lints: enable and address clippy::manual_let_else

ctz · ctz · commit 8aafd69ff9af · 2025-06-06T14:42:15.000+01:00
diff --git a/Cargo.toml b/Cargo.toml
@@ -24,3 +24,6 @@ trivial_numeric_casts = "warn"
 unused_import_braces = "warn"
 unused_extern_crates = "warn"
 unused_qualifications = "warn"
+
+[lints.clippy]
+manual_let_else = "warn"
diff --git a/src/callbacks.rs b/src/callbacks.rs
@@ -64,11 +64,8 @@ impl AlpnCallbackConfig {
     ///
     /// Returns the selected ALPN, or None, or an error.
     pub fn invoke(&self, offer: &[u8]) -> Result<Option<Vec<u8>>, Error> {
-        let callback = match self.cb {
-            Some(callback) => callback,
-            None => {
-                return Ok(None);
-            }
+        let Some(callback) = self.cb else {
+            return Ok(None);
         };
 
         let ssl = SslCallbackContext::ssl_ptr();
@@ -115,11 +112,8 @@ pub struct CertCallbackConfig {
 
 impl CertCallbackConfig {
     pub fn invoke(&self) -> Result<(), Error> {
-        let callback = match self.cb {
-            Some(callback) => callback,
-            None => {
-                return Ok(());
-            }
+        let Some(callback) = self.cb else {
+            return Ok(());
         };
         let ssl = SslCallbackContext::ssl_ptr();
 
@@ -150,11 +144,8 @@ pub struct ServerNameCallbackConfig {
 
 impl ServerNameCallbackConfig {
     pub fn invoke(&self) -> Result<(), Error> {
-        let callback = match self.cb {
-            Some(callback) => callback,
-            None => {
-                return Ok(());
-            }
+        let Some(callback) = self.cb else {
+            return Ok(());
         };
 
         let ssl = SslCallbackContext::ssl_ptr();
@@ -192,11 +183,8 @@ pub fn invoke_session_new_callback(
     callback: SSL_CTX_new_session_cb,
     sess: Arc<NotThreadSafe<SSL_SESSION>>,
 ) -> bool {
-    let callback = match callback {
-        Some(callback) => callback,
-        None => {
-            return false;
-        }
+    let Some(callback) = callback else {
+        return false;
     };
 
     let ssl = SslCallbackContext::ssl_ptr();
@@ -215,12 +203,7 @@ pub fn invoke_session_get_callback(
     callback: SSL_CTX_sess_get_cb,
     id: &[u8],
 ) -> Option<Arc<NotThreadSafe<SSL_SESSION>>> {
-    let callback = match callback {
-        Some(callback) => callback,
-        None => {
-            return None;
-        }
-    };
+    let callback = callback?;
 
     let ssl_ptr = SslCallbackContext::ssl_ptr();
     let mut copy = 1;
@@ -244,11 +227,8 @@ pub fn invoke_session_remove_callback(
     ssl_ctx: *mut SSL_CTX,
     sess: Arc<NotThreadSafe<SSL_SESSION>>,
 ) {
-    let callback = match callback {
-        Some(callback) => callback,
-        None => {
-            return;
-        }
+    let Some(callback) = callback else {
+        return;
     };
 
     let sess_ptr = Arc::into_raw(sess) as *mut SSL_SESSION;
diff --git a/src/conf.rs b/src/conf.rs
@@ -26,11 +26,8 @@ impl SslConfigCtx {
     }
 
     pub(super) fn cmd(&mut self, cmd: &str, value: Option<&str>) -> c_int {
-        let command = match self.supported_command(cmd) {
-            Some(command) => command,
-            None => {
-                return -2; // "A return value of -2 means option is not recognised."
-            }
+        let Some(command) = self.supported_command(cmd) else {
+            return -2; // "A return value of -2 means option is not recognised."
         };
 
         match (command.action)(self, value) {
@@ -85,9 +82,8 @@ impl SslConfigCtx {
     }
 
     fn min_protocol(&mut self, proto: Option<&str>) -> Result<ActionResult, Error> {
-        let ver = match Self::parse_protocol_version(proto) {
-            Some(ver) => ver,
-            None => return Err(Error::bad_data("unrecognized protocol version")),
+        let Some(ver) = Self::parse_protocol_version(proto) else {
+            return Err(Error::bad_data("unrecognized protocol version"));
         };
 
