summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/examples/ex-cert-select.c61
-rw-r--r--doc/examples/ex-client-psk.c2
-rw-r--r--doc/examples/ex-pkcs12.c2
-rw-r--r--doc/examples/ex-serv-anon.c3
-rw-r--r--doc/examples/ex-serv-export.c3
-rw-r--r--doc/examples/ex-serv-pgp.c3
-rw-r--r--doc/examples/ex-serv-psk.c3
-rw-r--r--doc/examples/ex-serv-srp.c3
-rw-r--r--doc/examples/ex-serv1.c3
-rw-r--r--guile/src/core.c10
-rw-r--r--lib/auth_cert.c117
-rw-r--r--lib/auth_dhe.c11
-rw-r--r--lib/auth_rsa_export.c7
-rw-r--r--lib/auth_srp.c4
-rw-r--r--lib/auth_srp_passwd.c4
-rw-r--r--lib/auth_srp_rsa.c7
-rw-r--r--lib/ext_cert_type.c1
-rw-r--r--lib/ext_server_name.c8
-rw-r--r--lib/ext_session_ticket.c54
-rw-r--r--lib/ext_signature.c7
-rw-r--r--lib/gnutls_algorithms.c68
-rw-r--r--lib/gnutls_buffers.c91
-rw-r--r--lib/gnutls_cert.c2
-rw-r--r--lib/gnutls_cipher.c28
-rw-r--r--lib/gnutls_errors.c17
-rw-r--r--lib/gnutls_extensions.c16
-rw-r--r--lib/gnutls_handshake.c317
-rw-r--r--lib/gnutls_hash_int.c16
-rw-r--r--lib/gnutls_mpi.c4
-rw-r--r--lib/gnutls_priority.c50
-rw-r--r--lib/gnutls_psk.c4
-rw-r--r--lib/gnutls_record.c18
-rw-r--r--lib/gnutls_session_pack.c18
-rw-r--r--lib/gnutls_sig.c165
-rw-r--r--lib/gnutls_state.c10
-rw-r--r--lib/gnutls_str.c62
-rw-r--r--lib/gnutls_supplemental.c2
-rw-r--r--lib/gnutls_ui.c2
-rw-r--r--lib/gnutls_x509.c110
-rw-r--r--lib/minitasn1/decoding.c28
-rw-r--r--lib/opencdk/armor.c3
-rw-r--r--lib/opencdk/keydb.c3
-rw-r--r--lib/opencdk/literal.c4
-rw-r--r--lib/opencdk/misc.c2
-rw-r--r--lib/opencdk/new-packet.c4
-rw-r--r--lib/opencdk/read-packet.c29
-rw-r--r--lib/opencdk/sig-check.c4
-rw-r--r--lib/opencdk/stream.c5
-rw-r--r--lib/opencdk/verify.c3
-rw-r--r--lib/openpgp/gnutls_openpgp.c14
-rw-r--r--lib/openpgp/output.c3
-rw-r--r--lib/openpgp/pgp.c12
-rw-r--r--lib/x509/crq.c32
-rw-r--r--lib/x509/dn.c6
-rw-r--r--lib/x509/pkcs12.c12
-rw-r--r--lib/x509/pkcs12_bag.c310
-rw-r--r--lib/x509/privkey_pkcs8.c525
-rw-r--r--lib/x509/verify.c113
-rw-r--r--lib/x509/x509_write.c7
-rw-r--r--libextra/gl/md5.c6
-rw-r--r--libextra/gnutls_openssl.c2
-rw-r--r--src/certtool-cfg.c23
-rw-r--r--src/cli.c72
-rw-r--r--src/common.c12
-rw-r--r--src/crypt.c6
-rw-r--r--src/psk.c2
-rw-r--r--src/serv.c10
-rw-r--r--tests/anonself.c5
-rw-r--r--tests/chainverify.c16
-rw-r--r--tests/crq_apis.c9
-rw-r--r--tests/cve-2008-4989.c197
-rw-r--r--tests/cve-2009-1415.c3
-rw-r--r--tests/dhepskself.c7
-rw-r--r--tests/dn2.c10
-rw-r--r--tests/finished.c2
-rw-r--r--tests/hostname-check.c9
-rw-r--r--tests/mini-eagain.c78
-rw-r--r--tests/mini.c2
-rw-r--r--tests/nul-in-x509-names.c11
-rw-r--r--tests/openpgpself.c5
-rw-r--r--tests/oprfi.c3
-rw-r--r--tests/pkcs12_encode.c6
-rw-r--r--tests/pkcs12_s2k.c54
-rw-r--r--tests/pkcs12_s2k_pem.c35
-rw-r--r--tests/pskself.c5
-rw-r--r--tests/resume.c20
-rw-r--r--tests/tlsia.c5
-rw-r--r--tests/x509_altname.c114
-rw-r--r--tests/x509dn.c5
-rw-r--r--tests/x509self.c78
-rw-r--r--tests/x509sign-verify.c25
-rw-r--r--tests/x509signself.c5
92 files changed, 1732 insertions, 1542 deletions
diff --git a/doc/examples/ex-cert-select.c b/doc/examples/ex-cert-select.c
index 35a90b00ba..fe38ac2807 100644
--- a/doc/examples/ex-cert-select.c
+++ b/doc/examples/ex-cert-select.c
@@ -264,38 +264,41 @@ cert_callback (gnutls_session_t session,
gnutls_sign_algorithm_t cert_algo, req_algo;
int i, match = 0;
- ret = gnutls_x509_crt_get_signature_algorithm(crt);
+ ret = gnutls_x509_crt_get_signature_algorithm (crt);
if (ret < 0)
- {
- /* error reading signature algorithm
- */
- return -1;
- }
+ {
+ /* error reading signature algorithm
+ */
+ return -1;
+ }
cert_algo = ret;
-
- i=0;
- do {
- ret = gnutls_sign_algorithm_get_requested(session, i, &req_algo);
- if (ret >= 0 && cert_algo == req_algo)
- {
- match = 1;
- break;
- }
-
- /* server has not requested anything specific */
- if (i==0 && ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
- {
- match = 1;
- break;
- }
- i++;
- } while(ret >= 0);
-
+
+ i = 0;
+ do
+ {
+ ret = gnutls_sign_algorithm_get_requested (session, i, &req_algo);
+ if (ret >= 0 && cert_algo == req_algo)
+ {
+ match = 1;
+ break;
+ }
+
+ /* server has not requested anything specific */
+ if (i == 0 && ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+ {
+ match = 1;
+ break;
+ }
+ i++;
+ }
+ while (ret >= 0);
+
if (match == 0)
- {
- printf("- Could not find a suitable certificate to send to server\n");
- return -1;
- }
+ {
+ printf
+ ("- Could not find a suitable certificate to send to server\n");
+ return -1;
+ }
st->type = type;
st->ncerts = 1;
diff --git a/doc/examples/ex-client-psk.c b/doc/examples/ex-client-psk.c
index d4edfdd8c3..33e3d321b4 100644
--- a/doc/examples/ex-client-psk.c
+++ b/doc/examples/ex-client-psk.c
@@ -30,7 +30,7 @@ main (void)
char buffer[MAX_BUF + 1];
const char *err;
gnutls_psk_client_credentials_t pskcred;
- const gnutls_datum_t key = { (char*) "DEADBEEF", 8 };
+ const gnutls_datum_t key = { (char *) "DEADBEEF", 8 };
gnutls_global_init ();
diff --git a/doc/examples/ex-pkcs12.c b/doc/examples/ex-pkcs12.c
index ef7d38a629..7bb210b64e 100644
--- a/doc/examples/ex-pkcs12.c
+++ b/doc/examples/ex-pkcs12.c
@@ -33,7 +33,7 @@ write_pkcs12 (const gnutls_datum_t * cert,
/* A good idea might be to use gnutls_x509_privkey_get_key_id()
* to obtain a unique ID.
*/
- gnutls_datum_t key_id = { (char*) "\x00\x00\x07", 3 };
+ gnutls_datum_t key_id = { (char *) "\x00\x00\x07", 3 };
gnutls_global_init ();
diff --git a/doc/examples/ex-serv-anon.c b/doc/examples/ex-serv-anon.c
index 098432aaf7..a9b908b481 100644
--- a/doc/examples/ex-serv-anon.c
+++ b/doc/examples/ex-serv-anon.c
@@ -94,7 +94,8 @@ main (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
SOCKET_ERR (err, "bind");
diff --git a/doc/examples/ex-serv-export.c b/doc/examples/ex-serv-export.c
index f86a0c28bb..33b6d0ac68 100644
--- a/doc/examples/ex-serv-export.c
+++ b/doc/examples/ex-serv-export.c
@@ -173,7 +173,8 @@ main (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
SOCKET_ERR (err, "bind");
diff --git a/doc/examples/ex-serv-pgp.c b/doc/examples/ex-serv-pgp.c
index e0cfcdc1a1..da8e8eff92 100644
--- a/doc/examples/ex-serv-pgp.c
+++ b/doc/examples/ex-serv-pgp.c
@@ -108,7 +108,8 @@ main (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
SOCKET_ERR (err, "bind");
diff --git a/doc/examples/ex-serv-psk.c b/doc/examples/ex-serv-psk.c
index e010313a89..f661ff9cec 100644
--- a/doc/examples/ex-serv-psk.c
+++ b/doc/examples/ex-serv-psk.c
@@ -139,7 +139,8 @@ main (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
SOCKET_ERR (err, "bind");
diff --git a/doc/examples/ex-serv-srp.c b/doc/examples/ex-serv-srp.c
index 859b2f0743..d601fa2cf4 100644
--- a/doc/examples/ex-serv-srp.c
+++ b/doc/examples/ex-serv-srp.c
@@ -99,7 +99,8 @@ main (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
SOCKET_ERR (err, "bind");
diff --git a/doc/examples/ex-serv1.c b/doc/examples/ex-serv1.c
index 6dd8164ef5..755bf8d202 100644
--- a/doc/examples/ex-serv1.c
+++ b/doc/examples/ex-serv1.c
@@ -125,7 +125,8 @@ main (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
SOCKET_ERR (err, "bind");
diff --git a/guile/src/core.c b/guile/src/core.c
index c0ded90166..e31e336798 100644
--- a/guile/src/core.c
+++ b/guile/src/core.c
@@ -758,6 +758,7 @@ free_session_record_port (SCM port)
return 0;
}
+
#undef FUNC_NAME
#endif /* SCM_MAJOR_VERSION == 1 && SCM_MINOR_VERSION <= 8 */
@@ -868,15 +869,13 @@ make_session_record_port (SCM session)
unsigned char *c_port_buf;
const unsigned long mode_bits = SCM_OPN | SCM_RDNG | SCM_WRTNG;
- c_port_buf =
- (unsigned char *)
+ c_port_buf = (unsigned char *)
#ifdef HAVE_SCM_GC_MALLOC_POINTERLESS
scm_gc_malloc_pointerless
#else
scm_gc_malloc
#endif
- (SCM_GNUTLS_SESSION_RECORD_PORT_BUFFER_SIZE,
- session_record_port_gc_hint);
+ (SCM_GNUTLS_SESSION_RECORD_PORT_BUFFER_SIZE, session_record_port_gc_hint);
/* Create a new port. */
port = scm_new_port_table_entry (session_record_port_type);
@@ -956,7 +955,8 @@ SCM_DEFINE (scm_gnutls_set_session_transport_fd_x,
c_session = scm_to_gnutls_session (session, 1, FUNC_NAME);
c_fd = (int) scm_to_uint (fd);
- gnutls_transport_set_ptr (c_session, (gnutls_transport_ptr_t) (intptr_t) c_fd);
+ gnutls_transport_set_ptr (c_session,
+ (gnutls_transport_ptr_t) (intptr_t) c_fd);
SCM_GNUTLS_SET_SESSION_TRANSPORT_IS_FD (c_session, 1);
diff --git a/lib/auth_cert.c b/lib/auth_cert.c
index 2cd8b585a5..0dbba1f925 100644
--- a/lib/auth_cert.c
+++ b/lib/auth_cert.c
@@ -66,8 +66,7 @@ static gnutls_privkey *alloc_and_load_x509_key (gnutls_x509_privkey_t key);
*/
static int
_gnutls_copy_certificate_auth_info (cert_auth_info_t info,
- gnutls_cert * cert,
- size_t ncerts)
+ gnutls_cert * cert, size_t ncerts)
{
/* Copy peer's information to auth_info_t
*/
@@ -1026,14 +1025,17 @@ _gnutls_proc_x509_server_certificate (gnutls_session_t session,
gnutls_assert ();
goto cleanup;
}
-
+
/* check if signature algorithm is supported */
- ret = _gnutls_session_sign_algo_enabled(session, peer_certificate_list[j].sign_algo);
+ ret =
+ _gnutls_session_sign_algo_enabled (session,
+ peer_certificate_list
+ [j].sign_algo);
if (ret < 0)
- {
- gnutls_assert();
- goto cleanup;
- }
+ {
+ gnutls_assert ();
+ goto cleanup;
+ }
p += len;
}
@@ -1360,7 +1362,7 @@ _gnutls_proc_cert_cert_req (gnutls_session_t session, opaque * data,
return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
}
- if (_gnutls_version_has_selectable_sighash(ver))
+ if (_gnutls_version_has_selectable_sighash (ver))
{
/* read supported hashes */
int hash_num;
@@ -1369,12 +1371,12 @@ _gnutls_proc_cert_cert_req (gnutls_session_t session, opaque * data,
p += 2;
DECR_LEN (dsize, hash_num);
- ret = _gnutls_sign_algorithm_parse_data( session, p, hash_num);
+ ret = _gnutls_sign_algorithm_parse_data (session, p, hash_num);
if (ret < 0)
- {
- gnutls_assert();
- return ret;
- }
+ {
+ gnutls_assert ();
+ return ret;
+ }
p += hash_num;
}
@@ -1420,7 +1422,7 @@ _gnutls_gen_cert_client_cert_vrfy (gnutls_session_t session, opaque ** data)
int apr_cert_list_length, size;
gnutls_datum_t signature;
int total_data;
- opaque* p;
+ opaque *p;
gnutls_sign_algorithm_t sign_algo;
gnutls_protocol_t ver = gnutls_protocol_get_version (session);
@@ -1439,13 +1441,13 @@ _gnutls_gen_cert_client_cert_vrfy (gnutls_session_t session, opaque ** data)
{
if ((ret =
_gnutls_handshake_sign_cert_vrfy (session,
- &apr_cert_list[0],
- apr_pkey, &signature)) < 0)
+ &apr_cert_list[0],
+ apr_pkey, &signature)) < 0)
{
gnutls_assert ();
return ret;
}
- sign_algo = ret;
+ sign_algo = ret;
}
else
{
@@ -1455,9 +1457,9 @@ _gnutls_gen_cert_client_cert_vrfy (gnutls_session_t session, opaque ** data)
total_data = signature.size + 2;
/* add hash and signature algorithms */
- if (_gnutls_version_has_selectable_sighash(ver))
+ if (_gnutls_version_has_selectable_sighash (ver))
{
- total_data+=2;
+ total_data += 2;
}
*data = gnutls_malloc (total_data);
@@ -1468,20 +1470,20 @@ _gnutls_gen_cert_client_cert_vrfy (gnutls_session_t session, opaque ** data)
}
p = *data;
- if (_gnutls_version_has_selectable_sighash(ver))
+ if (_gnutls_version_has_selectable_sighash (ver))
{
sign_algorithm_st aid;
/* error checking is not needed here since we have used those algorithms */
- aid = _gnutls_sign_to_tls_aid(sign_algo);
+ aid = _gnutls_sign_to_tls_aid (sign_algo);
p[0] = aid.hash_algorithm;
p[1] = aid.sign_algorithm;
- p+=2;
+ p += 2;
}
size = signature.size;
_gnutls_write_uint16 (size, p);
- p+=2;
+ p += 2;
memcpy (p, signature.data, size);
_gnutls_free_datum (&signature);
@@ -1509,27 +1511,27 @@ _gnutls_proc_cert_client_cert_vrfy (gnutls_session_t session,
return GNUTLS_E_INTERNAL_ERROR;
}
- if (_gnutls_version_has_selectable_sighash(ver))
+ if (_gnutls_version_has_selectable_sighash (ver))
{
- sign_algorithm_st aid;
+ sign_algorithm_st aid;
DECR_LEN (dsize, 2);
aid.hash_algorithm = pdata[0];
aid.sign_algorithm = pdata[1];
-
- sign_algo = _gnutls_tls_aid_to_sign(&aid);
+
+ sign_algo = _gnutls_tls_aid_to_sign (&aid);
if (sign_algo == GNUTLS_PK_UNKNOWN)
- {
- gnutls_assert();
- return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
- }
- pdata+=2;
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
+ }
+ pdata += 2;
}
ret = _gnutls_session_sign_algo_enabled (session, sign_algo);
if (ret < 0)
{
- gnutls_assert();
+ gnutls_assert ();
return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
}
@@ -1552,7 +1554,9 @@ _gnutls_proc_cert_client_cert_vrfy (gnutls_session_t session,
return ret;
}
- if ((ret = _gnutls_handshake_verify_cert_vrfy (session, &peer_cert, &sig, sign_algo)) < 0)
+ if ((ret =
+ _gnutls_handshake_verify_cert_vrfy (session, &peer_cert, &sig,
+ sign_algo)) < 0)
{
gnutls_assert ();
_gnutls_gcert_deinit (&peer_cert);
@@ -1571,7 +1575,7 @@ _gnutls_gen_cert_server_cert_req (gnutls_session_t session, opaque ** data)
int size, ret;
opaque *pdata;
gnutls_protocol_t ver = gnutls_protocol_get_version (session);
- const int signalgosize = 2+MAX_SIGNATURE_ALGORITHMS*2;
+ const int signalgosize = 2 + MAX_SIGNATURE_ALGORITHMS * 2;
/* Now we need to generate the RDN sequence. This is
* already in the CERTIFICATE_CRED structure, to improve
@@ -1593,7 +1597,7 @@ _gnutls_gen_cert_server_cert_req (gnutls_session_t session, opaque ** data)
session->internals.ignore_rdn_sequence == 0)
size += cred->x509_rdn_sequence.size;
- if (_gnutls_version_has_selectable_sighash(ver))
+ if (_gnutls_version_has_selectable_sighash (ver))
/* Need two bytes to announce the number of supported hash
functions (see below). */
size += signalgosize;
@@ -1613,17 +1617,18 @@ _gnutls_gen_cert_server_cert_req (gnutls_session_t session, opaque ** data)
pdata[2] = DSA_SIGN; /* only these for now */
pdata += CERTTYPE_SIZE;
- if (_gnutls_version_has_selectable_sighash(ver))
+ if (_gnutls_version_has_selectable_sighash (ver))
{
- ret = _gnutls_sign_algorithm_write_params(session, pdata, signalgosize);
+ ret =
+ _gnutls_sign_algorithm_write_params (session, pdata, signalgosize);
if (ret < 0)
- {
- gnutls_assert();
- return ret;
- }
-
+ {
+ gnutls_assert ();
+ return ret;
+ }
+
/* recalculate size */
- size=size-signalgosize+ret;
+ size = size - signalgosize + ret;
pdata += ret;
}
@@ -1915,23 +1920,29 @@ _gnutls_server_select_cert (gnutls_session_t session,
for (i = 0; i < cred->ncerts; i++)
{
- /* find one compatible certificate
+ /* find one compatible certificate
*/
if (requested_algo == GNUTLS_PK_ANY ||
requested_algo == cred->cert_list[i][0].subject_pk_algorithm)
{
- /* if cert type and signature algorithm matches
+ /* if cert type and signature algorithm matches
*/
- if (session->security_parameters.cert_type == cred->cert_list[i][0].cert_type &&
- (cred->cert_list[i][0].cert_type == GNUTLS_CRT_OPENPGP || /* FIXME: make this a check for
- * certificate type capabilities
- */
- !_gnutls_version_has_selectable_sighash (gnutls_protocol_get_version (session)) ||
- _gnutls_session_sign_algo_requested(session, cred->cert_list[i][0].sign_algo) == 0))
+ /* *INDENT-OFF* */
+ if (session->security_parameters.cert_type
+ == cred->cert_list[i][0].cert_type
+ && (cred->cert_list[i][0].cert_type == GNUTLS_CRT_OPENPGP
+ || /* FIXME: make this a check for certificate
+ type capabilities */
+ !_gnutls_version_has_selectable_sighash
+ (gnutls_protocol_get_version (session))
+ ||
+ _gnutls_session_sign_algo_requested
+ (session, cred->cert_list[i][0].sign_algo) == 0))
{
idx = i;
break;
}
+ /* *INDENT-ON* */
}
}
diff --git a/lib/auth_dhe.c b/lib/auth_dhe.c
index 7026026f83..eca85b34fa 100644
--- a/lib/auth_dhe.c
+++ b/lib/auth_dhe.c
@@ -149,8 +149,8 @@ gen_dhe_server_kx (gnutls_session_t session, opaque ** data)
{
if ((ret =
_gnutls_handshake_sign_data (session, &apr_cert_list[0],
- apr_pkey, &ddata, &signature,
- &sign_algo)) < 0)
+ apr_pkey, &ddata, &signature,
+ &sign_algo)) < 0)
{
gnutls_assert ();
gnutls_free (*data);
@@ -233,9 +233,9 @@ proc_dhe_server_kx (gnutls_session_t session, opaque * data,
{
sign_algorithm_st aid;
- DECR_LEN(data_size, 1);
+ DECR_LEN (data_size, 1);
aid.hash_algorithm = *sigdata++;
- DECR_LEN(data_size, 1);
+ DECR_LEN (data_size, 1);
aid.sign_algorithm = *sigdata++;
sign_algo = _gnutls_tls_aid_to_sign (&aid);
if (sign_algo == GNUTLS_SIGN_UNKNOWN)
@@ -261,7 +261,8 @@ proc_dhe_server_kx (gnutls_session_t session, opaque * data,
return ret;
}
- ret = _gnutls_handshake_verify_data (session, &peer_cert, &vparams, &signature,
+ ret =
+ _gnutls_handshake_verify_data (session, &peer_cert, &vparams, &signature,
sign_algo);
_gnutls_gcert_deinit (&peer_cert);
diff --git a/lib/auth_rsa_export.c b/lib/auth_rsa_export.c
index 789a9498d5..52adff6be8 100644
--- a/lib/auth_rsa_export.c
+++ b/lib/auth_rsa_export.c
@@ -155,8 +155,8 @@ gen_rsa_export_server_kx (gnutls_session_t session, opaque ** data)
{
if ((ret =
_gnutls_handshake_sign_data (session, &apr_cert_list[0],
- apr_pkey, &ddata, &signature,
- &sign_algo)) < 0)
+ apr_pkey, &ddata, &signature,
+ &sign_algo)) < 0)
{
gnutls_assert ();
gnutls_free (*data);
@@ -310,7 +310,8 @@ proc_rsa_export_server_kx (gnutls_session_t session,
return ret;
}
- ret = _gnutls_handshake_verify_data (session, &peer_cert, &vparams, &signature,
+ ret =
+ _gnutls_handshake_verify_data (session, &peer_cert, &vparams, &signature,
GNUTLS_SIGN_UNKNOWN);
_gnutls_gcert_deinit (&peer_cert);
diff --git a/lib/auth_srp.c b/lib/auth_srp.c
index 634749c196..6eac98d123 100644
--- a/lib/auth_srp.c
+++ b/lib/auth_srp.c
@@ -245,7 +245,7 @@ _gnutls_gen_srp_server_kx (gnutls_session_t session, opaque ** data)
_gnutls_write_uint16 (n_b, data_b);
- _gnutls_hard_log ("INT: SRP B[%d]: %s\n", (int)n_b,
+ _gnutls_hard_log ("INT: SRP B[%d]: %s\n", (int) n_b,
_gnutls_bin2hex (&data_b[2], n_b, buf, sizeof (buf)));
_gnutls_srp_entry_free (pwd_entry);
@@ -364,7 +364,7 @@ _gnutls_gen_srp_client_kx (gnutls_session_t session, opaque ** data)
return GNUTLS_E_MPI_PRINT_FAILED;
}
- _gnutls_hard_log ("INT: SRP A[%d]: %s\n", (int)n_a,
+ _gnutls_hard_log ("INT: SRP A[%d]: %s\n", (int) n_a,
_gnutls_bin2hex (&data_a[2], n_a, buf, sizeof (buf)));
_gnutls_mpi_release (&A);
diff --git a/lib/auth_srp_passwd.c b/lib/auth_srp_passwd.c
index 6a1e986761..46daf24e78 100644
--- a/lib/auth_srp_passwd.c
+++ b/lib/auth_srp_passwd.c
@@ -346,8 +346,8 @@ _gnutls_srp_pwd_read_entry (gnutls_session_t state, char *username,
/* Keep the last index in memory, so we can retrieve fake parameters (g,n)
* when the user does not exist.
*/
- /* XXX: last_idx will not be read as both if block branches return. */
- last_idx = idx;
+ /* XXX: last_idx will not be read as both if block branches return. */
+ last_idx = idx;
if (pwd_read_conf (cred->password_conf_file, entry, idx) == 0)
{
return 0;
diff --git a/lib/auth_srp_rsa.c b/lib/auth_srp_rsa.c
index e3192f751f..23d8e0d6a7 100644
--- a/lib/auth_srp_rsa.c
+++ b/lib/auth_srp_rsa.c
@@ -117,8 +117,8 @@ gen_srp_cert_server_kx (gnutls_session_t session, opaque ** data)
if ((ret =
_gnutls_handshake_sign_data (session, &apr_cert_list[0],
- apr_pkey, &ddata, &signature,
- &sign_algo)) < 0)
+ apr_pkey, &ddata, &signature,
+ &sign_algo)) < 0)
{
gnutls_assert ();
gnutls_free (*data);
@@ -193,7 +193,8 @@ proc_srp_cert_server_kx (gnutls_session_t session, opaque * data,
return ret;
}
- ret = _gnutls_handshake_verify_data (session, &peer_cert, &vparams, &signature,
+ ret =
+ _gnutls_handshake_verify_data (session, &peer_cert, &vparams, &signature,
GNUTLS_SIGN_UNKNOWN);
_gnutls_gcert_deinit (&peer_cert);
diff --git a/lib/ext_cert_type.c b/lib/ext_cert_type.c
index 60fd2a05bb..c5a5a352ce 100644
--- a/lib/ext_cert_type.c
+++ b/lib/ext_cert_type.c
@@ -242,4 +242,3 @@ _gnutls_cert_type2num (int cert_type)
}
}
-
diff --git a/lib/ext_server_name.c b/lib/ext_server_name.c
index 1b8513a73f..14ac269396 100644
--- a/lib/ext_server_name.c
+++ b/lib/ext_server_name.c
@@ -331,7 +331,8 @@ gnutls_server_name_set (gnutls_session_t session,
if (name_length > MAX_SERVER_NAME_SIZE)
return GNUTLS_E_SHORT_MEMORY_BUFFER;
- server_names = session->security_parameters.extensions.server_names_size + 1;
+ server_names =
+ session->security_parameters.extensions.server_names_size + 1;
if (server_names > MAX_SERVER_NAME_EXTENSIONS)
server_names = MAX_SERVER_NAME_EXTENSIONS;
@@ -340,8 +341,9 @@ gnutls_server_name_set (gnutls_session_t session,
[server_names - 1].type = type;
memcpy (session->security_parameters.extensions.
server_names[server_names - 1].name, name, name_length);
- session->security_parameters.extensions.server_names
- [server_names - 1].name_length = name_length;
+ session->security_parameters.extensions.server_names[server_names -
+ 1].name_length =
+ name_length;
session->security_parameters.extensions.server_names_size++;
diff --git a/lib/ext_session_ticket.c b/lib/ext_session_ticket.c
index dc5051a091..f51c2b88ef 100644
--- a/lib/ext_session_ticket.c
+++ b/lib/ext_session_ticket.c
@@ -42,7 +42,8 @@
#define MAC_SIZE 32
-struct ticket {
+struct ticket
+{
opaque key_name[KEY_NAME_SIZE];
opaque IV[IV_SIZE];
opaque *encrypted_state;
@@ -51,7 +52,8 @@ struct ticket {
};
static int
-digest_ticket (const gnutls_datum_t *key, struct ticket *ticket, opaque *digest)
+digest_ticket (const gnutls_datum_t * key, struct ticket *ticket,
+ opaque * digest)
{
digest_hd_st digest_hd;
uint16_t length16;
@@ -85,8 +87,8 @@ decrypt_ticket (gnutls_session_t session, struct ticket *ticket)
int ret;
/* Check the integrity of ticket using HMAC-SHA-256. */
- mac_secret.data = session->security_parameters.extensions.
- session_ticket_key->mac_secret;
+ mac_secret.data =
+ session->security_parameters.extensions.session_ticket_key->mac_secret;
mac_secret.size = MAC_SECRET_SIZE;
ret = digest_ticket (&mac_secret, ticket, final);
if (ret < 0)
@@ -102,12 +104,12 @@ decrypt_ticket (gnutls_session_t session, struct ticket *ticket)
}
/* Decrypt encrypted_state using 128-bit AES in CBC mode. */
- key.data = session->security_parameters.extensions.
- session_ticket_key->key;
+ key.data = session->security_parameters.extensions.session_ticket_key->key;
key.size = KEY_SIZE;
IV.data = ticket->IV;
IV.size = IV_SIZE;
- ret = _gnutls_cipher_init (&cipher_hd, GNUTLS_CIPHER_AES_128_CBC, &key, &IV);
+ ret =
+ _gnutls_cipher_init (&cipher_hd, GNUTLS_CIPHER_AES_128_CBC, &key, &IV);
if (ret < 0)
{
gnutls_assert ();
@@ -161,7 +163,8 @@ encrypt_ticket (gnutls_session_t session, struct ticket *ticket)
return ret;
}
blocksize = _gnutls_cipher_get_block_size (GNUTLS_CIPHER_AES_128_CBC);
- encrypted_state.size = ((state.size + blocksize - 1) / blocksize) * blocksize;
+ encrypted_state.size =
+ ((state.size + blocksize - 1) / blocksize) * blocksize;
encrypted_state.data = gnutls_malloc (encrypted_state.size);
if (!encrypted_state.data)
{
@@ -178,7 +181,8 @@ encrypt_ticket (gnutls_session_t session, struct ticket *ticket)
key.size = KEY_SIZE;
IV.data = session->security_parameters.extensions.session_ticket_IV;
IV.size = IV_SIZE;
- ret = _gnutls_cipher_init (&cipher_hd, GNUTLS_CIPHER_AES_128_CBC, &key, &IV);
+ ret =
+ _gnutls_cipher_init (&cipher_hd, GNUTLS_CIPHER_AES_128_CBC, &key, &IV);
if (ret < 0)
{
gnutls_assert ();
@@ -199,14 +203,13 @@ encrypt_ticket (gnutls_session_t session, struct ticket *ticket)
/* Fill the ticket structure to compute MAC. */
memcpy (ticket->key_name,
session->security_parameters.extensions.
- session_ticket_key->key_name,
- KEY_NAME_SIZE);
+ session_ticket_key->key_name, KEY_NAME_SIZE);
memcpy (ticket->IV, IV.data, IV.size);
ticket->encrypted_state_len = encrypted_state.size;
ticket->encrypted_state = encrypted_state.data;
- mac_secret.data = session->security_parameters.extensions.
