From 7c96dbcdab959fef74c4caae63cdebaa354ab252 Mon Sep 17 00:00:00 2001 From: Rich Salz Date: Thu, 25 Feb 2016 12:09:06 -0500 Subject: [PATCH] GH715: ENGINE_finish can take NULL Simplifies calling code. Also fixed up any !ptr tests that were nearby, turning them into NULL tests. Reviewed-by: Richard Levitte --- apps/genpkey.c | 3 +-- apps/req.c | 6 ++---- crypto/asn1/d2i_pr.c | 6 ++---- crypto/dh/dh_lib.c | 14 +++++--------- crypto/dsa/dsa_lib.c | 8 +++----- crypto/ec/ec_key.c | 5 ++--- crypto/ec/ec_kmeth.c | 6 ++---- crypto/engine/eng_cnf.c | 1 + crypto/engine/eng_init.c | 6 ++---- crypto/evp/digest.c | 21 ++++++++------------- crypto/evp/evp_enc.c | 7 +------ crypto/evp/p_lib.c | 19 +++++++------------ crypto/evp/pmeth_lib.c | 10 ++-------- crypto/pem/pem_lib.c | 3 +-- crypto/rand/rand_lib.c | 10 ++++------ crypto/rsa/rsa_lib.c | 8 +++----- ssl/ssl_ciph.c | 3 +-- ssl/ssl_lib.c | 3 +-- 18 files changed, 48 insertions(+), 91 deletions(-) diff --git a/apps/genpkey.c b/apps/genpkey.c index 905eb1992f..ca5d848266 100644 --- a/apps/genpkey.c +++ b/apps/genpkey.c @@ -317,8 +317,7 @@ int init_gen_str(EVP_PKEY_CTX **pctx, EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth); #ifndef OPENSSL_NO_ENGINE - if (tmpeng) - ENGINE_finish(tmpeng); + ENGINE_finish(tmpeng); #endif ctx = EVP_PKEY_CTX_new_id(pkey_id, e); diff --git a/apps/req.c b/apps/req.c index 28ed036794..693acc22df 100644 --- a/apps/req.c +++ b/apps/req.c @@ -1376,8 +1376,7 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr, EVP_PKEY_asn1_get0_info(NULL, pkey_type, NULL, NULL, NULL, ameth); #ifndef OPENSSL_NO_ENGINE - if (tmpeng) - ENGINE_finish(tmpeng); + ENGINE_finish(tmpeng); #endif if (*pkey_type == EVP_PKEY_RSA) { if (p) { @@ -1434,8 +1433,7 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr, EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, &anam, ameth); *palgnam = OPENSSL_strdup(anam); #ifndef OPENSSL_NO_ENGINE - if (tmpeng) - ENGINE_finish(tmpeng); + ENGINE_finish(tmpeng); #endif } diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c index bfbe2096ca..e405b83dc8 100644 --- a/crypto/asn1/d2i_pr.c +++ b/crypto/asn1/d2i_pr.c @@ -82,10 +82,8 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, } else { ret = *a; #ifndef OPENSSL_NO_ENGINE - if (ret->engine) { - ENGINE_finish(ret->engine); - ret->engine = NULL; - } + ENGINE_finish(ret->engine); + ret->engine = NULL; #endif } diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index 9167d69ea8..58280d8734 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -88,10 +88,8 @@ int DH_set_method(DH *dh, const DH_METHOD *meth) if (mtmp->finish) mtmp->finish(dh); #ifndef OPENSSL_NO_ENGINE - if (dh->engine) { - ENGINE_finish(dh->engine); - dh->engine = NULL; - } + ENGINE_finish(dh->engine); + dh->engine = NULL; #endif dh->meth = meth; if (meth->init) @@ -126,7 +124,7 @@ DH *DH_new_method(ENGINE *engine) ret->engine = ENGINE_get_default_DH(); if (ret->engine) { ret->meth = ENGINE_get_DH(ret->engine); - if (!ret->meth) { + if (ret->meth == NULL) { DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB); ENGINE_finish(ret->engine); OPENSSL_free(ret); @@ -140,8 +138,7 @@ DH *DH_new_method(ENGINE *engine) CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { #ifndef OPENSSL_NO_ENGINE - if (ret->engine) - ENGINE_finish(ret->engine); + ENGINE_finish(ret->engine); #endif CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data); OPENSSL_free(ret); @@ -165,8 +162,7 @@ void DH_free(DH *r) if (r->meth->finish) r->meth->finish(r); #ifndef OPENSSL_NO_ENGINE - if (r->engine) - ENGINE_finish(r->engine); + ENGINE_finish(r->engine); #endif CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data); diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index 26a5d28f0d..9f4ddfdf70 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -99,10 +99,8 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth) if (mtmp->finish) mtmp->finish(dsa); #ifndef OPENSSL_NO_ENGINE - if (dsa->engine) { - ENGINE_finish(dsa->engine); - dsa->engine = NULL; - } + ENGINE_finish(dsa->engine); + dsa->engine = NULL; #endif dsa->meth = meth; if (meth->init) @@ -132,7 +130,7 @@ DSA *DSA_new_method(ENGINE *engine) ret->engine = ENGINE_get_default_DSA(); if (ret->engine) { ret->meth = ENGINE_get_DSA(ret->engine); - if (!ret->meth) { + if (ret->meth == NULL) { DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB); ENGINE_finish(ret->engine); OPENSSL_free(ret); diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index 7d8507ca50..c382e7e41e 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -108,8 +108,7 @@ void EC_KEY_free(EC_KEY *r) r->meth->finish(r); #ifndef OPENSSL_NO_ENGINE - if (r->engine != NULL) - ENGINE_finish(r->engine); + ENGINE_finish(r->engine); #endif CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, r, &r->ex_data); @@ -130,7 +129,7 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, EC_KEY *src) if (dest->meth->finish != NULL) dest->meth->finish(dest); #ifndef OPENSSL_NO_ENGINE - if (dest->engine != NULL && ENGINE_finish(dest->engine) == 0) + if (ENGINE_finish(dest->engine) == 0) return 0; dest->engine = NULL; #endif diff --git a/crypto/ec/ec_kmeth.c b/crypto/ec/ec_kmeth.c index 51992aff43..1a15877461 100644 --- a/crypto/ec/ec_kmeth.c +++ b/crypto/ec/ec_kmeth.c @@ -105,10 +105,8 @@ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth) finish(key); #ifndef OPENSSL_NO_ENGINE - if (key->engine != NULL) { - ENGINE_finish(key->engine); - key->engine = NULL; - } + ENGINE_finish(key->engine); + key->engine = NULL; #endif key->meth = meth; diff --git a/crypto/engine/eng_cnf.c b/crypto/engine/eng_cnf.c index ec8c4493f9..400b2291d8 100644 --- a/crypto/engine/eng_cnf.c +++ b/crypto/engine/eng_cnf.c @@ -227,6 +227,7 @@ static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf) static void int_engine_module_finish(CONF_IMODULE *md) { ENGINE *e; + while ((e = sk_ENGINE_pop(initialized_engines))) ENGINE_finish(e); sk_ENGINE_free(initialized_engines); diff --git a/crypto/engine/eng_init.c b/crypto/engine/eng_init.c index b66d476d80..ddf552a537 100644 --- a/crypto/engine/eng_init.c +++ b/crypto/engine/eng_init.c @@ -136,10 +136,8 @@ int ENGINE_finish(ENGINE *e) { int to_return = 1; - if (e == NULL) { - ENGINEerr(ENGINE_F_ENGINE_FINISH, ERR_R_PASSED_NULL_PARAMETER); - return 0; - } + if (e == NULL) + return 1; CRYPTO_w_lock(CRYPTO_LOCK_ENGINE); to_return = engine_unlocked_finish(e, 1); CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE); diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index f7e82db6dd..f89f1c8447 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -137,12 +137,7 @@ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) } EVP_PKEY_CTX_free(ctx->pctx); #ifndef OPENSSL_NO_ENGINE - if (ctx->engine) - /* - * The EVP_MD we used belongs to an ENGINE, release the functional - * reference we held for this reason. - */ - ENGINE_finish(ctx->engine); + ENGINE_finish(ctx->engine); #endif memset(ctx, 0, sizeof(*ctx)); @@ -187,21 +182,21 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl) * previous check attempted to avoid this if the same ENGINE and * EVP_MD could be used). */ - if (ctx->engine) - ENGINE_finish(ctx->engine); - if (impl) { + ENGINE_finish(ctx->engine); + if (impl != NULL) { if (!ENGINE_init(impl)) { EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR); return 0; } - } else + } else { /* Ask if an ENGINE is reserved for this job */ impl = ENGINE_get_digest_engine(type->type); - if (impl) { + } + if (impl != NULL) { /* There's an ENGINE for this job ... (apparently) */ const EVP_MD *d = ENGINE_get_digest(impl, type->type); - if (!d) { - /* Same comment from evp_enc.c */ + + if (d == NULL) { EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR); ENGINE_finish(impl); return 0; diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 278e91bada..484b024218 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -79,12 +79,7 @@ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *c) } OPENSSL_free(c->cipher_data); #ifndef OPENSSL_NO_ENGINE - if (c->engine) - /* - * The EVP_CIPHER we used belongs to an ENGINE, release the - * functional reference we held for this reason. - */ - ENGINE_finish(c->engine); + ENGINE_finish(c->engine); #endif memset(c, 0, sizeof(*c)); return 1; diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 221178dd31..b34a268c89 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -224,10 +224,8 @@ static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len) return 1; #ifndef OPENSSL_NO_ENGINE /* If we have an ENGINE release it */ - if (pkey->engine) { - ENGINE_finish(pkey->engine); - pkey->engine = NULL; - } + ENGINE_finish(pkey->engine); + pkey->engine = NULL; #endif } if (str) @@ -235,10 +233,10 @@ static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len) else ameth = EVP_PKEY_asn1_find(&e, type); #ifndef OPENSSL_NO_ENGINE - if (!pkey && e) + if (pkey == NULL) ENGINE_finish(e); #endif - if (!ameth) { + if (ameth == NULL) { EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM); return 0; } @@ -396,8 +394,7 @@ int EVP_PKEY_type(int type) else ret = NID_undef; #ifndef OPENSSL_NO_ENGINE - if (e) - ENGINE_finish(e); + ENGINE_finish(e); #endif return ret; } @@ -437,10 +434,8 @@ static void EVP_PKEY_free_it(EVP_PKEY *x) x->pkey.ptr = NULL; } #ifndef OPENSSL_NO_ENGINE - if (x->engine) { - ENGINE_finish(x->engine); - x->engine = NULL; - } + ENGINE_finish(x->engine); + x->engine = NULL; #endif } diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 5b2301431a..72baaa988d 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -162,8 +162,7 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id) ret = OPENSSL_zalloc(sizeof(*ret)); if (ret == NULL) { #ifndef OPENSSL_NO_ENGINE - if (e) - ENGINE_finish(e); + ENGINE_finish(e); #endif EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE); return NULL; @@ -329,12 +328,7 @@ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx) EVP_PKEY_free(ctx->pkey); EVP_PKEY_free(ctx->peerkey); #ifndef OPENSSL_NO_ENGINE - if (ctx->engine) - /* - * The EVP_PKEY_CTX we used belongs to an ENGINE, release the - * functional reference we held for this reason. - */ - ENGINE_finish(ctx->engine); + ENGINE_finish(ctx->engine); #endif OPENSSL_free(ctx); } diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index e31ea03da6..946b00ef6d 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -218,8 +218,7 @@ static int check_pem(const char *nm, const char *name) else r = 0; #ifndef OPENSSL_NO_ENGINE - if (e) - ENGINE_finish(e); + ENGINE_finish(e); #endif return r; } diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index b43660b1fe..63fd231775 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -79,10 +79,8 @@ static const RAND_METHOD *default_RAND_meth = NULL; int RAND_set_rand_method(const RAND_METHOD *meth) { #ifndef OPENSSL_NO_ENGINE - if (funct_ref) { - ENGINE_finish(funct_ref); - funct_ref = NULL; - } + ENGINE_finish(funct_ref); + funct_ref = NULL; #endif default_RAND_meth = meth; return 1; @@ -95,7 +93,7 @@ const RAND_METHOD *RAND_get_rand_method(void) ENGINE *e = ENGINE_get_default_RAND(); if (e) { default_RAND_meth = ENGINE_get_RAND(e); - if (!default_RAND_meth) { + if (default_RAND_meth == NULL) { ENGINE_finish(e); e = NULL; } @@ -117,7 +115,7 @@ int RAND_set_rand_engine(ENGINE *engine) if (!ENGINE_init(engine)) return 0; tmp_meth = ENGINE_get_RAND(engine); - if (!tmp_meth) { + if (tmp_meth == NULL) { ENGINE_finish(engine); return 0; } diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index a8afb2cef7..b049d0b998 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -109,10 +109,8 @@ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth) if (mtmp->finish) mtmp->finish(rsa); #ifndef OPENSSL_NO_ENGINE - if (rsa->engine) { - ENGINE_finish(rsa->engine); - rsa->engine = NULL; - } + ENGINE_finish(rsa->engine); + rsa->engine = NULL; #endif rsa->meth = meth; if (meth->init) @@ -143,7 +141,7 @@ RSA *RSA_new_method(ENGINE *engine) ret->engine = ENGINE_get_default_RSA(); if (ret->engine) { ret->meth = ENGINE_get_RSA(ret->engine); - if (!ret->meth) { + if (ret->meth == NULL) { RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB); ENGINE_finish(ret->engine); OPENSSL_free(ret); diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index cd6c3c91bd..9fbdc543fa 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -439,8 +439,7 @@ static int get_optional_pkey_id(const char *pkey_name) ameth) <= 0) pkey_id = 0; } - if (tmpeng) - ENGINE_finish(tmpeng); + ENGINE_finish(tmpeng); return pkey_id; } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index c0cb16543b..0cbb024a55 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -2433,8 +2433,7 @@ void SSL_CTX_free(SSL_CTX *a) SSL_CTX_SRP_CTX_free(a); #endif #ifndef OPENSSL_NO_ENGINE - if (a->client_cert_engine) - ENGINE_finish(a->client_cert_engine); + ENGINE_finish(a->client_cert_engine); #endif #ifndef OPENSSL_NO_EC