hoist local variable initialization directly into the definitions,

rather than doing it right afterwards.
ok florian

7 files changed, 45 insertions, 89 deletions

diff --git a/usr.sbin/acme-client/certproc.c b/usr.sbin/acme-client/certproc.c
index fb844e06aa5..b2f33bf00ba 100644
--- a/usr.sbin/acme-client/certproc.c
+++ b/usr.sbin/acme-client/certproc.c
@@ -1,4 +1,4 @@
-/*	$Id: certproc.c,v 1.5 2016/09/01 00:35:21 florian Exp $ */
+/*	$Id: certproc.c,v 1.6 2016/09/13 16:49:28 deraadt Exp $ */
 /*
  * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -79,26 +79,19 @@ x509buf(X509 *x, size_t *sz)
 int
 certproc(int netsock, int filesock)
 {
-	char		*csr, *chain, *url;
+	char		*csr = NULL, *chain = NULL, *url = NULL;
 	unsigned char	*csrcp, *chaincp;
 	size_t		 csrsz, chainsz;
-	int		 i, rc, idx, cc;
+	int		 i, rc = 0, idx = -1, cc;
 	enum certop	 op;
 	long		 lval;
-	X509		*x, *chainx;
-	X509_EXTENSION	*ext;
-	X509V3_EXT_METHOD *method;
+	X509		*x = NULL, *chainx = NULL;
+	X509_EXTENSION	*ext = NULL;
+	X509V3_EXT_METHOD *method = NULL;
 	void		*entries;
 	STACK_OF(CONF_VALUE) *val;
 	CONF_VALUE	*nval;
 
-	ext = NULL;
-	idx = -1;
-	method = NULL;
-	chain = csr = url = NULL;
-	rc = 0;
-	x = chainx = NULL;
-
 	/* File-system and sandbox jailing. */
 
 	ERR_load_crypto_strings();
diff --git a/usr.sbin/acme-client/dnsproc.c b/usr.sbin/acme-client/dnsproc.c
index 711cb01bd8d..6f102dce553 100644
--- a/usr.sbin/acme-client/dnsproc.c
+++ b/usr.sbin/acme-client/dnsproc.c
@@ -1,4 +1,4 @@
-/*	$Id: dnsproc.c,v 1.4 2016/09/01 00:35:21 florian Exp $ */
+/*	$Id: dnsproc.c,v 1.5 2016/09/13 16:49:28 deraadt Exp $ */
 /*
  * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -112,18 +112,14 @@ host_dns(const char *s, struct addr *vec)
 int
 dnsproc(int nfd)
 {
-	int		 rc, cc;
-	char		*look, *last;
+	char		*look = NULL, *last = NULL;
 	struct addr	 v[MAX_SERVERS_DNS];
+	int		 rc = 0, cc;
 	long		 lval;
+	ssize_t		 vsz = 0;
 	size_t		 i;
-	ssize_t		 vsz;
 	enum dnsop	 op;
 
-	rc = 0;
-	look = last = NULL;
-	vsz = 0;
-
 	if (pledge("stdio dns", NULL) == -1) {
 		warn("pledge");
 		goto out;
diff --git a/usr.sbin/acme-client/fileproc.c b/usr.sbin/acme-client/fileproc.c
index b5c7c4816f8..2fc80e4627c 100644
--- a/usr.sbin/acme-client/fileproc.c
+++ b/usr.sbin/acme-client/fileproc.c
@@ -1,4 +1,4 @@
-/*	$Id: fileproc.c,v 1.4 2016/09/01 00:35:21 florian Exp $ */
+/*	$Id: fileproc.c,v 1.5 2016/09/13 16:49:28 deraadt Exp $ */
 /*
  * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -29,8 +29,7 @@
 
 static int
 serialise(const char *tmp, const char *real,
-	const char *v, size_t vsz,
-	const char *v2, size_t v2sz)
+    const char *v, size_t vsz, const char *v2, size_t v2sz)
 {
 	int	 fd;
 
@@ -65,16 +64,13 @@ serialise(const char *tmp, const char *real,
 int
 fileproc(int certsock, int backup, const char *certdir)
 {
-	char		*csr, *ch;
+	char		*csr = NULL, *ch = NULL;
+	char		 file[PATH_MAX];
 	size_t		 chsz, csz;
-	int		 rc;
+	int		 rc = 0;
 	long		 lval;
 	enum fileop	 op;
 	time_t		 t;
-	char		 file[PATH_MAX];
-
-	csr = ch = NULL;
-	rc = 0;
 
