[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_2_9_7-57-ge2a5fa1
|
From: |
Simon Josefsson |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_2_9_7-57-ge2a5fa1 |
|
Date: |
Thu, 05 Nov 2009 08:50:12 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=e2a5fa157eb1c5fcc946a4690553497d2cb04c09
The branch, master has been updated
via e2a5fa157eb1c5fcc946a4690553497d2cb04c09 (commit)
from 91b652d36dcb57db89d7edab6caa88d211f7d859 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit e2a5fa157eb1c5fcc946a4690553497d2cb04c09
Author: Simon Josefsson <address@hidden>
Date: Thu Nov 5 09:50:01 2009 +0100
Indent code.
-----------------------------------------------------------------------
Summary of changes:
doc/examples/ex-cert-select.c | 61 +++---
doc/examples/ex-client-psk.c | 2 +-
doc/examples/ex-pkcs12.c | 2 +-
doc/examples/ex-serv-anon.c | 3 +-
doc/examples/ex-serv-export.c | 3 +-
doc/examples/ex-serv-pgp.c | 3 +-
doc/examples/ex-serv-psk.c | 3 +-
doc/examples/ex-serv-srp.c | 3 +-
doc/examples/ex-serv1.c | 3 +-
guile/src/core.c | 10 +-
lib/auth_cert.c | 117 +++++----
lib/auth_dhe.c | 11 +-
lib/auth_rsa_export.c | 7 +-
lib/auth_srp.c | 4 +-
lib/auth_srp_passwd.c | 4 +-
lib/auth_srp_rsa.c | 7 +-
lib/ext_cert_type.c | 1 -
lib/ext_server_name.c | 8 +-
lib/ext_session_ticket.c | 54 +++--
lib/ext_signature.c | 7 +-
lib/gnutls_algorithms.c | 68 +++---
lib/gnutls_buffers.c | 91 ++++---
lib/gnutls_cert.c | 2 +-
lib/gnutls_cipher.c | 28 ++-
lib/gnutls_errors.c | 17 +-
lib/gnutls_extensions.c | 16 +-
lib/gnutls_handshake.c | 317 ++++++++++++++-----------
lib/gnutls_hash_int.c | 16 +-
lib/gnutls_mpi.c | 4 +-
lib/gnutls_priority.c | 50 ++--
lib/gnutls_psk.c | 4 +-
lib/gnutls_record.c | 18 +-
lib/gnutls_session_pack.c | 18 +-
lib/gnutls_sig.c | 165 ++++++++------
lib/gnutls_state.c | 10 +-
lib/gnutls_str.c | 62 +++---
lib/gnutls_supplemental.c | 2 +-
lib/gnutls_ui.c | 2 +-
lib/gnutls_x509.c | 110 +++++----
lib/minitasn1/decoding.c | 28 ++-
lib/opencdk/armor.c | 3 +-
lib/opencdk/keydb.c | 3 +-
lib/opencdk/literal.c | 4 +-
lib/opencdk/misc.c | 2 +-
lib/opencdk/new-packet.c | 4 +-
lib/opencdk/read-packet.c | 29 ++-
lib/opencdk/sig-check.c | 4 +-
lib/opencdk/stream.c | 5 +-
lib/opencdk/verify.c | 3 +-
lib/openpgp/gnutls_openpgp.c | 14 +-
lib/openpgp/output.c | 3 +-
lib/openpgp/pgp.c | 12 +-
lib/x509/crq.c | 32 +--
lib/x509/dn.c | 6 +-
lib/x509/pkcs12.c | 12 +-
lib/x509/pkcs12_bag.c | 310 ++++++++++++------------
lib/x509/privkey_pkcs8.c | 525 +++++++++++++++++++++--------------------
lib/x509/verify.c | 113 +++++----
lib/x509/x509_write.c | 7 +-
libextra/gl/md5.c | 6 +-
libextra/gnutls_openssl.c | 2 +-
src/certtool-cfg.c | 23 ++-
src/cli.c | 72 +++---
src/common.c | 12 +-
src/crypt.c | 6 +-
src/psk.c | 2 +-
src/serv.c | 10 +-
tests/anonself.c | 5 +-
tests/chainverify.c | 16 +-
tests/crq_apis.c | 9 +-
tests/cve-2008-4989.c | 197 ++++++++--------
tests/cve-2009-1415.c | 3 +-
tests/dhepskself.c | 7 +-
tests/dn2.c | 10 +-
tests/finished.c | 2 +-
tests/hostname-check.c | 9 +-
tests/mini-eagain.c | 78 +++---
tests/mini.c | 2 +-
tests/nul-in-x509-names.c | 11 +-
tests/openpgpself.c | 5 +-
tests/oprfi.c | 3 +-
tests/pkcs12_encode.c | 6 +-
tests/pkcs12_s2k.c | 54 +++--
tests/pkcs12_s2k_pem.c | 35 ++-
tests/pskself.c | 5 +-
tests/resume.c | 20 +-
tests/tlsia.c | 5 +-
tests/x509_altname.c | 114 +++++----
tests/x509dn.c | 5 +-
tests/x509self.c | 78 +++---
tests/x509sign-verify.c | 25 +-
tests/x509signself.c | 5 +-
92 files changed, 1732 insertions(+), 1542 deletions(-)
diff --git a/doc/examples/ex-cert-select.c b/doc/examples/ex-cert-select.c
index 35a90b0..fe38ac2 100644
--- a/doc/examples/ex-cert-select.c
+++ b/doc/examples/ex-cert-select.c
@@ -264,38 +264,41 @@ cert_callback (gnutls_session_t session,
gnutls_sign_algorithm_t cert_algo, req_algo;
int i, match = 0;
- ret = gnutls_x509_crt_get_signature_algorithm(crt);
+ ret = gnutls_x509_crt_get_signature_algorithm (crt);
if (ret < 0)
- {
- /* error reading signature algorithm
- */
- return -1;
- }
+ {
+ /* error reading signature algorithm
+ */
+ return -1;
+ }
cert_algo = ret;
-
- i=0;
- do {
- ret = gnutls_sign_algorithm_get_requested(session, i, &req_algo);
- if (ret >= 0 && cert_algo == req_algo)
- {
- match = 1;
- break;
- }
-
- /* server has not requested anything specific */
- if (i==0 && ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
- {
- match = 1;
- break;
- }
- i++;
- } while(ret >= 0);
-
+
+ i = 0;
+ do
+ {
+ ret = gnutls_sign_algorithm_get_requested (session, i, &req_algo);
+ if (ret >= 0 && cert_algo == req_algo)
+ {
+ match = 1;
+ break;
+ }
+
+ /* server has not requested anything specific */
+ if (i == 0 && ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+ {
+ match = 1;
+ break;
+ }
+ i++;
+ }
+ while (ret >= 0);
+
if (match == 0)
- {
- printf("- Could not find a suitable certificate to send to
server\n");
- return -1;
- }
+ {
+ printf
+ ("- Could not find a suitable certificate to send to server\n");
+ return -1;
+ }
st->type = type;
st->ncerts = 1;
diff --git a/doc/examples/ex-client-psk.c b/doc/examples/ex-client-psk.c
index d4edfdd..33e3d32 100644
--- a/doc/examples/ex-client-psk.c
+++ b/doc/examples/ex-client-psk.c
@@ -30,7 +30,7 @@ main (void)
char buffer[MAX_BUF + 1];
const char *err;
gnutls_psk_client_credentials_t pskcred;
- const gnutls_datum_t key = { (char*) "DEADBEEF", 8 };
+ const gnutls_datum_t key = { (char *) "DEADBEEF", 8 };
gnutls_global_init ();
diff --git a/doc/examples/ex-pkcs12.c b/doc/examples/ex-pkcs12.c
index ef7d38a..7bb210b 100644
--- a/doc/examples/ex-pkcs12.c
+++ b/doc/examples/ex-pkcs12.c
@@ -33,7 +33,7 @@ write_pkcs12 (const gnutls_datum_t * cert,
/* A good idea might be to use gnutls_x509_privkey_get_key_id()
* to obtain a unique ID.
*/
- gnutls_datum_t key_id = { (char*) "\x00\x00\x07", 3 };
+ gnutls_datum_t key_id = { (char *) "\x00\x00\x07", 3 };
gnutls_global_init ();
diff --git a/doc/examples/ex-serv-anon.c b/doc/examples/ex-serv-anon.c
index 098432a..a9b908b 100644
--- a/doc/examples/ex-serv-anon.c
+++ b/doc/examples/ex-serv-anon.c
@@ -94,7 +94,8 @@ main (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
SOCKET_ERR (err, "bind");
diff --git a/doc/examples/ex-serv-export.c b/doc/examples/ex-serv-export.c
index f86a0c2..33b6d0a 100644
--- a/doc/examples/ex-serv-export.c
+++ b/doc/examples/ex-serv-export.c
@@ -173,7 +173,8 @@ main (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
SOCKET_ERR (err, "bind");
diff --git a/doc/examples/ex-serv-pgp.c b/doc/examples/ex-serv-pgp.c
index e0cfcdc..da8e8ef 100644
--- a/doc/examples/ex-serv-pgp.c
+++ b/doc/examples/ex-serv-pgp.c
@@ -108,7 +108,8 @@ main (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
SOCKET_ERR (err, "bind");
diff --git a/doc/examples/ex-serv-psk.c b/doc/examples/ex-serv-psk.c
index e010313..f661ff9 100644
--- a/doc/examples/ex-serv-psk.c
+++ b/doc/examples/ex-serv-psk.c
@@ -139,7 +139,8 @@ main (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
SOCKET_ERR (err, "bind");
diff --git a/doc/examples/ex-serv-srp.c b/doc/examples/ex-serv-srp.c
index 859b2f0..d601fa2 100644
--- a/doc/examples/ex-serv-srp.c
+++ b/doc/examples/ex-serv-srp.c
@@ -99,7 +99,8 @@ main (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
SOCKET_ERR (err, "bind");
diff --git a/doc/examples/ex-serv1.c b/doc/examples/ex-serv1.c
index 6dd8164..755bf8d 100644
--- a/doc/examples/ex-serv1.c
+++ b/doc/examples/ex-serv1.c
@@ -125,7 +125,8 @@ main (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
SOCKET_ERR (err, "bind");
diff --git a/guile/src/core.c b/guile/src/core.c
index c0ded90..e31e336 100644
--- a/guile/src/core.c
+++ b/guile/src/core.c
@@ -758,6 +758,7 @@ free_session_record_port (SCM port)
return 0;
}
+
#undef FUNC_NAME
#endif /* SCM_MAJOR_VERSION == 1 && SCM_MINOR_VERSION <= 8 */
@@ -868,15 +869,13 @@ make_session_record_port (SCM session)
unsigned char *c_port_buf;
const unsigned long mode_bits = SCM_OPN | SCM_RDNG | SCM_WRTNG;
- c_port_buf =
- (unsigned char *)
+ c_port_buf = (unsigned char *)
#ifdef HAVE_SCM_GC_MALLOC_POINTERLESS
scm_gc_malloc_pointerless
#else
scm_gc_malloc
#endif
- (SCM_GNUTLS_SESSION_RECORD_PORT_BUFFER_SIZE,
- session_record_port_gc_hint);
+ (SCM_GNUTLS_SESSION_RECORD_PORT_BUFFER_SIZE, session_record_port_gc_hint);
/* Create a new port. */
port = scm_new_port_table_entry (session_record_port_type);
@@ -956,7 +955,8 @@ SCM_DEFINE (scm_gnutls_set_session_transport_fd_x,
c_session = scm_to_gnutls_session (session, 1, FUNC_NAME);
c_fd = (int) scm_to_uint (fd);
- gnutls_transport_set_ptr (c_session, (gnutls_transport_ptr_t) (intptr_t)
c_fd);
+ gnutls_transport_set_ptr (c_session,
+ (gnutls_transport_ptr_t) (intptr_t) c_fd);
SCM_GNUTLS_SET_SESSION_TRANSPORT_IS_FD (c_session, 1);
diff --git a/lib/auth_cert.c b/lib/auth_cert.c
index 2cd8b58..0dbba1f 100644
--- a/lib/auth_cert.c
+++ b/lib/auth_cert.c
@@ -66,8 +66,7 @@ static gnutls_privkey *alloc_and_load_x509_key
(gnutls_x509_privkey_t key);
*/
static int
_gnutls_copy_certificate_auth_info (cert_auth_info_t info,
- gnutls_cert * cert,
- size_t ncerts)
+ gnutls_cert * cert, size_t ncerts)
{
/* Copy peer's information to auth_info_t
*/
@@ -1026,14 +1025,17 @@ _gnutls_proc_x509_server_certificate (gnutls_session_t
session,
gnutls_assert ();
goto cleanup;
}
-
+
/* check if signature algorithm is supported */
- ret = _gnutls_session_sign_algo_enabled(session,
peer_certificate_list[j].sign_algo);
+ ret =
+ _gnutls_session_sign_algo_enabled (session,
+ peer_certificate_list
+ [j].sign_algo);
if (ret < 0)
- {
- gnutls_assert();
- goto cleanup;
- }
+ {
+ gnutls_assert ();
+ goto cleanup;
+ }
p += len;
}
@@ -1360,7 +1362,7 @@ _gnutls_proc_cert_cert_req (gnutls_session_t session,
opaque * data,
return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
}
- if (_gnutls_version_has_selectable_sighash(ver))
+ if (_gnutls_version_has_selectable_sighash (ver))
{
/* read supported hashes */
int hash_num;
@@ -1369,12 +1371,12 @@ _gnutls_proc_cert_cert_req (gnutls_session_t session,
opaque * data,
p += 2;
DECR_LEN (dsize, hash_num);
- ret = _gnutls_sign_algorithm_parse_data( session, p, hash_num);
+ ret = _gnutls_sign_algorithm_parse_data (session, p, hash_num);
if (ret < 0)
- {
- gnutls_assert();
- return ret;
- }
+ {
+ gnutls_assert ();
+ return ret;
+ }
p += hash_num;
}
@@ -1420,7 +1422,7 @@ _gnutls_gen_cert_client_cert_vrfy (gnutls_session_t
session, opaque ** data)
int apr_cert_list_length, size;
gnutls_datum_t signature;
int total_data;
- opaque* p;
+ opaque *p;
gnutls_sign_algorithm_t sign_algo;
gnutls_protocol_t ver = gnutls_protocol_get_version (session);
@@ -1439,13 +1441,13 @@ _gnutls_gen_cert_client_cert_vrfy (gnutls_session_t
session, opaque ** data)
{
if ((ret =
_gnutls_handshake_sign_cert_vrfy (session,
- &apr_cert_list[0],
- apr_pkey, &signature)) < 0)
+ &apr_cert_list[0],
+ apr_pkey, &signature)) < 0)
{
gnutls_assert ();
return ret;
}
- sign_algo = ret;
+ sign_algo = ret;
}
else
{
@@ -1455,9 +1457,9 @@ _gnutls_gen_cert_client_cert_vrfy (gnutls_session_t
session, opaque ** data)
total_data = signature.size + 2;
/* add hash and signature algorithms */
- if (_gnutls_version_has_selectable_sighash(ver))
+ if (_gnutls_version_has_selectable_sighash (ver))
{
- total_data+=2;
+ total_data += 2;
}
*data = gnutls_malloc (total_data);
@@ -1468,20 +1470,20 @@ _gnutls_gen_cert_client_cert_vrfy (gnutls_session_t
session, opaque ** data)
}
p = *data;
- if (_gnutls_version_has_selectable_sighash(ver))
+ if (_gnutls_version_has_selectable_sighash (ver))
{
sign_algorithm_st aid;
/* error checking is not needed here since we have used those algorithms
*/
- aid = _gnutls_sign_to_tls_aid(sign_algo);
+ aid = _gnutls_sign_to_tls_aid (sign_algo);
p[0] = aid.hash_algorithm;
p[1] = aid.sign_algorithm;
- p+=2;
+ p += 2;
}
size = signature.size;
_gnutls_write_uint16 (size, p);
- p+=2;
+ p += 2;
memcpy (p, signature.data, size);
_gnutls_free_datum (&signature);
@@ -1509,27 +1511,27 @@ _gnutls_proc_cert_client_cert_vrfy (gnutls_session_t
session,
return GNUTLS_E_INTERNAL_ERROR;
}
- if (_gnutls_version_has_selectable_sighash(ver))
+ if (_gnutls_version_has_selectable_sighash (ver))
{
- sign_algorithm_st aid;
+ sign_algorithm_st aid;
DECR_LEN (dsize, 2);
aid.hash_algorithm = pdata[0];
aid.sign_algorithm = pdata[1];
-
- sign_algo = _gnutls_tls_aid_to_sign(&aid);
+
+ sign_algo = _gnutls_tls_aid_to_sign (&aid);
if (sign_algo == GNUTLS_PK_UNKNOWN)
- {
- gnutls_assert();
- return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
- }
- pdata+=2;
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
+ }
+ pdata += 2;
}
ret = _gnutls_session_sign_algo_enabled (session, sign_algo);
if (ret < 0)
{
- gnutls_assert();
+ gnutls_assert ();
return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
}
@@ -1552,7 +1554,9 @@ _gnutls_proc_cert_client_cert_vrfy (gnutls_session_t
session,
return ret;
}
- if ((ret = _gnutls_handshake_verify_cert_vrfy (session, &peer_cert, &sig,
sign_algo)) < 0)
+ if ((ret =
+ _gnutls_handshake_verify_cert_vrfy (session, &peer_cert, &sig,
+ sign_algo)) < 0)
{
gnutls_assert ();
_gnutls_gcert_deinit (&peer_cert);
@@ -1571,7 +1575,7 @@ _gnutls_gen_cert_server_cert_req (gnutls_session_t
session, opaque ** data)
int size, ret;
opaque *pdata;
gnutls_protocol_t ver = gnutls_protocol_get_version (session);
- const int signalgosize = 2+MAX_SIGNATURE_ALGORITHMS*2;
+ const int signalgosize = 2 + MAX_SIGNATURE_ALGORITHMS * 2;
/* Now we need to generate the RDN sequence. This is
* already in the CERTIFICATE_CRED structure, to improve
@@ -1593,7 +1597,7 @@ _gnutls_gen_cert_server_cert_req (gnutls_session_t
session, opaque ** data)
session->internals.ignore_rdn_sequence == 0)
size += cred->x509_rdn_sequence.size;
- if (_gnutls_version_has_selectable_sighash(ver))
+ if (_gnutls_version_has_selectable_sighash (ver))
/* Need two bytes to announce the number of supported hash
functions (see below). */
size += signalgosize;
@@ -1613,17 +1617,18 @@ _gnutls_gen_cert_server_cert_req (gnutls_session_t
session, opaque ** data)
pdata[2] = DSA_SIGN; /* only these for now */
pdata += CERTTYPE_SIZE;
- if (_gnutls_version_has_selectable_sighash(ver))
+ if (_gnutls_version_has_selectable_sighash (ver))
{
- ret = _gnutls_sign_algorithm_write_params(session, pdata, signalgosize);
+ ret =
+ _gnutls_sign_algorithm_write_params (session, pdata, signalgosize);
if (ret < 0)
- {
- gnutls_assert();
- return ret;
- }
-
+ {
+ gnutls_assert ();
+ return ret;
+ }
+
/* recalculate size */
- size=size-signalgosize+ret;
+ size = size - signalgosize + ret;
pdata += ret;
}
@@ -1915,23 +1920,29 @@ _gnutls_server_select_cert (gnutls_session_t session,
for (i = 0; i < cred->ncerts; i++)
{
- /* find one compatible certificate
+ /* find one compatible certificate
*/
if (requested_algo == GNUTLS_PK_ANY ||
requested_algo == cred->cert_list[i][0].subject_pk_algorithm)
{
- /* if cert type and signature algorithm matches
+ /* if cert type and signature algorithm matches
*/
- if (session->security_parameters.cert_type ==
cred->cert_list[i][0].cert_type &&
- (cred->cert_list[i][0].cert_type == GNUTLS_CRT_OPENPGP || /*
FIXME: make this a check for
- *
certificate type capabilities
- */
- !_gnutls_version_has_selectable_sighash
(gnutls_protocol_get_version (session)) ||
- _gnutls_session_sign_algo_requested(session,
cred->cert_list[i][0].sign_algo) == 0))
+ /* *INDENT-OFF* */
+ if (session->security_parameters.cert_type
+ == cred->cert_list[i][0].cert_type
+ && (cred->cert_list[i][0].cert_type == GNUTLS_CRT_OPENPGP
+ || /* FIXME: make this a check for certificate
+ type capabilities */
+ !_gnutls_version_has_selectable_sighash
+ (gnutls_protocol_get_version (session))
+ ||
+ _gnutls_session_sign_algo_requested
+ (session, cred->cert_list[i][0].sign_algo) == 0))
{
idx = i;
break;
}
+ /* *INDENT-ON* */
}
}
diff --git a/lib/auth_dhe.c b/lib/auth_dhe.c
index 7026026..eca85b3 100644
--- a/lib/auth_dhe.c
+++ b/lib/auth_dhe.c
@@ -149,8 +149,8 @@ gen_dhe_server_kx (gnutls_session_t session, opaque ** data)
{
if ((ret =
_gnutls_handshake_sign_data (session, &apr_cert_list[0],
- apr_pkey, &ddata, &signature,
- &sign_algo)) < 0)
+ apr_pkey, &ddata, &signature,
+ &sign_algo)) < 0)
{
gnutls_assert ();
gnutls_free (*data);
@@ -233,9 +233,9 @@ proc_dhe_server_kx (gnutls_session_t session, opaque * data,
{
sign_algorithm_st aid;
- DECR_LEN(data_size, 1);
+ DECR_LEN (data_size, 1);
aid.hash_algorithm = *sigdata++;
- DECR_LEN(data_size, 1);
+ DECR_LEN (data_size, 1);
aid.sign_algorithm = *sigdata++;
sign_algo = _gnutls_tls_aid_to_sign (&aid);
if (sign_algo == GNUTLS_SIGN_UNKNOWN)
@@ -261,7 +261,8 @@ proc_dhe_server_kx (gnutls_session_t session, opaque * data,
return ret;
}
- ret = _gnutls_handshake_verify_data (session, &peer_cert, &vparams,
&signature,
+ ret =
+ _gnutls_handshake_verify_data (session, &peer_cert, &vparams, &signature,
sign_algo);
_gnutls_gcert_deinit (&peer_cert);
diff --git a/lib/auth_rsa_export.c b/lib/auth_rsa_export.c
index 789a949..52adff6 100644
--- a/lib/auth_rsa_export.c
+++ b/lib/auth_rsa_export.c
@@ -155,8 +155,8 @@ gen_rsa_export_server_kx (gnutls_session_t session, opaque
** data)
{
if ((ret =
_gnutls_handshake_sign_data (session, &apr_cert_list[0],
- apr_pkey, &ddata, &signature,
- &sign_algo)) < 0)
+ apr_pkey, &ddata, &signature,
+ &sign_algo)) < 0)
{
gnutls_assert ();
gnutls_free (*data);
@@ -310,7 +310,8 @@ proc_rsa_export_server_kx (gnutls_session_t session,
return ret;
}
- ret = _gnutls_handshake_verify_data (session, &peer_cert, &vparams,
&signature,
+ ret =
+ _gnutls_handshake_verify_data (session, &peer_cert, &vparams, &signature,
GNUTLS_SIGN_UNKNOWN);
_gnutls_gcert_deinit (&peer_cert);
diff --git a/lib/auth_srp.c b/lib/auth_srp.c
index 634749c..6eac98d 100644
--- a/lib/auth_srp.c
+++ b/lib/auth_srp.c
@@ -245,7 +245,7 @@ _gnutls_gen_srp_server_kx (gnutls_session_t session, opaque
** data)
_gnutls_write_uint16 (n_b, data_b);
- _gnutls_hard_log ("INT: SRP B[%d]: %s\n", (int)n_b,
+ _gnutls_hard_log ("INT: SRP B[%d]: %s\n", (int) n_b,
_gnutls_bin2hex (&data_b[2], n_b, buf, sizeof (buf)));
_gnutls_srp_entry_free (pwd_entry);
@@ -364,7 +364,7 @@ _gnutls_gen_srp_client_kx (gnutls_session_t session, opaque
** data)
return GNUTLS_E_MPI_PRINT_FAILED;
}
- _gnutls_hard_log ("INT: SRP A[%d]: %s\n", (int)n_a,
+ _gnutls_hard_log ("INT: SRP A[%d]: %s\n", (int) n_a,
_gnutls_bin2hex (&data_a[2], n_a, buf, sizeof (buf)));
_gnutls_mpi_release (&A);
diff --git a/lib/auth_srp_passwd.c b/lib/auth_srp_passwd.c
index 6a1e986..46daf24 100644
--- a/lib/auth_srp_passwd.c
+++ b/lib/auth_srp_passwd.c
@@ -346,8 +346,8 @@ _gnutls_srp_pwd_read_entry (gnutls_session_t state, char
*username,
/* Keep the last index in memory, so we can retrieve fake
parameters (g,n)
* when the user does not exist.
*/
- /* XXX: last_idx will not be read as both if block branches
return. */
- last_idx = idx;
+ /* XXX: last_idx will not be read as both if block branches
return. */
+ last_idx = idx;
if (pwd_read_conf (cred->password_conf_file, entry, idx) == 0)
{
return 0;
diff --git a/lib/auth_srp_rsa.c b/lib/auth_srp_rsa.c
index e3192f7..23d8e0d 100644
--- a/lib/auth_srp_rsa.c
+++ b/lib/auth_srp_rsa.c
@@ -117,8 +117,8 @@ gen_srp_cert_server_kx (gnutls_session_t session, opaque **
data)
if ((ret =
_gnutls_handshake_sign_data (session, &apr_cert_list[0],
- apr_pkey, &ddata, &signature,
- &sign_algo)) < 0)
+ apr_pkey, &ddata, &signature,
+ &sign_algo)) < 0)
{
gnutls_assert ();
gnutls_free (*data);
@@ -193,7 +193,8 @@ proc_srp_cert_server_kx (gnutls_session_t session, opaque *
data,
return ret;
}
- ret = _gnutls_handshake_verify_data (session, &peer_cert, &vparams,
&signature,
+ ret =
+ _gnutls_handshake_verify_data (session, &peer_cert, &vparams, &signature,
GNUTLS_SIGN_UNKNOWN);
_gnutls_gcert_deinit (&peer_cert);
diff --git a/lib/ext_cert_type.c b/lib/ext_cert_type.c
index 60fd2a0..c5a5a35 100644
--- a/lib/ext_cert_type.c
+++ b/lib/ext_cert_type.c
@@ -242,4 +242,3 @@ _gnutls_cert_type2num (int cert_type)
}
}
-
diff --git a/lib/ext_server_name.c b/lib/ext_server_name.c
index 1b8513a..14ac269 100644
--- a/lib/ext_server_name.c
+++ b/lib/ext_server_name.c
@@ -331,7 +331,8 @@ gnutls_server_name_set (gnutls_session_t session,
if (name_length > MAX_SERVER_NAME_SIZE)
return GNUTLS_E_SHORT_MEMORY_BUFFER;
- server_names = session->security_parameters.extensions.server_names_size + 1;
+ server_names =
+ session->security_parameters.extensions.server_names_size + 1;
if (server_names > MAX_SERVER_NAME_EXTENSIONS)
server_names = MAX_SERVER_NAME_EXTENSIONS;
@@ -340,8 +341,9 @@ gnutls_server_name_set (gnutls_session_t session,
[server_names - 1].type = type;
memcpy (session->security_parameters.extensions.
server_names[server_names - 1].name, name, name_length);
- session->security_parameters.extensions.server_names
- [server_names - 1].name_length = name_length;
+ session->security_parameters.extensions.server_names[server_names -
+ 1].name_length =
+ name_length;
session->security_parameters.extensions.server_names_size++;
diff --git a/lib/ext_session_ticket.c b/lib/ext_session_ticket.c
index dc5051a..f51c2b8 100644
--- a/lib/ext_session_ticket.c
+++ b/lib/ext_session_ticket.c
@@ -42,7 +42,8 @@
#define MAC_SIZE 32
-struct ticket {
+struct ticket
+{
opaque key_name[KEY_NAME_SIZE];
opaque IV[IV_SIZE];
opaque *encrypted_state;
@@ -51,7 +52,8 @@ struct ticket {
};
static int
-digest_ticket (const gnutls_datum_t *key, struct ticket *ticket, opaque
*digest)
+digest_ticket (const gnutls_datum_t * key, struct ticket *ticket,
+ opaque * digest)
{
digest_hd_st digest_hd;
uint16_t length16;
@@ -85,8 +87,8 @@ decrypt_ticket (gnutls_session_t session, struct ticket
*ticket)
int ret;
/* Check the integrity of ticket using HMAC-SHA-256. */
- mac_secret.data = session->security_parameters.extensions.
- session_ticket_key->mac_secret;
+ mac_secret.data =
+ session->security_parameters.extensions.session_ticket_key->mac_secret;
mac_secret.size = MAC_SECRET_SIZE;
ret = digest_ticket (&mac_secret, ticket, final);
if (ret < 0)
@@ -102,12 +104,12 @@ decrypt_ticket (gnutls_session_t session, struct ticket
*ticket)
}
/* Decrypt encrypted_state using 128-bit AES in CBC mode. */
- key.data = session->security_parameters.extensions.
- session_ticket_key->key;
+ key.data = session->security_parameters.extensions.session_ticket_key->key;
key.size = KEY_SIZE;
IV.data = ticket->IV;
IV.size = IV_SIZE;
- ret = _gnutls_cipher_init (&cipher_hd, GNUTLS_CIPHER_AES_128_CBC, &key, &IV);
+ ret =
+ _gnutls_cipher_init (&cipher_hd, GNUTLS_CIPHER_AES_128_CBC, &key, &IV);
if (ret < 0)
{
gnutls_assert ();
@@ -161,7 +163,8 @@ encrypt_ticket (gnutls_session_t session, struct ticket
*ticket)
return ret;
}
blocksize = _gnutls_cipher_get_block_size (GNUTLS_CIPHER_AES_128_CBC);
- encrypted_state.size = ((state.size + blocksize - 1) / blocksize) *
blocksize;
+ encrypted_state.size =
+ ((state.size + blocksize - 1) / blocksize) * blocksize;
encrypted_state.data = gnutls_malloc (encrypted_state.size);
if (!encrypted_state.data)
{
@@ -178,7 +181,8 @@ encrypt_ticket (gnutls_session_t session, struct ticket
*ticket)
key.size = KEY_SIZE;
IV.data = session->security_parameters.extensions.session_ticket_IV;
IV.size = IV_SIZE;
- ret = _gnutls_cipher_init (&cipher_hd, GNUTLS_CIPHER_AES_128_CBC, &key, &IV);
+ ret =
+ _gnutls_cipher_init (&cipher_hd, GNUTLS_CIPHER_AES_128_CBC, &key, &IV);
if (ret < 0)
{
gnutls_assert ();
@@ -199,14 +203,13 @@ encrypt_ticket (gnutls_session_t session, struct ticket
*ticket)
/* Fill the ticket structure to compute MAC. */
memcpy (ticket->key_name,
session->security_parameters.extensions.
- session_ticket_key->key_name,
- KEY_NAME_SIZE);
+ session_ticket_key->key_name, KEY_NAME_SIZE);
memcpy (ticket->IV, IV.data, IV.size);
ticket->encrypted_state_len = encrypted_state.size;
ticket->encrypted_state = encrypted_state.data;
- mac_secret.data = session->security_parameters.extensions.
