[openssl-commits] [openssl] master update

Matt Caswell matt at openssl.org
Wed Jan 25 09:11:33 UTC 2017


The branch master has been updated
       via  0fe2a0af8976af505b35e4be100deb8d64451015 (commit)
       via  3e6c1da82247567f619a53569080428a6eb5b4c6 (commit)
       via  e705fcf197b397cdfa1367f5ebd9826775a5a981 (commit)
       via  48722ff5f0988128c85e3cd3169d6457d6450c11 (commit)
       via  07a38fd2bfbf1fa3cc1ad9a92f1bcf5d5611ae16 (commit)
       via  d2a56999985ccf56ea6c82e6fa2f91c345bbc9d3 (commit)
       via  28b86f313b43cc70d11054d3830ef82e7af8290a (commit)
      from  ec2a0e60652c0e61e90dde367756c5d92cd882d3 (commit)


- Log -----------------------------------------------------------------
commit 0fe2a0af8976af505b35e4be100deb8d64451015
Author: FdaSilvaYY <fdasilvayy at gmail.com>
Date:   Wed Dec 28 19:22:25 2016 +0100

    Fix a few double ;
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/1618)

commit 3e6c1da82247567f619a53569080428a6eb5b4c6
Author: FdaSilvaYY <fdasilvayy at gmail.com>
Date:   Sat Dec 10 12:44:59 2016 +0100

    Typo, fix a comment
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/1618)

commit e705fcf197b397cdfa1367f5ebd9826775a5a981
Author: FdaSilvaYY <fdasilvayy at gmail.com>
Date:   Fri Dec 9 21:17:05 2016 +0100

    Style
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/1618)

commit 48722ff5f0988128c85e3cd3169d6457d6450c11
Author: FdaSilvaYY <fdasilvayy at gmail.com>
Date:   Thu Nov 17 23:55:43 2016 +0100

    Fix a few misspellings.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/1618)

commit 07a38fd2bfbf1fa3cc1ad9a92f1bcf5d5611ae16
Author: FdaSilvaYY <fdasilvayy at gmail.com>
Date:   Sat Sep 24 13:37:32 2016 +0200

    Fix some style and indent issue
    simplify some code.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/1618)

commit d2a56999985ccf56ea6c82e6fa2f91c345bbc9d3
Author: FdaSilvaYY <fdasilvayy at gmail.com>
Date:   Sat Sep 24 13:37:16 2016 +0200

    Few nit's
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/1618)

commit 28b86f313b43cc70d11054d3830ef82e7af8290a
Author: FdaSilvaYY <fdasilvayy at gmail.com>
Date:   Wed Aug 24 00:17:31 2016 +0200

    Fix some extra or missing whitespaces...
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/1618)

-----------------------------------------------------------------------

Summary of changes:
 apps/apps.h                                   |  2 +-
 apps/ca.c                                     | 37 ++++++++++++---------------
 apps/ec.c                                     |  2 +-
 apps/prime.c                                  |  2 +-
 apps/s_client.c                               |  2 +-
 crypto/blake2/blake2s.c                       |  2 +-
 crypto/dh/dh_check.c                          |  2 +-
 crypto/dsa/dsa_meth.c                         |  2 +-
 crypto/dsa/dsa_pmeth.c                        |  8 ++++--
 crypto/x509/x509_att.c                        |  4 +--
 crypto/x509/x509name.c                        | 14 +++++-----
 crypto/x509v3/v3_alt.c                        |  7 ++---
 crypto/x509v3/v3_ncons.c                      |  1 +
 crypto/x509v3/v3_utl.c                        |  6 ++---
 doc/man3/EVP_DigestInit.pod                   |  5 ++--
 doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod | 17 +++++-------
 include/openssl/dsa.h                         |  2 +-
 ssl/ssl_ciph.c                                |  2 +-
 ssl/ssl_lib.c                                 |  4 +--
 ssl/ssl_locl.h                                |  6 ++---
 ssl/statem/extensions.c                       |  6 ++---
 ssl/statem/statem_dtls.c                      |  2 +-
 ssl/statem/statem_srvr.c                      |  2 +-
 test/asynciotest.c                            |  2 +-
 test/handshake_helper.c                       |  2 +-
 test/ssltestlib.c                             |  4 +--
 test/verify_extra_test.c                      |  4 +--
 27 files changed, 74 insertions(+), 75 deletions(-)