         Ok(match &self.state {
@@ -105,9 +101,8 @@ impl SslConfigCtx {
     }
 
     fn max_protocol(&mut self, proto: Option<&str>) -> Result<ActionResult, Error> {
-        let ver = match Self::parse_protocol_version(proto) {
-            Some(ver) => ver,
-            None => return Err(Error::bad_data("unrecognized protocol version")),
+        let Some(ver) = Self::parse_protocol_version(proto) else {
+            return Err(Error::bad_data("unrecognized protocol version"));
         };
 
         Ok(match &self.state {
@@ -132,9 +127,8 @@ impl SslConfigCtx {
             State::ApplyingToCtx(ctx) => ctx.get().verify_mode,
         };
 
-        let raw_mode = match raw_mode {
-            Some(raw_mode) => raw_mode,
-            None => return Ok(ActionResult::ValueRequired),
+        let Some(raw_mode) = raw_mode else {
+            return Ok(ActionResult::ValueRequired);
         };
 
         if !self.flags.is_server() && !self.flags.is_client() {
@@ -176,9 +170,8 @@ impl SslConfigCtx {
     }
 
     fn certificate(&mut self, path: Option<&str>) -> Result<ActionResult, Error> {
-        let path = match path {
-            Some(path) => path,
-            None => return Ok(ActionResult::ValueRequired),
+        let Some(path) = path else {
+            return Ok(ActionResult::ValueRequired);
         };
         let cert_chain = use_cert_chain_file(path)?;
 
@@ -201,9 +194,8 @@ impl SslConfigCtx {
     }
 
     fn private_key(&mut self, path: Option<&str>) -> Result<ActionResult, Error> {
-        let path = match path {
-            Some(path) => path,
-            None => return Ok(ActionResult::ValueRequired),
+        let Some(path) = path else {
+            return Ok(ActionResult::ValueRequired);
         };
         let key = use_private_key_file(path, FILETYPE_PEM)?;
 
@@ -221,9 +213,8 @@ impl SslConfigCtx {
     }
 
     fn verify_ca_path(&mut self, path: Option<&str>) -> Result<ActionResult, Error> {
-        let path = match path {
-            Some(path) => path,
-            None => return Ok(ActionResult::ValueRequired),
+        let Some(path) = path else {
+            return Ok(ActionResult::ValueRequired);
         };
 
         match &self.state {
@@ -242,9 +233,8 @@ impl SslConfigCtx {
     }
 
     fn verify_ca_file(&mut self, path: Option<&str>) -> Result<ActionResult, Error> {
-        let path = match path {
-            Some(path) => path,
-            None => return Ok(ActionResult::ValueRequired),
+        let Some(path) = path else {
+            return Ok(ActionResult::ValueRequired);
         };
 
         match &self.state {
@@ -280,9 +270,8 @@ impl SslConfigCtx {
     }
 
     fn options(&mut self, opts: Option<&str>) -> Result<ActionResult, Error> {
-        let opts = match opts {
-            Some(path) => path,
-            None => return Ok(ActionResult::ValueRequired),
+        let Some(opts) = opts else {
+            return Ok(ActionResult::ValueRequired);
         };
 
         for part in opts.split(',').map(|part| part.trim()) {
diff --git a/src/entry.rs b/src/entry.rs
@@ -426,13 +426,10 @@ entry! {
         let ctx = try_clone_arc!(ctx);
         let slice = try_slice!(protos, c_uint_into_usize(protos_len));
 
-        let alpn = match crate::parse_alpn(slice) {
-            Some(alpn) => alpn,
-            None => {
-                // nb. openssl doesn't add anything to the error stack
-                // in this case.
-                return Error::bad_data("invalid alpn protocols").raise().into();
-            }
+        let Some(alpn) = crate::parse_alpn(slice) else {
+            // nb. openssl doesn't add anything to the error stack
+            // in this case.
+            return Error::bad_data("invalid alpn protocols").raise().into();
         };
 
         ctx.get_mut().set_alpn_offer(alpn);
@@ -766,18 +763,14 @@ entry! {
     pub fn _SSL_new(ctx: *mut SSL_CTX) -> *mut SSL {
         let ctx = try_clone_arc!(ctx);
 
