diff options
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/acme-client/acctproc.c | 70 | ||||
| -rw-r--r-- | usr.sbin/acme-client/base64.c | 4 | ||||
| -rw-r--r-- | usr.sbin/acme-client/certproc.c | 38 | ||||
| -rw-r--r-- | usr.sbin/acme-client/chngproc.c | 26 | ||||
| -rw-r--r-- | usr.sbin/acme-client/dnsproc.c | 16 | ||||
| -rw-r--r-- | usr.sbin/acme-client/fileproc.c | 24 | ||||
| -rw-r--r-- | usr.sbin/acme-client/http.c | 116 | ||||
| -rw-r--r-- | usr.sbin/acme-client/json.c | 88 | ||||
| -rw-r--r-- | usr.sbin/acme-client/main.c | 76 | ||||
| -rw-r--r-- | usr.sbin/acme-client/netproc.c | 128 | ||||
| -rw-r--r-- | usr.sbin/acme-client/revokeproc.c | 54 | ||||
| -rw-r--r-- | usr.sbin/acme-client/rsa.c | 12 | ||||
| -rw-r--r-- | usr.sbin/acme-client/util.c | 22 |
13 files changed, 337 insertions, 337 deletions
diff --git a/usr.sbin/acme-client/acctproc.c b/usr.sbin/acme-client/acctproc.c index ccadd8c77a6..3f80bd2da28 100644 --- a/usr.sbin/acme-client/acctproc.c +++ b/usr.sbin/acme-client/acctproc.c @@ -1,4 +1,4 @@ -/* $Id: acctproc.c,v 1.9 2016/09/13 17:13:37 deraadt Exp $ */ +/* $Id: acctproc.c,v 1.10 2017/01/24 12:05:14 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -45,7 +45,7 @@ bn2string(const BIGNUM *bn) /* Extract big-endian representation of BIGNUM. */ len = BN_num_bytes(bn); - if (NULL == (buf = malloc(len))) { + if ((buf = malloc(len)) == NULL) { warn("malloc"); return (NULL); } else if (len != BN_bn2bin(bn, (unsigned char *)buf)) { @@ -56,7 +56,7 @@ bn2string(const BIGNUM *bn) /* Convert to base64url. */ - if (NULL == (bbuf = base64buf_url(buf, len))) { + if ((bbuf = base64buf_url(buf, len)) == NULL) { warnx("base64buf_url"); free(buf); return (NULL); @@ -76,13 +76,13 @@ op_thumb_rsa(EVP_PKEY *pkey) char *exp = NULL, *mod = NULL, *json = NULL; RSA *r; - if (NULL == (r = EVP_PKEY_get1_RSA(pkey))) + if ((r = EVP_PKEY_get1_RSA(pkey)) == NULL) warnx("EVP_PKEY_get1_RSA"); - else if (NULL == (mod = bn2string(r->n))) + else if ((mod = bn2string(r->n)) == NULL) warnx("bn2string"); - else if (NULL == (exp = bn2string(r->e))) + else if ((exp = bn2string(r->e)) == NULL) warnx("bn2string"); - else if (NULL == (json = json_fmt_thumb_rsa(exp, mod))) + else if ((json = json_fmt_thumb_rsa(exp, mod)) == NULL) warnx("json_fmt_thumb_rsa"); free(exp); @@ -106,7 +106,7 @@ op_thumbprint(int fd, EVP_PKEY *pkey) switch (EVP_PKEY_type(pkey->type)) { case EVP_PKEY_RSA: - if (NULL != (thumb = op_thumb_rsa(pkey))) + if ((thumb = op_thumb_rsa(pkey)) != NULL) break; goto out; default: @@ -121,10 +121,10 @@ op_thumbprint(int fd, EVP_PKEY *pkey) * it up in the read loop). */ - if (NULL == (dig = malloc(EVP_MAX_MD_SIZE))) { + if ((dig = malloc(EVP_MAX_MD_SIZE)) == NULL) { warn("malloc"); goto out; - } else if (NULL == (ctx = EVP_MD_CTX_create())) { + } else if ((ctx = EVP_MD_CTX_create()) == NULL) { warnx("EVP_MD_CTX_create"); goto out; } else if (!EVP_DigestInit_ex(ctx, EVP_sha256(), NULL)) { @@ -136,7 +136,7 @@ op_thumbprint(int fd, EVP_PKEY *pkey) } else if (!EVP_DigestFinal_ex(ctx, dig, &digsz)) { warnx("EVP_SignFinal"); goto out; - } else if (NULL == (dig64 = base64buf_url((char *)dig, digsz))) { + } else if ((dig64 = base64buf_url((char *)dig, digsz)) == NULL) { warnx("base64buf_url"); goto out; } else if (writestr(fd, COMM_THUMB, dig64) < 0) @@ -144,7 +144,7 @@ op_thumbprint(int fd, EVP_PKEY *pkey) rc = 1; out: - if (NULL != ctx) + if (ctx != NULL) EVP_MD_CTX_destroy(ctx); free(thumb); @@ -169,15 +169,15 @@ op_sign_rsa(char **head, char **prot, EVP_PKEY *pkey, const char *nonce) * Finally, format the header combined with the nonce. */ - if (NULL == (r = EVP_PKEY_get1_RSA(pkey))) + if ((r = EVP_PKEY_get1_RSA(pkey)) == NULL) warnx("EVP_PKEY_get1_RSA"); - else if (NULL == (mod = bn2string(r->n))) + else if ((mod = bn2string(r->n)) == NULL) warnx("bn2string"); - else if (NULL == (exp = bn2string(r->e))) + else if ((exp = bn2string(r->e)) == NULL) warnx("bn2string"); - else if (NULL == (*head = json_fmt_header_rsa(exp, mod))) + else if ((*head = json_fmt_header_rsa(exp, mod)) == NULL) warnx("json_fmt_header_rsa"); - else if (NULL == (*prot = json_fmt_protected_rsa(exp, mod, nonce))) + else if ((*prot = json_fmt_protected_rsa(exp, mod, nonce)) == NULL) warnx("json_fmt_protected_rsa"); else rc = 1; @@ -204,14 +204,14 @@ op_sign(int fd, EVP_PKEY *pkey) /* Read our payload and nonce from the requestor. */ - if (NULL == (pay = readstr(fd, COMM_PAY))) + if ((pay = readstr(fd, COMM_PAY)) == NULL) goto out; - else if (NULL == (nonce = readstr(fd, COMM_NONCE))) + else if ((nonce = readstr(fd, COMM_NONCE)) == NULL) goto out; /* Base64-encode the payload. */ - if (NULL == (pay64 = base64buf_url(pay, strlen(pay)))) { + if ((pay64 = base64buf_url(pay, strlen(pay))) == NULL) { warnx("base64buf_url"); goto out; } @@ -228,7 +228,7 @@ op_sign(int fd, EVP_PKEY *pkey) /* The header combined with the nonce, base64. */ - if (NULL == (prot64 = base64buf_url(prot, strlen(prot)))) { + if ((prot64 = base64buf_url(prot, strlen(prot))) == NULL) { warnx("base64buf_url"); goto out; } @@ -236,13 +236,13 @@ op_sign(int fd, EVP_PKEY *pkey) /* Now the signature material. */ cc = asprintf(&sign, "%s.%s", prot64, pay64); - if (-1 == cc) { + if (cc == -1) { warn("asprintf"); sign = NULL; goto out; } - if (NULL == (dig = malloc(EVP_PKEY_size(pkey)))) { + if ((dig = malloc(EVP_PKEY_size(pkey))) == NULL) { warn("malloc"); goto out; } @@ -252,7 +252,7 @@ op_sign(int fd, EVP_PKEY *pkey) * sign a SHA256 digest of our message. */ - if (NULL == (ctx = EVP_MD_CTX_create())) { + if ((ctx = EVP_MD_CTX_create()) == NULL) { warnx("EVP_MD_CTX_create"); goto out; } else if (!EVP_SignInit_ex(ctx, EVP_sha256(), NULL)) { @@ -264,7 +264,7 @@ op_sign(int fd, EVP_PKEY *pkey) } else if (!EVP_SignFinal(ctx, dig, &digsz, pkey)) { warnx("EVP_SignFinal"); goto out; - } else if (NULL == (dig64 = base64buf_url((char *)dig, digsz))) { + } else if ((dig64 = base64buf_url((char *)dig, digsz)) == NULL) { warnx("base64buf_url"); goto out; } @@ -275,7 +275,7 @@ op_sign(int fd, EVP_PKEY *pkey) * when we next enter the read loop). */ - if (NULL == (fin = json_fmt_signed(head, prot64, pay64, dig64))) { + if ((fin = json_fmt_signed(head, prot64, pay64, dig64)) == NULL) { warnx("json_fmt_signed"); goto out; } else if (writestr(fd, COMM_REQ, fin) < 0) @@ -283,7 +283,7 @@ op_sign(int fd, EVP_PKEY *pkey) rc = 1; out: - if (NULL != ctx) + if (ctx != NULL) EVP_MD_CTX_destroy(ctx); free(pay); @@ -319,7 +319,7 @@ acctproc(int netsock, const char *acctkey, int newacct) f = fopen(acctkey, newacct ? "wx" : "r"); umask(prev); - if (NULL == f) { + if (f == NULL) { warn("%s", acctkey); goto out; } @@ -334,11 +334,11 @@ acctproc(int netsock, const char *acctkey, int newacct) } if (newacct) { - if (NULL == (pkey = rsa_key_create(f, acctkey))) + if ((pkey = rsa_key_create(f, acctkey)) == NULL) goto out; dodbg("%s: generated RSA account key", acctkey); } else { - if (NULL == (pkey = rsa_key_load(f, acctkey))) + if ((pkey = rsa_key_load(f, acctkey)) == NULL) goto out; doddbg("%s: loaded RSA account key", acctkey); } @@ -348,7 +348,7 @@ acctproc(int netsock, const char *acctkey, int newacct) /* Notify the netproc that we've started up. */ - if (0 == (cc = writeop(netsock, COMM_ACCT_STAT, ACCT_READY))) + if ((cc = writeop(netsock, COMM_ACCT_STAT, ACCT_READY)) == 0) rc = 1; if (cc <= 0) goto out; @@ -361,9 +361,9 @@ acctproc(int netsock, const char *acctkey, int newacct) for (;;) { op = ACCT__MAX; - if (0 == (lval = readop(netsock, COMM_ACCT))) + if ((lval = readop(netsock, COMM_ACCT)) == 0) op = ACCT_STOP; - else if (ACCT_SIGN == lval || ACCT_THUMBPRINT == lval) + else if (lval == ACCT_SIGN || lval == ACCT_THUMBPRINT) op = lval; if (ACCT__MAX == op) { @@ -391,9 +391,9 @@ acctproc(int netsock, const char *acctkey, int newacct) rc = 1; out: close(netsock); - if (NULL != f) + if (f != NULL) fclose(f); - if (NULL != pkey) + if (pkey != NULL) EVP_PKEY_free(pkey); ERR_print_errors_fp(stderr); ERR_free_strings(); diff --git a/usr.sbin/acme-client/base64.c b/usr.sbin/acme-client/base64.c index 0927e884a64..a2b2a027b4f 100644 --- a/usr.sbin/acme-client/base64.c +++ b/usr.sbin/acme-client/base64.c @@ -1,4 +1,4 @@ -/* $Id: base64.c,v 1.6 2016/09/13 20:09:54 tedu Exp $ */ +/* $Id: base64.c,v 1.7 2017/01/24 12:05:14 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -45,7 +45,7 @@ base64buf_url(const char *data, size_t len) char *buf; sz = base64len(len); - if (NULL == (buf = malloc(sz))) + if ((buf = malloc(sz)) == NULL) return (NULL); b64_ntop(data, len, buf, sz); diff --git a/usr.sbin/acme-client/certproc.c b/usr.sbin/acme-client/certproc.c index 6ab3c970d81..4b4ae0049ce 100644 --- a/usr.sbin/acme-client/certproc.c +++ b/usr.sbin/acme-client/certproc.c @@ -1,4 +1,4 @@ -/* $Id: certproc.c,v 1.8 2017/01/24 07:59:54 deraadt Exp $ */ +/* $Id: certproc.c,v 1.9 2017/01/24 12:05:14 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -44,7 +44,7 @@ x509buf(X509 *x, size_t *sz) /* Convert X509 to PEM in BIO. */ - if (NULL == (bio = BIO_new(BIO_s_mem()))) { + if ((bio = BIO_new(BIO_s_mem())) == NULL) { warnx("BIO_new"); return (NULL); } else if (!PEM_write_bio_X509(bio, x)) { @@ -58,7 +58,7 @@ x509buf(X509 *x, size_t *sz) * Make into NUL-terminated, just in case. */ - if (NULL == (p = calloc(1, bio->num_write + 1))) { + if ((p = calloc(1, bio->num_write + 1)) == NULL) { warn("calloc"); BIO_free(bio); return (NULL); @@ -104,9 +104,9 @@ certproc(int netsock, int filesock) /* Read what the netproc wants us to do. */ op = CERT__MAX; - if (0 == (lval = readop(netsock, COMM_CSR_OP))) + if ((lval = readop(netsock, COMM_CSR_OP)) == 0) op = CERT_STOP; - else if (CERT_REVOKE == lval || CERT_UPDATE == lval) + else if (lval == CERT_REVOKE || lval == CERT_UPDATE) op = lval; if (CERT_STOP == op) { @@ -134,12 +134,12 @@ certproc(int netsock, int filesock) * Then convert the DER encoding into an X509 certificate. */ - if (NULL == (csr = readbuf(netsock, COMM_CSR, &csrsz))) + if ((csr = readbuf(netsock, COMM_CSR, &csrsz)) == NULL) goto out; csrcp = (u_char *)csr; x = d2i_X509(NULL, (const u_char **)&csrcp, csrsz); - if (NULL == x) { + if (x == NULL) { warnx("d2i_X509"); goto out; } @@ -150,18 +150,18 @@ certproc(int netsock, int filesock) */ idx = X509_get_ext_by_NID(x, NID_info_access, idx); - if (idx >= 0 && NULL != (ext = X509_get_ext(x, idx))) + if (idx >= 0 && (ext = X509_get_ext(x, idx)) != NULL) method = (X509V3_EXT_METHOD *)X509V3_EXT_get(ext); entries = X509_get_ext_d2i(x, NID_info_access, 0, 0); - if (NULL != method && NULL != entries) { + if (method != NULL && entries != NULL) { val = method->i2v(method, entries, 0); for (i = 0; i < sk_CONF_VALUE_num(val); i++) { nval = sk_CONF_VALUE_value(val, i); if (strcmp(nval->name, "CA Issuers - URI")) continue; url = strdup(nval->value); - if (NULL == url) { + if (url == NULL) { warn("strdup"); goto out; } @@ -169,7 +169,7 @@ certproc(int netsock, int filesock) } } - if (NULL == url) { + if (url == NULL) { warnx("no CA issuer registered with certificate"); goto out; } @@ -181,7 +181,7 @@ certproc(int netsock, int filesock) /* Read the full-chain back from the netsock. */ - if (NULL == (chain = readbuf(netsock, COMM_CHAIN, &chainsz))) + if ((chain = readbuf(netsock, COMM_CHAIN, &chainsz)) == NULL) goto out; /* @@ -196,22 +196,22 @@ certproc(int netsock, int filesock) strncmp(chain, MARKER, strlen(MARKER))) { chaincp = (u_char *)chain; chainx = d2i_X509(NULL, (const u_char **)&chaincp, chainsz); - if (NULL == chainx) { + if (chainx == NULL) { warnx("d2i_X509"); goto out; } free(chain); - if (NULL == (chain = x509buf(chainx, &chainsz))) + if ((chain = x509buf(chainx, &chainsz)) == NULL) goto out; } /* Allow reader termination to just push us out. */ - if (0 == (cc = writeop(filesock, COMM_CHAIN_OP, FILE_CREATE))) + if ((cc = writeop(filesock, COMM_CHAIN_OP, FILE_CREATE)) == 0) rc = 1; if (cc <= 0) goto out; - if (0 == (cc = writebuf(filesock, COMM_CHAIN, chain, chainsz))) + if ((cc = writebuf(filesock, COMM_CHAIN, chain, chainsz)) == 0) rc = 1; if (cc <= 0) goto out; @@ -222,7 +222,7 @@ certproc(int netsock, int filesock) */ free(chain); - if (NULL == (chain = x509buf(x, &chainsz))) + if ((chain = x509buf(x, &chainsz)) == NULL) goto out; if (writebuf(filesock, COMM_CSR, chain, chainsz) < 0) goto out; @@ -231,9 +231,9 @@ certproc(int netsock, int filesock) out: close(netsock); close(filesock); - if (NULL != x) + if (x != NULL) X509_free(x); - if (NULL != chainx) + if (chainx != NULL) X509_free(chainx); free(csr); free(url); diff --git a/usr.sbin/acme-client/chngproc.c b/usr.sbin/acme-client/chngproc.c index a22640f37f7..5562c2e79b4 100644 --- a/usr.sbin/acme-client/chngproc.c +++ b/usr.sbin/acme-client/chngproc.c @@ -1,4 +1,4 @@ -/* $Id: chngproc.c,v 1.9 2017/01/21 08:49:30 florian Exp $ */ +/* $Id: chngproc.c,v 1.10 2017/01/24 12:05:14 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -56,9 +56,9 @@ chngproc(int netsock, const char *root) for (;;) { op = CHNG__MAX; - if (0 == (lval = readop(netsock, COMM_CHNG_OP))) + if ((lval = readop(netsock, COMM_CHNG_OP)) == 0) op = CHNG_STOP; - else if (CHNG_SYN == lval) + else if (lval == CHNG_SYN) op = lval; if (CHNG__MAX == op) { @@ -75,15 +75,15 @@ chngproc(int netsock, const char *root) * of tokens that we'll later clean up. */ - if (NULL == (th = readstr(netsock, COMM_THUMB))) + if ((th = readstr(netsock, COMM_THUMB)) == NULL) goto out; - else if (NULL == (tok = readstr(netsock, COMM_TOK))) + else if ((tok = readstr(netsock, COMM_TOK)) == NULL) goto out; /* Vector appending... */ pp = reallocarray(fs, (fsz + 1), sizeof(char *)); - if (NULL == pp) { + if (pp == NULL) { warn("realloc"); goto out; } @@ -92,7 +92,7 @@ chngproc(int netsock, const char *root) tok = NULL; fsz++; - if (-1 == asprintf(&fmt, "%s.%s", fs[fsz - 1], th)) { + if (asprintf(&fmt, "%s.%s", fs[fsz - 1], th) == -1) { warn("asprintf"); goto out; } @@ -103,13 +103,13 @@ chngproc(int netsock, const char *root) * because we want to minimise our pledges. */ fd = open(fs[fsz - 1], O_WRONLY|O_EXCL|O_CREAT, 0444); - if (-1 == fd) { + if (fd == -1) { warn("%s", fs[fsz - 1]); goto out; - } if (-1 == write(fd, fmt, strlen(fmt))) { + } if (write(fd, fmt, strlen(fmt)) == -1) { warn("%s", fs[fsz - 1]); goto out; - } else if (-1 == close(fd)) { + } else if (close(fd) == -1) { warn("%s", fs[fsz - 1]); goto out; } @@ -127,7 +127,7 @@ chngproc(int netsock, const char *root) */ cc = writeop(netsock, COMM_CHNG_ACK, CHNG_ACK); - if (0 == cc) + if (cc == 0) break; if (cc < 0) goto out; @@ -136,10 +136,10 @@ chngproc(int netsock, const char *root) rc = 1; out: close(netsock); - if (-1 != fd) + if (fd != -1) close(fd); for (i = 0; i < fsz; i++) { - if (-1 == unlink(fs[i]) && ENOENT != errno) + if (unlink(fs[i]) == -1 && errno != ENOENT) warn("%s", fs[i]); free(fs[i]); } diff --git a/usr.sbin/acme-client/dnsproc.c b/usr.sbin/acme-client/dnsproc.c index 22a588e04ed..897363d83bf 100644 --- a/usr.sbin/acme-client/dnsproc.c +++ b/usr.sbin/acme-client/dnsproc.c @@ -1,4 +1,4 @@ -/* $Id: dnsproc.c,v 1.6 2016/09/13 17:13:37 deraadt Exp $ */ +/* $Id: dnsproc.c,v 1.7 2017/01/24 12:05:14 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -80,7 +80,7 @@ host_dns(const char *s, struct addr *vec) } for (vecsz = 0, res = res0; - NULL != res && vecsz < MAX_SERVERS_DNS; + res != NULL && vecsz < MAX_SERVERS_DNS; res = res->ai_next) { if (res->ai_family != AF_INET && res->ai_family != AF_INET6) @@ -88,7 +88,7 @@ host_dns(const char *s, struct addr *vec) sa = res->ai_addr; - if (AF_INET == res->ai_family) { + if (res->ai_family == AF_INET) { vec[vecsz].family = 4; inet_ntop(AF_INET, &(((struct sockaddr_in *)sa)->sin_addr), @@ -133,9 +133,9 @@ dnsproc(int nfd) for (;;) { op = DNS__MAX; - if (0 == (lval = readop(nfd, COMM_DNS))) + if ((lval = readop(nfd, COMM_DNS)) == 0) op = DNS_STOP; - else if (DNS_LOOKUP == lval) + else if (lval == DNS_LOOKUP) op = lval; if (DNS__MAX == op) { @@ -144,7 +144,7 @@ dnsproc(int nfd) } else if (DNS_STOP == op) break; - if (NULL == (look = readstr(nfd, COMM_DNSQ))) + if ((look = readstr(nfd, COMM_DNSQ)) == NULL) goto out; /* @@ -152,7 +152,7 @@ dnsproc(int nfd) * If not, request it from host_dns(). */ - if (NULL == last || strcmp(look, last)) { + if (last == NULL || strcmp(look, last)) { if ((vsz = host_dns(look, v)) < 0) goto out; @@ -165,7 +165,7 @@ dnsproc(int nfd) look = NULL; } - if (0 == (cc = writeop(nfd, COMM_DNSLEN, vsz))) + if ((cc = writeop(nfd, COMM_DNSLEN, vsz)) == 0) break; else if (cc < 0) goto out; diff --git a/usr.sbin/acme-client/fileproc.c b/usr.sbin/acme-client/fileproc.c index 3e562cbd660..df881ddcbf4 100644 --- a/usr.sbin/acme-client/fileproc.c +++ b/usr.sbin/acme-client/fileproc.c @@ -1,4 +1,4 @@ -/* $Id: fileproc.c,v 1.11 2017/01/24 07:59:54 deraadt Exp $ */ +/* $Id: fileproc.c,v 1.12 2017/01/24 12:05:14 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -38,21 +38,21 @@ serialise(const char *tmp, const char *real, */ fd = open(tmp, O_WRONLY|O_CREAT|O_TRUNC, 0444); - if (-1 == fd) { + if (fd == -1) { warn("%s", tmp); return (0); } else if ((ssize_t)vsz != write(fd, v, vsz)) { warnx("%s", tmp); close(fd); return (0); - } else if (NULL != v2 && (ssize_t)v2sz != write(fd, v2, v2sz)) { + } else if (v2 != NULL && (ssize_t)v2sz != write(fd, v2, v2sz)) { warnx("%s", tmp); close(fd); return (0); - } else if (-1 == close(fd)) { + } else if (close(fd) == -1) { warn("%s", tmp); return (0); - } else if (-1 == rename(tmp, real)) { + } else if (rename(tmp, real) == -1) { warn("%s", real); return (0); } @@ -95,9 +95,9 @@ fileproc(int certsock, const char *certdir, const char *certfile, const char /* Read our operation. */ op = FILE__MAX; - if (0 == (lval = readop(certsock, COMM_CHAIN_OP))) + if ((lval = readop(certsock, COMM_CHAIN_OP)) == 0) op = FILE_STOP; - else if (FILE_CREATE == lval || FILE_REMOVE == lval) + else if (lval == FILE_CREATE || lval == FILE_REMOVE) op = lval; if (FILE_STOP == op) { @@ -116,7 +116,7 @@ fileproc(int certsock, const char *certdir, const char *certfile, const char if (FILE_REMOVE == op) { if (certfile) { - if (-1 == unlink(certfile) && ENOENT != errno) { + if (unlink(certfile) == -1 && errno != ENOENT) { warn("%s/%s", certdir, certfile); goto out; } else @@ -124,7 +124,7 @@ fileproc(int certsock, const char *certdir, const char *certfile, const char } if (chainfile) { - if (-1 == unlink(chainfile) && ENOENT != errno) { + if (unlink(chainfile) == -1 && errno != ENOENT) { warn("%s/%s", certdir, chainfile); goto out; } else @@ -132,7 +132,7 @@ fileproc(int certsock, const char *certdir, const char *certfile, const char } if (fullchainfile) { - if (-1 == unlink(fullchainfile) && ENOENT != errno) { + if (unlink(fullchainfile) == -1 && errno != ENOENT) { warn("%s/%s", certdir, fullchainfile); goto out; } else @@ -169,7 +169,7 @@ fileproc(int certsock, const char *certdir, const char *certfile, const char goto out; } - if (NULL == (ch = readbuf(certsock, COMM_CHAIN, &chsz))) + if ((ch = readbuf(certsock, COMM_CHAIN, &chsz)) == NULL) goto out; if (chainfile) { @@ -186,7 +186,7 @@ fileproc(int certsock, const char *certdir, const char *certfile, const char * just keep downloading. */ - if (NULL == (csr = readbuf(certsock, COMM_CSR, &csz))) + if ((csr = readbuf(certsock, COMM_CSR, &csz)) == NULL) goto out; if (certfile) { diff --git a/usr.sbin/acme-client/http.c b/usr.sbin/acme-client/http.c index c893ef3a122..1ab0b98a66b 100644 --- a/usr.sbin/acme-client/http.c +++ b/usr.sbin/acme-client/http.c @@ -1,4 +1,4 @@ -/* $Id: http.c,v 1.15 2017/01/24 07:59:54 deraadt Exp $ */ +/* $Id: http.c,v 1.16 2017/01/24 12:05:14 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -95,7 +95,7 @@ dotlsread(char *buf, size_t sz, const struct http *http) do { rc = tls_read(http->ctx, buf, sz); - } while (TLS_WANT_POLLIN == rc || TLS_WANT_POLLOUT == rc); + } while (rc == TLS_WANT_POLLIN || rc == TLS_WANT_POLLOUT); if (rc < 0) warnx("%s: tls_read: %s", http->src.ip, @@ -110,7 +110,7 @@ dotlswrite(const void *buf, size_t sz, const struct http *http) do { rc = tls_write(http->ctx, buf, sz); - } while (TLS_WANT_POLLIN == rc || TLS_WANT_POLLOUT == rc); + } while (rc == TLS_WANT_POLLIN || rc == TLS_WANT_POLLOUT); if (rc < 0) warnx("%s: tls_write: %s", http->src.ip, @@ -121,21 +121,21 @@ dotlswrite(const void *buf, size_t sz, const struct http *http) int http_init() { - if (NULL != tlscfg) + if (tlscfg != NULL) return (0); - if (-1 == tls_init()) { + if (tls_init() == -1) { warn("tls_init"); goto err; } tlscfg = tls_config_new(); - if (NULL == tlscfg) { + if (tlscfg == NULL) { warn("tls_config_new"); goto err; } - if (-1 == tls_config_set_ca_file(tlscfg, DEFAULT_CA_FILE)) { + if (tls_config_set_ca_file(tlscfg, DEFAULT_CA_FILE) == -1) { warn("tls_config_set_ca_file: %s", tls_config_error(tlscfg)); goto err; } @@ -158,7 +158,7 @@ http_read(char *buf, size_t sz, const struct http *http) do { if ((ssz = http->reader(buf, sz, http)) < 0) return (-1); - if (0 == ssz) + if (ssz == 0) break; xfer += ssz; sz -= ssz; @@ -188,11 +188,11 @@ http_disconnect(struct http *http) { int rc; - if (NULL != http->ctx) { + if (http->ctx != NULL) { /* TLS connection. */ do { rc = tls_close(http->ctx); - } while (TLS_WANT_POLLIN == rc || TLS_WANT_POLLOUT == rc); + } while (rc == TLS_WANT_POLLIN || rc == TLS_WANT_POLLOUT); if (rc < 0) warnx("%s: tls_close: %s", http->src.ip, @@ -200,8 +200,8 @@ http_disconnect(struct http *http) tls_free(http->ctx); } - if (-1 != http->fd) { - if (-1 == close(http->fd)) + if (http->fd != -1) { + if (close(http->fd) == -1) warn("%s: close", http->src.ip); } @@ -213,7 +213,7 @@ void http_free(struct http *http) { - if (NULL == http) + if (http == NULL) return; http_disconnect(http); free(http->host); @@ -242,14 +242,14 @@ again: memset(&ss, 0, sizeof(struct sockaddr_storage)); - if (4 == addrs[cur].family) { + if (addrs[cur].family == 4) { family = PF_INET; ((struct sockaddr_in *)&ss)->sin_family = AF_INET; ((struct sockaddr_in *)&ss)->sin_port = htons(port); c = inet_pton(AF_INET, addrs[cur].ip, &((struct sockaddr_in *)&ss)->sin_addr); len = sizeof(struct sockaddr_in); - } else if (6 == addrs[cur].family) { + } else if (addrs[cur].family == 6) { family = PF_INET6; ((struct sockaddr_in6 *)&ss)->sin6_family = AF_INET6; ((struct sockaddr_in6 *)&ss)->sin6_port = htons(port); @@ -264,7 +264,7 @@ again: if (c < 0) { warn("%s: inet_ntop", addrs[cur].ip); goto again; - } else if (0 == c) { + } else if (c == 0) { warnx("%s: inet_ntop", addrs[cur].ip); goto again; } @@ -272,10 +272,10 @@ again: /* Create socket and connect. */ fd = socket(family, SOCK_STREAM, 0); - if (-1 == fd) { + if (fd == -1) { warn("%s: socket", addrs[cur].ip); goto again; - } else if (-1 == connect(fd, (struct sockaddr *)&ss, len)) { + } else if (connect(fd, (struct sockaddr *)&ss, len) == -1) { warn("%s: connect", addrs[cur].ip); close(fd); goto again; @@ -284,7 +284,7 @@ again: /* Allocate the communicator. */ http = calloc(1, sizeof(struct http)); - if (NULL == http) { + if (http == NULL) { warn("calloc"); close(fd); return (NULL); @@ -295,14 +295,14 @@ again: http->src.ip = strdup(addrs[cur].ip); http->host = strdup(host); http->path = strdup(path); - if (NULL == http->src.ip || NULL == http->host || NULL == http->path) { + if (http->src.ip == NULL || http->host == NULL || http->path == NULL) { warn("strdup"); goto err; } /* If necessary, do our TLS setup. */ - if (443 != port) { + if (port != 443) { http->writer = dosyswrite; http->reader = dosysread; return (http); @@ -311,16 +311,16 @@ again: http->writer = dotlswrite; http->reader = dotlsread; - if (NULL == (http->ctx = tls_client())) { + if ((http->ctx = tls_client()) == NULL) { warn("tls_client"); goto err; - } else if (-1 == tls_configure(http->ctx, tlscfg)) { + } else if (tls_configure(http->ctx, tlscfg) == -1) { warnx("%s: tls_configure: %s", http->src.ip, tls_error(http->ctx)); goto err; } - if (0 != tls_connect_socket(http->ctx, http->fd, http->host)) { + if (tls_connect_socket(http->ctx, http->fd, http->host) != 0) { warnx("%s: tls_connect_socket: %s, %s", http->src.ip, http->host, tls_error(http->ctx)); goto err; @@ -339,7 +339,7 @@ http_open(const struct http *http, const void *p, size_t psz) int c; struct httpxfer *trans; - if (NULL == p) { + if (p == NULL) { c = asprintf(&req, "GET %s HTTP/1.0\r\n" "Host: %s\r\n" @@ -353,13 +353,13 @@ http_open(const struct http *http, const void *p, size_t psz) "\r\n", http->path, http->host, psz); } - if (-1 == c) { + if (c == -1) { warn("asprintf"); return (NULL); } else if (!http_write(req, c, http)) { free(req); return (NULL); - } else if (NULL != p && ! http_write(p, psz, http)) { + } else if (p != NULL && ! http_write(p, psz, http)) { free(req); return (NULL); } @@ -367,7 +367,7 @@ http_open(const struct http *http, const void *p, size_t psz) free(req); trans = calloc(1, sizeof(struct httpxfer)); - if (NULL == trans) + if (trans == NULL) warn("calloc"); return (trans); } @@ -376,7 +376,7 @@ void http_close(struct httpxfer *x) { - if (NULL == x) + if (x == NULL) return; free(x->hbuf); free(x->bbuf); @@ -400,7 +400,7 @@ http_body_read(const struct http *http, struct httpxfer *trans, size_t *sz) void *pp; size_t szp; - if (NULL == sz) + if (sz == NULL) sz = &szp; /* Have we already parsed this? */ @@ -418,17 +418,17 @@ http_body_read(const struct http *http, struct httpxfer *trans, size_t *sz) /* If less than sizeof(buf), at EOF. */ if ((ssz = http_read(buf, sizeof(buf), http)) < 0) return (NULL); - else if (0 == ssz) + else if (ssz == 0) break; pp = realloc(trans->bbuf, trans->bbufsz + ssz); - if (NULL == pp) { + if (pp == NULL) { warn("realloc"); return (NULL); } trans->bbuf = pp; memcpy(trans->bbuf + trans->bbufsz, buf, ssz); trans->bbufsz += ssz; - } while (sizeof(buf) == ssz); + } while (ssz == sizeof(buf)); trans->bodyok = 1; *sz = trans->bbufsz; @@ -459,7 +459,7 @@ http_head_status(const struct http *http, struct httphead *h, size_t sz) unsigned int code; struct httphead *st; - if (NULL == (st = http_head_get("Status", h, sz))) { + if ((st = http_head_get("Status", h, sz)) == NULL) { warnx("%s: no status header", http->src.ip); return (-1); } @@ -468,7 +468,7 @@ http_head_status(const struct http *http, struct httphead *h, size_t sz) if (rc < 0) { warn("sscanf"); return (-1); - } else if (1 != rc) { + } else if (rc != 1) { warnx("%s: cannot convert status header", http->src.ip); return (-1); } @@ -494,7 +494,7 @@ http_head_parse(const struct http *http, struct httpxfer *trans, size_t *sz) struct httphead *h; char *cp, *ep, *ccp, *buf; - if (NULL == sz) + if (sz == NULL) sz = &szp; /* @@ -503,13 +503,13 @@ http_head_parse(const struct http *http, struct httpxfer *trans, size_t *sz) * If we have errors on the stream, return NULL now. */ - if (NULL != trans->head) { + if (trans->head != NULL) { *sz = trans->headsz; return (trans->head); } else if (trans->headok <= 0) return (NULL); - if (NULL == (buf = strdup(trans->hbuf))) { + if ((buf = strdup(trans->hbuf)) == NULL) { warn("strdup"); return (NULL); } @@ -517,10 +517,10 @@ http_head_parse(const struct http *http, struct httpxfer *trans, size_t *sz) cp = buf; do { - if (NULL != (cp = strstr(cp, "\r\n"))) + if ((cp = strstr(cp, "\r\n")) != NULL) cp += 2; hsz++; - } while (NULL != cp); + } while (cp != NULL); /* * Allocate headers, then step through the data buffer, parsing @@ -530,7 +530,7 @@ http_head_parse(const struct http *http, struct httpxfer *trans, size_t *sz) */ h = calloc(hsz, sizeof(struct httphead)); - if (NULL == h) { + if (h == NULL) { warn("calloc"); free(buf); return (NULL); @@ -541,18 +541,18 @@ http_head_parse(const struct http *http, struct httpxfer *trans, size_t *sz) cp = buf; do { - if (NULL != (ep = strstr(cp, "\r\n"))) { + if ((ep = strstr(cp, "\r\n")) != NULL) { *ep = '\0'; ep += 2; } - if (0 == hsz) { + if (hsz == 0) { h[hsz].key = "Status"; h[hsz++].val = cp; continue; } /* Skip bad headers. */ - if (NULL == (ccp = strchr(cp, ':'))) { + if ((ccp = strchr(cp, ':')) == NULL) { warnx("%s: header without separator", http->src.ip); continue; } @@ -562,7 +562,7 @@ http_head_parse(const struct http *http, struct httpxfer *trans, size_t *sz) ccp++; h[hsz].key = cp; h[hsz++].val = ccp; - } while (NULL != (cp = ep)); + } while ((cp = ep) != NULL); trans->headbuf = buf; trans->head = h; @@ -586,7 +586,7 @@ http_head_read(const struct http *http, struct httpxfer *trans, size_t *sz) void *pp; size_t szp; - if (NULL == sz) + if (sz == NULL) sz = &szp; /* Have we already parsed this? */ @@ -612,10 +612,10 @@ http_head_read(const struct http *http, struct httpxfer *trans, size_t *sz) /* If less than sizeof(buf), at EOF. */ if ((ssz = http_read(buf, sizeof(buf), http)) < 0) return (NULL); - else if (0 == ssz) + else if (ssz == 0) break; pp = realloc(trans->hbuf, trans->hbufsz + ssz); - if (NULL == pp) { + if (pp == NULL) { warn("realloc"); return (NULL); } @@ -624,9 +624,9 @@ http_head_read(const struct http *http, struct httpxfer *trans, size_t *sz) trans->hbufsz += ssz; /* Search for end of headers marker. */ ep = memmem(trans->hbuf, trans->hbufsz, "\r\n\r\n", 4); - } while (NULL == ep && sizeof(buf) == ssz); + } while (ep == NULL && ssz == sizeof(buf)); - if (NULL == ep) { + if (ep == NULL) { warnx("%s: partial transfer", http->src.ip); return (NULL); } @@ -651,7 +651,7 @@ http_head_read(const struct http *http, struct httpxfer *trans, size_t *sz) ep += 4; trans->bbufsz = (trans->hbuf + trans->hbufsz) - ep; trans->bbuf = malloc(trans->bbufsz); - if (NULL == trans->bbuf) { + if (trans->bbuf == NULL) { warn("malloc"); return (NULL); } @@ -666,7 +666,7 @@ void http_get_free(struct httpget *g) { - if (NULL == g) + if (g == NULL) return; http_close(g->xfer); http_free(g->http); @@ -686,17 +686,17 @@ http_get(const struct source *addrs, size_t addrsz, const char *domain, char *bod, *headr; h = http_alloc(addrs, addrsz, domain, port, path); - if (NULL == h) + if (h == NULL) return (NULL); - if (NULL == (x = http_open(h, post, postsz))) { + if ((x = http_open(h, post, postsz)) == NULL) { http_free(h); return (NULL); - } else if (NULL == (headr = http_head_read(h, x, &headrsz))) { + } else if ((headr = http_head_read(h, x, &headrsz)) == NULL) { http_close(x); http_free(h); return (NULL); - } else if (NULL == (bod = http_body_read(h, x, &bodsz))) { + } else if ((bod = http_body_read(h, x, &bodsz)) == NULL) { http_close(x); http_free(h); return (NULL); @@ -704,7 +704,7 @@ http_get(const struct source *addrs, size_t addrsz, const char *domain, http_disconnect(h); - if (NULL == (head = http_head_parse(h, x, &headsz))) { + if ((head = http_head_parse(h, x, &headsz)) == NULL) { http_close(x); http_free(h); return (NULL); @@ -714,7 +714,7 @@ http_get(const struct source *addrs, size_t addrsz, const char *domain, return (NULL); } - if (NULL == (g = calloc(1, sizeof(struct httpget)))) { + if ((g = calloc(1, sizeof(struct httpget))) == NULL) { warn("calloc"); http_close(x); http_free(h); diff --git a/usr.sbin/acme-client/json.c b/usr.sbin/acme-client/json.c index db1ccf66585..70c67862428 100644 --- a/usr.sbin/acme-client/json.c +++ b/usr.sbin/acme-client/json.c @@ -1,4 +1,4 @@ -/* $Id: json.c,v 1.6 2016/09/13 20:09:54 tedu Exp $ */ +/* $Id: json.c,v 1.7 2017/01/24 12:05:14 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -75,7 +75,7 @@ build(struct parse *parse, struct jsmnn **np, struct jsmnn *n; ssize_t tmp; - if (0 == sz) + if (sz == 0) return (0); assert(parse->cur < parse->max); @@ -91,14 +91,14 @@ build(struct parse *parse, struct jsmnn **np, n->d.str = strndup (js + t->start, t->end - t->start); - if (NULL == n->d.str) + if (n->d.str == NULL) break; return (1); case JSMN_OBJECT: n->fields = t->size; n->d.obj = calloc(n->fields, sizeof(struct jsmnp)); - if (NULL == n->d.obj) + if (n->d.obj == NULL) break; for (i = j = 0; i < (size_t)t->size; i++) { tmp = build(parse, @@ -121,7 +121,7 @@ build(struct parse *parse, struct jsmnn **np, n->fields = t->size; n->d.array = calloc(n->fields, sizeof(struct jsmnn *)); - if (NULL == n->d.array) + if (n->d.array == NULL) break; for (i = j = 0; i < (size_t)t->size; i++) { tmp = build(parse, @@ -150,7 +150,7 @@ jsmnparse_free(struct parse *p) { size_t i; - if (NULL == p) + if (p == NULL) return; for (i = 0; i < p->max; i++) { struct jsmnn *n = &p->nodes[i]; @@ -186,16 +186,16 @@ jsmntree_alloc(jsmntok_t *t, const char *js, size_t sz) struct jsmnn *first; struct parse *p; - if (0 == sz) + if (sz == 0) return (NULL); p = calloc(1, sizeof(struct parse)); - if (NULL == p) + if (p == NULL) return (NULL); p->max = sz; p->nodes = calloc(p->max, sizeof(struct jsmnn)); - if (NULL == p->nodes) { + if (p->nodes == NULL) { free(p); return (NULL); } @@ -215,7 +215,7 @@ void json_free(struct jsmnn *first) { - if (NULL != first) + if (first != NULL) jsmnparse_free(first->p); } @@ -226,7 +226,7 @@ static struct jsmnn * json_getarrayobj(struct jsmnn *n) { - return (JSMN_OBJECT != n->type ? NULL : n); + return (n->type != JSMN_OBJECT ? NULL : n); } /* @@ -239,11 +239,11 @@ json_getarray(struct jsmnn *n, const char *name) { size_t i; - if (JSMN_OBJECT != n->type) + if (n->type != JSMN_OBJECT) return (NULL); for (i = 0; i < n->fields; i++) { - if (JSMN_STRING != n->d.obj[i].lhs->type && - JSMN_PRIMITIVE != n->d.obj[i].lhs->type) + if (n->d.obj[i].lhs->type != JSMN_STRING && + n->d.obj[i].lhs->type != JSMN_PRIMITIVE) continue; else if (strcmp(name, n->d.obj[i].lhs->d.str)) continue; @@ -251,7 +251,7 @@ json_getarray(struct jsmnn *n, const char *name) } if (i == n->fields) return (NULL); - if (JSMN_ARRAY != n->d.obj[i].rhs->type) + if (n->d.obj[i].rhs->type != JSMN_ARRAY) return (NULL); return (n->d.obj[i].rhs); } @@ -267,11 +267,11 @@ json_getstr(struct jsmnn *n, const char *name) size_t i; char *cp; - if (JSMN_OBJECT != n->type) + if (n->type != JSMN_OBJECT) return (NULL); for (i = 0; i < n->fields; i++) { - if (JSMN_STRING != n->d.obj[i].lhs->type && - JSMN_PRIMITIVE != n->d.obj[i].lhs->type) + if (n->d.obj[i].lhs->type != JSMN_STRING && + n->d.obj[i].lhs->type != JSMN_PRIMITIVE) continue; else if (strcmp(name, n->d.obj[i].lhs->d.str)) continue; @@ -279,12 +279,12 @@ json_getstr(struct jsmnn *n, const char *name) } if (i == n->fields) return (NULL); - if (JSMN_STRING != n->d.obj[i].rhs->type && - JSMN_PRIMITIVE != n->d.obj[i].rhs->type) + if (n->d.obj[i].rhs->type != JSMN_STRING && + n->d.obj[i].rhs->type != JSMN_PRIMITIVE) return (NULL); cp = strdup(n->d.obj[i].rhs->d.str); - if (NULL == cp) + if (cp == NULL) warn("strdup"); return (cp); } @@ -311,14 +311,14 @@ json_parse_response(struct jsmnn *n) char *resp; int rc; - if (NULL == n) + if (n == NULL) return (-1); - if (NULL == (resp = json_getstr(n, "status"))) + if ((resp = json_getstr(n, "status")) == NULL) return (-1); - if (0 == strcmp(resp, "valid")) + if (strcmp(resp, "valid") == 0) rc = 1; - else if (0 == strcmp(resp, "pending")) + else if (strcmp(resp, "pending") == 0) rc = 0; else rc = -1; @@ -340,19 +340,19 @@ json_parse_challenge(struct jsmnn *n, struct chng *p) int rc; char *type; - if (NULL == n) + if (n == NULL) return (0); array = json_getarray(n, "challenges"); - if (NULL == array) + if (array == NULL) return (0); for (i = 0; i < array->fields; i++) { obj = json_getarrayobj(array->d.array[i]); - if (NULL == obj) + if (obj == NULL) continue; type = json_getstr(obj, "type"); - if (NULL == type) + if (type == NULL) continue; rc = strcmp(type, "http-01"); free(type); @@ -360,7 +360,7 @@ json_parse_challenge(struct jsmnn *n, struct chng *p) continue; p->uri = json_getstr(obj, "uri"); p->token = json_getstr(obj, "token"); - return (NULL != p->uri && NULL != p->token); + return (p->uri != NULL && p->token != NULL); } return (0); @@ -374,7 +374,7 @@ int json_parse_capaths(struct jsmnn *n, struct capaths *p) { - if (NULL == n) + if (n == NULL) return (0); p->newauthz = json_getstr(n, "new-authz"); @@ -382,8 +382,8 @@ json_parse_capaths(struct jsmnn *n, struct capaths *p) p->newreg = json_getstr(n, "new-reg"); p->revokecert = json_getstr(n, "revoke-cert"); - return (NULL != p->newauthz && NULL != p->newcert && - NULL != p->newreg && NULL != p->revokecert); + return (p->newauthz != NULL && p->newcert != NULL && + p->newreg != NULL && p->revokecert != NULL); } /* @@ -419,7 +419,7 @@ json_parse(const char *buf, size_t sz) /* Do this until we don't need any more tokens. */ again: tok = calloc(tokcount, sizeof(jsmntok_t)); - if (NULL == tok) { + if (tok == NULL) { warn("calloc"); return (NULL); } @@ -427,7 +427,7 @@ again: /* Actually try to parse the JSON into the tokens. */ r = jsmn_parse(&p, buf, sz, tok, tokcount); - if (r < 0 && JSMN_ERROR_NOMEM == r) { + if (r < 0 && r == JSMN_ERROR_NOMEM) { tokcount *= 2; free(tok); goto again; @@ -458,7 +458,7 @@ json_fmt_newreg(const char *license) "\"agreement\": \"%s\"" "}", license); - if (-1 == c) { + if (c == -1) { warn("asprintf"); p = NULL; } @@ -480,7 +480,7 @@ json_fmt_newauthz(const char *domain) "{\"type\": \"dns\", \"value\": \"%s\"}" "}", domain); - if (-1 == c) { + if (c == -1) { warn("asprintf"); p = NULL; } @@ -501,7 +501,7 @@ json_fmt_challenge(const char *token, const char *thumb) "\"keyAuthorization\": \"%s.%s\"" "}", token, thumb); - if (-1 == c) { + if (c == -1) { warn("asprintf"); p = NULL; } @@ -522,7 +522,7 @@ json_fmt_revokecert(const char *cert) "\"certificate\": \"%s\"" "}", cert); - if (-1 == c) { + if (c == -1) { warn("asprintf"); p = NULL; } @@ -543,7 +543,7 @@ json_fmt_newcert(const char *cert) "\"csr\": \"%s\"" "}", cert); - if (-1 == c) { + if (c == -1) { warn("asprintf"); p = NULL; } @@ -565,7 +565,7 @@ json_fmt_header_rsa(const char *exp, const char *mod) "{\"e\": \"%s\", \"kty\": \"RSA\", \"n\": \"%s\"}" "}", exp, mod); - if (-1 == c) { + if (c == -1) { warn("asprintf"); p = NULL; } @@ -588,7 +588,7 @@ json_fmt_protected_rsa(const char *exp, const char *mod, const char *nce) "\"nonce\": \"%s\"" "}", exp, mod, nce); - if (-1 == c) { + if (c == -1) { warn("asprintf"); p = NULL; } @@ -612,7 +612,7 @@ json_fmt_signed(const char *header, const char *protected, "\"signature\": \"%s\"" "}", header, protected, payload, digest); - if (-1 == c) { + if (c == -1) { warn("asprintf"); p = NULL; } @@ -635,7 +635,7 @@ json_fmt_thumb_rsa(const char *exp, const char *mod) c = asprintf(&p, "{\"e\":\"%s\",\"kty\":\"RSA\",\"n\":\"%s\"}", exp, mod); - if (-1 == c) { + if (c == -1) { warn("asprintf"); p = NULL; } diff --git a/usr.sbin/acme-client/main.c b/usr.sbin/acme-client/main.c index b4840cc4532..55de4e43351 100644 --- a/usr.sbin/acme-client/main.c +++ b/usr.sbin/acme-client/main.c @@ -1,4 +1,4 @@ -/* $Id: main.c,v 1.29 2017/01/21 15:53:15 jmc Exp $ */ +/* $Id: main.c,v 1.30 2017/01/24 12:05:14 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -56,10 +56,10 @@ main(int argc, char *argv[]) struct domain_c *domain = NULL; struct altname_c *ac; - while (-1 != (c = getopt(argc, argv, "FADrvnf:"))) + while ((c = getopt(argc, argv, "FADrvnf:")) != -1) switch (c) { case 'f': - if (NULL == (conffile = strdup(optarg))) + if ((conffile = strdup(optarg)) == NULL) err(EXIT_FAILURE, "strdup"); break; case 'F': @@ -91,7 +91,7 @@ main(int argc, char *argv[]) argc -= optind; argv += optind; - if (1 != argc) + if (argc != 1) goto usage; if ((domain = domain_find(conf, argv[0])) == NULL) @@ -161,7 +161,7 @@ main(int argc, char *argv[]) agreement = authority->agreement; acctkey = authority->account; - if (NULL == acctkey) { + if (acctkey == NULL) { /* XXX replace with existance check in parse.y */ err(EXIT_FAILURE, "no account key in config?"); } @@ -170,7 +170,7 @@ main(int argc, char *argv[]) else chngdir = domain->challengedir; - if (NULL == chngdir) + if (chngdir == NULL) err(EXIT_FAILURE, "strdup"); /* @@ -182,28 +182,28 @@ main(int argc, char *argv[]) ne = 0; - if (-1 == access(certdir, R_OK)) { + if (access(certdir, R_OK) == -1) { warnx("%s: cert directory must exist", certdir); ne++; } - if (!(popts & ACME_OPT_NEWDKEY) && -1 == access(domain->key, R_OK)) { + if (!(popts & ACME_OPT_NEWDKEY) && access(domain->key, R_OK) == -1) { warnx("%s: domain key file must exist", domain->key); ne++; - } else if ((popts & ACME_OPT_NEWDKEY) && -1 != access(domain->key, R_OK)) { + } else if ((popts & ACME_OPT_NEWDKEY) && access(domain->key, R_OK) != -1) { dodbg("%s: domain key exists (not creating)", domain->key); popts &= ~ACME_OPT_NEWDKEY; } - if (-1 == access(chngdir, R_OK)) { + if (access(chngdir, R_OK) == -1) { warnx("%s: challenge directory must exist", chngdir); ne++; } - if (!(popts & ACME_OPT_NEWACCT) && -1 == access(acctkey, R_OK)) { + if (!