- session_ticket_key->mac_secret;
+ mac_secret.data =
+ session->security_parameters.extensions.session_ticket_key->mac_secret;
mac_secret.size = MAC_SECRET_SIZE;
ret = digest_ticket (&mac_secret, ticket, ticket->mac);
if (ret < 0)
@@ -246,11 +249,10 @@ _gnutls_session_ticket_recv_params (gnutls_session_t session,
data += KEY_NAME_SIZE;
/* If the key name of the ticket does not match the one that we
- hold, issue a new ticket. */
+ hold, issue a new ticket. */
if (memcmp (ticket.key_name,
session->security_parameters.extensions.
- session_ticket_key->key_name,
- KEY_NAME_SIZE))
+ session_ticket_key->key_name, KEY_NAME_SIZE))
{
session->internals.session_ticket_renew = 1;
return 0;
@@ -360,11 +362,11 @@ _gnutls_session_ticket_send_params (gnutls_session_t session,
* Since: 2.10.0
**/
int
-gnutls_session_ticket_key_generate (gnutls_datum_t *key)
+gnutls_session_ticket_key_generate (gnutls_datum_t * key)
{
int ret;
- key->size = sizeof(struct gnutls_session_ticket_key_st);
+ key->size = sizeof (struct gnutls_session_ticket_key_st);
key->data = gnutls_malloc (key->size);
if (!key->data)
{
@@ -424,12 +426,12 @@ gnutls_session_ticket_enable_client (gnutls_session_t session)
**/
int
gnutls_session_ticket_enable_server (gnutls_session_t session,
- const gnutls_datum_t *key)
+ const gnutls_datum_t * key)
{
int ret;
if (!session || !key
- || key->size != sizeof(struct gnutls_session_ticket_key_st))
+ || key->size != sizeof (struct gnutls_session_ticket_key_st))
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
@@ -445,7 +447,7 @@ gnutls_session_ticket_enable_server (gnutls_session_t session,
}
session->security_parameters.extensions.session_ticket_key =
- (struct gnutls_session_ticket_key_st *)key->data;
+ (struct gnutls_session_ticket_key_st *) key->data;
session->internals.session_ticket_enable = 1;
return 0;
}
@@ -489,9 +491,9 @@ _gnutls_send_new_session_ticket (gnutls_session_t session, int again)
if (again == 0)
{
/* XXX: Temporarily set write algorithms to be used.
- _gnutls_write_connection_state_init() does this job, but it also
- triggers encryption, while NewSessionTicket should not be
- encrypted in the record layer. */
+ _gnutls_write_connection_state_init() does this job, but it also
+ triggers encryption, while NewSessionTicket should not be
+ encrypted in the record layer. */
SAVE_WRITE_SECURITY_PARAMETERS;
ret = _gnutls_set_write_cipher (session,
_gnutls_cipher_suite_get_cipher_algo
@@ -532,7 +534,7 @@ _gnutls_send_new_session_ticket (gnutls_session_t session, int again)
p = data;
/* FIXME: ticket lifetime is fixed to 10 days, which should be
- customizable. */
+ customizable. */
_gnutls_write_uint32 (864000, p);
p += 4;
@@ -620,7 +622,7 @@ _gnutls_recv_new_session_ticket (gnutls_session_t session)
}
return 0;
- error:
+error:
gnutls_free (data);
return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
}
diff --git a/lib/ext_signature.c b/lib/ext_signature.c
index 9be866dd3e..7dcea66866 100644
--- a/lib/ext_signature.c
+++ b/lib/ext_signature.c
@@ -90,10 +90,9 @@ _gnutls_sign_algorithm_parse_data (gnutls_session_t session,
sig = _gnutls_tls_aid_to_sign (&aid);
if (sig != GNUTLS_SIGN_UNKNOWN)
{
- session->security_parameters.
- extensions.sign_algorithms[session->security_parameters.
- extensions.
- sign_algorithms_size++] = sig;
+ session->security_parameters.extensions.
+ sign_algorithms[session->security_parameters.extensions.
+ sign_algorithms_size++] = sig;
if (session->security_parameters.extensions.sign_algorithms_size ==
MAX_SIGNATURE_ALGORITHMS)
break;
diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c
index 8b04524942..bb1a5f193b 100644
--- a/lib/gnutls_algorithms.c
+++ b/lib/gnutls_algorithms.c
@@ -1238,14 +1238,15 @@ _gnutls_version_has_selectable_sighash (gnutls_protocol_t version)
int
_gnutls_version_has_extensions (gnutls_protocol_t version)
{
- switch(version) {
- case GNUTLS_TLS1_0:
- case GNUTLS_TLS1_1:
- case GNUTLS_TLS1_2:
- return 1;
- default:
- return 0;
- }
+ switch (version)
+ {
+ case GNUTLS_TLS1_0:
+ case GNUTLS_TLS1_1:
+ case GNUTLS_TLS1_2:
+ return 1;
+ default:
+ return 0;
+ }
}
/* This function determines if the version specified has explicit IVs
@@ -1253,27 +1254,30 @@ _gnutls_version_has_extensions (gnutls_protocol_t version)
int
_gnutls_version_has_explicit_iv (gnutls_protocol_t version)
{
- switch(version) {
- case GNUTLS_TLS1_1:
- case GNUTLS_TLS1_2:
- return 1;
- default:
- return 0;
- }
+ switch (version)
+ {
+ case GNUTLS_TLS1_1:
+ case GNUTLS_TLS1_2:
+ return 1;
+ default:
+ return 0;
+ }
}
/* This function determines if the version specified can have
non-minimal padding. */
-int _gnutls_version_has_variable_padding (gnutls_protocol_t version)
+int
+_gnutls_version_has_variable_padding (gnutls_protocol_t version)
{
- switch(version) {
- case GNUTLS_TLS1_0:
- case GNUTLS_TLS1_1:
- case GNUTLS_TLS1_2:
- return 1;
- default:
- return 0;
- }
+ switch (version)
+ {
+ case GNUTLS_TLS1_0:
+ case GNUTLS_TLS1_1:
+ case GNUTLS_TLS1_2:
+ return 1;
+ default:
+ return 0;
+ }
}
/* Type to KX mappings */
@@ -1849,7 +1853,8 @@ static const gnutls_sign_entry sign_algorithms[] = {
GNUTLS_MAC_MD5, {1, 1}},
{"RSA-MD2", SIG_RSA_MD2_OID, GNUTLS_SIGN_RSA_MD2, GNUTLS_PK_RSA,
GNUTLS_MAC_MD2, TLS_SIGN_AID_UNKNOWN},
- {"GOST R 34.10-2001", SIG_GOST_R3410_2001_OID, 0, 0, 0, TLS_SIGN_AID_UNKNOWN},
+ {"GOST R 34.10-2001", SIG_GOST_R3410_2001_OID, 0, 0, 0,
+ TLS_SIGN_AID_UNKNOWN},
{"GOST R 34.10-94", SIG_GOST_R3410_94_OID, 0, 0, 0, TLS_SIGN_AID_UNKNOWN},
{0, 0, 0, 0, 0, TLS_SIGN_AID_UNKNOWN}
};
@@ -2021,16 +2026,15 @@ _gnutls_sign_get_pk_algorithm (gnutls_sign_algorithm_t sign)
}
gnutls_sign_algorithm_t
-_gnutls_tls_aid_to_sign (const sign_algorithm_st *aid)
+_gnutls_tls_aid_to_sign (const sign_algorithm_st * aid)
{
gnutls_sign_algorithm_t ret = GNUTLS_SIGN_UNKNOWN;
- GNUTLS_SIGN_LOOP ( if (p->aid.hash_algorithm == aid->hash_algorithm
- && p->aid.sign_algorithm == aid->sign_algorithm)
- {
- ret = p->id;
- break;
- } );
+ GNUTLS_SIGN_LOOP (if (p->aid.hash_algorithm == aid->hash_algorithm
+ && p->aid.sign_algorithm == aid->sign_algorithm)
+ {
+ ret = p->id; break;}
+ );
return ret;
}
diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c
index 75c3287e48..53e0e67dbd 100644
--- a/lib/gnutls_buffers.c
+++ b/lib/gnutls_buffers.c
@@ -134,19 +134,19 @@ _gnutls_record_buffer_put (content_type_t type,
case GNUTLS_APPLICATION_DATA:
buf = &session->internals.application_data_buffer;
_gnutls_buffers_log ("BUF[REC]: Inserted %d bytes of Data(%d)\n",
- (int)length, (int)type);
+ (int) length, (int) type);
break;
case GNUTLS_HANDSHAKE:
buf = &session->internals.handshake_data_buffer;
_gnutls_buffers_log ("BUF[HSK]: Inserted %d bytes of Data(%d)\n",
- (int)length, (int)type);
+ (int) length, (int) type);
break;
case GNUTLS_INNER_APPLICATION:
buf = &session->internals.ia_data_buffer;
_gnutls_buffers_log ("BUF[IA]: Inserted %d bytes of Data(%d)\n",
- (int)length, (int)type);
+ (int) length, (int) type);
break;
default:
@@ -215,22 +215,25 @@ _gnutls_record_buffer_get (content_type_t type,
switch (type)
{
case GNUTLS_APPLICATION_DATA:
- _gnutls_buffer_get_data( &session->internals.application_data_buffer, data, &length);
+ _gnutls_buffer_get_data (&session->internals.application_data_buffer,
+ data, &length);
_gnutls_buffers_log ("BUFFER[REC][AD]: Read %d bytes of Data(%d)\n",
- (int)length, (int)type);
+ (int) length, (int) type);
break;
case GNUTLS_HANDSHAKE:
- _gnutls_buffer_get_data( &session->internals.handshake_data_buffer, data, &length);
+ _gnutls_buffer_get_data (&session->internals.handshake_data_buffer,
+ data, &length);
_gnutls_buffers_log ("BUF[REC][HD]: Read %d bytes of Data(%d)\n",
- (int)length, (int)type);
+ (int) length, (int) type);
break;
case GNUTLS_INNER_APPLICATION:
- _gnutls_buffer_get_data( &session->internals.ia_data_buffer, data, &length);
+ _gnutls_buffer_get_data (&session->internals.ia_data_buffer, data,
+ &length);
_gnutls_buffers_log ("BUF[REC][IA]: Read %d bytes of Data(%d)\n",
- (int)length, (int)type);
+ (int) length, (int) type);
break;
default:
@@ -303,7 +306,7 @@ _gnutls_read (gnutls_session_t session, void *iptr,
: errno;
_gnutls_read_log ("READ: %d returned from %p, errno=%d gerrno=%d\n",
- (int)i, fd, errno, session->internals.errnum);
+ (int) i, fd, errno, session->internals.errnum);
if (err == EAGAIN || err == EINTR)
{
@@ -311,7 +314,7 @@ _gnutls_read (gnutls_session_t session, void *iptr,
{
_gnutls_read_log ("READ: returning %d bytes from %p\n",
- (int)(sizeOfPtr - left), fd);
+ (int) (sizeOfPtr - left), fd);
goto finish;
}
@@ -330,7 +333,7 @@ _gnutls_read (gnutls_session_t session, void *iptr,
else
{
- _gnutls_read_log ("READ: Got %d bytes from %p\n", (int)i, fd);
+ _gnutls_read_log ("READ: Got %d bytes from %p\n", (int) i, fd);
if (i == 0)
break; /* EOF */
@@ -349,7 +352,7 @@ finish:
_gnutls_read_log ("READ: read %d bytes from %p\n",
- (int)(sizeOfPtr - left), fd);
+ (int) (sizeOfPtr - left), fd);
for (x = 0; x < ((sizeOfPtr - left) / 16) + 1; x++)
{
@@ -508,12 +511,13 @@ _gnutls_io_read_buffered (gnutls_session_t session, opaque ** iptr,
/* Allocate the data required to store the new packet.
*/
- ret = _gnutls_buffer_resize( &session->internals.record_recv_buffer,
- recvdata + session->internals.record_recv_buffer.length);
+ ret = _gnutls_buffer_resize (&session->internals.record_recv_buffer,
+ recvdata +
+ session->internals.record_recv_buffer.length);
if (ret < 0)
{
- gnutls_assert();
+ gnutls_assert ();
return ret;
}
@@ -542,8 +546,8 @@ _gnutls_io_read_buffered (gnutls_session_t session, opaque ** iptr,
{
_gnutls_read_log
("RB: Have %d bytes into buffer. Adding %d bytes.\n",
- (int)session->internals.record_recv_buffer.length, (int)ret);
- _gnutls_read_log ("RB: Requested %d bytes\n", (int)sizeOfPtr);
+ (int) session->internals.record_recv_buffer.length, (int) ret);
+ _gnutls_read_log ("RB: Requested %d bytes\n", (int) sizeOfPtr);
session->internals.record_recv_buffer.length += ret;
}
@@ -565,10 +569,12 @@ _gnutls_io_read_buffered (gnutls_session_t session, opaque ** iptr,
if (ret2 > 0)
{
- _gnutls_read_log ("RB-PEEK: Read %d bytes in PEEK MODE.\n", (int)ret2);
+ _gnutls_read_log ("RB-PEEK: Read %d bytes in PEEK MODE.\n",
+ (int) ret2);
_gnutls_read_log
("RB-PEEK: Have %d bytes into buffer. Adding %d bytes.\nRB: Requested %d bytes\n",
- (int)session->internals.record_recv_buffer.length, (int)ret2, (int)sizeOfPtr);
+ (int) session->internals.record_recv_buffer.length, (int) ret2,
+ (int) sizeOfPtr);
session->internals.have_peeked_data = 1;
session->internals.record_recv_buffer.length += ret2;
@@ -653,16 +659,18 @@ _gnutls_io_write_buffered (gnutls_session_t session,
{
gnutls_datum_t bdata;
/* checking is handled above */
- _gnutls_buffer_get_datum (&session->internals.record_send_buffer, &bdata, session->internals.record_send_buffer.length);
+ _gnutls_buffer_get_datum (&session->internals.record_send_buffer,
+ &bdata,
+ session->internals.record_send_buffer.length);
ptr = bdata.data;
n = bdata.size;
_gnutls_write_log
- ("WRITE: Restoring old write. (%d bytes to send)\n", (int)n);
+ ("WRITE: Restoring old write. (%d bytes to send)\n", (int) n);
}
- _gnutls_write_log ("WRITE: Will write %d bytes to %p.\n", (int)n, fd);
+ _gnutls_write_log ("WRITE: Will write %d bytes to %p.\n", (int) n, fd);
left = n;
while (left > 0)
@@ -718,7 +726,7 @@ _gnutls_io_write_buffered (gnutls_session_t session,
_gnutls_write_log
("WRITE: Interrupted. Stored %d bytes to buffer. Already sent %d bytes.\n",
- (int)left, (int)(n - left));
+ (int) left, (int) (n - left));
if (err == EAGAIN)
return GNUTLS_E_AGAIN;
@@ -741,7 +749,7 @@ _gnutls_io_write_buffered (gnutls_session_t session,
_gnutls_write_log
("WRITE: wrote %d bytes to %p. Left %d bytes. Total %d bytes.\n",
- (int)i, fd, (int)left, (int)n);
+ (int) i, fd, (int) left, (int) n);
for (x = 0; x < (unsigned) ((i) / 16) + 1; x++)
{
line[0] = 0;
@@ -790,8 +798,8 @@ _gnutls_io_write_flush (gnutls_session_t session)
return 0; /* done */
ret = _gnutls_io_write_buffered (session, NULL, 0);
- _gnutls_write_log ("WRITE FLUSH: %d [buffer: %d]\n", (int)ret,
- (int)session->internals.record_send_buffer.length);
+ _gnutls_write_log ("WRITE FLUSH: %d [buffer: %d]\n", (int) ret,
+ (int) session->internals.record_send_buffer.length);
return ret;
}
@@ -811,7 +819,7 @@ _gnutls_handshake_io_write_flush (gnutls_session_t session)
return ret;
}
- _gnutls_write_log ("HANDSHAKE_FLUSH: written[1] %d bytes\n", (int)ret);
+ _gnutls_write_log ("HANDSHAKE_FLUSH: written[1] %d bytes\n", (int) ret);
if (session->internals.handshake_send_buffer.length == 0)
{
@@ -849,7 +857,10 @@ _gnutls_handshake_io_send_int (gnutls_session_t session,
gnutls_assert ();
/* checking is handled above */
- _gnutls_buffer_get_datum (&session->internals.handshake_send_buffer, &bdata, session->internals.handshake_send_buffer.length);
+ _gnutls_buffer_get_datum (&session->internals.handshake_send_buffer,
+ &bdata,
+ session->internals.
+ handshake_send_buffer.length);
ptr = bdata.data;
n = bdata.size;
@@ -984,22 +995,24 @@ _gnutls_handshake_io_recv_int (gnutls_session_t session,
if (session->internals.handshake_recv_buffer.length > 0)
{
size_t tmp;
-
+
/* if we have already received some data */
if (sizeOfPtr <= session->internals.handshake_recv_buffer.length)
{
/* if requested less data then return it.
*/
gnutls_assert ();
-
+
tmp = sizeOfPtr;
- _gnutls_string_get_data( &session->internals.handshake_recv_buffer, iptr, &tmp);
+ _gnutls_string_get_data (&session->internals.handshake_recv_buffer,
+ iptr, &tmp);
return tmp;
}
gnutls_assert ();
- tmp = sizeOfPtr;
- _gnutls_string_get_data( &session->internals.handshake_recv_buffer, iptr, &tmp);
+ tmp = sizeOfPtr;
+ _gnutls_string_get_data (&session->internals.handshake_recv_buffer,
+ iptr, &tmp);
left -= tmp;
htype = session->internals.handshake_recv_buffer_htype;
@@ -1017,8 +1030,9 @@ _gnutls_handshake_io_recv_int (gnutls_session_t session,
{
gnutls_assert ();
- _gnutls_buffer_append (&session->internals.handshake_recv_buffer, iptr,
- dsize);
+ _gnutls_buffer_append (&session->
+ internals.handshake_recv_buffer, iptr,
+ dsize);
session->internals.handshake_recv_buffer_htype = htype;
session->internals.handshake_recv_buffer_type = type;
@@ -1063,7 +1077,7 @@ _gnutls_handshake_buffer_put (gnutls_session_t session, opaque * data,
return GNUTLS_E_HANDSHAKE_TOO_LARGE;
}
- _gnutls_buffers_log ("BUF[HSK]: Inserted %d bytes of Data\n", (int)length);
+ _gnutls_buffers_log ("BUF[HSK]: Inserted %d bytes of Data\n", (int) length);
if (_gnutls_buffer_append (&session->internals.handshake_hash_buffer,
data, length) < 0)
{
@@ -1091,7 +1105,8 @@ _gnutls_handshake_buffer_get_ptr (gnutls_session_t session,
if (length != NULL)
*length = session->internals.handshake_hash_buffer.length;
- _gnutls_buffers_log ("BUF[HSK]: Peeked %d bytes of Data\n", (int)session->internals.handshake_hash_buffer.length);
+ _gnutls_buffers_log ("BUF[HSK]: Peeked %d bytes of Data\n",
+ (int) session->internals.handshake_hash_buffer.length);
if (data_ptr != NULL)
*data_ptr = session->internals.handshake_hash_buffer.data;
diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c
index 5b110ad298..6e5dcef9ea 100644
--- a/lib/gnutls_cert.c
+++ b/lib/gnutls_cert.c
@@ -817,7 +817,7 @@ _gnutls_x509_crt_to_gcert (gnutls_cert * gcert,
memset (gcert, 0, sizeof (gnutls_cert));
gcert->cert_type = GNUTLS_CRT_X509;
- gcert->sign_algo = gnutls_x509_crt_get_signature_algorithm(cert);
+ gcert->sign_algo = gnutls_x509_crt_get_signature_algorithm (cert);
if (!(flags & CERT_NO_COPY))
{
diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c
index 525540e0b3..4d0dda2399 100644
--- a/lib/gnutls_cipher.c
+++ b/lib/gnutls_cipher.c
@@ -274,7 +274,8 @@ calc_enc_length (gnutls_session_t session, int data_size,
*pad = (uint8_t) (blocksize - (length % blocksize)) + rnd;
length += *pad;
- if (_gnutls_version_has_explicit_iv(session->security_parameters.version))
+ if (_gnutls_version_has_explicit_iv
+ (session->security_parameters.version))
length += blocksize; /* for the IV */
break;
@@ -343,7 +344,7 @@ _gnutls_compressed2ciphertext (gnutls_session_t session,
write_sequence_number), 8);
_gnutls_hmac (&td, &type, 1);
- if (_gnutls_version_has_variable_padding(ver))
+ if (_gnutls_version_has_variable_padding (ver))
{ /* TLS 1.0 or higher */
_gnutls_hmac (&td, &major, 1);
_gnutls_hmac (&td, &minor, 1);
@@ -375,7 +376,7 @@ _gnutls_compressed2ciphertext (gnutls_session_t session,
data_ptr = cipher_data;
if (block_algo == CIPHER_BLOCK &&
- _gnutls_version_has_explicit_iv(session->security_parameters.version))
+ _gnutls_version_has_explicit_iv (session->security_parameters.version))
{
/* copy the random IV.
*/
@@ -476,7 +477,8 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
ciphertext.size)) < 0)
{
gnutls_assert ();
- DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
+ DEINIT_MAC (td, ver,
+ session->security_parameters.write_mac_algorithm);
return ret;
@@ -489,7 +491,8 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
if ((ciphertext.size < blocksize) || (ciphertext.size % blocksize != 0))
{
gnutls_assert ();
- DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
+ DEINIT_MAC (td, ver,
+ session->security_parameters.write_mac_algorithm);
return GNUTLS_E_DECRYPTION_FAILED;
}
@@ -499,13 +502,15 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
ciphertext.size)) < 0)
{
gnutls_assert ();
- DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
+ DEINIT_MAC (td, ver,
+ session->security_parameters.write_mac_algorithm);
return ret;
}
/* ignore the IV in TLS 1.1.
*/
- if (_gnutls_version_has_explicit_iv(session->security_parameters.version))
+ if (_gnutls_version_has_explicit_iv
+ (session->security_parameters.version))
{
ciphertext.size -= blocksize;
ciphertext.data += blocksize;
@@ -513,7 +518,8 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
if (ciphertext.size == 0)
{
gnutls_assert ();
- DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
+ DEINIT_MAC (td, ver,
+ session->security_parameters.write_mac_algorithm);
return GNUTLS_E_DECRYPTION_FAILED;
}
}
@@ -536,7 +542,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
/* Check the pading bytes (TLS 1.x)
*/
- if (_gnutls_version_has_variable_padding(ver) && pad_failed == 0)
+ if (_gnutls_version_has_variable_padding (ver) && pad_failed == 0)
for (i = 2; i < pad; i++)
{
if (ciphertext.data[ciphertext.size - i] !=
@@ -546,7 +552,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
break;
default:
gnutls_assert ();
- DEINIT_MAC(td, ver, session->security_parameters.write_mac_algorithm);
+ DEINIT_MAC (td, ver, session->security_parameters.write_mac_algorithm);
return GNUTLS_E_INTERNAL_ERROR;
}
@@ -564,7 +570,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session,
read_sequence_number), 8);
_gnutls_hmac (&td, &type, 1);
- if (_gnutls_version_has_variable_padding(ver))
+ if (_gnutls_version_has_variable_padding (ver))
{ /* TLS 1.x */
_gnutls_hmac (&td, &major, 1);
_gnutls_hmac (&td, &minor, 1);
diff --git a/lib/gnutls_errors.c b/lib/gnutls_errors.c
index b5d8bb6cb1..fa81cd2b3f 100644
--- a/lib/gnutls_errors.c
+++ b/lib/gnutls_errors.c
@@ -433,14 +433,15 @@ _gnutls_mpi_log (const char *prefix, bigint_t a)
if (res != 0)
{
gnutls_assert ();
- _gnutls_hard_log ("MPI: can't print value (%d/%d)\n", res, (int)binlen);
+ _gnutls_hard_log ("MPI: can't print value (%d/%d)\n", res,
+ (int) binlen);
return;
}
- if (binlen > 1024*1024)
+ if (binlen > 1024 * 1024)
{
gnutls_assert ();
- _gnutls_hard_log ("MPI: too large mpi (%d)\n", (int)binlen);
+ _gnutls_hard_log ("MPI: too large mpi (%d)\n", (int) binlen);
return;
}
@@ -448,7 +449,7 @@ _gnutls_mpi_log (const char *prefix, bigint_t a)
if (!binbuf)
{
gnutls_assert ();
- _gnutls_hard_log ("MPI: out of memory (%d)\n", (int)binlen);
+ _gnutls_hard_log ("MPI: out of memory (%d)\n", (int) binlen);
return;
}
@@ -456,7 +457,8 @@ _gnutls_mpi_log (const char *prefix, bigint_t a)
if (res != 0)
{
gnutls_assert ();
- _gnutls_hard_log ("MPI: can't print value (%d/%d)\n", res, (int)binlen);
+ _gnutls_hard_log ("MPI: can't print value (%d/%d)\n", res,
+ (int) binlen);
gnutls_free (binbuf);
return;
}
@@ -467,14 +469,15 @@ _gnutls_mpi_log (const char *prefix, bigint_t a)
if (!hexbuf)
{
gnutls_assert ();
- _gnutls_hard_log ("MPI: out of memory (hex %d)\n", (int)hexlen);
+ _gnutls_hard_log ("MPI: out of memory (hex %d)\n", (int) hexlen);
gnutls_free (binbuf);
return;
}
_gnutls_bin2hex (binbuf, binlen, hexbuf, hexlen);
- _gnutls_hard_log ("MPI: length: %d\n\t%s%s\n", (int)binlen, prefix, hexbuf);
+ _gnutls_hard_log ("MPI: length: %d\n\t%s%s\n", (int) binlen, prefix,
+ hexbuf);
gnutls_free (hexbuf);
gnutls_free (binbuf);
diff --git a/lib/gnutls_extensions.c b/lib/gnutls_extensions.c
index 5f2c47cc6b..b3f388ce73 100644
--- a/lib/gnutls_extensions.c
+++ b/lib/gnutls_extensions.c
@@ -342,19 +342,19 @@ _gnutls_ext_init (void)
#ifdef ENABLE_SESSION_TICKET
ret = gnutls_ext_register (GNUTLS_EXTENSION_SESSION_TICKET,
- "SESSION_TICKET",
- GNUTLS_EXT_TLS,
- _gnutls_session_ticket_recv_params,
- _gnutls_session_ticket_send_params);
+ "SESSION_TICKET",
+ GNUTLS_EXT_TLS,
+ _gnutls_session_ticket_recv_params,
+ _gnutls_session_ticket_send_params);
if (ret != GNUTLS_E_SUCCESS)
return ret;
#endif
ret = gnutls_ext_register (GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS,
- "SIGNATURE_ALGORITHMS",
- GNUTLS_EXT_TLS,
- _gnutls_signature_algorithm_recv_params,
- _gnutls_signature_algorithm_send_params);
+ "SIGNATURE_ALGORITHMS",
+ GNUTLS_EXT_TLS,
+ _gnutls_signature_algorithm_recv_params,
+ _gnutls_signature_algorithm_send_params);
if (ret != GNUTLS_E_SUCCESS)
return ret;
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index b7d5af3310..6c2787dcee 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -65,7 +65,7 @@
static int _gnutls_handshake_hash_init (gnutls_session_t session);
static int _gnutls_server_select_comp_method (gnutls_session_t session,
- opaque * data, int datalen);
+ opaque * data, int datalen);
static int
_gnutls_handshake_hash_add_recvd (gnutls_session_t session,
gnutls_handshake_description_t recv_type,
@@ -78,21 +78,21 @@ _gnutls_handshake_hash_add_recvd (gnutls_session_t session,
void
_gnutls_handshake_hash_buffers_clear (gnutls_session_t session)
{
- if (session->security_parameters.
- handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_10)
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_10)
{
- _gnutls_hash_deinit (&session->internals.
- handshake_mac_handle.tls10.md5, NULL);
- _gnutls_hash_deinit (&session->internals.
- handshake_mac_handle.tls10.sha, NULL);
+ _gnutls_hash_deinit (&session->internals.handshake_mac_handle.tls10.md5,
+ NULL);
+ _gnutls_hash_deinit (&session->internals.handshake_mac_handle.tls10.sha,
+ NULL);
}
- else if (session->security_parameters.
- handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_12)
+ else if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_12)
{
- _gnutls_hash_deinit (&session->internals.
- handshake_mac_handle.tls12.sha256, NULL);
- _gnutls_hash_deinit (&session->internals.
- handshake_mac_handle.tls12.sha1, NULL);
+ _gnutls_hash_deinit (&session->internals.handshake_mac_handle.
+ tls12.sha256, NULL);
+ _gnutls_hash_deinit (&session->internals.handshake_mac_handle.
+ tls12.sha1, NULL);
}
session->security_parameters.handshake_mac_handle_type = 0;
session->internals.handshake_mac_handle_init = 0;
@@ -171,19 +171,23 @@ _gnutls_ssl3_finished (gnutls_session_t session, int type, opaque * ret)
const char *mesg;
int rc;
- if (session->security_parameters.
- handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_10)
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_10)
{
- rc = _gnutls_hash_copy (&td_md5, &session->internals.
- handshake_mac_handle.tls10.md5);
+ rc =
+ _gnutls_hash_copy (&td_md5,
+ &session->internals.handshake_mac_handle.
+ tls10.md5);
if (rc < 0)
{
gnutls_assert ();
return rc;
}
- rc = _gnutls_hash_copy (&td_sha, &session->internals.
- handshake_mac_handle.tls10.sha);
+ rc =
+ _gnutls_hash_copy (&td_sha,
+ &session->internals.handshake_mac_handle.
+ tls10.sha);
if (rc < 0)
{
gnutls_assert ();
@@ -193,7 +197,7 @@ _gnutls_ssl3_finished (gnutls_session_t session, int type, opaque * ret)
}
else
{
- gnutls_assert();
+ gnutls_assert ();
return GNUTLS_E_INTERNAL_ERROR;
}
@@ -228,27 +232,30 @@ static int
_gnutls_finished (gnutls_session_t session, int type, void *ret)
{
const int siz = TLS_MSG_LEN;
- opaque concat[MAX_HASH_SIZE+16/*MD5*/];
+ opaque concat[MAX_HASH_SIZE + 16 /*MD5 */ ];
size_t len = 20 + 16;
const char *mesg;
digest_hd_st td_md5;
digest_hd_st td_sha;
int rc;
- if (session->security_parameters.
- handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_10)
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_10)
{
rc =
- _gnutls_hash_copy (&td_md5, &session->internals.
- handshake_mac_handle.tls10.md5);
+ _gnutls_hash_copy (&td_md5,
+ &session->internals.handshake_mac_handle.
+ tls10.md5);
if (rc < 0)
{
gnutls_assert ();
return rc;
}
- rc = _gnutls_hash_copy (&td_sha, &session->internals.
- handshake_mac_handle.tls10.sha);
+ rc =
+ _gnutls_hash_copy (&td_sha,
+ &session->internals.handshake_mac_handle.
+ tls10.sha);
if (rc < 0)
{
gnutls_assert ();
@@ -259,11 +266,13 @@ _gnutls_finished (gnutls_session_t session, int type, void *ret)
_gnutls_hash_deinit (&td_md5, concat);
_gnutls_hash_deinit (&td_sha, &concat[16]);
}
- else if (session->security_parameters.
- handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_12)
+ else if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_12)
{
- rc = _gnutls_hash_copy (&td_sha, &session->internals.
- handshake_mac_handle.tls12.sha256);
+ rc =
+ _gnutls_hash_copy (&td_sha,
+ &session->internals.handshake_mac_handle.