- session_ticket_key->mac_secret;
+ mac_secret.data =
+ session->security_parameters.extensions.session_ticket_key->mac_secret;
mac_secret.size = MAC_SECRET_SIZE;
ret = digest_ticket (&mac_secret, ticket, ticket->mac);
if (ret < 0)
@@ -246,11 +249,10 @@ _gnutls_session_ticket_recv_params (gnutls_session_t
session,
data += KEY_NAME_SIZE;
/* If the key name of the ticket does not match the one that we
- hold, issue a new ticket. */
+ hold, issue a new ticket. */
if (memcmp (ticket.key_name,
session->security_parameters.extensions.
- session_ticket_key->key_name,
- KEY_NAME_SIZE))
+ session_ticket_key->key_name, KEY_NAME_SIZE))
{
session->internals.session_ticket_renew = 1;
return 0;
@@ -360,11 +362,11 @@ _gnutls_session_ticket_send_params (gnutls_session_t
session,
* Since: 2.10.0
**/
int
-gnutls_session_ticket_key_generate (gnutls_datum_t *key)
+gnutls_session_ticket_key_generate (gnutls_datum_t * key)
{
int ret;
- key->size = sizeof(struct gnutls_session_ticket_key_st);
+ key->size = sizeof (struct gnutls_session_ticket_key_st);
key->data = gnutls_malloc (key->size);
if (!key->data)
{
@@ -424,12 +426,12 @@ gnutls_session_ticket_enable_client (gnutls_session_t
session)
**/
int
gnutls_session_ticket_enable_server (gnutls_session_t session,
- const gnutls_datum_t *key)
+ const gnutls_datum_t * key)
{
int ret;
if (!session || !key
- || key->size != sizeof(struct gnutls_session_ticket_key_st))
+ || key->size != sizeof (struct gnutls_session_ticket_key_st))
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
@@ -445,7 +447,7 @@ gnutls_session_ticket_enable_server (gnutls_session_t
session,
}
session->security_parameters.extensions.session_ticket_key =
- (struct gnutls_session_ticket_key_st *)key->data;
+ (struct gnutls_session_ticket_key_st *) key->data;
session->internals.session_ticket_enable = 1;
return 0;
}
@@ -489,9 +491,9 @@ _gnutls_send_new_session_ticket (gnutls_session_t session,
int again)
if (again == 0)
{
/* XXX: Temporarily set write algorithms to be used.
- _gnutls_write_connection_state_init() does this job, but it also
- triggers encryption, while NewSessionTicket should not be
- encrypted in the record layer. */
+ _gnutls_write_connection_state_init() does this job, but it also
+ triggers encryption, while NewSessionTicket should not be
+ encrypted in the record layer. */
SAVE_WRITE_SECURITY_PARAMETERS;
ret = _gnutls_set_write_cipher (session,
_gnutls_cipher_suite_get_cipher_algo
@@ -532,7 +534,7 @@ _gnutls_send_new_session_ticket (gnutls_session_t session,
int again)
p = data;
/* FIXME: ticket lifetime is fixed to 10 days, which should be
- customizable. */
+ customizable. */
_gnutls_write_uint32 (864000, p);
p += 4;
@@ -620,7 +622,7 @@ _gnutls_recv_new_session_ticket (gnutls_session_t session)
}
return 0;
- error:
+error:
gnutls_free (data);
return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
}
diff --git a/lib/ext_signature.c b/lib/ext_signature.c
index 9be866d..7dcea66 100644
--- a/lib/ext_signature.c
+++ b/lib/ext_signature.c
@@ -90,10 +90,9 @@ _gnutls_sign_algorithm_parse_data (gnutls_session_t session,
sig = _gnutls_tls_aid_to_sign (&aid);
if (sig != GNUTLS_SIGN_UNKNOWN)
{
- session->security_parameters.
- extensions.sign_algorithms[session->security_parameters.
- extensions.
- sign_algorithms_size++] = sig;
+ session->security_parameters.extensions.
+ sign_algorithms[session->security_parameters.extensions.
+ sign_algorithms_size++] = sig;
if (session->security_parameters.extensions.sign_algorithms_size ==
MAX_SIGNATURE_ALGORITHMS)
break;
diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c
index 8b04524..bb1a5f1 100644
--- a/lib/gnutls_algorithms.c
+++ b/lib/gnutls_algorithms.c
@@ -1238,14 +1238,15 @@ _gnutls_version_has_selectable_sighash
(gnutls_protocol_t version)
int
_gnutls_version_has_extensions (gnutls_protocol_t version)
{
- switch(version) {
- case GNUTLS_TLS1_0:
- case GNUTLS_TLS1_1:
- case GNUTLS_TLS1_2:
- return 1;
- default:
- return 0;
- }
+ switch (version)
+ {
+ case GNUTLS_TLS1_0:
+ case GNUTLS_TLS1_1:
+ case GNUTLS_TLS1_2:
+ return 1;
+ default:
+ return 0;
+ }
}
/* This function determines if the version specified has explicit IVs
@@ -1253,27 +1254,30 @@ _gnutls_version_has_extensions (gnutls_protocol_t
version)
int
_gnutls_version_has_explicit_iv (gnutls_protocol_t version)
{
- switch(version) {
- case GNUTLS_TLS1_1:
- case GNUTLS_TLS1_2:
- return 1;
- default:
- return 0;
- }
+ switch (version)
+ {
+ case GNUTLS_TLS1_1:
+ case GNUTLS_TLS1_2:
+ return 1;
+ default:
+ return 0;
+ }
}
/* This function determines if the version specified can have
non-minimal padding. */
-int _gnutls_version_has_variable_padding (gnutls_protocol_t version)
+int
+_gnutls_version_has_variable_padding (gnutls_protocol_t version)
{
- switch(version) {
- case GNUTLS_TLS1_0:
- case GNUTLS_TLS1_1:
- case GNUTLS_TLS1_2:
- return 1;
- default:
- return 0;
- }
+ switch (version)
+ {
+ case GNUTLS_TLS1_0:
+ case GNUTLS_TLS1_1:
+ case GNUTLS_TLS1_2:
+ return 1;
+ default:
+ return 0;
+ }
}
/* Type to KX mappings */
@@ -1849,7 +1853,8 @@ static const gnutls_sign_entry sign_algorithms[] = {
GNUTLS_MAC_MD5, {1, 1}},
{"RSA-MD2", SIG_RSA_MD2_OID, GNUTLS_SIGN_RSA_MD2, GNUTLS_PK_RSA,
GNUTLS_MAC_MD2, TLS_SIGN_AID_UNKNOWN},
- {"GOST R 34.10-2001", SIG_GOST_R3410_2001_OID, 0, 0, 0,
TLS_SIGN_AID_UNKNOWN},
+ {"GOST R 34.10-2001", SIG_GOST_R3410_2001_OID, 0, 0, 0,
+ TLS_SIGN_AID_UNKNOWN},
{"GOST R 34.10-94", SIG_GOST_R3410_94_OID, 0, 0, 0, TLS_SIGN_AID_UNKNOWN},
{0, 0, 0, 0, 0, TLS_SIGN_AID_UNKNOWN}
};
@@ -2021,16 +2026,15 @@ _gnutls_sign_get_pk_algorithm (gnutls_sign_algorithm_t
sign)
}
gnutls_sign_algorithm_t
-_gnutls_tls_aid_to_sign (const sign_algorithm_st *aid)
+_gnutls_tls_aid_to_sign (const sign_algorithm_st * aid)
{
gnutls_sign_algorithm_t ret = GNUTLS_SIGN_UNKNOWN;
- GNUTLS_SIGN_LOOP ( if (p->aid.hash_algorithm == aid->hash_algorithm
- && p->aid.sign_algorithm == aid->sign_algorithm)
- {
- ret = p->id;
- break;
- } );
+ GNUTLS_SIGN_LOOP (if (p->aid.hash_algorithm == aid->hash_algorithm
+ && p->aid.sign_algorithm == aid->sign_algorithm)
+ {
+ ret = p->id; break;}
+ );
return ret;
}
diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c
index 75c3287..53e0e67 100644
--- a/lib/gnutls_buffers.c
+++ b/lib/gnutls_buffers.c
@@ -134,19 +134,19 @@ _gnutls_record_buffer_put (content_type_t type,
case GNUTLS_APPLICATION_DATA:
buf = &session->internals.application_data_buffer;
_gnutls_buffers_log ("BUF[REC]: Inserted %d bytes of Data(%d)\n",
- (int)length, (int)type);
+ (int) length, (int) type);
break;
case GNUTLS_HANDSHAKE:
buf = &session->internals.handshake_data_buffer;
_gnutls_buffers_log ("BUF[HSK]: Inserted %d bytes of Data(%d)\n",
- (int)length, (int)type);
+ (int) length, (int) type);
break;
case GNUTLS_INNER_APPLICATION:
buf = &session->internals.ia_data_buffer;
_gnutls_buffers_log ("BUF[IA]: Inserted %d bytes of Data(%d)\n",
- (int)length, (int)type);
+ (int) length, (int) type);
break;
default:
@@ -215,22 +215,25 @@ _gnutls_record_buffer_get (content_type_t type,
switch (type)
{
case GNUTLS_APPLICATION_DATA:
- _gnutls_buffer_get_data( &session->internals.application_data_buffer,
data, &length);
+ _gnutls_buffer_get_data (&session->internals.application_data_buffer,
+ data, &length);
_gnutls_buffers_log ("BUFFER[REC][AD]: Read %d bytes of Data(%d)\n",
- (int)length, (int)type);
+ (int) length, (int) type);
break;
case GNUTLS_HANDSHAKE:
- _gnutls_buffer_get_data( &session->internals.handshake_data_buffer,
data, &length);
+ _gnutls_buffer_get_data (&session->internals.handshake_data_buffer,
+ data, &length);
_gnutls_buffers_log ("BUF[REC][HD]: Read %d bytes of Data(%d)\n",
- (int)length, (int)type);
+ (int) length, (int) type);
break;
case GNUTLS_INNER_APPLICATION:
- _gnutls_buffer_get_data( &session->internals.ia_data_buffer, data,
&length);
+ _gnutls_buffer_get_data (&session->internals.ia_data_buffer, data,
+ &length);
_gnutls_buffers_log ("BUF[REC][IA]: Read %d bytes of Data(%d)\n",
- (int)length, (int)type);
+ (int) length, (int) type);
break;
default:
@@ -303,7 +306,7 @@ _gnutls_read (gnutls_session_t session, void *iptr,
: errno;
_gnutls_read_log ("READ: %d returned from %p, errno=%d gerrno=%d\n",
- (int)i, fd, errno, session->internals.errnum);
+ (int) i, fd, errno, session->internals.errnum);
if (err == EAGAIN || err == EINTR)
{
@@ -311,7 +314,7 @@ _gnutls_read (gnutls_session_t session, void *iptr,
{
_gnutls_read_log ("READ: returning %d bytes from %p\n",
- (int)(sizeOfPtr - left), fd);
+ (int) (sizeOfPtr - left), fd);
goto finish;
}
@@ -330,7 +333,7 @@ _gnutls_read (gnutls_session_t session, void *iptr,
else
{
- _gnutls_read_log ("READ: Got %d bytes from %p\n", (int)i, fd);
+ _gnutls_read_log ("READ: Got %d bytes from %p\n", (int) i, fd);
if (i == 0)
break; /* EOF */
@@ -349,7 +352,7 @@ finish:
_gnutls_read_log ("READ: read %d bytes from %p\n",
- (int)(sizeOfPtr - left), fd);
+ (int) (sizeOfPtr - left), fd);
for (x = 0; x < ((sizeOfPtr - left) / 16) + 1; x++)
{
@@ -508,12 +511,13 @@ _gnutls_io_read_buffered (gnutls_session_t session,
opaque ** iptr,
/* Allocate the data required to store the new packet.
*/
- ret = _gnutls_buffer_resize( &session->internals.record_recv_buffer,
- recvdata + session->internals.record_recv_buffer.length);
+ ret = _gnutls_buffer_resize (&session->internals.record_recv_buffer,
+ recvdata +
+ session->internals.record_recv_buffer.length);
if (ret < 0)
{
- gnutls_assert();
+ gnutls_assert ();
return ret;
}
@@ -542,8 +546,8 @@ _gnutls_io_read_buffered (gnutls_session_t session, opaque
** iptr,
{
_gnutls_read_log
("RB: Have %d bytes into buffer. Adding %d bytes.\n",
- (int)session->internals.record_recv_buffer.length, (int)ret);
- _gnutls_read_log ("RB: Requested %d bytes\n", (int)sizeOfPtr);
+ (int) session->internals.record_recv_buffer.length, (int) ret);
+ _gnutls_read_log ("RB: Requested %d bytes\n", (int) sizeOfPtr);
session->internals.record_recv_buffer.length += ret;
}
@@ -565,10 +569,12 @@ _gnutls_io_read_buffered (gnutls_session_t session,
opaque ** iptr,
if (ret2 > 0)
{
- _gnutls_read_log ("RB-PEEK: Read %d bytes in PEEK MODE.\n",
(int)ret2);
+ _gnutls_read_log ("RB-PEEK: Read %d bytes in PEEK MODE.\n",
+ (int) ret2);
_gnutls_read_log
("RB-PEEK: Have %d bytes into buffer. Adding %d bytes.\nRB:
Requested %d bytes\n",
- (int)session->internals.record_recv_buffer.length, (int)ret2,
(int)sizeOfPtr);
+ (int) session->internals.record_recv_buffer.length, (int) ret2,
+ (int) sizeOfPtr);
session->internals.have_peeked_data = 1;
session->internals.record_recv_buffer.length += ret2;
@@ -653,16 +659,18 @@ _gnutls_io_write_buffered (gnutls_session_t session,
{
gnutls_datum_t bdata;
/* checking is handled above */
- _gnutls_buffer_get_datum (&session->internals.record_send_buffer,
&bdata, session->internals.record_send_buffer.length);
+ _gnutls_buffer_get_datum (&session->internals.record_send_buffer,
+ &bdata,
+ session->internals.record_send_buffer.length);
ptr = bdata.data;
n = bdata.size;
_gnutls_write_log
- ("WRITE: Restoring old write. (%d bytes to send)\n", (int)n);
+ ("WRITE: Restoring old write. (%d bytes to send)\n", (int) n);
}
- _gnutls_write_log ("WRITE: Will write %d bytes to %p.\n", (int)n, fd);
+ _gnutls_write_log ("WRITE: Will write %d bytes to %p.\n", (int) n, fd);
left = n;
while (left > 0)
@@ -718,7 +726,7 @@ _gnutls_io_write_buffered (gnutls_session_t session,
_gnutls_write_log
("WRITE: Interrupted. Stored %d bytes to buffer. Already sent
%d bytes.\n",
- (int)left, (int)(n - left));
+ (int) left, (int) (n - left));
if (err == EAGAIN)
return GNUTLS_E_AGAIN;
@@ -741,7 +749,7 @@ _gnutls_io_write_buffered (gnutls_session_t session,
_gnutls_write_log
("WRITE: wrote %d bytes to %p. Left %d bytes. Total %d bytes.\n",
- (int)i, fd, (int)left, (int)n);
+ (int) i, fd, (int) left, (int) n);
for (x = 0; x < (unsigned) ((i) / 16) + 1; x++)
{
line[0] = 0;
@@ -790,8 +798,8 @@ _gnutls_io_write_flush (gnutls_session_t session)
return 0; /* done */
ret = _gnutls_io_write_buffered (session, NULL, 0);
- _gnutls_write_log ("WRITE FLUSH: %d [buffer: %d]\n", (int)ret,
- (int)session->internals.record_send_buffer.length);
+ _gnutls_write_log ("WRITE FLUSH: %d [buffer: %d]\n", (int) ret,
+ (int) session->internals.record_send_buffer.length);
return ret;
}
@@ -811,7 +819,7 @@ _gnutls_handshake_io_write_flush (gnutls_session_t session)
return ret;
}
- _gnutls_write_log ("HANDSHAKE_FLUSH: written[1] %d bytes\n", (int)ret);
+ _gnutls_write_log ("HANDSHAKE_FLUSH: written[1] %d bytes\n", (int) ret);
if (session->internals.handshake_send_buffer.length == 0)
{
@@ -849,7 +857,10 @@ _gnutls_handshake_io_send_int (gnutls_session_t session,
gnutls_assert ();
/* checking is handled above */
- _gnutls_buffer_get_datum (&session->internals.handshake_send_buffer,
&bdata, session->internals.handshake_send_buffer.length);
+ _gnutls_buffer_get_datum (&session->internals.handshake_send_buffer,
+ &bdata,
+ session->internals.
+ handshake_send_buffer.length);
ptr = bdata.data;
n = bdata.size;
@@ -984,22 +995,24 @@ _gnutls_handshake_io_recv_int (gnutls_session_t session,
if (session->internals.handshake_recv_buffer.length > 0)
{
size_t tmp;
-
+
/* if we have already received some data */
if (sizeOfPtr <= session->internals.handshake_recv_buffer.length)
{
/* if requested less data then return it.
*/
gnutls_assert ();
-
+
tmp = sizeOfPtr;
- _gnutls_string_get_data( &session->internals.handshake_recv_buffer,
iptr, &tmp);
+ _gnutls_string_get_data (&session->internals.handshake_recv_buffer,
+ iptr, &tmp);
return tmp;
}
gnutls_assert ();
- tmp = sizeOfPtr;
- _gnutls_string_get_data( &session->internals.handshake_recv_buffer,
iptr, &tmp);
+ tmp = sizeOfPtr;
+ _gnutls_string_get_data (&session->internals.handshake_recv_buffer,
+ iptr, &tmp);
left -= tmp;
htype = session->internals.handshake_recv_buffer_htype;
@@ -1017,8 +1030,9 @@ _gnutls_handshake_io_recv_int (gnutls_session_t session,
{
gnutls_assert ();
- _gnutls_buffer_append (&session->internals.handshake_recv_buffer,
iptr,
- dsize);
+ _gnutls_buffer_append (&session->
+ internals.handshake_recv_buffer, iptr,
+ dsize);
session->internals.handshake_recv_buffer_htype = htype;
session->internals.handshake_recv_buffer_type = type;
@@ -1063,7 +1077,7 @@ _gnutls_handshake_buffer_put (gnutls_session_t session,
opaque * data,
return GNUTLS_E_HANDSHAKE_TOO_LARGE;
}
- _gnutls_buffers_log ("BUF[HSK]: Inserted %d bytes of Data\n", (int)length);
+ _gnutls_buffers_log ("BUF[HSK]: Inserted %d bytes of Data\n", (int) length);
if (_gnutls_buffer_append (&session->internals.handshake_hash_buffer,
data, length) < 0)
{
@@ -1091,7 +1105,8 @@ _gnutls_handshake_buffer_get_ptr (gnutls_session_t
session,
if (length != NULL)
*length = session->internals.handshake_hash_buffer.length;
- _gnutls_buffers_log ("BUF[HSK]: Peeked %d bytes of Data\n",
(int)session->internals.handshake_hash_buffer.length);
+ _gnutls_buffers_log ("BUF[HSK]: Peeked %d bytes of Data\n",
+ (int) session->internals.handshake_hash_buffer.length);
if (data_ptr != NULL)
*data_ptr = session->internals.handshake_hash_buffer.data;
diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c
index 5b110ad..6e5dcef 100644
--- a/lib/gnutls_cert.c
+++ b/lib/gnutls_cert.c
@@ -817,7 +817,7 @@ _gnutls_x509_crt_to_gcert (gnutls_cert * gcert,
memset (gcert, 0, sizeof (gnutls_cert));
gcert->cert_type = GNUTLS_CRT_X509;
- gcert->sign_algo = gnutls_x509_crt_get_signature_algorithm(cert);
+ gcert->sign_algo = gnutls_x509_crt_get_signature_algorithm (cert);
if (!(flags & CERT_NO_COPY))
{
diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c
index 525540e..4d0dda2 100644
--- a/lib/gnutls_cipher.c
+++ b/lib/gnutls_cipher.c
@@ -274,7 +274,8 @@ calc_enc_length (gnutls_session_t session, int data_size,
*pad = (uint8_t) (blocksize - (length % blocksize)) + rnd;
length += *pad;
- if
(_gnutls_version_has_explicit_iv(session->security_parameters.version))
+ if (_gnutls_version_has_explicit_iv
+ (session->security_parameters.version))
length += blocksize; /* for the IV */
break;
@@ -343,7 +344,7 @@ _gnutls_compressed2ciphertext (gnutls_session_t session,
write_sequence_number), 8);
_gnutls_hmac (&td, &type, 1);
- if (_gnutls_version_has_variable_padding(ver))
+ if (_gnutls_version_has_variable_padding (ver))
{ /* TLS 1.0 or higher */
_gnutls_hmac (&td, &major, 1);
_gnutls_hmac (&td, &minor, 1);
@@ -375,7 +376,7 @@ _gnutls_compressed2ciphertext (gnutls_session_t session,
data_ptr = cipher_data;
if (block_algo == CIPHER_BLOCK &&
- _gnutls_version_has_explicit_iv(session->security_parameters.version))
+ _gnutls_version_has_explicit_iv (session->security_parameters.version))
{
/* copy the random IV.
*/
@@ -476,7 +477,8 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
ciphertext.size)) < 0)
{
gnutls_assert ();
- DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
+ DEINIT_MAC (td, ver,
+ session->security_parameters.write_mac_algorithm);
return ret;
@@ -489,7 +491,8 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
if ((ciphertext.size < blocksize) || (ciphertext.size % blocksize != 0))
{
gnutls_assert ();
- DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
+ DEINIT_MAC (td, ver,
+ session->security_parameters.write_mac_algorithm);
return GNUTLS_E_DECRYPTION_FAILED;
}
@@ -499,13 +502,15 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
ciphertext.size)) < 0)
{
gnutls_assert ();
- DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
+ DEINIT_MAC (td, ver,
+ session->security_parameters.write_mac_algorithm);
return ret;
}
/* ignore the IV in TLS 1.1.
*/
- if
(_gnutls_version_has_explicit_iv(session->security_parameters.version))
+ if (_gnutls_version_has_explicit_iv
+ (session->security_parameters.version))
{
ciphertext.size -= blocksize;
ciphertext.data += blocksize;
@@ -513,7 +518,8 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
if (ciphertext.size == 0)
{
gnutls_assert ();
- DEINIT_MAC(td, ver,
session->security_parameters.write_mac_algorithm);
+ DEINIT_MAC (td, ver,
+ session->security_parameters.write_mac_algorithm);
return GNUTLS_E_DECRYPTION_FAILED;
}
}
@@ -536,7 +542,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
/* Check the pading bytes (TLS 1.x)
*/
- if (_gnutls_version_has_variable_padding(ver) && pad_failed == 0)
+ if (_gnutls_version_has_variable_padding (ver) && pad_failed == 0)
for (i = 2; i < pad; i++)
{
if (ciphertext.data[ciphertext.size - i] !=
@@ -546,7 +552,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
break;
default:
gnutls_assert ();
- DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
+ DEINIT_MAC (td, ver, session->security_parameters.write_mac_algorithm);
return GNUTLS_E_INTERNAL_ERROR;
}
@@ -564,7 +570,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
read_sequence_number), 8);
_gnutls_hmac (&td, &type, 1);
- if (_gnutls_version_has_variable_padding(ver))
+ if (_gnutls_version_has_variable_padding (ver))
{ /* TLS 1.x */
_gnutls_hmac (&td, &major, 1);
_gnutls_hmac (&td, &minor, 1);
diff --git a/lib/gnutls_errors.c b/lib/gnutls_errors.c
index b5d8bb6..fa81cd2 100644
--- a/lib/gnutls_errors.c
+++ b/lib/gnutls_errors.c
@@ -433,14 +433,15 @@ _gnutls_mpi_log (const char *prefix, bigint_t a)
if (res != 0)
{
gnutls_assert ();
- _gnutls_hard_log ("MPI: can't print value (%d/%d)\n", res, (int)binlen);
+ _gnutls_hard_log ("MPI: can't print value (%d/%d)\n", res,
+ (int) binlen);
return;
}
- if (binlen > 1024*1024)
+ if (binlen > 1024 * 1024)
{
gnutls_assert ();
- _gnutls_hard_log ("MPI: too large mpi (%d)\n", (int)binlen);
+ _gnutls_hard_log ("MPI: too large mpi (%d)\n", (int) binlen);
return;
}
@@ -448,7 +449,7 @@ _gnutls_mpi_log (const char *prefix, bigint_t a)
if (!binbuf)
{
gnutls_assert ();
- _gnutls_hard_log ("MPI: out of memory (%d)\n", (int)binlen);
+ _gnutls_hard_log ("MPI: out of memory (%d)\n", (int) binlen);
return;
}
@@ -456,7 +457,8 @@ _gnutls_mpi_log (const char *prefix, bigint_t a)
if (res != 0)
{
gnutls_assert ();
- _gnutls_hard_log ("MPI: can't print value (%d/%d)\n", res, (int)binlen);
+ _gnutls_hard_log ("MPI: can't print value (%d/%d)\n", res,
+ (int) binlen);
gnutls_free (binbuf);
return;
}
@@ -467,14 +469,15 @@ _gnutls_mpi_log (const char *prefix, bigint_t a)
if (!hexbuf)
{
gnutls_assert ();
- _gnutls_hard_log ("MPI: out of memory (hex %d)\n", (int)hexlen);
+ _gnutls_hard_log ("MPI: out of memory (hex %d)\n", (int) hexlen);
gnutls_free (binbuf);
return;
}
_gnutls_bin2hex (binbuf, binlen, hexbuf, hexlen);
- _gnutls_hard_log ("MPI: length: %d\n\t%s%s\n", (int)binlen, prefix, hexbuf);
+ _gnutls_hard_log ("MPI: length: %d\n\t%s%s\n", (int) binlen, prefix,
+ hexbuf);
gnutls_free (hexbuf);
gnutls_free (binbuf);
diff --git a/lib/gnutls_extensions.c b/lib/gnutls_extensions.c
index 5f2c47c..b3f388c 100644
--- a/lib/gnutls_extensions.c
+++ b/lib/gnutls_extensions.c
@@ -342,19 +342,19 @@ _gnutls_ext_init (void)
#ifdef ENABLE_SESSION_TICKET
ret = gnutls_ext_register (GNUTLS_EXTENSION_SESSION_TICKET,
- "SESSION_TICKET",
- GNUTLS_EXT_TLS,
- _gnutls_session_ticket_recv_params,
- _gnutls_session_ticket_send_params);
+ "SESSION_TICKET",
+ GNUTLS_EXT_TLS,
+ _gnutls_session_ticket_recv_params,
+ _gnutls_session_ticket_send_params);
if (ret != GNUTLS_E_SUCCESS)
return ret;
#endif
ret = gnutls_ext_register (GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS,
- "SIGNATURE_ALGORITHMS",
- GNUTLS_EXT_TLS,
- _gnutls_signature_algorithm_recv_params,
- _gnutls_signature_algorithm_send_params);
+ "SIGNATURE_ALGORITHMS",
+ GNUTLS_EXT_TLS,
+ _gnutls_signature_algorithm_recv_params,
+ _gnutls_signature_algorithm_send_params);
if (ret != GNUTLS_E_SUCCESS)
return ret;
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index b7d5af3..6c2787d 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -65,7 +65,7 @@
static int _gnutls_handshake_hash_init (gnutls_session_t session);
static int _gnutls_server_select_comp_method (gnutls_session_t session,
- opaque * data, int datalen);
+ opaque * data, int datalen);
static int
_gnutls_handshake_hash_add_recvd (gnutls_session_t session,
gnutls_handshake_description_t recv_type,
@@ -78,21 +78,21 @@ _gnutls_handshake_hash_add_recvd (gnutls_session_t session,
void
_gnutls_handshake_hash_buffers_clear (gnutls_session_t session)
{
- if (session->security_parameters.
- handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_10)
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_10)
{
- _gnutls_hash_deinit (&session->internals.
- handshake_mac_handle.tls10.md5, NULL);
- _gnutls_hash_deinit (&session->internals.
- handshake_mac_handle.tls10.sha, NULL);
+ _gnutls_hash_deinit (&session->internals.handshake_mac_handle.tls10.md5,
+ NULL);
+ _gnutls_hash_deinit (&session->internals.handshake_mac_handle.tls10.sha,
+ NULL);
}
- else if (session->security_parameters.
- handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_12)
+ else if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_12)
{
- _gnutls_hash_deinit (&session->internals.
- handshake_mac_handle.tls12.sha256, NULL);
- _gnutls_hash_deinit (&session->internals.
- handshake_mac_handle.tls12.sha1, NULL);
+ _gnutls_hash_deinit (&session->internals.handshake_mac_handle.
+ tls12.sha256, NULL);
+ _gnutls_hash_deinit (&session->internals.handshake_mac_handle.
+ tls12.sha1, NULL);
}
session->security_parameters.handshake_mac_handle_type = 0;
session->internals.handshake_mac_handle_init = 0;
@@ -171,19 +171,23 @@ _gnutls_ssl3_finished (gnutls_session_t session, int
type, opaque * ret)
const char *mesg;
int rc;
- if (session->security_parameters.
- handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_10)
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_10)
{
- rc = _gnutls_hash_copy (&td_md5, &session->internals.
- handshake_mac_handle.tls10.md5);
+ rc =
+ _gnutls_hash_copy (&td_md5,
+ &session->internals.handshake_mac_handle.
+ tls10.md5);
if (rc < 0)
{
gnutls_assert ();
return rc;
}
- rc = _gnutls_hash_copy (&td_sha, &session->internals.
- handshake_mac_handle.tls10.sha);
+ rc =
+ _gnutls_hash_copy (&td_sha,
+ &session->internals.handshake_mac_handle.
+ tls10.sha);
if (rc < 0)
{
gnutls_assert ();
@@ -193,7 +197,7 @@ _gnutls_ssl3_finished (gnutls_session_t session, int type,
opaque * ret)
}
else
{
- gnutls_assert();
+ gnutls_assert ();
return GNUTLS_E_INTERNAL_ERROR;
}
@@ -228,27 +232,30 @@ static int
_gnutls_finished (gnutls_session_t session, int type, void *ret)
{
const int siz = TLS_MSG_LEN;
- opaque concat[MAX_HASH_SIZE+16/*MD5*/];
+ opaque concat[MAX_HASH_SIZE + 16 /*MD5 */ ];
size_t len = 20 + 16;
const char *mesg;
digest_hd_st td_md5;
digest_hd_st td_sha;
int rc;
- if (session->security_parameters.
- handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_10)
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_10)
{
rc =
- _gnutls_hash_copy (&td_md5, &session->internals.
- handshake_mac_handle.tls10.md5);
+ _gnutls_hash_copy (&td_md5,
+ &session->internals.handshake_mac_handle.
+ tls10.md5);
if (rc < 0)
{
gnutls_assert ();
return rc;
}
- rc = _gnutls_hash_copy (&td_sha, &session->internals.
- handshake_mac_handle.tls10.sha);
+ rc =
+ _gnutls_hash_copy (&td_sha,
+ &session->internals.handshake_mac_handle.
+ tls10.sha);
if (rc < 0)
{
gnutls_assert ();
@@ -259,11 +266,13 @@ _gnutls_finished (gnutls_session_t session, int type,
void *ret)
_gnutls_hash_deinit (&td_md5, concat);
_gnutls_hash_deinit (&td_sha, &concat[16]);
}
- else if (session->security_parameters.
- handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_12)
+ else if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_12)
{
- rc = _gnutls_hash_copy (&td_sha, &session->internals.
