Avoid nested if's without braces.

Creates a potential for confusing code if we later want to add an else clause.

library/ssl_cli.c

@@ -605,16 +605,18 @@ static int ssl_write_client_hello( ssl_context *ssl )
      */
 #if defined(POLARSSL_SSL_RENEGOTIATION)
     if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE )
-#endif
-    if( ssl->session_negotiate->ticket != NULL &&
-        ssl->session_negotiate->ticket_len != 0 )
     {
-        ret = ssl->f_rng( ssl->p_rng, ssl->session_negotiate->id, 32 );
+#endif
+        if( ssl->session_negotiate->ticket != NULL &&
+                ssl->session_negotiate->ticket_len != 0 )
+        {
+            ret = ssl->f_rng( ssl->p_rng, ssl->session_negotiate->id, 32 );
 
-        if( ret != 0 )
+            if( ret != 0 )
-            return( ret );
+                return( ret );
 
-        ssl->session_negotiate->length = n = 32;
+            ssl->session_negotiate->length = n = 32;
+        }
     }
 #endif /* POLARSSL_SSL_SESSION_TICKETS */
 

library/ssl_srv.c

@@ -1248,10 +1248,12 @@ static int ssl_parse_client_hello( ssl_context *ssl )
 #if defined(POLARSSL_SSL_RENEGOTIATION)
     if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE )
 #endif
-    if( ( ret = ssl_fetch_input( ssl, 5 ) ) != 0 )
     {
-        SSL_DEBUG_RET( 1, "ssl_fetch_input", ret );
+        if( ( ret = ssl_fetch_input( ssl, 5 ) ) != 0 )
-        return( ret );
+        {
+            SSL_DEBUG_RET( 1, "ssl_fetch_input", ret );
+            return( ret );
+        }
     }
 
     buf = ssl->in_hdr;
@@ -1301,10 +1303,12 @@ static int ssl_parse_client_hello( ssl_context *ssl )
 #if defined(POLARSSL_SSL_RENEGOTIATION)
     if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE )
 #endif
-    if( ( ret = ssl_fetch_input( ssl, 5 + n ) ) != 0 )
     {
-        SSL_DEBUG_RET( 1, "ssl_fetch_input", ret );
+        if( ( ret = ssl_fetch_input( ssl, 5 + n ) ) != 0 )
-        return( ret );
+        {
+            SSL_DEBUG_RET( 1, "ssl_fetch_input", ret );
+            return( ret );
+        }
     }
 
     buf = ssl->in_msg;