1 files changed, 17 insertions, 18 deletions
diff --git a/src/usr.bin/openssl/x509.c b/src/usr.bin/openssl/x509.c
index 6326e1a544..8651c317c0 100644
--- a/src/usr.bin/openssl/x509.c
+++ b/src/usr.bin/openssl/x509.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.c,v 1.20 2021/03/26 13:46:25 inoguchi Exp $ */
+/* $OpenBSD: x509.c,v 1.21 2021/04/01 10:47:38 inoguchi Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -782,7 +782,7 @@ x509_main(int argc, char **argv)
                    "need to specify a CAkey if using the CA command\n");
                goto end;
        }
-        if (x509_config.extfile) {
+        if (x509_config.extfile != NULL) {
                long errorline = -1;
                X509V3_CTX ctx2;
                extconf = NCONF_new(NULL);
@@ -797,10 +797,10 @@ x509_main(int argc, char **argv)
                                    errorline, x509_config.extfile);
                        goto end;
                }
-                if (!x509_config.extsect) {
+                if (x509_config.extsect == NULL) {
                        x509_config.extsect = NCONF_get_string(extconf,
                            "default", "extensions");
-                        if (!x509_config.extsect) {
+                        if (x509_config.extsect == NULL) {
                                ERR_clear_error();
                                x509_config.extsect = "default";
                        }
@@ -882,7 +882,7 @@ x509_main(int argc, char **argv)
                if (x509_config.sno == NULL) {
                        x509_config.sno = ASN1_INTEGER_new();
-                        if (!x509_config.sno ||
+                        if (x509_config.sno == NULL ||
                            !rand_serial(NULL, x509_config.sno))
                                goto end;
                        if (!X509_set_serialNumber(x, x509_config.sno))
@@ -933,7 +933,7 @@ x509_main(int argc, char **argv)
                        }
                }
        }
-        if (x509_config.alias)
+        if (x509_config.alias != NULL)
                X509_alias_set1(x, (unsigned char *) x509_config.alias, -1);
        if (x509_config.clrtrust)
@@ -941,14 +941,14 @@ x509_main(int argc, char **argv)
        if (x509_config.clrreject)
                X509_reject_clear(x);
-        if (x509_config.trust) {
+        if (x509_config.trust != NULL) {
                for (i = 0; i < sk_ASN1_OBJECT_num(x509_config.trust); i++) {
                        x509_config.objtmp = sk_ASN1_OBJECT_value(
                            x509_config.trust, i);
                        X509_add1_trust_object(x, x509_config.objtmp);
                }
        }
-        if (x509_config.reject) {
+        if (x509_config.reject != NULL) {
                for (i = 0; i < sk_ASN1_OBJECT_num(x509_config.reject); i++) {
                        x509_config.objtmp = sk_ASN1_OBJECT_value(
                            x509_config.reject, i);
@@ -975,12 +975,12 @@ x509_main(int argc, char **argv)
                                ASN1_INTEGER *ser;
                                ser = X509_get_serialNumber(x);
                                bnser = ASN1_INTEGER_to_BN(ser, NULL);
-                                if (!bnser)
+                                if (bnser == NULL)
                                        goto end;
                                if (!BN_add_word(bnser, 1))
                                        goto end;