- handshake_mac_handle.tls12.sha256);
+ rc =
+ _gnutls_hash_copy (&td_sha,
+ &session->internals.handshake_mac_handle.
+ tls12.sha256);
if (rc < 0)
{
gnutls_assert ();
@@ -475,7 +484,7 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque
* data,
/* Parse the extensions (if any)
*/
- if (_gnutls_version_has_extensions(neg_version))
+ if (_gnutls_version_has_extensions (neg_version))
{
ret = _gnutls_parse_extensions (session, GNUTLS_EXT_APPLICATION,
&data[pos], len);
@@ -494,7 +503,7 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque
* data,
return ret;
}
- if (_gnutls_version_has_extensions(neg_version))
+ if (_gnutls_version_has_extensions (neg_version))
{
ret = _gnutls_parse_extensions (session, GNUTLS_EXT_TLS,
&data[pos], len);
@@ -514,9 +523,11 @@ _gnutls_read_client_hello (gnutls_session_t session,
opaque * data,
session->internals.resumed_security_parameters.session_id_size =
session_id_len;
- session->internals.resumed_security_parameters.max_record_recv_size =
+ session->internals.
+ resumed_security_parameters.max_record_recv_size =
session->security_parameters.max_record_recv_size;
- session->internals.resumed_security_parameters.max_record_send_size =
+ session->internals.
+ resumed_security_parameters.max_record_send_size =
session->security_parameters.max_record_send_size;
resume_copy_required_values (session);
@@ -569,16 +580,22 @@ _gnutls_handshake_hash_pending (gnutls_session_t session)
if (siz > 0)
{
- if (session->security_parameters.handshake_mac_handle_type ==
HANDSHAKE_MAC_TYPE_10)
- {
- _gnutls_hash (&session->internals.handshake_mac_handle.tls10.sha,
data, siz);
- _gnutls_hash (&session->internals.handshake_mac_handle.tls10.md5,
data, siz);
- }
- else if (session->security_parameters.handshake_mac_handle_type ==
HANDSHAKE_MAC_TYPE_12)
- {
- _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha256,
data, siz);
- _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha1,
data, siz);
- }
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_10)
+ {
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls10.sha,
+ data, siz);
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls10.md5,
+ data, siz);
+ }
+ else if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_12)
+ {
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha256,
+ data, siz);
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha1,
+ data, siz);
+ }
}
_gnutls_handshake_buffer_empty (session);
@@ -958,7 +975,8 @@ _gnutls_handshake_hash_add_sent (gnutls_session_t session,
{
int ret;
- if (session->security_parameters.entity == GNUTLS_CLIENT && type ==
GNUTLS_HANDSHAKE_CLIENT_HELLO)
+ if (session->security_parameters.entity == GNUTLS_CLIENT
+ && type == GNUTLS_HANDSHAKE_CLIENT_HELLO)
{
/* do not hash immediatelly since the hash has not yet been initialized
*/
if ((ret =
@@ -978,20 +996,22 @@ _gnutls_handshake_hash_add_sent (gnutls_session_t session,
if (type != GNUTLS_HANDSHAKE_HELLO_REQUEST)
{
- if (session->security_parameters.handshake_mac_handle_type ==
HANDSHAKE_MAC_TYPE_10)
- {
- _gnutls_hash (&session->internals.handshake_mac_handle.tls10.sha,
dataptr,
- datalen);
- _gnutls_hash (&session->internals.handshake_mac_handle.tls10.md5,
dataptr,
- datalen);
- }
- else if (session->security_parameters.handshake_mac_handle_type ==
HANDSHAKE_MAC_TYPE_12)
- {
- _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha256,
dataptr,
- datalen);
- _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha1,
dataptr,
- datalen);
- }
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_10)
+ {
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls10.sha,
+ dataptr, datalen);
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls10.md5,
+ dataptr, datalen);
+ }
+ else if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_12)
+ {
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha256,
+ dataptr, datalen);
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha1,
+ dataptr, datalen);
+ }
}
return 0;
@@ -1230,14 +1250,16 @@ _gnutls_handshake_hash_add_recvd (gnutls_session_t
session,
/* The idea here is to hash the previous message we received,
* and add the one we just received into the handshake_hash_buffer.
*/
- if ((session->security_parameters.entity == GNUTLS_SERVER || recv_type !=
GNUTLS_HANDSHAKE_SERVER_HELLO) &&
- (session->security_parameters.entity == GNUTLS_CLIENT || recv_type !=
GNUTLS_HANDSHAKE_CLIENT_HELLO))
+ if ((session->security_parameters.entity == GNUTLS_SERVER
+ || recv_type != GNUTLS_HANDSHAKE_SERVER_HELLO)
+ && (session->security_parameters.entity == GNUTLS_CLIENT
+ || recv_type != GNUTLS_HANDSHAKE_CLIENT_HELLO))
{
if ((ret = _gnutls_handshake_hash_pending (session)) < 0)
- {
- gnutls_assert ();
- return ret;
- }
+ {
+ gnutls_assert ();
+ return ret;
+ }
}
/* here we buffer the handshake messages - needed at Finished message */
@@ -1360,22 +1382,23 @@ _gnutls_recv_handshake (gnutls_session_t session,
uint8_t ** data,
case GNUTLS_HANDSHAKE_CLIENT_HELLO:
case GNUTLS_HANDSHAKE_SERVER_HELLO:
ret = _gnutls_recv_hello (session, dataptr, length32);
-
+
/* dataptr is freed because the caller does not
* need it */
gnutls_free (dataptr);
if (data != NULL)
*data = NULL;
-
+
if (ret < 0)
- break;
+ break;
/* initialize the hashes for both - (client will know server's version
* and server as well at this point) */
- if ((ret = _gnutls_handshake_hash_init (session)) < 0) {
- gnutls_assert();
- return ret;
- }
+ if ((ret = _gnutls_handshake_hash_init (session)) < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
break;
case GNUTLS_HANDSHAKE_SERVER_HELLO_DONE:
@@ -1664,7 +1687,7 @@ _gnutls_read_server_hello (gnutls_session_t session,
/* Parse extensions.
*/
- if (_gnutls_version_has_extensions(version))
+ if (_gnutls_version_has_extensions (version))
{
ret = _gnutls_parse_extensions (session, GNUTLS_EXT_ANY,
&data[pos], len);
@@ -1836,7 +1859,8 @@ _gnutls_send_client_hello (gnutls_session_t session, int
again)
}
extdatalen = MAX_EXT_DATA_LENGTH
- + session->internals.resumed_security_parameters.extensions.
+ +
+ session->internals.resumed_security_parameters.extensions.
session_ticket_len;
extdata = gnutls_malloc (extdatalen);
if (extdata == NULL)
@@ -1850,12 +1874,12 @@ _gnutls_send_client_hello (gnutls_session_t session,
int again)
* version number to the previously established.
*/
if (SessionID == NULL)
- {
- if (rehandshake) /* already negotiated version thus version_max ==
negotiated version */
- hver = session->security_parameters.version;
- else
- hver = _gnutls_version_max (session);
- }
+ {
+ if (rehandshake) /* already negotiated version thus version_max
== negotiated version */
+ hver = session->security_parameters.version;
+ else
+ hver = _gnutls_version_max (session);
+ }
else
{ /* we are resuming a session */
hver = session->internals.resumed_security_parameters.version;
@@ -1877,24 +1901,24 @@ _gnutls_send_client_hello (gnutls_session_t session,
int again)
*/
_gnutls_set_adv_version (session, hver);
- if (session->internals.priorities.ssl3_record_version)
- {
- /* Honor the SSL3_RECORD_VERSION option
- */
- _gnutls_set_current_version (session, GNUTLS_SSL3);
- }
+ if (session->internals.priorities.ssl3_record_version)
+ {
+ /* Honor the SSL3_RECORD_VERSION option
+ */
+ _gnutls_set_current_version (session, GNUTLS_SSL3);
+ }
else
- {
- /* Some old implementations do not interoperate if we send a
- * different version in the record layer.
- * It seems they prefer to read the record's version
- * as the one we actually requested.
- * The proper behaviour is to use the one in the client hello
- * handshake packet and ignore the one in the packet's record
- * header.
- */
- _gnutls_set_current_version (session, hver);
- }
+ {
+ /* Some old implementations do not interoperate if we send a
+ * different version in the record layer.
+ * It seems they prefer to read the record's version
+ * as the one we actually requested.
+ * The proper behaviour is to use the one in the client hello
+ * handshake packet and ignore the one in the packet's record
+ * header.
+ */
+ _gnutls_set_current_version (session, hver);
+ }
/* In order to know when this session was initiated.
*/
@@ -1978,7 +2002,7 @@ _gnutls_send_client_hello (gnutls_session_t session, int
again)
/* Generate and copy TLS extensions.
*/
- if (_gnutls_version_has_extensions(hver))
+ if (_gnutls_version_has_extensions (hver))
{
ret = _gnutls_gen_extensions (session, extdata, extdatalen);
@@ -2274,57 +2298,63 @@ _gnutls_handshake_hash_init (gnutls_session_t session)
/* set the hash type for handshake message hashing */
if (_gnutls_version_has_selectable_prf (ver))
- session->security_parameters.handshake_mac_handle_type =
HANDSHAKE_MAC_TYPE_12;
+ session->security_parameters.handshake_mac_handle_type =
+ HANDSHAKE_MAC_TYPE_12;
else
- session->security_parameters.handshake_mac_handle_type =
HANDSHAKE_MAC_TYPE_10;
+ session->security_parameters.handshake_mac_handle_type =
+ HANDSHAKE_MAC_TYPE_10;
- if (session->security_parameters.handshake_mac_handle_type ==
HANDSHAKE_MAC_TYPE_10)
- {
- ret =
- _gnutls_hash_init
(&session->internals.handshake_mac_handle.tls10.md5,
- GNUTLS_MAC_MD5);
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_10)
+ {
+ ret =
+ _gnutls_hash_init (&session->internals.handshake_mac_handle.
+ tls10.md5, GNUTLS_MAC_MD5);
- if (ret < 0)
- {
+ if (ret < 0)
+ {
gnutls_assert ();
return ret;
}
- ret =
- _gnutls_hash_init
(&session->internals.handshake_mac_handle.tls10.sha,
- GNUTLS_MAC_SHA1);
- if (ret < 0)
+ ret =
+ _gnutls_hash_init (&session->internals.handshake_mac_handle.
+ tls10.sha, GNUTLS_MAC_SHA1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ _gnutls_hash_deinit (&session->internals.
+ handshake_mac_handle.tls10.md5, NULL);
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+ }
+ else if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_12)
+ {
+ /* The algorithm to compute hash over handshake messages must be
+ same as the one used as the basis for PRF. By now we use
+ SHA256. */
+ ret =
+ _gnutls_hash_init (&session->internals.handshake_mac_handle.
+ tls12.sha256, GNUTLS_DIG_SHA256);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+
+ ret =
+ _gnutls_hash_init (&session->internals.handshake_mac_handle.
+ tls12.sha1, GNUTLS_DIG_SHA1);
+ if (ret < 0)
{
gnutls_assert ();
- _gnutls_hash_deinit
(&session->internals.handshake_mac_handle.tls10.md5, NULL);
+ _gnutls_hash_deinit (&session->internals.
+ handshake_mac_handle.tls12.sha256, NULL);
return GNUTLS_E_MEMORY_ERROR;
}
- }
- else if (session->security_parameters.handshake_mac_handle_type ==
HANDSHAKE_MAC_TYPE_12)
- {
- /* The algorithm to compute hash over handshake messages must be
- same as the one used as the basis for PRF. By now we use
- SHA256. */
- ret =
- _gnutls_hash_init
(&session->internals.handshake_mac_handle.tls12.sha256,
- GNUTLS_DIG_SHA256);
- if (ret < 0)
- {
- gnutls_assert ();
- return GNUTLS_E_MEMORY_ERROR;
- }
-
- ret =
- _gnutls_hash_init
(&session->internals.handshake_mac_handle.tls12.sha1,
- GNUTLS_DIG_SHA1);
- if (ret < 0)
- {
- gnutls_assert ();
-
_gnutls_hash_deinit(&session->internals.handshake_mac_handle.tls12.sha256,
NULL);
- return GNUTLS_E_MEMORY_ERROR;
- }
- }
+ }
session->internals.handshake_mac_handle_init = 1;
}
@@ -2842,7 +2872,8 @@ _gnutls_handshake_common (gnutls_session_t session)
case STATE40:
if (session->internals.session_ticket_renew)
{
- ret = _gnutls_send_new_session_ticket (session, AGAIN(STATE40));
+ ret =
+ _gnutls_send_new_session_ticket (session, AGAIN (STATE40));
STATE = STATE40;
IMED_RET ("send handshake new session ticket", ret, 0);
}
@@ -2857,10 +2888,10 @@ _gnutls_handshake_common (gnutls_session_t session)
/* only store if we are not resuming */
if (session->security_parameters.entity == GNUTLS_SERVER)
- {
- /* in order to support session resuming */
- _gnutls_server_register_current_session (session);
- }
+ {
+ /* in order to support session resuming */
+ _gnutls_server_register_current_session (session);
+ }
}
else
{ /* if we are a client not resuming - or we are
a server resuming */
diff --git a/lib/gnutls_hash_int.c b/lib/gnutls_hash_int.c
index 5e5b2aa..45cdbc6 100644
--- a/lib/gnutls_hash_int.c
+++ b/lib/gnutls_hash_int.c
@@ -121,7 +121,7 @@ _gnutls_hash_copy (digest_hd_st * dst, digest_hd_st * src)
{
int result;
- memset(dst, 0, sizeof(*dst));
+ memset (dst, 0, sizeof (*dst));
dst->algorithm = src->algorithm;
dst->registered = src->registered;
dst->active = 1;
@@ -167,9 +167,10 @@ _gnutls_hash_output (digest_hd_st * handle, void *digest)
void
_gnutls_hash_deinit (digest_hd_st * handle, void *digest)
{
- if (handle->active != 1) {
- return;
- }
+ if (handle->active != 1)
+ {
+ return;
+ }
if (digest != NULL)
_gnutls_hash_output (handle, digest);
@@ -334,9 +335,10 @@ _gnutls_hmac_output (digest_hd_st * handle, void *digest)
void
_gnutls_hmac_deinit (digest_hd_st * handle, void *digest)
{
- if (handle->active != 1) {
- return;
- }
+ if (handle->active != 1)
+ {
+ return;
+ }
if (digest)
_gnutls_hmac_output (handle, digest);
diff --git a/lib/gnutls_mpi.c b/lib/gnutls_mpi.c
index 8365d06..8a71b0a 100644
--- a/lib/gnutls_mpi.c
+++ b/lib/gnutls_mpi.c
@@ -341,10 +341,10 @@ _gnutls_x509_write_int (ASN1_TYPE node, const char
*value, bigint_t mpi,
result = _gnutls_mpi_print_lz (mpi, NULL, &s_len);
else
result = _gnutls_mpi_print (mpi, NULL, &s_len);
-
+
if (result != 0)
{
- gnutls_assert();
+ gnutls_assert ();
return result;
}
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c
index 5248b4f..7fab2c7 100644
--- a/lib/gnutls_priority.c
+++ b/lib/gnutls_priority.c
@@ -452,8 +452,9 @@ gnutls_priority_set (gnutls_session_t session,
gnutls_priority_t priority)
* This will be overridden later.
*/
if (session->internals.priorities.protocol.algorithms > 0)
- _gnutls_set_current_version (session, session->internals.
- priorities.protocol.priority[0]);
+ _gnutls_set_current_version (session,
+ session->internals.priorities.
+ protocol.priority[0]);
return 0;
}
@@ -548,8 +549,7 @@ gnutls_priority_set (gnutls_session_t session,
gnutls_priority_t priority)
**/
int
gnutls_priority_init (gnutls_priority_t * priority_cache,
- const char *priorities,
- const char **err_pos)
+ const char *priorities, const char **err_pos)
{
char *broken_list[MAX_ELEMENTS];
int broken_list_size, i, j;
@@ -599,14 +599,16 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
cipher_priority_performance);
_set_priority (&(*priority_cache)->kx, kx_priority_performance);
_set_priority (&(*priority_cache)->mac, mac_priority_performance);
- _set_priority (&(*priority_cache)->sign_algo, sign_priority_default);
+ _set_priority (&(*priority_cache)->sign_algo,
+ sign_priority_default);
}
else if (strcasecmp (broken_list[i], "NORMAL") == 0)
{
_set_priority (&(*priority_cache)->cipher, cipher_priority_normal);
_set_priority (&(*priority_cache)->kx, kx_priority_secure);
_set_priority (&(*priority_cache)->mac, mac_priority_secure);
- _set_priority (&(*priority_cache)->sign_algo, sign_priority_default);
+ _set_priority (&(*priority_cache)->sign_algo,
+ sign_priority_default);
}
else if (strcasecmp (broken_list[i], "SECURE256") == 0
|| strcasecmp (broken_list[i], "SECURE") == 0)
@@ -615,7 +617,8 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
cipher_priority_secure256);
_set_priority (&(*priority_cache)->kx, kx_priority_secure);
_set_priority (&(*priority_cache)->mac, mac_priority_secure);
- _set_priority (&(*priority_cache)->sign_algo,
sign_priority_secure256);
+ _set_priority (&(*priority_cache)->sign_algo,
+ sign_priority_secure256);
}
else if (strcasecmp (broken_list[i], "SECURE128") == 0)
{
@@ -623,14 +626,16 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
cipher_priority_secure128);
_set_priority (&(*priority_cache)->kx, kx_priority_secure);
_set_priority (&(*priority_cache)->mac, mac_priority_secure);
- _set_priority (&(*priority_cache)->sign_algo,
sign_priority_secure128);
+ _set_priority (&(*priority_cache)->sign_algo,
+ sign_priority_secure128);
}
else if (strcasecmp (broken_list[i], "EXPORT") == 0)
{
_set_priority (&(*priority_cache)->cipher, cipher_priority_export);
_set_priority (&(*priority_cache)->kx, kx_priority_export);
_set_priority (&(*priority_cache)->mac, mac_priority_secure);
- _set_priority (&(*priority_cache)->sign_algo, sign_priority_default);
+ _set_priority (&(*priority_cache)->sign_algo,
+ sign_priority_default);
} /* now check if the element is something like
-ALGO */
else if (broken_list[i][0] == '!' || broken_list[i][0] == '+'
|| broken_list[i][0] == '-')
@@ -655,8 +660,8 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
gnutls_protocol_get_id (&broken_list[i][6])) !=
GNUTLS_VERSION_UNKNOWN)
fn (&(*priority_cache)->protocol, algo);
- else
- goto error;
+ else
+ goto error;
} /* now check if the element is something like
-ALGO */
else if (strncasecmp (&broken_list[i][1], "COMP-", 5) == 0)
{
@@ -664,8 +669,8 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
gnutls_compression_get_id (&broken_list[i][6])) !=
GNUTLS_COMP_UNKNOWN)
fn (&(*priority_cache)->compression, algo);
- else
- goto error;
+ else
+ goto error;
} /* now check if the element is something like
-ALGO */
else if (strncasecmp (&broken_list[i][1], "CTYPE-", 6) == 0)
{
@@ -673,8 +678,8 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
gnutls_certificate_type_get_id (&broken_list[i][7])) !=
GNUTLS_CRT_UNKNOWN)
fn (&(*priority_cache)->cert_type, algo);
- else
- goto error;
+ else
+ goto error;
} /* now check if the element is something like
-ALGO */
else if (strncasecmp (&broken_list[i][1], "SIGN-", 5) == 0)
{
@@ -682,8 +687,8 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
gnutls_sign_get_id (&broken_list[i][6])) !=
GNUTLS_SIGN_UNKNOWN)
fn (&(*priority_cache)->sign_algo, algo);
- else
- goto error;
+ else
+ goto error;
} /* now check if the element is something like
-ALGO */
else
goto error;
@@ -694,11 +699,11 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
(*priority_cache)->no_padding = 1;
else if (strcasecmp (&broken_list[i][1],
"VERIFY_ALLOW_SIGN_RSA_MD5") == 0)
- {
- prio_add (&(*priority_cache)->sign_algo, GNUTLS_SIGN_RSA_MD5);
+ {
+ prio_add (&(*priority_cache)->sign_algo, GNUTLS_SIGN_RSA_MD5);
(*priority_cache)->additional_verify_flags |=
- GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5;
- }
+ GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5;
+ }
else if (strcasecmp (&broken_list[i][1],
"SSL3_RECORD_VERSION") == 0)
(*priority_cache)->ssl3_record_version = 1;
@@ -760,8 +765,7 @@ gnutls_priority_deinit (gnutls_priority_t priority_cache)
**/
int
gnutls_priority_set_direct (gnutls_session_t session,
- const char *priorities,
- const char **err_pos)
+ const char *priorities, const char **err_pos)
{
gnutls_priority_t prio;
int ret;
diff --git a/lib/gnutls_psk.c b/lib/gnutls_psk.c
index 5e8bc3c..71b5ad2 100644
--- a/lib/gnutls_psk.c
+++ b/lib/gnutls_psk.c
@@ -407,7 +407,7 @@ int
gnutls_hex_encode (const gnutls_datum_t * data, char *result,
size_t * result_size)
{
-size_t res = data->size + data->size + 1;
+ size_t res = data->size + data->size + 1;
if (*result_size < res)
{
@@ -417,7 +417,7 @@ size_t res = data->size + data->size + 1;
_gnutls_bin2hex (data->data, data->size, result, *result_size);
*result_size = res;
-
+
return 0;
}
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index 62df871..9df7128 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -373,7 +373,7 @@ _gnutls_send_int (gnutls_session_t session, content_type_t
type,
("REC[%p]: Sending Packet[%d] %s(%d) with length: %d\n", session,
(int) _gnutls_uint64touint32 (&session->connection_state.
write_sequence_number),
- _gnutls_packet2str (type), type, (int)sizeofdata);
+ _gnutls_packet2str (type), type, (int) sizeofdata);
if (sizeofdata > MAX_RECORD_SEND_SIZE)
data2send_size = MAX_RECORD_SEND_SIZE;
@@ -744,12 +744,14 @@ record_check_type (gnutls_session_t session,
if (session->security_parameters.entity == GNUTLS_SERVER)
{
gnutls_assert ();
- ret = _gnutls_record_buffer_put (recv_type, session, (void *)
data, data_size);
- if (ret < 0)
- {
- gnutls_assert();
- return ret;
- }
+ ret =
+ _gnutls_record_buffer_put (recv_type, session, (void *) data,
+ data_size);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
return GNUTLS_E_REHANDSHAKE;
}
@@ -947,7 +949,7 @@ begin:
("REC[%p]: Expected Packet[%d] %s(%d) with length: %d\n", session,
(int) _gnutls_uint64touint32 (&session->connection_state.
read_sequence_number),
- _gnutls_packet2str (type), type, (int)sizeofdata);
+ _gnutls_packet2str (type), type, (int) sizeofdata);
_gnutls_record_log ("REC[%p]: Received Packet[%d] %s(%d) with length: %d\n",
session,
(int)
diff --git a/lib/gnutls_session_pack.c b/lib/gnutls_session_pack.c
index 75b8870..30c9e6b 100644
--- a/lib/gnutls_session_pack.c
+++ b/lib/gnutls_session_pack.c
@@ -281,7 +281,8 @@ pack_certificate_auth_info (gnutls_session_t session,
*/
packed_session->data =
gnutls_malloc (packed_session->size + MAX_SEC_PARAMS + 2 +
- session->security_parameters.extensions.session_ticket_len);
+ session->security_parameters.
+ extensions.session_ticket_len);
if (packed_session->data == NULL)
{
@@ -515,7 +516,8 @@ pack_srp_auth_info (gnutls_session_t session,
gnutls_datum_t * packed_session)
*/
packed_session->data =
gnutls_malloc (packed_session->size + MAX_SEC_PARAMS + 2 +
- session->security_parameters.extensions.session_ticket_len);
+ session->security_parameters.
+ extensions.session_ticket_len);
if (packed_session->data == NULL)
{
@@ -621,7 +623,8 @@ pack_anon_auth_info (gnutls_session_t session,
*/
packed_session->data =
gnutls_malloc (packed_session->size + MAX_SEC_PARAMS + 2 +
- session->security_parameters.extensions.session_ticket_len);
+ session->security_parameters.
+ extensions.session_ticket_len);
if (packed_session->data == NULL)
{
@@ -785,7 +788,8 @@ pack_psk_auth_info (gnutls_session_t session,
gnutls_datum_t * packed_session)
*/
packed_session->data =
gnutls_malloc (packed_session->size + MAX_SEC_PARAMS + 2 +
- session->security_parameters.extensions.session_ticket_len);
+ session->security_parameters.
+ extensions.session_ticket_len);
if (packed_session->data == NULL)
{
@@ -1084,8 +1088,7 @@ pack_security_parameters (gnutls_session_t session,
}
_gnutls_write_uint16 (session->security_parameters.extensions.
- session_ticket_len,
- &packed_session->data[pos]);
+ session_ticket_len, &packed_session->data[pos]);
pos += 2;
memcpy (&packed_session->data[pos],
session->security_parameters.extensions.session_ticket,
@@ -1235,8 +1238,7 @@ unpack_security_parameters (gnutls_session_t session,
gnutls_malloc (session->internals.resumed_security_parameters.extensions.
session_ticket_len);
memcpy (session->internals.resumed_security_parameters.extensions.
- session_ticket,
- &packed_session->data[pos],
+ session_ticket, &packed_session->data[pos],
session->internals.resumed_security_parameters.extensions.
session_ticket_len);
diff --git a/lib/gnutls_sig.c b/lib/gnutls_sig.c
index 5e88241..af14f6b 100644
--- a/lib/gnutls_sig.c
+++ b/lib/gnutls_sig.c
@@ -126,9 +126,9 @@ _gnutls_rsa_encode_sig (gnutls_mac_algorithm_t algo,
*/
int
_gnutls_handshake_sign_data (gnutls_session_t session, gnutls_cert * cert,
- gnutls_privkey * pkey, gnutls_datum_t * params,
- gnutls_datum_t * signature,
- gnutls_sign_algorithm_t * sign_algo)
+ gnutls_privkey * pkey, gnutls_datum_t * params,
+ gnutls_datum_t * signature,
+ gnutls_sign_algorithm_t * sign_algo)
{
gnutls_datum_t dconcat;
int ret;
@@ -137,8 +137,9 @@ _gnutls_handshake_sign_data (gnutls_session_t session,
gnutls_cert * cert,
gnutls_protocol_t ver = gnutls_protocol_get_version (session);
gnutls_digest_algorithm_t hash_algo;
- *sign_algo = _gnutls_session_get_sign_algo(session,
cert->subject_pk_algorithm,
- &hash_algo);
+ *sign_algo =
+ _gnutls_session_get_sign_algo (session, cert->subject_pk_algorithm,
+ &hash_algo);
if (*sign_algo == GNUTLS_SIGN_UNKNOWN)
{
gnutls_assert ();
@@ -185,7 +186,7 @@ _gnutls_handshake_sign_data (gnutls_session_t session,
gnutls_cert * cert,
dconcat.size = 36;
}
else
- { /* TLS 1.2 way */
+ { /* TLS 1.2 way */
gnutls_datum_t hash;
_gnutls_hash_deinit (&td_sha, concat);
@@ -202,10 +203,10 @@ _gnutls_handshake_sign_data (gnutls_session_t session,
gnutls_cert * cert,
_gnutls_hash_deinit (&td_sha, concat);
if (hash_algo != GNUTLS_DIG_SHA1)
- {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
- }
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INTERNAL_ERROR;
+ }
dconcat.data = concat;
dconcat.size = 20;
break;
@@ -380,9 +381,9 @@ _gnutls_verify_sig (gnutls_cert * cert,
*/
int
_gnutls_handshake_verify_data (gnutls_session_t session, gnutls_cert * cert,
- const gnutls_datum_t * params,
- gnutls_datum_t * signature,
- gnutls_sign_algorithm_t algo)
+ const gnutls_datum_t * params,
+ gnutls_datum_t * signature,
+ gnutls_sign_algorithm_t algo)
{
gnutls_datum_t dconcat;
int ret;
@@ -392,10 +393,10 @@ _gnutls_handshake_verify_data (gnutls_session_t session,
gnutls_cert * cert,
gnutls_protocol_t ver = gnutls_protocol_get_version (session);
gnutls_digest_algorithm_t hash_algo = GNUTLS_DIG_SHA1;
- ret = _gnutls_session_sign_algo_enabled(session, algo);
+ ret = _gnutls_session_sign_algo_enabled (session, algo);
if (ret < 0)
{
- gnutls_assert();
+ gnutls_assert ();
return ret;
}
@@ -455,7 +456,8 @@ _gnutls_handshake_verify_data (gnutls_session_t session,
gnutls_cert * cert,
}
ret = _gnutls_verify_sig (cert, &dconcat, signature,
- dconcat.size - _gnutls_hash_get_algo_len
(hash_algo),
+ dconcat.size -
+ _gnutls_hash_get_algo_len (hash_algo),
_gnutls_sign_get_pk_algorithm (algo));
if (ret < 0)
{
@@ -472,8 +474,11 @@ _gnutls_handshake_verify_data (gnutls_session_t session,
gnutls_cert * cert,
/* this is _gnutls_handshake_verify_cert_vrfy for TLS 1.2
*/
-static int _gnutls_handshake_verify_cert_vrfy12 (gnutls_session_t session,
gnutls_cert * cert,
- gnutls_datum_t * signature, gnutls_sign_algorithm_t
sign_algo)
+static int
+_gnutls_handshake_verify_cert_vrfy12 (gnutls_session_t session,
+ gnutls_cert * cert,
+ gnutls_datum_t * signature,
+ gnutls_sign_algorithm_t sign_algo)
{
int ret;
opaque concat[MAX_SIG_SIZE];
@@ -481,26 +486,27 @@ static int _gnutls_handshake_verify_cert_vrfy12
(gnutls_session_t session, gnutl
gnutls_datum_t dconcat;
gnutls_sign_algorithm_t _sign_algo;
gnutls_digest_algorithm_t hash_algo;
- digest_hd_st* handshake_td;
+ digest_hd_st *handshake_td;
handshake_td = &session->internals.handshake_mac_handle.tls12.sha1;
hash_algo = handshake_td->algorithm;
- _sign_algo = _gnutls_x509_pk_to_sign( cert->subject_pk_algorithm, hash_algo);
+ _sign_algo =
+ _gnutls_x509_pk_to_sign (cert->subject_pk_algorithm, hash_algo);
if (_sign_algo != sign_algo)
{
handshake_td = &session->internals.handshake_mac_handle.tls12.sha256;
hash_algo = handshake_td->algorithm;
- _sign_algo = _gnutls_x509_pk_to_sign( cert->subject_pk_algorithm,
hash_algo);
+ _sign_algo =
+ _gnutls_x509_pk_to_sign (cert->subject_pk_algorithm, hash_algo);
if (sign_algo != _sign_algo)
- {
- gnutls_assert();
- return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
- }
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
+ }
}
- ret =
- _gnutls_hash_copy (&td, handshake_td);
+ ret = _gnutls_hash_copy (&td, handshake_td);
if (ret < 0)
{
gnutls_assert ();
@@ -512,7 +518,9 @@ static int _gnutls_handshake_verify_cert_vrfy12
(gnutls_session_t session, gnutl
dconcat.data = concat;
dconcat.size = _gnutls_hash_get_algo_len (hash_algo);
- ret = _gnutls_verify_sig (cert, &dconcat, signature, 0,
cert->subject_pk_algorithm);
+ ret =
+ _gnutls_verify_sig (cert, &dconcat, signature, 0,
+ cert->subject_pk_algorithm);
if (ret < 0)
{
gnutls_assert ();
@@ -527,8 +535,10 @@ static int _gnutls_handshake_verify_cert_vrfy12
(gnutls_session_t session, gnutl
* verify message).