 	/* File-system and sandbox jailing. */
 
diff --git a/usr.sbin/acme-client/netproc.c b/usr.sbin/acme-client/netproc.c
index 9b9fa8cbd76..793fcf8ed4e 100644
--- a/usr.sbin/acme-client/netproc.c
+++ b/usr.sbin/acme-client/netproc.c
@@ -1,4 +1,4 @@
-/*	$Id: netproc.c,v 1.6 2016/09/01 12:17:00 florian Exp $ */
+/*	$Id: netproc.c,v 1.7 2016/09/13 16:49:28 deraadt Exp $ */
 /*
  * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -328,11 +328,10 @@ static int
 donewreg(struct conn *c, const char *agreement,
 	const struct capaths *p)
 {
-	int		 rc;
+	int		 rc = 0;
 	char		*req;
 	long		 lc;
 
-	rc = 0;
 	dodbg("%s: new-reg", p->newreg);
 
 	if (NULL == (req = json_fmt_newreg(agreement)))
@@ -361,13 +360,11 @@ static int
 dochngreq(struct conn *c, const char *alt,
 	struct chng *chng, const struct capaths *p)
 {
-	int		 rc;
+	int		 rc = 0;
 	char		*req;
 	long		 lc;
-	struct jsmnn	*j;
+	struct jsmnn	*j = NULL;
 
-	j = NULL;
-	rc = 0;
 	dodbg("%s: req-auth: %s", p->newauthz, alt);
 
 	if (NULL == (req = json_fmt_newauthz(alt)))
@@ -396,11 +393,10 @@ dochngreq(struct conn *c, const char *alt,
 static int
 dochngresp(struct conn *c, const struct chng *chng, const char *th)
 {
-	int	 rc;
+	int	 rc = 0;
 	long	 lc;
 	char	*req;
 
-	rc = 0;
 	dodbg("%s: challenge", chng->uri);
 
 	if (NULL == (req = json_fmt_challenge(chng->token, th)))
@@ -459,11 +455,9 @@ static int
 dorevoke(struct conn *c, const char *addr, const char *cert)
 {
 	char		*req;
-	int		 rc;
-	long		 lc;
+	int		 rc = 0;
+	long		 lc = 0;
 
-	lc = 0;
-	rc = 0;
 	dodbg("%s: revocation", addr);
 
 	if (NULL == (req = json_fmt_revokecert(cert)))
@@ -492,10 +486,9 @@ static int
 docert(struct conn *c, const char *addr, const char *cert)
 {
 	char	*req;
-	int	 rc;
+	int	 rc = 0;
 	long	 lc;
 
-	rc = 0;
 	dodbg("%s: certificate", addr);
 
 	if (NULL == (req = json_fmt_newcert(cert)))
@@ -521,12 +514,10 @@ docert(struct conn *c, const char *addr, const char *cert)
 static int
 dodirs(struct conn *c, const char *addr, struct capaths *paths)
 {
-	struct jsmnn	*j;
+	struct jsmnn	*j = NULL;
 	long		 lc;
-	int		 rc;
+	int		 rc = 0;
 
-	j = NULL;
-	rc = 0;
 	dodbg("%s: directories", addr);
 
 	if ((lc = nreq(c, addr)) < 0)
@@ -552,10 +543,9 @@ dodirs(struct conn *c, const char *addr, struct capaths *paths)
 static int
 dofullchain(struct conn *c, const char *addr)
 {
-	int	 rc;
+	int	 rc = 0;
 	long	 lc;
 
-	rc = 0;
 	dodbg("%s: full chain", addr);
 
 	if ((lc = nreq(c, addr)) < 0)
@@ -577,22 +567,19 @@ dofullchain(struct conn *c, const char *addr)
  */
 int
 netproc(int kfd, int afd, int Cfd, int cfd, int dfd, int rfd,
-	int newacct, int revocate, int authority,
-	const char *const *alts, size_t altsz, const char *agreement)
+    int newacct, int revocate, int authority,
+    const char *const *alts, size_t altsz, const char *agreement)
 {
-	int		 rc;
+	int		 rc = 0;
 	size_t		 i;
-	char		*cert, *thumb, *url;
+	char		*cert = NULL, *thumb = NULL, *url = NULL;
 	struct conn	 c;
 	struct capaths	 paths;
-	struct chng	*chngs;
+	struct chng	*chngs = NULL;
 	long		 lval;
 