diff --git a/apps/apps.h b/apps/apps.h
index 7cdf711..5bf8c1d 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -294,7 +294,7 @@ typedef struct options_st {
     /*
      * value type: - no value (also the value zero), n number, p positive
      * number, u unsigned, l long, s string, < input file, > output file,
-     * f any format, F der/pem format , E der/pem/engine format identifier.
+     * f any format, F der/pem format, E der/pem/engine format identifier.
      * l, n and u include zero; p does not.
      */
     int valtype;
diff --git a/apps/ca.c b/apps/ca.c
index 98ec726..030f8b1 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1385,8 +1385,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
     ASN1_STRING *str, *str2;
     ASN1_OBJECT *obj;
     X509 *ret = NULL;
-    X509_NAME_ENTRY *ne;
-    X509_NAME_ENTRY *tne, *push;
+    X509_NAME_ENTRY *ne, *tne;
     EVP_PKEY *pktmp;
     int ok = -1, i, j, last, nid;
     const char *p;
@@ -1419,41 +1418,37 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
         ne = X509_NAME_get_entry(name, i);
         str = X509_NAME_ENTRY_get_data(ne);
         obj = X509_NAME_ENTRY_get_object(ne);
+        nid = OBJ_obj2nid(obj);
 
         if (msie_hack) {
             /* assume all type should be strings */
-            nid = OBJ_obj2nid(X509_NAME_ENTRY_get_object(ne));
 
             if (str->type == V_ASN1_UNIVERSALSTRING)
                 ASN1_UNIVERSALSTRING_to_string(str);
 
-            if ((str->type == V_ASN1_IA5STRING) &&
-                (nid != NID_pkcs9_emailAddress))
+            if (str->type == V_ASN1_IA5STRING && nid != NID_pkcs9_emailAddress)
                 str->type = V_ASN1_T61STRING;
 
-            if ((nid == NID_pkcs9_emailAddress) &&
-                (str->type == V_ASN1_PRINTABLESTRING))
+            if (nid == NID_pkcs9_emailAddress
+                && str->type == V_ASN1_PRINTABLESTRING)
                 str->type = V_ASN1_IA5STRING;
         }
 
         /* If no EMAIL is wanted in the subject */
-        if ((OBJ_obj2nid(obj) == NID_pkcs9_emailAddress) && (!email_dn))
+        if (nid == NID_pkcs9_emailAddress && !email_dn)
             continue;
 
         /* check some things */
-        if ((OBJ_obj2nid(obj) == NID_pkcs9_emailAddress) &&
-            (str->type != V_ASN1_IA5STRING)) {
+        if (nid == NID_pkcs9_emailAddress && str->type != V_ASN1_IA5STRING) {
             BIO_printf(bio_err,
                        "\nemailAddress type needs to be of type IA5STRING\n");
             goto end;
         }
-        if ((str->type != V_ASN1_BMPSTRING)
-            && (str->type != V_ASN1_UTF8STRING)) {
+        if (str->type != V_ASN1_BMPSTRING && str->type != V_ASN1_UTF8STRING) {
             j = ASN1_PRINTABLE_type(str->data, str->length);
-            if (((j == V_ASN1_T61STRING) &&
-                 (str->type != V_ASN1_T61STRING)) ||
-                ((j == V_ASN1_IA5STRING) &&
-                 (str->type == V_ASN1_PRINTABLESTRING))) {
+            if ((j == V_ASN1_T61STRING && str->type != V_ASN1_T61STRING) ||
+                (j == V_ASN1_IA5STRING && str->type == V_ASN1_PRINTABLESTRING))
+            {
                 BIO_printf(bio_err,
                            "\nThe string contains characters that are illegal for the ASN.1 type\n");
                 goto end;
@@ -1491,6 +1486,8 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
 
         last = -1;
         for (;;) {
+            X509_NAME_ENTRY *push = NULL;
+
             /* lookup the object in the supplied name list */
             j = X509_NAME_get_index_by_OBJ(name, obj, last);
             if (j < 0) {
@@ -1503,7 +1500,6 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
             last = j;
 