*/
int
-_gnutls_handshake_verify_cert_vrfy (gnutls_session_t session, gnutls_cert *
cert,
- gnutls_datum_t * signature, gnutls_sign_algorithm_t
sign_algo)
+_gnutls_handshake_verify_cert_vrfy (gnutls_session_t session,
+ gnutls_cert * cert,
+ gnutls_datum_t * signature,
+ gnutls_sign_algorithm_t sign_algo)
{
int ret;
opaque concat[MAX_SIG_SIZE];
@@ -537,18 +547,22 @@ _gnutls_handshake_verify_cert_vrfy (gnutls_session_t
session, gnutls_cert * cert
gnutls_datum_t dconcat;
gnutls_protocol_t ver = gnutls_protocol_get_version (session);
- if (session->security_parameters.handshake_mac_handle_type ==
HANDSHAKE_MAC_TYPE_12)
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_12)
{
- return _gnutls_handshake_verify_cert_vrfy12(session, cert, signature,
sign_algo);
+ return _gnutls_handshake_verify_cert_vrfy12 (session, cert, signature,
+ sign_algo);
}
- else if (session->security_parameters.handshake_mac_handle_type !=
HANDSHAKE_MAC_TYPE_10)
+ else if (session->security_parameters.handshake_mac_handle_type !=
+ HANDSHAKE_MAC_TYPE_10)
{
- gnutls_assert();
+ gnutls_assert ();
return GNUTLS_E_INTERNAL_ERROR;
}
ret =
- _gnutls_hash_copy (&td_md5,
&session->internals.handshake_mac_handle.tls10.md5);
+ _gnutls_hash_copy (&td_md5,
+ &session->internals.handshake_mac_handle.tls10.md5);
if (ret < 0)
{
gnutls_assert ();
@@ -556,7 +570,8 @@ _gnutls_handshake_verify_cert_vrfy (gnutls_session_t
session, gnutls_cert * cert
}
ret =
- _gnutls_hash_copy (&td_sha,
&session->internals.handshake_mac_handle.tls10.sha);
+ _gnutls_hash_copy (&td_sha,
+ &session->internals.handshake_mac_handle.tls10.sha);
if (ret < 0)
{
gnutls_assert ();
@@ -589,7 +604,9 @@ _gnutls_handshake_verify_cert_vrfy (gnutls_session_t
session, gnutls_cert * cert
dconcat.data = concat;
dconcat.size = 20 + 16; /* md5+ sha */
- ret = _gnutls_verify_sig (cert, &dconcat, signature, 16,
cert->subject_pk_algorithm);
+ ret =
+ _gnutls_verify_sig (cert, &dconcat, signature, 16,
+ cert->subject_pk_algorithm);
if (ret < 0)
{
gnutls_assert ();
@@ -602,9 +619,10 @@ _gnutls_handshake_verify_cert_vrfy (gnutls_session_t
session, gnutls_cert * cert
/* the same as _gnutls_handshake_sign_cert_vrfy except that it is made for TLS
1.2
*/
-static int _gnutls_handshake_sign_cert_vrfy12 (gnutls_session_t session,
- gnutls_cert * cert, gnutls_privkey * pkey,
- gnutls_datum_t * signature)
+static int
+_gnutls_handshake_sign_cert_vrfy12 (gnutls_session_t session,
+ gnutls_cert * cert, gnutls_privkey * pkey,
+ gnutls_datum_t * signature)
{
gnutls_datum_t dconcat;
int ret;
@@ -612,41 +630,47 @@ static int _gnutls_handshake_sign_cert_vrfy12
(gnutls_session_t session,
digest_hd_st td;
gnutls_sign_algorithm_t sign_algo;
gnutls_digest_algorithm_t hash_algo;
- digest_hd_st* handshake_td;
+ digest_hd_st *handshake_td;
handshake_td = &session->internals.handshake_mac_handle.tls12.sha1;
hash_algo = handshake_td->algorithm;
- sign_algo = _gnutls_x509_pk_to_sign( cert->subject_pk_algorithm, hash_algo);
+ sign_algo = _gnutls_x509_pk_to_sign (cert->subject_pk_algorithm, hash_algo);
/* The idea here is to try signing with the one of the algorithms
* that have been initiated at handshake (SHA1, SHA256). If they
* are not requested by peer... tough luck
*/
- ret = _gnutls_session_sign_algo_requested(session, sign_algo);
+ ret = _gnutls_session_sign_algo_requested (session, sign_algo);
if (sign_algo == GNUTLS_SIGN_UNKNOWN || ret < 0)
{
handshake_td = &session->internals.handshake_mac_handle.tls12.sha256;
hash_algo = handshake_td->algorithm;
- sign_algo = _gnutls_x509_pk_to_sign( cert->subject_pk_algorithm,
hash_algo);
+ sign_algo =
+ _gnutls_x509_pk_to_sign (cert->subject_pk_algorithm, hash_algo);
if (sign_algo == GNUTLS_SIGN_UNKNOWN)
- {
- gnutls_assert();
- return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
- }
-
- ret = _gnutls_session_sign_algo_requested(session, sign_algo);
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
+ }
+
+ ret = _gnutls_session_sign_algo_requested (session, sign_algo);
if (ret < 0)
- {
- gnutls_assert();
- _gnutls_x509_log("Server did not allow either '%s' or '%s' for
signing\n", gnutls_mac_get_name(hash_algo),
gnutls_mac_get_name(session->internals.handshake_mac_handle.tls12.sha1.algorithm));
- return ret;
- }
+ {
+ gnutls_assert ();
+ _gnutls_x509_log
+ ("Server did not allow either '%s' or '%s' for signing\n",
+ gnutls_mac_get_name (hash_algo),
+ gnutls_mac_get_name (session->internals.
+ handshake_mac_handle.tls12.sha1.algorithm));
+ return ret;
+ }
}
-
- _gnutls_x509_log("sign handshake cert vrfy: picked %s with %s\n",
gnutls_sign_algorithm_get_name(sign_algo), gnutls_mac_get_name(hash_algo));
- ret =
- _gnutls_hash_copy (&td, handshake_td);
+ _gnutls_x509_log ("sign handshake cert vrfy: picked %s with %s\n",
+ gnutls_sign_algorithm_get_name (sign_algo),
+ gnutls_mac_get_name (hash_algo));
+
+ ret = _gnutls_hash_copy (&td, handshake_td);
if (ret < 0)
{
gnutls_assert ();
@@ -678,8 +702,8 @@ static int _gnutls_handshake_sign_cert_vrfy12
(gnutls_session_t session,
*/
int
_gnutls_handshake_sign_cert_vrfy (gnutls_session_t session,
- gnutls_cert * cert, gnutls_privkey * pkey,
- gnutls_datum_t * signature)
+ gnutls_cert * cert, gnutls_privkey * pkey,
+ gnutls_datum_t * signature)
{
gnutls_datum_t dconcat;
int ret;
@@ -688,18 +712,22 @@ _gnutls_handshake_sign_cert_vrfy (gnutls_session_t
session,
digest_hd_st td_sha;
gnutls_protocol_t ver = gnutls_protocol_get_version (session);
- if (session->security_parameters.handshake_mac_handle_type ==
HANDSHAKE_MAC_TYPE_12)
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_12)
{
- return _gnutls_handshake_sign_cert_vrfy12(session, cert, pkey,
signature);
+ return _gnutls_handshake_sign_cert_vrfy12 (session, cert, pkey,
+ signature);
}
- else if (session->security_parameters.handshake_mac_handle_type !=
HANDSHAKE_MAC_TYPE_10)
+ else if (session->security_parameters.handshake_mac_handle_type !=
+ HANDSHAKE_MAC_TYPE_10)
{
- gnutls_assert();
+ gnutls_assert ();
return GNUTLS_E_INTERNAL_ERROR;
}
-
+
ret =
- _gnutls_hash_copy (&td_sha,
&session->internals.handshake_mac_handle.tls10.sha);
+ _gnutls_hash_copy (&td_sha,
+ &session->internals.handshake_mac_handle.tls10.sha);
if (ret < 0)
{
gnutls_assert ();
@@ -727,7 +755,8 @@ _gnutls_handshake_sign_cert_vrfy (gnutls_session_t session,
case GNUTLS_PK_RSA:
ret =
_gnutls_hash_copy (&td_md5,
- &session->internals.handshake_mac_handle.tls10.md5);
+ &session->internals.handshake_mac_handle.
+ tls10.md5);
if (ret < 0)
{
gnutls_assert ();
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c
index 3ecca89..3ba533b 100644
--- a/lib/gnutls_state.c
+++ b/lib/gnutls_state.c
@@ -202,7 +202,7 @@ deinit_internal_params (gnutls_session_t session)
if (session->internals.params.free_rsa_params)
gnutls_rsa_params_deinit (session->internals.params.rsa_params);
- _gnutls_handshake_hash_buffers_clear(session);
+ _gnutls_handshake_hash_buffers_clear (session);
memset (&session->internals.params, 0, sizeof (session->internals.params));
}
@@ -239,7 +239,7 @@ _gnutls_handshake_internal_state_init (gnutls_session_t
session)
void
_gnutls_handshake_internal_state_clear (gnutls_session_t session)
{
- _gnutls_handshake_internal_state_init(session);
+ _gnutls_handshake_internal_state_init (session);
_gnutls_free_datum (&session->internals.recv_buffer);
@@ -913,7 +913,7 @@ _gnutls_PRF (gnutls_session_t session,
memcpy (s_seed, label, label_size);
memcpy (&s_seed[label_size], seed, seed_size);
- if (_gnutls_version_has_selectable_prf(ver))
+ if (_gnutls_version_has_selectable_prf (ver))
{
result =
_gnutls_P_hash (GNUTLS_MAC_SHA256, secret, secret_size,
@@ -1339,7 +1339,8 @@ _gnutls_rsa_pms_set_version (gnutls_session_t session,
**/
void
gnutls_handshake_set_post_client_hello_function (gnutls_session_t session,
-
gnutls_handshake_post_client_hello_func func)
+
gnutls_handshake_post_client_hello_func
+ func)
{
session->internals.user_hello_func = func;
}
@@ -1361,4 +1362,3 @@ gnutls_session_enable_compatibility_mode
(gnutls_session_t session)
{
gnutls_record_disable_padding (session);
}
-
diff --git a/lib/gnutls_str.c b/lib/gnutls_str.c
index a4c765e..4586b4b 100644
--- a/lib/gnutls_str.c
+++ b/lib/gnutls_str.c
@@ -128,15 +128,15 @@ _gnutls_string_append_data (gnutls_string * dest, const
void *data,
if (dest->max_length >= tot_len)
{
- size_t unused = MEMSUB(dest->data, dest->allocd);
-
+ size_t unused = MEMSUB (dest->data, dest->allocd);
+
if (dest->max_length - unused <= tot_len)
- {
- if (dest->length && dest->data)
- memmove(dest->allocd, dest->data, dest->length);
+ {
+ if (dest->length && dest->data)
+ memmove (dest->allocd, dest->data, dest->length);
- dest->data = dest->allocd;
- }
+ dest->data = dest->allocd;
+ }
memmove (&dest->data[dest->length], data, data_size);
dest->length = tot_len;
@@ -144,7 +144,7 @@ _gnutls_string_append_data (gnutls_string * dest, const
void *data,
}
else
{
- size_t unused = MEMSUB(dest->data, dest->allocd);
+ size_t unused = MEMSUB (dest->data, dest->allocd);
size_t new_len =
MAX (data_size, MIN_CHUNK) + MAX (dest->max_length, MIN_CHUNK);
@@ -158,7 +158,7 @@ _gnutls_string_append_data (gnutls_string * dest, const
void *data,
dest->data = dest->allocd + unused;
if (dest->length && dest->data)
- memmove(dest->allocd, dest->data, dest->length);
+ memmove (dest->allocd, dest->data, dest->length);
dest->data = dest->allocd;
memcpy (&dest->data[dest->length], data, data_size);
@@ -173,19 +173,19 @@ _gnutls_string_resize (gnutls_string * dest, size_t
new_size)
{
if (dest->max_length >= new_size)
{
- size_t unused = MEMSUB(dest->data, dest->allocd);
+ size_t unused = MEMSUB (dest->data, dest->allocd);
if (dest->max_length - unused <= new_size)
- {
- if (dest->length && dest->data)
- memmove(dest->allocd, dest->data, dest->length);
- dest->data = dest->allocd;
- }
+ {
+ if (dest->length && dest->data)
+ memmove (dest->allocd, dest->data, dest->length);
+ dest->data = dest->allocd;
+ }
return 0;
}
else
{
- size_t unused = MEMSUB(dest->data, dest->allocd);
+ size_t unused = MEMSUB (dest->data, dest->allocd);
size_t alloc_len =
MAX (new_size, MIN_CHUNK) + MAX (dest->max_length, MIN_CHUNK);
@@ -199,7 +199,7 @@ _gnutls_string_resize (gnutls_string * dest, size_t
new_size)
dest->data = dest->allocd + unused;
if (dest->length && dest->data)
- memmove(dest->allocd, dest->data, dest->length);
+ memmove (dest->allocd, dest->data, dest->length);
dest->data = dest->allocd;
return 0;
@@ -209,7 +209,7 @@ _gnutls_string_resize (gnutls_string * dest, size_t
new_size)
int
_gnutls_string_append_str (gnutls_string * dest, const char *src)
{
- return _gnutls_string_append_data (dest, src, strlen(src));
+ return _gnutls_string_append_data (dest, src, strlen (src));
}
/* returns data from a string in a constant buffer.
@@ -217,18 +217,19 @@ _gnutls_string_append_str (gnutls_string * dest, const
char *src)
* data are appended in the buffer.
*/
void
-_gnutls_string_get_datum (gnutls_string * str, gnutls_datum_t *data,
- size_t req_size)
+_gnutls_string_get_datum (gnutls_string * str, gnutls_datum_t * data,
+ size_t req_size)
{
- if (str->length == 0) {
+ if (str->length == 0)
+ {
data->data = NULL;
data->size = 0;
return;
- }
+ }
if (req_size > str->length)
- req_size = str->length;
+ req_size = str->length;
data->data = str->data;
data->size = req_size;
@@ -237,9 +238,10 @@ _gnutls_string_get_datum (gnutls_string * str,
gnutls_datum_t *data,
str->length -= req_size;
/* if string becomes empty start from begining */
- if (str->length == 0) {
+ if (str->length == 0)
+ {
str->data = str->allocd;
- }
+ }
return;
}
@@ -247,15 +249,14 @@ _gnutls_string_get_datum (gnutls_string * str,
gnutls_datum_t *data,
/* returns data from a string in a constant buffer.
*/
void
-_gnutls_string_get_data (gnutls_string * str, void *data,
- size_t *req_size)
+_gnutls_string_get_data (gnutls_string * str, void *data, size_t * req_size)
{
gnutls_datum_t tdata;
- _gnutls_string_get_datum( str, &tdata, *req_size);
+ _gnutls_string_get_datum (str, &tdata, *req_size);
*req_size = tdata.size;
- memcpy( data, tdata.data, tdata.size);
+ memcpy (data, tdata.data, tdata.size);
return;
}
@@ -368,8 +369,7 @@ _gnutls_hex2bin (const opaque * hex_data, int hex_size,
opaque * bin_data,
*/
int
_gnutls_hostname_compare (const char *certname,
- size_t certnamesize,
- const char *hostname)
+ size_t certnamesize, const char *hostname)
{
/* find the first different character */
for (; *certname && *hostname && toupper (*certname) == toupper (*hostname);
diff --git a/lib/gnutls_supplemental.c b/lib/gnutls_supplemental.c
index d2439de..0e9a24c 100644
--- a/lib/gnutls_supplemental.c
+++ b/lib/gnutls_supplemental.c
@@ -141,7 +141,7 @@ _gnutls_gen_supplemental (gnutls_session_t session,
gnutls_buffer * buf)
buf->data[2] = (buf->length - 3) & 0xFF;
_gnutls_debug_log ("EXT[%p]: Sending %d bytes of supplemental data\n",
- session, (int)buf->length);
+ session, (int) buf->length);
return buf->length;
}
diff --git a/lib/gnutls_ui.c b/lib/gnutls_ui.c
index bb4f393..baed5fa 100644
--- a/lib/gnutls_ui.c
+++ b/lib/gnutls_ui.c
@@ -289,7 +289,7 @@ gnutls_dh_get_secret_bits (gnutls_session_t session)
}
static int
-mpi_buf2bits (gnutls_datum_t *mpi_buf)
+mpi_buf2bits (gnutls_datum_t * mpi_buf)
{
bigint_t mpi;
int rc;
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c
index ab7e447..810a569 100644
--- a/lib/gnutls_x509.c
+++ b/lib/gnutls_x509.c
@@ -159,13 +159,13 @@ _gnutls_x509_cert_verify_peers (gnutls_session_t session,
return ret;
}
-
+
if (ret < 0)
- {
- gnutls_assert();
- CLEAR_CERTS;
- return ret;
- }
+ {
+ gnutls_assert ();
+ CLEAR_CERTS;
+ return ret;
+ }
ret = check_bits (peer_certificate_list[i], cred->verify_bits);
if (ret < 0)
@@ -179,13 +179,14 @@ _gnutls_x509_cert_verify_peers (gnutls_session_t session,
/* Verify certificate
*/
-
+
ret = gnutls_x509_crt_list_verify (peer_certificate_list,
peer_certificate_list_size,
cred->x509_ca_list, cred->x509_ncas,
cred->x509_crl_list, cred->x509_ncrls,
- cred->verify_flags |
session->internals.priorities.additional_verify_flags,
- status);
+ cred->verify_flags | session->
+ internals.priorities.
+ additional_verify_flags, status);
CLEAR_CERTS;
@@ -1577,7 +1578,7 @@ parse_pkcs12 (gnutls_certificate_credentials_t res,
*cert = NULL;
*key = NULL;
- *crl = NULL;
+ *crl = NULL;
/* find the first private key */
for (;;)
@@ -1649,12 +1650,12 @@ parse_pkcs12 (gnutls_certificate_credentials_t res,
{
case GNUTLS_BAG_PKCS8_ENCRYPTED_KEY:
case GNUTLS_BAG_PKCS8_KEY:
- if (*key != NULL) /* too simple to continue */
- {
- gnutls_assert();
- break;
- }
-
+ if (*key != NULL) /* too simple to continue */
+ {
+ gnutls_assert ();
+ break;
+ }
+
ret = gnutls_x509_privkey_init (key);
if (ret < 0)
{
@@ -1668,20 +1669,22 @@ parse_pkcs12 (gnutls_certificate_credentials_t res,
if (ret < 0)
{
gnutls_assert ();
- gnutls_x509_privkey_deinit( *key);
+ gnutls_x509_privkey_deinit (*key);
goto done;
}
-
- key_id_size = sizeof(key_id);
- ret = gnutls_x509_privkey_get_key_id( *key, 0, key_id,
&key_id_size);
+
+ key_id_size = sizeof (key_id);
+ ret =
+ gnutls_x509_privkey_get_key_id (*key, 0, key_id,
+ &key_id_size);
if (ret < 0)
{
gnutls_assert ();
- gnutls_x509_privkey_deinit( *key);
+ gnutls_x509_privkey_deinit (*key);
goto done;
}
-
- privkey_ok = 1; /* break */
+
+ privkey_ok = 1; /* break */
break;
default:
break;
@@ -1690,14 +1693,14 @@ parse_pkcs12 (gnutls_certificate_credentials_t res,
idx++;
gnutls_pkcs12_bag_deinit (bag);
-
- if (privkey_ok != 0) /* private key was found */
- break;
+
+ if (privkey_ok != 0) /* private key was found */
+ break;
}
- if (privkey_ok == 0) /* no private key */
+ if (privkey_ok == 0) /* no private key */
{
- gnutls_assert();
+ gnutls_assert ();
return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
}
@@ -1773,11 +1776,11 @@ parse_pkcs12 (gnutls_certificate_credentials_t res,
switch (type)
{
case GNUTLS_BAG_CERTIFICATE:
- if (*cert != NULL) /* no need to set it again */
- {
- gnutls_assert();
- break;
- }
+ if (*cert != NULL) /* no need to set it again */
+ {
+ gnutls_assert ();
+ break;
+ }
ret = gnutls_x509_crt_init (cert);
if (ret < 0)
@@ -1791,33 +1794,34 @@ parse_pkcs12 (gnutls_certificate_credentials_t res,
if (ret < 0)
{
gnutls_assert ();
- gnutls_x509_crt_deinit( *cert);
+ gnutls_x509_crt_deinit (*cert);
goto done;
}
/* check if the key id match */
- cert_id_size = sizeof(cert_id);
- ret = gnutls_x509_crt_get_key_id( *cert, 0, cert_id,
&cert_id_size);
+ cert_id_size = sizeof (cert_id);
+ ret =
+ gnutls_x509_crt_get_key_id (*cert, 0, cert_id, &cert_id_size);
if (ret < 0)
{
gnutls_assert ();
- gnutls_x509_crt_deinit( *cert);
+ gnutls_x509_crt_deinit (*cert);
goto done;
}
-
- if (memcmp( cert_id, key_id, cert_id_size) != 0)
- { /* they don't match - skip the certificate */
- gnutls_x509_crt_deinit( *cert);
- *cert = NULL;
- }
+
+ if (memcmp (cert_id, key_id, cert_id_size) != 0)
+ { /* they don't match - skip the certificate */
+ gnutls_x509_crt_deinit (*cert);
+ *cert = NULL;
+ }
break;
case GNUTLS_BAG_CRL:
if (*crl != NULL)
- {
- gnutls_assert();
- break;
- }
+ {
+ gnutls_assert ();
+ break;
+ }
ret = gnutls_x509_crl_init (crl);
if (ret < 0)
@@ -1830,7 +1834,7 @@ parse_pkcs12 (gnutls_certificate_credentials_t res,
if (ret < 0)
{
gnutls_assert ();
- gnutls_x509_crl_deinit( *crl);
+ gnutls_x509_crl_deinit (*crl);
goto done;
}
break;
@@ -1905,9 +1909,11 @@ int
gnutls_assert ();
return GNUTLS_E_FILE_ERROR;
}
-
- ret = gnutls_certificate_set_x509_simple_pkcs12_mem(res, &p12blob, type,
password);
- free(p12blob.data);
+
+ ret =
+ gnutls_certificate_set_x509_simple_pkcs12_mem (res, &p12blob, type,
+ password);
+ free (p12blob.data);
return ret;
}
@@ -1948,7 +1954,7 @@ int
**/
int
gnutls_certificate_set_x509_simple_pkcs12_mem
- (gnutls_certificate_credentials_t res, const gnutls_datum_t *p12blob,
+ (gnutls_certificate_credentials_t res, const gnutls_datum_t * p12blob,
gnutls_x509_crt_fmt_t type, const char *password)
{
gnutls_pkcs12_t p12;
diff --git a/lib/minitasn1/decoding.c b/lib/minitasn1/decoding.c
index b79002c..af94cea 100644
--- a/lib/minitasn1/decoding.c
+++ b/lib/minitasn1/decoding.c
@@ -288,18 +288,20 @@ _asn1_get_objectid_der (const unsigned char *der, int
der_len, int *ret_len,
leading = 1;
for (k = 1; k < len; k++)
{
-
+
/* X.690 mandates that the leading byte must never be 0x80
*/
- if (leading != 0 && der[len_len + k] == 0x80) return ASN1_DER_ERROR;
+ if (leading != 0 && der[len_len + k] == 0x80)
+ return ASN1_DER_ERROR;
leading = 0;
/* check for wrap around */
val = val << 7;
val |= der[len_len + k] & 0x7F;
- if (val < prev_val) return ASN1_DER_ERROR;
+ if (val < prev_val)
+ return ASN1_DER_ERROR;
prev_val = val;
@@ -313,7 +315,7 @@ _asn1_get_objectid_der (const unsigned char *der, int
der_len, int *ret_len,
}
}
*ret_len = len + len_len;
-
+
return ASN1_SUCCESS;
}
@@ -1054,8 +1056,9 @@ asn1_der_decoding (ASN1_TYPE * element, const void *ider,
int len,
move = RIGHT;
break;
case TYPE_OBJECT_ID:
- result = _asn1_get_objectid_der (der + counter, len - counter,
&len2,
- temp, sizeof (temp));
+ result =
+ _asn1_get_objectid_der (der + counter, len - counter, &len2,
+ temp, sizeof (temp));
if (result != ASN1_SUCCESS)
{
asn1_delete_structure (element);
@@ -1670,12 +1673,13 @@ asn1_der_decoding_element (ASN1_TYPE * structure, const
char *elementName,
case TYPE_OBJECT_ID:
if (state == FOUND)
{
- result = _asn1_get_objectid_der (der + counter, len -
counter, &len2,
- temp, sizeof (temp));
- if (result != ASN1_SUCCESS)
- {
- return result;
- }
+ result =
+ _asn1_get_objectid_der (der + counter, len - counter,
+ &len2, temp, sizeof (temp));
+ if (result != ASN1_SUCCESS)
+ {
+ return result;
+ }
tlen = strlen (temp);
diff --git a/lib/opencdk/armor.c b/lib/opencdk/armor.c
index 5686809..3a08b5f 100644
--- a/lib/opencdk/armor.c
+++ b/lib/opencdk/armor.c
@@ -595,7 +595,8 @@ armor_decode (void *data, FILE * in, FILE * out)
afx->crc_okay = (afx->crc == crc2) ? 1 : 0;
if (!afx->crc_okay && !rc)
{
- _cdk_log_debug ("file crc=%08X afx_crc=%08X\n", (unsigned int)crc2,
(unsigned int)afx->crc);
+ _cdk_log_debug ("file crc=%08X afx_crc=%08X\n", (unsigned int) crc2,
+ (unsigned int) afx->crc);
rc = CDK_Armor_CRC_Error;
}
diff --git a/lib/opencdk/keydb.c b/lib/opencdk/keydb.c
index 314fefe..85281c6 100644
--- a/lib/opencdk/keydb.c
+++ b/lib/opencdk/keydb.c
@@ -663,7 +663,8 @@ keydb_cache_add (cdk_keydb_search_t dbs, off_t offset)
k->next = dbs->cache;
dbs->cache = k;
dbs->ncache++;
- _cdk_log_debug ("cache: add entry off=%d type=%d\n", (int)offset,
(int)dbs->type);
+ _cdk_log_debug ("cache: add entry off=%d type=%d\n", (int) offset,
+ (int) dbs->type);
return 0;
}
diff --git a/lib/opencdk/literal.c b/lib/opencdk/literal.c
index 1dde4a1..d76f795 100644
--- a/lib/opencdk/literal.c
+++ b/lib/opencdk/literal.c
@@ -121,7 +121,7 @@ literal_decode (void *data, FILE * in, FILE * out)
while (!feof (in))
{
_cdk_log_debug ("literal_decode: part on %d size %lu\n",
- (int)pfx->blkmode.on, pfx->blkmode.size);
+ (int) pfx->blkmode.on, pfx->blkmode.size);
if (pfx->blkmode.on)
bufsize = pfx->blkmode.size;
else
@@ -200,7 +200,7 @@ literal_encode (void *data, FILE * in, FILE * out)
filelen = strlen (pfx->filename);
cdk_pkt_new (&pkt);
pt = pkt->pkt.literal = cdk_calloc (1, sizeof *pt + filelen);
- pt->name = (char*) pt + sizeof(*pt);
+ pt->name = (char *) pt + sizeof (*pt);
if (!pt)
{
cdk_pkt_release (pkt);
diff --git a/lib/opencdk/misc.c b/lib/opencdk/misc.c
index 0df82a1..1331253 100644
--- a/lib/opencdk/misc.c
+++ b/lib/opencdk/misc.c
@@ -97,7 +97,7 @@ cdk_strlist_add (cdk_strlist_t * list, const char *string)
sl = cdk_calloc (1, sizeof *sl + strlen (string) + 2);
if (!sl)
return NULL;
- sl->d = (char*) sl + sizeof(*sl);
+ sl->d = (char *) sl + sizeof (*sl);
strcpy (sl->d, string);
sl->next = *list;
*list = sl;
diff --git a/lib/opencdk/new-packet.c b/lib/opencdk/new-packet.c
index 9159af0..dc5304b 100644
--- a/lib/opencdk/new-packet.c
+++ b/lib/opencdk/new-packet.c
@@ -388,7 +388,7 @@ _cdk_copy_userid (cdk_pkt_userid_t * dst, cdk_pkt_userid_t
src)
u = cdk_calloc (1, sizeof *u + strlen (src->name) + 2);
if (!u)
return CDK_Out_Of_Core;
- u->name = (char*)u + sizeof(*u);
+ u->name = (char *) u + sizeof (*u);
memcpy (u, src, sizeof *u);
memcpy (u->name, src->name, strlen (src->name));
@@ -627,7 +627,7 @@ cdk_subpkt_new (size_t size)
s = cdk_calloc (1, sizeof *s + size + 2);
if (!s)
return NULL;
- s->d = (char*)s + sizeof(*s);
+ s->d = (char *) s + sizeof (*s);
return s;
}
diff --git a/lib/opencdk/read-packet.c b/lib/opencdk/read-packet.c
index 97e844b..a2ab51b 100644
--- a/lib/opencdk/read-packet.c
+++ b/lib/opencdk/read-packet.c
@@ -128,15 +128,15 @@ read_mpi (cdk_stream_t inp, bigint_t * ret_m, int secure)
if (nbits > MAX_MPI_BITS || nbits == 0)
{
- _cdk_log_debug ("read_mpi: too large %d bits\n",(int) nbits);
+ _cdk_log_debug ("read_mpi: too large %d bits\n", (int) nbits);
return CDK_MPI_Error; /* Sanity check */
}
rc = stream_read (inp, buf + 2, nread, &nread);
if (!rc && nread != ((nbits + 7) / 8))
{
- _cdk_log_debug ("read_mpi: too short %d < %d\n", (int)nread,
- (int)((nbits + 7) / 8));
+ _cdk_log_debug ("read_mpi: too short %d < %d\n", (int) nread,
+ (int) ((nbits + 7) / 8));
return CDK_MPI_Error;
}
@@ -197,7 +197,7 @@ read_pubkey_enc (cdk_stream_t inp, size_t pktlen,
cdk_pkt_pubkey_enc_t pke)
return CDK_Inv_Value;
if (DEBUG_PKT)
- _cdk_log_debug ("read_pubkey_enc: %d octets\n", (int)pktlen);
+ _cdk_log_debug ("read_pubkey_enc: %d octets\n", (int) pktlen);
if (pktlen < 12)
return CDK_Inv_Packet;
@@ -251,7 +251,7 @@ read_compressed (cdk_stream_t inp, size_t pktlen,
cdk_pkt_compressed_t c)
return CDK_Inv_Value;
if (DEBUG_PKT)
- _cdk_log_debug ("read_compressed: %d octets\n", (int)pktlen);
+ _cdk_log_debug ("read_compressed: %d octets\n", (int) pktlen);
c->algorithm = cdk_stream_getc (inp);
if (c->algorithm > 3)
@@ -278,7 +278,7 @@ read_public_key (cdk_stream_t inp, size_t pktlen,
cdk_pkt_pubkey_t pk)
return CDK_Inv_Value;
if (DEBUG_PKT)
- _cdk_log_debug ("read_public_key: %d octets\n", (int)pktlen);
+ _cdk_log_debug ("read_public_key: %d octets\n", (int) pktlen);
pk->is_invalid = 1; /* default to detect missing self signatures */
pk->is_revoked = 0;
@@ -336,7 +336,7 @@ read_secret_key (cdk_stream_t inp, size_t pktlen,
cdk_pkt_seckey_t sk)
return CDK_Inv_Value;
if (DEBUG_PKT)
- _cdk_log_debug ("read_secret_key: %d octets\n", (int)pktlen);
+ _cdk_log_debug ("read_secret_key: %d octets\n", (int) pktlen);
p1 = cdk_stream_tell (inp);
rc = read_public_key (inp, pktlen, sk->pk);
@@ -631,7 +631,7 @@ read_onepass_sig (cdk_stream_t inp, size_t pktlen,
cdk_pkt_onepass_sig_t sig)
return CDK_Inv_Value;
if (DEBUG_PKT)
- _cdk_log_debug ("read_onepass_sig: %d octets\n", (int)pktlen);
+ _cdk_log_debug ("read_onepass_sig: %d octets\n", (int) pktlen);
if (pktlen != 13)
return CDK_Inv_Packet;
@@ -730,7 +730,7 @@ read_signature (cdk_stream_t inp, size_t pktlen,
cdk_pkt_signature_t sig)
return CDK_Inv_Value;
if (DEBUG_PKT)
- _cdk_log_debug ("read_signature: %d octets\n", (int)pktlen);
+ _cdk_log_debug ("read_signature: %d octets\n", (int) pktlen);
if (pktlen < 16)
return CDK_Inv_Packet;
@@ -836,7 +836,7 @@ read_literal (cdk_stream_t inp, size_t pktlen,
*ret_pt = pt = cdk_realloc (pt, sizeof *pt + pt->namelen + 2);
if (!pt)
return CDK_Out_Of_Core;
- pt->name = (char*)pt + sizeof(*pt);
+ pt->name = (char *) pt + sizeof (*pt);
rc = stream_read (inp, pt->name, pt->namelen, &nread);
if (rc)
return rc;
@@ -958,7 +958,8 @@ cdk_pkt_read (cdk_stream_t inp, cdk_packet_t pkt)
if (!(ctb & 0x80))
{
_cdk_log_info ("cdk_pkt_read: no openpgp data found. "
- "(ctb=%02X; fpos=%02X)\n",(int) ctb, (int)cdk_stream_tell
(inp));
+ "(ctb=%02X; fpos=%02X)\n", (int) ctb,
+ (int) cdk_stream_tell (inp));
return CDK_Inv_Packet;
}
@@ -998,7 +999,8 @@ cdk_pkt_read (cdk_stream_t inp, cdk_packet_t pkt)
+ pkt->pktlen + 16 + 1);
if (!pkt->pkt.user_id)
return CDK_Out_Of_Core;
- pkt->pkt.user_id->name = (char*)pkt->pkt.user_id +
sizeof(*pkt->pkt.user_id);
+ pkt->pkt.user_id->name =
+ (char *) pkt->pkt.user_id + sizeof (*pkt->pkt.user_id);
rc = read_attribute (inp, pktlen, pkt->pkt.user_id);
pkt->pkttype = CDK_PKT_ATTRIBUTE;
@@ -1009,7 +1011,8 @@ cdk_pkt_read (cdk_stream_t inp, cdk_packet_t pkt)
+ pkt->pktlen + 1);
if (!pkt->pkt.user_id)
return CDK_Out_Of_Core;
- pkt->pkt.user_id->name = (char*)pkt->pkt.user_id +
sizeof(*pkt->pkt.user_id);
+ pkt->pkt.user_id->name =
+ (char *) pkt->pkt.user_id + sizeof (*pkt->pkt.user_id);
rc = read_user_id (inp, pktlen, pkt->pkt.user_id);
break;
diff --git a/lib/opencdk/sig-check.c b/lib/opencdk/sig-check.c
index d4e2c74..5dc9da6 100644
--- a/lib/opencdk/sig-check.c
+++ b/lib/opencdk/sig-check.c
@@ -542,8 +542,8 @@ cdk_pk_check_sigs (cdk_kbnode_t key, cdk_keydb_hd_t keydb,
int *r_status)
}
_cdk_log_debug ("signature %s: signer %08X keyid %08X\n",
- rc == CDK_Bad_Sig ? "BAD" : "good", (unsigned
int)sig->keyid[1],
- (unsigned int)keyid);
+ rc == CDK_Bad_Sig ? "BAD" : "good",
+ (unsigned int) sig->keyid[1], (unsigned int) keyid);
if (IS_UID_SIG (sig) && uid_name != NULL)
{
diff --git a/lib/opencdk/stream.c b/lib/opencdk/stream.c
index eaeb637..82f8155 100644
--- a/lib/opencdk/stream.c
+++ b/lib/opencdk/stream.c
@@ -1056,7 +1056,7 @@ cdk_stream_write (cdk_stream_t s, const void *buf, size_t
count)
memcpy (s->cache.buf, old, s->cache.size);
cdk_free (old);
_cdk_log_debug ("stream: enlarge cache to %d octets\n",
- (int)s->cache.alloced);
+ (int) s->cache.alloced);
}
memcpy (s->cache.buf + s->cache.size, buf, count);
s->cache.size += count;
@@ -1575,7 +1575,8 @@ _cdk_stream_set_blockmode (cdk_stream_t s, size_t nbytes)
{
assert (s);
- _cdk_log_debug ("stream: activate block mode with blocksize %d\n",
(int)nbytes);
+ _cdk_log_debug ("stream: activate block mode with blocksize %d\n",
+ (int) nbytes);
s->blkmode = nbytes;
return 0;
}
diff --git a/lib/opencdk/verify.c b/lib/opencdk/verify.c
index e6e560f..1b17940 100644
--- a/lib/opencdk/verify.c
+++ b/lib/opencdk/verify.c
@@ -58,7 +58,8 @@ struct
};
-static cdk_error_t file_verify_clearsign (cdk_ctx_t, const char *, const char
*);
+static cdk_error_t file_verify_clearsign (cdk_ctx_t, const char *,
+ const char *);
/**
diff --git a/lib/openpgp/gnutls_openpgp.c b/lib/openpgp/gnutls_openpgp.c
index fb50075..0f2a9e0 100644
--- a/lib/openpgp/gnutls_openpgp.c
+++ b/lib/openpgp/gnutls_openpgp.c
@@ -459,8 +459,8 @@ gnutls_certificate_set_openpgp_key_mem2
(gnutls_certificate_credentials_t res,
* Since: 2.4.0
**/
int
-gnutls_certificate_set_openpgp_key_file2 (gnutls_certificate_credentials_t res,
- const char *certfile,
+gnutls_certificate_set_openpgp_key_file2 (gnutls_certificate_credentials_t
+ res, const char *certfile,
const char *keyfile,
const char *subkey_id,
gnutls_openpgp_crt_fmt_t format)
@@ -566,8 +566,8 @@ gnutls_openpgp_count_key_names (const gnutls_datum_t * cert)
* negative error value.
