GH715: ENGINE_finish can take NULL

Simplifies calling code.  Also fixed up any !ptr tests that were
nearby, turning them into NULL tests.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

apps/genpkey.c

@@ -317,8 +317,7 @@ int init_gen_str(EVP_PKEY_CTX **pctx,
 
     EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
 #ifndef OPENSSL_NO_ENGINE
-    if (tmpeng)
-        ENGINE_finish(tmpeng);
+    ENGINE_finish(tmpeng);
 #endif
     ctx = EVP_PKEY_CTX_new_id(pkey_id, e);
 

apps/req.c

@@ -1376,8 +1376,7 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr,
 
         EVP_PKEY_asn1_get0_info(NULL, pkey_type, NULL, NULL, NULL, ameth);
 #ifndef OPENSSL_NO_ENGINE
-        if (tmpeng)
-            ENGINE_finish(tmpeng);
+        ENGINE_finish(tmpeng);
 #endif
         if (*pkey_type == EVP_PKEY_RSA) {
             if (p) {
@@ -1434,8 +1433,7 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr,
         EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, &anam, ameth);
         *palgnam = OPENSSL_strdup(anam);
 #ifndef OPENSSL_NO_ENGINE
-        if (tmpeng)
-            ENGINE_finish(tmpeng);
+        ENGINE_finish(tmpeng);
 #endif
     }
 

crypto/asn1/d2i_pr.c

@@ -82,10 +82,8 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
     } else {
         ret = *a;
 #ifndef OPENSSL_NO_ENGINE
-        if (ret->engine) {
-            ENGINE_finish(ret->engine);
-            ret->engine = NULL;
-        }
+        ENGINE_finish(ret->engine);
+        ret->engine = NULL;
 #endif
     }
 

crypto/dh/dh_lib.c

@@ -88,10 +88,8 @@ int DH_set_method(DH *dh, const DH_METHOD *meth)
     if (mtmp->finish)
         mtmp->finish(dh);
 #ifndef OPENSSL_NO_ENGINE
-    if (dh->engine) {
-        ENGINE_finish(dh->engine);
-        dh->engine = NULL;
-    }
+    ENGINE_finish(dh->engine);
+    dh->engine = NULL;
 #endif
     dh->meth = meth;
     if (meth->init)
@@ -126,7 +124,7 @@ DH *DH_new_method(ENGINE *engine)
         ret->engine = ENGINE_get_default_DH();
     if (ret->engine) {
         ret->meth = ENGINE_get_DH(ret->engine);
-        if (!ret->meth) {
+        if (ret->meth == NULL) {
             DHerr(DH_F_DH_NEW_METHOD, ERR_R_ENGINE_LIB);
             ENGINE_finish(ret->engine);
             OPENSSL_free(ret);
@@ -140,8 +138,7 @@ DH *DH_new_method(ENGINE *engine)
     CRYPTO_new_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
     if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
 #ifndef OPENSSL_NO_ENGINE
-        if (ret->engine)
-            ENGINE_finish(ret->engine);
+        ENGINE_finish(ret->engine);
 #endif
         CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, ret, &ret->ex_data);
         OPENSSL_free(ret);
@@ -165,8 +162,7 @@ void DH_free(DH *r)
     if (r->meth->finish)
         r->meth->finish(r);
 #ifndef OPENSSL_NO_ENGINE
-    if (r->engine)
-        ENGINE_finish(r->engine);
+    ENGINE_finish(r->engine);
 #endif
 
     CRYPTO_free_ex_data(CRYPTO_EX_INDEX_DH, r, &r->ex_data);

crypto/dsa/dsa_lib.c

@@ -99,10 +99,8 @@ int DSA_set_method(DSA *dsa, const DSA_METHOD *meth)
     if (mtmp->finish)
         mtmp->finish(dsa);
 #ifndef OPENSSL_NO_ENGINE
-    if (dsa->engine) {
-        ENGINE_finish(dsa->engine);
-        dsa->engine = NULL;
-    }
+    ENGINE_finish(dsa->engine);
+    dsa->engine = NULL;
 #endif
     dsa->meth = meth;
     if (meth->init)
@@ -132,7 +130,7 @@ DSA *DSA_new_method(ENGINE *engine)
         ret->engine = ENGINE_get_default_DSA();
     if (ret->engine) {
         ret->meth = ENGINE_get_DSA(ret->engine);
-        if (!ret->meth) {
+        if (ret->meth == NULL) {
             DSAerr(DSA_F_DSA_NEW_METHOD, ERR_R_ENGINE_LIB);
             ENGINE_finish(ret->engine);
             OPENSSL_free(ret);

crypto/ec/ec_key.c

@@ -108,8 +108,7 @@ void EC_KEY_free(EC_KEY *r)
         r->meth->finish(r);
 
 #ifndef OPENSSL_NO_ENGINE
-    if (r->engine != NULL)
-        ENGINE_finish(r->engine);
+    ENGINE_finish(r->engine);
 #endif
 
     CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, r, &r->ex_data);
@@ -130,7 +129,7 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, EC_KEY *src)
         if (dest->meth->finish != NULL)
             dest->meth->finish(dest);
 #ifndef OPENSSL_NO_ENGINE
-        if (dest->engine != NULL && ENGINE_finish(dest->engine) == 0)
+        if (ENGINE_finish(dest->engine) == 0)
             return 0;
         dest->engine = NULL;
 #endif

crypto/ec/ec_kmeth.c

@@ -105,10 +105,8 @@ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth)
         finish(key);
 
 #ifndef OPENSSL_NO_ENGINE
-    if (key->engine != NULL) {
-        ENGINE_finish(key->engine);
-        key->engine = NULL;
-    }
+    ENGINE_finish(key->engine);
+    key->engine = NULL;
 #endif
 
     key->meth = meth;

crypto/engine/eng_cnf.c

@@ -227,6 +227,7 @@ static int int_engine_module_init(CONF_IMODULE *md, const CONF *cnf)
 static void int_engine_module_finish(CONF_IMODULE *md)
 {
     ENGINE *e;
+
     while ((e = sk_ENGINE_pop(initialized_engines)))
         ENGINE_finish(e);
     sk_ENGINE_free(initialized_engines);

crypto/engine/eng_init.c

@@ -136,10 +136,8 @@ int ENGINE_finish(ENGINE *e)
 {
     int to_return = 1;
 
-    if (e == NULL) {
-        ENGINEerr(ENGINE_F_ENGINE_FINISH, ERR_R_PASSED_NULL_PARAMETER);
-        return 0;
-    }
+    if (e == NULL)
+        return 1;
     CRYPTO_w_lock(CRYPTO_LOCK_ENGINE);
     to_return = engine_unlocked_finish(e, 1);
     CRYPTO_w_unlock(CRYPTO_LOCK_ENGINE);

crypto/evp/digest.c

@@ -137,12 +137,7 @@ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx)
     }
     EVP_PKEY_CTX_free(ctx->pctx);
 #ifndef OPENSSL_NO_ENGINE
-    if (ctx->engine)
-        /*
-         * The EVP_MD we used belongs to an ENGINE, release the functional
-         * reference we held for this reason.
-         */
-        ENGINE_finish(ctx->engine);
+    ENGINE_finish(ctx->engine);
 #endif
     memset(ctx, 0, sizeof(*ctx));
 
@@ -187,21 +182,21 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
          * previous check attempted to avoid this if the same ENGINE and
          * EVP_MD could be used).
          */
-        if (ctx->engine)
-            ENGINE_finish(ctx->engine);
-        if (impl) {
+        ENGINE_finish(ctx->engine);
+        if (impl != NULL) {
             if (!ENGINE_init(impl)) {
                 EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
                 return 0;
             }
-        } else
+        } else {
             /* Ask if an ENGINE is reserved for this job */
             impl = ENGINE_get_digest_engine(type->type);
-        if (impl) {
+        }
+        if (impl != NULL) {
             /* There's an ENGINE for this job ... (apparently) */
             const EVP_MD *d = ENGINE_get_digest(impl, type->type);
-            if (!d) {
-                /* Same comment from evp_enc.c */
+
+            if (d == NULL) {
                 EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_INITIALIZATION_ERROR);
                 ENGINE_finish(impl);
                 return 0;

crypto/evp/evp_enc.c

@@ -79,12 +79,7 @@ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *c)
     }
     OPENSSL_free(c->cipher_data);
 #ifndef OPENSSL_NO_ENGINE
-    if (c->engine)
-        /*
-         * The EVP_CIPHER we used belongs to an ENGINE, release the
-         * functional reference we held for this reason.
-         */
-        ENGINE_finish(c->engine);
+    ENGINE_finish(c->engine);
 #endif
     memset(c, 0, sizeof(*c));
     return 1;

crypto/evp/p_lib.c

@@ -224,10 +224,8 @@ static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
             return 1;
 #ifndef OPENSSL_NO_ENGINE
         /* If we have an ENGINE release it */
-        if (pkey->engine) {
-            ENGINE_finish(pkey->engine);
-            pkey->engine = NULL;
-        }
+        ENGINE_finish(pkey->engine);
+        pkey->engine = NULL;
 #endif
     }
     if (str)
@@ -235,10 +233,10 @@ static int pkey_set_type(EVP_PKEY *pkey, int type, const char *str, int len)
     else
         ameth = EVP_PKEY_asn1_find(&e, type);
 #ifndef OPENSSL_NO_ENGINE
-    if (!pkey && e)
+    if (pkey == NULL)
         ENGINE_finish(e);
 #endif
-    if (!ameth) {
+    if (ameth == NULL) {
         EVPerr(EVP_F_PKEY_SET_TYPE, EVP_R_UNSUPPORTED_ALGORITHM);
         return 0;
     }
@@ -396,8 +394,7 @@ int EVP_PKEY_type(int type)
     else
         ret = NID_undef;
 #ifndef OPENSSL_NO_ENGINE
-    if (e)
-        ENGINE_finish(e);
+    ENGINE_finish(e);
 #endif
     return ret;
 }
@@ -437,10 +434,8 @@ static void EVP_PKEY_free_it(EVP_PKEY *x)
         x->pkey.ptr = NULL;
     }
 #ifndef OPENSSL_NO_ENGINE
-    if (x->engine) {
-        ENGINE_finish(x->engine);
-        x->engine = NULL;
-    }
+    ENGINE_finish(x->engine);
+    x->engine = NULL;
 #endif
 }
 