             /* depending on the 'policy', decide what to do. */
-            push = NULL;
             if (strcmp(cv->value, "optional") == 0) {
                 if (tne != NULL)
                     push = tne;
@@ -1584,10 +1580,9 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
         BIO_printf(bio_err,
                    "The subject name appears to be ok, checking data base for clashes\n");
 
-    /* Build the correct Subject if no e-mail is wanted in the subject */
-    /*
-     * and add it later on because of the method extensions are added
-     * (altName)
+    /* 
+     * Build the correct Subject if no e-mail is wanted in the subject.
+     * And add it later on because of the method extensions are added (altName)
      */
 
     if (email_dn)
diff --git a/apps/ec.c b/apps/ec.c
index eb343d1..06f357d 100644
--- a/apps/ec.c
+++ b/apps/ec.c
@@ -185,7 +185,7 @@ int ec_main(int argc, char **argv)
     } else if (informat == FORMAT_ENGINE) {
         EVP_PKEY *pkey;
         if (pubin)
-            pkey = load_pubkey(infile, informat , 1, passin, e, "Public Key");
+            pkey = load_pubkey(infile, informat, 1, passin, e, "Public Key");
         else
             pkey = load_key(infile, informat, 1, passin, e, "Private Key");
         if (pkey != NULL) {
diff --git a/apps/prime.c b/apps/prime.c
index 1092cf2..3c72330 100644
--- a/apps/prime.c
+++ b/apps/prime.c
@@ -106,7 +106,7 @@ int prime_main(int argc, char **argv)
             else
                 r = BN_dec2bn(&bn, argv[0]);
 
-            if(!r) {
+            if (!r) {
                 BIO_printf(bio_err, "Failed to process value (%s)\n", argv[0]);
                 goto end;
             }
diff --git a/apps/s_client.c b/apps/s_client.c
index 5307eab..d2f10a6 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -2365,7 +2365,7 @@ int s_client_main(int argc, char **argv)
                 /* goto end; */
             }
 
-            sbuf_len -= i;;
+            sbuf_len -= i;
             sbuf_off += i;
             if (sbuf_len <= 0) {
                 read_ssl = 1;
diff --git a/crypto/blake2/blake2s.c b/crypto/blake2/blake2s.c
index 0b3503e..7451b14 100644
--- a/crypto/blake2/blake2s.c
+++ b/crypto/blake2/blake2s.c
@@ -219,7 +219,7 @@ int BLAKE2s_Update(BLAKE2S_CTX *c, const void *data, size_t datalen)
             in += fill;
             datalen -= fill;
         }
-        if (datalen > BLAKE2S_BLOCKBYTES)  {
+        if (datalen > BLAKE2S_BLOCKBYTES) {
             size_t stashlen = datalen % BLAKE2S_BLOCKBYTES;
             /*
              * If |datalen| is a multiple of the blocksize, stash
diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
index fcc1d99..b362ccf 100644
--- a/crypto/dh/dh_check.c
+++ b/crypto/dh/dh_check.c
@@ -92,7 +92,7 @@ int DH_check(const DH *dh, int *ret)
         r = BN_is_prime_ex(t1, BN_prime_checks, ctx, NULL);
         if (r < 0)
             goto err;
-	if (!r)
+        if (!r)
             *ret |= DH_CHECK_P_NOT_SAFE_PRIME;
     }
     ok = 1;
diff --git a/crypto/dsa/dsa_meth.c b/crypto/dsa/dsa_meth.c
index f0188f2..51a486b 100644
--- a/crypto/dsa/dsa_meth.c
+++ b/crypto/dsa/dsa_meth.c
@@ -132,7 +132,7 @@ int DSA_meth_set_sign_setup(DSA_METHOD *dsam,
 }
 
 int (*DSA_meth_get_verify(const DSA_METHOD *dsam))
-        (const unsigned char *, int , DSA_SIG *, DSA *)
+        (const unsigned char *, int, DSA_SIG *, DSA *)
 {
     return dsam->dsa_do_verify;
 }
diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c
index 95f088a..88744a9 100644
--- a/crypto/dsa/dsa_pmeth.c
+++ b/crypto/dsa/dsa_pmeth.c
@@ -31,8 +31,8 @@ typedef struct {
 