**/
int
-gnutls_certificate_set_openpgp_keyring_file (gnutls_certificate_credentials_t
c,
- const char *file,
+gnutls_certificate_set_openpgp_keyring_file (gnutls_certificate_credentials_t
+ c, const char *file,
gnutls_openpgp_crt_fmt_t format)
{
gnutls_datum_t ring;
@@ -613,8 +613,8 @@ gnutls_certificate_set_openpgp_keyring_file
(gnutls_certificate_credentials_t c,
* negative error value.
**/
int
-gnutls_certificate_set_openpgp_keyring_mem (gnutls_certificate_credentials_t c,
- const opaque * data,
+gnutls_certificate_set_openpgp_keyring_mem (gnutls_certificate_credentials_t
+ c, const opaque * data,
size_t dlen,
gnutls_openpgp_crt_fmt_t format)
{
@@ -800,7 +800,7 @@ _gnutls_openpgp_crt_to_gcert (gnutls_cert * gcert,
gnutls_openpgp_crt_t cert)
memset (gcert, 0, sizeof (gnutls_cert));
gcert->cert_type = GNUTLS_CRT_OPENPGP;
- gcert->sign_algo = GNUTLS_SIGN_UNKNOWN; /* N/A here */
+ gcert->sign_algo = GNUTLS_SIGN_UNKNOWN; /* N/A here */
gcert->version = gnutls_openpgp_crt_get_version (cert);
gcert->params_size = MAX_PUBLIC_PARAMS_SIZE;
diff --git a/lib/openpgp/output.c b/lib/openpgp/output.c
index bd39584..58a6a1a 100644
--- a/lib/openpgp/output.c
+++ b/lib/openpgp/output.c
@@ -520,7 +520,8 @@ gnutls_openpgp_crt_print (gnutls_openpgp_crt_t cert,
print_oneline (&str, cert);
else
{
- _gnutls_string_append_str (&str, _("OpenPGP Certificate
Information:\n"));
+ _gnutls_string_append_str (&str,
+ _("OpenPGP Certificate Information:\n"));
print_cert (&str, cert);
}
diff --git a/lib/openpgp/pgp.c b/lib/openpgp/pgp.c
index aa2a235..0d62b36 100644
--- a/lib/openpgp/pgp.c
+++ b/lib/openpgp/pgp.c
@@ -200,11 +200,11 @@ _gnutls_openpgp_export (cdk_kbnode_t node,
*output_data_size = calc_size;
if (rc)
- {
- rc = _gnutls_map_cdk_rc (rc);
- gnutls_assert ();
- return rc;
- }
+ {
+ rc = _gnutls_map_cdk_rc (rc);
+ gnutls_assert ();
+ return rc;
+ }
}
return 0;
@@ -363,7 +363,7 @@ gnutls_openpgp_crt_get_name (gnutls_openpgp_crt_t key,
if (buf)
{
memcpy (buf, uid->name, uid->len);
- buf[uid->len] = '\0'; /* make sure it's a string */
+ buf[uid->len] = '\0'; /* make sure it's a string */
}
*sizeof_buf = uid->len + 1;
diff --git a/lib/x509/crq.c b/lib/x509/crq.c
index 74fa842..0702a2c 100644
--- a/lib/x509/crq.c
+++ b/lib/x509/crq.c
@@ -791,9 +791,7 @@ gnutls_x509_crq_set_key (gnutls_x509_crq_t crq,
gnutls_x509_privkey_t key)
result = _gnutls_x509_encode_and_copy_PKI_params
(crq->crq,
"certificationRequestInfo.subjectPKInfo",
- key->pk_algorithm,
- key->params,
- key->params_size);
+ key->pk_algorithm, key->params, key->params_size);
if (result < 0)
{
@@ -923,9 +921,7 @@ gnutls_x509_crq_set_key_rsa_raw (gnutls_x509_crq_t crq,
result = _gnutls_x509_encode_and_copy_PKI_params
(crq->crq,
"certificationRequestInfo.subjectPKInfo",
- GNUTLS_PK_RSA,
- temp_params,
- RSA_PUBLIC_PARAMS);
+ GNUTLS_PK_RSA, temp_params, RSA_PUBLIC_PARAMS);
if (result < 0)
{
@@ -977,8 +973,7 @@ gnutls_x509_crq_set_challenge_password (gnutls_x509_crq_t
crq,
result = _gnutls_x509_encode_and_write_attribute
("1.2.840.113549.1.9.7", crq->crq,
- "certificationRequestInfo.attributes.?LAST",
- pass, strlen (pass), 1);
+ "certificationRequestInfo.attributes.?LAST", pass, strlen (pass), 1);
if (result < 0)
{
gnutls_assert ();
@@ -1400,7 +1395,7 @@ gnutls_x509_crq_get_extension_info (gnutls_x509_crq_t
crq, int indx,
result = 0;
- out:
+out:
gnutls_free (extensions);
return result;
}
@@ -1652,8 +1647,7 @@ get_subject_alt_name (gnutls_x509_crq_t crq,
/* Extract extension.
*/
result = gnutls_x509_crq_get_extension_by_oid (crq, "2.5.29.17", 0,
- NULL, &dns_size,
- critical);
+ NULL, &dns_size, critical);
if (result < 0)
{
gnutls_assert ();
@@ -2093,8 +2087,7 @@ gnutls_x509_crq_get_key_purpose_oid (gnutls_x509_crq_t
crq,
/* Extract extension.
*/
result = gnutls_x509_crq_get_extension_by_oid (crq, "2.5.29.37", 0,
- NULL, &prev_size,
- critical);
+ NULL, &prev_size, critical);
prev.size = prev_size;
if (result < 0)
@@ -2193,8 +2186,7 @@ gnutls_x509_crq_set_key_purpose_oid (gnutls_x509_crq_t
crq,
/* Read existing extension, if there is one.
*/
result = gnutls_x509_crq_get_extension_by_oid (crq, "2.5.29.37", 0,
- NULL, &prev_size,
- &critical);
+ NULL, &prev_size, &critical);
prev.size = prev_size;
switch (result)
@@ -2418,8 +2410,9 @@ gnutls_x509_crq_get_key_id (gnutls_x509_crq_t crq,
unsigned int flags,
}
pubkey.size = 0;
- result = asn1_der_coding (crq->crq, "certificationRequestInfo.subjectPKInfo",
- NULL, &pubkey.size, NULL);
+ result =
+ asn1_der_coding (crq->crq, "certificationRequestInfo.subjectPKInfo", NULL,
+ &pubkey.size, NULL);
if (result != ASN1_MEM_ERROR)
{
gnutls_assert ();
@@ -2433,8 +2426,9 @@ gnutls_x509_crq_get_key_id (gnutls_x509_crq_t crq,
unsigned int flags,
return GNUTLS_E_MEMORY_ERROR;
}
- result = asn1_der_coding (crq->crq, "certificationRequestInfo.subjectPKInfo",
- pubkey.data, &pubkey.size, NULL);
+ result =
+ asn1_der_coding (crq->crq, "certificationRequestInfo.subjectPKInfo",
+ pubkey.data, &pubkey.size, NULL);
if (result != ASN1_SUCCESS)
{
gnutls_assert ();
diff --git a/lib/x509/dn.c b/lib/x509/dn.c
index daf14df..89b84bd 100644
--- a/lib/x509/dn.c
+++ b/lib/x509/dn.c
@@ -308,7 +308,7 @@ _gnutls_x509_parse_dn (ASN1_TYPE asn1_struct,
if (buf)
{
- _gnutls_string_get_data( &out_str, buf, sizeof_buf);
+ _gnutls_string_get_data (&out_str, buf, sizeof_buf);
buf[*sizeof_buf] = 0;
}
else
@@ -997,7 +997,7 @@ gnutls_x509_dn_import (gnutls_x509_dn_t dn, const
gnutls_datum_t * data)
int result;
char err[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
- result = asn1_der_decoding ((ASN1_TYPE *) &dn,
+ result = asn1_der_decoding ((ASN1_TYPE *) & dn,
data->data, data->size, err);
if (result != ASN1_SUCCESS)
{
@@ -1022,7 +1022,7 @@ gnutls_x509_dn_import (gnutls_x509_dn_t dn, const
gnutls_datum_t * data)
void
gnutls_x509_dn_deinit (gnutls_x509_dn_t dn)
{
- asn1_delete_structure ((ASN1_TYPE *) &dn);
+ asn1_delete_structure ((ASN1_TYPE *) & dn);
}
/**
diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c
index 6bfb402..18d455d 100644
--- a/lib/x509/pkcs12.c
+++ b/lib/x509/pkcs12.c
@@ -52,7 +52,7 @@ _decode_pkcs12_auth_safe (ASN1_TYPE pkcs12, ASN1_TYPE *
authen_safe,
gnutls_datum_t auth_safe = { NULL, 0 };
int len, result;
char error_str[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
-
+
len = sizeof (oid) - 1;
result = asn1_read_value (pkcs12, "authSafe.contentType", oid, &len);
if (result != ASN1_SUCCESS)
@@ -95,7 +95,7 @@ _decode_pkcs12_auth_safe (ASN1_TYPE pkcs12, ASN1_TYPE *
authen_safe,
if (result != ASN1_SUCCESS)
{
gnutls_assert ();
- _gnutls_x509_log("DER error: %s\n", error_str);
+ _gnutls_x509_log ("DER error: %s\n", error_str);
result = _gnutls_asn2err (result);
goto cleanup;
}
@@ -233,11 +233,12 @@ gnutls_pkcs12_import (gnutls_pkcs12_t pkcs12,
need_free = 1;
}
- result = asn1_der_decoding (&pkcs12->pkcs12, _data.data, _data.size,
error_str);
+ result =
+ asn1_der_decoding (&pkcs12->pkcs12, _data.data, _data.size, error_str);
if (result != ASN1_SUCCESS)
{
result = _gnutls_asn2err (result);
- _gnutls_x509_log("DER error: %s\n", error_str);
+ _gnutls_x509_log ("DER error: %s\n", error_str);
gnutls_assert ();
goto cleanup;
}
@@ -427,7 +428,8 @@ _pkcs12_decode_safe_contents (const gnutls_datum_t *
content,
goto cleanup;
}
- if (bag_type == GNUTLS_BAG_CERTIFICATE || bag_type == GNUTLS_BAG_CRL ||
bag_type == GNUTLS_BAG_SECRET)
+ if (bag_type == GNUTLS_BAG_CERTIFICATE || bag_type == GNUTLS_BAG_CRL
+ || bag_type == GNUTLS_BAG_SECRET)
{
gnutls_datum_t tmp = bag->element[i].data;
diff --git a/lib/x509/pkcs12_bag.c b/lib/x509/pkcs12_bag.c
index 9ed23af..42ff1b4 100644
--- a/lib/x509/pkcs12_bag.c
+++ b/lib/x509/pkcs12_bag.c
@@ -182,90 +182,90 @@ _pkcs12_decode_crt_bag (gnutls_pkcs12_bag_type_t type,
int ret;
ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
- switch(type)
+ switch (type)
{
- case GNUTLS_BAG_CERTIFICATE:
- if ((ret = asn1_create_element (_gnutls_get_pkix (),
+ case GNUTLS_BAG_CERTIFICATE:
+ if ((ret = asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-12-CertBag",
&c2)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = asn1_der_decoding (&c2, in->data, in->size, NULL);
- if (ret != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = _gnutls_x509_read_value (c2, "certValue", out, 1);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
- break;
-
- case GNUTLS_BAG_CRL:
- if ((ret = asn1_create_element (_gnutls_get_pkix (),
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = asn1_der_decoding (&c2, in->data, in->size, NULL);
+ if (ret != ASN1_SUCCESS)
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = _gnutls_x509_read_value (c2, "certValue", out, 1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ goto cleanup;
+ }
+ break;
+
+ case GNUTLS_BAG_CRL:
+ if ((ret = asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-12-CRLBag",
&c2)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = asn1_der_decoding (&c2, in->data, in->size, NULL);
- if (ret != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = _gnutls_x509_read_value (c2, "crlValue", out, 1);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
- break;
-
- case GNUTLS_BAG_SECRET:
- if ((ret = asn1_create_element (_gnutls_get_pkix (),
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = asn1_der_decoding (&c2, in->data, in->size, NULL);
+ if (ret != ASN1_SUCCESS)
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = _gnutls_x509_read_value (c2, "crlValue", out, 1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ goto cleanup;
+ }
+ break;
+
+ case GNUTLS_BAG_SECRET:
+ if ((ret = asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-12-SecretBag",
&c2)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = asn1_der_decoding (&c2, in->data, in->size, NULL);
- if (ret != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = _gnutls_x509_read_value (c2, "secretValue", out, 1);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
- break;
-
- default:
- gnutls_assert();
- asn1_delete_structure (&c2);
- return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = asn1_der_decoding (&c2, in->data, in->size, NULL);
+ if (ret != ASN1_SUCCESS)
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = _gnutls_x509_read_value (c2, "secretValue", out, 1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ goto cleanup;
+ }
+ break;
+
+ default:
+ gnutls_assert ();
+ asn1_delete_structure (&c2);
+ return GNUTLS_E_UNIMPLEMENTED_FEATURE;
}
asn1_delete_structure (&c2);
@@ -287,90 +287,90 @@ _pkcs12_encode_crt_bag (gnutls_pkcs12_bag_type_t type,
int ret;
ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
- switch(type)
+ switch (type)
{
- case GNUTLS_BAG_CERTIFICATE:
- if ((ret = asn1_create_element (_gnutls_get_pkix (),
+ case GNUTLS_BAG_CERTIFICATE:
+ if ((ret = asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-12-CertBag",
&c2)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = asn1_write_value (c2, "certId", X509_CERT_OID, 1);
- if (ret != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = _gnutls_x509_write_value (c2, "certValue", raw, 1);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
- break;
-
- case GNUTLS_BAG_CRL:
- if ((ret = asn1_create_element (_gnutls_get_pkix (),
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = asn1_write_value (c2, "certId", X509_CERT_OID, 1);
+ if (ret != ASN1_SUCCESS)
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = _gnutls_x509_write_value (c2, "certValue", raw, 1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ goto cleanup;
+ }
+ break;
+
+ case GNUTLS_BAG_CRL:
+ if ((ret = asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-12-CRLBag",
&c2)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = asn1_write_value (c2, "crlId", X509_CRL_OID, 1);
- if (ret != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = _gnutls_x509_write_value (c2, "crlValue", raw, 1);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
- break;
-
- case GNUTLS_BAG_SECRET:
- if ((ret = asn1_create_element (_gnutls_get_pkix (),
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = asn1_write_value (c2, "crlId", X509_CRL_OID, 1);
+ if (ret != ASN1_SUCCESS)
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = _gnutls_x509_write_value (c2, "crlValue", raw, 1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ goto cleanup;
+ }
+ break;
+
+ case GNUTLS_BAG_SECRET:
+ if ((ret = asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-12-SecretBag",
&c2)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = asn1_write_value (c2, "secretTypeId", RANDOM_NONCE_OID, 1);
- if (ret != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = _gnutls_x509_write_value (c2, "secretValue", raw, 1);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
- break;
-
- default:
- gnutls_assert();
- asn1_delete_structure (&c2);
- return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = asn1_write_value (c2, "secretTypeId", RANDOM_NONCE_OID, 1);
+ if (ret != ASN1_SUCCESS)
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = _gnutls_x509_write_value (c2, "secretValue", raw, 1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ goto cleanup;
+ }
+ break;
+
+ default:
+ gnutls_assert ();
+ asn1_delete_structure (&c2);
+ return GNUTLS_E_UNIMPLEMENTED_FEATURE;
}
ret = _gnutls_x509_der_encode (c2, "", out, 0);
@@ -805,7 +805,7 @@ gnutls_pkcs12_bag_encrypt (gnutls_pkcs12_bag_t bag, const
char *pass,
return GNUTLS_E_INVALID_REQUEST;
}
- id = _gnutls_pkcs_flags_to_schema(flags);
+ id = _gnutls_pkcs_flags_to_schema (flags);
/* Now encrypt them.
*/
diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c
index fa14858..24dce8b 100644
--- a/lib/x509/privkey_pkcs8.c
+++ b/lib/x509/privkey_pkcs8.c
@@ -108,7 +108,7 @@ check_schema (const char *oid)
{
if (strcmp (oid, PBES2_OID) == 0)
- return PBES2_GENERIC; /* ok */
+ return PBES2_GENERIC; /* ok */
if (strcmp (oid, PKCS12_PBE_3DES_SHA1_OID) == 0)
return PKCS12_3DES_SHA1;
@@ -362,86 +362,96 @@ error:
}
-static const char* cipher_to_pkcs_params(int cipher, const char** oid)
+static const char *
+cipher_to_pkcs_params (int cipher, const char **oid)
{
- switch(cipher)
- {
- case GNUTLS_CIPHER_AES_128_CBC:
- if (oid) *oid = AES_128_CBC_OID;
- return "PKIX1.pkcs-5-aes128-CBC-params";
- break;
- case GNUTLS_CIPHER_AES_192_CBC:
- if (oid) *oid = AES_192_CBC_OID;
- return "PKIX1.pkcs-5-aes192-CBC-params";
- break;
- case GNUTLS_CIPHER_AES_256_CBC:
- if (oid) *oid = AES_256_CBC_OID;
- return "PKIX1.pkcs-5-aes256-CBC-params";
- break;
- case GNUTLS_CIPHER_3DES_CBC:
- if (oid) *oid = DES_EDE3_CBC_OID;
- return "PKIX1.pkcs-5-des-EDE3-CBC-params";
- break;
- default:
- return NULL;
- break;
+ switch (cipher)
+ {
+ case GNUTLS_CIPHER_AES_128_CBC:
+ if (oid)
+ *oid = AES_128_CBC_OID;
+ return "PKIX1.pkcs-5-aes128-CBC-params";
+ break;
+ case GNUTLS_CIPHER_AES_192_CBC:
+ if (oid)
+ *oid = AES_192_CBC_OID;
+ return "PKIX1.pkcs-5-aes192-CBC-params";
+ break;
+ case GNUTLS_CIPHER_AES_256_CBC:
+ if (oid)
+ *oid = AES_256_CBC_OID;
+ return "PKIX1.pkcs-5-aes256-CBC-params";
+ break;
+ case GNUTLS_CIPHER_3DES_CBC:
+ if (oid)
+ *oid = DES_EDE3_CBC_OID;
+ return "PKIX1.pkcs-5-des-EDE3-CBC-params";
+ break;
+ default:
+ return NULL;
+ break;
}
}
-static int cipher_to_schema(int cipher)
+static int
+cipher_to_schema (int cipher)
{
- switch(cipher)
- {
- case GNUTLS_CIPHER_AES_128_CBC:
- return PBES2_AES_128;
- break;
- case GNUTLS_CIPHER_AES_192_CBC:
- return PBES2_AES_192;
- break;
- case GNUTLS_CIPHER_AES_256_CBC:
- return PBES2_AES_256;
- break;
- case GNUTLS_CIPHER_3DES_CBC:
- return PBES2_3DES;
- break;
- default:
- return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
- break;
+ switch (cipher)
+ {
+ case GNUTLS_CIPHER_AES_128_CBC:
+ return PBES2_AES_128;
+ break;
+ case GNUTLS_CIPHER_AES_192_CBC:
+ return PBES2_AES_192;
+ break;
+ case GNUTLS_CIPHER_AES_256_CBC:
+ return PBES2_AES_256;
+ break;
+ case GNUTLS_CIPHER_3DES_CBC:
+ return PBES2_3DES;
+ break;
+ default:
+ return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
+ break;
}
}
-int _gnutls_pkcs_flags_to_schema(unsigned int flags)
+int
+_gnutls_pkcs_flags_to_schema (unsigned int flags)
{
-int schema;
-
- if (flags & GNUTLS_PKCS_USE_PKCS12_ARCFOUR)
- schema = PKCS12_ARCFOUR_SHA1;
- else if (flags & GNUTLS_PKCS_USE_PKCS12_RC2_40)
- schema = PKCS12_RC2_40_SHA1;
- else if (flags & GNUTLS_PKCS_USE_PBES2_3DES)
- schema = PBES2_3DES;
- else if (flags & GNUTLS_PKCS_USE_PBES2_AES_128)
- schema = PBES2_AES_128;
- else if (flags & GNUTLS_PKCS_USE_PBES2_AES_192)
- schema = PBES2_AES_192;
- else if (flags & GNUTLS_PKCS_USE_PBES2_AES_256)
- schema = PBES2_AES_256;
- else {
- gnutls_assert();
+ int schema;
+
+ if (flags & GNUTLS_PKCS_USE_PKCS12_ARCFOUR)
+ schema = PKCS12_ARCFOUR_SHA1;
+ else if (flags & GNUTLS_PKCS_USE_PKCS12_RC2_40)
+ schema = PKCS12_RC2_40_SHA1;
+ else if (flags & GNUTLS_PKCS_USE_PBES2_3DES)
+ schema = PBES2_3DES;
+ else if (flags & GNUTLS_PKCS_USE_PBES2_AES_128)
+ schema = PBES2_AES_128;
+ else if (flags & GNUTLS_PKCS_USE_PBES2_AES_192)
+ schema = PBES2_AES_192;
+ else if (flags & GNUTLS_PKCS_USE_PBES2_AES_256)
+ schema = PBES2_AES_256;
+ else
+ {
+ gnutls_assert ();
_gnutls_x509_log
- ("Selecting default encryption PKCS12_3DES_SHA1 (flags: %u).\n", flags);
+ ("Selecting default encryption PKCS12_3DES_SHA1 (flags: %u).\n",
+ flags);
schema = PKCS12_3DES_SHA1;
}
- return schema;
+ return schema;
}
/* returns the OID corresponding to given schema
*/
-static int schema_to_oid(schema_id schema, const char** str_oid)
+static int
+schema_to_oid (schema_id schema, const char **str_oid)
{
-int result = 0;
+ int result = 0;
switch (schema)
{
@@ -461,11 +471,11 @@ int result = 0;
*str_oid = PKCS12_PBE_RC2_40_SHA1_OID;
break;
default:
- gnutls_assert();
+ gnutls_assert ();
result = GNUTLS_E_INTERNAL_ERROR;
}
-
- return result;
+
+ return result;
}
/* Converts a PKCS #8 private key info to
@@ -481,7 +491,7 @@ encode_to_pkcs8_key (schema_id schema, const gnutls_datum_t
* der_key,
ASN1_TYPE pkcs8_asn = ASN1_TYPE_EMPTY;
struct pbkdf2_params kdf_params;
struct pbe_enc_params enc_params;
- const char* str_oid;
+ const char *str_oid;
if ((result =
@@ -496,16 +506,15 @@ encode_to_pkcs8_key (schema_id schema, const
gnutls_datum_t * der_key,
/* Write the encryption schema OID
*/
- result = schema_to_oid(schema, &str_oid);
+ result = schema_to_oid (schema, &str_oid);
if (result < 0)
{
- gnutls_assert();
+ gnutls_assert ();
return result;
}
result =
- asn1_write_value (pkcs8_asn, "encryptionAlgorithm.algorithm",
- str_oid, 1);
+ asn1_write_value (pkcs8_asn, "encryptionAlgorithm.algorithm", str_oid, 1);
if (result != ASN1_SUCCESS)
{
@@ -628,7 +637,7 @@ gnutls_x509_privkey_export_pkcs8 (gnutls_x509_privkey_t key,
return ret;
}
- schema = _gnutls_pkcs_flags_to_schema(flags);
+ schema = _gnutls_pkcs_flags_to_schema (flags);
if ((flags & GNUTLS_PKCS_PLAIN) || password == NULL)
{
@@ -669,7 +678,7 @@ gnutls_x509_privkey_export_pkcs8 (gnutls_x509_privkey_t key,
* schema ID.