                                ser = BN_to_ASN1_INTEGER(bnser, NULL);
-                                if (!ser)
+                                if (ser == NULL)
                                        goto end;
                                BN_free(bnser);
                                i2a_ASN1_INTEGER(out, ser);
@@ -1001,7 +1001,7 @@ x509_main(int argc, char **argv)
                        } else if (x509_config.aliasout == i) {
                                unsigned char *alstr;
                                alstr = X509_alias_get0(x, NULL);
-                                if (alstr)
+                                if (alstr != NULL)
                                        BIO_printf(STDout, "%s\n", alstr);
                                else
                                        BIO_puts(STDout, "<No Alias>\n");
@@ -1155,7 +1155,7 @@ x509_main(int argc, char **argv)
                                unsigned char md[EVP_MAX_MD_SIZE];
                                const EVP_MD *fdig = x509_config.digest;
-                                if (!fdig)
+                                if (fdig == NULL)
                                        fdig = EVP_sha256();
                                if (!X509_digest(x, fdig, md, &n)) {
@@ -1372,9 +1372,9 @@ x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, X509 *x,
                BIO_printf(bio_err, "Error initialising X509 store\n");
                goto end;
        }
-        if (sno)
+        if (sno != NULL)
                bs = sno;
-        else if (!(bs = x509_load_serial(CAfile, serialfile, create)))
+        else if ((bs = x509_load_serial(CAfile, serialfile, create)) == NULL)
                goto end;
 /*      if (!X509_STORE_add_cert(ctx,x)) goto end;*/
@@ -1409,7 +1409,7 @@ x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, X509 *x,
                while (X509_get_ext_count(x) > 0)
                        X509_delete_ext(x, 0);
        }
-        if (conf) {
+        if (conf != NULL) {
                X509V3_CTX ctx2;
                X509_set_version(x, 2); /* version 3 certificate */
                X509V3_set_ctx(&ctx2, xca, x, NULL, NULL, 0);
@@ -1424,7 +1424,7 @@ x509_certify(X509_STORE *ctx, char *CAfile, const EVP_MD *digest, X509 *x,
        X509_STORE_CTX_cleanup(&xsc);
        if (!ret)
                ERR_print_errors(bio_err);
-        if (!sno)
+        if (sno == NULL)
                ASN1_INTEGER_free(bs);
        return ret;
 }
@@ -1469,7 +1469,6 @@ static int
 sign(X509 *x, EVP_PKEY *pkey, int days, int clrext, const EVP_MD *digest,
    CONF *conf, char *section)
 {
        EVP_PKEY *pktmp;
        pktmp = X509_get_pubkey(x);
@@ -1496,7 +1495,7 @@ sign(X509 *x, EVP_PKEY *pkey, int days, int clrext, const EVP_MD *digest,
                while (X509_get_ext_count(x) > 0)
                        X509_delete_ext(x, 0);
        }
-        if (conf) {
+        if (conf != NULL) {
                X509V3_CTX ctx;
                X509_set_version(x, 2); /* version 3 certificate */
                X509V3_set_ctx(&ctx, x, x, NULL, NULL, 0);

diff --git a/src/usr.bin/openssl/x509.c b/src/usr.bin/openssl/x509.c index 6326e1a544..8651c317c0 100644 --- a/src/usr.bin/openssl/x509.c +++ b/src/usr.bin/openssl/x509.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509.c,v 1.20 2021/03/26 13:46:25 inoguchi Exp $ */	1	/* $OpenBSD: x509.c,v 1.21 2021/04/01 10:47:38 inoguchi Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -782,7 +782,7 @@ x509_main(int argc, char **argv)