 static int pkey_dsa_init(EVP_PKEY_CTX *ctx)
 {
-    DSA_PKEY_CTX *dctx;
-    dctx = OPENSSL_malloc(sizeof(*dctx));
+    DSA_PKEY_CTX *dctx = OPENSSL_malloc(sizeof(*dctx));
+
     if (dctx == NULL)
         return 0;
     dctx->nbits = 1024;
@@ -50,6 +50,7 @@ static int pkey_dsa_init(EVP_PKEY_CTX *ctx)
 static int pkey_dsa_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
 {
     DSA_PKEY_CTX *dctx, *sctx;
+
     if (!pkey_dsa_init(dst))
         return 0;
     sctx = src->data;
@@ -116,6 +117,7 @@ static int pkey_dsa_verify(EVP_PKEY_CTX *ctx,
 static int pkey_dsa_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 {
     DSA_PKEY_CTX *dctx = ctx->data;
+
     switch (type) {
     case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS:
         if (p1 < 256)
@@ -200,6 +202,7 @@ static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
     DSA_PKEY_CTX *dctx = ctx->data;
     BN_GENCB *pcb;
     int ret;
+
     if (ctx->pkey_gencb) {
         pcb = BN_GENCB_new();
         if (pcb == NULL)
@@ -225,6 +228,7 @@ static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
 static int pkey_dsa_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
 {
     DSA *dsa = NULL;
+
     if (ctx->pkey == NULL) {
         DSAerr(DSA_F_PKEY_DSA_KEYGEN, DSA_R_NO_PARAMETERS_SET);
         return 0;
diff --git a/crypto/x509/x509_att.c b/crypto/x509/x509_att.c
index 15f0e4f..a91f982 100644
--- a/crypto/x509/x509_att.c
+++ b/crypto/x509/x509_att.c
@@ -56,8 +56,8 @@ X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
 {
     if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
         return NULL;
-    else
-        return sk_X509_ATTRIBUTE_value(x, loc);
+
+    return sk_X509_ATTRIBUTE_value(x, loc);
 }
 
 X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
diff --git a/crypto/x509/x509name.c b/crypto/x509/x509name.c
index 919d8c1..ab53794 100644
--- a/crypto/x509/x509name.c
+++ b/crypto/x509/x509name.c
@@ -86,9 +86,9 @@ X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc)
 {
     if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
         || loc < 0)
-        return (NULL);
-    else
-        return (sk_X509_NAME_ENTRY_value(name->entries, loc));
+        return NULL;
+
+    return sk_X509_NAME_ENTRY_value(name->entries, loc);
 }
 
 X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc)
@@ -99,13 +99,14 @@ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc)
 
     if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
         || loc < 0)
-        return (NULL);
+        return NULL;
+
     sk = name->entries;
     ret = sk_X509_NAME_ENTRY_delete(sk, loc);
     n = sk_X509_NAME_ENTRY_num(sk);
     name->modified = 1;
     if (loc == n)
-        return (ret);
+        return ret;
 
     /* else we need to fixup the set field */
     if (loc != 0)
@@ -127,7 +128,7 @@ X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc)
     if (set_prev + 1 < set_next)
         for (i = loc; i < n; i++)
             sk_X509_NAME_ENTRY_value(sk, i)->set--;
-    return (ret);
+    return ret;
 }
 
 int X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int type,
@@ -136,6 +137,7 @@ int X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int type
 {
     X509_NAME_ENTRY *ne;
     int ret;
+
     ne = X509_NAME_ENTRY_create_by_OBJ(NULL, obj, type, bytes, len);
     if (!ne)
         return 0;
diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c
index 0364e33..3062250 100644
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -303,10 +303,12 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
     ASN1_IA5STRING *email = NULL;
     X509_NAME_ENTRY *ne;
     GENERAL_NAME *gen = NULL;
-    int i;
+    int i = -1;
+
     if (ctx != NULL && ctx->flags == CTX_TEST)
         return 1;
-    if (!ctx || (!ctx->subject_cert && !ctx->subject_req)) {
+    if (ctx == NULL 
+        || (ctx->subject_cert == NULL && ctx->subject_req == NULL)) {
         X509V3err(X509V3_F_COPY_EMAIL, X509V3_R_NO_SUBJECT_DETAILS);
         goto err;
     }
@@ -317,7 +319,6 @@ static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens, int move_p)
         nm = X509_REQ_get_subject_name(ctx->subject_req);
 