-        let ssl = match crate::Ssl::new(ctx.clone(), ctx.get()).ok() {
-            Some(ssl) => ssl,
-            None => return ptr::null_mut(),
+        let Some(ssl) = crate::Ssl::new(ctx.clone(), ctx.get()).ok() else {
+            return ptr::null_mut();
         };
 
         let out = to_arc_mut_ptr(NotThreadSafe::new(ssl));
-        let ex_data = match ExData::new_ssl(out) {
-            None => {
-                _SSL_free(out);
-                return ptr::null_mut();
-            }
-            Some(ex_data) => ex_data,
+        let Some(ex_data) = ExData::new_ssl(out) else {
+            _SSL_free(out);
+            return ptr::null_mut();
         };
 
         // safety: we just made this object, the pointer must be valid.
@@ -939,13 +932,10 @@ entry! {
         let ssl = try_clone_arc!(ssl);
         let slice = try_slice!(protos, c_uint_into_usize(protos_len));
 
-        let alpn = match crate::parse_alpn(slice) {
-            Some(alpn) => alpn,
-            None => {
-                // nb. openssl doesn't add anything to the error stack
-                // in this case.
-                return Error::bad_data("invalid alpn protocols").raise().into();
-            }
+        let Some(alpn) = crate::parse_alpn(slice) else {
+            // nb. openssl doesn't add anything to the error stack
+            // in this case.
+            return Error::bad_data("invalid alpn protocols").raise().into();
         };
 
         ssl.get_mut().set_alpn_offer(alpn);
@@ -1770,11 +1760,8 @@ entry! {
         let ptr = unsafe { ptr::read(pp) };
         let slice = try_slice!(ptr, length);
 
-        let (sess, rest) = match SSL_SESSION::decode(slice) {
-            Some(r) => r,
-            None => {
-                return Error::bad_data("cannot decode SSL_SESSION").raise().into();
-            }
+        let Some((sess, rest)) = SSL_SESSION::decode(slice) else {
+            return Error::bad_data("cannot decode SSL_SESSION").raise().into();
         };
         let consumed_bytes = slice.len() - rest.len();
 
diff --git a/src/lib.rs b/src/lib.rs
@@ -1086,9 +1086,8 @@ impl Ssl {
 
     fn invoke_accepted_callbacks(&mut self) -> Result<(), error::Error> {
         // called on transition from `Accepting` -> `Accepted`
-        let accepted = match &self.conn {
-            ConnState::Accepted(accepted) => accepted,
-            _ => unreachable!(),
+        let ConnState::Accepted(accepted) = &self.conn else {
+            unreachable!();
         };
 
         self.server_name = accepted
@@ -1160,9 +1159,8 @@ impl Ssl {
         let cache = self.ctx.get_mut().caches.get_server();
         config.session_storage = cache.clone();
 
-        let accepted = match mem::replace(&mut self.conn, ConnState::Nothing) {
-            ConnState::Accepted(accepted) => accepted,
-            _ => unreachable!(),
+        let ConnState::Accepted(accepted) = mem::replace(&mut self.conn, ConnState::Nothing) else {
+            unreachable!();
         };
 
         // TODO: send alert
@@ -1241,9 +1239,8 @@ impl Ssl {
     }
 
     fn try_io(&mut self) -> Result<(), error::Error> {
-        let bio = match self.bio.as_mut() {
-            Some(bio) => bio,
-            None => return Ok(()), // investigate OpenSSL behaviour without a BIO
+        let Some(bio) = self.bio.as_mut() else {
+            return Ok(()); // investigate OpenSSL behaviour without a BIO
         };
 
         match &mut self.conn {
@@ -1338,23 +1335,20 @@ impl Ssl {
     }
 
     fn init_peer_cert(&mut self) {
-        let conn = match self.conn() {
-            Some(conn) => conn,
-            None => return,
+        let Some(conn) = self.conn() else {
+            return;
         };
 
-        let certs = match conn.peer_certificates() {
-            Some(certs) => certs,
-            None => return,
+        let Some(certs) = conn.peer_certificates() else {
+            return;
         };
 
         let mut stack = x509::OwnedX509Stack::empty();
         let mut peer_cert = None;
 
         for (i, cert) in certs.iter().enumerate() {
-            let converted = match x509::OwnedX509::parse_der(cert.as_ref()) {
-                Some(converted) => converted,
-                None => return,
+            let Some(converted) = x509::OwnedX509::parse_der(cert.as_ref()) else {
+                return;
             };
 
             if i == 0 {
