From 651b3d928444fc5633b6df10f991c1aaebb5345b Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Sun, 9 Aug 2015 12:07:25 -0400 Subject: [PATCH] ssl->cert and ctx->cert cannot be NULL. They get initialized in SSL_new and SSL_CTX_new, respectively. Change-Id: Ib484108987a99f654d1a77fc473103f5cb393bd7 Reviewed-on: https://boringssl-review.googlesource.com/5676 Reviewed-by: Adam Langley --- ssl/d1_srvr.c | 5 ----- ssl/ssl_lib.c | 19 +------------------ 2 files changed, 1 insertion(+), 23 deletions(-) diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c index ea2e93a7..3dd77013 100644 --- a/ssl/d1_srvr.c +++ b/ssl/d1_srvr.c @@ -150,11 +150,6 @@ int dtls1_accept(SSL *s) { s->in_handshake++; - if (s->cert == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_SET); - return -1; - } - for (;;) { state = s->state; diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 7628e7a4..e2437b94 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -794,7 +794,7 @@ STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s) { /* Fix this so it checks all the valid key/cert options */ int SSL_CTX_check_private_key(const SSL_CTX *ctx) { - if (ctx == NULL || ctx->cert == NULL || ctx->cert->x509 == NULL) { + if (ctx->cert->x509 == NULL) { OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_ASSIGNED); return 0; } @@ -809,16 +809,6 @@ int SSL_CTX_check_private_key(const SSL_CTX *ctx) { /* Fix this function so that it takes an optional type parameter */ int SSL_check_private_key(const SSL *ssl) { - if (ssl == NULL) { - OPENSSL_PUT_ERROR(SSL, ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - - if (ssl->cert == NULL) { - OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_ASSIGNED); - return 0; - } - if (ssl->cert->x509 == NULL) { OPENSSL_PUT_ERROR(SSL, SSL_R_NO_CERTIFICATE_ASSIGNED); return 0; @@ -1811,13 +1801,6 @@ void ssl_get_compatible_server_ciphers(SSL *s, uint32_t *out_mask_k, int have_ecc_cert = 0, ecdsa_ok; X509 *x; - if (c == NULL) { - /* TODO(davidben): Is this codepath possible? */ - *out_mask_k = 0; - *out_mask_a = 0; - return; - } - dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL); if (s->cert->x509 != NULL && ssl_has_private_key(s)) {