     /* Now add any email address(es) to STACK */
-    i = -1;
     while ((i = X509_NAME_get_index_by_NID(nm,
                                            NID_pkcs9_emailAddress, i)) >= 0) {
         ne = X509_NAME_get_entry(nm, i);
diff --git a/crypto/x509v3/v3_ncons.c b/crypto/x509v3/v3_ncons.c
index 9b3bb12..36ff966 100644
--- a/crypto/x509v3/v3_ncons.c
+++ b/crypto/x509v3/v3_ncons.c
@@ -247,6 +247,7 @@ int NAME_CONSTRAINTS_check_CN(X509 *x, NAME_CONSTRAINTS *nc)
     for (i = -1;;) {
         X509_NAME_ENTRY *ne;
         ASN1_STRING *hn;
+
         i = X509_NAME_get_index_by_NID(nm, NID_commonName, i);
         if (i == -1)
             break;
diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
index 7dc9a45..ac52170 100644
--- a/crypto/x509v3/v3_utl.c
+++ b/crypto/x509v3/v3_utl.c
@@ -424,11 +424,11 @@ static STACK_OF(OPENSSL_STRING) *get_email(X509_NAME *name,
 {
     STACK_OF(OPENSSL_STRING) *ret = NULL;
     X509_NAME_ENTRY *ne;
-    ASN1_IA5STRING *email;
+    const ASN1_IA5STRING *email;
     GENERAL_NAME *gen;
-    int i;
+    int i = -1;
+
     /* Now add any email address(es) to STACK */
-    i = -1;
     /* First supplied X509_NAME */
     while ((i = X509_NAME_get_index_by_NID(name,
                                            NID_pkcs9_emailAddress, i)) >= 0) {
diff --git a/doc/man3/EVP_DigestInit.pod b/doc/man3/EVP_DigestInit.pod
index 14f195a..7d283fa 100644
--- a/doc/man3/EVP_DigestInit.pod
+++ b/doc/man3/EVP_DigestInit.pod
@@ -210,14 +210,13 @@ digest name passed on the command line.
  unsigned char md_value[EVP_MAX_MD_SIZE];
  int md_len, i;
 
- if(!argv[1]) {
+ if (argv[1] == NULL) {
         printf("Usage: mdtest digestname\n");
         exit(1);
  }
 
  md = EVP_get_digestbyname(argv[1]);
-
- if(!md) {
+ if (md == NULL) {
         printf("Unknown message digest %s\n", argv[1]);
         exit(1);
  }
diff --git a/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod b/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
index e9e4b39..0a925ce 100644
--- a/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
+++ b/doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
@@ -130,20 +130,18 @@ Reference Implementation:
   static int ssl_tlsext_ticket_key_cb(SSL *s, unsigned char key_name[16], unsigned char *iv, EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc)
   {
       if (enc) { /* create new session */
-          if (RAND_bytes(iv, EVP_MAX_IV_LENGTH) ) {
+          if (RAND_bytes(iv, EVP_MAX_IV_LENGTH) )
               return -1; /* insufficient random */
-          }
 
           key = currentkey(); /* something that you need to implement */
-          if ( !key ) {
+          if ( key == NULL ) {
               /* current key doesn't exist or isn't valid */
-              key = createkey(); /* something that you need to implement.
+              key = createkey();  /* something that you need to implement.
                                    * createkey needs to initialise, a name,
                                    * an aes_key, a hmac_key and optionally
                                    * an expire time. */
-              if ( !key ) { /* key couldn't be created */
+              if ( key == NULL )  /* key couldn't be created */
                   return 0;
-              }
           }
           memcpy(key_name, key->name, 16);
 
@@ -155,17 +153,16 @@ Reference Implementation:
       } else { /* retrieve session */
           key = findkey(name);
 
-          if  (!key || key->expire < now() ) {
+          if (key == NULL || key->expire < now() )
               return 0;
-          }
 
           HMAC_Init_ex(&hctx, key->hmac_key, 16, EVP_sha256(), NULL);
           EVP_DecryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL, key->aes_key, iv );
 