crypto/evp/pmeth_lib.c

@@ -162,8 +162,7 @@ static EVP_PKEY_CTX *int_ctx_new(EVP_PKEY *pkey, ENGINE *e, int id)
     ret = OPENSSL_zalloc(sizeof(*ret));
     if (ret == NULL) {
 #ifndef OPENSSL_NO_ENGINE
-        if (e)
-            ENGINE_finish(e);
+        ENGINE_finish(e);
 #endif
         EVPerr(EVP_F_INT_CTX_NEW, ERR_R_MALLOC_FAILURE);
         return NULL;
@@ -329,12 +328,7 @@ void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx)
     EVP_PKEY_free(ctx->pkey);
     EVP_PKEY_free(ctx->peerkey);
 #ifndef OPENSSL_NO_ENGINE
-    if (ctx->engine)
-        /*
-         * The EVP_PKEY_CTX we used belongs to an ENGINE, release the
-         * functional reference we held for this reason.
-         */
-        ENGINE_finish(ctx->engine);
+    ENGINE_finish(ctx->engine);
 #endif
     OPENSSL_free(ctx);
 }

crypto/pem/pem_lib.c

@@ -218,8 +218,7 @@ static int check_pem(const char *nm, const char *name)
                 else
                     r = 0;
 #ifndef OPENSSL_NO_ENGINE
-                if (e)
-                    ENGINE_finish(e);
+                ENGINE_finish(e);
 #endif
                 return r;
             }

crypto/rand/rand_lib.c

@@ -79,10 +79,8 @@ static const RAND_METHOD *default_RAND_meth = NULL;
 int RAND_set_rand_method(const RAND_METHOD *meth)
 {
 #ifndef OPENSSL_NO_ENGINE
-    if (funct_ref) {
-        ENGINE_finish(funct_ref);
-        funct_ref = NULL;
-    }
+    ENGINE_finish(funct_ref);
+    funct_ref = NULL;
 #endif
     default_RAND_meth = meth;
     return 1;
@@ -95,7 +93,7 @@ const RAND_METHOD *RAND_get_rand_method(void)
         ENGINE *e = ENGINE_get_default_RAND();
         if (e) {
             default_RAND_meth = ENGINE_get_RAND(e);
-            if (!default_RAND_meth) {
+            if (default_RAND_meth == NULL) {
                 ENGINE_finish(e);
                 e = NULL;
             }
@@ -117,7 +115,7 @@ int RAND_set_rand_engine(ENGINE *engine)
         if (!ENGINE_init(engine))
             return 0;
         tmp_meth = ENGINE_get_RAND(engine);
-        if (!tmp_meth) {
+        if (tmp_meth == NULL) {
             ENGINE_finish(engine);
             return 0;
         }

crypto/rsa/rsa_lib.c

@@ -109,10 +109,8 @@ int RSA_set_method(RSA *rsa, const RSA_METHOD *meth)
     if (mtmp->finish)
         mtmp->finish(rsa);
 #ifndef OPENSSL_NO_ENGINE
-    if (rsa->engine) {
-        ENGINE_finish(rsa->engine);
-        rsa->engine = NULL;
-    }
+    ENGINE_finish(rsa->engine);
+    rsa->engine = NULL;
 #endif
     rsa->meth = meth;
     if (meth->init)
@@ -143,7 +141,7 @@ RSA *RSA_new_method(ENGINE *engine)
         ret->engine = ENGINE_get_default_RSA();
     if (ret->engine) {
         ret->meth = ENGINE_get_RSA(ret->engine);
-        if (!ret->meth) {
+        if (ret->meth == NULL) {
             RSAerr(RSA_F_RSA_NEW_METHOD, ERR_R_ENGINE_LIB);
             ENGINE_finish(ret->engine);
             OPENSSL_free(ret);

ssl/ssl_ciph.c

@@ -439,8 +439,7 @@ static int get_optional_pkey_id(const char *pkey_name)
                                     ameth) <= 0)
             pkey_id = 0;
     }
-    if (tmpeng)
-        ENGINE_finish(tmpeng);
+    ENGINE_finish(tmpeng);
     return pkey_id;
 }
 

ssl/ssl_lib.c

@@ -2433,8 +2433,7 @@ void SSL_CTX_free(SSL_CTX *a)
     SSL_CTX_SRP_CTX_free(a);
 #endif
 #ifndef OPENSSL_NO_ENGINE
-    if (a->client_cert_engine)
-        ENGINE_finish(a->client_cert_engine);
+    ENGINE_finish(a->client_cert_engine);
 #endif
 
 #ifndef OPENSSL_NO_EC