+ tls12.sha256);
if (rc < 0)
{
gnutls_assert ();
@@ -475,7 +484,7 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque * data,
/* Parse the extensions (if any)
*/
- if (_gnutls_version_has_extensions(neg_version))
+ if (_gnutls_version_has_extensions (neg_version))
{
ret = _gnutls_parse_extensions (session, GNUTLS_EXT_APPLICATION,
&data[pos], len);
@@ -494,7 +503,7 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque * data,
return ret;
}
- if (_gnutls_version_has_extensions(neg_version))
+ if (_gnutls_version_has_extensions (neg_version))
{
ret = _gnutls_parse_extensions (session, GNUTLS_EXT_TLS,
&data[pos], len);
@@ -514,9 +523,11 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque * data,
session->internals.resumed_security_parameters.session_id_size =
session_id_len;
- session->internals.resumed_security_parameters.max_record_recv_size =
+ session->internals.
+ resumed_security_parameters.max_record_recv_size =
session->security_parameters.max_record_recv_size;
- session->internals.resumed_security_parameters.max_record_send_size =
+ session->internals.
+ resumed_security_parameters.max_record_send_size =
session->security_parameters.max_record_send_size;
resume_copy_required_values (session);
@@ -569,16 +580,22 @@ _gnutls_handshake_hash_pending (gnutls_session_t session)
if (siz > 0)
{
- if (session->security_parameters.handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_10)
- {
- _gnutls_hash (&session->internals.handshake_mac_handle.tls10.sha, data, siz);
- _gnutls_hash (&session->internals.handshake_mac_handle.tls10.md5, data, siz);
- }
- else if (session->security_parameters.handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_12)
- {
- _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha256, data, siz);
- _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha1, data, siz);
- }
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_10)
+ {
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls10.sha,
+ data, siz);
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls10.md5,
+ data, siz);
+ }
+ else if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_12)
+ {
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha256,
+ data, siz);
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha1,
+ data, siz);
+ }
}
_gnutls_handshake_buffer_empty (session);
@@ -958,7 +975,8 @@ _gnutls_handshake_hash_add_sent (gnutls_session_t session,
{
int ret;
- if (session->security_parameters.entity == GNUTLS_CLIENT && type == GNUTLS_HANDSHAKE_CLIENT_HELLO)
+ if (session->security_parameters.entity == GNUTLS_CLIENT
+ && type == GNUTLS_HANDSHAKE_CLIENT_HELLO)
{
/* do not hash immediatelly since the hash has not yet been initialized */
if ((ret =
@@ -978,20 +996,22 @@ _gnutls_handshake_hash_add_sent (gnutls_session_t session,
if (type != GNUTLS_HANDSHAKE_HELLO_REQUEST)
{
- if (session->security_parameters.handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_10)
- {
- _gnutls_hash (&session->internals.handshake_mac_handle.tls10.sha, dataptr,
- datalen);
- _gnutls_hash (&session->internals.handshake_mac_handle.tls10.md5, dataptr,
- datalen);
- }
- else if (session->security_parameters.handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_12)
- {
- _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha256, dataptr,
- datalen);
- _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha1, dataptr,
- datalen);
- }
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_10)
+ {
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls10.sha,
+ dataptr, datalen);
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls10.md5,
+ dataptr, datalen);
+ }
+ else if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_12)
+ {
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha256,
+ dataptr, datalen);
+ _gnutls_hash (&session->internals.handshake_mac_handle.tls12.sha1,
+ dataptr, datalen);
+ }
}
return 0;
@@ -1230,14 +1250,16 @@ _gnutls_handshake_hash_add_recvd (gnutls_session_t session,
/* The idea here is to hash the previous message we received,
* and add the one we just received into the handshake_hash_buffer.
*/
- if ((session->security_parameters.entity == GNUTLS_SERVER || recv_type != GNUTLS_HANDSHAKE_SERVER_HELLO) &&
- (session->security_parameters.entity == GNUTLS_CLIENT || recv_type != GNUTLS_HANDSHAKE_CLIENT_HELLO))
+ if ((session->security_parameters.entity == GNUTLS_SERVER
+ || recv_type != GNUTLS_HANDSHAKE_SERVER_HELLO)
+ && (session->security_parameters.entity == GNUTLS_CLIENT
+ || recv_type != GNUTLS_HANDSHAKE_CLIENT_HELLO))
{
if ((ret = _gnutls_handshake_hash_pending (session)) < 0)
- {
- gnutls_assert ();
- return ret;
- }
+ {
+ gnutls_assert ();
+ return ret;
+ }
}
/* here we buffer the handshake messages - needed at Finished message */
@@ -1360,22 +1382,23 @@ _gnutls_recv_handshake (gnutls_session_t session, uint8_t ** data,
case GNUTLS_HANDSHAKE_CLIENT_HELLO:
case GNUTLS_HANDSHAKE_SERVER_HELLO:
ret = _gnutls_recv_hello (session, dataptr, length32);
-
+
/* dataptr is freed because the caller does not
* need it */
gnutls_free (dataptr);
if (data != NULL)
*data = NULL;
-
+
if (ret < 0)
- break;
+ break;
/* initialize the hashes for both - (client will know server's version
* and server as well at this point) */
- if ((ret = _gnutls_handshake_hash_init (session)) < 0) {
- gnutls_assert();
- return ret;
- }
+ if ((ret = _gnutls_handshake_hash_init (session)) < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
break;
case GNUTLS_HANDSHAKE_SERVER_HELLO_DONE:
@@ -1664,7 +1687,7 @@ _gnutls_read_server_hello (gnutls_session_t session,
/* Parse extensions.
*/
- if (_gnutls_version_has_extensions(version))
+ if (_gnutls_version_has_extensions (version))
{
ret = _gnutls_parse_extensions (session, GNUTLS_EXT_ANY,
&data[pos], len);
@@ -1836,7 +1859,8 @@ _gnutls_send_client_hello (gnutls_session_t session, int again)
}
extdatalen = MAX_EXT_DATA_LENGTH
- + session->internals.resumed_security_parameters.extensions.
+ +
+ session->internals.resumed_security_parameters.extensions.
session_ticket_len;
extdata = gnutls_malloc (extdatalen);
if (extdata == NULL)
@@ -1850,12 +1874,12 @@ _gnutls_send_client_hello (gnutls_session_t session, int again)
* version number to the previously established.
*/
if (SessionID == NULL)
- {
- if (rehandshake) /* already negotiated version thus version_max == negotiated version */
- hver = session->security_parameters.version;
- else
- hver = _gnutls_version_max (session);
- }
+ {
+ if (rehandshake) /* already negotiated version thus version_max == negotiated version */
+ hver = session->security_parameters.version;
+ else
+ hver = _gnutls_version_max (session);
+ }
else
{ /* we are resuming a session */
hver = session->internals.resumed_security_parameters.version;
@@ -1877,24 +1901,24 @@ _gnutls_send_client_hello (gnutls_session_t session, int again)
*/
_gnutls_set_adv_version (session, hver);
- if (session->internals.priorities.ssl3_record_version)
- {
- /* Honor the SSL3_RECORD_VERSION option
- */
- _gnutls_set_current_version (session, GNUTLS_SSL3);
- }
+ if (session->internals.priorities.ssl3_record_version)
+ {
+ /* Honor the SSL3_RECORD_VERSION option
+ */
+ _gnutls_set_current_version (session, GNUTLS_SSL3);
+ }
else
- {
- /* Some old implementations do not interoperate if we send a
- * different version in the record layer.
- * It seems they prefer to read the record's version
- * as the one we actually requested.
- * The proper behaviour is to use the one in the client hello
- * handshake packet and ignore the one in the packet's record
- * header.
- */
- _gnutls_set_current_version (session, hver);
- }
+ {
+ /* Some old implementations do not interoperate if we send a
+ * different version in the record layer.
+ * It seems they prefer to read the record's version
+ * as the one we actually requested.
+ * The proper behaviour is to use the one in the client hello
+ * handshake packet and ignore the one in the packet's record
+ * header.
+ */
+ _gnutls_set_current_version (session, hver);
+ }
/* In order to know when this session was initiated.
*/
@@ -1978,7 +2002,7 @@ _gnutls_send_client_hello (gnutls_session_t session, int again)
/* Generate and copy TLS extensions.
*/
- if (_gnutls_version_has_extensions(hver))
+ if (_gnutls_version_has_extensions (hver))
{
ret = _gnutls_gen_extensions (session, extdata, extdatalen);
@@ -2274,57 +2298,63 @@ _gnutls_handshake_hash_init (gnutls_session_t session)
/* set the hash type for handshake message hashing */
if (_gnutls_version_has_selectable_prf (ver))
- session->security_parameters.handshake_mac_handle_type = HANDSHAKE_MAC_TYPE_12;
+ session->security_parameters.handshake_mac_handle_type =
+ HANDSHAKE_MAC_TYPE_12;
else
- session->security_parameters.handshake_mac_handle_type = HANDSHAKE_MAC_TYPE_10;
+ session->security_parameters.handshake_mac_handle_type =
+ HANDSHAKE_MAC_TYPE_10;
- if (session->security_parameters.handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_10)
- {
- ret =
- _gnutls_hash_init (&session->internals.handshake_mac_handle.tls10.md5,
- GNUTLS_MAC_MD5);
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_10)
+ {
+ ret =
+ _gnutls_hash_init (&session->internals.handshake_mac_handle.
+ tls10.md5, GNUTLS_MAC_MD5);
- if (ret < 0)
- {
+ if (ret < 0)
+ {
gnutls_assert ();
return ret;
}
- ret =
- _gnutls_hash_init (&session->internals.handshake_mac_handle.tls10.sha,
- GNUTLS_MAC_SHA1);
- if (ret < 0)
+ ret =
+ _gnutls_hash_init (&session->internals.handshake_mac_handle.
+ tls10.sha, GNUTLS_MAC_SHA1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ _gnutls_hash_deinit (&session->internals.
+ handshake_mac_handle.tls10.md5, NULL);
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+ }
+ else if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_12)
+ {
+ /* The algorithm to compute hash over handshake messages must be
+ same as the one used as the basis for PRF. By now we use
+ SHA256. */
+ ret =
+ _gnutls_hash_init (&session->internals.handshake_mac_handle.
+ tls12.sha256, GNUTLS_DIG_SHA256);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+
+ ret =
+ _gnutls_hash_init (&session->internals.handshake_mac_handle.
+ tls12.sha1, GNUTLS_DIG_SHA1);
+ if (ret < 0)
{
gnutls_assert ();
- _gnutls_hash_deinit (&session->internals.handshake_mac_handle.tls10.md5, NULL);
+ _gnutls_hash_deinit (&session->internals.
+ handshake_mac_handle.tls12.sha256, NULL);
return GNUTLS_E_MEMORY_ERROR;
}
- }
- else if (session->security_parameters.handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_12)
- {
- /* The algorithm to compute hash over handshake messages must be
- same as the one used as the basis for PRF. By now we use
- SHA256. */
- ret =
- _gnutls_hash_init (&session->internals.handshake_mac_handle.tls12.sha256,
- GNUTLS_DIG_SHA256);
- if (ret < 0)
- {
- gnutls_assert ();
- return GNUTLS_E_MEMORY_ERROR;
- }
-
- ret =
- _gnutls_hash_init (&session->internals.handshake_mac_handle.tls12.sha1,
- GNUTLS_DIG_SHA1);
- if (ret < 0)
- {
- gnutls_assert ();
- _gnutls_hash_deinit(&session->internals.handshake_mac_handle.tls12.sha256, NULL);
- return GNUTLS_E_MEMORY_ERROR;
- }
- }
+ }
session->internals.handshake_mac_handle_init = 1;
}
@@ -2842,7 +2872,8 @@ _gnutls_handshake_common (gnutls_session_t session)
case STATE40:
if (session->internals.session_ticket_renew)
{
- ret = _gnutls_send_new_session_ticket (session, AGAIN(STATE40));
+ ret =
+ _gnutls_send_new_session_ticket (session, AGAIN (STATE40));
STATE = STATE40;
IMED_RET ("send handshake new session ticket", ret, 0);
}
@@ -2857,10 +2888,10 @@ _gnutls_handshake_common (gnutls_session_t session)
/* only store if we are not resuming */
if (session->security_parameters.entity == GNUTLS_SERVER)
- {
- /* in order to support session resuming */
- _gnutls_server_register_current_session (session);
- }
+ {
+ /* in order to support session resuming */
+ _gnutls_server_register_current_session (session);
+ }
}
else
{ /* if we are a client not resuming - or we are a server resuming */
diff --git a/lib/gnutls_hash_int.c b/lib/gnutls_hash_int.c
index 5e5b2aa6e1..45cdbc6e54 100644
--- a/lib/gnutls_hash_int.c
+++ b/lib/gnutls_hash_int.c
@@ -121,7 +121,7 @@ _gnutls_hash_copy (digest_hd_st * dst, digest_hd_st * src)
{
int result;
- memset(dst, 0, sizeof(*dst));
+ memset (dst, 0, sizeof (*dst));
dst->algorithm = src->algorithm;
dst->registered = src->registered;
dst->active = 1;
@@ -167,9 +167,10 @@ _gnutls_hash_output (digest_hd_st * handle, void *digest)
void
_gnutls_hash_deinit (digest_hd_st * handle, void *digest)
{
- if (handle->active != 1) {
- return;
- }
+ if (handle->active != 1)
+ {
+ return;
+ }
if (digest != NULL)
_gnutls_hash_output (handle, digest);
@@ -334,9 +335,10 @@ _gnutls_hmac_output (digest_hd_st * handle, void *digest)
void
_gnutls_hmac_deinit (digest_hd_st * handle, void *digest)
{
- if (handle->active != 1) {
- return;
- }
+ if (handle->active != 1)
+ {
+ return;
+ }
if (digest)
_gnutls_hmac_output (handle, digest);
diff --git a/lib/gnutls_mpi.c b/lib/gnutls_mpi.c
index 8365d06928..8a71b0a636 100644
--- a/lib/gnutls_mpi.c
+++ b/lib/gnutls_mpi.c
@@ -341,10 +341,10 @@ _gnutls_x509_write_int (ASN1_TYPE node, const char *value, bigint_t mpi,
result = _gnutls_mpi_print_lz (mpi, NULL, &s_len);
else
result = _gnutls_mpi_print (mpi, NULL, &s_len);
-
+
if (result != 0)
{
- gnutls_assert();
+ gnutls_assert ();
return result;
}
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c
index 5248b4f1e1..7fab2c797d 100644
--- a/lib/gnutls_priority.c
+++ b/lib/gnutls_priority.c
@@ -452,8 +452,9 @@ gnutls_priority_set (gnutls_session_t session, gnutls_priority_t priority)
* This will be overridden later.
*/
if (session->internals.priorities.protocol.algorithms > 0)
- _gnutls_set_current_version (session, session->internals.
- priorities.protocol.priority[0]);
+ _gnutls_set_current_version (session,
+ session->internals.priorities.
+ protocol.priority[0]);
return 0;
}
@@ -548,8 +549,7 @@ gnutls_priority_set (gnutls_session_t session, gnutls_priority_t priority)
**/
int
gnutls_priority_init (gnutls_priority_t * priority_cache,
- const char *priorities,
- const char **err_pos)
+ const char *priorities, const char **err_pos)
{
char *broken_list[MAX_ELEMENTS];
int broken_list_size, i, j;
@@ -599,14 +599,16 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
cipher_priority_performance);
_set_priority (&(*priority_cache)->kx, kx_priority_performance);
_set_priority (&(*priority_cache)->mac, mac_priority_performance);
- _set_priority (&(*priority_cache)->sign_algo, sign_priority_default);
+ _set_priority (&(*priority_cache)->sign_algo,
+ sign_priority_default);
}
else if (strcasecmp (broken_list[i], "NORMAL") == 0)
{
_set_priority (&(*priority_cache)->cipher, cipher_priority_normal);
_set_priority (&(*priority_cache)->kx, kx_priority_secure);
_set_priority (&(*priority_cache)->mac, mac_priority_secure);
- _set_priority (&(*priority_cache)->sign_algo, sign_priority_default);
+ _set_priority (&(*priority_cache)->sign_algo,
+ sign_priority_default);
}
else if (strcasecmp (broken_list[i], "SECURE256") == 0
|| strcasecmp (broken_list[i], "SECURE") == 0)
@@ -615,7 +617,8 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
cipher_priority_secure256);
_set_priority (&(*priority_cache)->kx, kx_priority_secure);
_set_priority (&(*priority_cache)->mac, mac_priority_secure);
- _set_priority (&(*priority_cache)->sign_algo, sign_priority_secure256);
+ _set_priority (&(*priority_cache)->sign_algo,
+ sign_priority_secure256);
}
else if (strcasecmp (broken_list[i], "SECURE128") == 0)
{
@@ -623,14 +626,16 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
cipher_priority_secure128);
_set_priority (&(*priority_cache)->kx, kx_priority_secure);
_set_priority (&(*priority_cache)->mac, mac_priority_secure);
- _set_priority (&(*priority_cache)->sign_algo, sign_priority_secure128);
+ _set_priority (&(*priority_cache)->sign_algo,
+ sign_priority_secure128);
}
else if (strcasecmp (broken_list[i], "EXPORT") == 0)
{
_set_priority (&(*priority_cache)->cipher, cipher_priority_export);
_set_priority (&(*priority_cache)->kx, kx_priority_export);
_set_priority (&(*priority_cache)->mac, mac_priority_secure);
- _set_priority (&(*priority_cache)->sign_algo, sign_priority_default);
+ _set_priority (&(*priority_cache)->sign_algo,
+ sign_priority_default);
} /* now check if the element is something like -ALGO */
else if (broken_list[i][0] == '!' || broken_list[i][0] == '+'
|| broken_list[i][0] == '-')
@@ -655,8 +660,8 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
gnutls_protocol_get_id (&broken_list[i][6])) !=
GNUTLS_VERSION_UNKNOWN)
fn (&(*priority_cache)->protocol, algo);
- else
- goto error;
+ else
+ goto error;
} /* now check if the element is something like -ALGO */
else if (strncasecmp (&broken_list[i][1], "COMP-", 5) == 0)
{
@@ -664,8 +669,8 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
gnutls_compression_get_id (&broken_list[i][6])) !=
GNUTLS_COMP_UNKNOWN)
fn (&(*priority_cache)->compression, algo);
- else
- goto error;
+ else
+ goto error;
} /* now check if the element is something like -ALGO */
else if (strncasecmp (&broken_list[i][1], "CTYPE-", 6) == 0)
{
@@ -673,8 +678,8 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
gnutls_certificate_type_get_id (&broken_list[i][7])) !=
GNUTLS_CRT_UNKNOWN)
fn (&(*priority_cache)->cert_type, algo);
- else
- goto error;
+ else
+ goto error;
} /* now check if the element is something like -ALGO */
else if (strncasecmp (&broken_list[i][1], "SIGN-", 5) == 0)
{
@@ -682,8 +687,8 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
gnutls_sign_get_id (&broken_list[i][6])) !=
GNUTLS_SIGN_UNKNOWN)
fn (&(*priority_cache)->sign_algo, algo);
- else
- goto error;
+ else
+ goto error;
} /* now check if the element is something like -ALGO */
else
goto error;
@@ -694,11 +699,11 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
(*priority_cache)->no_padding = 1;
else if (strcasecmp (&broken_list[i][1],
"VERIFY_ALLOW_SIGN_RSA_MD5") == 0)
- {
- prio_add (&(*priority_cache)->sign_algo, GNUTLS_SIGN_RSA_MD5);
+ {
+ prio_add (&(*priority_cache)->sign_algo, GNUTLS_SIGN_RSA_MD5);
(*priority_cache)->additional_verify_flags |=
- GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5;
- }
+ GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5;
+ }
else if (strcasecmp (&broken_list[i][1],
"SSL3_RECORD_VERSION") == 0)
(*priority_cache)->ssl3_record_version = 1;
@@ -760,8 +765,7 @@ gnutls_priority_deinit (gnutls_priority_t priority_cache)
**/
int
gnutls_priority_set_direct (gnutls_session_t session,
- const char *priorities,
- const char **err_pos)
+ const char *priorities, const char **err_pos)
{
gnutls_priority_t prio;
int ret;
diff --git a/lib/gnutls_psk.c b/lib/gnutls_psk.c
index 5e8bc3c381..71b5ad2504 100644
--- a/lib/gnutls_psk.c
+++ b/lib/gnutls_psk.c
@@ -407,7 +407,7 @@ int
gnutls_hex_encode (const gnutls_datum_t * data, char *result,
size_t * result_size)
{
-size_t res = data->size + data->size + 1;
+ size_t res = data->size + data->size + 1;
if (*result_size < res)
{
@@ -417,7 +417,7 @@ size_t res = data->size + data->size + 1;
_gnutls_bin2hex (data->data, data->size, result, *result_size);
*result_size = res;
-
+
return 0;
}
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index 62df871517..9df7128096 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -373,7 +373,7 @@ _gnutls_send_int (gnutls_session_t session, content_type_t type,
("REC[%p]: Sending Packet[%d] %s(%d) with length: %d\n", session,
(int) _gnutls_uint64touint32 (&session->connection_state.
write_sequence_number),
- _gnutls_packet2str (type), type, (int)sizeofdata);
+ _gnutls_packet2str (type), type, (int) sizeofdata);
if (sizeofdata > MAX_RECORD_SEND_SIZE)
data2send_size = MAX_RECORD_SEND_SIZE;
@@ -744,12 +744,14 @@ record_check_type (gnutls_session_t session,
if (session->security_parameters.entity == GNUTLS_SERVER)
{
gnutls_assert ();
- ret = _gnutls_record_buffer_put (recv_type, session, (void *) data, data_size);
- if (ret < 0)
- {
- gnutls_assert();
- return ret;
- }
+ ret =
+ _gnutls_record_buffer_put (recv_type, session, (void *) data,
+ data_size);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
return GNUTLS_E_REHANDSHAKE;
}
@@ -947,7 +949,7 @@ begin:
("REC[%p]: Expected Packet[%d] %s(%d) with length: %d\n", session,
(int) _gnutls_uint64touint32 (&session->connection_state.
read_sequence_number),
- _gnutls_packet2str (type), type, (int)sizeofdata);
+ _gnutls_packet2str (type), type, (int) sizeofdata);
_gnutls_record_log ("REC[%p]: Received Packet[%d] %s(%d) with length: %d\n",
session,
(int)
diff --git a/lib/gnutls_session_pack.c b/lib/gnutls_session_pack.c
index 75b8870617..30c9e6b083 100644
--- a/lib/gnutls_session_pack.c
+++ b/lib/gnutls_session_pack.c
@@ -281,7 +281,8 @@ pack_certificate_auth_info (gnutls_session_t session,
*/
packed_session->data =
gnutls_malloc (packed_session->size + MAX_SEC_PARAMS + 2 +
- session->security_parameters.extensions.session_ticket_len);
+ session->security_parameters.
+ extensions.session_ticket_len);
if (packed_session->data == NULL)
{
@@ -515,7 +516,8 @@ pack_srp_auth_info (gnutls_session_t session, gnutls_datum_t * packed_session)
*/
packed_session->data =
gnutls_malloc (packed_session->size + MAX_SEC_PARAMS + 2 +
- session->security_parameters.extensions.session_ticket_len);
+ session->security_parameters.
+ extensions.session_ticket_len);
if (packed_session->data == NULL)
{
@@ -621,7 +623,8 @@ pack_anon_auth_info (gnutls_session_t session,
*/
packed_session->data =
gnutls_malloc (packed_session->size + MAX_SEC_PARAMS + 2 +
- session->security_parameters.extensions.session_ticket_len);
+ session->security_parameters.
+ extensions.session_ticket_len);
if (packed_session->data == NULL)
{
@@ -785,7 +788,8 @@ pack_psk_auth_info (gnutls_session_t session, gnutls_datum_t * packed_session)
*/
packed_session->data =
gnutls_malloc (packed_session->size + MAX_SEC_PARAMS + 2 +
- session->security_parameters.extensions.session_ticket_len);
+ session->security_parameters.
+ extensions.session_ticket_len);
if (packed_session->data == NULL)
{
@@ -1084,8 +1088,7 @@ pack_security_parameters (gnutls_session_t session,
}
_gnutls_write_uint16 (session->security_parameters.extensions.
- session_ticket_len,
- &packed_session->data[pos]);
+ session_ticket_len, &packed_session->data[pos]);
pos += 2;
memcpy (&packed_session->data[pos],
session->security_parameters.extensions.session_ticket,
@@ -1235,8 +1238,7 @@ unpack_security_parameters (gnutls_session_t session,
gnutls_malloc (session->internals.resumed_security_parameters.extensions.
session_ticket_len);
memcpy (session->internals.resumed_security_parameters.extensions.
- session_ticket,
- &packed_session->data[pos],
+ session_ticket, &packed_session->data[pos],
session->internals.resumed_security_parameters.extensions.
session_ticket_len);
diff --git a/lib/gnutls_sig.c b/lib/gnutls_sig.c
index 5e88241457..af14f6b029 100644
--- a/lib/gnutls_sig.c
+++ b/lib/gnutls_sig.c
@@ -126,9 +126,9 @@ _gnutls_rsa_encode_sig (gnutls_mac_algorithm_t algo,
*/
int
_gnutls_handshake_sign_data (gnutls_session_t session, gnutls_cert * cert,
- gnutls_privkey * pkey, gnutls_datum_t * params,
- gnutls_datum_t * signature,
- gnutls_sign_algorithm_t * sign_algo)
+ gnutls_privkey * pkey, gnutls_datum_t * params,
+ gnutls_datum_t * signature,
+ gnutls_sign_algorithm_t * sign_algo)
{
gnutls_datum_t dconcat;
int ret;
@@ -137,8 +137,9 @@ _gnutls_handshake_sign_data (gnutls_session_t session, gnutls_cert * cert,
gnutls_protocol_t ver = gnutls_protocol_get_version (session);
gnutls_digest_algorithm_t hash_algo;
- *sign_algo = _gnutls_session_get_sign_algo(session, cert->subject_pk_algorithm,
- &hash_algo);
+ *sign_algo =
+ _gnutls_session_get_sign_algo (session, cert->subject_pk_algorithm,
+ &hash_algo);
if (*sign_algo == GNUTLS_SIGN_UNKNOWN)
{
gnutls_assert ();
@@ -185,7 +186,7 @@ _gnutls_handshake_sign_data (gnutls_session_t session, gnutls_cert * cert,
dconcat.size = 36;
}
else
- { /* TLS 1.2 way */
+ { /* TLS 1.2 way */
gnutls_datum_t hash;
_gnutls_hash_deinit (&td_sha, concat);
@@ -202,10 +203,10 @@ _gnutls_handshake_sign_data (gnutls_session_t session, gnutls_cert * cert,
_gnutls_hash_deinit (&td_sha, concat);
if (hash_algo != GNUTLS_DIG_SHA1)
- {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
- }
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INTERNAL_ERROR;
+ }
dconcat.data = concat;
dconcat.size = 20;
break;
@@ -380,9 +381,9 @@ _gnutls_verify_sig (gnutls_cert * cert,
*/
int
_gnutls_handshake_verify_data (gnutls_session_t session, gnutls_cert * cert,
- const gnutls_datum_t * params,
- gnutls_datum_t * signature,
- gnutls_sign_algorithm_t algo)
+ const gnutls_datum_t * params,
+ gnutls_datum_t * signature,
+ gnutls_sign_algorithm_t algo)
{
gnutls_datum_t dconcat;
int ret;
@@ -392,10 +393,10 @@ _gnutls_handshake_verify_data (gnutls_session_t session, gnutls_cert * cert,
gnutls_protocol_t ver = gnutls_protocol_get_version (session);
gnutls_digest_algorithm_t hash_algo = GNUTLS_DIG_SHA1;
- ret = _gnutls_session_sign_algo_enabled(session, algo);
+ ret = _gnutls_session_sign_algo_enabled (session, algo);
if (ret < 0)
{
- gnutls_assert();
+ gnutls_assert ();
return ret;
}
@@ -455,7 +456,8 @@ _gnutls_handshake_verify_data (gnutls_session_t session, gnutls_cert * cert,
}
ret = _gnutls_verify_sig (cert, &dconcat, signature,
- dconcat.size - _gnutls_hash_get_algo_len (hash_algo),
+ dconcat.size -
+ _gnutls_hash_get_algo_len (hash_algo),
_gnutls_sign_get_pk_algorithm (algo));
if (ret < 0)
{
@@ -472,8 +474,11 @@ _gnutls_handshake_verify_data (gnutls_session_t session, gnutls_cert * cert,
/* this is _gnutls_handshake_verify_cert_vrfy for TLS 1.2
*/
-static int _gnutls_handshake_verify_cert_vrfy12 (gnutls_session_t session, gnutls_cert * cert,
- gnutls_datum_t * signature, gnutls_sign_algorithm_t sign_algo)
+static int
+_gnutls_handshake_verify_cert_vrfy12 (gnutls_session_t session,
+ gnutls_cert * cert,
+ gnutls_datum_t * signature,
+ gnutls_sign_algorithm_t sign_algo)
{
int ret;
opaque concat[MAX_SIG_SIZE];
@@ -481,26 +486,27 @@ static int _gnutls_handshake_verify_cert_vrfy12 (gnutls_session_t session, gnutl
gnutls_datum_t dconcat;
gnutls_sign_algorithm_t _sign_algo;
gnutls_digest_algorithm_t hash_algo;
- digest_hd_st* handshake_td;
+ digest_hd_st *handshake_td;
handshake_td = &session->internals.handshake_mac_handle.tls12.sha1;
hash_algo = handshake_td->algorithm;
- _sign_algo = _gnutls_x509_pk_to_sign( cert->subject_pk_algorithm, hash_algo);
+ _sign_algo =
+ _gnutls_x509_pk_to_sign (cert->subject_pk_algorithm, hash_algo);
if (_sign_algo != sign_algo)
{
handshake_td = &session->internals.handshake_mac_handle.tls12.sha256;
hash_algo = handshake_td->algorithm;
- _sign_algo = _gnutls_x509_pk_to_sign( cert->subject_pk_algorithm, hash_algo);
+ _sign_algo =
+ _gnutls_x509_pk_to_sign (cert->subject_pk_algorithm, hash_algo);
if (sign_algo != _sign_algo)
- {
- gnutls_assert();
- return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
- }
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
+ }
}
- ret =
- _gnutls_hash_copy (&td, handshake_td);
+ ret = _gnutls_hash_copy (&td, handshake_td);
if (ret < 0)
{
gnutls_assert ();
@@ -512,7 +518,9 @@ static int _gnutls_handshake_verify_cert_vrfy12 (gnutls_session_t session, gnutl
dconcat.data = concat;
dconcat.size = _gnutls_hash_get_algo_len (hash_algo);
- ret = _gnutls_verify_sig (cert, &dconcat, signature, 0, cert->subject_pk_algorithm);
+ ret =
+ _gnutls_verify_sig (cert, &dconcat, signature, 0,
+ cert->subject_pk_algorithm);
if (ret < 0)
{
gnutls_assert ();
@@ -527,8 +535,10 @@ static int _gnutls_handshake_verify_cert_vrfy12 (gnutls_session_t session, gnutl
* verify message).