782	"need to specify a CAkey if using the CA command\n");	782	"need to specify a CAkey if using the CA command\n");
783	goto end;	783	goto end;
784	}	784	}
785	if (x509_config.extfile) {	785	if (x509_config.extfile != NULL) {
786	long errorline = -1;	786	long errorline = -1;
787	X509V3_CTX ctx2;	787	X509V3_CTX ctx2;
788	extconf = NCONF_new(NULL);	788	extconf = NCONF_new(NULL);
@@ -797,10 +797,10 @@ x509_main(int argc, char **argv)
797	errorline, x509_config.extfile);	797	errorline, x509_config.extfile);
798	goto end;	798	goto end;
799	}	799	}
800	if (!x509_config.extsect) {	800	if (x509_config.extsect == NULL) {
801	x509_config.extsect = NCONF_get_string(extconf,	801	x509_config.extsect = NCONF_get_string(extconf,
802	"default", "extensions");	802	"default", "extensions");
803	if (!x509_config.extsect) {	803	if (x509_config.extsect == NULL) {
804	ERR_clear_error();	804	ERR_clear_error();
805	x509_config.extsect = "default";	805	x509_config.extsect = "default";
806	}	806	}
@@ -882,7 +882,7 @@ x509_main(int argc, char **argv)
882		882
883	if (x509_config.sno == NULL) {	883	if (x509_config.sno == NULL) {
884	x509_config.sno = ASN1_INTEGER_new();	884	x509_config.sno = ASN1_INTEGER_new();
885	if (!x509_config.sno \|\|	885	if (x509_config.sno == NULL \|\|
886	!rand_serial(NULL, x509_config.sno))	886	!rand_serial(NULL, x509_config.sno))
887	goto end;	887	goto end;
888	if (!X509_set_serialNumber(x, x509_config.sno))	888	if (!X509_set_serialNumber(x, x509_config.sno))
@@ -933,7 +933,7 @@ x509_main(int argc, char **argv)
933	}	933	}
934	}	934	}
935	}	935	}
936	if (x509_config.alias)	936	if (x509_config.alias != NULL)
937	X509_alias_set1(x, (unsigned char *) x509_config.alias, -1);	937	X509_alias_set1(x, (unsigned char *) x509_config.alias, -1);
938		938
939	if (x509_config.clrtrust)	939	if (x509_config.clrtrust)
@@ -941,14 +941,14 @@ x509_main(int argc, char **argv)
941	if (x509_config.clrreject)	941	if (x509_config.clrreject)
942	X509_reject_clear(x);	942	X509_reject_clear(x);
943		943
944	if (x509_config.trust) {	944	if (x509_config.trust != NULL) {
945	for (i = 0; i < sk_ASN1_OBJECT_num(x509_config.trust); i++) {	945	for (i = 0; i < sk_ASN1_OBJECT_num(x509_config.trust); i++) {
946	x509_config.objtmp = sk_ASN1_OBJECT_value(	946	x509_config.objtmp = sk_ASN1_OBJECT_value(
947	x509_config.trust, i);	947	x509_config.trust, i);
948	X509_add1_trust_object(x, x509_config.objtmp);	948	X509_add1_trust_object(x, x509_config.objtmp);
949	}	949	}
950	}	950	}
951	if (x509_config.reject) {	951	if (x509_config.reject != NULL) {
952	for (i = 0; i < sk_ASN1_OBJECT_num(x509_config.reject); i++) {	952	for (i = 0; i < sk_ASN1_OBJECT_num(x509_config.reject); i++) {
953	x509_config.objtmp = sk_ASN1_OBJECT_value(	953	x509_config.objtmp = sk_ASN1_OBJECT_value(
954	x509_config.reject, i);	954	x509_config.reject, i);
@@ -975,12 +975,12 @@ x509_main(int argc, char **argv)
975	ASN1_INTEGER *ser;	975	ASN1_INTEGER *ser;
976	ser = X509_get_serialNumber(x);	976	ser = X509_get_serialNumber(x);
977	bnser = ASN1_INTEGER_to_BN(ser, NULL);	977	bnser = ASN1_INTEGER_to_BN(ser, NULL);
978	if (!bnser)	978	if (bnser == NULL)
979	goto end;	979	goto end;
980	if (!BN_add_word(bnser, 1))	980	if (!BN_add_word(bnser, 1))
981	goto end;	981	goto end;
982	ser = BN_to_ASN1_INTEGER(bnser, NULL);	982	ser = BN_to_ASN1_INTEGER(bnser, NULL);
983	if (!ser)	983	if (ser == NULL)
984	goto end;	984	goto end;
985	BN_free(bnser);	985	BN_free(bnser);