*/
static int
-read_pkcs_schema_params (schema_id *schema, const char *password,
+read_pkcs_schema_params (schema_id * schema, const char *password,
const opaque * data, int data_size,
struct pbkdf2_params *kdf_params,
struct pbe_enc_params *enc_params)
@@ -726,14 +735,14 @@ read_pkcs_schema_params (schema_id *schema, const char
*password,
}
asn1_delete_structure (&pbes2_asn);
-
- result = cipher_to_schema(enc_params->cipher);
+
+ result = cipher_to_schema (enc_params->cipher);
if (result < 0)
- {
- gnutls_assert();
- goto error;
- }
-
+ {
+ gnutls_assert ();
+ goto error;
+ }
+
*schema = result;
return 0;
@@ -803,9 +812,9 @@ read_pkcs_schema_params (schema_id *schema, const char
*password,
asn1_delete_structure (&pbes2_asn);
return 0;
-
- default:
- gnutls_assert();
+
+ default:
+ gnutls_assert ();
} /* switch */
return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
@@ -893,7 +902,7 @@ decode_pkcs8_key (const gnutls_datum_t * raw_key,
if (result < 0)
{
- gnutls_assert();
+ gnutls_assert ();
goto error;
}
@@ -1443,26 +1452,22 @@ oid2cipher (const char *oid, gnutls_cipher_algorithm_t
* algo)
*algo = GNUTLS_CIPHER_3DES_CBC;
return 0;
}
- else
- if (strcmp (oid, DES_CBC_OID) == 0)
+ else if (strcmp (oid, DES_CBC_OID) == 0)
{
*algo = GNUTLS_CIPHER_DES_CBC;
return 0;
}
- else
- if (strcmp (oid, AES_128_CBC_OID) == 0)
+ else if (strcmp (oid, AES_128_CBC_OID) == 0)
{
*algo = GNUTLS_CIPHER_AES_128_CBC;
return 0;
}
- else
- if (strcmp (oid, AES_192_CBC_OID) == 0)
+ else if (strcmp (oid, AES_192_CBC_OID) == 0)
{
*algo = GNUTLS_CIPHER_AES_192_CBC;
return 0;
}
- else
- if (strcmp (oid, AES_256_CBC_OID) == 0)
+ else if (strcmp (oid, AES_256_CBC_OID) == 0)
{
*algo = GNUTLS_CIPHER_AES_256_CBC;
return 0;
@@ -1483,7 +1488,7 @@ read_pbe_enc_params (ASN1_TYPE pbes2_asn,
int params_len, len, result;
ASN1_TYPE pbe_asn = ASN1_TYPE_EMPTY;
char oid[64];
- const char* eparams;
+ const char *eparams;
memset (params, 0, sizeof (params));
@@ -1518,17 +1523,16 @@ read_pbe_enc_params (ASN1_TYPE pbes2_asn,
/* Now check the encryption parameters.
*/
- eparams = cipher_to_pkcs_params( params->cipher, NULL);
+ eparams = cipher_to_pkcs_params (params->cipher, NULL);
if (eparams == NULL)
{
- gnutls_assert();
+ gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
if ((result =
asn1_create_element (_gnutls_get_pkix (),
- eparams,
- &pbe_asn)) != ASN1_SUCCESS)
+ eparams, &pbe_asn)) != ASN1_SUCCESS)
{
gnutls_assert ();
return _gnutls_asn2err (result);
@@ -1617,35 +1621,35 @@ decrypt_data (schema_id schema, ASN1_TYPE pkcs8_asn,
/* generate the key
*/
- switch(schema)
+ switch (schema)
{
- case PBES2_3DES:
- case PBES2_AES_128:
- case PBES2_AES_192:
- case PBES2_AES_256:
+ case PBES2_3DES:
+ case PBES2_AES_128:
+ case PBES2_AES_192:
+ case PBES2_AES_256:
- result = _gnutls_pbkdf2_sha1 (password, strlen (password),
+ result = _gnutls_pbkdf2_sha1 (password, strlen (password),
kdf_params->salt, kdf_params->salt_size,
kdf_params->iter_count, key, key_size);
- if (result < 0)
- {
- gnutls_assert ();
- goto error;
- }
- break;
- default:
- result =
- _gnutls_pkcs12_string_to_key (1 /*KEY*/, kdf_params->salt,
- kdf_params->salt_size,
+ if (result < 0)
+ {
+ gnutls_assert ();
+ goto error;
+ }
+ break;
+ default:
+ result =
+ _gnutls_pkcs12_string_to_key (1 /*KEY*/, kdf_params->salt,
+ kdf_params->salt_size,
kdf_params->iter_count, password,
key_size, key);
- if (result < 0)
- {
- gnutls_assert ();
- goto error;
- }
+ if (result < 0)
+ {
+ gnutls_assert ();
+ goto error;
+ }
}
/* do the decryption.
@@ -1810,20 +1814,18 @@ write_pbe_enc_params (ASN1_TYPE pbes2_asn,
{
int result;
ASN1_TYPE pbe_asn = ASN1_TYPE_EMPTY;
- const char* oid, *eparams;
+ const char *oid, *eparams;
/* Write the encryption algorithm
*/
- eparams = cipher_to_pkcs_params(params->cipher, &oid);
+ eparams = cipher_to_pkcs_params (params->cipher, &oid);
if (eparams == NULL)
{
- gnutls_assert();
+ gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
- result =
- asn1_write_value (pbes2_asn, "encryptionScheme.algorithm",
- oid, 1);
+ result = asn1_write_value (pbes2_asn, "encryptionScheme.algorithm", oid, 1);
if (result != ASN1_SUCCESS)
{
gnutls_assert ();
@@ -1835,8 +1837,7 @@ write_pbe_enc_params (ASN1_TYPE pbes2_asn,
*/
if ((result =
asn1_create_element (_gnutls_get_pkix (),
- eparams,
- &pbe_asn)) != ASN1_SUCCESS)
+ eparams, &pbe_asn)) != ASN1_SUCCESS)
{
gnutls_assert ();
return _gnutls_asn2err (result);
@@ -1895,36 +1896,36 @@ generate_key (schema_id schema,
kdf_params->salt_size =
MIN (sizeof (kdf_params->salt), (unsigned) (10 + (rnd[1] % 10)));
- switch(schema)
- {
- case PBES2_3DES:
- enc_params->cipher = GNUTLS_CIPHER_3DES_CBC;
- break;
- case PBES2_AES_128:
- enc_params->cipher = GNUTLS_CIPHER_AES_128_CBC;
- break;
- case PBES2_AES_192:
- enc_params->cipher = GNUTLS_CIPHER_AES_192_CBC;
- break;
- case PBES2_AES_256:
- enc_params->cipher = GNUTLS_CIPHER_AES_256_CBC;
- break;
+ switch (schema)
+ {
+ case PBES2_3DES:
+ enc_params->cipher = GNUTLS_CIPHER_3DES_CBC;
+ break;
+ case PBES2_AES_128:
+ enc_params->cipher = GNUTLS_CIPHER_AES_128_CBC;
+ break;
+ case PBES2_AES_192:
+ enc_params->cipher = GNUTLS_CIPHER_AES_192_CBC;
+ break;
+ case PBES2_AES_256:
+ enc_params->cipher = GNUTLS_CIPHER_AES_256_CBC;
+ break;
/* non PBES2 algorithms */
- case PKCS12_ARCFOUR_SHA1:
- enc_params->cipher = GNUTLS_CIPHER_ARCFOUR_128;
- kdf_params->salt_size = 8;
- break;
- case PKCS12_3DES_SHA1:
- enc_params->cipher = GNUTLS_CIPHER_3DES_CBC;
- kdf_params->salt_size = 8;
- break;
- case PKCS12_RC2_40_SHA1:
- enc_params->cipher = GNUTLS_CIPHER_RC2_40_CBC;
- kdf_params->salt_size = 8;
- break;
- default:
- gnutls_assert();
- return GNUTLS_E_INVALID_REQUEST;
+ case PKCS12_ARCFOUR_SHA1:
+ enc_params->cipher = GNUTLS_CIPHER_ARCFOUR_128;
+ kdf_params->salt_size = 8;
+ break;
+ case PKCS12_3DES_SHA1:
+ enc_params->cipher = GNUTLS_CIPHER_3DES_CBC;
+ kdf_params->salt_size = 8;
+ break;
+ case PKCS12_RC2_40_SHA1:
+ enc_params->cipher = GNUTLS_CIPHER_RC2_40_CBC;
+ kdf_params->salt_size = 8;
+ break;
+ default:
+ gnutls_assert ();
+ return GNUTLS_E_INVALID_REQUEST;
}
ret = _gnutls_rnd (GNUTLS_RND_RANDOM, kdf_params->salt,
@@ -1950,63 +1951,63 @@ generate_key (schema_id schema,
/* now generate the key.
*/
- switch(schema)
+ switch (schema)
{
- case PBES2_3DES:
- case PBES2_AES_128:
- case PBES2_AES_192:
- case PBES2_AES_256:
+ case PBES2_3DES:
+ case PBES2_AES_128:
+ case PBES2_AES_192:
+ case PBES2_AES_256:
- ret = _gnutls_pbkdf2_sha1 (password, strlen (password),
+ ret = _gnutls_pbkdf2_sha1 (password, strlen (password),
kdf_params->salt, kdf_params->salt_size,
kdf_params->iter_count,
key->data, kdf_params->key_size);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- if (enc_params->iv_size)
- {
- ret = _gnutls_rnd (GNUTLS_RND_NONCE,
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
+
+ if (enc_params->iv_size)
+ {
+ ret = _gnutls_rnd (GNUTLS_RND_NONCE,
enc_params->iv, enc_params->iv_size);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
- }
- break;
-
- default:
- ret =
- _gnutls_pkcs12_string_to_key (1 /*KEY*/, kdf_params->salt,
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
+ }
+ break;
+
+ default:
+ ret =
+ _gnutls_pkcs12_string_to_key (1 /*KEY*/, kdf_params->salt,
kdf_params->salt_size,
kdf_params->iter_count, password,
kdf_params->key_size, key->data);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- /* Now generate the IV
- */
- if (enc_params->iv_size)
- {
- ret =
- _gnutls_pkcs12_string_to_key (2 /*IV*/, kdf_params->salt,
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
+
+ /* Now generate the IV
+ */
+ if (enc_params->iv_size)
+ {
+ ret =
+ _gnutls_pkcs12_string_to_key (2 /*IV*/, kdf_params->salt,
kdf_params->salt_size,
kdf_params->iter_count, password,
enc_params->iv_size,
enc_params->iv);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
- }
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
+ }
}
@@ -2026,74 +2027,74 @@ write_schema_params (schema_id schema, ASN1_TYPE
pkcs8_asn,
int result;
ASN1_TYPE pbes2_asn = ASN1_TYPE_EMPTY;
- switch(schema)
+ switch (schema)
{
- case PBES2_3DES:
- case PBES2_AES_128:
- case PBES2_AES_192:
- case PBES2_AES_256:
- if ((result =
+ case PBES2_3DES:
+ case PBES2_AES_128:
+ case PBES2_AES_192:
+ case PBES2_AES_256:
+ if ((result =
asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-5-PBES2-params",
&pbes2_asn)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- return _gnutls_asn2err (result);
- }
-
- result = write_pbkdf2_params (pbes2_asn, kdf_params);
- if (result < 0)
- {
- gnutls_assert ();
- goto error;
- }
-
- result = write_pbe_enc_params (pbes2_asn, enc_params);
- if (result < 0)
- {
- gnutls_assert ();
- goto error;
- }
-
- result = _gnutls_x509_der_encode_and_copy (pbes2_asn, "",
+ {
+ gnutls_assert ();
+ return _gnutls_asn2err (result);
+ }
+
+ result = write_pbkdf2_params (pbes2_asn, kdf_params);
+ if (result < 0)
+ {
+ gnutls_assert ();
+ goto error;
+ }
+
+ result = write_pbe_enc_params (pbes2_asn, enc_params);
+ if (result < 0)
+ {
+ gnutls_assert ();
+ goto error;
+ }
+
+ result = _gnutls_x509_der_encode_and_copy (pbes2_asn, "",
pkcs8_asn, where, 0);
- if (result < 0)
- {
- gnutls_assert ();
- goto error;
- }
-
- asn1_delete_structure (&pbes2_asn);
- break;
-
- default:
-
- if ((result =
+ if (result < 0)
+ {
+ gnutls_assert ();
+ goto error;
+ }
+
+ asn1_delete_structure (&pbes2_asn);
+ break;
+
+ default:
+
+ if ((result =
asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-12-PbeParams",
&pbes2_asn)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- result = _gnutls_asn2err (result);
- goto error;
- }
-
- result = write_pkcs12_kdf_params (pbes2_asn, kdf_params);
- if (result < 0)
- {
- gnutls_assert ();
- goto error;
- }
-
- result = _gnutls_x509_der_encode_and_copy (pbes2_asn, "",
+ {
+ gnutls_assert ();
+ result = _gnutls_asn2err (result);
+ goto error;
+ }
+
+ result = write_pkcs12_kdf_params (pbes2_asn, kdf_params);
+ if (result < 0)
+ {
+ gnutls_assert ();
+ goto error;
+ }
+
+ result = _gnutls_x509_der_encode_and_copy (pbes2_asn, "",
pkcs8_asn, where, 0);
- if (result < 0)
- {
- gnutls_assert ();
- goto error;
- }
+ if (result < 0)
+ {
+ gnutls_assert ();
+ goto error;
+ }
- asn1_delete_structure (&pbes2_asn);
+ asn1_delete_structure (&pbes2_asn);
}
@@ -2297,7 +2298,7 @@ _gnutls_pkcs7_encrypt_data (schema_id schema,
ASN1_TYPE pkcs7_asn = ASN1_TYPE_EMPTY;
struct pbkdf2_params kdf_params;
struct pbe_enc_params enc_params;
- const char* str_oid;
+ const char *str_oid;
if ((result =
asn1_create_element (_gnutls_get_pkix (),
@@ -2311,17 +2312,17 @@ _gnutls_pkcs7_encrypt_data (schema_id schema,
/* Write the encryption schema OID
*/
- result = schema_to_oid(schema, &str_oid);
+ result = schema_to_oid (schema, &str_oid);
if (result < 0)
{
- gnutls_assert();
+ gnutls_assert ();
return result;
}
result =
- asn1_write_value (pkcs7_asn,
- "encryptedContentInfo.contentEncryptionAlgorithm.algorithm",
- str_oid, 1);
+ asn1_write_value (pkcs7_asn,
+
"encryptedContentInfo.contentEncryptionAlgorithm.algorithm",
+ str_oid, 1);
if (result != ASN1_SUCCESS)
{
diff --git a/lib/x509/verify.c b/lib/x509/verify.c
index 8120da6..2f8bc5c 100644
--- a/lib/x509/verify.c
+++ b/lib/x509/verify.c
@@ -55,7 +55,9 @@ static int _gnutls_verify_crl2 (gnutls_x509_crl_t crl,
static int
check_if_same_cert (gnutls_x509_crt_t cert1, gnutls_x509_crt_t cert2)
{
- gnutls_datum_t cert1bin = { NULL, 0 }, cert2bin = { NULL, 0 };
+ gnutls_datum_t cert1bin = { NULL, 0 }, cert2bin =
+ {
+ NULL, 0};
int result;
result = _gnutls_x509_der_encode (cert1->cert, "", &cert1bin, 0);
@@ -78,7 +80,7 @@ check_if_same_cert (gnutls_x509_crt_t cert1,
gnutls_x509_crt_t cert2)
else
result = 1;
- cleanup:
+cleanup:
_gnutls_free_datum (&cert1bin);
_gnutls_free_datum (&cert2bin);
return result;
@@ -427,7 +429,7 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t *
certificate_list,
* MD2 algorithm.
*/
if (gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1],
- certificate_list[clist_size - 1]) > 0)
+ certificate_list[clist_size - 1]) > 0)
{
clist_size--;
}
@@ -502,7 +504,7 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t *
certificate_list,
for (i = 0; i < clist_size; i++)
{
t = gnutls_x509_crt_get_activation_time (certificate_list[i]);
- if (t == (time_t) -1 || now < t)
+ if (t == (time_t) - 1 || now < t)
{
status |= GNUTLS_CERT_NOT_ACTIVATED;
status |= GNUTLS_CERT_INVALID;
@@ -510,7 +512,7 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t *
certificate_list,
}
t = gnutls_x509_crt_get_expiration_time (certificate_list[i]);
- if (t == (time_t) -1 || now > t)
+ if (t == (time_t) - 1 || now > t)
{
status |= GNUTLS_CERT_EXPIRED;
status |= GNUTLS_CERT_INVALID;
@@ -670,27 +672,27 @@ _pkcs1_rsa_verify_sig (const gnutls_datum_t * text,
if (prehash && prehash->data && prehash->size == digest_size)
{
- cmp = prehash->data;
+ cmp = prehash->data;
}
else
{
- if (!text)
- {
- gnutls_assert ();
- return GNUTLS_E_INVALID_REQUEST;
- }
-
- ret = _gnutls_hash_init (&hd, hash);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- _gnutls_hash (&hd, text->data, text->size);
- _gnutls_hash_deinit (&hd, md);
-
- cmp = md;
+ if (!text)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INVALID_REQUEST;
+ }
+
+ ret = _gnutls_hash_init (&hd, hash);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
+
+ _gnutls_hash (&hd, text->data, text->size);
+ _gnutls_hash_deinit (&hd, md);
+
+ cmp = md;
}
if (memcmp (cmp, digest, digest_size) != 0)
@@ -717,22 +719,22 @@ dsa_verify_sig (const gnutls_datum_t * text,
if (hash && hash->data && hash->size == 20)
{
- digest = *hash;
+ digest = *hash;
}
else
{
- ret = _gnutls_hash_init (&hd, GNUTLS_MAC_SHA1);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- _gnutls_hash (&hd, text->data, text->size);
- _gnutls_hash_deinit (&hd, _digest);
-
- digest.data = _digest;
- digest.size = 20;
+ ret = _gnutls_hash_init (&hd, GNUTLS_MAC_SHA1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
+
+ _gnutls_hash (&hd, text->data, text->size);
+ _gnutls_hash_deinit (&hd, _digest);
+
+ digest.data = _digest;
+ digest.size = 20;
}
ret = _gnutls_dsa_verify (&digest, signature, params, params_len);
@@ -783,7 +785,7 @@ verify_sig (const gnutls_datum_t * tbs,
}
int
-_gnutls_x509_verify_algorithm (gnutls_mac_algorithm_t *hash,
+_gnutls_x509_verify_algorithm (gnutls_mac_algorithm_t * hash,
const gnutls_datum_t * signature,
const gnutls_x509_crt_t issuer)
{
@@ -797,16 +799,19 @@ _gnutls_x509_verify_algorithm (gnutls_mac_algorithm_t
*hash,
switch (gnutls_x509_crt_get_pk_algorithm (issuer, NULL))
{
case GNUTLS_PK_DSA:
- if (hash) *hash = GNUTLS_MAC_SHA1;
+ if (hash)
+ *hash = GNUTLS_MAC_SHA1;
return 0;
case GNUTLS_PK_RSA:
issuer_params_size = MAX_PUBLIC_PARAMS_SIZE;
- ret = _gnutls_x509_crt_get_mpis (issuer, issuer_params,
&issuer_params_size);
+ ret =
+ _gnutls_x509_crt_get_mpis (issuer, issuer_params,
+ &issuer_params_size);
if (ret < 0)
{
- gnutls_assert ();
- return ret;
+ gnutls_assert ();
+ return ret;
}
ret =
@@ -815,30 +820,31 @@ _gnutls_x509_verify_algorithm (gnutls_mac_algorithm_t
*hash,
/* release allocated mpis */
for (i = 0; i < issuer_params_size; i++)
- {
- _gnutls_mpi_release (&issuer_params[i]);
- }
+ {
+ _gnutls_mpi_release (&issuer_params[i]);
+ }
if (ret < 0)
{
- gnutls_assert ();
- return ret;
+ gnutls_assert ();
+ return ret;
}
digest_size = sizeof (digest);
if ((ret =
- decode_ber_digest_info (&decrypted, hash, digest, &digest_size)) !=
0)
+ decode_ber_digest_info (&decrypted, hash, digest,
+ &digest_size)) != 0)
{
- gnutls_assert ();
- _gnutls_free_datum (&decrypted);
- return ret;
+ gnutls_assert ();
+ _gnutls_free_datum (&decrypted);
+ return ret;
}
_gnutls_free_datum (&decrypted);
if (digest_size != _gnutls_hash_get_algo_len (*hash))
{
- gnutls_assert ();
- return GNUTLS_E_ASN1_GENERIC_ERROR;
+ gnutls_assert ();
+ return GNUTLS_E_ASN1_GENERIC_ERROR;
}
return 0;
@@ -1188,7 +1194,8 @@ _gnutls_verify_crl2 (gnutls_x509_crl_t crl,
}
ret =
- _gnutls_x509_verify_signature (&crl_signed_data, NULL, &crl_signature,
issuer);
+ _gnutls_x509_verify_signature (&crl_signed_data, NULL, &crl_signature,
+ issuer);
if (ret < 0)
{
gnutls_assert ();
diff --git a/lib/x509/x509_write.c b/lib/x509/x509_write.c
index a57ccc2..c5b7b13 100644
--- a/lib/x509/x509_write.c
+++ b/lib/x509/x509_write.c
@@ -556,8 +556,8 @@ gnutls_x509_crt_set_key_usage (gnutls_x509_crt_t crt,
unsigned int usage)
**/
int
gnutls_x509_crt_set_subject_alternative_name (gnutls_x509_crt_t crt,
- gnutls_x509_subject_alt_name_t
type,
- const char *data_string)
+ gnutls_x509_subject_alt_name_t
+ type, const char *data_string)
{
if (crt == NULL)
{
@@ -1189,8 +1189,7 @@ gnutls_x509_crt_set_authority_key_id (gnutls_x509_crt_t
cert,
**/
int
gnutls_x509_crt_set_key_purpose_oid (gnutls_x509_crt_t cert,
- const void *oid,
- unsigned int critical)
+ const void *oid, unsigned int critical)
{
int result;
gnutls_datum_t old_id, der_data;
diff --git a/libextra/gl/md5.c b/libextra/gl/md5.c
index 0905367..2eb66ed 100644
--- a/libextra/gl/md5.c
+++ b/libextra/gl/md5.c
@@ -63,7 +63,7 @@
/* This array contains the bytes used to pad the buffer to the next
64-byte boundary. (RFC 1321, 3.1: Step 1) */
-static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
+static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
/* Initialize structure containing state of computation.
@@ -129,13 +129,13 @@ md5_finish_ctx (struct md5_ctx *ctx, void *resbuf)
return md5_read_ctx (ctx, resbuf);
}
-#if 0 /* Not needed by GnuTLS, and it has a large stack frame. */
+#if 0 /* Not needed by GnuTLS, and it has a large
stack frame. */
/* Compute MD5 message digest for bytes read from STREAM. The
resulting message digest number will be written into the 16 bytes
beginning at RESBLOCK. */
int
-md5_stream (FILE *stream, void *resblock)
+md5_stream (FILE * stream, void *resblock)
{
struct md5_ctx ctx;
size_t sum;
diff --git a/libextra/gnutls_openssl.c b/libextra/gnutls_openssl.c
index b079088..38ae5a8 100644
--- a/libextra/gnutls_openssl.c
+++ b/libextra/gnutls_openssl.c
@@ -849,7 +849,7 @@ SSL_CIPHER_description (SSL_CIPHER * cipher, char *buf, int
size)
{
if (local_alloc)
free (tmpbuf);
- return (char*) "Buffer too small";
+ return (char *) "Buffer too small";
}
return tmpbuf;
diff --git a/src/certtool-cfg.c b/src/certtool-cfg.c
index c76c34b..42674a8 100644
--- a/src/certtool-cfg.c
+++ b/src/certtool-cfg.c
@@ -72,7 +72,7 @@ typedef struct _cfg_ctx
int code_sign_key;
int ocsp_sign_key;
int time_stamping_key;
- char** key_purpose_oids;
+ char **key_purpose_oids;
int crl_next_update;
int crl_number;
int crq_extensions;
@@ -198,7 +198,8 @@ read_crt_set (gnutls_x509_crt_t crt, const char *input_str,
const char *oid)
int ret;
fputs (input_str, stderr);
- if (fgets (input, sizeof (input), stdin)==NULL) return;
+ if (fgets (input, sizeof (input), stdin) == NULL)
+ return;
if (strlen (input) == 1) /* only newline */
return;
@@ -219,7 +220,8 @@ read_crq_set (gnutls_x509_crq_t crq, const char *input_str,
const char *oid)
int ret;
fputs (input_str, stderr);
- if (fgets (input, sizeof (input), stdin)==NULL) return;
+ if (fgets (input, sizeof (input), stdin) == NULL)
+ return;
if (strlen (input) == 1) /* only newline */
return;
@@ -302,7 +304,8 @@ read_yesno (const char *input_str)
char input[128];
fputs (input_str, stderr);
- if (fgets (input, sizeof (input), stdin)==NULL) return 0;
+ if (fgets (input, sizeof (input), stdin) == NULL)
+ return 0;
if (strlen (input) == 1) /* only newline */
return 0;
@@ -597,13 +600,16 @@ get_key_purpose_set (gnutls_x509_crt_t crt)
{
if (!cfg.key_purpose_oids)
return;
- for (i = 0; cfg.key_purpose_oids[i] != NULL; i ++)
+ for (i = 0; cfg.key_purpose_oids[i] != NULL; i++)
{
- ret = gnutls_x509_crt_set_key_purpose_oid (crt,
cfg.key_purpose_oids[i], 0);
+ ret =
+ gnutls_x509_crt_set_key_purpose_oid (crt, cfg.key_purpose_oids[i],
+ 0);
if (ret < 0)
{
- fprintf (stderr, "set_key_purpose_oid (%s): %s\n",
cfg.key_purpose_oids[i], gnutls_strerror (ret));
+ fprintf (stderr, "set_key_purpose_oid (%s): %s\n",
+ cfg.key_purpose_oids[i], gnutls_strerror (ret));
exit (1);
}
}
@@ -986,7 +992,8 @@ get_dns_name_set (int type, void *crt)
do
{
- p = read_str ("Enter a dnsName of the subject of the certificate: ");
+ p =
+ read_str ("Enter a dnsName of the subject of the certificate: ");
if (!p)
return;
diff --git a/src/cli.c b/src/cli.c
index a37490f..2aa2da4 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -372,41 +372,45 @@ cert_callback (gnutls_session_t session,
{
gnutls_sign_algorithm_t cert_algo, req_algo;
int i, match = 0;
-
+
if (x509_crt[0] != NULL)
- {
- ret = gnutls_x509_crt_get_signature_algorithm(x509_crt[0]);
- if (ret < 0)
- {
- /* error reading signature algorithm */
- return -1;
- }
- cert_algo = ret;
-
- i=0;
- do {
- ret = gnutls_sign_algorithm_get_requested(session, i, &req_algo);
- if (ret >= 0 && cert_algo == req_algo)
- {
- match = 1;
- break;
- }
-
- /* server has not requested anything specific */
- if (i==0 && ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
- {
- match = 1;
- break;
- }
- i++;
- } while(ret >= 0);
-
- if (match == 0)
- {
- printf("- Could not find a suitable certificate to send to
server\n");
- return -1;
- }
- }
+ {
+ ret = gnutls_x509_crt_get_signature_algorithm (x509_crt[0]);
+ if (ret < 0)
+ {
+ /* error reading signature algorithm */
+ return -1;
+ }
+ cert_algo = ret;
+
+ i = 0;
+ do
+ {
+ ret =
+ gnutls_sign_algorithm_get_requested (session, i, &req_algo);
+ if (ret >= 0 && cert_algo == req_algo)
+ {
+ match = 1;
+ break;
+ }
+
+ /* server has not requested anything specific */
+ if (i == 0 && ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+ {
+ match = 1;
+ break;
+ }
+ i++;
+ }
+ while (ret >= 0);
+
+ if (match == 0)
+ {
+ printf
+ ("- Could not find a suitable certificate to send to server\n");
+ return -1;
+ }
+ }
if (x509_crt != NULL && x509_key != NULL)
{
diff --git a/src/common.c b/src/common.c
index 1e726e6..55a28d8 100644
--- a/src/common.c
+++ b/src/common.c
@@ -152,8 +152,7 @@ print_x509_info (gnutls_session_t session, const char
*hostname, int insecure)
}
else if (hostname_ok == 2)
{
- printf ("- The hostname in the certificate matches '%s'.\n",
- hostname);
+ printf ("- The hostname in the certificate matches '%s'.\n", hostname);
}
}
@@ -188,7 +187,8 @@ print_openpgp_info (gnutls_session_t session, const char
*hostname,
if (verbose)
ret = gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_FULL, &cinfo);
else
- ret = gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_ONELINE, &cinfo);
+ ret =
+ gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_ONELINE, &cinfo);
if (ret == 0)
{
printf (" - %s\n", cinfo.data);
@@ -235,8 +235,7 @@ print_openpgp_info (gnutls_session_t session, const char
*hostname,
}
else if (hostname_ok == 2)
{
- printf ("- The hostname in the certificate matches '%s'.\n",
- hostname);
+ printf ("- The hostname in the certificate matches '%s'.\n", hostname);
}
}
@@ -273,7 +272,8 @@ print_cert_vrfy (gnutls_session_t session)
if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
printf ("- Peer's certificate chain uses insecure algorithm\n");
if (status & GNUTLS_CERT_NOT_ACTIVATED)
- printf ("- Peer's certificate chain uses not yet valid certificate\n");
+ printf
+ ("- Peer's certificate chain uses not yet valid certificate\n");
if (status & GNUTLS_CERT_EXPIRED)
printf ("- Peer's certificate chain uses expired certificate\n");