*/
int
-_gnutls_handshake_verify_cert_vrfy (gnutls_session_t session, gnutls_cert * cert,
- gnutls_datum_t * signature, gnutls_sign_algorithm_t sign_algo)
+_gnutls_handshake_verify_cert_vrfy (gnutls_session_t session,
+ gnutls_cert * cert,
+ gnutls_datum_t * signature,
+ gnutls_sign_algorithm_t sign_algo)
{
int ret;
opaque concat[MAX_SIG_SIZE];
@@ -537,18 +547,22 @@ _gnutls_handshake_verify_cert_vrfy (gnutls_session_t session, gnutls_cert * cert
gnutls_datum_t dconcat;
gnutls_protocol_t ver = gnutls_protocol_get_version (session);
- if (session->security_parameters.handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_12)
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_12)
{
- return _gnutls_handshake_verify_cert_vrfy12(session, cert, signature, sign_algo);
+ return _gnutls_handshake_verify_cert_vrfy12 (session, cert, signature,
+ sign_algo);
}
- else if (session->security_parameters.handshake_mac_handle_type != HANDSHAKE_MAC_TYPE_10)
+ else if (session->security_parameters.handshake_mac_handle_type !=
+ HANDSHAKE_MAC_TYPE_10)
{
- gnutls_assert();
+ gnutls_assert ();
return GNUTLS_E_INTERNAL_ERROR;
}
ret =
- _gnutls_hash_copy (&td_md5, &session->internals.handshake_mac_handle.tls10.md5);
+ _gnutls_hash_copy (&td_md5,
+ &session->internals.handshake_mac_handle.tls10.md5);
if (ret < 0)
{
gnutls_assert ();
@@ -556,7 +570,8 @@ _gnutls_handshake_verify_cert_vrfy (gnutls_session_t session, gnutls_cert * cert
}
ret =
- _gnutls_hash_copy (&td_sha, &session->internals.handshake_mac_handle.tls10.sha);
+ _gnutls_hash_copy (&td_sha,
+ &session->internals.handshake_mac_handle.tls10.sha);
if (ret < 0)
{
gnutls_assert ();
@@ -589,7 +604,9 @@ _gnutls_handshake_verify_cert_vrfy (gnutls_session_t session, gnutls_cert * cert
dconcat.data = concat;
dconcat.size = 20 + 16; /* md5+ sha */
- ret = _gnutls_verify_sig (cert, &dconcat, signature, 16, cert->subject_pk_algorithm);
+ ret =
+ _gnutls_verify_sig (cert, &dconcat, signature, 16,
+ cert->subject_pk_algorithm);
if (ret < 0)
{
gnutls_assert ();
@@ -602,9 +619,10 @@ _gnutls_handshake_verify_cert_vrfy (gnutls_session_t session, gnutls_cert * cert
/* the same as _gnutls_handshake_sign_cert_vrfy except that it is made for TLS 1.2
*/
-static int _gnutls_handshake_sign_cert_vrfy12 (gnutls_session_t session,
- gnutls_cert * cert, gnutls_privkey * pkey,
- gnutls_datum_t * signature)
+static int
+_gnutls_handshake_sign_cert_vrfy12 (gnutls_session_t session,
+ gnutls_cert * cert, gnutls_privkey * pkey,
+ gnutls_datum_t * signature)
{
gnutls_datum_t dconcat;
int ret;
@@ -612,41 +630,47 @@ static int _gnutls_handshake_sign_cert_vrfy12 (gnutls_session_t session,
digest_hd_st td;
gnutls_sign_algorithm_t sign_algo;
gnutls_digest_algorithm_t hash_algo;
- digest_hd_st* handshake_td;
+ digest_hd_st *handshake_td;
handshake_td = &session->internals.handshake_mac_handle.tls12.sha1;
hash_algo = handshake_td->algorithm;
- sign_algo = _gnutls_x509_pk_to_sign( cert->subject_pk_algorithm, hash_algo);
+ sign_algo = _gnutls_x509_pk_to_sign (cert->subject_pk_algorithm, hash_algo);
/* The idea here is to try signing with the one of the algorithms
* that have been initiated at handshake (SHA1, SHA256). If they
* are not requested by peer... tough luck
*/
- ret = _gnutls_session_sign_algo_requested(session, sign_algo);
+ ret = _gnutls_session_sign_algo_requested (session, sign_algo);
if (sign_algo == GNUTLS_SIGN_UNKNOWN || ret < 0)
{
handshake_td = &session->internals.handshake_mac_handle.tls12.sha256;
hash_algo = handshake_td->algorithm;
- sign_algo = _gnutls_x509_pk_to_sign( cert->subject_pk_algorithm, hash_algo);
+ sign_algo =
+ _gnutls_x509_pk_to_sign (cert->subject_pk_algorithm, hash_algo);
if (sign_algo == GNUTLS_SIGN_UNKNOWN)
- {
- gnutls_assert();
- return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
- }
-
- ret = _gnutls_session_sign_algo_requested(session, sign_algo);
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM;
+ }
+
+ ret = _gnutls_session_sign_algo_requested (session, sign_algo);
if (ret < 0)
- {
- gnutls_assert();
- _gnutls_x509_log("Server did not allow either '%s' or '%s' for signing\n", gnutls_mac_get_name(hash_algo), gnutls_mac_get_name(session->internals.handshake_mac_handle.tls12.sha1.algorithm));
- return ret;
- }
+ {
+ gnutls_assert ();
+ _gnutls_x509_log
+ ("Server did not allow either '%s' or '%s' for signing\n",
+ gnutls_mac_get_name (hash_algo),
+ gnutls_mac_get_name (session->internals.
+ handshake_mac_handle.tls12.sha1.algorithm));
+ return ret;
+ }
}
-
- _gnutls_x509_log("sign handshake cert vrfy: picked %s with %s\n", gnutls_sign_algorithm_get_name(sign_algo), gnutls_mac_get_name(hash_algo));
- ret =
- _gnutls_hash_copy (&td, handshake_td);
+ _gnutls_x509_log ("sign handshake cert vrfy: picked %s with %s\n",
+ gnutls_sign_algorithm_get_name (sign_algo),
+ gnutls_mac_get_name (hash_algo));
+
+ ret = _gnutls_hash_copy (&td, handshake_td);
if (ret < 0)
{
gnutls_assert ();
@@ -678,8 +702,8 @@ static int _gnutls_handshake_sign_cert_vrfy12 (gnutls_session_t session,
*/
int
_gnutls_handshake_sign_cert_vrfy (gnutls_session_t session,
- gnutls_cert * cert, gnutls_privkey * pkey,
- gnutls_datum_t * signature)
+ gnutls_cert * cert, gnutls_privkey * pkey,
+ gnutls_datum_t * signature)
{
gnutls_datum_t dconcat;
int ret;
@@ -688,18 +712,22 @@ _gnutls_handshake_sign_cert_vrfy (gnutls_session_t session,
digest_hd_st td_sha;
gnutls_protocol_t ver = gnutls_protocol_get_version (session);
- if (session->security_parameters.handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_12)
+ if (session->security_parameters.handshake_mac_handle_type ==
+ HANDSHAKE_MAC_TYPE_12)
{
- return _gnutls_handshake_sign_cert_vrfy12(session, cert, pkey, signature);
+ return _gnutls_handshake_sign_cert_vrfy12 (session, cert, pkey,
+ signature);
}
- else if (session->security_parameters.handshake_mac_handle_type != HANDSHAKE_MAC_TYPE_10)
+ else if (session->security_parameters.handshake_mac_handle_type !=
+ HANDSHAKE_MAC_TYPE_10)
{
- gnutls_assert();
+ gnutls_assert ();
return GNUTLS_E_INTERNAL_ERROR;
}
-
+
ret =
- _gnutls_hash_copy (&td_sha, &session->internals.handshake_mac_handle.tls10.sha);
+ _gnutls_hash_copy (&td_sha,
+ &session->internals.handshake_mac_handle.tls10.sha);
if (ret < 0)
{
gnutls_assert ();
@@ -727,7 +755,8 @@ _gnutls_handshake_sign_cert_vrfy (gnutls_session_t session,
case GNUTLS_PK_RSA:
ret =
_gnutls_hash_copy (&td_md5,
- &session->internals.handshake_mac_handle.tls10.md5);
+ &session->internals.handshake_mac_handle.
+ tls10.md5);
if (ret < 0)
{
gnutls_assert ();
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c
index 3ecca89b5d..3ba533b3c6 100644
--- a/lib/gnutls_state.c
+++ b/lib/gnutls_state.c
@@ -202,7 +202,7 @@ deinit_internal_params (gnutls_session_t session)
if (session->internals.params.free_rsa_params)
gnutls_rsa_params_deinit (session->internals.params.rsa_params);
- _gnutls_handshake_hash_buffers_clear(session);
+ _gnutls_handshake_hash_buffers_clear (session);
memset (&session->internals.params, 0, sizeof (session->internals.params));
}
@@ -239,7 +239,7 @@ _gnutls_handshake_internal_state_init (gnutls_session_t session)
void
_gnutls_handshake_internal_state_clear (gnutls_session_t session)
{
- _gnutls_handshake_internal_state_init(session);
+ _gnutls_handshake_internal_state_init (session);
_gnutls_free_datum (&session->internals.recv_buffer);
@@ -913,7 +913,7 @@ _gnutls_PRF (gnutls_session_t session,
memcpy (s_seed, label, label_size);
memcpy (&s_seed[label_size], seed, seed_size);
- if (_gnutls_version_has_selectable_prf(ver))
+ if (_gnutls_version_has_selectable_prf (ver))
{
result =
_gnutls_P_hash (GNUTLS_MAC_SHA256, secret, secret_size,
@@ -1339,7 +1339,8 @@ _gnutls_rsa_pms_set_version (gnutls_session_t session,
**/
void
gnutls_handshake_set_post_client_hello_function (gnutls_session_t session,
- gnutls_handshake_post_client_hello_func func)
+ gnutls_handshake_post_client_hello_func
+ func)
{
session->internals.user_hello_func = func;
}
@@ -1361,4 +1362,3 @@ gnutls_session_enable_compatibility_mode (gnutls_session_t session)
{
gnutls_record_disable_padding (session);
}
-
diff --git a/lib/gnutls_str.c b/lib/gnutls_str.c
index a4c765e53f..4586b4b1ce 100644
--- a/lib/gnutls_str.c
+++ b/lib/gnutls_str.c
@@ -128,15 +128,15 @@ _gnutls_string_append_data (gnutls_string * dest, const void *data,
if (dest->max_length >= tot_len)
{
- size_t unused = MEMSUB(dest->data, dest->allocd);
-
+ size_t unused = MEMSUB (dest->data, dest->allocd);
+
if (dest->max_length - unused <= tot_len)
- {
- if (dest->length && dest->data)
- memmove(dest->allocd, dest->data, dest->length);
+ {
+ if (dest->length && dest->data)
+ memmove (dest->allocd, dest->data, dest->length);
- dest->data = dest->allocd;
- }
+ dest->data = dest->allocd;
+ }
memmove (&dest->data[dest->length], data, data_size);
dest->length = tot_len;
@@ -144,7 +144,7 @@ _gnutls_string_append_data (gnutls_string * dest, const void *data,
}
else
{
- size_t unused = MEMSUB(dest->data, dest->allocd);
+ size_t unused = MEMSUB (dest->data, dest->allocd);
size_t new_len =
MAX (data_size, MIN_CHUNK) + MAX (dest->max_length, MIN_CHUNK);
@@ -158,7 +158,7 @@ _gnutls_string_append_data (gnutls_string * dest, const void *data,
dest->data = dest->allocd + unused;
if (dest->length && dest->data)
- memmove(dest->allocd, dest->data, dest->length);
+ memmove (dest->allocd, dest->data, dest->length);
dest->data = dest->allocd;
memcpy (&dest->data[dest->length], data, data_size);
@@ -173,19 +173,19 @@ _gnutls_string_resize (gnutls_string * dest, size_t new_size)
{
if (dest->max_length >= new_size)
{
- size_t unused = MEMSUB(dest->data, dest->allocd);
+ size_t unused = MEMSUB (dest->data, dest->allocd);
if (dest->max_length - unused <= new_size)
- {
- if (dest->length && dest->data)
- memmove(dest->allocd, dest->data, dest->length);
- dest->data = dest->allocd;
- }
+ {
+ if (dest->length && dest->data)
+ memmove (dest->allocd, dest->data, dest->length);
+ dest->data = dest->allocd;
+ }
return 0;
}
else
{
- size_t unused = MEMSUB(dest->data, dest->allocd);
+ size_t unused = MEMSUB (dest->data, dest->allocd);
size_t alloc_len =
MAX (new_size, MIN_CHUNK) + MAX (dest->max_length, MIN_CHUNK);
@@ -199,7 +199,7 @@ _gnutls_string_resize (gnutls_string * dest, size_t new_size)
dest->data = dest->allocd + unused;
if (dest->length && dest->data)
- memmove(dest->allocd, dest->data, dest->length);
+ memmove (dest->allocd, dest->data, dest->length);
dest->data = dest->allocd;
return 0;
@@ -209,7 +209,7 @@ _gnutls_string_resize (gnutls_string * dest, size_t new_size)
int
_gnutls_string_append_str (gnutls_string * dest, const char *src)
{
- return _gnutls_string_append_data (dest, src, strlen(src));
+ return _gnutls_string_append_data (dest, src, strlen (src));
}
/* returns data from a string in a constant buffer.
@@ -217,18 +217,19 @@ _gnutls_string_append_str (gnutls_string * dest, const char *src)
* data are appended in the buffer.
*/
void
-_gnutls_string_get_datum (gnutls_string * str, gnutls_datum_t *data,
- size_t req_size)
+_gnutls_string_get_datum (gnutls_string * str, gnutls_datum_t * data,
+ size_t req_size)
{
- if (str->length == 0) {
+ if (str->length == 0)
+ {
data->data = NULL;
data->size = 0;
return;
- }
+ }
if (req_size > str->length)
- req_size = str->length;
+ req_size = str->length;
data->data = str->data;
data->size = req_size;
@@ -237,9 +238,10 @@ _gnutls_string_get_datum (gnutls_string * str, gnutls_datum_t *data,
str->length -= req_size;
/* if string becomes empty start from begining */
- if (str->length == 0) {
+ if (str->length == 0)
+ {
str->data = str->allocd;
- }
+ }
return;
}
@@ -247,15 +249,14 @@ _gnutls_string_get_datum (gnutls_string * str, gnutls_datum_t *data,
/* returns data from a string in a constant buffer.
*/
void
-_gnutls_string_get_data (gnutls_string * str, void *data,
- size_t *req_size)
+_gnutls_string_get_data (gnutls_string * str, void *data, size_t * req_size)
{
gnutls_datum_t tdata;
- _gnutls_string_get_datum( str, &tdata, *req_size);
+ _gnutls_string_get_datum (str, &tdata, *req_size);
*req_size = tdata.size;
- memcpy( data, tdata.data, tdata.size);
+ memcpy (data, tdata.data, tdata.size);
return;
}
@@ -368,8 +369,7 @@ _gnutls_hex2bin (const opaque * hex_data, int hex_size, opaque * bin_data,
*/
int
_gnutls_hostname_compare (const char *certname,
- size_t certnamesize,
- const char *hostname)
+ size_t certnamesize, const char *hostname)
{
/* find the first different character */
for (; *certname && *hostname && toupper (*certname) == toupper (*hostname);
diff --git a/lib/gnutls_supplemental.c b/lib/gnutls_supplemental.c
index d2439de12d..0e9a24c23b 100644
--- a/lib/gnutls_supplemental.c
+++ b/lib/gnutls_supplemental.c
@@ -141,7 +141,7 @@ _gnutls_gen_supplemental (gnutls_session_t session, gnutls_buffer * buf)
buf->data[2] = (buf->length - 3) & 0xFF;
_gnutls_debug_log ("EXT[%p]: Sending %d bytes of supplemental data\n",
- session, (int)buf->length);
+ session, (int) buf->length);
return buf->length;
}
diff --git a/lib/gnutls_ui.c b/lib/gnutls_ui.c
index bb4f393e87..baed5fa556 100644
--- a/lib/gnutls_ui.c
+++ b/lib/gnutls_ui.c
@@ -289,7 +289,7 @@ gnutls_dh_get_secret_bits (gnutls_session_t session)
}
static int
-mpi_buf2bits (gnutls_datum_t *mpi_buf)
+mpi_buf2bits (gnutls_datum_t * mpi_buf)
{
bigint_t mpi;
int rc;
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c
index ab7e44709f..810a569796 100644
--- a/lib/gnutls_x509.c
+++ b/lib/gnutls_x509.c
@@ -159,13 +159,13 @@ _gnutls_x509_cert_verify_peers (gnutls_session_t session,
return ret;
}
-
+
if (ret < 0)
- {
- gnutls_assert();
- CLEAR_CERTS;
- return ret;
- }
+ {
+ gnutls_assert ();
+ CLEAR_CERTS;
+ return ret;
+ }
ret = check_bits (peer_certificate_list[i], cred->verify_bits);
if (ret < 0)
@@ -179,13 +179,14 @@ _gnutls_x509_cert_verify_peers (gnutls_session_t session,
/* Verify certificate
*/
-
+
ret = gnutls_x509_crt_list_verify (peer_certificate_list,
peer_certificate_list_size,
cred->x509_ca_list, cred->x509_ncas,
cred->x509_crl_list, cred->x509_ncrls,
- cred->verify_flags | session->internals.priorities.additional_verify_flags,
- status);
+ cred->verify_flags | session->
+ internals.priorities.
+ additional_verify_flags, status);
CLEAR_CERTS;
@@ -1577,7 +1578,7 @@ parse_pkcs12 (gnutls_certificate_credentials_t res,
*cert = NULL;
*key = NULL;
- *crl = NULL;
+ *crl = NULL;
/* find the first private key */
for (;;)
@@ -1649,12 +1650,12 @@ parse_pkcs12 (gnutls_certificate_credentials_t res,
{
case GNUTLS_BAG_PKCS8_ENCRYPTED_KEY:
case GNUTLS_BAG_PKCS8_KEY:
- if (*key != NULL) /* too simple to continue */
- {
- gnutls_assert();
- break;
- }
-
+ if (*key != NULL) /* too simple to continue */
+ {
+ gnutls_assert ();
+ break;
+ }
+
ret = gnutls_x509_privkey_init (key);
if (ret < 0)
{
@@ -1668,20 +1669,22 @@ parse_pkcs12 (gnutls_certificate_credentials_t res,
if (ret < 0)
{
gnutls_assert ();
- gnutls_x509_privkey_deinit( *key);
+ gnutls_x509_privkey_deinit (*key);
goto done;
}
-
- key_id_size = sizeof(key_id);
- ret = gnutls_x509_privkey_get_key_id( *key, 0, key_id, &key_id_size);
+
+ key_id_size = sizeof (key_id);
+ ret =
+ gnutls_x509_privkey_get_key_id (*key, 0, key_id,
+ &key_id_size);
if (ret < 0)
{
gnutls_assert ();
- gnutls_x509_privkey_deinit( *key);
+ gnutls_x509_privkey_deinit (*key);
goto done;
}
-
- privkey_ok = 1; /* break */
+
+ privkey_ok = 1; /* break */
break;
default:
break;
@@ -1690,14 +1693,14 @@ parse_pkcs12 (gnutls_certificate_credentials_t res,
idx++;
gnutls_pkcs12_bag_deinit (bag);
-
- if (privkey_ok != 0) /* private key was found */
- break;
+
+ if (privkey_ok != 0) /* private key was found */
+ break;
}
- if (privkey_ok == 0) /* no private key */
+ if (privkey_ok == 0) /* no private key */
{
- gnutls_assert();
+ gnutls_assert ();
return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
}
@@ -1773,11 +1776,11 @@ parse_pkcs12 (gnutls_certificate_credentials_t res,
switch (type)
{
case GNUTLS_BAG_CERTIFICATE:
- if (*cert != NULL) /* no need to set it again */
- {
- gnutls_assert();
- break;
- }
+ if (*cert != NULL) /* no need to set it again */
+ {
+ gnutls_assert ();
+ break;
+ }
ret = gnutls_x509_crt_init (cert);
if (ret < 0)
@@ -1791,33 +1794,34 @@ parse_pkcs12 (gnutls_certificate_credentials_t res,
if (ret < 0)
{
gnutls_assert ();
- gnutls_x509_crt_deinit( *cert);
+ gnutls_x509_crt_deinit (*cert);
goto done;
}
/* check if the key id match */
- cert_id_size = sizeof(cert_id);
- ret = gnutls_x509_crt_get_key_id( *cert, 0, cert_id, &cert_id_size);
+ cert_id_size = sizeof (cert_id);
+ ret =
+ gnutls_x509_crt_get_key_id (*cert, 0, cert_id, &cert_id_size);
if (ret < 0)
{
gnutls_assert ();
- gnutls_x509_crt_deinit( *cert);
+ gnutls_x509_crt_deinit (*cert);
goto done;
}
-
- if (memcmp( cert_id, key_id, cert_id_size) != 0)
- { /* they don't match - skip the certificate */
- gnutls_x509_crt_deinit( *cert);
- *cert = NULL;
- }
+
+ if (memcmp (cert_id, key_id, cert_id_size) != 0)
+ { /* they don't match - skip the certificate */
+ gnutls_x509_crt_deinit (*cert);
+ *cert = NULL;
+ }
break;
case GNUTLS_BAG_CRL:
if (*crl != NULL)
- {
- gnutls_assert();
- break;
- }
+ {
+ gnutls_assert ();
+ break;
+ }
ret = gnutls_x509_crl_init (crl);
if (ret < 0)
@@ -1830,7 +1834,7 @@ parse_pkcs12 (gnutls_certificate_credentials_t res,
if (ret < 0)
{
gnutls_assert ();
- gnutls_x509_crl_deinit( *crl);
+ gnutls_x509_crl_deinit (*crl);
goto done;
}
break;
@@ -1905,9 +1909,11 @@ int
gnutls_assert ();
return GNUTLS_E_FILE_ERROR;
}
-
- ret = gnutls_certificate_set_x509_simple_pkcs12_mem(res, &p12blob, type, password);
- free(p12blob.data);
+
+ ret =
+ gnutls_certificate_set_x509_simple_pkcs12_mem (res, &p12blob, type,
+ password);
+ free (p12blob.data);
return ret;
}
@@ -1948,7 +1954,7 @@ int
**/
int
gnutls_certificate_set_x509_simple_pkcs12_mem
- (gnutls_certificate_credentials_t res, const gnutls_datum_t *p12blob,
+ (gnutls_certificate_credentials_t res, const gnutls_datum_t * p12blob,
gnutls_x509_crt_fmt_t type, const char *password)
{
gnutls_pkcs12_t p12;
diff --git a/lib/minitasn1/decoding.c b/lib/minitasn1/decoding.c
index b79002cd13..af94cea2e5 100644
--- a/lib/minitasn1/decoding.c
+++ b/lib/minitasn1/decoding.c
@@ -288,18 +288,20 @@ _asn1_get_objectid_der (const unsigned char *der, int der_len, int *ret_len,
leading = 1;
for (k = 1; k < len; k++)
{
-
+
/* X.690 mandates that the leading byte must never be 0x80
*/
- if (leading != 0 && der[len_len + k] == 0x80) return ASN1_DER_ERROR;
+ if (leading != 0 && der[len_len + k] == 0x80)
+ return ASN1_DER_ERROR;
leading = 0;
/* check for wrap around */
val = val << 7;
val |= der[len_len + k] & 0x7F;
- if (val < prev_val) return ASN1_DER_ERROR;
+ if (val < prev_val)
+ return ASN1_DER_ERROR;
prev_val = val;
@@ -313,7 +315,7 @@ _asn1_get_objectid_der (const unsigned char *der, int der_len, int *ret_len,
}
}
*ret_len = len + len_len;
-
+
return ASN1_SUCCESS;
}
@@ -1054,8 +1056,9 @@ asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
move = RIGHT;
break;
case TYPE_OBJECT_ID:
- result = _asn1_get_objectid_der (der + counter, len - counter, &len2,
- temp, sizeof (temp));
+ result =
+ _asn1_get_objectid_der (der + counter, len - counter, &len2,
+ temp, sizeof (temp));
if (result != ASN1_SUCCESS)
{
asn1_delete_structure (element);
@@ -1670,12 +1673,13 @@ asn1_der_decoding_element (ASN1_TYPE * structure, const char *elementName,
case TYPE_OBJECT_ID:
if (state == FOUND)
{
- result = _asn1_get_objectid_der (der + counter, len - counter, &len2,
- temp, sizeof (temp));
- if (result != ASN1_SUCCESS)
- {
- return result;
- }
+ result =
+ _asn1_get_objectid_der (der + counter, len - counter,
+ &len2, temp, sizeof (temp));
+ if (result != ASN1_SUCCESS)
+ {
+ return result;
+ }
tlen = strlen (temp);
diff --git a/lib/opencdk/armor.c b/lib/opencdk/armor.c
index 5686809f01..3a08b5fda3 100644
--- a/lib/opencdk/armor.c
+++ b/lib/opencdk/armor.c
@@ -595,7 +595,8 @@ armor_decode (void *data, FILE * in, FILE * out)
afx->crc_okay = (afx->crc == crc2) ? 1 : 0;
if (!afx->crc_okay && !rc)
{
- _cdk_log_debug ("file crc=%08X afx_crc=%08X\n", (unsigned int)crc2, (unsigned int)afx->crc);
+ _cdk_log_debug ("file crc=%08X afx_crc=%08X\n", (unsigned int) crc2,
+ (unsigned int) afx->crc);
rc = CDK_Armor_CRC_Error;
}
diff --git a/lib/opencdk/keydb.c b/lib/opencdk/keydb.c
index 314fefedc4..85281c69b5 100644
--- a/lib/opencdk/keydb.c
+++ b/lib/opencdk/keydb.c
@@ -663,7 +663,8 @@ keydb_cache_add (cdk_keydb_search_t dbs, off_t offset)
k->next = dbs->cache;
dbs->cache = k;
dbs->ncache++;
- _cdk_log_debug ("cache: add entry off=%d type=%d\n", (int)offset, (int)dbs->type);
+ _cdk_log_debug ("cache: add entry off=%d type=%d\n", (int) offset,
+ (int) dbs->type);
return 0;
}
diff --git a/lib/opencdk/literal.c b/lib/opencdk/literal.c
index 1dde4a163e..d76f795654 100644
--- a/lib/opencdk/literal.c
+++ b/lib/opencdk/literal.c
@@ -121,7 +121,7 @@ literal_decode (void *data, FILE * in, FILE * out)
while (!feof (in))
{
_cdk_log_debug ("literal_decode: part on %d size %lu\n",
- (int)pfx->blkmode.on, pfx->blkmode.size);
+ (int) pfx->blkmode.on, pfx->blkmode.size);
if (pfx->blkmode.on)
bufsize = pfx->blkmode.size;
else
@@ -200,7 +200,7 @@ literal_encode (void *data, FILE * in, FILE * out)
filelen = strlen (pfx->filename);
cdk_pkt_new (&pkt);
pt = pkt->pkt.literal = cdk_calloc (1, sizeof *pt + filelen);
- pt->name = (char*) pt + sizeof(*pt);
+ pt->name = (char *) pt + sizeof (*pt);
if (!pt)
{
cdk_pkt_release (pkt);
diff --git a/lib/opencdk/misc.c b/lib/opencdk/misc.c
index 0df82a1f15..1331253df6 100644
--- a/lib/opencdk/misc.c
+++ b/lib/opencdk/misc.c
@@ -97,7 +97,7 @@ cdk_strlist_add (cdk_strlist_t * list, const char *string)
sl = cdk_calloc (1, sizeof *sl + strlen (string) + 2);
if (!sl)
return NULL;
- sl->d = (char*) sl + sizeof(*sl);
+ sl->d = (char *) sl + sizeof (*sl);
strcpy (sl->d, string);
sl->next = *list;
*list = sl;
diff --git a/lib/opencdk/new-packet.c b/lib/opencdk/new-packet.c
index 9159af0043..dc5304b8bb 100644
--- a/lib/opencdk/new-packet.c
+++ b/lib/opencdk/new-packet.c
@@ -388,7 +388,7 @@ _cdk_copy_userid (cdk_pkt_userid_t * dst, cdk_pkt_userid_t src)
u = cdk_calloc (1, sizeof *u + strlen (src->name) + 2);
if (!u)
return CDK_Out_Of_Core;
- u->name = (char*)u + sizeof(*u);
+ u->name = (char *) u + sizeof (*u);
memcpy (u, src, sizeof *u);
memcpy (u->name, src->name, strlen (src->name));
@@ -627,7 +627,7 @@ cdk_subpkt_new (size_t size)
s = cdk_calloc (1, sizeof *s + size + 2);
if (!s)
return NULL;
- s->d = (char*)s + sizeof(*s);
+ s->d = (char *) s + sizeof (*s);
return s;
}
diff --git a/lib/opencdk/read-packet.c b/lib/opencdk/read-packet.c
index 97e844be0f..a2ab51b166 100644
--- a/lib/opencdk/read-packet.c
+++ b/lib/opencdk/read-packet.c
@@ -128,15 +128,15 @@ read_mpi (cdk_stream_t inp, bigint_t * ret_m, int secure)
if (nbits > MAX_MPI_BITS || nbits == 0)
{
- _cdk_log_debug ("read_mpi: too large %d bits\n",(int) nbits);
+ _cdk_log_debug ("read_mpi: too large %d bits\n", (int) nbits);
return CDK_MPI_Error; /* Sanity check */
}
rc = stream_read (inp, buf + 2, nread, &nread);
if (!rc && nread != ((nbits + 7) / 8))
{
- _cdk_log_debug ("read_mpi: too short %d < %d\n", (int)nread,
- (int)((nbits + 7) / 8));
+ _cdk_log_debug ("read_mpi: too short %d < %d\n", (int) nread,
+ (int) ((nbits + 7) / 8));
return CDK_MPI_Error;
}
@@ -197,7 +197,7 @@ read_pubkey_enc (cdk_stream_t inp, size_t pktlen, cdk_pkt_pubkey_enc_t pke)
return CDK_Inv_Value;
if (DEBUG_PKT)
- _cdk_log_debug ("read_pubkey_enc: %d octets\n", (int)pktlen);
+ _cdk_log_debug ("read_pubkey_enc: %d octets\n", (int) pktlen);
if (pktlen < 12)
return CDK_Inv_Packet;
@@ -251,7 +251,7 @@ read_compressed (cdk_stream_t inp, size_t pktlen, cdk_pkt_compressed_t c)
return CDK_Inv_Value;
if (DEBUG_PKT)
- _cdk_log_debug ("read_compressed: %d octets\n", (int)pktlen);
+ _cdk_log_debug ("read_compressed: %d octets\n", (int) pktlen);
c->algorithm = cdk_stream_getc (inp);
if (c->algorithm > 3)
@@ -278,7 +278,7 @@ read_public_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_pubkey_t pk)
return CDK_Inv_Value;
if (DEBUG_PKT)
- _cdk_log_debug ("read_public_key: %d octets\n", (int)pktlen);
+ _cdk_log_debug ("read_public_key: %d octets\n", (int) pktlen);
pk->is_invalid = 1; /* default to detect missing self signatures */
pk->is_revoked = 0;
@@ -336,7 +336,7 @@ read_secret_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_seckey_t sk)
return CDK_Inv_Value;
if (DEBUG_PKT)
- _cdk_log_debug ("read_secret_key: %d octets\n", (int)pktlen);
+ _cdk_log_debug ("read_secret_key: %d octets\n", (int) pktlen);
p1 = cdk_stream_tell (inp);
rc = read_public_key (inp, pktlen, sk->pk);
@@ -631,7 +631,7 @@ read_onepass_sig (cdk_stream_t inp, size_t pktlen, cdk_pkt_onepass_sig_t sig)
return CDK_Inv_Value;
if (DEBUG_PKT)
- _cdk_log_debug ("read_onepass_sig: %d octets\n", (int)pktlen);
+ _cdk_log_debug ("read_onepass_sig: %d octets\n", (int) pktlen);
if (pktlen != 13)
return CDK_Inv_Packet;
@@ -730,7 +730,7 @@ read_signature (cdk_stream_t inp, size_t pktlen, cdk_pkt_signature_t sig)
return CDK_Inv_Value;
if (DEBUG_PKT)
- _cdk_log_debug ("read_signature: %d octets\n", (int)pktlen);
+ _cdk_log_debug ("read_signature: %d octets\n", (int) pktlen);
if (pktlen < 16)
return CDK_Inv_Packet;
@@ -836,7 +836,7 @@ read_literal (cdk_stream_t inp, size_t pktlen,
*ret_pt = pt = cdk_realloc (pt, sizeof *pt + pt->namelen + 2);
if (!pt)
return CDK_Out_Of_Core;
- pt->name = (char*)pt + sizeof(*pt);
+ pt->name = (char *) pt + sizeof (*pt);
rc = stream_read (inp, pt->name, pt->namelen, &nread);
if (rc)
return rc;
@@ -958,7 +958,8 @@ cdk_pkt_read (cdk_stream_t inp, cdk_packet_t pkt)
if (!(ctb & 0x80))
{
_cdk_log_info ("cdk_pkt_read: no openpgp data found. "
- "(ctb=%02X; fpos=%02X)\n",(int) ctb, (int)cdk_stream_tell (inp));
+ "(ctb=%02X; fpos=%02X)\n", (int) ctb,
+ (int) cdk_stream_tell (inp));
return CDK_Inv_Packet;
}
@@ -998,7 +999,8 @@ cdk_pkt_read (cdk_stream_t inp, cdk_packet_t pkt)
+ pkt->pktlen + 16 + 1);
if (!pkt->pkt.user_id)
return CDK_Out_Of_Core;
- pkt->pkt.user_id->name = (char*)pkt->pkt.user_id + sizeof(*pkt->pkt.user_id);
+ pkt->pkt.user_id->name =
+ (char *) pkt->pkt.user_id + sizeof (*pkt->pkt.user_id);
rc = read_attribute (inp, pktlen, pkt->pkt.user_id);
pkt->pkttype = CDK_PKT_ATTRIBUTE;
@@ -1009,7 +1011,8 @@ cdk_pkt_read (cdk_stream_t inp, cdk_packet_t pkt)
+ pkt->pktlen + 1);
if (!pkt->pkt.user_id)
return CDK_Out_Of_Core;
- pkt->pkt.user_id->name = (char*)pkt->pkt.user_id + sizeof(*pkt->pkt.user_id);
+ pkt->pkt.user_id->name =
+ (char *) pkt->pkt.user_id + sizeof (*pkt->pkt.user_id);
rc = read_user_id (inp, pktlen, pkt->pkt.user_id);
break;
diff --git a/lib/opencdk/sig-check.c b/lib/opencdk/sig-check.c
index d4e2c74b9d..5dc9da6fd1 100644
--- a/lib/opencdk/sig-check.c
+++ b/lib/opencdk/sig-check.c
@@ -542,8 +542,8 @@ cdk_pk_check_sigs (cdk_kbnode_t key, cdk_keydb_hd_t keydb, int *r_status)
}
_cdk_log_debug ("signature %s: signer %08X keyid %08X\n",
- rc == CDK_Bad_Sig ? "BAD" : "good", (unsigned int)sig->keyid[1],
- (unsigned int)keyid);
+ rc == CDK_Bad_Sig ? "BAD" : "good",
+ (unsigned int) sig->keyid[1], (unsigned int) keyid);
if (IS_UID_SIG (sig) && uid_name != NULL)
{
diff --git a/lib/opencdk/stream.c b/lib/opencdk/stream.c
index eaeb637587..82f8155b01 100644
--- a/lib/opencdk/stream.c
+++ b/lib/opencdk/stream.c
@@ -1056,7 +1056,7 @@ cdk_stream_write (cdk_stream_t s, const void *buf, size_t count)
memcpy (s->cache.buf, old, s->cache.size);
cdk_free (old);
_cdk_log_debug ("stream: enlarge cache to %d octets\n",
- (int)s->cache.alloced);
+ (int) s->cache.alloced);
}
memcpy (s->cache.buf + s->cache.size, buf, count);
s->cache.size += count;
@@ -1575,7 +1575,8 @@ _cdk_stream_set_blockmode (cdk_stream_t s, size_t nbytes)
{
assert (s);
- _cdk_log_debug ("stream: activate block mode with blocksize %d\n", (int)nbytes);
+ _cdk_log_debug ("stream: activate block mode with blocksize %d\n",
+ (int) nbytes);
s->blkmode = nbytes;
return 0;
}
diff --git a/lib/opencdk/verify.c b/lib/opencdk/verify.c
index e6e560fae1..1b17940787 100644
--- a/lib/opencdk/verify.c
+++ b/lib/opencdk/verify.c
@@ -58,7 +58,8 @@ struct
};
-static cdk_error_t file_verify_clearsign (cdk_ctx_t, const char *, const char *);
+static cdk_error_t file_verify_clearsign (cdk_ctx_t, const char *,
+ const char *);
/**
diff --git a/lib/openpgp/gnutls_openpgp.c b/lib/openpgp/gnutls_openpgp.c
index fb50075390..0f2a9e059e 100644
--- a/lib/openpgp/gnutls_openpgp.c
+++ b/lib/openpgp/gnutls_openpgp.c
@@ -459,8 +459,8 @@ gnutls_certificate_set_openpgp_key_mem2 (gnutls_certificate_credentials_t res,
* Since: 2.4.0
**/
int
-gnutls_certificate_set_openpgp_key_file2 (gnutls_certificate_credentials_t res,
- const char *certfile,
+gnutls_certificate_set_openpgp_key_file2 (gnutls_certificate_credentials_t
+ res, const char *certfile,
const char *keyfile,
const char *subkey_id,
gnutls_openpgp_crt_fmt_t format)
@@ -566,8 +566,8 @@ gnutls_openpgp_count_key_names (const gnutls_datum_t * cert)
* negative error value.