986	i2a_ASN1_INTEGER(out, ser);	986	i2a_ASN1_INTEGER(out, ser);
@@ -1001,7 +1001,7 @@ x509_main(int argc, char **argv)
1001	} else if (x509_config.aliasout == i) {	1001	} else if (x509_config.aliasout == i) {
1002	unsigned char *alstr;	1002	unsigned char *alstr;
1003	alstr = X509_alias_get0(x, NULL);	1003	alstr = X509_alias_get0(x, NULL);
1004	if (alstr)	1004	if (alstr != NULL)
1005	BIO_printf(STDout, "%s\n", alstr);	1005	BIO_printf(STDout, "%s\n", alstr);
1006	else	1006	else
1007	BIO_puts(STDout, "<No Alias>\n");	1007	BIO_puts(STDout, "<No Alias>\n");
@@ -1155,7 +1155,7 @@ x509_main(int argc, char **argv)
1155	unsigned char md[EVP_MAX_MD_SIZE];	1155	unsigned char md[EVP_MAX_MD_SIZE];
1156	const EVP_MD *fdig = x509_config.digest;	1156	const EVP_MD *fdig = x509_config.digest;
1157		1157
1158	if (!fdig)	1158	if (fdig == NULL)
1159	fdig = EVP_sha256();	1159	fdig = EVP_sha256();
1160		1160
1161	if (!X509_digest(x, fdig, md, &n)) {	1161	if (!X509_digest(x, fdig, md, &n)) {
@@ -1372,9 +1372,9 @@ x509_certify(X509_STORE ctx, char CAfile, const EVP_MD digest, X509 x,
1372	BIO_printf(bio_err, "Error initialising X509 store\n");	1372	BIO_printf(bio_err, "Error initialising X509 store\n");
1373	goto end;	1373	goto end;
1374	}	1374	}
1375	if (sno)	1375	if (sno != NULL)
1376	bs = sno;	1376	bs = sno;
1377	else if (!(bs = x509_load_serial(CAfile, serialfile, create)))	1377	else if ((bs = x509_load_serial(CAfile, serialfile, create)) == NULL)
1378	goto end;	1378	goto end;
1379		1379
1380	/* if (!X509_STORE_add_cert(ctx,x)) goto end;*/	1380	/* if (!X509_STORE_add_cert(ctx,x)) goto end;*/
@@ -1409,7 +1409,7 @@ x509_certify(X509_STORE ctx, char CAfile, const EVP_MD digest, X509 x,
1409	while (X509_get_ext_count(x) > 0)	1409	while (X509_get_ext_count(x) > 0)
1410	X509_delete_ext(x, 0);	1410	X509_delete_ext(x, 0);
1411	}	1411	}
1412	if (conf) {	1412	if (conf != NULL) {
1413	X509V3_CTX ctx2;	1413	X509V3_CTX ctx2;
1414	X509_set_version(x, 2); /* version 3 certificate */	1414	X509_set_version(x, 2); /* version 3 certificate */
1415	X509V3_set_ctx(&ctx2, xca, x, NULL, NULL, 0);	1415	X509V3_set_ctx(&ctx2, xca, x, NULL, NULL, 0);
@@ -1424,7 +1424,7 @@ x509_certify(X509_STORE ctx, char CAfile, const EVP_MD digest, X509 x,
1424	X509_STORE_CTX_cleanup(&xsc);	1424	X509_STORE_CTX_cleanup(&xsc);
1425	if (!ret)	1425	if (!ret)
1426	ERR_print_errors(bio_err);	1426	ERR_print_errors(bio_err);
1427	if (!sno)	1427	if (sno == NULL)
1428	ASN1_INTEGER_free(bs);	1428	ASN1_INTEGER_free(bs);
1429	return ret;	1429	return ret;
1430	}	1430	}
@@ -1469,7 +1469,6 @@ static int
1469	sign(X509 x, EVP_PKEY pkey, int days, int clrext, const EVP_MD *digest,	1469	sign(X509 x, EVP_PKEY pkey, int days, int clrext, const EVP_MD *digest,
1470	CONF conf, char section)	1470	CONF conf, char section)
1471	{	1471	{
1472
1473	EVP_PKEY *pktmp;	1472	EVP_PKEY *pktmp;
1474		1473
1475	pktmp = X509_get_pubkey(x);	1474	pktmp = X509_get_pubkey(x);
@@ -1496,7 +1495,7 @@ sign(X509 x, EVP_PKEY pkey, int days, int clrext, const EVP_MD *digest,
1496	while (X509_get_ext_count(x) > 0)	1495	while (X509_get_ext_count(x) > 0)
1497	X509_delete_ext(x, 0);	1496	X509_delete_ext(x, 0);
1498	}	1497	}
1499	if (conf) {	1498	if (conf != NULL) {
1500	X509V3_CTX ctx;	1499	X509V3_CTX ctx;
1501	X509_set_version(x, 2); /* version 3 certificate */	1500	X509_set_version(x, 2); /* version 3 certificate */
1502	X509V3_set_ctx(&ctx, x, x, NULL, NULL, 0);	1501	X509V3_set_ctx(&ctx, x, x, NULL, NULL, 0);