diff options
77 files changed, 1479 insertions, 1082 deletions
diff --git a/doc/examples/ex-client-tlsia.c b/doc/examples/ex-client-tlsia.c index 0e63b39669..b381cec295 100644 --- a/doc/examples/ex-client-tlsia.c +++ b/doc/examples/ex-client-tlsia.c @@ -30,7 +30,7 @@ client_avp (gnutls_session_t session, void *ptr, if (last) printf ("- received %d bytes AVP: `%.*s'\n", - (int)lastlen, (int) lastlen, last); + (int) lastlen, (int) lastlen, last); else printf ("- new application phase\n"); @@ -39,7 +39,7 @@ client_avp (gnutls_session_t session, void *ptr, return -1; *newlen = strlen (*new); - printf ("- sending %d bytes AVP: `%s'\n", (int)*newlen, *new); + printf ("- sending %d bytes AVP: `%s'\n", (int) *newlen, *new); gnutls_ia_permute_inner_secret (session, 3, "foo"); diff --git a/doc/examples/ex-verify.c b/doc/examples/ex-verify.c index 3daabede4d..871a6bc415 100644 --- a/doc/examples/ex-verify.c +++ b/doc/examples/ex-verify.c @@ -139,9 +139,9 @@ verify_cert2 (gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer, if (output & GNUTLS_CERT_SIGNER_NOT_CA) fprintf (stderr, ": issuer is not a CA"); if (output & GNUTLS_CERT_NOT_ACTIVATED) - fprintf (stderr, ": not yet activated\n"); + fprintf (stderr, ": not yet activated\n"); if (output & GNUTLS_CERT_EXPIRED) - fprintf (stderr, ": expired\n"); + fprintf (stderr, ": expired\n"); fprintf (stderr, "\n"); } @@ -196,9 +196,9 @@ verify_last_cert (gnutls_x509_crt_t crt, if (output & GNUTLS_CERT_SIGNER_NOT_CA) fprintf (stderr, ": Issuer is not a CA\n"); if (output & GNUTLS_CERT_NOT_ACTIVATED) - fprintf (stderr, ": Not yet activated\n"); + fprintf (stderr, ": Not yet activated\n"); if (output & GNUTLS_CERT_EXPIRED) - fprintf (stderr, ": Expired\n"); + fprintf (stderr, ": Expired\n"); fprintf (stderr, "\n"); } else diff --git a/doc/examples/ex-x509-info.c b/doc/examples/ex-x509-info.c index aaddb47913..bc2095d2e0 100644 --- a/doc/examples/ex-x509-info.c +++ b/doc/examples/ex-x509-info.c @@ -70,7 +70,7 @@ print_x509_certificate_info (gnutls_session_t session) printf ("Certificate info:\n"); /* This is the preferred way of printing short information about - a certificate. */ + a certificate. */ ret = gnutls_x509_crt_print (cert, GNUTLS_CRT_PRINT_ONELINE, &cinfo); if (ret == 0) @@ -80,7 +80,7 @@ print_x509_certificate_info (gnutls_session_t session) } /* If you want to extract fields manually for some other reason, - below are popular example calls. */ + below are popular example calls. */ expiration_time = gnutls_x509_crt_get_expiration_time (cert); activation_time = gnutls_x509_crt_get_activation_time (cert); diff --git a/lib/auth_cert.c b/lib/auth_cert.c index d8abec6132..58fa9d1e2b 100644 --- a/lib/auth_cert.c +++ b/lib/auth_cert.c @@ -1251,7 +1251,7 @@ _gnutls_proc_openpgp_server_certificate (gnutls_session_t session, gnutls_assert (); goto cleanup; } - + ret = 0; cleanup: @@ -1268,22 +1268,25 @@ int _gnutls_proc_cert_server_certificate (gnutls_session_t session, opaque * data, size_t data_size) { -int ret; -gnutls_certificate_credentials_t cred; + int ret; + gnutls_certificate_credentials_t cred; - cred = (gnutls_certificate_credentials_t) _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert(); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } + cred = + (gnutls_certificate_credentials_t) _gnutls_get_cred (session->key, + GNUTLS_CRD_CERTIFICATE, + NULL); + if (cred == NULL) + { + gnutls_assert (); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } switch (session->security_parameters.cert_type) { #ifdef ENABLE_OPENPGP case GNUTLS_CRT_OPENPGP: ret = _gnutls_proc_openpgp_server_certificate (session, - data, data_size); + data, data_size); break; #endif case GNUTLS_CRT_X509: @@ -1297,7 +1300,8 @@ gnutls_certificate_credentials_t cred; if (ret == 0 && cred->verify_callback != NULL) { ret = cred->verify_callback (session); - if (ret != 0) ret = GNUTLS_E_CERTIFICATE_ERROR; + if (ret != 0) + ret = GNUTLS_E_CERTIFICATE_ERROR; } return ret; diff --git a/lib/auth_rsa.c b/lib/auth_rsa.c index e9bbb135e0..0aedc61ac5 100644 --- a/lib/auth_rsa.c +++ b/lib/auth_rsa.c @@ -169,8 +169,8 @@ _gnutls_get_private_rsa_params (gnutls_session_t session, } bits = - _gnutls_mpi_get_nbits (session->internals.selected_cert_list[0]. - params[0]); + _gnutls_mpi_get_nbits (session->internals. + selected_cert_list[0].params[0]); if (_gnutls_cipher_suite_get_kx_algo (&session->security_parameters.current_cipher_suite) diff --git a/lib/ext_cert_type.c b/lib/ext_cert_type.c index b144dd51d8..e0cfc9f826 100644 --- a/lib/ext_cert_type.c +++ b/lib/ext_cert_type.c @@ -180,8 +180,8 @@ _gnutls_cert_type_send_params (gnutls_session_t session, opaque * data, for (i = 0; i < len; i++) { data[i + 1] = - _gnutls_cert_type2num (session->internals. - priorities.cert_type.priority[i]); + _gnutls_cert_type2num (session->internals.priorities. + cert_type.priority[i]); } return len + 1; } diff --git a/lib/ext_max_record.c b/lib/ext_max_record.c index 02d74458f4..1500470cb8 100644 --- a/lib/ext_max_record.c +++ b/lib/ext_max_record.c @@ -120,8 +120,8 @@ _gnutls_max_record_send_params (gnutls_session_t session, opaque * data, } data[0] = - (uint8_t) _gnutls_mre_record2num (session->internals. - proposed_record_size); + (uint8_t) _gnutls_mre_record2num (session-> + internals.proposed_record_size); return len; } diff --git a/lib/ext_oprfi.c b/lib/ext_oprfi.c index b0a5bf7453..77dd918506 100644 --- a/lib/ext_oprfi.c +++ b/lib/ext_oprfi.c @@ -180,8 +180,8 @@ oprfi_send_server (gnutls_session_t session, opaque * data, size_t _data_size) } DECR_LENGTH_RET (data_size, 2, GNUTLS_E_SHORT_MEMORY_BUFFER); - _gnutls_write_uint16 (session->security_parameters. - extensions.oprfi_server_len, p); + _gnutls_write_uint16 (session->security_parameters.extensions. + oprfi_server_len, p); p += 2; DECR_LENGTH_RET (data_size, diff --git a/lib/ext_safe_renegotiation.c b/lib/ext_safe_renegotiation.c index fe29f998a7..da1a4f61b2 100644 --- a/lib/ext_safe_renegotiation.c +++ b/lib/ext_safe_renegotiation.c @@ -28,13 +28,14 @@ int _gnutls_safe_renegotiation_recv_params (gnutls_session_t session, - const opaque * data, size_t _data_size) + const opaque * data, + size_t _data_size) { tls_ext_st *ext = &session->security_parameters.extensions; int len = data[0]; ssize_t data_size = _data_size; - DECR_LEN (data_size, len+1 /* count the first byte and payload */); + DECR_LEN (data_size, len + 1 /* count the first byte and payload */ ); /* It is not legal to receive this extension on a renegotiation and * not receive it on the initial negotiation. @@ -42,13 +43,13 @@ _gnutls_safe_renegotiation_recv_params (gnutls_session_t session, if (session->internals.initial_negotiation_completed != 0 && session->internals.connection_using_safe_renegotiation == 0) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; } if (len > sizeof (ext->ri_extension_data)) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; } @@ -80,7 +81,7 @@ _gnutls_safe_renegotiation_send_params (gnutls_session_t session, if (session->internals.priorities.disable_safe_renegotiation != 0) { - gnutls_assert(); + gnutls_assert (); return 0; } @@ -96,8 +97,8 @@ _gnutls_safe_renegotiation_send_params (gnutls_session_t session, DECR_LEN (data_size, ext->client_verify_data_len); if (ext->client_verify_data_len > 0) - memcpy(&data[1], ext->client_verify_data, - ext->client_verify_data_len); + memcpy (&data[1], ext->client_verify_data, + ext->client_verify_data_len); if (session->security_parameters.entity == GNUTLS_SERVER) { @@ -106,15 +107,14 @@ _gnutls_safe_renegotiation_send_params (gnutls_session_t session, DECR_LEN (data_size, ext->server_verify_data_len); if (ext->server_verify_data_len > 0) - memcpy(&data[1 + ext->client_verify_data_len], - ext->server_verify_data, - ext->server_verify_data_len); + memcpy (&data[1 + ext->client_verify_data_len], + ext->server_verify_data, ext->server_verify_data_len); } } else return 0; - return 1 + data[0]; /* don't forget the length byte */ + return 1 + data[0]; /* don't forget the length byte */ } /** @@ -151,7 +151,7 @@ gnutls_safe_negotiation_set_initial (gnutls_session_t session, int value) void gnutls_safe_renegotiation_set (gnutls_session_t session, int value) { - session->internals.priorities.unsafe_renegotiation = 1-value; + session->internals.priorities.unsafe_renegotiation = 1 - value; } /** diff --git a/lib/ext_server_name.c b/lib/ext_server_name.c index 62925e640a..4ed7aecf4b 100644 --- a/lib/ext_server_name.c +++ b/lib/ext_server_name.c @@ -118,12 +118,12 @@ _gnutls_server_name_recv_params (gnutls_session_t session, case 0: /* NAME_DNS */ if (len <= MAX_SERVER_NAME_SIZE) { - memcpy (session->security_parameters.extensions. - server_names[i].name, p, len); - session->security_parameters.extensions. - server_names[i].name_length = len; - session->security_parameters.extensions. - server_names[i].type = GNUTLS_NAME_DNS; + memcpy (session->security_parameters. + extensions.server_names[i].name, p, len); + session->security_parameters.extensions.server_names[i]. + name_length = len; + session->security_parameters.extensions.server_names[i]. + type = GNUTLS_NAME_DNS; break; } } @@ -164,8 +164,8 @@ _gnutls_server_name_send_params (gnutls_session_t session, /* count the total size */ len = - session->security_parameters.extensions.server_names[i]. - name_length; + session->security_parameters.extensions. + server_names[i].name_length; /* uint8_t + uint16_t + size */ @@ -184,14 +184,14 @@ _gnutls_server_name_send_params (gnutls_session_t session, i < session->security_parameters.extensions.server_names_size; i++) { - switch (session->security_parameters.extensions. - server_names[i].type) + switch (session->security_parameters.extensions.server_names[i]. + type) { case GNUTLS_NAME_DNS: len = - session->security_parameters.extensions. - server_names[i].name_length; + session->security_parameters.extensions.server_names[i]. + name_length; if (len == 0) break; @@ -209,8 +209,8 @@ _gnutls_server_name_send_params (gnutls_session_t session, p += 2; memcpy (p, - session->security_parameters.extensions. - server_names[i].name, len); + session->security_parameters.extensions.server_names[i]. + name, len); p += len; break; default: @@ -275,8 +275,8 @@ gnutls_server_name_get (gnutls_session_t session, void *data, session->security_parameters.extensions.server_names[indx].name_length) { *data_length = - session->security_parameters.extensions.server_names[indx]. - name_length; + session->security_parameters.extensions. + server_names[indx].name_length; memcpy (data, session->security_parameters.extensions.server_names[indx].name, *data_length); @@ -288,8 +288,8 @@ gnutls_server_name_get (gnutls_session_t session, void *data, else { *data_length = - session->security_parameters.extensions.server_names[indx]. - name_length; + session->security_parameters.extensions. + server_names[indx].name_length; return GNUTLS_E_SHORT_MEMORY_BUFFER; } @@ -340,8 +340,8 @@ gnutls_server_name_set (gnutls_session_t session, session->security_parameters.extensions.server_names [server_names - 1].type = type; - memcpy (session->security_parameters.extensions. - server_names[server_names - 1].name, name, name_length); + memcpy (session->security_parameters. + extensions.server_names[server_names - 1].name, name, name_length); session->security_parameters.extensions.server_names[server_names - 1].name_length = name_length; diff --git a/lib/ext_session_ticket.c b/lib/ext_session_ticket.c index d659a83f42..f25e9cd149 100644 --- a/lib/ext_session_ticket.c +++ b/lib/ext_session_ticket.c @@ -87,7 +87,7 @@ decrypt_ticket (gnutls_session_t session, struct ticket *ticket) int ret; /* Check the integrity of ticket using HMAC-SHA-256. */ - mac_secret.data = (void*) + mac_secret.data = (void *) session->internals.session_ticket_key->mac_secret; mac_secret.size = MAC_SECRET_SIZE; ret = digest_ticket (&mac_secret, ticket, final); @@ -104,7 +104,7 @@ decrypt_ticket (gnutls_session_t session, struct ticket *ticket) } /* Decrypt encrypted_state using 128-bit AES in CBC mode. */ - key.data = (void*)session->internals.session_ticket_key->key; + key.data = (void *) session->internals.session_ticket_key->key; key.size = KEY_SIZE; IV.data = ticket->IV; IV.size = IV_SIZE; @@ -177,7 +177,7 @@ encrypt_ticket (gnutls_session_t session, struct ticket *ticket) _gnutls_free_datum (&state); /* Encrypt state using 128-bit AES in CBC mode. */ - key.data = (void*)session->internals.session_ticket_key->key; + key.data = (void *) session->internals.session_ticket_key->key; key.size = KEY_SIZE; IV.data = session->internals.session_ticket_IV; IV.size = IV_SIZE; @@ -202,13 +202,13 @@ encrypt_ticket (gnutls_session_t session, struct ticket *ticket) /* Fill the ticket structure to compute MAC. */ memcpy (ticket->key_name, - session->internals.session_ticket_key->key_name, KEY_NAME_SIZE); + session->internals.session_ticket_key->key_name, KEY_NAME_SIZE); memcpy (ticket->IV, IV.data, IV.size); ticket->encrypted_state_len = encrypted_state.size; ticket->encrypted_state = encrypted_state.data; mac_secret.data = - (void*)session->internals.session_ticket_key->mac_secret; + (void *) session->internals.session_ticket_key->mac_secret; mac_secret.size = MAC_SECRET_SIZE; ret = digest_ticket (&mac_secret, ticket, ticket->mac); if (ret < 0) @@ -250,7 +250,8 @@ _gnutls_session_ticket_recv_params (gnutls_session_t session, /* If the key name of the ticket does not match the one that we hold, issue a new ticket. */ if (memcmp (ticket.key_name, - session->internals.session_ticket_key->key_name, KEY_NAME_SIZE)) + session->internals.session_ticket_key->key_name, + KEY_NAME_SIZE)) { session->internals.session_ticket_renew = 1; return 0; @@ -322,21 +323,21 @@ _gnutls_session_ticket_send_params (gnutls_session_t session, } else { - if (session->internals.resumed_security_parameters.extensions. - session_ticket_len > 0) + if (session->internals.resumed_security_parameters. + extensions.session_ticket_len > 0) { DECR_LENGTH_RET (data_size, - session->internals.resumed_security_parameters. - extensions.session_ticket_len, - GNUTLS_E_SHORT_MEMORY_BUFFER); + session->internals. + resumed_security_parameters.extensions. + session_ticket_len, GNUTLS_E_SHORT_MEMORY_BUFFER); memcpy (data, - session->internals.resumed_security_parameters.extensions. - session_ticket, - session->internals.resumed_security_parameters.extensions. - session_ticket_len); + session->internals.resumed_security_parameters. + extensions.session_ticket, + session->internals.resumed_security_parameters. + extensions.session_ticket_len); - return session->internals.resumed_security_parameters. - extensions.session_ticket_len; + return session->internals.resumed_security_parameters.extensions. + session_ticket_len; } else { @@ -436,8 +437,7 @@ gnutls_session_ticket_enable_server (gnutls_session_t session, } ret = _gnutls_rnd (GNUTLS_RND_RANDOM, - session->internals. - session_ticket_IV, IV_SIZE); + session->internals.session_ticket_IV, IV_SIZE); if (ret < 0) { gnutls_assert (); @@ -495,19 +495,19 @@ _gnutls_send_new_session_ticket (gnutls_session_t session, int again) SAVE_WRITE_SECURITY_PARAMETERS; ret = _gnutls_set_write_cipher (session, _gnutls_cipher_suite_get_cipher_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (ret < 0) return ret; ret = _gnutls_set_write_mac (session, _gnutls_cipher_suite_get_mac_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (ret < 0) return ret; ret = _gnutls_set_write_compression (session, - session->internals. - compression_method); + session-> + internals.compression_method); if (ret < 0) return ret; @@ -609,8 +609,8 @@ _gnutls_recv_new_session_ticket (gnutls_session_t session) /* Discard the current session ID. (RFC5077 3.4) */ ret = _gnutls_generate_session_id (session->security_parameters.session_id, - &session->security_parameters. - session_id_size); + &session-> + security_parameters.session_id_size); if (ret < 0) { gnutls_assert (); diff --git a/lib/ext_signature.c b/lib/ext_signature.c index 25fdb0f81c..05fabee1d8 100644 --- a/lib/ext_signature.c +++ b/lib/ext_signature.c @@ -59,8 +59,8 @@ _gnutls_sign_algorithm_write_params (gnutls_session_t session, opaque * data, for (i = j = 0; i < len; i += 2, j++) { aid = - _gnutls_sign_to_tls_aid (session->internals.priorities.sign_algo. - priority[j]); + _gnutls_sign_to_tls_aid (session->internals.priorities. + sign_algo.priority[j]); *p = aid.hash_algorithm; p++; *p = aid.sign_algorithm; @@ -91,9 +91,10 @@ _gnutls_sign_algorithm_parse_data (gnutls_session_t session, sig = _gnutls_tls_aid_to_sign (&aid); if (sig != GNUTLS_SIGN_UNKNOWN) { - session->security_parameters.extensions. - sign_algorithms[session->security_parameters.extensions. - sign_algorithms_size++] = sig; + session->security_parameters.extensions.sign_algorithms[session-> + security_parameters. + extensions.sign_algorithms_size++] + = sig; if (session->security_parameters.extensions.sign_algorithms_size == MAX_SIGNATURE_ALGORITHMS) break; @@ -213,9 +214,8 @@ _gnutls_session_get_sign_algo (gnutls_session_t session, (session->security_parameters.extensions.sign_algorithms[i]) == pk) { *hash = - _gnutls_sign_get_hash_algorithm (session-> - security_parameters.extensions. - sign_algorithms[i]); + _gnutls_sign_get_hash_algorithm (session->security_parameters. + extensions.sign_algorithms[i]); return session->security_parameters.extensions.sign_algorithms[i]; } } diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c index d1ecebb5be..0ead705c72 100644 --- a/lib/gnutls_algorithms.c +++ b/lib/gnutls_algorithms.c @@ -349,9 +349,9 @@ typedef struct gnutls_kx_algorithm_t kx_algorithm; gnutls_mac_algorithm_t mac_algorithm; gnutls_protocol_t min_version; /* this cipher suite is supported - * from 'version' and above; - */ - gnutls_protocol_t max_version;/* this cipher suite is not supported after that */ + * from 'version' and above; + */ + gnutls_protocol_t max_version; /* this cipher suite is not supported after that */ } gnutls_cipher_suite_entry; /* RSA with NULL cipher and MD5 MAC @@ -486,152 +486,192 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_SSL3, GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), #ifdef ENABLE_CAMELLIA GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_CAMELLIA_128_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_CAMELLIA_256_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), #endif GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_128_CBC_SHA256, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_256_CBC_SHA256, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_DH, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_VERSION_MAX), /* PSK */ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_ARCFOUR_SHA1, GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_PSK_SHA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), /* DHE-PSK */ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_ARCFOUR_SHA1, GNUTLS_CIPHER_ARCFOUR, GNUTLS_KX_DHE_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_PSK_SHA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_PSK, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), /* SRP */ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP_DSS, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_SRP_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP_DSS, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_SRP_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP_DSS, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), /* DHE_DSS */ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_ARCFOUR_SHA1, GNUTLS_CIPHER_ARCFOUR_128, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), #ifdef ENABLE_CAMELLIA GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), #endif GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_128_CBC_SHA256, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_256_CBC_SHA256, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_DSS, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_VERSION_MAX), /* DHE_RSA */ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), #ifdef ENABLE_CAMELLIA GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), #endif GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_128_CBC_SHA256, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_256_CBC_SHA256, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_RSA, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_VERSION_MAX), /* RSA */ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_NULL_MD5, GNUTLS_CIPHER_NULL, - GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_EXPORT_ARCFOUR_40_MD5, GNUTLS_CIPHER_ARCFOUR_40, @@ -640,36 +680,46 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_ARCFOUR_SHA1, GNUTLS_CIPHER_ARCFOUR_128, - GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_ARCFOUR_MD5, GNUTLS_CIPHER_ARCFOUR_128, - GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_KX_RSA, GNUTLS_MAC_MD5, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_3DES_EDE_CBC_SHA1, GNUTLS_CIPHER_3DES_CBC, - GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_KX_RSA, GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_128_CBC_SHA1, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_256_CBC_SHA1, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA, - GNUTLS_MAC_SHA1, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), #ifdef ENABLE_CAMELLIA GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_128_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_KX_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_256_CBC_SHA1, GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_RSA, - GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA1, GNUTLS_TLS1, + GNUTLS_VERSION_MAX), #endif GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_128_CBC_SHA256, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_256_CBC_SHA256, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA, - GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, GNUTLS_VERSION_MAX), + GNUTLS_MAC_SHA256, GNUTLS_TLS1_2, + GNUTLS_VERSION_MAX), GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RENEGO_PROTECTION_REQUEST, GNUTLS_CIPHER_UNKNOWN, GNUTLS_KX_UNKNOWN, - GNUTLS_MAC_UNKNOWN, GNUTLS_SSL3, GNUTLS_VERSION_MAX), + GNUTLS_MAC_UNKNOWN, GNUTLS_SSL3, + GNUTLS_VERSION_MAX), {0, {{0, 0}}, 0, 0, 0, 0, 0} }; @@ -1093,7 +1143,7 @@ _gnutls_version_lowest (gnutls_session_t session) for (i = 0; i < session->internals.priorities.protocol.algorithms; i++) { if (session->internals.priorities.protocol.priority[i] < min) - min = session->internals.priorities.protocol.priority[i]; + min = session->internals.priorities.protocol.priority[i]; } if (min == 0xff) @@ -1110,7 +1160,7 @@ _gnutls_version_max (gnutls_session_t session) for (i = 0; i < session->internals.priorities.protocol.algorithms; i++) { if (session->internals.priorities.protocol.priority[i] > max) - max = session->internals.priorities.protocol.priority[i]; + max = session->internals.priorities.protocol.priority[i]; } if (max == 0x00) @@ -1330,10 +1380,14 @@ _gnutls_cipher_suite_get_cipher_algo (const cipher_suite_st * suite) } gnutls_protocol_t -_gnutls_cipher_suite_is_version_supported (const cipher_suite_st * suite, gnutls_protocol_t version) +_gnutls_cipher_suite_is_version_supported (const cipher_suite_st * suite, + gnutls_protocol_t version) { int ret = 0; - GNUTLS_CIPHER_SUITE_ALG_LOOP ( (version >= p->min_version && version <= p->max_version)?