-          if (key->expire < ( now() - RENEW_TIME ) ) {
+          if (key->expire < ( now() - RENEW_TIME ) )
               /* return 2 - this session will get a new ticket even though the current is still valid */
               return 2;
-          }
+
           return 1;
 
       }
diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h
index 139718e..d03e6de 100644
--- a/include/openssl/dsa.h
+++ b/include/openssl/dsa.h
@@ -199,7 +199,7 @@ int (*DSA_meth_get_sign_setup(const DSA_METHOD *dsam))
 int DSA_meth_set_sign_setup(DSA_METHOD *dsam,
         int (*sign_setup) (DSA *, BN_CTX *, BIGNUM **, BIGNUM **));
 int (*DSA_meth_get_verify(const DSA_METHOD *dsam))
-        (const unsigned char *, int , DSA_SIG *, DSA *);
+        (const unsigned char *, int, DSA_SIG *, DSA *);
 int DSA_meth_set_verify(DSA_METHOD *dsam,
     int (*verify) (const unsigned char *, int, DSA_SIG *, DSA *));
 int (*DSA_meth_get_mod_exp(const DSA_METHOD *dsam))
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index feef184..88b99cc 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -1602,7 +1602,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
     case SSL_aGOST01:
         au = "GOST01";
         break;
-        /* New GOST ciphersuites have both SSL_aGOST12 and SSL_aGOST01 bits */
+    /* New GOST ciphersuites have both SSL_aGOST12 and SSL_aGOST01 bits */
     case (SSL_aGOST12 | SSL_aGOST01):
         au = "GOST12";
         break;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index fe17f3d..c25f76f 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3778,8 +3778,8 @@ void SSL_set_not_resumable_session_callback(SSL *ssl,
 /*
  * Allocates new EVP_MD_CTX and sets pointer to it into given pointer
  * variable, freeing EVP_MD_CTX previously stored in that variable, if any.
- * If EVP_MD pointer is passed, initializes ctx with this md Returns newly
- * allocated ctx;
+ * If EVP_MD pointer is passed, initializes ctx with this md.
+ * Returns the newly allocated ctx;
  */
 
 EVP_MD_CTX *ssl_replace_hash(EVP_MD_CTX **hash, const EVP_MD *md)
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 27bfd9e..c7e7872 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -1118,7 +1118,7 @@ struct ssl_st {
      * If they are not, the connection should be aborted.
      */
     ssl_ct_validation_cb ct_validation_callback;
-    /* User-supplied argument tha tis passed to the ct_validation_callback */
+    /* User-supplied argument that is passed to the ct_validation_callback */
     void *ct_validation_callback_arg;
     /*
      * Consolidated stack of SCTs from all sources.
@@ -1525,8 +1525,8 @@ typedef struct cert_st {
     /*
      * Client authentication signature algorithms, if not set then uses
      * conf_sigalgs. On servers these will be the signature algorithms sent
-     * to the client in a cerificate request for TLS 1.2. On a client this
-     * represents the signature algortithms we are willing to use for client
+     * to the client in a certificate request for TLS 1.2. On a client this
+     * represents the signature algorithms we are willing to use for client
      * authentication.
      */
     unsigned int *client_sigalgs;
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 4f54c3f..ee5b0d7 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -74,8 +74,8 @@ typedef struct extensions_definition_st {
 
 /*
  * Definitions of all built-in extensions. NOTE: Changes in the number or order
- * of these extensions should be mirrored with equivalent changes to the indexes
- * defined in statem_locl.h.
+ * of these extensions should be mirrored with equivalent changes to the 
+ * indexes ( TLSEXT_IDX_* ) defined in ssl_locl.h.
  * Each extension has an initialiser, a client and
  * server side parser and a finaliser. The initialiser is called (if the
  * extension is relevant to the given context) even if we did not see the
@@ -91,7 +91,7 @@ typedef struct extensions_definition_st {
  * significant.
  * The extension context is defined by a series of flags which specify which
  * messages the extension is relevant to. These flags also specify whether the
- * extension is relevant to a paricular protocol or protocol version.
+ * extension is relevant to a particular protocol or protocol version.
  *
  * TODO(TLS1.3): Make sure we have a test to check the consistency of these
  */
diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c
index 08937f5..1c1758b 100644
--- a/ssl/statem/statem_dtls.c
+++ b/ssl/statem/statem_dtls.c
@@ -656,7 +656,7 @@ dtls1_process_out_of_seq_message(SSL *s, const struct hm_header_st *msg_hdr)
         }
     } else {
         if (frag_len != msg_hdr->msg_len) {
-            return dtls1_reassemble_fragment(s, msg_hdr);;
+            return dtls1_reassemble_fragment(s, msg_hdr);
         }
 