-	rc = 0;
 	memset(&paths, 0, sizeof(struct capaths));
 	memset(&c, 0, sizeof(struct conn));
-	url = cert = thumb = NULL;
-	chngs = NULL;
 
 	if (pledge("stdio inet", NULL) == -1) {
 		warn("pledge");
diff --git a/usr.sbin/acme-client/revokeproc.c b/usr.sbin/acme-client/revokeproc.c
index b92c43778a3..d9e7e0c7ec4 100644
--- a/usr.sbin/acme-client/revokeproc.c
+++ b/usr.sbin/acme-client/revokeproc.c
@@ -1,4 +1,4 @@
-/*	$Id: revokeproc.c,v 1.6 2016/09/01 00:35:22 florian Exp $ */
+/*	$Id: revokeproc.c,v 1.7 2016/09/13 16:49:28 deraadt Exp $ */
 /*
  * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -99,29 +99,20 @@ int
 revokeproc(int fd, const char *certdir, int force, int revocate,
 	const char *const *alts, size_t altsz)
 {
-	int		 rc, cc, i, extsz, ssz;
+	char		*path = NULL, *der = NULL, *dercp, *der64 = NULL;
+	char		*san = NULL, *str, *tok;
+	int		 rc = 0, cc, i, extsz, ssz, len;
+	size_t		*found = NULL;
+	BIO		*bio = NULL;
+	FILE		*f = NULL;
+	X509		*x = NULL;
 	long		 lval;
-	FILE		*f;
-	size_t		*found;
-	char		*path, *der, *dercp, *der64, *san, *str, *tok;
-	X509		*x;
 	enum revokeop	 op, rop;
 	time_t		 t;
-	int		 len;
 	X509_EXTENSION	*ex;
 	ASN1_OBJECT	*obj;
-	BIO		*bio;
 	size_t		 j;
 
-	found = NULL;
-	bio = NULL;
-	der = der64 = NULL;
-	rc = 0;
-	f = NULL;
-	path = NULL;
-	san = NULL;
-	x = NULL;
-
 	/*
 	 * First try to open the certificate before we drop privileges
 	 * and jail ourselves.
diff --git a/usr.sbin/acme-client/rsa.c b/usr.sbin/acme-client/rsa.c
index 67c869a954e..2536ed9bacf 100644
--- a/usr.sbin/acme-client/rsa.c
+++ b/usr.sbin/acme-client/rsa.c
@@ -1,4 +1,4 @@
-/*	$Id: rsa.c,v 1.3 2016/09/01 00:35:22 florian Exp $ */
+/*	$Id: rsa.c,v 1.4 2016/09/13 16:49:28 deraadt Exp $ */
 /*
  * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -36,11 +36,8 @@
 EVP_PKEY *
 rsa_key_create(FILE *f, const char *fname)
 {
-	EVP_PKEY_CTX	*ctx;
-	EVP_PKEY	*pkey;
-
-	ctx = NULL;
-	pkey = NULL;
+	EVP_PKEY_CTX	*ctx = NULL;
+	EVP_PKEY	*pkey = NULL;
 
 	/* First, create the context and the key. */
 
diff --git a/usr.sbin/acme-client/util.c b/usr.sbin/acme-client/util.c
index 63e61b89d3d..43834d61385 100644
--- a/usr.sbin/acme-client/util.c
+++ b/usr.sbin/acme-client/util.c
@@ -1,4 +1,4 @@
-/*	$Id: util.c,v 1.3 2016/09/01 00:35:22 florian Exp $ */
+/*	$Id: util.c,v 1.4 2016/09/13 16:49:28 deraadt Exp $ */
 /*
  * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv>
  *
@@ -122,9 +122,7 @@ readbuf(int fd, enum comm comm, size_t *sz)
 {
 	ssize_t		 ssz;
 	size_t		 rsz, lsz;
-	char		*p;
-
-	p = NULL;
+	char		*p = NULL;
 
 	if ((ssz = read(fd, sz, sizeof(size_t))) < 0) {
 		warn("read: %s length", comms[comm]);
@@ -202,11 +200,9 @@ int
 writebuf(int fd, enum comm comm, const void *v, size_t sz)
 {
 	ssize_t	 ssz;
-	int	 er, rc;
+	int	 er, rc = -1;
 	void	(*sigfp)(int);
 
-	rc = -1;
-
 	/*
 	 * First, try to write the length.
 	 * If the other end of the pipe has closed, we allow the short