NULL);
+
switch (aor->type) {
case ASIdOrRange_id:
*min = aor->u.id;
@@ -577,8 +577,7 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
/*
* Make sure we're properly sorted (paranoia).
*/
- if (!OPENSSL_assert(ASN1_INTEGER_cmp(a_min, b_min) <= 0))
- goto done;
+ OPENSSL_assert(ASN1_INTEGER_cmp(a_min, b_min) <= 0);
/*
* Punt inverted ranges.
@@ -663,8 +662,7 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice)
}
/* Paranoia */
- if (!OPENSSL_assert(ASIdentifierChoice_is_canonical(choice)))
- goto done;
+ OPENSSL_assert(ASIdentifierChoice_is_canonical(choice));
ret = 1;
@@ -907,14 +905,9 @@ static int asid_validate_path_internal(X509_STORE_CTX *ctx,
int i, ret = 1, inherit_as = 0, inherit_rdi = 0;
X509 *x;
- if (!OPENSSL_assert(chain != NULL && sk_X509_num(chain) > 0)
- || !OPENSSL_assert(ctx != NULL || ext != NULL)
- || !OPENSSL_assert(ctx == NULL || ctx->verify_cb != NULL)) {
- if (ctx != NULL)
- ctx->error = X509_V_ERR_UNSPECIFIED;
- return 0;
- }
-
+ OPENSSL_assert(chain != NULL && sk_X509_num(chain) > 0);
+ OPENSSL_assert(ctx != NULL || ext != NULL);
+ OPENSSL_assert(ctx == NULL || ctx->verify_cb != NULL);
/*
* Figure out where to start. If we don't have an extension to
@@ -959,11 +952,8 @@ static int asid_validate_path_internal(X509_STORE_CTX *ctx,
*/
for (i++; i < sk_X509_num(chain); i++) {
x = sk_X509_value(chain, i);
- if (!OPENSSL_assert(x != NULL)) {
- if (ctx != NULL)
- ctx->error = X509_V_ERR_UNSPECIFIED;
- return 0;
- }
+ OPENSSL_assert(x != NULL);
+
if (x->rfc3779_asid == NULL) {
if (child_as != NULL || child_rdi != NULL)
validation_err(X509_V_ERR_UNNESTED_RESOURCE);
@@ -1009,11 +999,8 @@ static int asid_validate_path_internal(X509_STORE_CTX *ctx,
/*
* Trust anchor can't inherit.
*/
- if (!OPENSSL_assert(x != NULL)) {
- if (ctx != NULL)
- ctx->error = X509_V_ERR_UNSPECIFIED;
- return 0;
- }
+ OPENSSL_assert(x != NULL);
+
if (x->rfc3779_asid != NULL) {
if (x->rfc3779_asid->asnum != NULL &&
x->rfc3779_asid->asnum->type == ASIdentifierChoice_inherit)