if (status & GNUTLS_CERT_INVALID)
diff --git a/src/crypt.c b/src/crypt.c
index a9b71d2..623052b 100644
--- a/src/crypt.c
+++ b/src/crypt.c
@@ -419,9 +419,9 @@ main (int argc, char **argv)
}
if (info.passwd == NULL)
- info.passwd = (char*) KPASSWD;
+ info.passwd = (char *) KPASSWD;
if (info.passwd_conf == NULL)
- info.passwd_conf = (char*) KPASSWD_CONF;
+ info.passwd_conf = (char *) KPASSWD_CONF;
if (info.username == NULL)
{
@@ -710,7 +710,7 @@ read_conf_values (gnutls_datum_t * g, gnutls_datum_t * n,
char *str)
return index;
}
-extern void srptool_version(void);
+extern void srptool_version (void);
void
srptool_version (void)
diff --git a/src/psk.c b/src/psk.c
index 7de5ea5..63363f6 100644
--- a/src/psk.c
+++ b/src/psk.c
@@ -92,7 +92,7 @@ main (int argc, char **argv)
}
if (info.passwd == NULL)
- info.passwd = (char*) KPASSWD;
+ info.passwd = (char *) KPASSWD;
if (info.username == NULL)
{
diff --git a/src/serv.c b/src/serv.c
index aaeda8e..a8eb8fa 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -1169,10 +1169,10 @@ main (int argc, char **argv)
ctt = ctime (&tt);
ctt[strlen (ctt) - 1] = 0;
- printf("\n* Accepted connection from %s on %s\n",
- human_addr ((struct sockaddr *)
- &client_address, calen, topbuf,
- sizeof (topbuf)), ctt);
+ printf ("\n* Accepted connection from %s on %s\n",
+ human_addr ((struct sockaddr *)
+ &client_address, calen, topbuf,
+ sizeof (topbuf)), ctt);
}
}
}
@@ -1476,7 +1476,7 @@ gaa_parser (int argc, char **argv)
parse_comp (info.comp, info.ncomp, comp_priority);
}
-extern void serv_version(void);
+extern void serv_version (void);
void
serv_version (void)
diff --git a/tests/anonself.c b/tests/anonself.c
index b454aa4..21bd6df 100644
--- a/tests/anonself.c
+++ b/tests/anonself.c
@@ -178,7 +178,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -216,7 +216,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/chainverify.c b/tests/chainverify.c
index 13d4710..0407d14 100644
--- a/tests/chainverify.c
+++ b/tests/chainverify.c
@@ -37,7 +37,7 @@
current time. This should work fine on systems where the library
call to time is resolved at run-time. */
time_t
-time (time_t *t)
+time (time_t * t)
{
time_t then = 1256803113;
@@ -779,16 +779,16 @@ main (int argc, char *argv[])
gnutls_datum_t tmp;
size_t j;
- printf ("Chain '%s' (%d)...\n", chains[i].name, (int)i);
+ printf ("Chain '%s' (%d)...\n", chains[i].name, (int) i);
for (j = 0; chains[i].chain[j]; j++)
{
- printf ("\tAdding certificate %d...", (int)j);
+ printf ("\tAdding certificate %d...", (int) j);
ret = gnutls_x509_crt_init (&certs[j]);
if (ret < 0)
- error (EXIT_FAILURE, 0, "gnutls_x509_crt_init[%d,%d]: %s", (int)i,
(int)j,
- gnutls_strerror (ret));
+ error (EXIT_FAILURE, 0, "gnutls_x509_crt_init[%d,%d]: %s",
+ (int) i, (int) j, gnutls_strerror (ret));
tmp.data = (char *) chains[i].chain[j];
tmp.size = strlen (chains[i].chain[j]);
@@ -796,11 +796,11 @@ main (int argc, char *argv[])
ret = gnutls_x509_crt_import (certs[j], &tmp, GNUTLS_X509_FMT_PEM);
printf ("done\n");
if (ret < 0)
- error (EXIT_FAILURE, 0, "gnutls_x509_crt_import[%d,%d]: %s",
(int)i, (int)j,
- gnutls_strerror (ret));
+ error (EXIT_FAILURE, 0, "gnutls_x509_crt_import[%d,%d]: %s",
+ (int) i, (int) j, gnutls_strerror (ret));
gnutls_x509_crt_print (certs[j], GNUTLS_CRT_PRINT_ONELINE, &tmp);
- printf ("\tCertificate %d: %.*s\n", (int)j, tmp.size, tmp.data);
+ printf ("\tCertificate %d: %.*s\n", (int) j, tmp.size, tmp.data);
gnutls_free (tmp.data);
}
diff --git a/tests/crq_apis.c b/tests/crq_apis.c
index ee5da50..63742b2 100644
--- a/tests/crq_apis.c
+++ b/tests/crq_apis.c
@@ -56,7 +56,8 @@ static unsigned char key_pem[] =
"-----END RSA PRIVATE KEY-----\n";
const gnutls_datum_t key = { key_pem, sizeof (key_pem) };
-void doit (void)
+void
+doit (void)
{
gnutls_x509_privkey_t pkey;
gnutls_x509_crt_t crt;
@@ -169,7 +170,8 @@ void doit (void)
fail ("gnutls_x509_crq_get_key_purpose_oid %d\n", ret);
s = 0;
- ret = gnutls_x509_crq_set_key_purpose_oid (crq, GNUTLS_KP_TLS_WWW_SERVER, 0);
+ ret =
+ gnutls_x509_crq_set_key_purpose_oid (crq, GNUTLS_KP_TLS_WWW_SERVER, 0);
if (ret != 0)
fail ("gnutls_x509_crq_set_key_purpose_oid %d\n", ret);
@@ -179,7 +181,8 @@ void doit (void)
fail ("gnutls_x509_crq_get_key_purpose_oid %d\n", ret);
s = 0;
- ret = gnutls_x509_crq_set_key_purpose_oid (crq, GNUTLS_KP_TLS_WWW_CLIENT, 1);
+ ret =
+ gnutls_x509_crq_set_key_purpose_oid (crq, GNUTLS_KP_TLS_WWW_CLIENT, 1);
if (ret != 0)
fail ("gnutls_x509_crq_set_key_purpose_oid2 %d\n", ret);
diff --git a/tests/cve-2008-4989.c b/tests/cve-2008-4989.c
index 65a9de3..fd4fb85 100644
--- a/tests/cve-2008-4989.c
+++ b/tests/cve-2008-4989.c
@@ -38,112 +38,109 @@
static const char *pem_certs[] = {
"-----BEGIN CERTIFICATE-----\n"
- "MIIB6zCCAVQCCQCgwnB/k0WZrDANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJE\n"
- "RTEXMBUGA1UEChMOR05VIFRMUyBBdHRhY2sxFTATBgNVBAMTDGludGVybWVkaWF0\n"
- "ZTAeFw0wODExMDMxMjA1MDRaFw0wODEyMDMxMjA1MDRaMDcxCzAJBgNVBAYTAkRF\n"
- "MRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazEPMA0GA1UEAxMGc2VydmVyMIGfMA0G\n"
- "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDKdL9g5ErMLOLRCjiomZlNLhy0moWGaKIW\n"
- "aX6vyUIfh8d6FcArHoKoqhmX7ckvod50sOYPojQesDpl7gVaQNA6Ntr1VCcuNPef\n"
- "UKWtEwL0Qu9JbPnUoIYd7mAaqVQgFp6W6yzV/dp63LH4XSdzBMhpZ/EU6vZoE8Sv\n"
- "VLdqj5r6jwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAH4QRR7sZEbjW00tXYk/3O/Z\n"
- "96AxJNg0F78W5B68gaJrLJ7DTE2RTglscuEq1+2Jyb4AIziwXpYqxgwcP91QpH97\n"
- "XfwdXIcyjYvVLHiKmkQj2zJTY7MeyiEQQ2it8VstZG2fYmi2EiMZIEnyJ2JJ7bA7\n"
- "bF7pG7Cg3oEHUM0H5KUU\n"
- "-----END CERTIFICATE-----\n",
+ "MIIB6zCCAVQCCQCgwnB/k0WZrDANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJE\n"
+ "RTEXMBUGA1UEChMOR05VIFRMUyBBdHRhY2sxFTATBgNVBAMTDGludGVybWVkaWF0\n"
+ "ZTAeFw0wODExMDMxMjA1MDRaFw0wODEyMDMxMjA1MDRaMDcxCzAJBgNVBAYTAkRF\n"
+ "MRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazEPMA0GA1UEAxMGc2VydmVyMIGfMA0G\n"
+ "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDKdL9g5ErMLOLRCjiomZlNLhy0moWGaKIW\n"
+ "aX6vyUIfh8d6FcArHoKoqhmX7ckvod50sOYPojQesDpl7gVaQNA6Ntr1VCcuNPef\n"
+ "UKWtEwL0Qu9JbPnUoIYd7mAaqVQgFp6W6yzV/dp63LH4XSdzBMhpZ/EU6vZoE8Sv\n"
+ "VLdqj5r6jwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAH4QRR7sZEbjW00tXYk/3O/Z\n"
+ "96AxJNg0F78W5B68gaJrLJ7DTE2RTglscuEq1+2Jyb4AIziwXpYqxgwcP91QpH97\n"
+ "XfwdXIcyjYvVLHiKmkQj2zJTY7MeyiEQQ2it8VstZG2fYmi2EiMZIEnyJ2JJ7bA7\n"
+ "bF7pG7Cg3oEHUM0H5KUU\n" "-----END CERTIFICATE-----\n",
"-----BEGIN CERTIFICATE-----\n"
- "MIICADCCAWmgAwIBAgIJAIZ4nkHQAqTFMA0GCSqGSIb3DQEBBQUAMDUxCzAJBgNV\n"
- "BAYTAkRFMRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazENMAsGA1UEAxMEcm9vdDAe\n"
- "Fw0wODExMDMxMjA0NDVaFw0wODEyMDMxMjA0NDVaMD0xCzAJBgNVBAYTAkRFMRcw\n"
- "FQYDVQQKEw5HTlUgVExTIEF0dGFjazEVMBMGA1UEAxMMaW50ZXJtZWRpYXRlMIGf\n"
- "MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDvBpW8sAhIuUmNvcBE6wv/q7MtM1Z9\n"
- "2I1SDL8eJ8I2nPg6BlCX+OIqNruynj8J7uPEQ04ZLwLxNXoyZa8057YFyrKLOvoj\n"
- "5IfBtidsLWYv6PO3qqHJXVvwGdS7PKMuUlsjucCRyXVgQ07ODF7piqoVFi9KD99w\n"
- "AU5+9plGrZNP/wIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA\n"
- "A4GBAGPg+M+8MsB6zHN2o+jAtyqovrTTwmzVWEgfEH/aHC9+imGZRQ5lFNc2vdny\n"
- "AgaJ9/izO5S6Ibb5zUowN2WhoUJOVipuQa2m9AviOgheoU7tmANC9ylm/pRkKy/0\n"
- "n5UVzlKxDhRp/xBb7MWOw3KEQjiAf2Z3wCLcCPUqcJUdJC4v\n"
- "-----END CERTIFICATE-----\n",
+ "MIICADCCAWmgAwIBAgIJAIZ4nkHQAqTFMA0GCSqGSIb3DQEBBQUAMDUxCzAJBgNV\n"
+ "BAYTAkRFMRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazENMAsGA1UEAxMEcm9vdDAe\n"
+ "Fw0wODExMDMxMjA0NDVaFw0wODEyMDMxMjA0NDVaMD0xCzAJBgNVBAYTAkRFMRcw\n"
+ "FQYDVQQKEw5HTlUgVExTIEF0dGFjazEVMBMGA1UEAxMMaW50ZXJtZWRpYXRlMIGf\n"
+ "MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDvBpW8sAhIuUmNvcBE6wv/q7MtM1Z9\n"
+ "2I1SDL8eJ8I2nPg6BlCX+OIqNruynj8J7uPEQ04ZLwLxNXoyZa8057YFyrKLOvoj\n"
+ "5IfBtidsLWYv6PO3qqHJXVvwGdS7PKMuUlsjucCRyXVgQ07ODF7piqoVFi9KD99w\n"
+ "AU5+9plGrZNP/wIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA\n"
+ "A4GBAGPg+M+8MsB6zHN2o+jAtyqovrTTwmzVWEgfEH/aHC9+imGZRQ5lFNc2vdny\n"
+ "AgaJ9/izO5S6Ibb5zUowN2WhoUJOVipuQa2m9AviOgheoU7tmANC9ylm/pRkKy/0\n"
+ "n5UVzlKxDhRp/xBb7MWOw3KEQjiAf2Z3wCLcCPUqcJUdJC4v\n"
+ "-----END CERTIFICATE-----\n",
"-----BEGIN CERTIFICATE-----\n"
- "MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUF\n"
- "ADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG\n"
- "A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UE\n"
- "CxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl\n"
- "IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYx\n"
- "MTE3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTAT\n"
- "BgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT\n"
- "ZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJ\n"
- "bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0\n"
- "ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
- "AoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQ\n"
- "LZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29\n"
- "dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk6KHYcWUNo1F7\n"
- "7rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/KaAcd\n"
- "HJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR3\n"
- "2HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA\n"
- "MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7\n"
- "W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7OR\n"
- "tvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE\n"
- "uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQ\n"
- "aEfZYGDm/Ac9IiAXxPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqd\n"
- "E8hhuvU5HIe6uL17In/2/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+\n"
- "MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+\n"
- "fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA==\n"
- "-----END CERTIFICATE-----\n"
+ "MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUF\n"
+ "ADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG\n"
+ "A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UE\n"
+ "CxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl\n"
+ "IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYx\n"
+ "MTE3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTAT\n"
+ "BgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT\n"
+ "ZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJ\n"
+ "bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0\n"
+ "ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
+ "AoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQ\n"
+ "LZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29\n"
+ "dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk6KHYcWUNo1F7\n"
+ "7rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/KaAcd\n"
+ "HJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR3\n"
+ "2HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA\n"
+ "MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7\n"
+ "W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7OR\n"
+ "tvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE\n"
+ "uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQ\n"
+ "aEfZYGDm/Ac9IiAXxPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqd\n"
+ "E8hhuvU5HIe6uL17In/2/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+\n"
+ "MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+\n"
+ "fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA==\n" "-----END CERTIFICATE-----\n"
};
static const char *pem_ca = {
"-----BEGIN CERTIFICATE-----\n"
- "MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUF\n"
- "ADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG\n"
- "A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UE\n"
- "CxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl\n"
- "IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYx\n"
- "MTE3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTAT\n"
- "BgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT\n"
- "ZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJ\n"
- "bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0\n"
- "ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
- "AoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQ\n"
- "LZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29\n"
- "dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk6KHYcWUNo1F7\n"
- "7rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/KaAcd\n"
- "HJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR3\n"
- "2HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA\n"
- "MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7\n"
- "W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7OR\n"
- "tvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE\n"
- "uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQ\n"
- "aEfZYGDm/Ac9IiAXxPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqd\n"
- "E8hhuvU5HIe6uL17In/2/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+\n"
- "MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+\n"
- "fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA==\n"
- "-----END CERTIFICATE-----\n"
+ "MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUF\n"
+ "ADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG\n"
+ "A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UE\n"
+ "CxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl\n"
+ "IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYx\n"
+ "MTE3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTAT\n"
+ "BgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT\n"
+ "ZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJ\n"
+ "bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0\n"
+ "ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
+ "AoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQ\n"
+ "LZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29\n"
+ "dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk6KHYcWUNo1F7\n"
+ "7rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/KaAcd\n"
+ "HJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR3\n"
+ "2HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA\n"
+ "MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7\n"
+ "W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7OR\n"
+ "tvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE\n"
+ "uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQ\n"
+ "aEfZYGDm/Ac9IiAXxPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqd\n"
+ "E8hhuvU5HIe6uL17In/2/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+\n"
+ "MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+\n"
+ "fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA==\n" "-----END CERTIFICATE-----\n"
};
#define CHAIN_LENGTH (sizeof (pem_certs) / sizeof (pem_certs[0]))
static const char *pem_self_cert = {
"-----BEGIN CERTIFICATE-----\n"
- "MIIDgjCCAmygAwIBAgIBADALBgkqhkiG9w0BAQUwSzELMAkGA1UEBhMCQlIxFDAS\n"
- "BgNVBAoTC01pbmFzIExpdnJlMSYwJAYDVQQDEx1UaGFkZXUgTGltYSBkZSBTb3V6\n"
- "YSBDYXNjYXJkbzAeFw0wODA1MzAxOTUzNDNaFw0wODExMjYxOTUzNDNaMEsxCzAJ\n"
- "BgNVBAYTAkJSMRQwEgYDVQQKEwtNaW5hcyBMaXZyZTEmMCQGA1UEAxMdVGhhZGV1\n"
- "IExpbWEgZGUgU291emEgQ2FzY2FyZG8wggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIB\n"
- "CQKCAQC4D934O6wrXJbMyu1w8gu6nN0aNUDGqrX9UgaB/4xVuYhPlhjH0z9Dqic9\n"
- "0pEZmyNCjQmzDSg/hnlY3fBG0i9Iel2oYn1UB4SdcJ2qGkLS87y2ZbMTS1oyMR7/\n"
- "y9l3WGEWqwgjIvOjGstcZo0rCIF8Qr21QGX22KWg2HXlMaZyA9bGtJ+L+x6f2hoo\n"
- "yIPCA30VMvIgHjOSPQJF3iJFE4Uxq1PQ65W91NyI6/bRKFOmFdCUJW8tqqvntYP8\n"
- "hEE08wGlKimFNv7CqZuRI8QuOnhZ7pBXkyvQpW8yHrORlOHxSjkNQKjddt92TCJb\n"
- "1q6eKv2CtCuDLgCuIy0Onr4U9n+hAgMBAAGjeDB2MA8GA1UdEwEB/wQFMAMBAf8w\n"
- "HgYDVR0RBBcwFYITbWFpbC5taW5hc2xpdnJlLm9yZzATBgNVHSUEDDAKBggrBgEF\n"
- "BQcDATAPBgNVHQ8BAf8EBQMDB6QAMB0GA1UdDgQWBBQ/5v42y0jBHUKEfqpPmr5a\n"
- "WsjCGjALBgkqhkiG9w0BAQUDggEBAC/WfO2yK3vM9bG0qFEj8sd0cWiapMhf5PtH\n"
- "jigcPb/OKqSFQVXpAdNiUclPRP79Ih3CuWiXfZ/CW0+k2Z8tyy6AnEQItWvoVh/b\n"
- "8lS7Ph/f9JUYHp2DtgsQWcNQbrUZOPFBu8J4MD6cDWG5Uxwl3YASg30ZdmMDNT8B\n"
- "HshYz0HUOAhYwVSI3J/f7LFhD5OpjSroHgE7wA9UJrerAp9f7e3e9D7kNQ8DlvLP\n"
- "kz6Jh+5M/xD3JO1yl+evaCp3LA+z4M2xiNvtzkAEgj3t6RaJ81Sh5XGiooDYZ14R\n"
- "DgEBYLTUfBYBPzoaahPEdG/f0kUjUBJ34fkBUSjJKURPTHJfDfA=\n"
- "-----END CERTIFICATE-----\n"
+ "MIIDgjCCAmygAwIBAgIBADALBgkqhkiG9w0BAQUwSzELMAkGA1UEBhMCQlIxFDAS\n"
+ "BgNVBAoTC01pbmFzIExpdnJlMSYwJAYDVQQDEx1UaGFkZXUgTGltYSBkZSBTb3V6\n"
+ "YSBDYXNjYXJkbzAeFw0wODA1MzAxOTUzNDNaFw0wODExMjYxOTUzNDNaMEsxCzAJ\n"
+ "BgNVBAYTAkJSMRQwEgYDVQQKEwtNaW5hcyBMaXZyZTEmMCQGA1UEAxMdVGhhZGV1\n"
+ "IExpbWEgZGUgU291emEgQ2FzY2FyZG8wggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIB\n"
+ "CQKCAQC4D934O6wrXJbMyu1w8gu6nN0aNUDGqrX9UgaB/4xVuYhPlhjH0z9Dqic9\n"
+ "0pEZmyNCjQmzDSg/hnlY3fBG0i9Iel2oYn1UB4SdcJ2qGkLS87y2ZbMTS1oyMR7/\n"
+ "y9l3WGEWqwgjIvOjGstcZo0rCIF8Qr21QGX22KWg2HXlMaZyA9bGtJ+L+x6f2hoo\n"
+ "yIPCA30VMvIgHjOSPQJF3iJFE4Uxq1PQ65W91NyI6/bRKFOmFdCUJW8tqqvntYP8\n"
+ "hEE08wGlKimFNv7CqZuRI8QuOnhZ7pBXkyvQpW8yHrORlOHxSjkNQKjddt92TCJb\n"
+ "1q6eKv2CtCuDLgCuIy0Onr4U9n+hAgMBAAGjeDB2MA8GA1UdEwEB/wQFMAMBAf8w\n"
+ "HgYDVR0RBBcwFYITbWFpbC5taW5hc2xpdnJlLm9yZzATBgNVHSUEDDAKBggrBgEF\n"
+ "BQcDATAPBgNVHQ8BAf8EBQMDB6QAMB0GA1UdDgQWBBQ/5v42y0jBHUKEfqpPmr5a\n"
+ "WsjCGjALBgkqhkiG9w0BAQUDggEBAC/WfO2yK3vM9bG0qFEj8sd0cWiapMhf5PtH\n"
+ "jigcPb/OKqSFQVXpAdNiUclPRP79Ih3CuWiXfZ/CW0+k2Z8tyy6AnEQItWvoVh/b\n"
+ "8lS7Ph/f9JUYHp2DtgsQWcNQbrUZOPFBu8J4MD6cDWG5Uxwl3YASg30ZdmMDNT8B\n"
+ "HshYz0HUOAhYwVSI3J/f7LFhD5OpjSroHgE7wA9UJrerAp9f7e3e9D7kNQ8DlvLP\n"
+ "kz6Jh+5M/xD3JO1yl+evaCp3LA+z4M2xiNvtzkAEgj3t6RaJ81Sh5XGiooDYZ14R\n"
+ "DgEBYLTUfBYBPzoaahPEdG/f0kUjUBJ34fkBUSjJKURPTHJfDfA=\n"
+ "-----END CERTIFICATE-----\n"
};
int
@@ -171,7 +168,7 @@ main (int argc, char *argv[])
error (EXIT_FAILURE, 0, "gnutls_x509_crt_init[%d]: %s", i,
gnutls_strerror (ret));
- tmp.data = (char*) pem_certs[i];
+ tmp.data = (char *) pem_certs[i];
tmp.size = strlen (pem_certs[i]);
ret = gnutls_x509_crt_import (certs[i], &tmp, GNUTLS_X509_FMT_PEM);
@@ -182,9 +179,10 @@ main (int argc, char *argv[])
ret = gnutls_x509_crt_init (&ca);
if (ret < 0)
- error (EXIT_FAILURE, 0, "gnutls_x509_crt_init: %s", gnutls_strerror (ret));
+ error (EXIT_FAILURE, 0, "gnutls_x509_crt_init: %s",
+ gnutls_strerror (ret));
- tmp.data = (char*) pem_ca;
+ tmp.data = (char *) pem_ca;
tmp.size = strlen (pem_ca);
ret = gnutls_x509_crt_import (ca, &tmp, GNUTLS_X509_FMT_PEM);
@@ -213,9 +211,10 @@ main (int argc, char *argv[])
ret = gnutls_x509_crt_init (&self_cert);
if (ret < 0)
- error (EXIT_FAILURE, 0, "gnutls_x509_crt_init: %s", gnutls_strerror (ret));
+ error (EXIT_FAILURE, 0, "gnutls_x509_crt_init: %s",
+ gnutls_strerror (ret));
- tmp.data = (char*) pem_self_cert;
+ tmp.data = (char *) pem_self_cert;
tmp.size = strlen (pem_self_cert);
ret = gnutls_x509_crt_import (self_cert, &tmp, GNUTLS_X509_FMT_PEM);
diff --git a/tests/cve-2009-1415.c b/tests/cve-2009-1415.c
index fe89aa4..b74a5a2 100644
--- a/tests/cve-2009-1415.c
+++ b/tests/cve-2009-1415.c
@@ -67,8 +67,7 @@ static char dsa_cert[] =
"HPutkm7mBqRWLKLhwFMnyPKVMAsGCSqGSIb3DQEBBQOBgQBCsrnfD1xzh8/Eih1f\n"
"x+M0lPoX1Re5L2ElHI6DJpHYOBPwf9glwxnet2+avzgUQDUFwUSxOhodpyeaACXD\n"
"o0gGVpcH8sOBTQ+aTdM37hGkPxoXjtIkR/LgG5nP2H2JRd5TkW8l13JdM4MJFB4W\n"
- "QcDzQ8REwidsfh9uKAluk1c/KQ==\n"
- "-----END CERTIFICATE-----\n";
+ "QcDzQ8REwidsfh9uKAluk1c/KQ==\n" "-----END CERTIFICATE-----\n";
const gnutls_datum_t dsa_cert_dat = {
dsa_cert, sizeof (dsa_cert)
diff --git a/tests/dhepskself.c b/tests/dhepskself.c
index 406668d..ce9f58e 100644
--- a/tests/dhepskself.c
+++ b/tests/dhepskself.c
@@ -60,7 +60,7 @@ client (void)
gnutls_session_t session;
char buffer[MAX_BUF + 1];
gnutls_psk_client_credentials_t pskcred;
- const gnutls_datum_t key = { (char*) "DEADBEEF", 8 };
+ const gnutls_datum_t key = { (char *) "DEADBEEF", 8 };
gnutls_global_init ();
@@ -167,7 +167,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -220,7 +220,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/dn2.c b/tests/dn2.c
index 4df3f71..5ea4fb9 100644
--- a/tests/dn2.c
+++ b/tests/dn2.c
@@ -61,10 +61,10 @@ static char pem[] =
"96B6WWBo9mzgwSM1d8LDhrarZ7uQhm+kBAMyEXhmDnCPWhvExvxJzjEmOlxjThyP\n"
"2yvIgfLyDfplRe+jUbsY7YNe08eEyoLRq1jwPuRWTaEx2gA7C6pq45747/HkJrtF\n"
"ya3ULM/AJv6Nj6pobxzQ5rEkUGEwKavu7GMjLrSMnHrbVCiQrn1v6c7B9nSPA31L\n"
- "/do1TDFI0vSl5+M=\n"
- "-----END CERTIFICATE-----\n";
+ "/do1TDFI0vSl5+M=\n" "-----END CERTIFICATE-----\n";
-static const char *info = "subject
`1.3.6.1.4.1.311.60.2.1.3=#13024445,1.3.6.1.4.1.311.60.2.1.1=#14084d75656e6368656e,2.5.4.15=#131256312e302c20436c6175736520352e286229,serialNumber=HRB
144261,C=DE,2.5.4.17=#14053830383037,ST=Bavaria,L=Muenchen,STREET=Frankfurter
Ring 129,O=GMX GmbH,CN=www.gmx.de', issuer `C=US,O=VeriSign\\, Inc.,OU=VeriSign
Trust Network,OU=Terms of use at https://www.verisign.com/rpa (c)06,CN=VeriSign
Class 3 Extended Validation SSL SGC CA', RSA key 1024 bits, signed using
RSA-SHA1, activated `2008-11-13 00:00:00 UTC', expires `2009-11-13 23:59:59
UTC', SHA-1 fingerprint `7ece297c45d5b17685224b4e929a30e91a9553cb'";
+static const char *info =
+ "subject
`1.3.6.1.4.1.311.60.2.1.3=#13024445,1.3.6.1.4.1.311.60.2.1.1=#14084d75656e6368656e,2.5.4.15=#131256312e302c20436c6175736520352e286229,serialNumber=HRB
144261,C=DE,2.5.4.17=#14053830383037,ST=Bavaria,L=Muenchen,STREET=Frankfurter
Ring 129,O=GMX GmbH,CN=www.gmx.de', issuer `C=US,O=VeriSign\\, Inc.,OU=VeriSign
Trust Network,OU=Terms of use at https://www.verisign.com/rpa (c)06,CN=VeriSign
Class 3 Extended Validation SSL SGC CA', RSA key 1024 bits, signed using
RSA-SHA1, activated `2008-11-13 00:00:00 UTC', expires `2009-11-13 23:59:59
UTC', SHA-1 fingerprint `7ece297c45d5b17685224b4e929a30e91a9553cb'";
void
doit (void)
@@ -94,9 +94,7 @@ doit (void)
success ("comparison ok\n");
else
fail ("comparison fail (%d/%d)\nexpect: %s\n got: %.*s\n",
- out.size, strlen (info),
- info,
- out.size, out.data);
+ out.size, strlen (info), info, out.size, out.data);
gnutls_x509_crt_deinit (cert);
gnutls_global_deinit ();
diff --git a/tests/finished.c b/tests/finished.c
index 5a5810f..f482ef8 100644
--- a/tests/finished.c
+++ b/tests/finished.c
@@ -155,7 +155,7 @@ doit (void)
{
/* Server stuff. */
gnutls_anon_server_credentials_t s_anoncred;
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
static gnutls_dh_params_t dh_params;
gnutls_session_t server;
int sret = GNUTLS_E_AGAIN;
diff --git a/tests/hostname-check.c b/tests/hostname-check.c
index 45257eb..22ce874 100644
--- a/tests/hostname-check.c
+++ b/tests/hostname-check.c
@@ -549,8 +549,7 @@ char pem9[] =
"A1UdDgQWBBRMuQqb+h00437ey9IHFf6h2stokTALBgkqhkiG9w0BAQUDgYEAoh/S\n"
"kF/JHG+SHcULrLAXI8VnRpRvD2J9Zkwo/7cQc2CuDqJHgoO7iQ3xFl75WzVLzu5e\n"
"0K21i8w3s6xNG1jCTxx/xqw9JRhnN/AnEZssILZ4JCGmd0TnGuX2v0WEMoFnr42W\n"
- "Jvc5MWtjxRWd4KCaHpYSy62Fy6fUhqzY9emkKyA=\n"
- "-----END CERTIFICATE-----\n";
+ "Jvc5MWtjxRWd4KCaHpYSy62Fy6fUhqzY9emkKyA=\n" "-----END CERTIFICATE-----\n";
/* Certificate with SAN and CN that match iff you truncate the SAN to
the embedded NUL.
@@ -634,8 +633,7 @@ char pem10[] =
"ODUiNAMP1F2rHHIVsdmJVhAS+30NGBKpCjjck89p/3WGnuNr65JsVRbVZYvXnF5L\n"
"gsiSbIvmGKL4jGWqtusj7cuZ2/yLjh16Ocn1e39Ye+0BbDxA7OOpX8Q9y4EXA20t\n"
"170AX8R58vurxg6iAYuhQnPelik+v9fZUafUmAd/8PTNAKHhrGwFrKuTG7BcLBOt\n"
- "/yfcgJk0Zr3jMVTVtj/O1AijUihhXr0=\n"
- "-----END CERTIFICATE-----\n";
+ "/yfcgJk0Zr3jMVTVtj/O1AijUihhXr0=\n" "-----END CERTIFICATE-----\n";
#ifdef ENABLE_OPENPGP
/* Check basic OpenPGP comparison too.
