diff options
author | Daniel Stenberg <daniel@haxx.se> | 2021-07-06 17:05:17 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2021-07-07 22:54:01 +0200 |
commit | e7416cfd2bd58d256b8524f31ef22a43aa23a970 (patch) | |
tree | c9858ec841f50c6ec7566af3581886ca94d2204a /lib/vtls/gtls.c | |
parent | 1026b36ea07d385bd270d444ba65f4065839f1cb (diff) | |
download | curl-e7416cfd2bd58d256b8524f31ef22a43aa23a970.tar.gz |
infof: remove newline from format strings, always append it
- the data needs to be "line-based" anyway since it's also passed to the
debug callback/application
- it makes infof() work like failf() and consistency is good
- there's an assert that triggers on newlines in the format string
- Also removes a few instances of "..."
- Removes the code that would append "..." to the end of the data *iff*
it was truncated in infof()
Closes #7357
Diffstat (limited to 'lib/vtls/gtls.c')
-rw-r--r-- | lib/vtls/gtls.c | 86 |
1 files changed, 43 insertions, 43 deletions
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 1b4655885..78f3ad7b1 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -147,7 +147,7 @@ static void showtime(struct Curl_easy *data, msnprintf(str, sizeof(str), - "\t %s: %s, %02d %s %4d %02d:%02d:%02d GMT", + " %s: %s, %02d %s %4d %02d:%02d:%02d GMT", text, Curl_wkday[tm->tm_wday?tm->tm_wday-1:6], tm->tm_mday, @@ -156,7 +156,7 @@ static void showtime(struct Curl_easy *data, tm->tm_hour, tm->tm_min, tm->tm_sec); - infof(data, "%s\n", str); + infof(data, "%s", str); } #endif @@ -266,7 +266,7 @@ static CURLcode handshake(struct Curl_easy *data, if(!strerr) strerr = gnutls_strerror(rc); - infof(data, "gnutls_handshake() warning: %s\n", strerr); + infof(data, "gnutls_handshake() warning: %s", strerr); continue; } else if(rc < 0) { @@ -432,7 +432,7 @@ gtls_connect_step1(struct Curl_easy *data, #ifdef HAVE_GNUTLS_SRP if(SSL_SET_OPTION(authtype) == CURL_TLSAUTH_SRP) { - infof(data, "Using TLS-SRP username: %s\n", SSL_SET_OPTION(username)); + infof(data, "Using TLS-SRP username: %s", SSL_SET_OPTION(username)); rc = gnutls_srp_allocate_client_credentials( &backend->srp_client_cred); @@ -462,7 +462,7 @@ gtls_connect_step1(struct Curl_easy *data, SSL_CONN_CONFIG(CAfile), GNUTLS_X509_FMT_PEM); if(rc < 0) { - infof(data, "error reading ca cert file %s (%s)\n", + infof(data, "error reading ca cert file %s (%s)", SSL_CONN_CONFIG(CAfile), gnutls_strerror(rc)); if(SSL_CONN_CONFIG(verifypeer)) { *certverifyresult = rc; @@ -470,7 +470,7 @@ gtls_connect_step1(struct Curl_easy *data, } } else - infof(data, "found %d certificates in %s\n", rc, + infof(data, "found %d certificates in %s", rc, SSL_CONN_CONFIG(CAfile)); } @@ -480,7 +480,7 @@ gtls_connect_step1(struct Curl_easy *data, SSL_CONN_CONFIG(CApath), GNUTLS_X509_FMT_PEM); if(rc < 0) { - infof(data, "error reading ca cert file %s (%s)\n", + infof(data, "error reading ca cert file %s (%s)", SSL_CONN_CONFIG(CApath), gnutls_strerror(rc)); if(SSL_CONN_CONFIG(verifypeer)) { *certverifyresult = rc; @@ -488,7 +488,7 @@ gtls_connect_step1(struct Curl_easy *data, } } else - infof(data, "found %d certificates in %s\n", + infof(data, "found %d certificates in %s", rc, SSL_CONN_CONFIG(CApath)); } @@ -511,7 +511,7 @@ gtls_connect_step1(struct Curl_easy *data, return CURLE_SSL_CRL_BADFILE; } else - infof(data, "found %d CRL in %s\n", + infof(data, "found %d CRL in %s", rc, SSL_SET_OPTION(CRLfile)); } @@ -544,7 +544,7 @@ gtls_connect_step1(struct Curl_easy *data, (gnutls_server_name_set(session, GNUTLS_NAME_DNS, hostname, strlen(hostname)) < 0)) infof(data, "WARNING: failed to configure server name indication (SNI) " - "TLS extension\n"); + "TLS extension"); /* Use default priorities */ rc = gnutls_set_default_priority(session); @@ -597,12 +597,12 @@ gtls_connect_step1(struct Curl_easy *data, free(prioritysrp); if((rc == GNUTLS_E_INVALID_REQUEST) && err) { - infof(data, "This GnuTLS does not support SRP\n"); + infof(data, "This GnuTLS does not support SRP"); } } else { #endif - infof(data, "GnuTLS ciphers: %s\n", prioritylist); + infof(data, "GnuTLS ciphers: %s", prioritylist); rc = gnutls_priority_set_direct(session, prioritylist, &err); #ifdef HAVE_GNUTLS_SRP } @@ -627,14 +627,14 @@ gtls_connect_step1(struct Curl_easy *data, protocols[cur].data = (unsigned char *)ALPN_H2; protocols[cur].size = ALPN_H2_LENGTH; cur++; - infof(data, "ALPN, offering %.