**/
int
-gnutls_certificate_set_openpgp_keyring_file (gnutls_certificate_credentials_t c,
- const char *file,
+gnutls_certificate_set_openpgp_keyring_file (gnutls_certificate_credentials_t
+ c, const char *file,
gnutls_openpgp_crt_fmt_t format)
{
gnutls_datum_t ring;
@@ -613,8 +613,8 @@ gnutls_certificate_set_openpgp_keyring_file (gnutls_certificate_credentials_t c,
* negative error value.
**/
int
-gnutls_certificate_set_openpgp_keyring_mem (gnutls_certificate_credentials_t c,
- const opaque * data,
+gnutls_certificate_set_openpgp_keyring_mem (gnutls_certificate_credentials_t
+ c, const opaque * data,
size_t dlen,
gnutls_openpgp_crt_fmt_t format)
{
@@ -800,7 +800,7 @@ _gnutls_openpgp_crt_to_gcert (gnutls_cert * gcert, gnutls_openpgp_crt_t cert)
memset (gcert, 0, sizeof (gnutls_cert));
gcert->cert_type = GNUTLS_CRT_OPENPGP;
- gcert->sign_algo = GNUTLS_SIGN_UNKNOWN; /* N/A here */
+ gcert->sign_algo = GNUTLS_SIGN_UNKNOWN; /* N/A here */
gcert->version = gnutls_openpgp_crt_get_version (cert);
gcert->params_size = MAX_PUBLIC_PARAMS_SIZE;
diff --git a/lib/openpgp/output.c b/lib/openpgp/output.c
index bd395841a6..58a6a1ab4d 100644
--- a/lib/openpgp/output.c
+++ b/lib/openpgp/output.c
@@ -520,7 +520,8 @@ gnutls_openpgp_crt_print (gnutls_openpgp_crt_t cert,
print_oneline (&str, cert);
else
{
- _gnutls_string_append_str (&str, _("OpenPGP Certificate Information:\n"));
+ _gnutls_string_append_str (&str,
+ _("OpenPGP Certificate Information:\n"));
print_cert (&str, cert);
}
diff --git a/lib/openpgp/pgp.c b/lib/openpgp/pgp.c
index aa2a235a23..0d62b36409 100644
--- a/lib/openpgp/pgp.c
+++ b/lib/openpgp/pgp.c
@@ -200,11 +200,11 @@ _gnutls_openpgp_export (cdk_kbnode_t node,
*output_data_size = calc_size;
if (rc)
- {
- rc = _gnutls_map_cdk_rc (rc);
- gnutls_assert ();
- return rc;
- }
+ {
+ rc = _gnutls_map_cdk_rc (rc);
+ gnutls_assert ();
+ return rc;
+ }
}
return 0;
@@ -363,7 +363,7 @@ gnutls_openpgp_crt_get_name (gnutls_openpgp_crt_t key,
if (buf)
{
memcpy (buf, uid->name, uid->len);
- buf[uid->len] = '\0'; /* make sure it's a string */
+ buf[uid->len] = '\0'; /* make sure it's a string */
}
*sizeof_buf = uid->len + 1;
diff --git a/lib/x509/crq.c b/lib/x509/crq.c
index 74fa84235e..0702a2c186 100644
--- a/lib/x509/crq.c
+++ b/lib/x509/crq.c
@@ -791,9 +791,7 @@ gnutls_x509_crq_set_key (gnutls_x509_crq_t crq, gnutls_x509_privkey_t key)
result = _gnutls_x509_encode_and_copy_PKI_params
(crq->crq,
"certificationRequestInfo.subjectPKInfo",
- key->pk_algorithm,
- key->params,
- key->params_size);
+ key->pk_algorithm, key->params, key->params_size);
if (result < 0)
{
@@ -923,9 +921,7 @@ gnutls_x509_crq_set_key_rsa_raw (gnutls_x509_crq_t crq,
result = _gnutls_x509_encode_and_copy_PKI_params
(crq->crq,
"certificationRequestInfo.subjectPKInfo",
- GNUTLS_PK_RSA,
- temp_params,
- RSA_PUBLIC_PARAMS);
+ GNUTLS_PK_RSA, temp_params, RSA_PUBLIC_PARAMS);
if (result < 0)
{
@@ -977,8 +973,7 @@ gnutls_x509_crq_set_challenge_password (gnutls_x509_crq_t crq,
result = _gnutls_x509_encode_and_write_attribute
("1.2.840.113549.1.9.7", crq->crq,
- "certificationRequestInfo.attributes.?LAST",
- pass, strlen (pass), 1);
+ "certificationRequestInfo.attributes.?LAST", pass, strlen (pass), 1);
if (result < 0)
{
gnutls_assert ();
@@ -1400,7 +1395,7 @@ gnutls_x509_crq_get_extension_info (gnutls_x509_crq_t crq, int indx,
result = 0;
- out:
+out:
gnutls_free (extensions);
return result;
}
@@ -1652,8 +1647,7 @@ get_subject_alt_name (gnutls_x509_crq_t crq,
/* Extract extension.
*/
result = gnutls_x509_crq_get_extension_by_oid (crq, "2.5.29.17", 0,
- NULL, &dns_size,
- critical);
+ NULL, &dns_size, critical);
if (result < 0)
{
gnutls_assert ();
@@ -2093,8 +2087,7 @@ gnutls_x509_crq_get_key_purpose_oid (gnutls_x509_crq_t crq,
/* Extract extension.
*/
result = gnutls_x509_crq_get_extension_by_oid (crq, "2.5.29.37", 0,
- NULL, &prev_size,
- critical);
+ NULL, &prev_size, critical);
prev.size = prev_size;
if (result < 0)
@@ -2193,8 +2186,7 @@ gnutls_x509_crq_set_key_purpose_oid (gnutls_x509_crq_t crq,
/* Read existing extension, if there is one.
*/
result = gnutls_x509_crq_get_extension_by_oid (crq, "2.5.29.37", 0,
- NULL, &prev_size,
- &critical);
+ NULL, &prev_size, &critical);
prev.size = prev_size;
switch (result)
@@ -2418,8 +2410,9 @@ gnutls_x509_crq_get_key_id (gnutls_x509_crq_t crq, unsigned int flags,
}
pubkey.size = 0;
- result = asn1_der_coding (crq->crq, "certificationRequestInfo.subjectPKInfo",
- NULL, &pubkey.size, NULL);
+ result =
+ asn1_der_coding (crq->crq, "certificationRequestInfo.subjectPKInfo", NULL,
+ &pubkey.size, NULL);
if (result != ASN1_MEM_ERROR)
{
gnutls_assert ();
@@ -2433,8 +2426,9 @@ gnutls_x509_crq_get_key_id (gnutls_x509_crq_t crq, unsigned int flags,
return GNUTLS_E_MEMORY_ERROR;
}
- result = asn1_der_coding (crq->crq, "certificationRequestInfo.subjectPKInfo",
- pubkey.data, &pubkey.size, NULL);
+ result =
+ asn1_der_coding (crq->crq, "certificationRequestInfo.subjectPKInfo",
+ pubkey.data, &pubkey.size, NULL);
if (result != ASN1_SUCCESS)
{
gnutls_assert ();
diff --git a/lib/x509/dn.c b/lib/x509/dn.c
index daf14dfece..89b84bd34b 100644
--- a/lib/x509/dn.c
+++ b/lib/x509/dn.c
@@ -308,7 +308,7 @@ _gnutls_x509_parse_dn (ASN1_TYPE asn1_struct,
if (buf)
{
- _gnutls_string_get_data( &out_str, buf, sizeof_buf);
+ _gnutls_string_get_data (&out_str, buf, sizeof_buf);
buf[*sizeof_buf] = 0;
}
else
@@ -997,7 +997,7 @@ gnutls_x509_dn_import (gnutls_x509_dn_t dn, const gnutls_datum_t * data)
int result;
char err[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
- result = asn1_der_decoding ((ASN1_TYPE *) &dn,
+ result = asn1_der_decoding ((ASN1_TYPE *) & dn,
data->data, data->size, err);
if (result != ASN1_SUCCESS)
{
@@ -1022,7 +1022,7 @@ gnutls_x509_dn_import (gnutls_x509_dn_t dn, const gnutls_datum_t * data)
void
gnutls_x509_dn_deinit (gnutls_x509_dn_t dn)
{
- asn1_delete_structure ((ASN1_TYPE *) &dn);
+ asn1_delete_structure ((ASN1_TYPE *) & dn);
}
/**
diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c
index 6bfb402175..18d455d34f 100644
--- a/lib/x509/pkcs12.c
+++ b/lib/x509/pkcs12.c
@@ -52,7 +52,7 @@ _decode_pkcs12_auth_safe (ASN1_TYPE pkcs12, ASN1_TYPE * authen_safe,
gnutls_datum_t auth_safe = { NULL, 0 };
int len, result;
char error_str[ASN1_MAX_ERROR_DESCRIPTION_SIZE];
-
+
len = sizeof (oid) - 1;
result = asn1_read_value (pkcs12, "authSafe.contentType", oid, &len);
if (result != ASN1_SUCCESS)
@@ -95,7 +95,7 @@ _decode_pkcs12_auth_safe (ASN1_TYPE pkcs12, ASN1_TYPE * authen_safe,
if (result != ASN1_SUCCESS)
{
gnutls_assert ();
- _gnutls_x509_log("DER error: %s\n", error_str);
+ _gnutls_x509_log ("DER error: %s\n", error_str);
result = _gnutls_asn2err (result);
goto cleanup;
}
@@ -233,11 +233,12 @@ gnutls_pkcs12_import (gnutls_pkcs12_t pkcs12,
need_free = 1;
}
- result = asn1_der_decoding (&pkcs12->pkcs12, _data.data, _data.size, error_str);
+ result =
+ asn1_der_decoding (&pkcs12->pkcs12, _data.data, _data.size, error_str);
if (result != ASN1_SUCCESS)
{
result = _gnutls_asn2err (result);
- _gnutls_x509_log("DER error: %s\n", error_str);
+ _gnutls_x509_log ("DER error: %s\n", error_str);
gnutls_assert ();
goto cleanup;
}
@@ -427,7 +428,8 @@ _pkcs12_decode_safe_contents (const gnutls_datum_t * content,
goto cleanup;
}
- if (bag_type == GNUTLS_BAG_CERTIFICATE || bag_type == GNUTLS_BAG_CRL || bag_type == GNUTLS_BAG_SECRET)
+ if (bag_type == GNUTLS_BAG_CERTIFICATE || bag_type == GNUTLS_BAG_CRL
+ || bag_type == GNUTLS_BAG_SECRET)
{
gnutls_datum_t tmp = bag->element[i].data;
diff --git a/lib/x509/pkcs12_bag.c b/lib/x509/pkcs12_bag.c
index 9ed23af347..42ff1b4e23 100644
--- a/lib/x509/pkcs12_bag.c
+++ b/lib/x509/pkcs12_bag.c
@@ -182,90 +182,90 @@ _pkcs12_decode_crt_bag (gnutls_pkcs12_bag_type_t type,
int ret;
ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
- switch(type)
+ switch (type)
{
- case GNUTLS_BAG_CERTIFICATE:
- if ((ret = asn1_create_element (_gnutls_get_pkix (),
+ case GNUTLS_BAG_CERTIFICATE:
+ if ((ret = asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-12-CertBag",
&c2)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = asn1_der_decoding (&c2, in->data, in->size, NULL);
- if (ret != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = _gnutls_x509_read_value (c2, "certValue", out, 1);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
- break;
-
- case GNUTLS_BAG_CRL:
- if ((ret = asn1_create_element (_gnutls_get_pkix (),
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = asn1_der_decoding (&c2, in->data, in->size, NULL);
+ if (ret != ASN1_SUCCESS)
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = _gnutls_x509_read_value (c2, "certValue", out, 1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ goto cleanup;
+ }
+ break;
+
+ case GNUTLS_BAG_CRL:
+ if ((ret = asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-12-CRLBag",
&c2)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = asn1_der_decoding (&c2, in->data, in->size, NULL);
- if (ret != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = _gnutls_x509_read_value (c2, "crlValue", out, 1);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
- break;
-
- case GNUTLS_BAG_SECRET:
- if ((ret = asn1_create_element (_gnutls_get_pkix (),
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = asn1_der_decoding (&c2, in->data, in->size, NULL);
+ if (ret != ASN1_SUCCESS)
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = _gnutls_x509_read_value (c2, "crlValue", out, 1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ goto cleanup;
+ }
+ break;
+
+ case GNUTLS_BAG_SECRET:
+ if ((ret = asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-12-SecretBag",
&c2)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = asn1_der_decoding (&c2, in->data, in->size, NULL);
- if (ret != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = _gnutls_x509_read_value (c2, "secretValue", out, 1);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
- break;
-
- default:
- gnutls_assert();
- asn1_delete_structure (&c2);
- return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = asn1_der_decoding (&c2, in->data, in->size, NULL);
+ if (ret != ASN1_SUCCESS)
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = _gnutls_x509_read_value (c2, "secretValue", out, 1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ goto cleanup;
+ }
+ break;
+
+ default:
+ gnutls_assert ();
+ asn1_delete_structure (&c2);
+ return GNUTLS_E_UNIMPLEMENTED_FEATURE;
}
asn1_delete_structure (&c2);
@@ -287,90 +287,90 @@ _pkcs12_encode_crt_bag (gnutls_pkcs12_bag_type_t type,
int ret;
ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
- switch(type)
+ switch (type)
{
- case GNUTLS_BAG_CERTIFICATE:
- if ((ret = asn1_create_element (_gnutls_get_pkix (),
+ case GNUTLS_BAG_CERTIFICATE:
+ if ((ret = asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-12-CertBag",
&c2)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = asn1_write_value (c2, "certId", X509_CERT_OID, 1);
- if (ret != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = _gnutls_x509_write_value (c2, "certValue", raw, 1);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
- break;
-
- case GNUTLS_BAG_CRL:
- if ((ret = asn1_create_element (_gnutls_get_pkix (),
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = asn1_write_value (c2, "certId", X509_CERT_OID, 1);
+ if (ret != ASN1_SUCCESS)
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = _gnutls_x509_write_value (c2, "certValue", raw, 1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ goto cleanup;
+ }
+ break;
+
+ case GNUTLS_BAG_CRL:
+ if ((ret = asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-12-CRLBag",
&c2)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = asn1_write_value (c2, "crlId", X509_CRL_OID, 1);
- if (ret != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = _gnutls_x509_write_value (c2, "crlValue", raw, 1);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
- break;
-
- case GNUTLS_BAG_SECRET:
- if ((ret = asn1_create_element (_gnutls_get_pkix (),
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = asn1_write_value (c2, "crlId", X509_CRL_OID, 1);
+ if (ret != ASN1_SUCCESS)
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = _gnutls_x509_write_value (c2, "crlValue", raw, 1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ goto cleanup;
+ }
+ break;
+
+ case GNUTLS_BAG_SECRET:
+ if ((ret = asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-12-SecretBag",
&c2)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = asn1_write_value (c2, "secretTypeId", RANDOM_NONCE_OID, 1);
- if (ret != ASN1_SUCCESS)
- {
- gnutls_assert ();
- ret = _gnutls_asn2err (ret);
- goto cleanup;
- }
-
- ret = _gnutls_x509_write_value (c2, "secretValue", raw, 1);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
- break;
-
- default:
- gnutls_assert();
- asn1_delete_structure (&c2);
- return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = asn1_write_value (c2, "secretTypeId", RANDOM_NONCE_OID, 1);
+ if (ret != ASN1_SUCCESS)
+ {
+ gnutls_assert ();
+ ret = _gnutls_asn2err (ret);
+ goto cleanup;
+ }
+
+ ret = _gnutls_x509_write_value (c2, "secretValue", raw, 1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ goto cleanup;
+ }
+ break;
+
+ default:
+ gnutls_assert ();
+ asn1_delete_structure (&c2);
+ return GNUTLS_E_UNIMPLEMENTED_FEATURE;
}
ret = _gnutls_x509_der_encode (c2, "", out, 0);
@@ -805,7 +805,7 @@ gnutls_pkcs12_bag_encrypt (gnutls_pkcs12_bag_t bag, const char *pass,
return GNUTLS_E_INVALID_REQUEST;
}
- id = _gnutls_pkcs_flags_to_schema(flags);
+ id = _gnutls_pkcs_flags_to_schema (flags);
/* Now encrypt them.
*/
diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c
index fa14858b7d..24dce8b683 100644
--- a/lib/x509/privkey_pkcs8.c
+++ b/lib/x509/privkey_pkcs8.c
@@ -108,7 +108,7 @@ check_schema (const char *oid)
{
if (strcmp (oid, PBES2_OID) == 0)
- return PBES2_GENERIC; /* ok */
+ return PBES2_GENERIC; /* ok */
if (strcmp (oid, PKCS12_PBE_3DES_SHA1_OID) == 0)
return PKCS12_3DES_SHA1;
@@ -362,86 +362,96 @@ error:
}
-static const char* cipher_to_pkcs_params(int cipher, const char** oid)
+static const char *
+cipher_to_pkcs_params (int cipher, const char **oid)
{
- switch(cipher)
- {
- case GNUTLS_CIPHER_AES_128_CBC:
- if (oid) *oid = AES_128_CBC_OID;
- return "PKIX1.pkcs-5-aes128-CBC-params";
- break;
- case GNUTLS_CIPHER_AES_192_CBC:
- if (oid) *oid = AES_192_CBC_OID;
- return "PKIX1.pkcs-5-aes192-CBC-params";
- break;
- case GNUTLS_CIPHER_AES_256_CBC:
- if (oid) *oid = AES_256_CBC_OID;
- return "PKIX1.pkcs-5-aes256-CBC-params";
- break;
- case GNUTLS_CIPHER_3DES_CBC:
- if (oid) *oid = DES_EDE3_CBC_OID;
- return "PKIX1.pkcs-5-des-EDE3-CBC-params";
- break;
- default:
- return NULL;
- break;
+ switch (cipher)
+ {
+ case GNUTLS_CIPHER_AES_128_CBC:
+ if (oid)
+ *oid = AES_128_CBC_OID;
+ return "PKIX1.pkcs-5-aes128-CBC-params";
+ break;
+ case GNUTLS_CIPHER_AES_192_CBC:
+ if (oid)
+ *oid = AES_192_CBC_OID;
+ return "PKIX1.pkcs-5-aes192-CBC-params";
+ break;
+ case GNUTLS_CIPHER_AES_256_CBC:
+ if (oid)
+ *oid = AES_256_CBC_OID;
+ return "PKIX1.pkcs-5-aes256-CBC-params";
+ break;
+ case GNUTLS_CIPHER_3DES_CBC:
+ if (oid)
+ *oid = DES_EDE3_CBC_OID;
+ return "PKIX1.pkcs-5-des-EDE3-CBC-params";
+ break;
+ default:
+ return NULL;
+ break;
}
}
-static int cipher_to_schema(int cipher)
+static int
+cipher_to_schema (int cipher)
{
- switch(cipher)
- {
- case GNUTLS_CIPHER_AES_128_CBC:
- return PBES2_AES_128;
- break;
- case GNUTLS_CIPHER_AES_192_CBC:
- return PBES2_AES_192;
- break;
- case GNUTLS_CIPHER_AES_256_CBC:
- return PBES2_AES_256;
- break;
- case GNUTLS_CIPHER_3DES_CBC:
- return PBES2_3DES;
- break;
- default:
- return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
- break;
+ switch (cipher)
+ {
+ case GNUTLS_CIPHER_AES_128_CBC:
+ return PBES2_AES_128;
+ break;
+ case GNUTLS_CIPHER_AES_192_CBC:
+ return PBES2_AES_192;
+ break;
+ case GNUTLS_CIPHER_AES_256_CBC:
+ return PBES2_AES_256;
+ break;
+ case GNUTLS_CIPHER_3DES_CBC:
+ return PBES2_3DES;
+ break;
+ default:
+ return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
+ break;
}
}
-int _gnutls_pkcs_flags_to_schema(unsigned int flags)
+int
+_gnutls_pkcs_flags_to_schema (unsigned int flags)
{
-int schema;
-
- if (flags & GNUTLS_PKCS_USE_PKCS12_ARCFOUR)
- schema = PKCS12_ARCFOUR_SHA1;
- else if (flags & GNUTLS_PKCS_USE_PKCS12_RC2_40)
- schema = PKCS12_RC2_40_SHA1;
- else if (flags & GNUTLS_PKCS_USE_PBES2_3DES)
- schema = PBES2_3DES;
- else if (flags & GNUTLS_PKCS_USE_PBES2_AES_128)
- schema = PBES2_AES_128;
- else if (flags & GNUTLS_PKCS_USE_PBES2_AES_192)
- schema = PBES2_AES_192;
- else if (flags & GNUTLS_PKCS_USE_PBES2_AES_256)
- schema = PBES2_AES_256;
- else {
- gnutls_assert();
+ int schema;
+
+ if (flags & GNUTLS_PKCS_USE_PKCS12_ARCFOUR)
+ schema = PKCS12_ARCFOUR_SHA1;
+ else if (flags & GNUTLS_PKCS_USE_PKCS12_RC2_40)
+ schema = PKCS12_RC2_40_SHA1;
+ else if (flags & GNUTLS_PKCS_USE_PBES2_3DES)
+ schema = PBES2_3DES;
+ else if (flags & GNUTLS_PKCS_USE_PBES2_AES_128)
+ schema = PBES2_AES_128;
+ else if (flags & GNUTLS_PKCS_USE_PBES2_AES_192)
+ schema = PBES2_AES_192;
+ else if (flags & GNUTLS_PKCS_USE_PBES2_AES_256)
+ schema = PBES2_AES_256;
+ else
+ {
+ gnutls_assert ();
_gnutls_x509_log
- ("Selecting default encryption PKCS12_3DES_SHA1 (flags: %u).\n", flags);
+ ("Selecting default encryption PKCS12_3DES_SHA1 (flags: %u).\n",
+ flags);
schema = PKCS12_3DES_SHA1;
}
- return schema;
+ return schema;
}
/* returns the OID corresponding to given schema
*/
-static int schema_to_oid(schema_id schema, const char** str_oid)
+static int
+schema_to_oid (schema_id schema, const char **str_oid)
{
-int result = 0;
+ int result = 0;
switch (schema)
{
@@ -461,11 +471,11 @@ int result = 0;
*str_oid = PKCS12_PBE_RC2_40_SHA1_OID;
break;
default:
- gnutls_assert();
+ gnutls_assert ();
result = GNUTLS_E_INTERNAL_ERROR;
}
-
- return result;
+
+ return result;
}
/* Converts a PKCS #8 private key info to
@@ -481,7 +491,7 @@ encode_to_pkcs8_key (schema_id schema, const gnutls_datum_t * der_key,
ASN1_TYPE pkcs8_asn = ASN1_TYPE_EMPTY;
struct pbkdf2_params kdf_params;
struct pbe_enc_params enc_params;
- const char* str_oid;
+ const char *str_oid;
if ((result =
@@ -496,16 +506,15 @@ encode_to_pkcs8_key (schema_id schema, const gnutls_datum_t * der_key,
/* Write the encryption schema OID
*/
- result = schema_to_oid(schema, &str_oid);
+ result = schema_to_oid (schema, &str_oid);
if (result < 0)
{
- gnutls_assert();
+ gnutls_assert ();
return result;
}
result =
- asn1_write_value (pkcs8_asn, "encryptionAlgorithm.algorithm",
- str_oid, 1);
+ asn1_write_value (pkcs8_asn, "encryptionAlgorithm.algorithm", str_oid, 1);
if (result != ASN1_SUCCESS)
{
@@ -628,7 +637,7 @@ gnutls_x509_privkey_export_pkcs8 (gnutls_x509_privkey_t key,
return ret;
}
- schema = _gnutls_pkcs_flags_to_schema(flags);
+ schema = _gnutls_pkcs_flags_to_schema (flags);
if ((flags & GNUTLS_PKCS_PLAIN) || password == NULL)
{
@@ -669,7 +678,7 @@ gnutls_x509_privkey_export_pkcs8 (gnutls_x509_privkey_t key,
* schema ID.
*/
static int
-read_pkcs_schema_params (schema_id *schema, const char *password,
+read_pkcs_schema_params (schema_id * schema, const char *password,
const opaque * data, int data_size,
struct pbkdf2_params *kdf_params,
struct pbe_enc_params *enc_params)
@@ -726,14 +735,14 @@ read_pkcs_schema_params (schema_id *schema, const char *password,
}
asn1_delete_structure (&pbes2_asn);
-
- result = cipher_to_schema(enc_params->cipher);
+
+ result = cipher_to_schema (enc_params->cipher);
if (result < 0)
- {
- gnutls_assert();
- goto error;
- }
-
+ {
+ gnutls_assert ();
+ goto error;
+ }
+
*schema = result;
return 0;
@@ -803,9 +812,9 @@ read_pkcs_schema_params (schema_id *schema, const char *password,
asn1_delete_structure (&pbes2_asn);
return 0;
-
- default:
- gnutls_assert();
+
+ default:
+ gnutls_assert ();
} /* switch */
return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
@@ -893,7 +902,7 @@ decode_pkcs8_key (const gnutls_datum_t * raw_key,
if (result < 0)
{
- gnutls_assert();
+ gnutls_assert ();
goto error;
}
@@ -1443,26 +1452,22 @@ oid2cipher (const char *oid, gnutls_cipher_algorithm_t * algo)
*algo = GNUTLS_CIPHER_3DES_CBC;
return 0;
}
- else
- if (strcmp (oid, DES_CBC_OID) == 0)
+ else if (strcmp (oid, DES_CBC_OID) == 0)
{
*algo = GNUTLS_CIPHER_DES_CBC;
return 0;
}
- else
- if (strcmp (oid, AES_128_CBC_OID) == 0)
+ else if (strcmp (oid, AES_128_CBC_OID) == 0)
{
*algo = GNUTLS_CIPHER_AES_128_CBC;
return 0;
}
- else
- if (strcmp (oid, AES_192_CBC_OID) == 0)
+ else if (strcmp (oid, AES_192_CBC_OID) == 0)
{
*algo = GNUTLS_CIPHER_AES_192_CBC;
return 0;
}
- else
- if (strcmp (oid, AES_256_CBC_OID) == 0)
+ else if (strcmp (oid, AES_256_CBC_OID) == 0)
{
*algo = GNUTLS_CIPHER_AES_256_CBC;
return 0;
@@ -1483,7 +1488,7 @@ read_pbe_enc_params (ASN1_TYPE pbes2_asn,
int params_len, len, result;
ASN1_TYPE pbe_asn = ASN1_TYPE_EMPTY;
char oid[64];
- const char* eparams;
+ const char *eparams;
memset (params, 0, sizeof (params));
@@ -1518,17 +1523,16 @@ read_pbe_enc_params (ASN1_TYPE pbes2_asn,
/* Now check the encryption parameters.