@@ -668,8 +666,7 @@ char pem11[] =
"03G+ynCHf5pBAXHhfCNhA0lMv5h3eJECNElcCh0sYGmo19jOzbnlRSGKRqrflOtO\n"
"YwhQXK9y/ohJBBgRAgAJBQJFyJ51AhsMAAoJEK5frT5dHRTYDDgAn2bLaS5n3Xy8\n"
"Z/V2Me1st/9pqPfZAJ4+9YBnyjCq/0vosIoZabi+s92m7g==\n"
- "=NkXV\n"
- "-----END PGP PUBLIC KEY BLOCK-----\n";
+ "=NkXV\n" "-----END PGP PUBLIC KEY BLOCK-----\n";
#endif
void
diff --git a/tests/mini-eagain.c b/tests/mini-eagain.c
index d46180c..9cc3c5a 100644
--- a/tests/mini-eagain.c
+++ b/tests/mini-eagain.c
@@ -56,7 +56,7 @@ client_pull (gnutls_transport_ptr_t tr, void *data, size_t
len)
unsigned char rnd;
gcry_create_nonce (&rnd, 1);
- if (handshake == 0 && rnd % 2 == 0)
+ if (handshake == 0 && rnd % 2 == 0)
{
gnutls_transport_set_global_errno (EAGAIN);
return -1;
@@ -105,7 +105,7 @@ server_pull (gnutls_transport_ptr_t tr, void *data, size_t
len)
unsigned char rnd;
gcry_create_nonce (&rnd, 1);
- if (handshake == 0 && rnd % 2 == 0)
+ if (handshake == 0 && rnd % 2 == 0)
{
gnutls_transport_set_global_errno (EAGAIN);
return -1;
@@ -134,7 +134,7 @@ server_push (gnutls_transport_ptr_t tr, const void *data,
size_t len)
//success ("server_push len %d has %d\n", len, to_client_len);
gcry_create_nonce (&rnd, 1);
- if (handshake == 0 && rnd % 2 == 0)
+ if (handshake == 0 && rnd % 2 == 0)
{
gnutls_transport_set_global_errno (EAGAIN);
return -1;
@@ -164,7 +164,7 @@ doit (void)
{
/* Server stuff. */
gnutls_anon_server_credentials_t s_anoncred;
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
static gnutls_dh_params_t dh_params;
gnutls_session_t server;
int sret = GNUTLS_E_AGAIN;
@@ -230,46 +230,48 @@ doit (void)
ns = gnutls_record_send (client, MSG, strlen (MSG));
//success ("client: sent %d\n", ns);
- do
+ do
{
//success("transferred: %d\n", transferred);
ret = gnutls_record_recv (server, buffer, MAX_BUF);
if (ret == 0)
- fail ("server: didn't receive any data\n");
- else if (ret < 0)
- {
- if (ret != GNUTLS_E_AGAIN) {
- fail ("server: error: %s\n", gnutls_strerror (ret));
- break;
- }
- }
+ fail ("server: didn't receive any data\n");
+ else if (ret < 0)
+ {
+ if (ret != GNUTLS_E_AGAIN)
+ {
+ fail ("server: error: %s\n", gnutls_strerror (ret));
+ break;
+ }
+ }
else
- {
- transferred+=ret;
- fputs ("*", stdout);
- }
-
- ns = gnutls_record_send (server, MSG, strlen (MSG));
- //success ("server: sent %d\n", ns);
-
- ret = gnutls_record_recv (client, buffer, MAX_BUF);
- if (ret == 0)
- {
- fail ("client: Peer has closed the TLS connection\n");
- }
- else if (ret < 0)
- {
- if (ret != GNUTLS_E_AGAIN) {
- fail ("client: Error: %s\n", gnutls_strerror (ret));
- break;
- }
- }
- else
- {
- transferred+=ret;
- fputs (".", stdout);
- }
+ {
+ transferred += ret;
+ fputs ("*", stdout);
+ }
+
+ ns = gnutls_record_send (server, MSG, strlen (MSG));
+ //success ("server: sent %d\n", ns);
+
+ ret = gnutls_record_recv (client, buffer, MAX_BUF);
+ if (ret == 0)
+ {
+ fail ("client: Peer has closed the TLS connection\n");
+ }
+ else if (ret < 0)
+ {
+ if (ret != GNUTLS_E_AGAIN)
+ {
+ fail ("client: Error: %s\n", gnutls_strerror (ret));
+ break;
+ }
+ }
+ else
+ {
+ transferred += ret;
+ fputs (".", stdout);
+ }
}
while (transferred < 7000);
fputs ("\n", stdout);
diff --git a/tests/mini.c b/tests/mini.c
index b64401d..21a426e 100644
--- a/tests/mini.c
+++ b/tests/mini.c
@@ -137,7 +137,7 @@ doit (void)
{
/* Server stuff. */
gnutls_anon_server_credentials_t s_anoncred;
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
static gnutls_dh_params_t dh_params;
gnutls_session_t server;
int sret = GNUTLS_E_AGAIN;
diff --git a/tests/nul-in-x509-names.c b/tests/nul-in-x509-names.c
index f79dea0..0ad9626 100644
--- a/tests/nul-in-x509-names.c
+++ b/tests/nul-in-x509-names.c
@@ -54,8 +54,7 @@ static char badguy_nul_cn_data[] =
"8/pc7vh7C8Y5tQQzXq64Xg5mzKjAag3sYMHF2TnqvRuPHH0WOLHoyDcBqkuZ3+QP\n"
"EL5h7prPzScFRgBg2Gp0CDI8i5ABagczDGyQ2+r7ahcadrtzFCfhpH7V3TCxXfIO\n"
"qtSy1Uz2T5EqB/Q3wc9IGcX+fpKWqN9QajGSo7EU/kHMSWKYTerFugUtScMicu9B\n"
- "CQ==\n"
- "-----END CERTIFICATE-----\n";
+ "CQ==\n" "-----END CERTIFICATE-----\n";
const gnutls_datum_t badguy_nul_cn = {
badguy_nul_cn_data, sizeof (badguy_nul_cn_data)
@@ -120,11 +119,11 @@ main (void)
ret = gnutls_x509_crt_check_hostname (crt, "www.bank.com");
if (ret == 0)
{
- puts("gnutls_x509_crt_check_hostname OK (NUL-IN-CN)");
+ puts ("gnutls_x509_crt_check_hostname OK (NUL-IN-CN)");
}
else
{
- puts("gnutls_x509_crt_check_hostname BROKEN (NUL-IN-CN)");
+ puts ("gnutls_x509_crt_check_hostname BROKEN (NUL-IN-CN)");
exit_code = 1;
}
@@ -138,11 +137,11 @@ main (void)
ret = gnutls_x509_crt_check_hostname (crt, "www.bank.com");
if (ret == 0)
{
- puts("gnutls_x509_crt_check_hostname OK (NUL-IN-SAN)");
+ puts ("gnutls_x509_crt_check_hostname OK (NUL-IN-SAN)");
}
else
{
- puts("gnutls_x509_crt_check_hostname BROKEN (NUL-IN-SAN)");
+ puts ("gnutls_x509_crt_check_hostname BROKEN (NUL-IN-SAN)");
exit_code = 1;
}
diff --git a/tests/openpgpself.c b/tests/openpgpself.c
index 2b07ae3..958388a 100644
--- a/tests/openpgpself.c
+++ b/tests/openpgpself.c
@@ -239,7 +239,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -352,7 +352,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/oprfi.c b/tests/oprfi.c
index 46089ce..8f128ef 100644
--- a/tests/oprfi.c
+++ b/tests/oprfi.c
@@ -292,7 +292,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/pkcs12_encode.c b/tests/pkcs12_encode.c
index ff72f43..28e24aa 100644
--- a/tests/pkcs12_encode.c
+++ b/tests/pkcs12_encode.c
@@ -45,8 +45,7 @@ static char client_pem[] =
"+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n"
"jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n"
"U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n"
- "dc8Siq5JojruiMizAf0pA7in\n"
- "-----END CERTIFICATE-----\n";
+ "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n";
const gnutls_datum_t client_dat = { client_pem, sizeof (client_pem) };
static char ca_pem[] =
@@ -61,8 +60,7 @@ static char ca_pem[] =
"Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\n"
"njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\n"
"KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\n"
- "PfqUpIhz5Bbm7J4=\n"
- "-----END CERTIFICATE-----\n";
+ "PfqUpIhz5Bbm7J4=\n" "-----END CERTIFICATE-----\n";
const gnutls_datum_t ca_dat = { ca_pem, sizeof (ca_pem) };
int
diff --git a/tests/pkcs12_s2k.c b/tests/pkcs12_s2k.c
index 58c58ee..e8b6dfc 100644
--- a/tests/pkcs12_s2k.c
+++ b/tests/pkcs12_s2k.c
@@ -75,27 +75,36 @@ static struct
size_t iter;
size_t keylen;
const char *key;
-} tv[] = {
- { 1, "smeg", "\x0A\x58\xCF\x64\x53\x0D\x82\x3F", 1, 24,
- "8aaae6297b6cb04642ab5b077851284eb7128f1a2a7fbca3" },
- { 2, "smeg", "\x0A\x58\xCF\x64\x53\x0D\x82\x3F", 1, 8,
- "79993dfe048d3b76" },
- { 1, "smeg", "\x64\x2B\x99\xAB\x44\xFB\x4B\x1F", 1, 24,
- "f3a95fec48d7711e985cfe67908c5ab79fa3d7c5caa5d966" },
- { 2, "smeg", "\x64\x2B\x99\xAB\x44\xFB\x4B\x1F", 1, 8,
- "c0a38d64a79bea1d" },
- { 3, "smeg", "\x3D\x83\xC0\xE4\x54\x6A\xC1\x40", 1, 20,
- "8d967d88f6caa9d714800ab3d48051d63f73a312" },
- { 1, "queeg", "\x05\xDE\xC9\x59\xAC\xFF\x72\xF7", 1000, 24,
- "ed2034e36328830ff09df1e1a07dd357185dac0d4f9eb3d4" },
- { 2, "queeg", "\x05\xDE\xC9\x59\xAC\xFF\x72\xF7", 1000, 8,
- "11dedad7758d4860" },
- { 1, "queeg", "\x16\x82\xC0\xFC\x5B\x3F\x7E\xC5", 1000, 24,
- "483dd6e919d7de2e8e648ba8f862f3fbfbdc2bcb2c02957f" },
- { 2, "queeg", "\x16\x82\xC0\xFC\x5B\x3F\x7E\xC5", 1000, 8,
- "9d461d1b00355c50" },
- { 3, "queeg", "\x26\x32\x16\xFC\xC2\xFA\xB3\x1C", 1000, 20,
- "5ec4c7a80df652294c3925b6489a7ab857c83476" }
+} tv[] =
+{
+ {
+ 1, "smeg", "\x0A\x58\xCF\x64\x53\x0D\x82\x3F", 1, 24,
+ "8aaae6297b6cb04642ab5b077851284eb7128f1a2a7fbca3"},
+ {
+ 2, "smeg", "\x0A\x58\xCF\x64\x53\x0D\x82\x3F", 1, 8, "79993dfe048d3b76"},
+ {
+ 1, "smeg", "\x64\x2B\x99\xAB\x44\xFB\x4B\x1F", 1, 24,
+ "f3a95fec48d7711e985cfe67908c5ab79fa3d7c5caa5d966"},
+ {
+ 2, "smeg", "\x64\x2B\x99\xAB\x44\xFB\x4B\x1F", 1, 8, "c0a38d64a79bea1d"},
+ {
+ 3, "smeg", "\x3D\x83\xC0\xE4\x54\x6A\xC1\x40", 1, 20,
+ "8d967d88f6caa9d714800ab3d48051d63f73a312"},
+ {
+ 1, "queeg", "\x05\xDE\xC9\x59\xAC\xFF\x72\xF7", 1000, 24,
+ "ed2034e36328830ff09df1e1a07dd357185dac0d4f9eb3d4"},
+ {
+ 2, "queeg", "\x05\xDE\xC9\x59\xAC\xFF\x72\xF7", 1000, 8,
+ "11dedad7758d4860"},
+ {
+ 1, "queeg", "\x16\x82\xC0\xFC\x5B\x3F\x7E\xC5", 1000, 24,
+ "483dd6e919d7de2e8e648ba8f862f3fbfbdc2bcb2c02957f"},
+ {
+ 2, "queeg", "\x16\x82\xC0\xFC\x5B\x3F\x7E\xC5", 1000, 8,
+ "9d461d1b00355c50"},
+ {
+ 3, "queeg", "\x26\x32\x16\xFC\xC2\xFA\xB3\x1C", 1000, 20,
+ "5ec4c7a80df652294c3925b6489a7ab857c83476"}
};
void
@@ -123,8 +132,7 @@ doit (void)
fail ("_gnutls_pkcs12_string_to_key failed[0]: %d\n", rc);
if (strcmp (_gnutls_bin2hex (key, sizeof (key),
- tmp, sizeof (tmp)),
- values[x]) != 0)
+ tmp, sizeof (tmp)), values[x]) != 0)
fail ("_gnutls_pkcs12_string_to_key failed[1]\n");
printf ("ij: %d.%d: %s\n", i, j,
diff --git a/tests/pkcs12_s2k_pem.c b/tests/pkcs12_s2k_pem.c
index 71fe4bf..7298e19 100644
--- a/tests/pkcs12_s2k_pem.c
+++ b/tests/pkcs12_s2k_pem.c
@@ -234,17 +234,28 @@ static struct
const char *password;
const char *pkcs12key;
int expected_result;
-} keys[] = {
- { "x_9607", "123456", X_9607, 0 },
- { "x_9671", "123456", X_9671, 0 },
- { "x_9925", "123456", X_9925, 0 },
- { "x_9926", "123456", X_9926, 0 },
- { "x_9927", "123456", X_9927, 0 },
- { "x_9928", "123456", X_9928, 0 },
- { "x_9929", "123456", X_9929, 0 },
- { "x_9930", "123456", X_9930, 0 },
- { "x_9931", "123456", X_9931, 0 },
- { "x_9932", "123456", X_9932, 0 }
+} keys[] =
+{
+ {
+ "x_9607", "123456", X_9607, 0},
+ {
+ "x_9671", "123456", X_9671, 0},
+ {
+ "x_9925", "123456", X_9925, 0},
+ {
+ "x_9926", "123456", X_9926, 0},
+ {
+ "x_9927", "123456", X_9927, 0},
+ {
+ "x_9928", "123456", X_9928, 0},
+ {
+ "x_9929", "123456", X_9929, 0},
+ {
+ "x_9930", "123456", X_9930, 0},
+ {
+ "x_9931", "123456", X_9931, 0},
+ {
+ "x_9932", "123456", X_9932, 0}
};
int
@@ -265,7 +276,7 @@ main (void)
if (ret < 0)
return 1;
- tmp.data = (char*) keys[i].pkcs12key;
+ tmp.data = (char *) keys[i].pkcs12key;
tmp.size = strlen (tmp.data);
ret = gnutls_x509_privkey_import_pkcs8 (key, &tmp,
diff --git a/tests/pskself.c b/tests/pskself.c
index d3e42f4..6c74763 100644
--- a/tests/pskself.c
+++ b/tests/pskself.c
@@ -56,7 +56,7 @@ client (void)
gnutls_psk_client_credentials_t pskcred;
/* Need to enable anonymous KX specifically. */
const int kx_prio[] = { GNUTLS_KX_PSK, 0 };
- const gnutls_datum_t key = { (char*) "DEADBEEF", 8 };
+ const gnutls_datum_t key = { (char *) "DEADBEEF", 8 };
gnutls_global_init ();
@@ -206,7 +206,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/resume.c b/tests/resume.c
index 5cc3eda..c52c1d6 100644
--- a/tests/resume.c
+++ b/tests/resume.c
@@ -58,16 +58,15 @@ struct params_res
int expect_resume;
};
-struct params_res resume_tests[] =
- {
- {"try to resume from db", 50, 0, 0, 1},
+struct params_res resume_tests[] = {
+ {"try to resume from db", 50, 0, 0, 1},
#ifdef ENABLE_SESSION_TICKET
- {"try to resume from session ticket", 0, 1, 1, 1},
- {"try to resume from session ticket (server only)", 0, 1, 0, 0},
- {"try to resume from session ticket (client only)", 0, 0, 1, 0},
+ {"try to resume from session ticket", 0, 1, 1, 1},
+ {"try to resume from session ticket (server only)", 0, 1, 0, 0},
+ {"try to resume from session ticket (client only)", 0, 0, 1, 0},
#endif
- {NULL, -1}
- };
+ {NULL, -1}
+};
/* A very basic TLS client, with anonymous authentication.
*/
@@ -256,7 +255,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -294,7 +293,8 @@ global_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/tlsia.c b/tests/tlsia.c
index fff10a8..cc1dbce 100644
--- a/tests/tlsia.c
+++ b/tests/tlsia.c
@@ -262,7 +262,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -378,7 +378,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/x509_altname.c b/tests/x509_altname.c
index ef99bae..c9f00dc 100644
--- a/tests/x509_altname.c
+++ b/tests/x509_altname.c
@@ -30,35 +30,34 @@
#include "utils.h"
static char pem[] =
-"-----BEGIN CERTIFICATE-----\n"
-"MIIE6zCCA9OgAwIBAgIBdjANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJTRTEf\n"
-"MB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEgMB4GA1UEAxMXU3RvY2to\n"
-"b2xtIFVuaXZlcnNpdHkgQ0EwHhcNMDYwMzIyMDkxNTI4WhcNMDcwMzIyMDkxNTI4\n"
-"WjBDMQswCQYDVQQGEwJTRTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRl\n"
-"dDETMBEGA1UEAxMKc2lwMS5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC\n"
-"gYEArUzXTD36ZK7CwZJH/faUNTcdaqM7JyiZsfrO703d7cT/bJ3wKxT8trOOh/Ou\n"
-"WwgGFX2+r7ykun3aIUXUuD13Yle/yHqH/4g9vWX7UeFCBlSI0tAxnlqt0QqlPgSd\n"
-"GLHcoO4PPyjon9jj0A/zpJGZHiRUCooo63YqE9MYfr5HBfkCAwEAAaOCAl8wggJb\n"
-"MAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD\n"
-"VR0OBBYEFDpcXNHMLJ7fc/c72BtZseq4MDXFMH8GA1UdIwR4MHaAFJ4uMLo32VFE\n"
-"yZ2/GCHxvX7utYZIoVukWTBXMQswCQYDVQQGEwJTRTEYMBYGA1UEChMPVW1lYSBV\n"
-"bml2ZXJzaXR5MRMwEQYDVQQLEwpTd1VQS0ktUENBMRkwFwYDVQQDExBTd1VQS0kg\n"
-"UG9saWN5IENBggEQMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9jYS5zdS5zZS8y\n"
-"MDA1LTEvY3JsLXYyLmNybDB5BgNVHSAEcjBwMG4GCCqFcCsCAQEBMGIwHwYIKwYB\n"
-"BQUHAgEWE2h0dHA6Ly9jYS5zdS5zZS9DUFMwPwYIKwYBBQUHAgIwMxoxTGltaXRl\n"
-"ZCBMaWFiaWxpdHksIHNlZSBodHRwOi8vd3d3LnN3dXBraS5zdS5zZS9DUDAkBgNV\n"
-"HRIEHTAbgQhjYUBzdS5zZYYPaHR0cDovL2NhLnN1LnNlMIG3BgNVHREEga8wgayC\n"
-"F2luY29taW5ncHJveHkuc2lwLnN1LnNlghhpbmNvbWluZ3Byb3h5MS5zaXAuc3Uu\n"
-"c2WCF291dGdvaW5ncHJveHkuc2lwLnN1LnNlghhvdXRnb2luZ3Byb3h5MS5zaXAu\n"
-"c3Uuc2WCDW91dC5zaXAuc3Uuc2WCE2FwcHNlcnZlci5zaXAuc3Uuc2WCFGFwcHNl\n"
-"cnZlcjEuc2lwLnN1LnNlggpzaXAxLnN1LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAR\n"
-"FYg7ytcph0E7WmvM44AN/8qru7tRX6aSFWrjLyVr/1Wk4prCK4y5JpfNw5dh9Z8f\n"
-"/gyFsr1iFsb6fS3nJTTd3fVlWRfcNCGIx5g8KuSb3u6f7VznkGOeiRMRESQc1G8B\n"
-"eh0zbdZS7BYO2g9EKlbGST5PwQnc4g9K7pqPyKSNVkzb60Nujg/+qYje7MCcN+ZR\n"
-"nUBo6U2NZ06/QEUFm+uUIhZ8IGM1gLehC7Q3G4+d4c38CDJxQnSPOgWiXuSvhhQm\n"
-"KDsbrKzRaeBRh5eEJbTkA8Dp0Emb0UrkRVhixeg97stxUcATAjdGljJ9MLnuHXnI\n"
-"7ihGdUfg5q/105vpsQpO\n"
-"-----END CERTIFICATE-----\n";
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIE6zCCA9OgAwIBAgIBdjANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJTRTEf\n"
+ "MB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEgMB4GA1UEAxMXU3RvY2to\n"
+ "b2xtIFVuaXZlcnNpdHkgQ0EwHhcNMDYwMzIyMDkxNTI4WhcNMDcwMzIyMDkxNTI4\n"
+ "WjBDMQswCQYDVQQGEwJTRTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRl\n"
+ "dDETMBEGA1UEAxMKc2lwMS5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC\n"
+ "gYEArUzXTD36ZK7CwZJH/faUNTcdaqM7JyiZsfrO703d7cT/bJ3wKxT8trOOh/Ou\n"
+ "WwgGFX2+r7ykun3aIUXUuD13Yle/yHqH/4g9vWX7UeFCBlSI0tAxnlqt0QqlPgSd\n"
+ "GLHcoO4PPyjon9jj0A/zpJGZHiRUCooo63YqE9MYfr5HBfkCAwEAAaOCAl8wggJb\n"
+ "MAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD\n"
+ "VR0OBBYEFDpcXNHMLJ7fc/c72BtZseq4MDXFMH8GA1UdIwR4MHaAFJ4uMLo32VFE\n"
+ "yZ2/GCHxvX7utYZIoVukWTBXMQswCQYDVQQGEwJTRTEYMBYGA1UEChMPVW1lYSBV\n"
+ "bml2ZXJzaXR5MRMwEQYDVQQLEwpTd1VQS0ktUENBMRkwFwYDVQQDExBTd1VQS0kg\n"
+ "UG9saWN5IENBggEQMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9jYS5zdS5zZS8y\n"
+ "MDA1LTEvY3JsLXYyLmNybDB5BgNVHSAEcjBwMG4GCCqFcCsCAQEBMGIwHwYIKwYB\n"
+ "BQUHAgEWE2h0dHA6Ly9jYS5zdS5zZS9DUFMwPwYIKwYBBQUHAgIwMxoxTGltaXRl\n"
+ "ZCBMaWFiaWxpdHksIHNlZSBodHRwOi8vd3d3LnN3dXBraS5zdS5zZS9DUDAkBgNV\n"
+ "HRIEHTAbgQhjYUBzdS5zZYYPaHR0cDovL2NhLnN1LnNlMIG3BgNVHREEga8wgayC\n"
+ "F2luY29taW5ncHJveHkuc2lwLnN1LnNlghhpbmNvbWluZ3Byb3h5MS5zaXAuc3Uu\n"
+ "c2WCF291dGdvaW5ncHJveHkuc2lwLnN1LnNlghhvdXRnb2luZ3Byb3h5MS5zaXAu\n"
+ "c3Uuc2WCDW91dC5zaXAuc3Uuc2WCE2FwcHNlcnZlci5zaXAuc3Uuc2WCFGFwcHNl\n"
+ "cnZlcjEuc2lwLnN1LnNlggpzaXAxLnN1LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAR\n"
+ "FYg7ytcph0E7WmvM44AN/8qru7tRX6aSFWrjLyVr/1Wk4prCK4y5JpfNw5dh9Z8f\n"
+ "/gyFsr1iFsb6fS3nJTTd3fVlWRfcNCGIx5g8KuSb3u6f7VznkGOeiRMRESQc1G8B\n"
+ "eh0zbdZS7BYO2g9EKlbGST5PwQnc4g9K7pqPyKSNVkzb60Nujg/+qYje7MCcN+ZR\n"
+ "nUBo6U2NZ06/QEUFm+uUIhZ8IGM1gLehC7Q3G4+d4c38CDJxQnSPOgWiXuSvhhQm\n"
+ "KDsbrKzRaeBRh5eEJbTkA8Dp0Emb0UrkRVhixeg97stxUcATAjdGljJ9MLnuHXnI\n"
+ "7ihGdUfg5q/105vpsQpO\n" "-----END CERTIFICATE-----\n";
#define MAX_DATA_SIZE 1024
@@ -69,7 +68,7 @@ doit (void)
gnutls_datum_t derCert = { pem, sizeof (pem) };
gnutls_x509_crt_t cert;
size_t data_len = MAX_DATA_SIZE;
- char data[ MAX_DATA_SIZE ];
+ char data[MAX_DATA_SIZE];
unsigned int critical = 0;
int alt_name_count = 0;
@@ -85,32 +84,43 @@ doit (void)
if (ret < 0)
fail ("crt_import %d\n", ret);
- for (alt_name_count = 0; ; ++alt_name_count) {
- ret = gnutls_x509_crt_get_issuer_alt_name (cert, alt_name_count, data,
&data_len, &critical);
- if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
- break;
+ for (alt_name_count = 0;; ++alt_name_count)
+ {
+ ret =
+ gnutls_x509_crt_get_issuer_alt_name (cert, alt_name_count, data,
+ &data_len, &critical);
+ if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+ break;
- if (ret < 0)
- fail ("get_issuer_alt_name: %d\n", ret);
+ if (ret < 0)
+ fail ("get_issuer_alt_name: %d\n", ret);
- // TODO: print out / check results
- if (GNUTLS_SAN_URI == ret) {
- if (strcmp( data, "http://ca.su.se"; ) != 0) {
- fail("unexpected issuer GNUTLS_SAN_URI: %s\n", data);
- }
- } else if (GNUTLS_SAN_RFC822NAME == ret) {
- if (strcmp( data, "address@hidden" ) != 0) {
- fail("unexpected issuer GNUTLS_SAN_RFC822NAME: %s\n", data);
- }
- } else {
- fail("unexpected alt name type: %d\n", ret);
+ // TODO: print out / check results
+ if (GNUTLS_SAN_URI == ret)
+ {
+ if (strcmp (data, "http://ca.su.se";) != 0)
+ {
+ fail ("unexpected issuer GNUTLS_SAN_URI: %s\n", data);
+ }
+ }
+ else if (GNUTLS_SAN_RFC822NAME == ret)
+ {
+ if (strcmp (data, "address@hidden") != 0)
+ {
+ fail ("unexpected issuer GNUTLS_SAN_RFC822NAME: %s\n", data);
+ }
+ }
+ else
+ {
+ fail ("unexpected alt name type: %d\n", ret);
+ }
+ data_len = MAX_DATA_SIZE;
}
- data_len = MAX_DATA_SIZE;
- }
- if (alt_name_count !=2) {
- fail("unexpected number of alt names: %i\n", alt_name_count);
- }
+ if (alt_name_count != 2)
+ {
+ fail ("unexpected number of alt names: %i\n", alt_name_count);
+ }
success ("done\n");
diff --git a/tests/x509dn.c b/tests/x509dn.c
index 57a517b..f64f68f 100644
--- a/tests/x509dn.c
+++ b/tests/x509dn.c
@@ -305,7 +305,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -385,7 +385,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/x509self.c b/tests/x509self.c
index 14979a1..fa2dbe8 100644
--- a/tests/x509self.c
+++ b/tests/x509self.c
@@ -167,15 +167,15 @@ client (void)
print_info (session);
ret = gnutls_record_send (session, MSG, strlen (MSG));
-
- if (ret == strlen(MSG))
+
+ if (ret == strlen (MSG))
{
success ("client: sent record.\n");
}
- else
+ else
{
fail ("client: failed to send record.\n");
- gnutls_perror(ret);
+ gnutls_perror (ret);
goto end;
}
@@ -187,16 +187,16 @@ client (void)
{
success ("client: doing handshake!\n");
ret = gnutls_handshake (session);
- if (ret == 0)
- {
- success ("client: handshake complete, reading again.\n");
- ret = gnutls_record_recv (session, buffer, MAX_BUF);
- }
+ if (ret == 0)
+ {
+ success ("client: handshake complete, reading again.\n");
+ ret = gnutls_record_recv (session, buffer, MAX_BUF);
+ }
else
- {
- fail ("client: handshake failed.\n");
- }
- }
+ {
+ fail ("client: handshake failed.\n");
+ }
+ }
if (ret == 0)
{
@@ -256,8 +256,8 @@ initialize_tls_session (void)
/* request client certificate if any.
Moved to later on to be able to test re-handshakes.
- gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST);
- */
+ gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST);
+ */
gnutls_dh_set_prime_bits (session, DH_BITS);
@@ -269,7 +269,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -349,7 +349,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
@@ -438,27 +439,28 @@ server (void)
}
else if (ret > 0)
{
- gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST);
-
- success ("server: got data, forcing rehandshake.\n");
-
- ret = gnutls_rehandshake(session);
- if (ret < 0)
- {
- fail ("server: rehandshake failed\n");
- gnutls_perror(ret);
- break;
- }
-
- ret = gnutls_handshake(session);
- if (ret < 0)
- {
- fail ("server: (re)handshake failed\n");
- gnutls_perror(ret);
- break;
- }
-
- success ("server: rehandshake complete.\n");
+ gnutls_certificate_server_set_request (session,
+ GNUTLS_CERT_REQUEST);
+
+ success ("server: got data, forcing rehandshake.\n");
+
+ ret = gnutls_rehandshake (session);
+ if (ret < 0)
+ {
+ fail ("server: rehandshake failed\n");
+ gnutls_perror (ret);
+ break;
+ }
+
+ ret = gnutls_handshake (session);
+ if (ret < 0)
+ {
+ fail ("server: (re)handshake failed\n");
+ gnutls_perror (ret);
+ break;
+ }
+
+ success ("server: rehandshake complete.\n");
/* echo data back to the client
*/
diff --git a/tests/x509sign-verify.c b/tests/x509sign-verify.c
index 3b68a70..532114f 100644
--- a/tests/x509sign-verify.c
+++ b/tests/x509sign-verify.c
@@ -65,8 +65,7 @@ static char pem1_cert[] =
"+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n"
"jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n"
"U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n"
- "dc8Siq5JojruiMizAf0pA7in\n"
- "-----END CERTIFICATE-----\n";
+ "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n";
static char pem1_key[] =
"-----BEGIN RSA PRIVATE KEY-----\n"
@@ -105,8 +104,7 @@ static char pem2_cert[] =
"HPutkm7mBqRWLKLhwFMnyPKVMAsGCSqGSIb3DQEBBQOBgQBCsrnfD1xzh8/Eih1f\n"
"x+M0lPoX1Re5L2ElHI6DJpHYOBPwf9glwxnet2+avzgUQDUFwUSxOhodpyeaACXD\n"
"o0gGVpcH8sOBTQ+aTdM37hGkPxoXjtIkR/LgG5nP2H2JRd5TkW8l13JdM4MJFB4W\n"
- "QcDzQ8REwidsfh9uKAluk1c/KQ==\n"
- "-----END CERTIFICATE-----\n";
+ "QcDzQ8REwidsfh9uKAluk1c/KQ==\n" "-----END CERTIFICATE-----\n";
static char pem2_key[] =
"-----BEGIN DSA PRIVATE KEY-----\n"
@@ -119,17 +117,18 @@ static char pem2_key[] =
"jsY+OpcCgYAPiodX8tHC3KzfS4sPi7op9+ED5FX6spgH1v0SsYC89bq0UNR/oA5D\n"
"55/JeBFf5eQMLGtqpDXcvVTlYDaaMdGKWW5rHLq9LrrrfIfv2sjdoeukg+aLrfr6\n"
"jlvXN8gyPpbCPvRD2n2RAg+3vPjvj/dBAF6W3w8IltzqsukGgq/SLwIUS5/r/2ya\n"
- "AoNBXjeBjgCGMei2m8E=\n"
- "-----END DSA PRIVATE KEY-----\n";
+ "AoNBXjeBjgCGMei2m8E=\n" "-----END DSA PRIVATE KEY-----\n";
const gnutls_datum_t cert_dat[] = {
- { pem1_cert, sizeof (pem1_cert) },
- { pem2_cert, sizeof (pem2_cert) }
+ {pem1_cert, sizeof (pem1_cert)}
+ ,
+ {pem2_cert, sizeof (pem2_cert)}
};
const gnutls_datum_t key_dat[] = {
- { pem1_key, sizeof (pem1_key) },
- { pem2_key, sizeof (pem2_key) }
+ {pem1_key, sizeof (pem1_key)}
+ ,
+ {pem2_key, sizeof (pem2_key)}
};
void
@@ -154,7 +153,8 @@ doit (void)
if (ret < 0)
fail ("gnutls_x509_privkey_init\n");
- ret = gnutls_x509_privkey_import (key, &key_dat[i], GNUTLS_X509_FMT_PEM);
+ ret =
+ gnutls_x509_privkey_import (key, &key_dat[i], GNUTLS_X509_FMT_PEM);
if (ret < 0)
fail ("gnutls_x509_privkey_import\n");
@@ -174,7 +174,8 @@ doit (void)
signature.data = _signature;
signature.size = _signature_size;
- ret = gnutls_x509_crt_get_verify_algorithm (crt, &signature, &hash_algo);
+ ret =
+ gnutls_x509_crt_get_verify_algorithm (crt, &signature, &hash_algo);
if (ret < 0 || hash_algo != GNUTLS_DIG_SHA1)
fail ("gnutls_x509_crt_get_verify_algorithm\n");
diff --git a/tests/x509signself.c b/tests/x509signself.c
index b39439d..6f7c1a2 100644
--- a/tests/x509signself.c
+++ b/tests/x509signself.c
@@ -271,7 +271,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -350,7 +350,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof
(int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_2_9_7-57-ge2a5fa1,
Simon Josefsson <=