*s\n", ALPN_H2_LENGTH, ALPN_H2); + infof(data, "ALPN, offering %.*s", ALPN_H2_LENGTH, ALPN_H2); } #endif protocols[cur].data = (unsigned char *)ALPN_HTTP_1_1; protocols[cur].size = ALPN_HTTP_1_1_LENGTH; cur++; - infof(data, "ALPN, offering %s\n", ALPN_HTTP_1_1); + infof(data, "ALPN, offering %s", ALPN_HTTP_1_1); gnutls_alpn_set_protocols(session, protocols, cur, 0); } @@ -740,7 +740,7 @@ gtls_connect_step1(struct Curl_easy *data, gnutls_session_set_data(session, ssl_sessionid, ssl_idsize); /* Informational message */ - infof(data, "SSL re-using session ID\n"); + infof(data, "SSL re-using session ID"); } Curl_ssl_sessionid_unlock(data); } @@ -843,7 +843,7 @@ gtls_connect_step3(struct Curl_easy *data, gnutls_cipher_get(session), gnutls_mac_get(session)); - infof(data, "SSL connection using %s / %s\n", + infof(data, "SSL connection using %s / %s", gnutls_protocol_get_name(version), ptr); /* This function will return the peer's raw certificate (chain) as sent by @@ -874,7 +874,7 @@ gtls_connect_step3(struct Curl_easy *data, } #endif } - infof(data, "\t common name: WARNING couldn't obtain\n"); + infof(data, " common name: WARNING couldn't obtain"); } if(data->set.ssl.certinfo && chainp) { @@ -921,13 +921,13 @@ gtls_connect_step3(struct Curl_easy *data, return CURLE_PEER_FAILED_VERIFICATION; } else - infof(data, "\t server certificate verification FAILED\n"); + infof(data, " server certificate verification FAILED"); } else - infof(data, "\t server certificate verification OK\n"); + infof(data, " server certificate verification OK"); } else - infof(data, "\t server certificate verification SKIPPED\n"); + infof(data, " server certificate verification SKIPPED"); if(SSL_CONN_CONFIG(verifystatus)) { if(gnutls_ocsp_status_request_is_checked(session, 0) == 0) { @@ -939,7 +939,7 @@ gtls_connect_step3(struct Curl_easy *data, rc = gnutls_ocsp_status_request_get(session, &status_request); - infof(data, "\t server certificate status verification FAILED\n"); + infof(data, " server certificate status verification FAILED"); if(rc == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { failf(data, "No OCSP response received"); @@ -1027,10 +1027,10 @@ gtls_connect_step3(struct Curl_easy *data, return CURLE_SSL_INVALIDCERTSTATUS; } else - infof(data, "\t server certificate status verification OK\n"); + infof(data, " server certificate status verification OK"); } else - infof(data, "\t server certificate status verification SKIPPED\n"); + infof(data, " server certificate status verification SKIPPED"); /* initialize an X.509 certificate structure. */ gnutls_x509_crt_init(&x509_cert); @@ -1053,7 +1053,7 @@ gtls_connect_step3(struct Curl_easy *data, gnutls_x509_crt_deinit(x509_cert); return CURLE_SSL_ISSUER_ERROR; } - infof(data, "\t server certificate issuer check OK (Issuer Cert: %s)\n", + infof(data, " server certificate issuer check OK (Issuer Cert: %s)", SSL_SET_OPTION(issuercert)?SSL_SET_OPTION(issuercert):"none"); } @@ -1064,7 +1064,7 @@ gtls_connect_step3(struct Curl_easy *data, certname, &size); if(rc) { - infof(data, "error fetching CN from cert:%s\n", + infof(data, "error fetching CN from cert:%s", gnutls_strerror(rc)); } @@ -1124,11 +1124,11 @@ gtls_connect_step3(struct Curl_easy *data, return CURLE_PEER_FAILED_VERIFICATION; } else - infof(data, "\t common name: %s (does not match '%s')\n", + infof(data, " common name: %s (does not match '%s')", certname, SSL_HOST_DISPNAME()); } else - infof(data, "\t common name: %s (matched)\n", certname); + infof(data, " common name: %s (matched)", certname); /* Check for time-based validity */ certclock = gnutls_x509_crt_get_expiration_time(x509_cert); @@ -1141,7 +1141,7 @@ gtls_connect_step3(struct Curl_easy *data, return CURLE_SSL_CONNECT_ERROR; } else - infof(data, "\t server certificate expiration date verify FAILED\n"); + infof(data, " server certificate expiration date verify FAILED"); } else { if(certclock < time(NULL)) { @@ -1152,10 +1152,10 @@ gtls_connect_step3(struct Curl_easy *data, return CURLE_PEER_FAILED_VERIFICATION; } else - infof(data, "\t server certificate expiration date FAILED\n"); + infof(data, " server certificate expiration date FAILED"); } else - infof(data, "\t server certificate expiration date OK\n"); + infof(data, " server certificate expiration date OK"); } certclock = gnutls_x509_crt_get_activation_time(x509_cert); @@ -1168,7 +1168,7 @@ gtls_connect_step3(struct Curl_easy *data, return CURLE_SSL_CONNECT_ERROR; } else - infof(data, "\t server certificate activation date verify FAILED\n"); + infof(data, " server certificate activation date verify FAILED"); } else { if(certclock > time(NULL)) { @@ -1179,10 +1179,10 @@ gtls_connect_step3(struct Curl_easy *data, return CURLE_PEER_FAILED_VERIFICATION; } else - infof(data, "\t server certificate activation date FAILED\n"); + infof(data, " server certificate activation date FAILED"); } else - infof(data, "\t server certificate activation date OK\n"); + infof(data, " server certificate activation date OK"); } ptr = SSL_PINNED_PUB_KEY(); @@ -1208,19 +1208,19 @@ gtls_connect_step3(struct Curl_easy *data, #ifndef CURL_DISABLE_VERBOSE_STRINGS /* public key algorithm's parameters */ algo = gnutls_x509_crt_get_pk_algorithm(x509_cert, &bits); - infof(data, "\t certificate public key: %s\n", + infof(data, " certificate public key: %s", gnutls_pk_algorithm_get_name(algo)); /* version of the X.509 certificate. */ - infof(data, "\t certificate version: #%d\n", + infof(data, " certificate version: #%d", gnutls_x509_crt_get_version(x509_cert)); rc = gnutls_x509_crt_get_dn2(x509_cert, &certfields); if(rc) - infof(data, "Failed to get certificate name\n"); + infof(data, "Failed to get certificate name"); else { - infof(data, "\t subject: %s\n", certfields.data); + infof(data, " subject: %s", certfields.data); certclock = gnutls_x509_crt_get_activation_time(x509_cert); showtime(data, "start date", certclock); @@ -1233,9 +1233,9 @@ gtls_connect_step3(struct Curl_easy *data, rc = gnutls_x509_crt_get_issuer_dn2(x509_cert, &certfields); if(rc) - infof(data, "Failed to get certificate issuer\n"); + infof(data, "Failed to get certificate issuer"); else { - infof(data, "\t issuer: %s\n", certfields.data); + infof(data, " issuer: %s", certfields.data); gnutls_free(certfields.data); } @@ -1246,7 +1246,7 @@ gtls_connect_step3(struct Curl_easy *data, if(conn->bits.tls_enable_alpn) { rc = gnutls_alpn_get_selected_protocol(session, &proto); if(rc == 0) { - infof(data, "ALPN, server accepted to use %.*s\n", proto.size, + infof(data, "ALPN, server accepted to use %.*s", proto.size, proto.data); #ifdef USE_HTTP2 @@ -1263,7 +1263,7 @@ gtls_connect_step3(struct Curl_easy *data, } } else - infof(data, "ALPN, server did not agree to a protocol\n"); + infof(data, "ALPN, server did not agree to a protocol"); Curl_multiuse_state(data, conn->negnpn == CURL_HTTP_VERSION_2 ? BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE); @@ -1505,7 +1505,7 @@ static int gtls_shutdown(struct Curl_easy *data, struct connectdata *conn, break; case GNUTLS_E_AGAIN: case GNUTLS_E_INTERRUPTED: - infof(data, "GNUTLS_E_AGAIN || GNUTLS_E_INTERRUPTED\n"); + infof(data, "GNUTLS_E_AGAIN || GNUTLS_E_INTERRUPTED"); break; default: retval = -1; @@ -1619,7 +1619,7 @@ static bool gtls_cert_status_request(void) } static void *gtls_get_internals(struct ssl_connect_data *connssl, - CURLINFO info UNUSED_PARAM) + CURLINFO info UNUSED_PARAM) { struct ssl_backend_data *backend = connssl->backend; (void)info; |