*/
- eparams = cipher_to_pkcs_params( params->cipher, NULL);
+ eparams = cipher_to_pkcs_params (params->cipher, NULL);
if (eparams == NULL)
{
- gnutls_assert();
+ gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
if ((result =
asn1_create_element (_gnutls_get_pkix (),
- eparams,
- &pbe_asn)) != ASN1_SUCCESS)
+ eparams, &pbe_asn)) != ASN1_SUCCESS)
{
gnutls_assert ();
return _gnutls_asn2err (result);
@@ -1617,35 +1621,35 @@ decrypt_data (schema_id schema, ASN1_TYPE pkcs8_asn,
/* generate the key
*/
- switch(schema)
+ switch (schema)
{
- case PBES2_3DES:
- case PBES2_AES_128:
- case PBES2_AES_192:
- case PBES2_AES_256:
+ case PBES2_3DES:
+ case PBES2_AES_128:
+ case PBES2_AES_192:
+ case PBES2_AES_256:
- result = _gnutls_pbkdf2_sha1 (password, strlen (password),
+ result = _gnutls_pbkdf2_sha1 (password, strlen (password),
kdf_params->salt, kdf_params->salt_size,
kdf_params->iter_count, key, key_size);
- if (result < 0)
- {
- gnutls_assert ();
- goto error;
- }
- break;
- default:
- result =
- _gnutls_pkcs12_string_to_key (1 /*KEY*/, kdf_params->salt,
- kdf_params->salt_size,
+ if (result < 0)
+ {
+ gnutls_assert ();
+ goto error;
+ }
+ break;
+ default:
+ result =
+ _gnutls_pkcs12_string_to_key (1 /*KEY*/, kdf_params->salt,
+ kdf_params->salt_size,
kdf_params->iter_count, password,
key_size, key);
- if (result < 0)
- {
- gnutls_assert ();
- goto error;
- }
+ if (result < 0)
+ {
+ gnutls_assert ();
+ goto error;
+ }
}
/* do the decryption.
@@ -1810,20 +1814,18 @@ write_pbe_enc_params (ASN1_TYPE pbes2_asn,
{
int result;
ASN1_TYPE pbe_asn = ASN1_TYPE_EMPTY;
- const char* oid, *eparams;
+ const char *oid, *eparams;
/* Write the encryption algorithm
*/
- eparams = cipher_to_pkcs_params(params->cipher, &oid);
+ eparams = cipher_to_pkcs_params (params->cipher, &oid);
if (eparams == NULL)
{
- gnutls_assert();
+ gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
- result =
- asn1_write_value (pbes2_asn, "encryptionScheme.algorithm",
- oid, 1);
+ result = asn1_write_value (pbes2_asn, "encryptionScheme.algorithm", oid, 1);
if (result != ASN1_SUCCESS)
{
gnutls_assert ();
@@ -1835,8 +1837,7 @@ write_pbe_enc_params (ASN1_TYPE pbes2_asn,
*/
if ((result =
asn1_create_element (_gnutls_get_pkix (),
- eparams,
- &pbe_asn)) != ASN1_SUCCESS)
+ eparams, &pbe_asn)) != ASN1_SUCCESS)
{
gnutls_assert ();
return _gnutls_asn2err (result);
@@ -1895,36 +1896,36 @@ generate_key (schema_id schema,
kdf_params->salt_size =
MIN (sizeof (kdf_params->salt), (unsigned) (10 + (rnd[1] % 10)));
- switch(schema)
- {
- case PBES2_3DES:
- enc_params->cipher = GNUTLS_CIPHER_3DES_CBC;
- break;
- case PBES2_AES_128:
- enc_params->cipher = GNUTLS_CIPHER_AES_128_CBC;
- break;
- case PBES2_AES_192:
- enc_params->cipher = GNUTLS_CIPHER_AES_192_CBC;
- break;
- case PBES2_AES_256:
- enc_params->cipher = GNUTLS_CIPHER_AES_256_CBC;
- break;
+ switch (schema)
+ {
+ case PBES2_3DES:
+ enc_params->cipher = GNUTLS_CIPHER_3DES_CBC;
+ break;
+ case PBES2_AES_128:
+ enc_params->cipher = GNUTLS_CIPHER_AES_128_CBC;
+ break;
+ case PBES2_AES_192:
+ enc_params->cipher = GNUTLS_CIPHER_AES_192_CBC;
+ break;
+ case PBES2_AES_256:
+ enc_params->cipher = GNUTLS_CIPHER_AES_256_CBC;
+ break;
/* non PBES2 algorithms */
- case PKCS12_ARCFOUR_SHA1:
- enc_params->cipher = GNUTLS_CIPHER_ARCFOUR_128;
- kdf_params->salt_size = 8;
- break;
- case PKCS12_3DES_SHA1:
- enc_params->cipher = GNUTLS_CIPHER_3DES_CBC;
- kdf_params->salt_size = 8;
- break;
- case PKCS12_RC2_40_SHA1:
- enc_params->cipher = GNUTLS_CIPHER_RC2_40_CBC;
- kdf_params->salt_size = 8;
- break;
- default:
- gnutls_assert();
- return GNUTLS_E_INVALID_REQUEST;
+ case PKCS12_ARCFOUR_SHA1:
+ enc_params->cipher = GNUTLS_CIPHER_ARCFOUR_128;
+ kdf_params->salt_size = 8;
+ break;
+ case PKCS12_3DES_SHA1:
+ enc_params->cipher = GNUTLS_CIPHER_3DES_CBC;
+ kdf_params->salt_size = 8;
+ break;
+ case PKCS12_RC2_40_SHA1:
+ enc_params->cipher = GNUTLS_CIPHER_RC2_40_CBC;
+ kdf_params->salt_size = 8;
+ break;
+ default:
+ gnutls_assert ();
+ return GNUTLS_E_INVALID_REQUEST;
}
ret = _gnutls_rnd (GNUTLS_RND_RANDOM, kdf_params->salt,
@@ -1950,63 +1951,63 @@ generate_key (schema_id schema,
/* now generate the key.
*/
- switch(schema)
+ switch (schema)
{
- case PBES2_3DES:
- case PBES2_AES_128:
- case PBES2_AES_192:
- case PBES2_AES_256:
+ case PBES2_3DES:
+ case PBES2_AES_128:
+ case PBES2_AES_192:
+ case PBES2_AES_256:
- ret = _gnutls_pbkdf2_sha1 (password, strlen (password),
+ ret = _gnutls_pbkdf2_sha1 (password, strlen (password),
kdf_params->salt, kdf_params->salt_size,
kdf_params->iter_count,
key->data, kdf_params->key_size);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- if (enc_params->iv_size)
- {
- ret = _gnutls_rnd (GNUTLS_RND_NONCE,
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
+
+ if (enc_params->iv_size)
+ {
+ ret = _gnutls_rnd (GNUTLS_RND_NONCE,
enc_params->iv, enc_params->iv_size);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
- }
- break;
-
- default:
- ret =
- _gnutls_pkcs12_string_to_key (1 /*KEY*/, kdf_params->salt,
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
+ }
+ break;
+
+ default:
+ ret =
+ _gnutls_pkcs12_string_to_key (1 /*KEY*/, kdf_params->salt,
kdf_params->salt_size,
kdf_params->iter_count, password,
kdf_params->key_size, key->data);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- /* Now generate the IV
- */
- if (enc_params->iv_size)
- {
- ret =
- _gnutls_pkcs12_string_to_key (2 /*IV*/, kdf_params->salt,
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
+
+ /* Now generate the IV
+ */
+ if (enc_params->iv_size)
+ {
+ ret =
+ _gnutls_pkcs12_string_to_key (2 /*IV*/, kdf_params->salt,
kdf_params->salt_size,
kdf_params->iter_count, password,
enc_params->iv_size,
enc_params->iv);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
- }
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
+ }
}
@@ -2026,74 +2027,74 @@ write_schema_params (schema_id schema, ASN1_TYPE pkcs8_asn,
int result;
ASN1_TYPE pbes2_asn = ASN1_TYPE_EMPTY;
- switch(schema)
+ switch (schema)
{
- case PBES2_3DES:
- case PBES2_AES_128:
- case PBES2_AES_192:
- case PBES2_AES_256:
- if ((result =
+ case PBES2_3DES:
+ case PBES2_AES_128:
+ case PBES2_AES_192:
+ case PBES2_AES_256:
+ if ((result =
asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-5-PBES2-params",
&pbes2_asn)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- return _gnutls_asn2err (result);
- }
-
- result = write_pbkdf2_params (pbes2_asn, kdf_params);
- if (result < 0)
- {
- gnutls_assert ();
- goto error;
- }
-
- result = write_pbe_enc_params (pbes2_asn, enc_params);
- if (result < 0)
- {
- gnutls_assert ();
- goto error;
- }
-
- result = _gnutls_x509_der_encode_and_copy (pbes2_asn, "",
+ {
+ gnutls_assert ();
+ return _gnutls_asn2err (result);
+ }
+
+ result = write_pbkdf2_params (pbes2_asn, kdf_params);
+ if (result < 0)
+ {
+ gnutls_assert ();
+ goto error;
+ }
+
+ result = write_pbe_enc_params (pbes2_asn, enc_params);
+ if (result < 0)
+ {
+ gnutls_assert ();
+ goto error;
+ }
+
+ result = _gnutls_x509_der_encode_and_copy (pbes2_asn, "",
pkcs8_asn, where, 0);
- if (result < 0)
- {
- gnutls_assert ();
- goto error;
- }
-
- asn1_delete_structure (&pbes2_asn);
- break;
-
- default:
-
- if ((result =
+ if (result < 0)
+ {
+ gnutls_assert ();
+ goto error;
+ }
+
+ asn1_delete_structure (&pbes2_asn);
+ break;
+
+ default:
+
+ if ((result =
asn1_create_element (_gnutls_get_pkix (),
"PKIX1.pkcs-12-PbeParams",
&pbes2_asn)) != ASN1_SUCCESS)
- {
- gnutls_assert ();
- result = _gnutls_asn2err (result);
- goto error;
- }
-
- result = write_pkcs12_kdf_params (pbes2_asn, kdf_params);
- if (result < 0)
- {
- gnutls_assert ();
- goto error;
- }
-
- result = _gnutls_x509_der_encode_and_copy (pbes2_asn, "",
+ {
+ gnutls_assert ();
+ result = _gnutls_asn2err (result);
+ goto error;
+ }
+
+ result = write_pkcs12_kdf_params (pbes2_asn, kdf_params);
+ if (result < 0)
+ {
+ gnutls_assert ();
+ goto error;
+ }
+
+ result = _gnutls_x509_der_encode_and_copy (pbes2_asn, "",
pkcs8_asn, where, 0);
- if (result < 0)
- {
- gnutls_assert ();
- goto error;
- }
+ if (result < 0)
+ {
+ gnutls_assert ();
+ goto error;
+ }
- asn1_delete_structure (&pbes2_asn);
+ asn1_delete_structure (&pbes2_asn);
}
@@ -2297,7 +2298,7 @@ _gnutls_pkcs7_encrypt_data (schema_id schema,
ASN1_TYPE pkcs7_asn = ASN1_TYPE_EMPTY;
struct pbkdf2_params kdf_params;
struct pbe_enc_params enc_params;
- const char* str_oid;
+ const char *str_oid;
if ((result =
asn1_create_element (_gnutls_get_pkix (),
@@ -2311,17 +2312,17 @@ _gnutls_pkcs7_encrypt_data (schema_id schema,
/* Write the encryption schema OID
*/
- result = schema_to_oid(schema, &str_oid);
+ result = schema_to_oid (schema, &str_oid);
if (result < 0)
{
- gnutls_assert();
+ gnutls_assert ();
return result;
}
result =
- asn1_write_value (pkcs7_asn,
- "encryptedContentInfo.contentEncryptionAlgorithm.algorithm",
- str_oid, 1);
+ asn1_write_value (pkcs7_asn,
+ "encryptedContentInfo.contentEncryptionAlgorithm.algorithm",
+ str_oid, 1);
if (result != ASN1_SUCCESS)
{
diff --git a/lib/x509/verify.c b/lib/x509/verify.c
index 8120da6ca7..2f8bc5c100 100644
--- a/lib/x509/verify.c
+++ b/lib/x509/verify.c
@@ -55,7 +55,9 @@ static int _gnutls_verify_crl2 (gnutls_x509_crl_t crl,
static int
check_if_same_cert (gnutls_x509_crt_t cert1, gnutls_x509_crt_t cert2)
{
- gnutls_datum_t cert1bin = { NULL, 0 }, cert2bin = { NULL, 0 };
+ gnutls_datum_t cert1bin = { NULL, 0 }, cert2bin =
+ {
+ NULL, 0};
int result;
result = _gnutls_x509_der_encode (cert1->cert, "", &cert1bin, 0);
@@ -78,7 +80,7 @@ check_if_same_cert (gnutls_x509_crt_t cert1, gnutls_x509_crt_t cert2)
else
result = 1;
- cleanup:
+cleanup:
_gnutls_free_datum (&cert1bin);
_gnutls_free_datum (&cert2bin);
return result;
@@ -427,7 +429,7 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t * certificate_list,
* MD2 algorithm.
*/
if (gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1],
- certificate_list[clist_size - 1]) > 0)
+ certificate_list[clist_size - 1]) > 0)
{
clist_size--;
}
@@ -502,7 +504,7 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t * certificate_list,
for (i = 0; i < clist_size; i++)
{
t = gnutls_x509_crt_get_activation_time (certificate_list[i]);
- if (t == (time_t) -1 || now < t)
+ if (t == (time_t) - 1 || now < t)
{
status |= GNUTLS_CERT_NOT_ACTIVATED;
status |= GNUTLS_CERT_INVALID;
@@ -510,7 +512,7 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t * certificate_list,
}
t = gnutls_x509_crt_get_expiration_time (certificate_list[i]);
- if (t == (time_t) -1 || now > t)
+ if (t == (time_t) - 1 || now > t)
{
status |= GNUTLS_CERT_EXPIRED;
status |= GNUTLS_CERT_INVALID;
@@ -670,27 +672,27 @@ _pkcs1_rsa_verify_sig (const gnutls_datum_t * text,
if (prehash && prehash->data && prehash->size == digest_size)
{
- cmp = prehash->data;
+ cmp = prehash->data;
}
else
{
- if (!text)
- {
- gnutls_assert ();
- return GNUTLS_E_INVALID_REQUEST;
- }
-
- ret = _gnutls_hash_init (&hd, hash);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- _gnutls_hash (&hd, text->data, text->size);
- _gnutls_hash_deinit (&hd, md);
-
- cmp = md;
+ if (!text)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INVALID_REQUEST;
+ }
+
+ ret = _gnutls_hash_init (&hd, hash);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
+
+ _gnutls_hash (&hd, text->data, text->size);
+ _gnutls_hash_deinit (&hd, md);
+
+ cmp = md;
}
if (memcmp (cmp, digest, digest_size) != 0)
@@ -717,22 +719,22 @@ dsa_verify_sig (const gnutls_datum_t * text,
if (hash && hash->data && hash->size == 20)
{
- digest = *hash;
+ digest = *hash;
}
else
{
- ret = _gnutls_hash_init (&hd, GNUTLS_MAC_SHA1);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- _gnutls_hash (&hd, text->data, text->size);
- _gnutls_hash_deinit (&hd, _digest);
-
- digest.data = _digest;
- digest.size = 20;
+ ret = _gnutls_hash_init (&hd, GNUTLS_MAC_SHA1);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
+ }
+
+ _gnutls_hash (&hd, text->data, text->size);
+ _gnutls_hash_deinit (&hd, _digest);
+
+ digest.data = _digest;
+ digest.size = 20;
}
ret = _gnutls_dsa_verify (&digest, signature, params, params_len);
@@ -783,7 +785,7 @@ verify_sig (const gnutls_datum_t * tbs,
}
int
-_gnutls_x509_verify_algorithm (gnutls_mac_algorithm_t *hash,
+_gnutls_x509_verify_algorithm (gnutls_mac_algorithm_t * hash,
const gnutls_datum_t * signature,
const gnutls_x509_crt_t issuer)
{
@@ -797,16 +799,19 @@ _gnutls_x509_verify_algorithm (gnutls_mac_algorithm_t *hash,
switch (gnutls_x509_crt_get_pk_algorithm (issuer, NULL))
{
case GNUTLS_PK_DSA:
- if (hash) *hash = GNUTLS_MAC_SHA1;
+ if (hash)
+ *hash = GNUTLS_MAC_SHA1;
return 0;
case GNUTLS_PK_RSA:
issuer_params_size = MAX_PUBLIC_PARAMS_SIZE;
- ret = _gnutls_x509_crt_get_mpis (issuer, issuer_params, &issuer_params_size);
+ ret =
+ _gnutls_x509_crt_get_mpis (issuer, issuer_params,
+ &issuer_params_size);
if (ret < 0)
{
- gnutls_assert ();
- return ret;
+ gnutls_assert ();
+ return ret;
}
ret =
@@ -815,30 +820,31 @@ _gnutls_x509_verify_algorithm (gnutls_mac_algorithm_t *hash,
/* release allocated mpis */
for (i = 0; i < issuer_params_size; i++)
- {
- _gnutls_mpi_release (&issuer_params[i]);
- }
+ {
+ _gnutls_mpi_release (&issuer_params[i]);
+ }
if (ret < 0)
{
- gnutls_assert ();
- return ret;
+ gnutls_assert ();
+ return ret;
}
digest_size = sizeof (digest);
if ((ret =
- decode_ber_digest_info (&decrypted, hash, digest, &digest_size)) != 0)
+ decode_ber_digest_info (&decrypted, hash, digest,
+ &digest_size)) != 0)
{
- gnutls_assert ();
- _gnutls_free_datum (&decrypted);
- return ret;
+ gnutls_assert ();
+ _gnutls_free_datum (&decrypted);
+ return ret;
}
_gnutls_free_datum (&decrypted);
if (digest_size != _gnutls_hash_get_algo_len (*hash))
{
- gnutls_assert ();
- return GNUTLS_E_ASN1_GENERIC_ERROR;
+ gnutls_assert ();
+ return GNUTLS_E_ASN1_GENERIC_ERROR;
}
return 0;
@@ -1188,7 +1194,8 @@ _gnutls_verify_crl2 (gnutls_x509_crl_t crl,
}
ret =
- _gnutls_x509_verify_signature (&crl_signed_data, NULL, &crl_signature, issuer);
+ _gnutls_x509_verify_signature (&crl_signed_data, NULL, &crl_signature,
+ issuer);
if (ret < 0)
{
gnutls_assert ();
diff --git a/lib/x509/x509_write.c b/lib/x509/x509_write.c
index a57ccc287f..c5b7b13ca5 100644
--- a/lib/x509/x509_write.c
+++ b/lib/x509/x509_write.c
@@ -556,8 +556,8 @@ gnutls_x509_crt_set_key_usage (gnutls_x509_crt_t crt, unsigned int usage)
**/
int
gnutls_x509_crt_set_subject_alternative_name (gnutls_x509_crt_t crt,
- gnutls_x509_subject_alt_name_t type,
- const char *data_string)
+ gnutls_x509_subject_alt_name_t
+ type, const char *data_string)
{
if (crt == NULL)
{
@@ -1189,8 +1189,7 @@ gnutls_x509_crt_set_authority_key_id (gnutls_x509_crt_t cert,
**/
int
gnutls_x509_crt_set_key_purpose_oid (gnutls_x509_crt_t cert,
- const void *oid,
- unsigned int critical)
+ const void *oid, unsigned int critical)
{
int result;
gnutls_datum_t old_id, der_data;
diff --git a/libextra/gl/md5.c b/libextra/gl/md5.c
index 0905367bdd..2eb66ed578 100644
--- a/libextra/gl/md5.c
+++ b/libextra/gl/md5.c
@@ -63,7 +63,7 @@
/* This array contains the bytes used to pad the buffer to the next
64-byte boundary. (RFC 1321, 3.1: Step 1) */
-static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
+static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
/* Initialize structure containing state of computation.
@@ -129,13 +129,13 @@ md5_finish_ctx (struct md5_ctx *ctx, void *resbuf)
return md5_read_ctx (ctx, resbuf);
}
-#if 0 /* Not needed by GnuTLS, and it has a large stack frame. */
+#if 0 /* Not needed by GnuTLS, and it has a large stack frame. */
/* Compute MD5 message digest for bytes read from STREAM. The
resulting message digest number will be written into the 16 bytes
beginning at RESBLOCK. */
int
-md5_stream (FILE *stream, void *resblock)
+md5_stream (FILE * stream, void *resblock)
{
struct md5_ctx ctx;
size_t sum;
diff --git a/libextra/gnutls_openssl.c b/libextra/gnutls_openssl.c
index b079088f39..38ae5a86cf 100644
--- a/libextra/gnutls_openssl.c
+++ b/libextra/gnutls_openssl.c
@@ -849,7 +849,7 @@ SSL_CIPHER_description (SSL_CIPHER * cipher, char *buf, int size)
{
if (local_alloc)
free (tmpbuf);
- return (char*) "Buffer too small";
+ return (char *) "Buffer too small";
}
return tmpbuf;
diff --git a/src/certtool-cfg.c b/src/certtool-cfg.c
index c76c34bbe6..42674a8d8d 100644
--- a/src/certtool-cfg.c
+++ b/src/certtool-cfg.c
@@ -72,7 +72,7 @@ typedef struct _cfg_ctx
int code_sign_key;
int ocsp_sign_key;
int time_stamping_key;
- char** key_purpose_oids;
+ char **key_purpose_oids;
int crl_next_update;
int crl_number;
int crq_extensions;
@@ -198,7 +198,8 @@ read_crt_set (gnutls_x509_crt_t crt, const char *input_str, const char *oid)
int ret;
fputs (input_str, stderr);
- if (fgets (input, sizeof (input), stdin)==NULL) return;
+ if (fgets (input, sizeof (input), stdin) == NULL)
+ return;
if (strlen (input) == 1) /* only newline */
return;
@@ -219,7 +220,8 @@ read_crq_set (gnutls_x509_crq_t crq, const char *input_str, const char *oid)
int ret;
fputs (input_str, stderr);
- if (fgets (input, sizeof (input), stdin)==NULL) return;
+ if (fgets (input, sizeof (input), stdin) == NULL)
+ return;
if (strlen (input) == 1) /* only newline */
return;
@@ -302,7 +304,8 @@ read_yesno (const char *input_str)
char input[128];
fputs (input_str, stderr);
- if (fgets (input, sizeof (input), stdin)==NULL) return 0;
+ if (fgets (input, sizeof (input), stdin) == NULL)
+ return 0;
if (strlen (input) == 1) /* only newline */
return 0;
@@ -597,13 +600,16 @@ get_key_purpose_set (gnutls_x509_crt_t crt)
{
if (!cfg.key_purpose_oids)
return;
- for (i = 0; cfg.key_purpose_oids[i] != NULL; i ++)
+ for (i = 0; cfg.key_purpose_oids[i] != NULL; i++)
{
- ret = gnutls_x509_crt_set_key_purpose_oid (crt, cfg.key_purpose_oids[i], 0);
+ ret =
+ gnutls_x509_crt_set_key_purpose_oid (crt, cfg.key_purpose_oids[i],
+ 0);
if (ret < 0)
{
- fprintf (stderr, "set_key_purpose_oid (%s): %s\n", cfg.key_purpose_oids[i], gnutls_strerror (ret));
+ fprintf (stderr, "set_key_purpose_oid (%s): %s\n",
+ cfg.key_purpose_oids[i], gnutls_strerror (ret));
exit (1);
}
}
@@ -986,7 +992,8 @@ get_dns_name_set (int type, void *crt)
do
{
- p = read_str ("Enter a dnsName of the subject of the certificate: ");
+ p =
+ read_str ("Enter a dnsName of the subject of the certificate: ");
if (!p)
return;
diff --git a/src/cli.c b/src/cli.c
index a37490fbf9..2aa2da4197 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -372,41 +372,45 @@ cert_callback (gnutls_session_t session,
{
gnutls_sign_algorithm_t cert_algo, req_algo;
int i, match = 0;
-
+
if (x509_crt[0] != NULL)
- {
- ret = gnutls_x509_crt_get_signature_algorithm(x509_crt[0]);
- if (ret < 0)
- {
- /* error reading signature algorithm */
- return -1;
- }
- cert_algo = ret;
-
- i=0;
- do {
- ret = gnutls_sign_algorithm_get_requested(session, i, &req_algo);
- if (ret >= 0 && cert_algo == req_algo)
- {
- match = 1;
- break;
- }
-
- /* server has not requested anything specific */
- if (i==0 && ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
- {
- match = 1;
- break;
- }
- i++;
- } while(ret >= 0);
-
- if (match == 0)
- {
- printf("- Could not find a suitable certificate to send to server\n");
- return -1;
- }
- }
+ {
+ ret = gnutls_x509_crt_get_signature_algorithm (x509_crt[0]);
+ if (ret < 0)
+ {
+ /* error reading signature algorithm */
+ return -1;
+ }
+ cert_algo = ret;
+
+ i = 0;
+ do
+ {
+ ret =
+ gnutls_sign_algorithm_get_requested (session, i, &req_algo);
+ if (ret >= 0 && cert_algo == req_algo)
+ {
+ match = 1;
+ break;
+ }
+
+ /* server has not requested anything specific */
+ if (i == 0 && ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+ {
+ match = 1;
+ break;
+ }
+ i++;
+ }
+ while (ret >= 0);
+
+ if (match == 0)
+ {
+ printf
+ ("- Could not find a suitable certificate to send to server\n");
+ return -1;
+ }
+ }
if (x509_crt != NULL && x509_key != NULL)
{
diff --git a/src/common.c b/src/common.c
index 1e726e6e6f..55a28d8525 100644
--- a/src/common.c
+++ b/src/common.c
@@ -152,8 +152,7 @@ print_x509_info (gnutls_session_t session, const char *hostname, int insecure)
}
else if (hostname_ok == 2)
{
- printf ("- The hostname in the certificate matches '%s'.\n",
- hostname);
+ printf ("- The hostname in the certificate matches '%s'.\n", hostname);
}
}
@@ -188,7 +187,8 @@ print_openpgp_info (gnutls_session_t session, const char *hostname,
if (verbose)
ret = gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_FULL, &cinfo);
else
- ret = gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_ONELINE, &cinfo);
+ ret =
+ gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_ONELINE, &cinfo);
if (ret == 0)
{
printf (" - %s\n", cinfo.data);
@@ -235,8 +235,7 @@ print_openpgp_info (gnutls_session_t session, const char *hostname,
}
else if (hostname_ok == 2)
{
- printf ("- The hostname in the certificate matches '%s'.\n",
- hostname);
+ printf ("- The hostname in the certificate matches '%s'.\n", hostname);
}
}
@@ -273,7 +272,8 @@ print_cert_vrfy (gnutls_session_t session)
if (status & GNUTLS_CERT_INSECURE_ALGORITHM)
printf ("- Peer's certificate chain uses insecure algorithm\n");
if (status & GNUTLS_CERT_NOT_ACTIVATED)
- printf ("- Peer's certificate chain uses not yet valid certificate\n");
+ printf
+ ("- Peer's certificate chain uses not yet valid certificate\n");
if (status & GNUTLS_CERT_EXPIRED)
printf ("- Peer's certificate chain uses expired certificate\n");
if (status & GNUTLS_CERT_INVALID)
diff --git a/src/crypt.c b/src/crypt.c
index a9b71d280a..623052b43c 100644
--- a/src/crypt.c
+++ b/src/crypt.c
@@ -419,9 +419,9 @@ main (int argc, char **argv)
}
if (info.passwd == NULL)
- info.passwd = (char*) KPASSWD;
+ info.passwd = (char *) KPASSWD;
if (info.passwd_conf == NULL)
- info.passwd_conf = (char*) KPASSWD_CONF;
+ info.passwd_conf = (char *) KPASSWD_CONF;
if (info.username == NULL)
{
@@ -710,7 +710,7 @@ read_conf_values (gnutls_datum_t * g, gnutls_datum_t * n, char *str)
return index;
}
-extern void srptool_version(void);
+extern void srptool_version (void);
void
srptool_version (void)
diff --git a/src/psk.c b/src/psk.c
index 7de5ea5e21..63363f6a1c 100644
--- a/src/psk.c
+++ b/src/psk.c
@@ -92,7 +92,7 @@ main (int argc, char **argv)
}
if (info.passwd == NULL)
- info.passwd = (char*) KPASSWD;
+ info.passwd = (char *) KPASSWD;
if (info.username == NULL)
{
diff --git a/src/serv.c b/src/serv.c
index aaeda8edcd..a8eb8fa513 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -1169,10 +1169,10 @@ main (int argc, char **argv)