(popts & ACME_OPT_NEWACCT) && access(acctkey, R_OK) == -1) { warnx("%s: account key file must exist", acctkey); ne++; - } else if ((popts & ACME_OPT_NEWACCT) && -1 != access(acctkey, R_OK)) { + } else if ((popts & ACME_OPT_NEWACCT) && access(acctkey, R_OK) != -1) { dodbg("%s: account key exists (not creating)", acctkey); popts &= ~ACME_OPT_NEWACCT; } @@ -217,7 +217,7 @@ main(int argc, char *argv[]) /* Set the zeroth altname as our domain. */ altsz = domain->altname_count + 1; alts = calloc(altsz, sizeof(char *)); - if (NULL == alts) + if (alts == NULL) err(EXIT_FAILURE, "calloc"); alts[0] = domain->domain; i = 1; @@ -229,27 +229,27 @@ main(int argc, char *argv[]) * Open channels between our components. */ - if (-1 == socketpair(AF_UNIX, SOCK_STREAM, 0, key_fds)) + if (socketpair(AF_UNIX, SOCK_STREAM, 0, key_fds) == -1) err(EXIT_FAILURE, "socketpair"); - if (-1 == socketpair(AF_UNIX, SOCK_STREAM, 0, acct_fds)) + if (socketpair(AF_UNIX, SOCK_STREAM, 0, acct_fds) == -1) err(EXIT_FAILURE, "socketpair"); - if (-1 == socketpair(AF_UNIX, SOCK_STREAM, 0, chng_fds)) + if (socketpair(AF_UNIX, SOCK_STREAM, 0, chng_fds) == -1) err(EXIT_FAILURE, "socketpair"); - if (-1 == socketpair(AF_UNIX, SOCK_STREAM, 0, cert_fds)) + if (socketpair(AF_UNIX, SOCK_STREAM, 0, cert_fds) == -1) err(EXIT_FAILURE, "socketpair"); - if (-1 == socketpair(AF_UNIX, SOCK_STREAM, 0, file_fds)) + if (socketpair(AF_UNIX, SOCK_STREAM, 0, file_fds) == -1) err(EXIT_FAILURE, "socketpair"); - if (-1 == socketpair(AF_UNIX, SOCK_STREAM, 0, dns_fds)) + if (socketpair(AF_UNIX, SOCK_STREAM, 0, dns_fds) == -1) err(EXIT_FAILURE, "socketpair"); - if (-1 == socketpair(AF_UNIX, SOCK_STREAM, 0, rvk_fds)) + if (socketpair(AF_UNIX, SOCK_STREAM, 0, rvk_fds) == -1) err(EXIT_FAILURE, "socketpair"); /* Start with the network-touching process. */ - if (-1 == (pids[COMP_NET] = fork())) + if ((pids[COMP_NET] = fork()) == -1) err(EXIT_FAILURE, "fork"); - if (0 == pids[COMP_NET]) { + if (pids[COMP_NET] == 0) { proccomp = COMP_NET; close(key_fds[0]); close(acct_fds[0]); @@ -278,10 +278,10 @@ main(int argc, char *argv[]) /* Now the key-touching component. */ - if (-1 == (pids[COMP_KEY] = fork())) + if ((pids[COMP_KEY] = fork()) == -1) err(EXIT_FAILURE, "fork"); - if (0 == pids[COMP_KEY]) { + if (pids[COMP_KEY] == 0) { proccomp = COMP_KEY; close(cert_fds[0]); close(dns_fds[0]); @@ -300,10 +300,10 @@ main(int argc, char *argv[]) /* The account-touching component. */ - if (-1 == (pids[COMP_ACCOUNT] = fork())) + if ((pids[COMP_ACCOUNT] = fork()) == -1) err(EXIT_FAILURE, "fork"); - if (0 == pids[COMP_ACCOUNT]) { + if (pids[COMP_ACCOUNT] == 0) { proccomp = COMP_ACCOUNT; free(alts); close(cert_fds[0]); @@ -320,10 +320,10 @@ main(int argc, char *argv[]) /* The challenge-accepting component. */ - if (-1 == (pids[COMP_CHALLENGE] = fork())) + if ((pids[COMP_CHALLENGE] = fork()) == -1) err(EXIT_FAILURE, "fork"); - if (0 == pids[COMP_CHALLENGE]) { + if (pids[COMP_CHALLENGE] == 0) { proccomp = COMP_CHALLENGE; free(alts); close(cert_fds[0]); @@ -339,10 +339,10 @@ main(int argc, char *argv[]) /* The certificate-handling component. */ - if (-1 == (pids[COMP_CERT] = fork())) + if ((pids[COMP_CERT] = fork()) == -1) err(EXIT_FAILURE, "fork"); - if (0 == pids[COMP_CERT]) { + if (pids[COMP_CERT] == 0) { proccomp = COMP_CERT; free(alts); close(dns_fds[0]); @@ -357,10 +357,10 @@ main(int argc, char *argv[]) /* The certificate-handling component. */ - if (-1 == (pids[COMP_FILE] = fork())) + if ((pids[COMP_FILE] = fork()) == -1) err(EXIT_FAILURE, "fork"); - if (0 == pids[COMP_FILE]) { + if (pids[COMP_FILE] == 0) { proccomp = COMP_FILE; free(alts); close(dns_fds[0]); @@ -378,10 +378,10 @@ main(int argc, char *argv[]) /* The DNS lookup component. */ - if (-1 == (pids[COMP_DNS] = fork())) + if ((pids[COMP_DNS] = fork()) == -1) err(EXIT_FAILURE, "fork"); - if (0 == pids[COMP_DNS]) { + if (pids[COMP_DNS] == 0) { proccomp = COMP_DNS; free(alts); close(rvk_fds[0]); @@ -393,10 +393,10 @@ main(int argc, char *argv[]) /* The expiration component. */ - if (-1 == (pids[COMP_REVOKE] = fork())) + if ((pids[COMP_REVOKE] = fork()) == -1) err(EXIT_FAILURE, "fork"); - if (0 == pids[COMP_REVOKE]) { + if (pids[COMP_REVOKE] == 0) { proccomp = COMP_REVOKE; c = revokeproc(rvk_fds[0], certdir, certfile != NULL ? certfile : fullchainfile, @@ -430,8 +430,8 @@ main(int argc, char *argv[]) checkexit(pids[COMP_REVOKE], COMP_REVOKE); free(alts); - return (COMP__MAX != rc ? EXIT_FAILURE : - (2 == c ? EXIT_SUCCESS : 2)); + return (rc != COMP__MAX ? EXIT_FAILURE : + (c == 2 ? EXIT_SUCCESS : 2)); usage: fprintf(stderr, "usage: acme-client [-ADFnrv] [-f configfile] domain\n"); diff --git a/usr.sbin/acme-client/netproc.c b/usr.sbin/acme-client/netproc.c index fd86d482867..35d1635a24e 100644 --- a/usr.sbin/acme-client/netproc.c +++ b/usr.sbin/acme-client/netproc.c @@ -1,4 +1,4 @@ -/* $Id: netproc.c,v 1.11 2017/01/21 08:41:42 benno Exp $ */ +/* $Id: netproc.c,v 1.12 2017/01/24 12:05:14 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -64,9 +64,9 @@ buf_dump(const struct buf *buf) int j; char *nbuf; - if (0 == buf->sz) + if (buf->sz == 0) return; - if (NULL == (nbuf = malloc(buf->sz))) + if ((nbuf = malloc(buf->sz)) == NULL) err(EXIT_FAILURE, "malloc"); for (j = 0, i = 0; i < buf->sz; i++) @@ -94,15 +94,15 @@ url2host(const char *host, short *port, char **path) /* We only understand HTTP and HTTPS. */ - if (0 == strncmp(host, "https://", 8)) { + if (strncmp(host, "https://", 8) == 0) { *port = 443; - if (NULL == (url = strdup(host + 8))) { + if ((url = strdup(host + 8)) == NULL) { warn("strdup"); return (NULL); } - } else if (0 == strncmp(host, "http://", 7)) { + } else if (strncmp(host, "http://", 7) == 0) { *port = 80; - if (NULL == (url = strdup(host + 7))) { + if ((url = strdup(host + 7)) == NULL) { warn("strdup"); return (NULL); } @@ -113,13 +113,13 @@ url2host(const char *host, short *port, char **path) /* Terminate path part. */ - if (NULL != (ep = strchr(url, '/'))) { + if ((ep = strchr(url, '/')) != NULL) { *path = strdup(ep); *ep = '\0'; } else *path = strdup(""); - if (NULL == *path) { + if (*path == NULL) { warn("strdup"); free(url); return (NULL); @@ -155,9 +155,9 @@ urlresolve(int fd, const char *host, struct source *v) memset(&v[i], 0, sizeof(struct source)); if ((lval = readop(fd, COMM_DNSF)) < 0) goto err; - else if (4 != lval && 6 != lval) + else if (lval != 4 && lval != 6) goto err; - else if (NULL == (addr = readstr(fd, COMM_DNSA))) + else if ((addr = readstr(fd, COMM_DNSA)) == NULL) goto err; v[i].family = lval; v[i].ip = addr; @@ -186,7 +186,7 @@ nreq(struct conn *c, const char *addr) ssize_t ssz; long code; - if (NULL == (host = url2host(addr, &port, &path))) + if ((host = url2host(addr, &port, &path)) == NULL) return (-1); if ((ssz = urlresolve(c->dfd, host, src)) < 0) { @@ -199,7 +199,7 @@ nreq(struct conn *c, const char *addr) g = http_get(src, srcsz, host, port, path, NULL, 0); free(host); free(path); - if (NULL == g) + if (g == NULL) return (-1); code = g->code; @@ -211,7 +211,7 @@ nreq(struct conn *c, const char *addr) c->buf.buf = malloc(c->buf.sz); memcpy(c->buf.buf, g->bodypart, c->buf.sz); http_get_free(g); - if (NULL == c->buf.buf) { + if (c->buf.buf == NULL) { warn("malloc"); return (-1); } @@ -234,7 +234,7 @@ sreq(struct conn *c, const char *addr, const char *req) ssize_t ssz; long code; - if (NULL == (host = url2host(c->na, &port, &path))) + if ((host = url2host(c->na, &port, &path)) == NULL) return (-1); if ((ssz = urlresolve(c->dfd, host, src)) < 0) { @@ -246,15 +246,15 @@ sreq(struct conn *c, const char *addr, const char *req) g = http_get(src, (size_t)ssz, host, port, path, NULL, 0); free(host); free(path); - if (NULL == g) + if (g == NULL) return (-1); h = http_head_get("Replay-Nonce", g->head, g->headsz); - if (NULL == h) { + if (h == NULL) { warnx("%s: no replay nonce", c->na); http_get_free(g); return (-1); - } else if (NULL == (nonce = strdup(h->val))) { + } else if ((nonce = strdup(h->val)) == NULL) { warn("strdup"); http_get_free(g); return (-1); @@ -280,12 +280,12 @@ sreq(struct conn *c, const char *addr, const char *req) /* Now read back the signed payload. */ - if (NULL == (reqsn = readstr(c->fd, COMM_REQ))) + if ((reqsn = readstr(c->fd, COMM_REQ)) == NULL) return (-1); /* Now send the signed payload to the CA. */ - if (NULL == (host = url2host(addr, &port, &path))) { + if ((host = url2host(addr, &port, &path)) == NULL) { free(reqsn); return (-1); } else if ((ssz = urlresolve(c->dfd, host, src)) < 0) { @@ -300,7 +300,7 @@ sreq(struct conn *c, const char *addr, const char *req) free(host); free(path); free(reqsn); - if (NULL == g) + if (g == NULL) return (-1); /* Stuff response into parse buffer. */ @@ -312,7 +312,7 @@ sreq(struct conn *c, const char *addr, const char *req) c->buf.buf = malloc(c->buf.sz); memcpy(c->buf.buf, g->bodypart, c->buf.sz); http_get_free(g); - if (NULL == c->buf.buf) { + if (c->buf.buf == NULL) { warn("malloc"); return (-1); } @@ -333,18 +333,18 @@ donewreg(struct conn *c, const char *agreement, const struct capaths *p) dodbg("%s: new-reg", p->newreg); - if (NULL == (req = json_fmt_newreg(agreement))) + if ((req = json_fmt_newreg(agreement)) == NULL) warnx("json_fmt_newreg"); else if ((lc = sreq(c, p->newreg, req)) < 0) warnx("%s: bad comm", p->newreg); - else if (200 != lc && 201 != lc) + else if (lc != 200 && lc != 201) warnx("%s: bad HTTP: %ld", p->newreg, lc); - else if (NULL == c->buf.buf || 0 == c->buf.sz) + else if (c->buf.buf == NULL || c->buf.sz == 