diff --git a/src/network/tc/tc.c b/src/network/tc/tc.c
index 7be2de6354..796036c071 100644
--- a/src/network/tc/tc.c
+++ b/src/network/tc/tc.c
@@ -183,9 +183,8 @@ int request_process_traffic_control(Request *req) {
         tc = ASSERT_PTR(req->traffic_control);
 
         r = traffic_control_is_ready_to_configure(link, tc);
-        if (r <= 0) {
+        if (r <= 0)
                 return r;
-        }
 
         r = traffic_control_configure(link, tc);
         if (r < 0)
diff --git a/src/resolve/test-resolved-stream.c b/src/resolve/test-resolved-stream.c
index beaa855384..2f6245f406 100644
--- a/src/resolve/test-resolved-stream.c
+++ b/src/resolve/test-resolved-stream.c
@@ -221,13 +221,11 @@ static void test_dns_stream(bool tls) {
         log_info("test-resolved-stream: Started %s test", tls ? "TLS" : "TCP");
 
 #if ENABLE_DNS_OVER_TLS
-        if (tls) {
-                /* For TLS mode, use DNS_OVER_TLS_OPPORTUNISTIC instead of
-                 * DNS_OVER_TLS_YES, just to make certificate validation more
-                 * lenient, allowing us to use self-signed certificates.
-                 * We never downgrade, everything we test always goes over TLS */
+        if (tls)
+                /* For TLS mode, use DNS_OVER_TLS_OPPORTUNISTIC instead of DNS_OVER_TLS_YES, just to make
+                 * certificate validation more lenient, allowing us to use self-signed certificates.  We
+                 * never downgrade, everything we test always goes over TLS */
                 manager.dns_over_tls_mode = DNS_OVER_TLS_OPPORTUNISTIC;
-        }
 #endif
 
         assert_se(sd_event_new(&event) >= 0);