ctt = ctime (&tt);
ctt[strlen (ctt) - 1] = 0;
- printf("\n* Accepted connection from %s on %s\n",
- human_addr ((struct sockaddr *)
- &client_address, calen, topbuf,
- sizeof (topbuf)), ctt);
+ printf ("\n* Accepted connection from %s on %s\n",
+ human_addr ((struct sockaddr *)
+ &client_address, calen, topbuf,
+ sizeof (topbuf)), ctt);
}
}
}
@@ -1476,7 +1476,7 @@ gaa_parser (int argc, char **argv)
parse_comp (info.comp, info.ncomp, comp_priority);
}
-extern void serv_version(void);
+extern void serv_version (void);
void
serv_version (void)
diff --git a/tests/anonself.c b/tests/anonself.c
index b454aa4861..21bd6df147 100644
--- a/tests/anonself.c
+++ b/tests/anonself.c
@@ -178,7 +178,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -216,7 +216,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/chainverify.c b/tests/chainverify.c
index 13d47103b7..0407d14156 100644
--- a/tests/chainverify.c
+++ b/tests/chainverify.c
@@ -37,7 +37,7 @@
current time. This should work fine on systems where the library
call to time is resolved at run-time. */
time_t
-time (time_t *t)
+time (time_t * t)
{
time_t then = 1256803113;
@@ -779,16 +779,16 @@ main (int argc, char *argv[])
gnutls_datum_t tmp;
size_t j;
- printf ("Chain '%s' (%d)...\n", chains[i].name, (int)i);
+ printf ("Chain '%s' (%d)...\n", chains[i].name, (int) i);
for (j = 0; chains[i].chain[j]; j++)
{
- printf ("\tAdding certificate %d...", (int)j);
+ printf ("\tAdding certificate %d...", (int) j);
ret = gnutls_x509_crt_init (&certs[j]);
if (ret < 0)
- error (EXIT_FAILURE, 0, "gnutls_x509_crt_init[%d,%d]: %s", (int)i, (int)j,
- gnutls_strerror (ret));
+ error (EXIT_FAILURE, 0, "gnutls_x509_crt_init[%d,%d]: %s",
+ (int) i, (int) j, gnutls_strerror (ret));
tmp.data = (char *) chains[i].chain[j];
tmp.size = strlen (chains[i].chain[j]);
@@ -796,11 +796,11 @@ main (int argc, char *argv[])
ret = gnutls_x509_crt_import (certs[j], &tmp, GNUTLS_X509_FMT_PEM);
printf ("done\n");
if (ret < 0)
- error (EXIT_FAILURE, 0, "gnutls_x509_crt_import[%d,%d]: %s", (int)i, (int)j,
- gnutls_strerror (ret));
+ error (EXIT_FAILURE, 0, "gnutls_x509_crt_import[%d,%d]: %s",
+ (int) i, (int) j, gnutls_strerror (ret));
gnutls_x509_crt_print (certs[j], GNUTLS_CRT_PRINT_ONELINE, &tmp);
- printf ("\tCertificate %d: %.*s\n", (int)j, tmp.size, tmp.data);
+ printf ("\tCertificate %d: %.*s\n", (int) j, tmp.size, tmp.data);
gnutls_free (tmp.data);
}
diff --git a/tests/crq_apis.c b/tests/crq_apis.c
index ee5da504df..63742b228a 100644
--- a/tests/crq_apis.c
+++ b/tests/crq_apis.c
@@ -56,7 +56,8 @@ static unsigned char key_pem[] =
"-----END RSA PRIVATE KEY-----\n";
const gnutls_datum_t key = { key_pem, sizeof (key_pem) };
-void doit (void)
+void
+doit (void)
{
gnutls_x509_privkey_t pkey;
gnutls_x509_crt_t crt;
@@ -169,7 +170,8 @@ void doit (void)
fail ("gnutls_x509_crq_get_key_purpose_oid %d\n", ret);
s = 0;
- ret = gnutls_x509_crq_set_key_purpose_oid (crq, GNUTLS_KP_TLS_WWW_SERVER, 0);
+ ret =
+ gnutls_x509_crq_set_key_purpose_oid (crq, GNUTLS_KP_TLS_WWW_SERVER, 0);
if (ret != 0)
fail ("gnutls_x509_crq_set_key_purpose_oid %d\n", ret);
@@ -179,7 +181,8 @@ void doit (void)
fail ("gnutls_x509_crq_get_key_purpose_oid %d\n", ret);
s = 0;
- ret = gnutls_x509_crq_set_key_purpose_oid (crq, GNUTLS_KP_TLS_WWW_CLIENT, 1);
+ ret =
+ gnutls_x509_crq_set_key_purpose_oid (crq, GNUTLS_KP_TLS_WWW_CLIENT, 1);
if (ret != 0)
fail ("gnutls_x509_crq_set_key_purpose_oid2 %d\n", ret);
diff --git a/tests/cve-2008-4989.c b/tests/cve-2008-4989.c
index 65a9de3277..fd4fb85fe7 100644
--- a/tests/cve-2008-4989.c
+++ b/tests/cve-2008-4989.c
@@ -38,112 +38,109 @@
static const char *pem_certs[] = {
"-----BEGIN CERTIFICATE-----\n"
- "MIIB6zCCAVQCCQCgwnB/k0WZrDANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJE\n"
- "RTEXMBUGA1UEChMOR05VIFRMUyBBdHRhY2sxFTATBgNVBAMTDGludGVybWVkaWF0\n"
- "ZTAeFw0wODExMDMxMjA1MDRaFw0wODEyMDMxMjA1MDRaMDcxCzAJBgNVBAYTAkRF\n"
- "MRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazEPMA0GA1UEAxMGc2VydmVyMIGfMA0G\n"
- "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDKdL9g5ErMLOLRCjiomZlNLhy0moWGaKIW\n"
- "aX6vyUIfh8d6FcArHoKoqhmX7ckvod50sOYPojQesDpl7gVaQNA6Ntr1VCcuNPef\n"
- "UKWtEwL0Qu9JbPnUoIYd7mAaqVQgFp6W6yzV/dp63LH4XSdzBMhpZ/EU6vZoE8Sv\n"
- "VLdqj5r6jwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAH4QRR7sZEbjW00tXYk/3O/Z\n"
- "96AxJNg0F78W5B68gaJrLJ7DTE2RTglscuEq1+2Jyb4AIziwXpYqxgwcP91QpH97\n"
- "XfwdXIcyjYvVLHiKmkQj2zJTY7MeyiEQQ2it8VstZG2fYmi2EiMZIEnyJ2JJ7bA7\n"
- "bF7pG7Cg3oEHUM0H5KUU\n"
- "-----END CERTIFICATE-----\n",
+ "MIIB6zCCAVQCCQCgwnB/k0WZrDANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJE\n"
+ "RTEXMBUGA1UEChMOR05VIFRMUyBBdHRhY2sxFTATBgNVBAMTDGludGVybWVkaWF0\n"
+ "ZTAeFw0wODExMDMxMjA1MDRaFw0wODEyMDMxMjA1MDRaMDcxCzAJBgNVBAYTAkRF\n"
+ "MRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazEPMA0GA1UEAxMGc2VydmVyMIGfMA0G\n"
+ "CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDKdL9g5ErMLOLRCjiomZlNLhy0moWGaKIW\n"
+ "aX6vyUIfh8d6FcArHoKoqhmX7ckvod50sOYPojQesDpl7gVaQNA6Ntr1VCcuNPef\n"
+ "UKWtEwL0Qu9JbPnUoIYd7mAaqVQgFp6W6yzV/dp63LH4XSdzBMhpZ/EU6vZoE8Sv\n"
+ "VLdqj5r6jwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAH4QRR7sZEbjW00tXYk/3O/Z\n"
+ "96AxJNg0F78W5B68gaJrLJ7DTE2RTglscuEq1+2Jyb4AIziwXpYqxgwcP91QpH97\n"
+ "XfwdXIcyjYvVLHiKmkQj2zJTY7MeyiEQQ2it8VstZG2fYmi2EiMZIEnyJ2JJ7bA7\n"
+ "bF7pG7Cg3oEHUM0H5KUU\n" "-----END CERTIFICATE-----\n",
"-----BEGIN CERTIFICATE-----\n"
- "MIICADCCAWmgAwIBAgIJAIZ4nkHQAqTFMA0GCSqGSIb3DQEBBQUAMDUxCzAJBgNV\n"
- "BAYTAkRFMRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazENMAsGA1UEAxMEcm9vdDAe\n"
- "Fw0wODExMDMxMjA0NDVaFw0wODEyMDMxMjA0NDVaMD0xCzAJBgNVBAYTAkRFMRcw\n"
- "FQYDVQQKEw5HTlUgVExTIEF0dGFjazEVMBMGA1UEAxMMaW50ZXJtZWRpYXRlMIGf\n"
- "MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDvBpW8sAhIuUmNvcBE6wv/q7MtM1Z9\n"
- "2I1SDL8eJ8I2nPg6BlCX+OIqNruynj8J7uPEQ04ZLwLxNXoyZa8057YFyrKLOvoj\n"
- "5IfBtidsLWYv6PO3qqHJXVvwGdS7PKMuUlsjucCRyXVgQ07ODF7piqoVFi9KD99w\n"
- "AU5+9plGrZNP/wIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA\n"
- "A4GBAGPg+M+8MsB6zHN2o+jAtyqovrTTwmzVWEgfEH/aHC9+imGZRQ5lFNc2vdny\n"
- "AgaJ9/izO5S6Ibb5zUowN2WhoUJOVipuQa2m9AviOgheoU7tmANC9ylm/pRkKy/0\n"
- "n5UVzlKxDhRp/xBb7MWOw3KEQjiAf2Z3wCLcCPUqcJUdJC4v\n"
- "-----END CERTIFICATE-----\n",
+ "MIICADCCAWmgAwIBAgIJAIZ4nkHQAqTFMA0GCSqGSIb3DQEBBQUAMDUxCzAJBgNV\n"
+ "BAYTAkRFMRcwFQYDVQQKEw5HTlUgVExTIEF0dGFjazENMAsGA1UEAxMEcm9vdDAe\n"
+ "Fw0wODExMDMxMjA0NDVaFw0wODEyMDMxMjA0NDVaMD0xCzAJBgNVBAYTAkRFMRcw\n"
+ "FQYDVQQKEw5HTlUgVExTIEF0dGFjazEVMBMGA1UEAxMMaW50ZXJtZWRpYXRlMIGf\n"
+ "MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDvBpW8sAhIuUmNvcBE6wv/q7MtM1Z9\n"
+ "2I1SDL8eJ8I2nPg6BlCX+OIqNruynj8J7uPEQ04ZLwLxNXoyZa8057YFyrKLOvoj\n"
+ "5IfBtidsLWYv6PO3qqHJXVvwGdS7PKMuUlsjucCRyXVgQ07ODF7piqoVFi9KD99w\n"
+ "AU5+9plGrZNP/wIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA\n"
+ "A4GBAGPg+M+8MsB6zHN2o+jAtyqovrTTwmzVWEgfEH/aHC9+imGZRQ5lFNc2vdny\n"
+ "AgaJ9/izO5S6Ibb5zUowN2WhoUJOVipuQa2m9AviOgheoU7tmANC9ylm/pRkKy/0\n"
+ "n5UVzlKxDhRp/xBb7MWOw3KEQjiAf2Z3wCLcCPUqcJUdJC4v\n"
+ "-----END CERTIFICATE-----\n",
"-----BEGIN CERTIFICATE-----\n"
- "MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUF\n"
- "ADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG\n"
- "A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UE\n"
- "CxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl\n"
- "IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYx\n"
- "MTE3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTAT\n"
- "BgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT\n"
- "ZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJ\n"
- "bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0\n"
- "ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
- "AoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQ\n"
- "LZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29\n"
- "dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk6KHYcWUNo1F7\n"
- "7rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/KaAcd\n"
- "HJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR3\n"
- "2HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA\n"
- "MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7\n"
- "W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7OR\n"
- "tvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE\n"
- "uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQ\n"
- "aEfZYGDm/Ac9IiAXxPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqd\n"
- "E8hhuvU5HIe6uL17In/2/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+\n"
- "MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+\n"
- "fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA==\n"
- "-----END CERTIFICATE-----\n"
+ "MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUF\n"
+ "ADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG\n"
+ "A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UE\n"
+ "CxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl\n"
+ "IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYx\n"
+ "MTE3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTAT\n"
+ "BgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT\n"
+ "ZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJ\n"
+ "bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0\n"
+ "ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
+ "AoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQ\n"
+ "LZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29\n"
+ "dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk6KHYcWUNo1F7\n"
+ "7rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/KaAcd\n"
+ "HJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR3\n"
+ "2HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA\n"
+ "MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7\n"
+ "W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7OR\n"
+ "tvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE\n"
+ "uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQ\n"
+ "aEfZYGDm/Ac9IiAXxPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqd\n"
+ "E8hhuvU5HIe6uL17In/2/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+\n"
+ "MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+\n"
+ "fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA==\n" "-----END CERTIFICATE-----\n"
};
static const char *pem_ca = {
"-----BEGIN CERTIFICATE-----\n"
- "MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUF\n"
- "ADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG\n"
- "A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UE\n"
- "CxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl\n"
- "IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYx\n"
- "MTE3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTAT\n"
- "BgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT\n"
- "ZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJ\n"
- "bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0\n"
- "ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
- "AoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQ\n"
- "LZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29\n"
- "dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk6KHYcWUNo1F7\n"
- "7rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/KaAcd\n"
- "HJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR3\n"
- "2HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA\n"
- "MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7\n"
- "W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7OR\n"
- "tvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE\n"
- "uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQ\n"
- "aEfZYGDm/Ac9IiAXxPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqd\n"
- "E8hhuvU5HIe6uL17In/2/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+\n"
- "MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+\n"
- "fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA==\n"
- "-----END CERTIFICATE-----\n"
+ "MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUF\n"
+ "ADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG\n"
+ "A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UE\n"
+ "CxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl\n"
+ "IG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYx\n"
+ "MTE3MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTAT\n"
+ "BgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT\n"
+ "ZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJ\n"
+ "bmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0\n"
+ "ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
+ "AoIBAQCsoPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQ\n"
+ "LZU0HObrTQmnHNK4yZc2AreJ1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29\n"
+ "dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGcq/gcfomk6KHYcWUNo1F7\n"
+ "7rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/KaAcd\n"
+ "HJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR3\n"
+ "2HuHUETVPm4pafs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBA\n"
+ "MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7\n"
+ "W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUFAAOCAQEAeRHAS7OR\n"
+ "tvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE\n"
+ "uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQ\n"
+ "aEfZYGDm/Ac9IiAXxPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqd\n"
+ "E8hhuvU5HIe6uL17In/2/qxAeeWsEG89jxt5dovEN7MhGITlNgDrYyCZuen+\n"
+ "MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVHz7z9M/P2C2F+\n"
+ "fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA==\n" "-----END CERTIFICATE-----\n"
};
#define CHAIN_LENGTH (sizeof (pem_certs) / sizeof (pem_certs[0]))
static const char *pem_self_cert = {
"-----BEGIN CERTIFICATE-----\n"
- "MIIDgjCCAmygAwIBAgIBADALBgkqhkiG9w0BAQUwSzELMAkGA1UEBhMCQlIxFDAS\n"
- "BgNVBAoTC01pbmFzIExpdnJlMSYwJAYDVQQDEx1UaGFkZXUgTGltYSBkZSBTb3V6\n"
- "YSBDYXNjYXJkbzAeFw0wODA1MzAxOTUzNDNaFw0wODExMjYxOTUzNDNaMEsxCzAJ\n"
- "BgNVBAYTAkJSMRQwEgYDVQQKEwtNaW5hcyBMaXZyZTEmMCQGA1UEAxMdVGhhZGV1\n"
- "IExpbWEgZGUgU291emEgQ2FzY2FyZG8wggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIB\n"
- "CQKCAQC4D934O6wrXJbMyu1w8gu6nN0aNUDGqrX9UgaB/4xVuYhPlhjH0z9Dqic9\n"
- "0pEZmyNCjQmzDSg/hnlY3fBG0i9Iel2oYn1UB4SdcJ2qGkLS87y2ZbMTS1oyMR7/\n"
- "y9l3WGEWqwgjIvOjGstcZo0rCIF8Qr21QGX22KWg2HXlMaZyA9bGtJ+L+x6f2hoo\n"
- "yIPCA30VMvIgHjOSPQJF3iJFE4Uxq1PQ65W91NyI6/bRKFOmFdCUJW8tqqvntYP8\n"
- "hEE08wGlKimFNv7CqZuRI8QuOnhZ7pBXkyvQpW8yHrORlOHxSjkNQKjddt92TCJb\n"
- "1q6eKv2CtCuDLgCuIy0Onr4U9n+hAgMBAAGjeDB2MA8GA1UdEwEB/wQFMAMBAf8w\n"
- "HgYDVR0RBBcwFYITbWFpbC5taW5hc2xpdnJlLm9yZzATBgNVHSUEDDAKBggrBgEF\n"
- "BQcDATAPBgNVHQ8BAf8EBQMDB6QAMB0GA1UdDgQWBBQ/5v42y0jBHUKEfqpPmr5a\n"
- "WsjCGjALBgkqhkiG9w0BAQUDggEBAC/WfO2yK3vM9bG0qFEj8sd0cWiapMhf5PtH\n"
- "jigcPb/OKqSFQVXpAdNiUclPRP79Ih3CuWiXfZ/CW0+k2Z8tyy6AnEQItWvoVh/b\n"
- "8lS7Ph/f9JUYHp2DtgsQWcNQbrUZOPFBu8J4MD6cDWG5Uxwl3YASg30ZdmMDNT8B\n"
- "HshYz0HUOAhYwVSI3J/f7LFhD5OpjSroHgE7wA9UJrerAp9f7e3e9D7kNQ8DlvLP\n"
- "kz6Jh+5M/xD3JO1yl+evaCp3LA+z4M2xiNvtzkAEgj3t6RaJ81Sh5XGiooDYZ14R\n"
- "DgEBYLTUfBYBPzoaahPEdG/f0kUjUBJ34fkBUSjJKURPTHJfDfA=\n"
- "-----END CERTIFICATE-----\n"
+ "MIIDgjCCAmygAwIBAgIBADALBgkqhkiG9w0BAQUwSzELMAkGA1UEBhMCQlIxFDAS\n"
+ "BgNVBAoTC01pbmFzIExpdnJlMSYwJAYDVQQDEx1UaGFkZXUgTGltYSBkZSBTb3V6\n"
+ "YSBDYXNjYXJkbzAeFw0wODA1MzAxOTUzNDNaFw0wODExMjYxOTUzNDNaMEsxCzAJ\n"
+ "BgNVBAYTAkJSMRQwEgYDVQQKEwtNaW5hcyBMaXZyZTEmMCQGA1UEAxMdVGhhZGV1\n"
+ "IExpbWEgZGUgU291emEgQ2FzY2FyZG8wggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIB\n"
+ "CQKCAQC4D934O6wrXJbMyu1w8gu6nN0aNUDGqrX9UgaB/4xVuYhPlhjH0z9Dqic9\n"
+ "0pEZmyNCjQmzDSg/hnlY3fBG0i9Iel2oYn1UB4SdcJ2qGkLS87y2ZbMTS1oyMR7/\n"
+ "y9l3WGEWqwgjIvOjGstcZo0rCIF8Qr21QGX22KWg2HXlMaZyA9bGtJ+L+x6f2hoo\n"
+ "yIPCA30VMvIgHjOSPQJF3iJFE4Uxq1PQ65W91NyI6/bRKFOmFdCUJW8tqqvntYP8\n"
+ "hEE08wGlKimFNv7CqZuRI8QuOnhZ7pBXkyvQpW8yHrORlOHxSjkNQKjddt92TCJb\n"
+ "1q6eKv2CtCuDLgCuIy0Onr4U9n+hAgMBAAGjeDB2MA8GA1UdEwEB/wQFMAMBAf8w\n"
+ "HgYDVR0RBBcwFYITbWFpbC5taW5hc2xpdnJlLm9yZzATBgNVHSUEDDAKBggrBgEF\n"
+ "BQcDATAPBgNVHQ8BAf8EBQMDB6QAMB0GA1UdDgQWBBQ/5v42y0jBHUKEfqpPmr5a\n"
+ "WsjCGjALBgkqhkiG9w0BAQUDggEBAC/WfO2yK3vM9bG0qFEj8sd0cWiapMhf5PtH\n"
+ "jigcPb/OKqSFQVXpAdNiUclPRP79Ih3CuWiXfZ/CW0+k2Z8tyy6AnEQItWvoVh/b\n"
+ "8lS7Ph/f9JUYHp2DtgsQWcNQbrUZOPFBu8J4MD6cDWG5Uxwl3YASg30ZdmMDNT8B\n"
+ "HshYz0HUOAhYwVSI3J/f7LFhD5OpjSroHgE7wA9UJrerAp9f7e3e9D7kNQ8DlvLP\n"
+ "kz6Jh+5M/xD3JO1yl+evaCp3LA+z4M2xiNvtzkAEgj3t6RaJ81Sh5XGiooDYZ14R\n"
+ "DgEBYLTUfBYBPzoaahPEdG/f0kUjUBJ34fkBUSjJKURPTHJfDfA=\n"
+ "-----END CERTIFICATE-----\n"
};
int
@@ -171,7 +168,7 @@ main (int argc, char *argv[])
error (EXIT_FAILURE, 0, "gnutls_x509_crt_init[%d]: %s", i,
gnutls_strerror (ret));
- tmp.data = (char*) pem_certs[i];
+ tmp.data = (char *) pem_certs[i];
tmp.size = strlen (pem_certs[i]);
ret = gnutls_x509_crt_import (certs[i], &tmp, GNUTLS_X509_FMT_PEM);
@@ -182,9 +179,10 @@ main (int argc, char *argv[])
ret = gnutls_x509_crt_init (&ca);
if (ret < 0)
- error (EXIT_FAILURE, 0, "gnutls_x509_crt_init: %s", gnutls_strerror (ret));
+ error (EXIT_FAILURE, 0, "gnutls_x509_crt_init: %s",
+ gnutls_strerror (ret));
- tmp.data = (char*) pem_ca;
+ tmp.data = (char *) pem_ca;
tmp.size = strlen (pem_ca);
ret = gnutls_x509_crt_import (ca, &tmp, GNUTLS_X509_FMT_PEM);
@@ -213,9 +211,10 @@ main (int argc, char *argv[])
ret = gnutls_x509_crt_init (&self_cert);
if (ret < 0)
- error (EXIT_FAILURE, 0, "gnutls_x509_crt_init: %s", gnutls_strerror (ret));
+ error (EXIT_FAILURE, 0, "gnutls_x509_crt_init: %s",
+ gnutls_strerror (ret));
- tmp.data = (char*) pem_self_cert;
+ tmp.data = (char *) pem_self_cert;
tmp.size = strlen (pem_self_cert);
ret = gnutls_x509_crt_import (self_cert, &tmp, GNUTLS_X509_FMT_PEM);
diff --git a/tests/cve-2009-1415.c b/tests/cve-2009-1415.c
index fe89aa4cfb..b74a5a29b4 100644
--- a/tests/cve-2009-1415.c
+++ b/tests/cve-2009-1415.c
@@ -67,8 +67,7 @@ static char dsa_cert[] =
"HPutkm7mBqRWLKLhwFMnyPKVMAsGCSqGSIb3DQEBBQOBgQBCsrnfD1xzh8/Eih1f\n"
"x+M0lPoX1Re5L2ElHI6DJpHYOBPwf9glwxnet2+avzgUQDUFwUSxOhodpyeaACXD\n"
"o0gGVpcH8sOBTQ+aTdM37hGkPxoXjtIkR/LgG5nP2H2JRd5TkW8l13JdM4MJFB4W\n"
- "QcDzQ8REwidsfh9uKAluk1c/KQ==\n"
- "-----END CERTIFICATE-----\n";
+ "QcDzQ8REwidsfh9uKAluk1c/KQ==\n" "-----END CERTIFICATE-----\n";
const gnutls_datum_t dsa_cert_dat = {
dsa_cert, sizeof (dsa_cert)
diff --git a/tests/dhepskself.c b/tests/dhepskself.c
index 406668d40d..ce9f58e577 100644
--- a/tests/dhepskself.c
+++ b/tests/dhepskself.c
@@ -60,7 +60,7 @@ client (void)
gnutls_session_t session;
char buffer[MAX_BUF + 1];
gnutls_psk_client_credentials_t pskcred;
- const gnutls_datum_t key = { (char*) "DEADBEEF", 8 };
+ const gnutls_datum_t key = { (char *) "DEADBEEF", 8 };
gnutls_global_init ();
@@ -167,7 +167,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -220,7 +220,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/dn2.c b/tests/dn2.c
index 4df3f71b34..5ea4fb9e11 100644
--- a/tests/dn2.c
+++ b/tests/dn2.c
@@ -61,10 +61,10 @@ static char pem[] =
"96B6WWBo9mzgwSM1d8LDhrarZ7uQhm+kBAMyEXhmDnCPWhvExvxJzjEmOlxjThyP\n"
"2yvIgfLyDfplRe+jUbsY7YNe08eEyoLRq1jwPuRWTaEx2gA7C6pq45747/HkJrtF\n"
"ya3ULM/AJv6Nj6pobxzQ5rEkUGEwKavu7GMjLrSMnHrbVCiQrn1v6c7B9nSPA31L\n"
- "/do1TDFI0vSl5+M=\n"
- "-----END CERTIFICATE-----\n";
+ "/do1TDFI0vSl5+M=\n" "-----END CERTIFICATE-----\n";
-static const char *info = "subject `1.3.6.1.4.1.311.60.2.1.3=#13024445,1.3.6.1.4.1.311.60.2.1.1=#14084d75656e6368656e,2.5.4.15=#131256312e302c20436c6175736520352e286229,serialNumber=HRB 144261,C=DE,2.5.4.17=#14053830383037,ST=Bavaria,L=Muenchen,STREET=Frankfurter Ring 129,O=GMX GmbH,CN=www.gmx.de', issuer `C=US,O=VeriSign\\, Inc.,OU=VeriSign Trust Network,OU=Terms of use at https://www.verisign.com/rpa (c)06,CN=VeriSign Class 3 Extended Validation SSL SGC CA', RSA key 1024 bits, signed using RSA-SHA1, activated `2008-11-13 00:00:00 UTC', expires `2009-11-13 23:59:59 UTC', SHA-1 fingerprint `7ece297c45d5b17685224b4e929a30e91a9553cb'";
+static const char *info =
+ "subject `1.3.6.1.4.1.311.60.2.1.3=#13024445,1.3.6.1.4.1.311.60.2.1.1=#14084d75656e6368656e,2.5.4.15=#131256312e302c20436c6175736520352e286229,serialNumber=HRB 144261,C=DE,2.5.4.17=#14053830383037,ST=Bavaria,L=Muenchen,STREET=Frankfurter Ring 129,O=GMX GmbH,CN=www.gmx.de', issuer `C=US,O=VeriSign\\, Inc.,OU=VeriSign Trust Network,OU=Terms of use at https://www.verisign.com/rpa (c)06,CN=VeriSign Class 3 Extended Validation SSL SGC CA', RSA key 1024 bits, signed using RSA-SHA1, activated `2008-11-13 00:00:00 UTC', expires `2009-11-13 23:59:59 UTC', SHA-1 fingerprint `7ece297c45d5b17685224b4e929a30e91a9553cb'";
void
doit (void)
@@ -94,9 +94,7 @@ doit (void)
success ("comparison ok\n");
else
fail ("comparison fail (%d/%d)\nexpect: %s\n got: %.*s\n",
- out.size, strlen (info),
- info,
- out.size, out.data);
+ out.size, strlen (info), info, out.size, out.data);
gnutls_x509_crt_deinit (cert);
gnutls_global_deinit ();
diff --git a/tests/finished.c b/tests/finished.c
index 5a5810ff4b..f482ef8d83 100644
--- a/tests/finished.c
+++ b/tests/finished.c
@@ -155,7 +155,7 @@ doit (void)
{
/* Server stuff. */
gnutls_anon_server_credentials_t s_anoncred;
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
static gnutls_dh_params_t dh_params;
gnutls_session_t server;
int sret = GNUTLS_E_AGAIN;
diff --git a/tests/hostname-check.c b/tests/hostname-check.c
index 45257ebf40..22ce874f00 100644
--- a/tests/hostname-check.c
+++ b/tests/hostname-check.c
@@ -549,8 +549,7 @@ char pem9[] =
"A1UdDgQWBBRMuQqb+h00437ey9IHFf6h2stokTALBgkqhkiG9w0BAQUDgYEAoh/S\n"
"kF/JHG+SHcULrLAXI8VnRpRvD2J9Zkwo/7cQc2CuDqJHgoO7iQ3xFl75WzVLzu5e\n"
"0K21i8w3s6xNG1jCTxx/xqw9JRhnN/AnEZssILZ4JCGmd0TnGuX2v0WEMoFnr42W\n"
- "Jvc5MWtjxRWd4KCaHpYSy62Fy6fUhqzY9emkKyA=\n"
- "-----END CERTIFICATE-----\n";
+ "Jvc5MWtjxRWd4KCaHpYSy62Fy6fUhqzY9emkKyA=\n" "-----END CERTIFICATE-----\n";
/* Certificate with SAN and CN that match iff you truncate the SAN to
the embedded NUL.
@@ -634,8 +633,7 @@ char pem10[] =
"ODUiNAMP1F2rHHIVsdmJVhAS+30NGBKpCjjck89p/3WGnuNr65JsVRbVZYvXnF5L\n"
"gsiSbIvmGKL4jGWqtusj7cuZ2/yLjh16Ocn1e39Ye+0BbDxA7OOpX8Q9y4EXA20t\n"
"170AX8R58vurxg6iAYuhQnPelik+v9fZUafUmAd/8PTNAKHhrGwFrKuTG7BcLBOt\n"
- "/yfcgJk0Zr3jMVTVtj/O1AijUihhXr0=\n"
- "-----END CERTIFICATE-----\n";
+ "/yfcgJk0Zr3jMVTVtj/O1AijUihhXr0=\n" "-----END CERTIFICATE-----\n";
#ifdef ENABLE_OPENPGP
/* Check basic OpenPGP comparison too.