         if (frag_len > dtls1_max_handshake_message_len(s))
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 84f6dfb..4d6afd6 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -2944,7 +2944,7 @@ WORK_STATE tls_post_process_client_key_exchange(SSL *s, WORK_STATE wst)
                                            sizeof(labelbuffer), NULL, 0,
                                            0) <= 0) {
                 ossl_statem_set_error(s);
-                return WORK_ERROR;;
+                return WORK_ERROR;
             }
 
             BIO_ctrl(SSL_get_wbio(s), BIO_CTRL_DGRAM_SCTP_ADD_AUTH_KEY,
diff --git a/test/asynciotest.c b/test/asynciotest.c
index e147472..d4edd94 100644
--- a/test/asynciotest.c
+++ b/test/asynciotest.c
@@ -205,7 +205,7 @@ static int async_write(BIO *bio, const char *in, int inl)
         /* Write any data we have left after fragmenting */
         ret = 0;
         if ((int)written < inl) {
-            ret = BIO_write(next, in + written , inl - written);
+            ret = BIO_write(next, in + written, inl - written);
         }
 
         if (ret <= 0 && BIO_should_write(next))
diff --git a/test/handshake_helper.c b/test/handshake_helper.c
index c8fd474..fd79565 100644
--- a/test/handshake_helper.c
+++ b/test/handshake_helper.c
@@ -837,7 +837,7 @@ static char *dup_str(const unsigned char *in, size_t len)
 {
     char *ret;
 
-    if(len == 0)
+    if (len == 0)
         return NULL;
 
     /* Assert that the string does not contain NUL-bytes. */
diff --git a/test/ssltestlib.c b/test/ssltestlib.c
index 42ba98c..57039e7 100644
--- a/test/ssltestlib.c
+++ b/test/ssltestlib.c
@@ -155,7 +155,7 @@ static void dump_data(const char *data, int len)
                 printf("*** Message Fragment len: %d\n", fraglen);
                 if (fragoff + fraglen > msglen)
                     printf("***---- HANDSHAKE MESSAGE FRAGMENT INVALID ----\n");
-                else if(reclen < fraglen)
+                else if (reclen < fraglen)
                     printf("**---- HANDSHAKE MESSAGE FRAGMENT TRUNCATED ----\n");
                 else
                     printf("**---- END OF HANDSHAKE MESSAGE FRAGMENT ----\n");
@@ -442,7 +442,7 @@ int mempacket_test_inject(BIO *bio, const char *in, int inl, int pktnum,
                 else
                     return inl;
             } while(1);
-        } else if(looppkt->num == thispkt->num) {
+        } else if (looppkt->num == thispkt->num) {
             if (!ctx->noinject) {
                 /* We injected two packets with the same packet number! */
                 return -1;
diff --git a/test/verify_extra_test.c b/test/verify_extra_test.c
index cc05bc2..bfbe5c0 100644
--- a/test/verify_extra_test.c
+++ b/test/verify_extra_test.c
@@ -102,7 +102,7 @@ static int test_alt_chains_cert_forgery(const char *roots_f,
     lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
     if (lookup == NULL)
         goto err;
-    if(!X509_LOOKUP_load_file(lookup, roots_f, X509_FILETYPE_PEM))
+    if (!X509_LOOKUP_load_file(lookup, roots_f, X509_FILETYPE_PEM))
         goto err;
 
     untrusted = load_certs_from_file(untrusted_f);
@@ -110,7 +110,7 @@ static int test_alt_chains_cert_forgery(const char *roots_f,
     if ((bio = BIO_new_file(bad_f, "r")) == NULL)
         goto err;
 
-    if((x = PEM_read_bio_X509(bio, NULL, 0, NULL)) == NULL)
+    if ((x = PEM_read_bio_X509(bio, NULL, 0, NULL)) == NULL)
         goto err;
 
     sctx = X509_STORE_CTX_new();


More information about the openssl-commits mailing list