0) warnx("%s: empty response", p->newreg); else rc = 1; - if (0 == rc || verbose > 1) + if (rc == 0 || verbose > 1) buf_dump(&c->buf); free(req); return (rc); @@ -366,20 +366,20 @@ dochngreq(struct conn *c, const char *alt, struct chng *chng, dodbg("%s: req-auth: %s", p->newauthz, alt); - if (NULL == (req = json_fmt_newauthz(alt))) + if ((req = json_fmt_newauthz(alt)) == NULL) warnx("json_fmt_newauthz"); else if ((lc = sreq(c, p->newauthz, req)) < 0) warnx("%s: bad comm", p->newauthz); - else if (200 != lc && 201 != lc) + else if (lc != 200 && lc != 201) warnx("%s: bad HTTP: %ld", p->newauthz, lc); - else if (NULL == (j = json_parse(c->buf.buf, c->buf.sz))) + else if ((j = json_parse(c->buf.buf, c->buf.sz)) == NULL) warnx("%s: bad JSON object", p->newauthz); else if (!json_parse_challenge(j, chng)) warnx("%s: bad challenge", p->newauthz); else rc = 1; - if (0 == rc || verbose > 1) + if (rc == 0 || verbose > 1) buf_dump(&c->buf); json_free(j); free(req); @@ -398,16 +398,16 @@ dochngresp(struct conn *c, const struct chng *chng, const char *th) dodbg("%s: challenge", chng->uri); - if (NULL == (req = json_fmt_challenge(chng->token, th))) + if ((req = json_fmt_challenge(chng->token, th)) == NULL) warnx("json_fmt_challenge"); else if ((lc = sreq(c, chng->uri, req)) < 0) warnx("%s: bad comm", chng->uri); - else if (200 != lc && 201 != lc && 202 != lc) + else if (lc != 200 && lc != 201 && lc != 202) warnx("%s: bad HTTP: %ld", chng->uri, lc); else rc = 1; - if (0 == rc || verbose > 1) + if (rc == 0 || verbose > 1) buf_dump(&c->buf); free(req); return (rc); @@ -430,15 +430,15 @@ dochngcheck(struct conn *c, struct chng *chng) if ((lc = nreq(c, chng->uri)) < 0) { warnx("%s: bad comm", chng->uri); return (0); - } else if (200 != lc && 201 != lc && 202 != lc) { + } else if (lc != 200 && lc != 201 && lc != 202) { warnx("%s: bad HTTP: %ld", chng->uri, lc); buf_dump(&c->buf); return (0); - } else if (NULL == (j = json_parse(c->buf.buf, c->buf.sz))) { + } else if ((j = json_parse(c->buf.buf, c->buf.sz)) == NULL) { warnx("%s: bad JSON object", chng->uri); buf_dump(&c->buf); return (0); - } else if (-1 == (cc = json_parse_response(j))) { + } else if ((cc = json_parse_response(j)) == -1) { warnx("%s: bad response", chng->uri); buf_dump(&c->buf); json_free(j); @@ -459,19 +459,19 @@ dorevoke(struct conn *c, const char *addr, const char *cert) dodbg("%s: revocation", addr); - if (NULL == (req = json_fmt_revokecert(cert))) + if ((req = json_fmt_revokecert(cert)) == NULL) warnx("json_fmt_revokecert"); else if ((lc = sreq(c, addr, req)) < 0) warnx("%s: bad comm", addr); - else if (200 != lc && 201 != lc && 409 != lc) + else if (lc != 200 && lc != 201 && lc != 409) warnx("%s: bad HTTP: %ld", addr, lc); else rc = 1; - if (409 == lc) + if (lc == 409) warnx("%s: already revoked", addr); - if (0 == rc || verbose > 1) + if (rc == 0 || verbose > 1) buf_dump(&c->buf); free(req); return (rc); @@ -490,18 +490,18 @@ docert(struct conn *c, const char *addr, const char *cert) dodbg("%s: certificate", addr); - if (NULL == (req = json_fmt_newcert(cert))) + if ((req = json_fmt_newcert(cert)) == NULL) warnx("json_fmt_newcert"); else if ((lc = sreq(c, addr, req)) < 0) warnx("%s: bad comm", addr); - else if (200 != lc && 201 != lc) + else if (lc != 200 && lc != 201) warnx("%s: bad HTTP: %ld", addr, lc); - else if (0 == c->buf.sz || NULL == c->buf.buf) + else if (c->buf.sz == 0 || c->buf.buf == NULL) warnx("%s: empty response", addr); else rc = 1; - if (0 == rc || verbose > 1) + if (rc == 0 || verbose > 1) buf_dump(&c->buf); free(req); return (rc); @@ -521,16 +521,16 @@ dodirs(struct conn *c, const char *addr, struct capaths *paths) if ((lc = nreq(c, addr)) < 0) warnx("%s: bad comm", addr); - else if (200 != lc && 201 != lc) + else if (lc != 200 && lc != 201) warnx("%s: bad HTTP: %ld", addr, lc); - else if (NULL == (j = json_parse(c->buf.buf, c->buf.sz))) + else if ((j = json_parse(c->buf.buf, c->buf.sz)) == NULL) warnx("json_parse"); else if (!json_parse_capaths(j, paths)) warnx("%s: bad CA paths", addr); else rc = 1; - if (0 == rc || verbose > 1) + if (rc == 0 || verbose > 1) buf_dump(&c->buf); json_free(j); return (rc); @@ -549,12 +549,12 @@ dofullchain(struct conn *c, const char *addr) if ((lc = nreq(c, addr)) < 0) warnx("%s: bad comm", addr); - else if (200 != lc && 201 != lc) + else if (lc != 200 && lc != 201) warnx("%s: bad HTTP: %ld", addr, lc); else rc = 1; - if (0 == rc || verbose > 1) + if (rc == 0 || verbose > 1) buf_dump(&c->buf); return (rc); } @@ -603,33 +603,33 @@ netproc(int kfd, int afd, int Cfd, int cfd, int dfd, int rfd, * on file (if any) can be updated. */ - if (0 == (lval = readop(afd, COMM_ACCT_STAT))) { + if ((lval = readop(afd, COMM_ACCT_STAT)) == 0) { rc = 1; goto out; - } else if (ACCT_READY != lval) { + } else if (lval != ACCT_READY) { warnx("unknown operation from acctproc"); goto out; } - if (0 == (lval = readop(kfd, COMM_KEY_STAT))) { + if ((lval = readop(kfd, COMM_KEY_STAT)) == 0) { rc = 1; goto out; - } else if (KEY_READY != lval) { + } else if (lval != KEY_READY) { warnx("unknown operation from keyproc"); goto out; } - if (0 == (lval = readop(rfd, COMM_REVOKE_RESP))) { + if ((lval = readop(rfd, COMM_REVOKE_RESP)) == 0) { rc = 1; goto out; - } else if (REVOKE_EXP != lval && REVOKE_OK != lval) { + } else if (lval != REVOKE_EXP && lval != REVOKE_OK) { warnx("unknown operation from revokeproc"); goto out; } /* If our certificate is up-to-date, return now. */ - if (REVOKE_OK == lval) { + if (lval == REVOKE_OK) { rc = 1; goto out; } @@ -637,7 +637,7 @@ netproc(int kfd, int afd, int Cfd, int cfd, int dfd, int rfd, /* Allocate main state. */ chngs = calloc(altsz, sizeof(struct chng)); - if (NULL == chngs) { + if (chngs == NULL) { warn("calloc"); goto out; } @@ -662,7 +662,7 @@ netproc(int kfd, int afd, int Cfd, int cfd, int dfd, int rfd, */ if (revocate) { - if (NULL == (cert = readstr(rfd, COMM_CSR))) + if ((cert = readstr(rfd, COMM_CSR)) == NULL) goto out; if (!dorevoke(&c, paths.revokecert, cert)) goto out; @@ -691,7 +691,7 @@ netproc(int kfd, int afd, int Cfd, int cfd, int dfd, int rfd, if (writeop(afd, COMM_ACCT, ACCT_THUMBPRINT) <= 0) goto out; - else if (NULL == (thumb = readstr(afd, COMM_THUMB))) + else if ((thumb = readstr(afd, COMM_THUMB)) == NULL) goto out; /* We'll now ask chngproc to build the challenge. */ @@ -706,7 +706,7 @@ netproc(int kfd, int afd, int Cfd, int cfd, int dfd, int rfd, /* Read that the challenge has been made. */ - if (CHNG_ACK != readop(Cfd, COMM_CHNG_ACK)) + if (readop(Cfd, COMM_CHNG_ACK) != CHNG_ACK) goto out; /* Write to the CA that it's ready. */ @@ -722,7 +722,7 @@ netproc(int kfd, int afd, int Cfd, int cfd, int dfd, int rfd, */ for (i = 0; i < altsz; i++) { - if (1 == chngs[i].status) + if (chngs[i].status == 1) continue; if (chngs[i].retry++ >= RETRY_MAX) { @@ -746,7 +746,7 @@ netproc(int kfd, int afd, int Cfd, int cfd, int dfd, int rfd, /* Wait to receive the certificate itself. */ - if (NULL == (cert = readstr(kfd, COMM_CERT))) + if ((cert = readstr(kfd, COMM_CERT)) == NULL) goto out; /* @@ -767,7 +767,7 @@ netproc(int kfd, int afd, int Cfd, int cfd, int dfd, int rfd, * Write this chain directly back to the certproc. */ - if (NULL == (url = readstr(cfd, COMM_ISSUER))) + if ((url = readstr(cfd, COMM_ISSUER)) == NULL) goto out; else if (!dofullchain(&c, url)) goto out; @@ -786,7 +786,7 @@ out: free(url); free(thumb); free(c.buf.buf); - if (NULL != chngs) + if (chngs != NULL) for (i = 0; i < altsz; i++) json_free_challenge(&chngs[i]); free(chngs); diff --git a/usr.sbin/acme-client/revokeproc.c b/usr.sbin/acme-client/revokeproc.c index e0d0a0c7d28..ae5d89a61ce 100644 --- a/usr.sbin/acme-client/revokeproc.c +++ b/usr.sbin/acme-client/revokeproc.c @@ -1,4 +1,4 @@ -/* $Id: revokeproc.c,v 1.9 2017/01/21 08:54:26 florian Exp $ */ +/* $Id: revokeproc.c,v 1.10 2017/01/24 12:05:14 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -114,10 +114,10 @@ revokeproc(int fd, const char *certdir, const char *certfile, int force, * We allow "f" to be NULL IFF the cert doesn't exist yet. */ - if (-1 == asprintf(&path, "%s/%s", certdir, certfile)) { + if (asprintf(&path, "%s/%s", certdir, certfile) == -1) { warn("asprintf"); goto out; - } else if (NULL == (f = fopen(path, "r")) && ENOENT != errno) { + } else if ((f = fopen(path, "r")) == NULL && errno != ENOENT) { warn("%s", path); goto out; } @@ -139,24 +139,24 @@ revokeproc(int fd, const char *certdir, const char *certfile, int force, * Ignore if the reader isn't reading in either case. */ - if (NULL == f && revocate) { + if (f == NULL && revocate) { warnx("%s/%s: no certificate found", certdir, certfile); (void)writeop(fd, COMM_REVOKE_RESP, REVOKE_OK); goto out; - } else if (NULL == f && ! revocate) { + } else if (f == NULL && ! revocate) { if (writeop(fd, COMM_REVOKE_RESP, REVOKE_EXP) >= 0) rc = 1; goto out; } - if (NULL == (x = PEM_read_X509(f, NULL, NULL, NULL))) { + if ((x = PEM_read_X509(f, NULL, NULL, NULL)) == NULL) { warnx("PEM_read_X509"); goto out; } /* Read out the expiration date. */ - if ((time_t)-1 == (t = X509expires(x))) { + if ((t = X509expires(x)) == (time_t)-1) { warnx("X509expires"); goto out; } @@ -167,32 +167,32 @@ revokeproc(int fd, const char *certdir, const char *certfile, int force, * comamnd line. */ - extsz = NULL != x->cert_info->extensions ? + extsz = x->cert_info->extensions != NULL ? sk_X509_EXTENSION_num(x->cert_info->extensions) : 0; /* Scan til we find the SAN NID. */ for (i = 0; i < extsz; i++) { ex = sk_X509_EXTENSION_value(x->cert_info->extensions, i); - assert(NULL != ex); + assert(ex != NULL); obj = X509_EXTENSION_get_object(ex); - assert(NULL != obj); + assert(obj != NULL); if (NID_subject_alt_name != OBJ_obj2nid(obj)) continue; - if (NULL != san) { + if (san != NULL) { warnx("%s/%s: two SAN entries", certdir, certfile); goto out; } bio = BIO_new(BIO_s_mem()); - if (NULL == bio) { + if (bio == NULL) { warnx("BIO_new"); goto out; } else if (!X509V3_EXT_print(bio, ex, 0, 0)) { warnx("X509V3_EXT_print"); goto out; - } else if (NULL == (san = calloc(1, bio->num_write + 1))) { + } else if ((san = calloc(1, bio->num_write + 1)) == NULL) { warn("calloc"); goto out; } @@ -203,14 +203,14 @@ revokeproc(int fd, const char *certdir, const char *certfile, int force, } } - if (NULL == san) { + if (san == NULL) { warnx("%s/%s: does not have a SAN entry", certdir, certfile); goto out; } /* An array of buckets: the number of entries found. */ - if (NULL == (found = calloc(altsz, sizeof(size_t)))) { + if ((found = calloc(altsz, sizeof(size_t))) == NULL) { warn("calloc"); goto out; } @@ -221,8 +221,8 @@ revokeproc(int fd, const char *certdir, const char *certfile, int force, */ str = san; - while (NULL != (tok = strsep(&str, ","))) { - if ('\0' == *tok) + while ((tok = strsep(&str, ",")) != NULL) { + if (*tok == '\0') continue; while (isspace((int)*tok)) tok++; @@ -230,7 +230,7 @@ revokeproc(int fd, const char *certdir, const char *certfile, int force, continue; tok += 4; for (j = 0; j < altsz; j++) - if (0 == strcmp(tok, alts[j])) + if (strcmp(tok, alts[j]) == 0) break; if (j == altsz) { warnx("%s/%s: unknown SAN entry: %s", @@ -267,7 +267,7 @@ revokeproc(int fd, const char *certdir, const char *certfile, int force, */ cc = writeop(fd, COMM_REVOKE_RESP, REVOKE_EXP); - if (0 == cc) + if (cc == 0) rc = 1; if (cc <= 0) goto out; @@ -275,13 +275,13 @@ revokeproc(int fd, const char *certdir, const char *certfile, int force, if ((len = i2d_X509(x, NULL)) < 0) { warnx("i2d_X509"); goto out; - } else if (NULL == (der = dercp = malloc(len))) { + } else if ((der = dercp = malloc(len)) == NULL) { warn("malloc"); goto out; } else if (len != i2d_X509(x, (u_char **)&dercp)) { warnx("i2d_X509"); goto out; - } else if (NULL == (der64 = base64buf_url(der, len))) { + } else if ((der64 = base64buf_url(der, len)) == NULL) { warnx("base64buf_url"); goto out; } else if (writestr(fd, COMM_CSR, der64) >= 0) @@ -311,15 +311,15 @@ revokeproc(int fd, const char *certdir, const char *certfile, int force, * If netproc is down, just exit. */ - if (0 == (cc = writeop(fd, COMM_REVOKE_RESP, rop))) + if ((cc = writeop(fd, COMM_REVOKE_RESP, rop)) == 0) rc = 1; if (cc <= 0) goto out; op = REVOKE__MAX; - if (0 == (lval = readop(fd, COMM_REVOKE_OP))) + if ((lval = readop(fd, COMM_REVOKE_OP)) == 0) op = REVOKE_STOP; - else if (REVOKE_CHECK == lval) + else if (lval == REVOKE_CHECK) op = lval; if (REVOKE__MAX == op) { @@ -333,11 +333,11 @@ revokeproc(int fd, const char *certdir, const char *certfile, int force, rc = 1; out: close(fd); - if (NULL != f) + if (f != NULL) fclose(f); - if (NULL != x) + if (x != NULL) X509_free(x); - if (NULL != bio) + if (bio != NULL) BIO_free(bio); free(san); free(path); diff --git a/usr.sbin/acme-client/rsa.c b/usr.sbin/acme-client/rsa.c index 2536ed9bacf..74bc72a3e19 100644 --- a/usr.sbin/acme-client/rsa.c +++ b/usr.sbin/acme-client/rsa.c @@ -1,4 +1,4 @@ -/* $Id: rsa.c,v 1.4 2016/09/13 16:49:28 deraadt Exp $ */ +/* $Id: rsa.c,v 1.5 2017/01/24 12:05:14 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -41,7 +41,7 @@ rsa_key_create(FILE *f, const char *fname) /* First, create the context and the key. */ - if (NULL == (ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL))) { + if ((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL) { warnx("EVP_PKEY_CTX_new_id"); goto err; } else if (EVP_PKEY_keygen_init(ctx) <= 0) { @@ -62,11 +62,11 @@ rsa_key_create(FILE *f, const char *fname) warnx("%s: PEM_write_PrivateKey", fname); err: - if (NULL != pkey) + if (pkey != NULL) EVP_PKEY_free(pkey); pkey = NULL; out: - if (NULL != ctx) + if (ctx != NULL) EVP_PKEY_CTX_free(ctx); return (pkey); } @@ -78,10 +78,10 @@ rsa_key_load(FILE *f, const char *fname) EVP_PKEY *pkey; pkey = PEM_read_PrivateKey(f, NULL, NULL, NULL); - if (NULL == pkey) { + if (pkey == NULL) { warnx("%s: PEM_read_PrivateKey", fname); return (NULL); - } else if (EVP_PKEY_RSA == EVP_PKEY_type(pkey->type)) + } else if (EVP_PKEY_type(pkey->type) == EVP_PKEY_RSA) return (pkey); warnx("%s: unsupported key type", fname); diff --git a/usr.sbin/acme-client/util.c b/usr.sbin/acme-client/util.c index dab3c358ba0..f44080903a4 100644 --- a/usr.sbin/acme-client/util.c +++ b/usr.sbin/acme-client/util.c @@ -1,4 +1,4 @@ -/* $Id: util.c,v 1.6 2017/01/24 07:59:54 deraadt Exp $ */ +/* $Id: util.c,v 1.7 2017/01/24 12:05:14 jsing Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -97,7 +97,7 @@ readop(int fd, enum comm comm) } else if (ssz && ssz != sizeof(long)) { warnx("short read: %s", comms[comm]); return (LONG_MAX); - } else if (0 == ssz) + } else if (ssz == 0) return (0); return (op); @@ -133,7 +133,7 @@ readbuf(int fd, enum comm comm, size_t *sz) } else if (*sz > SIZE_MAX - 1) { warnx("integer overflow"); return (NULL); - } else if (NULL == (p = calloc(1, *sz + 1))) { + } else if ((p = calloc(1, *sz + 1)) == NULL) { warn("malloc"); return (NULL); } @@ -176,10 +176,10 @@ writeop(int fd, enum comm comm, long op) sigfp = signal(SIGPIPE, sigpipe); if ((ssz = write(fd, &op, sizeof(long))) < 0) { - if (EPIPE != (er = errno)) + if ((er = errno) != EPIPE) warn("write: %s", comms[comm]); signal(SIGPIPE, sigfp); - return (EPIPE == er ? 0 : -1); + return (er == EPIPE ? 0 : -1); } signal(SIGPIPE, sigfp); @@ -213,10 +213,10 @@ writebuf(int fd, enum comm comm, const void *v, size_t sz) sigfp = signal(SIGPIPE, sigpipe); if ((ssz = write(fd, &sz, sizeof(size_t))) < 0) { - if (EPIPE != (er = errno)) + if ((er = errno) != EPIPE) warn("write: %s length", comms[comm]); signal(SIGPIPE, sigfp); - return (EPIPE == er ? 0 : -1); + return (er == EPIPE ? 0 : -1); } /* Now write errors cause us to bail. */ @@ -252,7 +252,7 @@ checkexit(pid_t pid, enum comp comp) int c, cc; const char *cp; - if (-1 == waitpid(pid, &c, 0)) { + if (waitpid(pid, &c, 0) == -1) { warn("waitpid"); return (0); } else if (!WIFEXITED(c) && WIFSIGNALED(c)) { @@ -262,7 +262,7 @@ checkexit(pid_t pid, enum comp comp) } else if (!WIFEXITED(c)) { warnx("did not exit: %s(%u)", comps[comp], pid); return (0); - } else if (EXIT_SUCCESS != WEXITSTATUS(c)) { + } else if (WEXITSTATUS(c) != EXIT_SUCCESS) { cc = WEXITSTATUS(c); dodbg("bad exit: %s(%u): %d", comps[comp], pid, cc); return (0); @@ -285,7 +285,7 @@ checkexit_ext(int *rc, pid_t pid, enum comp comp) *rc = EXIT_FAILURE; - if (-1 == waitpid(pid, &c, 0)) { + if (waitpid(pid, &c, 0) == -1) { warn("waitpid"); return (0); } @@ -301,7 +301,7 @@ checkexit_ext(int *rc, pid_t pid, enum comp comp) /* Now check extended status. */ - if (EXIT_SUCCESS != (*rc = WEXITSTATUS(c)) && 2 != *rc) { + if ((*rc = WEXITSTATUS(c)) != EXIT_SUCCESS && *rc != 2) { dodbg("bad exit: %s(%u): %d", comps[comp], pid, *rc); return (0); } |