]> ruderich.org/simon Gitweb - tlsproxy/tlsproxy.git/commitdiff
ruderich.org/simon / tlsproxy / tlsproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: c5059d4)
Simplify str(n)cmp() if conditions.
authorSimon Ruderich <simon@ruderich.org>
Sun, 28 Jul 2013 02:38:43 +0000 (04:38 +0200)
committerSimon Ruderich <simon@ruderich.org>
Sun, 28 Jul 2013 02:38:43 +0000 (04:38 +0200)
src/connection.c patch | blob | history
src/verify.c patch | blob | history

diff --git a/src/connection.c b/src/connection.c
index 710963c8f0bb96b4ab37d626b2d1bf0f0f04db1f..316339eb8cbbb6ce522b59bc570571bfe405438b 100644 (file)
--- a/src/connection.c
+++ b/src/connection.c
@@ -186,7 +186,7 @@ void handle_connection(int client_socket) {
         }
 
         /* Check response of proxy server. */
-        if (strncmp(buffer, "HTTP/1.0 200", 12) != 0) {
+        if (strncmp(buffer, "HTTP/1.0 200", 12)) {
             LOG(LOG_WARNING, "bad proxy response: %s", buffer);
             send_forwarding_failure(client_fd);
             goto out;
@@ -357,7 +357,7 @@ static int initialize_tls_session_client(int peer_socket,
 
     /* The "invalid" hostname is special. If it's used we send an invalid
      * certificate to let the client know something is wrong. */
-    use_invalid_cert = (strcmp(hostname, "invalid") == 0);
+    use_invalid_cert = (!strcmp(hostname, "invalid"));
 
     if (proxy_certificate_path(hostname, path, sizeof(path)) != 0) {
         LOG(LOG_ERROR,
@@ -514,7 +514,7 @@ static int read_http_request(FILE *client_fd, char *request, size_t length) {
 
     while (fgets(buffer, sizeof(buffer), client_fd) != NULL) {
         /* End of header. */
-        if (strcmp(buffer, "\n") == 0 || strcmp(buffer, "\r\n") == 0) {
+        if (!strcmp(buffer, "\n") || !strcmp(buffer, "\r\n")) {
             break;
         }
     }
@@ -821,7 +821,7 @@ static int parse_request(const char *request, char *host, char *port,
     char *position;
 
     /* scanf() doesn't check spaces. */
-    if (strncmp(request, "CONNECT ", 8) != 0) {
+    if (strncmp(request, "CONNECT ", 8)) {
         return -1;
     }
     /* Check request and extract data, "host:port" is not yet separated. */
diff --git a/src/verify.c b/src/verify.c
index 96c49a51b7f23ff0502dbfeeec3d1163052943ed..2b49f1d2dac5fb80036dce312d82dedb24a3b2aa 100644 (file)
--- a/src/verify.c
+++ b/src/verify.c
@@ -148,7 +148,7 @@ int verify_tls_connection(gnutls_session_t session, const char *hostname) {
     fclose(file);
 
     /* Check if the server certificate matches our stored certificate. */
-    if (strcmp(stored_cert, server_cert) != 0) {
+    if (strcmp(stored_cert, server_cert)) {
         LOG(LOG_ERROR,
             "verify_tls_connection(): server certificate changed!",
             path, strerror(errno));
Certificate verifying tlsproxy, prevents MITMs by (manipulated) CAs by verifying the server certificate.