@@ -668,8 +666,7 @@ char pem11[] =
"03G+ynCHf5pBAXHhfCNhA0lMv5h3eJECNElcCh0sYGmo19jOzbnlRSGKRqrflOtO\n"
"YwhQXK9y/ohJBBgRAgAJBQJFyJ51AhsMAAoJEK5frT5dHRTYDDgAn2bLaS5n3Xy8\n"
"Z/V2Me1st/9pqPfZAJ4+9YBnyjCq/0vosIoZabi+s92m7g==\n"
- "=NkXV\n"
- "-----END PGP PUBLIC KEY BLOCK-----\n";
+ "=NkXV\n" "-----END PGP PUBLIC KEY BLOCK-----\n";
#endif
void
diff --git a/tests/mini-eagain.c b/tests/mini-eagain.c
index d46180cd32..9cc3c5a301 100644
--- a/tests/mini-eagain.c
+++ b/tests/mini-eagain.c
@@ -56,7 +56,7 @@ client_pull (gnutls_transport_ptr_t tr, void *data, size_t len)
unsigned char rnd;
gcry_create_nonce (&rnd, 1);
- if (handshake == 0 && rnd % 2 == 0)
+ if (handshake == 0 && rnd % 2 == 0)
{
gnutls_transport_set_global_errno (EAGAIN);
return -1;
@@ -105,7 +105,7 @@ server_pull (gnutls_transport_ptr_t tr, void *data, size_t len)
unsigned char rnd;
gcry_create_nonce (&rnd, 1);
- if (handshake == 0 && rnd % 2 == 0)
+ if (handshake == 0 && rnd % 2 == 0)
{
gnutls_transport_set_global_errno (EAGAIN);
return -1;
@@ -134,7 +134,7 @@ server_push (gnutls_transport_ptr_t tr, const void *data, size_t len)
//success ("server_push len %d has %d\n", len, to_client_len);
gcry_create_nonce (&rnd, 1);
- if (handshake == 0 && rnd % 2 == 0)
+ if (handshake == 0 && rnd % 2 == 0)
{
gnutls_transport_set_global_errno (EAGAIN);
return -1;
@@ -164,7 +164,7 @@ doit (void)
{
/* Server stuff. */
gnutls_anon_server_credentials_t s_anoncred;
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
static gnutls_dh_params_t dh_params;
gnutls_session_t server;
int sret = GNUTLS_E_AGAIN;
@@ -230,46 +230,48 @@ doit (void)
ns = gnutls_record_send (client, MSG, strlen (MSG));
//success ("client: sent %d\n", ns);
- do
+ do
{
//success("transferred: %d\n", transferred);
ret = gnutls_record_recv (server, buffer, MAX_BUF);
if (ret == 0)
- fail ("server: didn't receive any data\n");
- else if (ret < 0)
- {
- if (ret != GNUTLS_E_AGAIN) {
- fail ("server: error: %s\n", gnutls_strerror (ret));
- break;
- }
- }
+ fail ("server: didn't receive any data\n");
+ else if (ret < 0)
+ {
+ if (ret != GNUTLS_E_AGAIN)
+ {
+ fail ("server: error: %s\n", gnutls_strerror (ret));
+ break;
+ }
+ }
else
- {
- transferred+=ret;
- fputs ("*", stdout);
- }
-
- ns = gnutls_record_send (server, MSG, strlen (MSG));
- //success ("server: sent %d\n", ns);
-
- ret = gnutls_record_recv (client, buffer, MAX_BUF);
- if (ret == 0)
- {
- fail ("client: Peer has closed the TLS connection\n");
- }
- else if (ret < 0)
- {
- if (ret != GNUTLS_E_AGAIN) {
- fail ("client: Error: %s\n", gnutls_strerror (ret));
- break;
- }
- }
- else
- {
- transferred+=ret;
- fputs (".", stdout);
- }
+ {
+ transferred += ret;
+ fputs ("*", stdout);
+ }
+
+ ns = gnutls_record_send (server, MSG, strlen (MSG));
+ //success ("server: sent %d\n", ns);
+
+ ret = gnutls_record_recv (client, buffer, MAX_BUF);
+ if (ret == 0)
+ {
+ fail ("client: Peer has closed the TLS connection\n");
+ }
+ else if (ret < 0)
+ {
+ if (ret != GNUTLS_E_AGAIN)
+ {
+ fail ("client: Error: %s\n", gnutls_strerror (ret));
+ break;
+ }
+ }
+ else
+ {
+ transferred += ret;
+ fputs (".", stdout);
+ }
}
while (transferred < 7000);
fputs ("\n", stdout);
diff --git a/tests/mini.c b/tests/mini.c
index b64401db62..21a426ee7e 100644
--- a/tests/mini.c
+++ b/tests/mini.c
@@ -137,7 +137,7 @@ doit (void)
{
/* Server stuff. */
gnutls_anon_server_credentials_t s_anoncred;
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
static gnutls_dh_params_t dh_params;
gnutls_session_t server;
int sret = GNUTLS_E_AGAIN;
diff --git a/tests/nul-in-x509-names.c b/tests/nul-in-x509-names.c
index f79dea0fff..0ad9626a5e 100644
--- a/tests/nul-in-x509-names.c
+++ b/tests/nul-in-x509-names.c
@@ -54,8 +54,7 @@ static char badguy_nul_cn_data[] =
"8/pc7vh7C8Y5tQQzXq64Xg5mzKjAag3sYMHF2TnqvRuPHH0WOLHoyDcBqkuZ3+QP\n"
"EL5h7prPzScFRgBg2Gp0CDI8i5ABagczDGyQ2+r7ahcadrtzFCfhpH7V3TCxXfIO\n"
"qtSy1Uz2T5EqB/Q3wc9IGcX+fpKWqN9QajGSo7EU/kHMSWKYTerFugUtScMicu9B\n"
- "CQ==\n"
- "-----END CERTIFICATE-----\n";
+ "CQ==\n" "-----END CERTIFICATE-----\n";
const gnutls_datum_t badguy_nul_cn = {
badguy_nul_cn_data, sizeof (badguy_nul_cn_data)
@@ -120,11 +119,11 @@ main (void)
ret = gnutls_x509_crt_check_hostname (crt, "www.bank.com");
if (ret == 0)
{
- puts("gnutls_x509_crt_check_hostname OK (NUL-IN-CN)");
+ puts ("gnutls_x509_crt_check_hostname OK (NUL-IN-CN)");
}
else
{
- puts("gnutls_x509_crt_check_hostname BROKEN (NUL-IN-CN)");
+ puts ("gnutls_x509_crt_check_hostname BROKEN (NUL-IN-CN)");
exit_code = 1;
}
@@ -138,11 +137,11 @@ main (void)
ret = gnutls_x509_crt_check_hostname (crt, "www.bank.com");
if (ret == 0)
{
- puts("gnutls_x509_crt_check_hostname OK (NUL-IN-SAN)");
+ puts ("gnutls_x509_crt_check_hostname OK (NUL-IN-SAN)");
}
else
{
- puts("gnutls_x509_crt_check_hostname BROKEN (NUL-IN-SAN)");
+ puts ("gnutls_x509_crt_check_hostname BROKEN (NUL-IN-SAN)");
exit_code = 1;
}
diff --git a/tests/openpgpself.c b/tests/openpgpself.c
index 2b07ae31f7..958388ac6d 100644
--- a/tests/openpgpself.c
+++ b/tests/openpgpself.c
@@ -239,7 +239,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -352,7 +352,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/oprfi.c b/tests/oprfi.c
index 46089cefcb..8f128ef6fd 100644
--- a/tests/oprfi.c
+++ b/tests/oprfi.c
@@ -292,7 +292,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/pkcs12_encode.c b/tests/pkcs12_encode.c
index ff72f43053..28e24aaf27 100644
--- a/tests/pkcs12_encode.c
+++ b/tests/pkcs12_encode.c
@@ -45,8 +45,7 @@ static char client_pem[] =
"+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n"
"jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n"
"U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n"
- "dc8Siq5JojruiMizAf0pA7in\n"
- "-----END CERTIFICATE-----\n";
+ "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n";
const gnutls_datum_t client_dat = { client_pem, sizeof (client_pem) };
static char ca_pem[] =
@@ -61,8 +60,7 @@ static char ca_pem[] =
"Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\n"
"njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\n"
"KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\n"
- "PfqUpIhz5Bbm7J4=\n"
- "-----END CERTIFICATE-----\n";
+ "PfqUpIhz5Bbm7J4=\n" "-----END CERTIFICATE-----\n";
const gnutls_datum_t ca_dat = { ca_pem, sizeof (ca_pem) };
int
diff --git a/tests/pkcs12_s2k.c b/tests/pkcs12_s2k.c
index 58c58ee299..e8b6dfcb29 100644
--- a/tests/pkcs12_s2k.c
+++ b/tests/pkcs12_s2k.c
@@ -75,27 +75,36 @@ static struct
size_t iter;
size_t keylen;
const char *key;
-} tv[] = {
- { 1, "smeg", "\x0A\x58\xCF\x64\x53\x0D\x82\x3F", 1, 24,
- "8aaae6297b6cb04642ab5b077851284eb7128f1a2a7fbca3" },
- { 2, "smeg", "\x0A\x58\xCF\x64\x53\x0D\x82\x3F", 1, 8,
- "79993dfe048d3b76" },
- { 1, "smeg", "\x64\x2B\x99\xAB\x44\xFB\x4B\x1F", 1, 24,
- "f3a95fec48d7711e985cfe67908c5ab79fa3d7c5caa5d966" },
- { 2, "smeg", "\x64\x2B\x99\xAB\x44\xFB\x4B\x1F", 1, 8,
- "c0a38d64a79bea1d" },
- { 3, "smeg", "\x3D\x83\xC0\xE4\x54\x6A\xC1\x40", 1, 20,
- "8d967d88f6caa9d714800ab3d48051d63f73a312" },
- { 1, "queeg", "\x05\xDE\xC9\x59\xAC\xFF\x72\xF7", 1000, 24,
- "ed2034e36328830ff09df1e1a07dd357185dac0d4f9eb3d4" },
- { 2, "queeg", "\x05\xDE\xC9\x59\xAC\xFF\x72\xF7", 1000, 8,
- "11dedad7758d4860" },
- { 1, "queeg", "\x16\x82\xC0\xFC\x5B\x3F\x7E\xC5", 1000, 24,
- "483dd6e919d7de2e8e648ba8f862f3fbfbdc2bcb2c02957f" },
- { 2, "queeg", "\x16\x82\xC0\xFC\x5B\x3F\x7E\xC5", 1000, 8,
- "9d461d1b00355c50" },
- { 3, "queeg", "\x26\x32\x16\xFC\xC2\xFA\xB3\x1C", 1000, 20,
- "5ec4c7a80df652294c3925b6489a7ab857c83476" }
+} tv[] =
+{
+ {
+ 1, "smeg", "\x0A\x58\xCF\x64\x53\x0D\x82\x3F", 1, 24,
+ "8aaae6297b6cb04642ab5b077851284eb7128f1a2a7fbca3"},
+ {
+ 2, "smeg", "\x0A\x58\xCF\x64\x53\x0D\x82\x3F", 1, 8, "79993dfe048d3b76"},
+ {
+ 1, "smeg", "\x64\x2B\x99\xAB\x44\xFB\x4B\x1F", 1, 24,
+ "f3a95fec48d7711e985cfe67908c5ab79fa3d7c5caa5d966"},
+ {
+ 2, "smeg", "\x64\x2B\x99\xAB\x44\xFB\x4B\x1F", 1, 8, "c0a38d64a79bea1d"},
+ {
+ 3, "smeg", "\x3D\x83\xC0\xE4\x54\x6A\xC1\x40", 1, 20,
+ "8d967d88f6caa9d714800ab3d48051d63f73a312"},
+ {
+ 1, "queeg", "\x05\xDE\xC9\x59\xAC\xFF\x72\xF7", 1000, 24,
+ "ed2034e36328830ff09df1e1a07dd357185dac0d4f9eb3d4"},
+ {
+ 2, "queeg", "\x05\xDE\xC9\x59\xAC\xFF\x72\xF7", 1000, 8,
+ "11dedad7758d4860"},
+ {
+ 1, "queeg", "\x16\x82\xC0\xFC\x5B\x3F\x7E\xC5", 1000, 24,
+ "483dd6e919d7de2e8e648ba8f862f3fbfbdc2bcb2c02957f"},
+ {
+ 2, "queeg", "\x16\x82\xC0\xFC\x5B\x3F\x7E\xC5", 1000, 8,
+ "9d461d1b00355c50"},
+ {
+ 3, "queeg", "\x26\x32\x16\xFC\xC2\xFA\xB3\x1C", 1000, 20,
+ "5ec4c7a80df652294c3925b6489a7ab857c83476"}
};
void
@@ -123,8 +132,7 @@ doit (void)
fail ("_gnutls_pkcs12_string_to_key failed[0]: %d\n", rc);
if (strcmp (_gnutls_bin2hex (key, sizeof (key),
- tmp, sizeof (tmp)),
- values[x]) != 0)
+ tmp, sizeof (tmp)), values[x]) != 0)
fail ("_gnutls_pkcs12_string_to_key failed[1]\n");
printf ("ij: %d.%d: %s\n", i, j,
diff --git a/tests/pkcs12_s2k_pem.c b/tests/pkcs12_s2k_pem.c
index 71fe4bf4c8..7298e19685 100644
--- a/tests/pkcs12_s2k_pem.c
+++ b/tests/pkcs12_s2k_pem.c
@@ -234,17 +234,28 @@ static struct
const char *password;
const char *pkcs12key;
int expected_result;
-} keys[] = {
- { "x_9607", "123456", X_9607, 0 },
- { "x_9671", "123456", X_9671, 0 },
- { "x_9925", "123456", X_9925, 0 },
- { "x_9926", "123456", X_9926, 0 },
- { "x_9927", "123456", X_9927, 0 },
- { "x_9928", "123456", X_9928, 0 },
- { "x_9929", "123456", X_9929, 0 },
- { "x_9930", "123456", X_9930, 0 },
- { "x_9931", "123456", X_9931, 0 },
- { "x_9932", "123456", X_9932, 0 }
+} keys[] =
+{
+ {
+ "x_9607", "123456", X_9607, 0},
+ {
+ "x_9671", "123456", X_9671, 0},
+ {
+ "x_9925", "123456", X_9925, 0},
+ {
+ "x_9926", "123456", X_9926, 0},
+ {
+ "x_9927", "123456", X_9927, 0},
+ {
+ "x_9928", "123456", X_9928, 0},
+ {
+ "x_9929", "123456", X_9929, 0},
+ {
+ "x_9930", "123456", X_9930, 0},
+ {
+ "x_9931", "123456", X_9931, 0},
+ {
+ "x_9932", "123456", X_9932, 0}
};
int
@@ -265,7 +276,7 @@ main (void)
if (ret < 0)
return 1;
- tmp.data = (char*) keys[i].pkcs12key;
+ tmp.data = (char *) keys[i].pkcs12key;
tmp.size = strlen (tmp.data);
ret = gnutls_x509_privkey_import_pkcs8 (key, &tmp,
diff --git a/tests/pskself.c b/tests/pskself.c
index d3e42f473f..6c74763c2b 100644
--- a/tests/pskself.c
+++ b/tests/pskself.c
@@ -56,7 +56,7 @@ client (void)
gnutls_psk_client_credentials_t pskcred;
/* Need to enable anonymous KX specifically. */
const int kx_prio[] = { GNUTLS_KX_PSK, 0 };
- const gnutls_datum_t key = { (char*) "DEADBEEF", 8 };
+ const gnutls_datum_t key = { (char *) "DEADBEEF", 8 };
gnutls_global_init ();
@@ -206,7 +206,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/resume.c b/tests/resume.c
index 5cc3eda330..c52c1d6bed 100644
--- a/tests/resume.c
+++ b/tests/resume.c
@@ -58,16 +58,15 @@ struct params_res
int expect_resume;
};
-struct params_res resume_tests[] =
- {
- {"try to resume from db", 50, 0, 0, 1},
+struct params_res resume_tests[] = {
+ {"try to resume from db", 50, 0, 0, 1},
#ifdef ENABLE_SESSION_TICKET
- {"try to resume from session ticket", 0, 1, 1, 1},
- {"try to resume from session ticket (server only)", 0, 1, 0, 0},
- {"try to resume from session ticket (client only)", 0, 0, 1, 0},
+ {"try to resume from session ticket", 0, 1, 1, 1},
+ {"try to resume from session ticket (server only)", 0, 1, 0, 0},
+ {"try to resume from session ticket (client only)", 0, 0, 1, 0},
#endif
- {NULL, -1}
- };
+ {NULL, -1}
+};
/* A very basic TLS client, with anonymous authentication.
*/
@@ -256,7 +255,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -294,7 +293,8 @@ global_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/tlsia.c b/tests/tlsia.c
index fff10a8595..cc1dbce345 100644
--- a/tests/tlsia.c
+++ b/tests/tlsia.c
@@ -262,7 +262,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -378,7 +378,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/x509_altname.c b/tests/x509_altname.c
index ef99bae377..c9f00dc623 100644
--- a/tests/x509_altname.c
+++ b/tests/x509_altname.c
@@ -30,35 +30,34 @@
#include "utils.h"
static char pem[] =
-"-----BEGIN CERTIFICATE-----\n"
-"MIIE6zCCA9OgAwIBAgIBdjANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJTRTEf\n"
-"MB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEgMB4GA1UEAxMXU3RvY2to\n"
-"b2xtIFVuaXZlcnNpdHkgQ0EwHhcNMDYwMzIyMDkxNTI4WhcNMDcwMzIyMDkxNTI4\n"
-"WjBDMQswCQYDVQQGEwJTRTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRl\n"
-"dDETMBEGA1UEAxMKc2lwMS5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC\n"
-"gYEArUzXTD36ZK7CwZJH/faUNTcdaqM7JyiZsfrO703d7cT/bJ3wKxT8trOOh/Ou\n"
-"WwgGFX2+r7ykun3aIUXUuD13Yle/yHqH/4g9vWX7UeFCBlSI0tAxnlqt0QqlPgSd\n"
-"GLHcoO4PPyjon9jj0A/zpJGZHiRUCooo63YqE9MYfr5HBfkCAwEAAaOCAl8wggJb\n"
-"MAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD\n"
-"VR0OBBYEFDpcXNHMLJ7fc/c72BtZseq4MDXFMH8GA1UdIwR4MHaAFJ4uMLo32VFE\n"
-"yZ2/GCHxvX7utYZIoVukWTBXMQswCQYDVQQGEwJTRTEYMBYGA1UEChMPVW1lYSBV\n"
-"bml2ZXJzaXR5MRMwEQYDVQQLEwpTd1VQS0ktUENBMRkwFwYDVQQDExBTd1VQS0kg\n"
-"UG9saWN5IENBggEQMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9jYS5zdS5zZS8y\n"
-"MDA1LTEvY3JsLXYyLmNybDB5BgNVHSAEcjBwMG4GCCqFcCsCAQEBMGIwHwYIKwYB\n"
-"BQUHAgEWE2h0dHA6Ly9jYS5zdS5zZS9DUFMwPwYIKwYBBQUHAgIwMxoxTGltaXRl\n"
-"ZCBMaWFiaWxpdHksIHNlZSBodHRwOi8vd3d3LnN3dXBraS5zdS5zZS9DUDAkBgNV\n"
-"HRIEHTAbgQhjYUBzdS5zZYYPaHR0cDovL2NhLnN1LnNlMIG3BgNVHREEga8wgayC\n"
-"F2luY29taW5ncHJveHkuc2lwLnN1LnNlghhpbmNvbWluZ3Byb3h5MS5zaXAuc3Uu\n"
-"c2WCF291dGdvaW5ncHJveHkuc2lwLnN1LnNlghhvdXRnb2luZ3Byb3h5MS5zaXAu\n"
-"c3Uuc2WCDW91dC5zaXAuc3Uuc2WCE2FwcHNlcnZlci5zaXAuc3Uuc2WCFGFwcHNl\n"
-"cnZlcjEuc2lwLnN1LnNlggpzaXAxLnN1LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAR\n"
-"FYg7ytcph0E7WmvM44AN/8qru7tRX6aSFWrjLyVr/1Wk4prCK4y5JpfNw5dh9Z8f\n"
-"/gyFsr1iFsb6fS3nJTTd3fVlWRfcNCGIx5g8KuSb3u6f7VznkGOeiRMRESQc1G8B\n"
-"eh0zbdZS7BYO2g9EKlbGST5PwQnc4g9K7pqPyKSNVkzb60Nujg/+qYje7MCcN+ZR\n"
-"nUBo6U2NZ06/QEUFm+uUIhZ8IGM1gLehC7Q3G4+d4c38CDJxQnSPOgWiXuSvhhQm\n"
-"KDsbrKzRaeBRh5eEJbTkA8Dp0Emb0UrkRVhixeg97stxUcATAjdGljJ9MLnuHXnI\n"
-"7ihGdUfg5q/105vpsQpO\n"
-"-----END CERTIFICATE-----\n";
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIE6zCCA9OgAwIBAgIBdjANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJTRTEf\n"
+ "MB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEgMB4GA1UEAxMXU3RvY2to\n"
+ "b2xtIFVuaXZlcnNpdHkgQ0EwHhcNMDYwMzIyMDkxNTI4WhcNMDcwMzIyMDkxNTI4\n"
+ "WjBDMQswCQYDVQQGEwJTRTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRl\n"
+ "dDETMBEGA1UEAxMKc2lwMS5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC\n"
+ "gYEArUzXTD36ZK7CwZJH/faUNTcdaqM7JyiZsfrO703d7cT/bJ3wKxT8trOOh/Ou\n"
+ "WwgGFX2+r7ykun3aIUXUuD13Yle/yHqH/4g9vWX7UeFCBlSI0tAxnlqt0QqlPgSd\n"
+ "GLHcoO4PPyjon9jj0A/zpJGZHiRUCooo63YqE9MYfr5HBfkCAwEAAaOCAl8wggJb\n"
+ "MAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD\n"
+ "VR0OBBYEFDpcXNHMLJ7fc/c72BtZseq4MDXFMH8GA1UdIwR4MHaAFJ4uMLo32VFE\n"
+ "yZ2/GCHxvX7utYZIoVukWTBXMQswCQYDVQQGEwJTRTEYMBYGA1UEChMPVW1lYSBV\n"
+ "bml2ZXJzaXR5MRMwEQYDVQQLEwpTd1VQS0ktUENBMRkwFwYDVQQDExBTd1VQS0kg\n"
+ "UG9saWN5IENBggEQMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9jYS5zdS5zZS8y\n"
+ "MDA1LTEvY3JsLXYyLmNybDB5BgNVHSAEcjBwMG4GCCqFcCsCAQEBMGIwHwYIKwYB\n"
+ "BQUHAgEWE2h0dHA6Ly9jYS5zdS5zZS9DUFMwPwYIKwYBBQUHAgIwMxoxTGltaXRl\n"
+ "ZCBMaWFiaWxpdHksIHNlZSBodHRwOi8vd3d3LnN3dXBraS5zdS5zZS9DUDAkBgNV\n"
+ "HRIEHTAbgQhjYUBzdS5zZYYPaHR0cDovL2NhLnN1LnNlMIG3BgNVHREEga8wgayC\n"
+ "F2luY29taW5ncHJveHkuc2lwLnN1LnNlghhpbmNvbWluZ3Byb3h5MS5zaXAuc3Uu\n"
+ "c2WCF291dGdvaW5ncHJveHkuc2lwLnN1LnNlghhvdXRnb2luZ3Byb3h5MS5zaXAu\n"
+ "c3Uuc2WCDW91dC5zaXAuc3Uuc2WCE2FwcHNlcnZlci5zaXAuc3Uuc2WCFGFwcHNl\n"
+ "cnZlcjEuc2lwLnN1LnNlggpzaXAxLnN1LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAR\n"
+ "FYg7ytcph0E7WmvM44AN/8qru7tRX6aSFWrjLyVr/1Wk4prCK4y5JpfNw5dh9Z8f\n"
+ "/gyFsr1iFsb6fS3nJTTd3fVlWRfcNCGIx5g8KuSb3u6f7VznkGOeiRMRESQc1G8B\n"
+ "eh0zbdZS7BYO2g9EKlbGST5PwQnc4g9K7pqPyKSNVkzb60Nujg/+qYje7MCcN+ZR\n"
+ "nUBo6U2NZ06/QEUFm+uUIhZ8IGM1gLehC7Q3G4+d4c38CDJxQnSPOgWiXuSvhhQm\n"
+ "KDsbrKzRaeBRh5eEJbTkA8Dp0Emb0UrkRVhixeg97stxUcATAjdGljJ9MLnuHXnI\n"
+ "7ihGdUfg5q/105vpsQpO\n" "-----END CERTIFICATE-----\n";
#define MAX_DATA_SIZE 1024
@@ -69,7 +68,7 @@ doit (void)
gnutls_datum_t derCert = { pem, sizeof (pem) };
gnutls_x509_crt_t cert;
size_t data_len = MAX_DATA_SIZE;
- char data[ MAX_DATA_SIZE ];
+ char data[MAX_DATA_SIZE];
unsigned int critical = 0;
int alt_name_count = 0;
@@ -85,32 +84,43 @@ doit (void)
if (ret < 0)
fail ("crt_import %d\n", ret);
- for (alt_name_count = 0; ; ++alt_name_count) {
- ret = gnutls_x509_crt_get_issuer_alt_name (cert, alt_name_count, data, &data_len, &critical);
- if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
- break;
+ for (alt_name_count = 0;; ++alt_name_count)
+ {
+ ret =
+ gnutls_x509_crt_get_issuer_alt_name (cert, alt_name_count, data,
+ &data_len, &critical);
+ if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
+ break;
- if (ret < 0)
- fail ("get_issuer_alt_name: %d\n", ret);
+ if (ret < 0)
+ fail ("get_issuer_alt_name: %d\n", ret);
- // TODO: print out / check results
- if (GNUTLS_SAN_URI == ret) {
- if (strcmp( data, "http://ca.su.se" ) != 0) {
- fail("unexpected issuer GNUTLS_SAN_URI: %s\n", data);
- }
- } else if (GNUTLS_SAN_RFC822NAME == ret) {
- if (strcmp( data, "ca@su.se" ) != 0) {
- fail("unexpected issuer GNUTLS_SAN_RFC822NAME: %s\n", data);
- }
- } else {
- fail("unexpected alt name type: %d\n", ret);
+ // TODO: print out / check results
+ if (GNUTLS_SAN_URI == ret)
+ {
+ if (strcmp (data, "http://ca.su.se") != 0)
+ {
+ fail ("unexpected issuer GNUTLS_SAN_URI: %s\n", data);
+ }
+ }
+ else if (GNUTLS_SAN_RFC822NAME == ret)
+ {
+ if (strcmp (data, "ca@su.se") != 0)
+ {
+ fail ("unexpected issuer GNUTLS_SAN_RFC822NAME: %s\n", data);
+ }
+ }
+ else
+ {
+ fail ("unexpected alt name type: %d\n", ret);
+ }
+ data_len = MAX_DATA_SIZE;
}
- data_len = MAX_DATA_SIZE;
- }
- if (alt_name_count !=2) {
- fail("unexpected number of alt names: %i\n", alt_name_count);
- }
+ if (alt_name_count != 2)
+ {
+ fail ("unexpected number of alt names: %i\n", alt_name_count);
+ }
success ("done\n");
diff --git a/tests/x509dn.c b/tests/x509dn.c
index 57a517bb1c..f64f68f9fe 100644
--- a/tests/x509dn.c
+++ b/tests/x509dn.c
@@ -305,7 +305,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -385,7 +385,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
diff --git a/tests/x509self.c b/tests/x509self.c
index 14979a1ec0..fa2dbe86c9 100644
--- a/tests/x509self.c
+++ b/tests/x509self.c
@@ -167,15 +167,15 @@ client (void)
print_info (session);
ret = gnutls_record_send (session, MSG, strlen (MSG));
-
- if (ret == strlen(MSG))
+
+ if (ret == strlen (MSG))
{
success ("client: sent record.\n");
}
- else
+ else
{
fail ("client: failed to send record.\n");
- gnutls_perror(ret);
+ gnutls_perror (ret);
goto end;
}
@@ -187,16 +187,16 @@ client (void)
{
success ("client: doing handshake!\n");
ret = gnutls_handshake (session);
- if (ret == 0)
- {
- success ("client: handshake complete, reading again.\n");
- ret = gnutls_record_recv (session, buffer, MAX_BUF);
- }
+ if (ret == 0)
+ {
+ success ("client: handshake complete, reading again.\n");
+ ret = gnutls_record_recv (session, buffer, MAX_BUF);
+ }
else
- {
- fail ("client: handshake failed.\n");
- }
- }
+ {
+ fail ("client: handshake failed.\n");
+ }
+ }
if (ret == 0)
{
@@ -256,8 +256,8 @@ initialize_tls_session (void)
/* request client certificate if any.
Moved to later on to be able to test re-handshakes.
- gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST);
- */
+ gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST);
+ */
gnutls_dh_set_prime_bits (session, DH_BITS);
@@ -269,7 +269,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -349,7 +349,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)
@@ -438,27 +439,28 @@ server (void)
}
else if (ret > 0)
{
- gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST);
-
- success ("server: got data, forcing rehandshake.\n");
-
- ret = gnutls_rehandshake(session);
- if (ret < 0)
- {
- fail ("server: rehandshake failed\n");
- gnutls_perror(ret);
- break;
- }
-
- ret = gnutls_handshake(session);
- if (ret < 0)
- {
- fail ("server: (re)handshake failed\n");
- gnutls_perror(ret);
- break;
- }
-
- success ("server: rehandshake complete.\n");
+ gnutls_certificate_server_set_request (session,
+ GNUTLS_CERT_REQUEST);
+
+ success ("server: got data, forcing rehandshake.\n");
+
+ ret = gnutls_rehandshake (session);
+ if (ret < 0)
+ {
+ fail ("server: rehandshake failed\n");
+ gnutls_perror (ret);
+ break;
+ }
+
+ ret = gnutls_handshake (session);
+ if (ret < 0)
+ {
+ fail ("server: (re)handshake failed\n");
+ gnutls_perror (ret);
+ break;
+ }
+
+ success ("server: rehandshake complete.\n");
/* echo data back to the client
*/
diff --git a/tests/x509sign-verify.c b/tests/x509sign-verify.c
index 3b68a70401..532114f297 100644
--- a/tests/x509sign-verify.c
+++ b/tests/x509sign-verify.c
@@ -65,8 +65,7 @@ static char pem1_cert[] =
"+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n"
"jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n"
"U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n"
- "dc8Siq5JojruiMizAf0pA7in\n"
- "-----END CERTIFICATE-----\n";
+ "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n";
static char pem1_key[] =
"-----BEGIN RSA PRIVATE KEY-----\n"
@@ -105,8 +104,7 @@ static char pem2_cert[] =
"HPutkm7mBqRWLKLhwFMnyPKVMAsGCSqGSIb3DQEBBQOBgQBCsrnfD1xzh8/Eih1f\n"
"x+M0lPoX1Re5L2ElHI6DJpHYOBPwf9glwxnet2+avzgUQDUFwUSxOhodpyeaACXD\n"
"o0gGVpcH8sOBTQ+aTdM37hGkPxoXjtIkR/LgG5nP2H2JRd5TkW8l13JdM4MJFB4W\n"
- "QcDzQ8REwidsfh9uKAluk1c/KQ==\n"
- "-----END CERTIFICATE-----\n";
+ "QcDzQ8REwidsfh9uKAluk1c/KQ==\n" "-----END CERTIFICATE-----\n";
static char pem2_key[] =
"-----BEGIN DSA PRIVATE KEY-----\n"
@@ -119,17 +117,18 @@ static char pem2_key[] =
"jsY+OpcCgYAPiodX8tHC3KzfS4sPi7op9+ED5FX6spgH1v0SsYC89bq0UNR/oA5D\n"
"55/JeBFf5eQMLGtqpDXcvVTlYDaaMdGKWW5rHLq9LrrrfIfv2sjdoeukg+aLrfr6\n"
"jlvXN8gyPpbCPvRD2n2RAg+3vPjvj/dBAF6W3w8IltzqsukGgq/SLwIUS5/r/2ya\n"
- "AoNBXjeBjgCGMei2m8E=\n"
- "-----END DSA PRIVATE KEY-----\n";
+ "AoNBXjeBjgCGMei2m8E=\n" "-----END DSA PRIVATE KEY-----\n";
const gnutls_datum_t cert_dat[] = {
- { pem1_cert, sizeof (pem1_cert) },
- { pem2_cert, sizeof (pem2_cert) }
+ {pem1_cert, sizeof (pem1_cert)}
+ ,
+ {pem2_cert, sizeof (pem2_cert)}
};
const gnutls_datum_t key_dat[] = {
- { pem1_key, sizeof (pem1_key) },
- { pem2_key, sizeof (pem2_key) }
+ {pem1_key, sizeof (pem1_key)}
+ ,
+ {pem2_key, sizeof (pem2_key)}
};
void
@@ -154,7 +153,8 @@ doit (void)
if (ret < 0)
fail ("gnutls_x509_privkey_init\n");
- ret = gnutls_x509_privkey_import (key, &key_dat[i], GNUTLS_X509_FMT_PEM);
+ ret =
+ gnutls_x509_privkey_import (key, &key_dat[i], GNUTLS_X509_FMT_PEM);
if (ret < 0)
fail ("gnutls_x509_privkey_import\n");
@@ -174,7 +174,8 @@ doit (void)
signature.data = _signature;
signature.size = _signature_size;
- ret = gnutls_x509_crt_get_verify_algorithm (crt, &signature, &hash_algo);
+ ret =
+ gnutls_x509_crt_get_verify_algorithm (crt, &signature, &hash_algo);
if (ret < 0 || hash_algo != GNUTLS_DIG_SHA1)
fail ("gnutls_x509_crt_get_verify_algorithm\n");
diff --git a/tests/x509signself.c b/tests/x509signself.c
index b39439d58d..6f7c1a2332 100644
--- a/tests/x509signself.c
+++ b/tests/x509signself.c
@@ -271,7 +271,7 @@ static gnutls_dh_params_t dh_params;
static int
generate_dh_params (void)
{
- const gnutls_datum_t p3 = { (char*) pkcs3, strlen (pkcs3) };
+ const gnutls_datum_t p3 = { (char *) pkcs3, strlen (pkcs3) };
/* Generate Diffie-Hellman parameters - for use with DHE
* kx algorithms. These should be discarded and regenerated
* once a day, once a week or once a month. Depending on the
@@ -350,7 +350,8 @@ server_start (void)
sa_serv.sin_addr.s_addr = INADDR_ANY;
sa_serv.sin_port = htons (PORT); /* Server Port number */
- setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval, sizeof (int));
+ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, (void *) &optval,
+ sizeof (int));
err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv));
if (err == -1)