(ret=1):(ret=0)); + GNUTLS_CIPHER_SUITE_ALG_LOOP ((version >= p->min_version + && version <= p->max_version) ? (ret = + 1) : (ret = + 0)); return ret; } @@ -1682,7 +1736,8 @@ _gnutls_supported_ciphersuites (gnutls_session_t session, /* remove cipher suites which do not support the * protocol version used. */ - if (_gnutls_cipher_suite_is_version_supported (&tmp_ciphers[i], version) == 0) + if (_gnutls_cipher_suite_is_version_supported (&tmp_ciphers[i], version) + == 0) continue; if (_gnutls_kx_priority diff --git a/lib/gnutls_auth.c b/lib/gnutls_auth.c index 5d2151401e..d8949db00c 100644 --- a/lib/gnutls_auth.c +++ b/lib/gnutls_auth.c @@ -179,8 +179,9 @@ gnutls_auth_get_type (gnutls_session_t session) return _gnutls_map_kx_get_cred (_gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite), server); + (&session-> + security_parameters.current_cipher_suite), + server); } /** @@ -199,8 +200,8 @@ gnutls_auth_server_get_type (gnutls_session_t session) { return _gnutls_map_kx_get_cred (_gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite), 1); + (&session-> + security_parameters.current_cipher_suite), 1); } /** @@ -219,8 +220,8 @@ gnutls_auth_client_get_type (gnutls_session_t session) { return _gnutls_map_kx_get_cred (_gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite), 0); + (&session-> + security_parameters.current_cipher_suite), 0); } diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c index 9627ee15df..c0bc013c78 100644 --- a/lib/gnutls_buffers.c +++ b/lib/gnutls_buffers.c @@ -859,8 +859,8 @@ _gnutls_handshake_io_send_int (gnutls_session_t session, /* checking is handled above */ _gnutls_buffer_get_datum (&session->internals.handshake_send_buffer, &bdata, - session->internals. - handshake_send_buffer.length); + session->internals.handshake_send_buffer. + length); ptr = bdata.data; n = bdata.size; @@ -933,9 +933,9 @@ _gnutls_handshake_io_send_int (gnutls_session_t session, gnutls_assert (); retval = - _gnutls_buffer_append (&session->internals. - handshake_send_buffer, &ptr[n - left], - left); + _gnutls_buffer_append (&session-> + internals.handshake_send_buffer, + &ptr[n - left], left); if (retval < 0) { gnutls_assert (); @@ -1030,9 +1030,8 @@ _gnutls_handshake_io_recv_int (gnutls_session_t session, { gnutls_assert (); - _gnutls_buffer_append (&session-> - internals.handshake_recv_buffer, iptr, - dsize); + _gnutls_buffer_append (&session->internals. + handshake_recv_buffer, iptr, dsize); session->internals.handshake_recv_buffer_htype = htype; session->internals.handshake_recv_buffer_type = type; diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c index 42a8b9675b..2d435ba019 100644 --- a/lib/gnutls_cert.c +++ b/lib/gnutls_cert.c @@ -449,9 +449,9 @@ void gnutls_certificate_server_set_retrieve_function * Since: 2.10.0 **/ void -gnutls_certificate_set_verify_function -(gnutls_certificate_credentials_t cred, - gnutls_certificate_verify_function * func) + gnutls_certificate_set_verify_function + (gnutls_certificate_credentials_t cred, + gnutls_certificate_verify_function * func) { cred->verify_callback = func; } @@ -788,9 +788,8 @@ _gnutls_get_auth_info_gcert (gnutls_cert * gcert, case GNUTLS_CRT_OPENPGP: return _gnutls_openpgp_raw_crt_to_gcert (gcert, &info->raw_certificate_list[0], - info-> - use_subkey ? info->subkey_id : - NULL); + info->use_subkey ? info-> + subkey_id : NULL); #endif default: gnutls_assert (); diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c index f1a4efcba7..4fc9261b68 100644 --- a/lib/gnutls_cipher.c +++ b/lib/gnutls_cipher.c @@ -218,7 +218,7 @@ mac_init (digest_hd_st * td, gnutls_mac_algorithm_t mac, opaque * secret, } static inline void -mac_hash (digest_hd_st * td, void * data, int data_size, int ver) +mac_hash (digest_hd_st * td, void *data, int data_size, int ver) { if (ver == GNUTLS_SSL3) { /* SSL 3.0 */ @@ -302,23 +302,28 @@ calc_enc_length (gnutls_session_t session, int data_size, } #define PREAMBLE_SIZE 16 -static inline int make_preamble(opaque* uint64_data, opaque type, uint16_t c_length, opaque ver, opaque* preamble) +static inline int +make_preamble (opaque * uint64_data, opaque type, uint16_t c_length, + opaque ver, opaque * preamble) { opaque minor = _gnutls_version_get_minor (ver); opaque major = _gnutls_version_get_major (ver); opaque *p = preamble; - - memcpy(p, uint64_data, 8); - p+=8; - *p=type; p++; + + memcpy (p, uint64_data, 8); + p += 8; + *p = type; + p++; if (_gnutls_version_has_variable_padding (ver)) - { /* TLS 1.0 or higher */ - *p = major; p++; - *p = minor; p++; + { /* TLS 1.0 or higher */ + *p = major; + p++; + *p = minor; + p++; } - memcpy(p, &c_length, 2); - p+=2; - return p-preamble; + memcpy (p, &c_length, 2); + p += 2; + return p - preamble; } /* This is the actual encryption @@ -340,14 +345,14 @@ _gnutls_compressed2ciphertext (gnutls_session_t session, opaque preamble[PREAMBLE_SIZE]; int preamble_size; int hash_size = - _gnutls_hash_get_algo_len (session->security_parameters. - write_mac_algorithm); + _gnutls_hash_get_algo_len (session-> + security_parameters.write_mac_algorithm); int blocksize = - gnutls_cipher_get_block_size (session->security_parameters. - write_bulk_cipher_algorithm); + gnutls_cipher_get_block_size (session-> + security_parameters.write_bulk_cipher_algorithm); cipher_type_t block_algo = - _gnutls_cipher_is_block (session->security_parameters. - write_bulk_cipher_algorithm); + _gnutls_cipher_is_block (session-> + security_parameters.write_bulk_cipher_algorithm); opaque *data_ptr; int ver = gnutls_protocol_get_version (session); @@ -361,15 +366,18 @@ _gnutls_compressed2ciphertext (gnutls_session_t session, digest_hd_st td; ret = mac_init (&td, session->security_parameters.write_mac_algorithm, - session->connection_state.write_mac_secret.data, - session->connection_state.write_mac_secret.size, ver); + session->connection_state.write_mac_secret.data, + session->connection_state.write_mac_secret.size, ver); if (ret < 0) - { - gnutls_assert (); - return ret; - } - preamble_size = make_preamble( UINT64DATA (session->connection_state.write_sequence_number), type, c_length, ver, preamble); + { + gnutls_assert (); + return ret; + } + preamble_size = + make_preamble (UINT64DATA + (session->connection_state.write_sequence_number), + type, c_length, ver, preamble); mac_hash (&td, preamble, preamble_size, ver); mac_hash (&td, compressed.data, compressed.size, ver); mac_deinit (&td, MAC, ver); @@ -458,12 +466,12 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, int preamble_size; int ver = gnutls_protocol_get_version (session); int hash_size = - _gnutls_hash_get_algo_len (session->security_parameters. - read_mac_algorithm); + _gnutls_hash_get_algo_len (session-> + security_parameters.read_mac_algorithm); blocksize = - gnutls_cipher_get_block_size (session->security_parameters. - read_bulk_cipher_algorithm); + gnutls_cipher_get_block_size (session-> + security_parameters.read_bulk_cipher_algorithm); /* actual decryption (inplace) @@ -473,9 +481,9 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, { case CIPHER_STREAM: if ((ret = - _gnutls_cipher_decrypt (&session->connection_state. - read_cipher_state, ciphertext.data, - ciphertext.size)) < 0) + _gnutls_cipher_decrypt (&session-> + connection_state.read_cipher_state, + ciphertext.data, ciphertext.size)) < 0) { gnutls_assert (); return ret; @@ -492,9 +500,9 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, } if ((ret = - _gnutls_cipher_decrypt (&session->connection_state. - read_cipher_state, ciphertext.data, - ciphertext.size)) < 0) + _gnutls_cipher_decrypt (&session-> + connection_state.read_cipher_state, + ciphertext.data, ciphertext.size)) < 0) { gnutls_assert (); return ret; @@ -558,16 +566,19 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, digest_hd_st td; ret = mac_init (&td, session->security_parameters.read_mac_algorithm, - session->connection_state.read_mac_secret.data, - session->connection_state.read_mac_secret.size, ver); + session->connection_state.read_mac_secret.data, + session->connection_state.read_mac_secret.size, ver); if (ret < 0) - { - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } + { + gnutls_assert (); + return GNUTLS_E_INTERNAL_ERROR; + } - preamble_size = make_preamble( UINT64DATA (session->connection_state.read_sequence_number), type, c_length, ver, preamble); + preamble_size = + make_preamble (UINT64DATA + (session->connection_state.read_sequence_number), type, + c_length, ver, preamble); mac_hash (&td, preamble, preamble_size, ver); if (length > 0) mac_hash (&td, ciphertext.data, length, ver); diff --git a/lib/gnutls_compress.c b/lib/gnutls_compress.c index 05e980a6e9..757c6090ba 100644 --- a/lib/gnutls_compress.c +++ b/lib/gnutls_compress.c @@ -269,8 +269,8 @@ _gnutls_supported_compression_methods (gnutls_session_t session, for (i = j = 0; i < SUPPORTED_COMPRESSION_METHODS; i++) { int tmp = - _gnutls_compression_get_num (session->internals.priorities. - compression.priority[i]); + _gnutls_compression_get_num (session->internals. + priorities.compression.priority[i]); /* remove private compression algorithms, if requested. */ diff --git a/lib/gnutls_constate.c b/lib/gnutls_constate.c index 3658949042..5b2678f4e4 100644 --- a/lib/gnutls_constate.c +++ b/lib/gnutls_constate.c @@ -386,7 +386,7 @@ _gnutls_set_write_keys (gnutls_session_t session) gnutls_free(dst->extensions.oprfi_client); \ gnutls_free(dst->extensions.oprfi_server); \ memcpy(&dst->extensions.server_names, &src->extensions, sizeof(src->extensions)); \ - memset(&src->extensions, 0, sizeof(src->extensions)) /* avoid duplicate free's */ + memset(&src->extensions, 0, sizeof(src->extensions)) /* avoid duplicate free's */ #define CPY_COMMON dst->entity = src->entity; \ dst->kx_algorithm = src->kx_algorithm; \ @@ -419,7 +419,7 @@ _gnutls_cpy_write_security_parameters (security_parameters_st * dst, security_parameters_st * src) { CPY_COMMON; - CPY_EXTENSIONS; /* only do once */ + CPY_EXTENSIONS; /* only do once */ dst->write_bulk_cipher_algorithm = src->write_bulk_cipher_algorithm; dst->write_mac_algorithm = src->write_mac_algorithm; @@ -468,35 +468,35 @@ _gnutls_read_connection_state_init (gnutls_session_t session) { rc = _gnutls_set_read_cipher (session, _gnutls_cipher_suite_get_cipher_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (rc < 0) return rc; rc = _gnutls_set_read_mac (session, _gnutls_cipher_suite_get_mac_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (rc < 0) return rc; rc = _gnutls_set_kx (session, _gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (rc < 0) return rc; rc = _gnutls_set_read_compression (session, - session->internals. - compression_method); + session-> + internals.compression_method); if (rc < 0) return rc; } else { /* RESUME_TRUE */ _gnutls_cpy_read_security_parameters (&session->security_parameters, - &session->internals. - resumed_security_parameters); + &session-> + internals.resumed_security_parameters); } @@ -507,8 +507,8 @@ _gnutls_read_connection_state_init (gnutls_session_t session) _gnutls_handshake_log ("HSK[%p]: Cipher Suite: %s\n", session, _gnutls_cipher_suite_get_name - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (_gnutls_compression_is_ok (session->security_parameters.read_compression_algorithm) != 0) @@ -536,8 +536,8 @@ _gnutls_read_connection_state_init (gnutls_session_t session) mac_size = - _gnutls_hash_get_algo_len (session->security_parameters. - read_mac_algorithm); + _gnutls_hash_get_algo_len (session-> + security_parameters.read_mac_algorithm); _gnutls_handshake_log ("HSK[%p]: Initializing internal [read] cipher sessions\n", session); @@ -548,8 +548,8 @@ _gnutls_read_connection_state_init (gnutls_session_t session) /* initialize cipher session */ rc = _gnutls_cipher_init (&session->connection_state.read_cipher_state, - session-> - security_parameters.read_bulk_cipher_algorithm, + session->security_parameters. + read_bulk_cipher_algorithm, &session->cipher_specs.client_write_key, &session->cipher_specs.client_write_IV); if (rc < 0 @@ -566,10 +566,11 @@ _gnutls_read_connection_state_init (gnutls_session_t session) if (mac_size > 0) { if (_gnutls_sset_datum (&session->connection_state.read_mac_secret, - session->cipher_specs. - client_write_mac_secret.data, - session->cipher_specs. - client_write_mac_secret.size) < 0) + session-> + cipher_specs.client_write_mac_secret.data, + session-> + cipher_specs.client_write_mac_secret.size) < + 0) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; @@ -581,8 +582,8 @@ _gnutls_read_connection_state_init (gnutls_session_t session) case GNUTLS_CLIENT: rc = _gnutls_cipher_init (&session->connection_state.read_cipher_state, - session-> - security_parameters.read_bulk_cipher_algorithm, + session->security_parameters. + read_bulk_cipher_algorithm, &session->cipher_specs.server_write_key, &session->cipher_specs.server_write_IV); @@ -600,10 +601,11 @@ _gnutls_read_connection_state_init (gnutls_session_t session) if (mac_size > 0) { if (_gnutls_sset_datum (&session->connection_state.read_mac_secret, - session->cipher_specs. - server_write_mac_secret.data, - session->cipher_specs. - server_write_mac_secret.size) < 0) + session-> + cipher_specs.server_write_mac_secret.data, + session-> + cipher_specs.server_write_mac_secret.size) < + 0) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; @@ -618,8 +620,8 @@ _gnutls_read_connection_state_init (gnutls_session_t session) } session->connection_state.read_compression_state = - _gnutls_comp_init (session->security_parameters. - read_compression_algorithm, 1); + _gnutls_comp_init (session-> + security_parameters.read_compression_algorithm, 1); if (session->connection_state.read_compression_state == GNUTLS_COMP_FAILED) { @@ -650,35 +652,35 @@ _gnutls_write_connection_state_init (gnutls_session_t session) { rc = _gnutls_set_write_cipher (session, _gnutls_cipher_suite_get_cipher_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (rc < 0) return rc; rc = _gnutls_set_write_mac (session, _gnutls_cipher_suite_get_mac_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (rc < 0) return rc; rc = _gnutls_set_kx (session, _gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (rc < 0) return rc; rc = _gnutls_set_write_compression (session, - session->internals. - compression_method); + session-> + internals.compression_method); if (rc < 0) return rc; } else { /* RESUME_TRUE */ _gnutls_cpy_write_security_parameters (&session->security_parameters, - &session->internals. - resumed_security_parameters); + &session-> + internals.resumed_security_parameters); } rc = _gnutls_set_write_keys (session); @@ -687,8 +689,8 @@ _gnutls_write_connection_state_init (gnutls_session_t session) _gnutls_handshake_log ("HSK[%p]: Cipher Suite: %s\n", session, _gnutls_cipher_suite_get_name - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (_gnutls_compression_is_ok (session->security_parameters.write_compression_algorithm) != 0) @@ -718,8 +720,8 @@ _gnutls_write_connection_state_init (gnutls_session_t session) 0); mac_size = - _gnutls_hash_get_algo_len (session->security_parameters. - write_mac_algorithm); + _gnutls_hash_get_algo_len (session-> + security_parameters.write_mac_algorithm); _gnutls_handshake_log ("HSK[%p]: Initializing internal [write] cipher sessions\n", session); @@ -730,8 +732,8 @@ _gnutls_write_connection_state_init (gnutls_session_t session) /* initialize cipher session */ rc = _gnutls_cipher_init (&session->connection_state.write_cipher_state, - session->security_parameters. - write_bulk_cipher_algorithm, + session-> + security_parameters.write_bulk_cipher_algorithm, &session->cipher_specs.server_write_key, &session->cipher_specs.server_write_IV); @@ -750,10 +752,11 @@ _gnutls_write_connection_state_init (gnutls_session_t session) if (mac_size > 0) { if (_gnutls_sset_datum (&session->connection_state.write_mac_secret, - session->cipher_specs. - server_write_mac_secret.data, - session->cipher_specs. - server_write_mac_secret.size) < 0) + session-> + cipher_specs.server_write_mac_secret.data, + session-> + cipher_specs.server_write_mac_secret.size) < + 0) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; @@ -766,8 +769,8 @@ _gnutls_write_connection_state_init (gnutls_session_t session) case GNUTLS_CLIENT: rc = _gnutls_cipher_init (&session->connection_state.write_cipher_state, - session->security_parameters. - write_bulk_cipher_algorithm, + session-> + security_parameters.write_bulk_cipher_algorithm, &session->cipher_specs.client_write_key, &session->cipher_specs.client_write_IV); @@ -784,10 +787,11 @@ _gnutls_write_connection_state_init (gnutls_session_t session) if (mac_size > 0) { if (_gnutls_sset_datum (&session->connection_state.write_mac_secret, - session->cipher_specs. - client_write_mac_secret.data, - session->cipher_specs. - client_write_mac_secret.size) < 0) + session-> + cipher_specs.client_write_mac_secret.data, + session-> + cipher_specs.client_write_mac_secret.size) < + 0) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; @@ -803,8 +807,8 @@ _gnutls_write_connection_state_init (gnutls_session_t session) session->connection_state.write_compression_state = - _gnutls_comp_init (session->security_parameters. - write_compression_algorithm, 0); + _gnutls_comp_init (session-> + security_parameters.write_compression_algorithm, 0); if (session->connection_state.write_compression_state == GNUTLS_COMP_FAILED) { diff --git a/lib/gnutls_extensions.c b/lib/gnutls_extensions.c index e27c7761b9..48d0d8b399 100644 --- a/lib/gnutls_extensions.c +++ b/lib/gnutls_extensions.c @@ -196,9 +196,8 @@ _gnutls_extension_list_add (gnutls_session_t session, uint16_t type) { if (session->internals.extensions_sent_size < MAX_EXT_TYPES) { - session->internals.extensions_sent[session-> - internals.extensions_sent_size] = - type; + session->internals.extensions_sent[session->internals. + extensions_sent_size] = type; session->internals.extensions_sent_size++; } else @@ -241,9 +240,9 @@ _gnutls_gen_extensions (gnutls_session_t session, opaque * data, if (p->send_func == NULL) continue; - + if (parse_type != GNUTLS_EXT_ANY && p->parse_type != parse_type) - continue; + continue; size = p->send_func (session, sdata, sdata_size); if (size > 0 || size == GNUTLS_E_INT_RET_0) diff --git a/lib/gnutls_global.c b/lib/gnutls_global.c index baa6652793..6a3297c1aa 100644 --- a/lib/gnutls_global.c +++ b/lib/gnutls_global.c @@ -248,8 +248,8 @@ gnutls_global_init (void) gnutls_assert (); goto out; } - - _gnutls_cryptodev_init(); + + _gnutls_cryptodev_init (); out: return result; @@ -275,7 +275,7 @@ gnutls_global_deinit (void) asn1_delete_structure (&_gnutls_gnutls_asn); asn1_delete_structure (&_gnutls_pkix1_asn); _gnutls_crypto_deregister (); - _gnutls_cryptodev_deinit(); + _gnutls_cryptodev_deinit (); } _gnutls_init--; } diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 57fbe991d3..0959c06c8b 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -91,10 +91,10 @@ _gnutls_handshake_hash_buffers_clear (gnutls_session_t session) else if (session->security_parameters.handshake_mac_handle_type == HANDSHAKE_MAC_TYPE_12) { - _gnutls_hash_deinit (&session->internals.handshake_mac_handle. - tls12.sha256, NULL); - _gnutls_hash_deinit (&session->internals.handshake_mac_handle. - tls12.sha1, NULL); + _gnutls_hash_deinit (&session->internals.handshake_mac_handle.tls12. + sha256, NULL); + _gnutls_hash_deinit (&session->internals.handshake_mac_handle.tls12. + sha1, NULL); } session->security_parameters.handshake_mac_handle_type = 0; session->internals.handshake_mac_handle_init = 0; @@ -119,8 +119,8 @@ resume_copy_required_values (gnutls_session_t session) * hello message. */ memcpy (session->security_parameters.current_cipher_suite.suite, - session->internals.resumed_security_parameters. - current_cipher_suite.suite, 2); + session->internals.resumed_security_parameters.current_cipher_suite. + suite, 2); session->internals.compression_method = session->internals.resumed_security_parameters.read_compression_algorithm; @@ -132,8 +132,8 @@ resume_copy_required_values (gnutls_session_t session) session->internals.resumed_security_parameters.entity; _gnutls_set_current_version (session, - session->internals. - resumed_security_parameters.version); + session->internals.resumed_security_parameters. + version); session->security_parameters.cert_type = session->internals.resumed_security_parameters.cert_type; @@ -179,8 +179,8 @@ _gnutls_ssl3_finished (gnutls_session_t session, int type, opaque * ret) { rc = _gnutls_hash_copy (&td_md5, - &session->internals.handshake_mac_handle. - tls10.md5); + &session->internals.handshake_mac_handle.tls10. + md5); if (rc < 0) { gnutls_assert (); @@ -189,8 +189,8 @@ _gnutls_ssl3_finished (gnutls_session_t session, int type, opaque * ret) rc = _gnutls_hash_copy (&td_sha, - &session->internals.handshake_mac_handle. - tls10.sha); + &session->internals.handshake_mac_handle.tls10. + sha); if (rc < 0) { gnutls_assert (); @@ -217,11 +217,13 @@ _gnutls_ssl3_finished (gnutls_session_t session, int type, opaque * ret) _gnutls_hash (&td_sha, mesg, siz); _gnutls_mac_deinit_ssl3_handshake (&td_md5, ret, - session->security_parameters. - master_secret, GNUTLS_MASTER_SIZE); + session-> + security_parameters.master_secret, + GNUTLS_MASTER_SIZE); _gnutls_mac_deinit_ssl3_handshake (&td_sha, &ret[16], - session->security_parameters. - master_secret, GNUTLS_MASTER_SIZE); + session-> + security_parameters.master_secret, + GNUTLS_MASTER_SIZE); return 0; } @@ -247,8 +249,8 @@ _gnutls_finished (gnutls_session_t session, int type, void *ret) { rc = _gnutls_hash_copy (&td_md5, - &session->internals.handshake_mac_handle. - tls10.md5); + &session->internals.handshake_mac_handle.tls10. + md5); if (rc < 0) { gnutls_assert (); @@ -257,8 +259,8 @@ _gnutls_finished (gnutls_session_t session, int type, void *ret) rc = _gnutls_hash_copy (&td_sha, - &session->internals.handshake_mac_handle. - tls10.sha); + &session->internals.handshake_mac_handle.tls10. + sha); if (rc < 0) { gnutls_assert (); @@ -274,8 +276,8 @@ _gnutls_finished (gnutls_session_t session, int type, void *ret) { rc = _gnutls_hash_copy (&td_sha, - &session->internals.handshake_mac_handle. - tls12.sha256); + &session->internals.handshake_mac_handle.tls12. + sha256); if (rc < 0) { gnutls_assert (); @@ -452,13 +454,13 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque * data, pos += session_id_len; if (ret == 0) - { /* resumed using default TLS resumption! */ + { /* resumed using default TLS resumption! */ /* Parse only the safe renegotiation extension * We don't want to parse any other extensions since * we don't want new extension values to overwrite the * resumed ones. */ - + /* move forward to extensions */ DECR_LEN (len, 2); suite_size = _gnutls_read_uint16 (&data[pos]); @@ -466,30 +468,30 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque * data, DECR_LEN (len, suite_size); pos += suite_size; - + DECR_LEN (len, 1); comp_size = data[pos++]; /* z is the number of compression methods */ DECR_LEN (len, comp_size); pos += comp_size; ret = _gnutls_parse_extensions (session, GNUTLS_EXT_MANDATORY, - &data[pos], len); + &data[pos], len); if (ret < 0) - { - gnutls_assert (); - return ret; - } + { + gnutls_assert (); + return ret; + } resume_copy_required_values (session); session->internals.resumed = RESUME_TRUE; - + return _gnutls_user_hello_func (session, adv_version); } else { _gnutls_generate_session_id (session->security_parameters.session_id, - &session->security_parameters. - session_id_size); + &session-> + security_parameters.session_id_size); session->internals.resumed = RESUME_FALSE; } @@ -542,8 +544,7 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque * data, return ret; } - ret = _gnutls_parse_extensions (session, GNUTLS_EXT_TLS, - &data[pos], len); + ret = _gnutls_parse_extensions (session, GNUTLS_EXT_TLS, &data[pos], len); if (ret < 0) { gnutls_assert (); @@ -557,13 +558,11 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque * data, memcpy (session->internals.resumed_security_parameters.session_id, session_id, session_id_len); session->internals.resumed_security_parameters.session_id_size = - session_id_len; + session_id_len; - session->internals. - resumed_security_parameters.max_record_recv_size = + session->internals.resumed_security_parameters.max_record_recv_size = session->security_parameters.max_record_recv_size; - session->internals. - resumed_security_parameters.max_record_send_size = + session->internals.resumed_security_parameters.max_record_send_size = session->security_parameters.max_record_send_size; resume_copy_required_values (session); @@ -672,7 +671,7 @@ _gnutls_send_finished (gnutls_session_t session, int again) data_size = 36; } else - { /* TLS 1.0+ */ + { /* TLS 1.0+ */ ret = _gnutls_finished (session, session->security_parameters.entity, data); data_size = 12; @@ -690,7 +689,7 @@ _gnutls_send_finished (gnutls_session_t session, int again) /* Save data for safe renegotiation. */ - if (data_size > MAX_VERIFY_DATA_SIZE) + if (data_size > MAX_VERIFY_DATA_SIZE) { gnutls_assert (); return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; @@ -698,16 +697,16 @@ _gnutls_send_finished (gnutls_session_t session, int again) if (session->security_parameters.entity == GNUTLS_CLIENT) { - session->security_parameters.extensions.client_verify_data_len = - data_size; + session->security_parameters.extensions.client_verify_data_len = + data_size; memcpy (session->security_parameters.extensions.client_verify_data, data, data_size); } else { - session->security_parameters.extensions.server_verify_data_len = - data_size; + session->security_parameters.extensions.server_verify_data_len = + data_size; memcpy (session->security_parameters.extensions.server_verify_data, data, data_size); @@ -868,17 +867,18 @@ _gnutls_server_select_suite (gnutls_session_t session, opaque * data, { int offset; - for(offset = 0; offset < datalen; offset += 2) + for (offset = 0; offset < datalen; offset += 2) { /* TLS_RENEGO_PROTECTION_REQUEST = { 0x00, 0xff } */ - if (data[offset] == GNUTLS_RENEGO_PROTECTION_REQUEST_MAJOR && - data[offset+1] == GNUTLS_RENEGO_PROTECTION_REQUEST_MINOR) - { - _gnutls_handshake_log ("HSK[%p]: Received safe renegotiation CS\n", session); - session->internals.safe_renegotiation_received = 1; - session->internals.connection_using_safe_renegotiation = 1; + if (data[offset] == GNUTLS_RENEGO_PROTECTION_REQUEST_MAJOR && + data[offset + 1] == GNUTLS_RENEGO_PROTECTION_REQUEST_MINOR) + { + _gnutls_handshake_log + ("HSK[%p]: Received safe renegotiation CS\n", session); + session->internals.safe_renegotiation_received = 1; + session->internals.connection_using_safe_renegotiation = 1; break; - } + } } } @@ -886,7 +886,7 @@ _gnutls_server_select_suite (gnutls_session_t session, opaque * data, x = _gnutls_supported_ciphersuites (session, &ciphers); if (x < 0) - { /* the case x==0 is handled within the function. */ + { /* the case x==0 is handled within the function. */ gnutls_assert (); return x; } @@ -934,21 +934,21 @@ _gnutls_server_select_suite (gnutls_session_t session, opaque * data, for (j = 0; j < datalen; j += 2) { - for (i = 0; i < x; i++) - { - if (memcmp (ciphers[i].suite, &data[j], 2) == 0) - { - memcpy (&cs.suite, &data[j], 2); + for (i = 0; i < x; i++) + { + if (memcmp (ciphers[i].suite, &data[j], 2) == 0) + { + memcpy (&cs.suite, &data[j], 2); - _gnutls_handshake_log - ("HSK[%p]: Selected cipher suite: %s\n", session, - _gnutls_cipher_suite_get_name (&cs)); - memcpy (session->security_parameters.current_cipher_suite.suite, - ciphers[i].suite, 2); - retval = 0; - goto finish; - } - } + _gnutls_handshake_log + ("HSK[%p]: Selected cipher suite: %s\n", session, + _gnutls_cipher_suite_get_name (&cs)); + memcpy (session->security_parameters.current_cipher_suite.suite, + ciphers[i].suite, 2); + retval = 0; + goto finish; + } + } } finish: @@ -964,9 +964,9 @@ finish: */ if (_gnutls_get_kx_cred (session, - _gnutls_cipher_suite_get_kx_algo (&session->security_parameters. - current_cipher_suite), &err) == NULL - && err != 0) + _gnutls_cipher_suite_get_kx_algo (&session-> + security_parameters.current_cipher_suite), + &err) == NULL && err != 0) { gnutls_assert (); return GNUTLS_E_INSUFFICIENT_CREDENTIALS; @@ -979,8 +979,8 @@ finish: */ session->internals.auth_struct = _gnutls_kx_auth_struct (_gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (session->internals.auth_struct == NULL) { @@ -1029,8 +1029,8 @@ _gnutls_server_select_comp_method (gnutls_session_t session, _gnutls_handshake_log ("HSK[%p]: Selected Compression Method: %s\n", session, - gnutls_compression_get_name (session->internals. - compression_method)); + gnutls_compression_get_name (session-> + internals.compression_method)); return 0; @@ -1218,8 +1218,8 @@ _gnutls_recv_handshake_header (gnutls_session_t session, if (session->internals.handshake_header_buffer.header_size == handshake_header_size || (session->internals.v2_hello != 0 && type == GNUTLS_HANDSHAKE_CLIENT_HELLO - && session->internals. - handshake_header_buffer.packet_length > 0)) + && session->internals.handshake_header_buffer. + packet_length > 0)) { *recv_type = session->internals.handshake_header_buffer.recv_type; @@ -1269,11 +1269,13 @@ _gnutls_recv_handshake_header (gnutls_session_t session, _gnutls_handshake_io_recv_int (session, GNUTLS_HANDSHAKE, type, &dataptr - [session->internals. - handshake_header_buffer.header_size], + [session-> + internals.handshake_header_buffer. + header_size], HANDSHAKE_HEADER_SIZE - - session->internals. - handshake_header_buffer.header_size); + session-> + internals.handshake_header_buffer. + header_size); if (ret <= 0) { gnutls_assert (); @@ -1460,11 +1462,12 @@ _gnutls_recv_handshake (gnutls_session_t session, uint8_t ** data, ret = _gnutls_handshake_hash_add_recvd (session, recv_type, - session->internals. - handshake_header_buffer.header, - session->internals. - handshake_header_buffer.header_size, - dataptr, length32); + session-> + internals.handshake_header_buffer. + header, + session-> + internals.handshake_header_buffer. + header_size, dataptr, length32); if (ret < 0) { gnutls_assert (); @@ -1569,8 +1572,8 @@ _gnutls_client_set_ciphersuite (gnutls_session_t session, opaque suite[2]) _gnutls_handshake_log ("HSK[%p]: Selected cipher suite: %s\n", session, _gnutls_cipher_suite_get_name - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); /* check if the credentials (username, public key etc.) are ok. @@ -1593,8 +1596,8 @@ _gnutls_client_set_ciphersuite (gnutls_session_t session, opaque suite[2]) */ session->internals.auth_struct = _gnutls_kx_auth_struct (_gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (session->internals.auth_struct == NULL) { @@ -1757,15 +1760,15 @@ _gnutls_read_server_hello (gnutls_session_t session, (session, &data[pos], session_id_len) == 0) { pos += session_id_len + 2 + 1; - DECR_LEN (len, 2+1); + DECR_LEN (len, 2 + 1); ret = _gnutls_parse_extensions (session, GNUTLS_EXT_MANDATORY, - &data[pos], len); + &data[pos], len); if (ret < 0) - { - gnutls_assert (); - return ret; - } + { + gnutls_assert (); + return ret; + } return 0; } @@ -1797,8 +1800,7 @@ _gnutls_read_server_hello (gnutls_session_t session, /* Parse extensions. */ - ret = _gnutls_parse_extensions (session, GNUTLS_EXT_ANY, - &data[pos], len); + ret = _gnutls_parse_extensions (session, GNUTLS_EXT_ANY, &data[pos], len); if (ret < 0) { gnutls_assert (); @@ -1977,8 +1979,8 @@ _gnutls_send_client_hello (gnutls_session_t session, int again) extdatalen = MAX_EXT_DATA_LENGTH + - session->internals.resumed_security_parameters.extensions. - session_ticket_len; + session->internals.resumed_security_parameters. + extensions.session_ticket_len; extdata = gnutls_malloc (extdatalen); if (extdata == NULL) { @@ -1992,10 +1994,10 @@ _gnutls_send_client_hello (gnutls_session_t session, int again) */ if (session_id_len == 0) { - if (rehandshake) /* already negotiated version thus version_max == negotiated version */ - hver = session->security_parameters.version; - else /* new handshake. just get the max */ - hver = _gnutls_version_max (session); + if (rehandshake) /* already negotiated version thus version_max == negotiated version */ + hver = session->security_parameters.version; + else /* new handshake. just get the max */ + hver = _gnutls_version_max (session); } else { @@ -2056,7 +2058,9 @@ _gnutls_send_client_hello (gnutls_session_t session, int again) if (session_id_len > 0) { - memcpy (&data[pos], session->internals.resumed_security_parameters.session_id, session_id_len); + memcpy (&data[pos], + session->internals.resumed_security_parameters.session_id, + session_id_len); pos += session_id_len; } @@ -2067,12 +2071,14 @@ _gnutls_send_client_hello (gnutls_session_t session, int again) * prevention on initial negotiation (but not renegotiation; that's * handled with the RI extension below). */ - if(!session->internals.initial_negotiation_completed && - session->security_parameters.entity == GNUTLS_CLIENT && - gnutls_protocol_get_version (session) == GNUTLS_SSL3) - { - ret = _gnutls_copy_ciphersuites (session, extdata, extdatalen, TRUE); - _gnutls_extension_list_add (session, GNUTLS_EXTENSION_SAFE_RENEGOTIATION); + if (!session->internals.initial_negotiation_completed && + session->security_parameters.entity == GNUTLS_CLIENT && + gnutls_protocol_get_version (session) == GNUTLS_SSL3) + { + ret = + _gnutls_copy_ciphersuites (session, extdata, extdatalen, TRUE); + _gnutls_extension_list_add (session, + GNUTLS_EXTENSION_SAFE_RENEGOTIATION); } else ret = _gnutls_copy_ciphersuites (session, extdata, extdatalen, FALSE); @@ -2134,10 +2140,10 @@ _gnutls_send_client_hello (gnutls_session_t session, int again) /* Generate and copy TLS extensions. */ if (_gnutls_version_has_extensions (hver)) - type = GNUTLS_EXT_ANY; + type = GNUTLS_EXT_ANY; else { - if(session->internals.initial_negotiation_completed != 0) + if (session->internals.initial_negotiation_completed != 0) type = GNUTLS_EXT_MANDATORY; else type = GNUTLS_EXT_NONE; @@ -2216,7 +2222,8 @@ _gnutls_send_server_hello (gnutls_session_t session, int again) { datalen = 2 + session_id_len + 1 + GNUTLS_RANDOM_SIZE + 3; extdatalen = - _gnutls_gen_extensions (session, extdata, sizeof (extdata), GNUTLS_EXT_ANY); + _gnutls_gen_extensions (session, extdata, sizeof (extdata), + GNUTLS_EXT_ANY); if (extdatalen < 0) { @@ -2243,21 +2250,23 @@ _gnutls_send_server_hello (gnutls_session_t session, int again) data[pos++] = session_id_len; if (session_id_len > 0) { - memcpy (&data[pos], session->security_parameters.session_id, session_id_len); + memcpy (&data[pos], session->security_parameters.session_id, + session_id_len); } pos += session_id_len; _gnutls_handshake_log ("HSK[%p]: SessionID: %s\n", session, - _gnutls_bin2hex (session->security_parameters.session_id, session_id_len, - buf, sizeof (buf))); + _gnutls_bin2hex (session->security_parameters. + session_id, session_id_len, buf, + sizeof (buf))); memcpy (&data[pos], session->security_parameters.current_cipher_suite.suite, 2); pos += 2; comp = - (uint8_t) _gnutls_compression_get_num (session-> - internals.compression_method); + (uint8_t) _gnutls_compression_get_num (session->internals. + compression_method); data[pos++] = comp; @@ -2317,7 +2326,7 @@ _gnutls_recv_hello (gnutls_session_t session, opaque * data, int datalen) } } else - { /* Server side reading a client hello */ + { /* Server side reading a client hello */ ret = _gnutls_read_client_hello (session, data, datalen); if (ret < 0) @@ -2329,7 +2338,7 @@ _gnutls_recv_hello (gnutls_session_t session, opaque * data, int datalen) if (session->internals.priorities.disable_safe_renegotiation != 0) { - gnutls_assert(); + gnutls_assert (); return ret; } @@ -2340,10 +2349,9 @@ _gnutls_recv_hello (gnutls_session_t session, opaque * data, int datalen) { if ((ext->ri_extension_data_len < ext->client_verify_data_len) || (memcmp (ext->ri_extension_data, - ext->client_verify_data, - ext->client_verify_data_len))) + ext->client_verify_data, ext->client_verify_data_len))) { - gnutls_assert(); + gnutls_assert (); _gnutls_handshake_log ("Safe renegotiation failed [1]\n"); return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; } @@ -2356,16 +2364,16 @@ _gnutls_recv_hello (gnutls_session_t session, opaque * data, int datalen) ext->server_verify_data, ext->server_verify_data_len) != 0) { - gnutls_assert(); + gnutls_assert (); _gnutls_handshake_log ("Safe renegotiation failed [2]\n"); return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; } } - else /* Make sure there are 0 extra bytes */ + else /* Make sure there are 0 extra bytes */ { if (ext->ri_extension_data_len != ext->client_verify_data_len) { - gnutls_assert(); + gnutls_assert (); _gnutls_handshake_log ("Safe renegotiation failed [3]\n"); return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; } @@ -2373,12 +2381,13 @@ _gnutls_recv_hello (gnutls_session_t session, opaque * data, int datalen) _gnutls_handshake_log ("Safe renegotiation succeeded.\n"); } - else /* safe renegotiation not received... */ + else /* safe renegotiation not received... */ { if (session->internals.connection_using_safe_renegotiation) { - gnutls_assert(); - _gnutls_handshake_log ("Peer previously asked for safe renegotiation!\n"); + gnutls_assert (); + _gnutls_handshake_log + ("Peer previously asked for safe renegotiation!\n"); return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; } @@ -2392,7 +2401,7 @@ _gnutls_recv_hello (gnutls_session_t session, opaque * data, int datalen) } else { - gnutls_assert(); + gnutls_assert (); _gnutls_handshake_log ("Denying unsafe (re)negotiation.\n"); if (session->security_parameters.entity == GNUTLS_SERVER) /* send no renegotiation alert */ @@ -2403,13 +2412,14 @@ _gnutls_recv_hello (gnutls_session_t session, opaque * data, int datalen) } else { - if (session->internals.priorities.initial_safe_renegotiation==0) + if (session->internals.priorities.initial_safe_renegotiation == 0) { - _gnutls_handshake_log ("Allowing unsafe initial negotiation!\n"); + _gnutls_handshake_log + ("Allowing unsafe initial negotiation!\n"); } else { - gnutls_assert(); + gnutls_assert (); _gnutls_handshake_log ("Denying unsafe initial negotiation.\n"); return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; } @@ -2533,8 +2543,8 @@ _gnutls_handshake_hash_init (gnutls_session_t session) HANDSHAKE_MAC_TYPE_10) { ret = - _gnutls_hash_init (&session->internals.handshake_mac_handle. - tls10.md5, GNUTLS_MAC_MD5); + _gnutls_hash_init (&session->internals.handshake_mac_handle.tls10. + md5, GNUTLS_MAC_MD5); if (ret < 0) { @@ -2543,13 +2553,13 @@ _gnutls_handshake_hash_init (gnutls_session_t session) } ret = - _gnutls_hash_init (&session->internals.handshake_mac_handle. - tls10.sha, GNUTLS_MAC_SHA1); + _gnutls_hash_init (&session->internals.handshake_mac_handle.tls10. + sha, GNUTLS_MAC_SHA1); if (ret < 0) { gnutls_assert (); - _gnutls_hash_deinit (&session->internals. - handshake_mac_handle.tls10.md5, NULL); + _gnutls_hash_deinit (&session->internals.handshake_mac_handle. + tls10.md5, NULL); return GNUTLS_E_MEMORY_ERROR; } } @@ -2560,8 +2570,8 @@ _gnutls_handshake_hash_init (gnutls_session_t session) same as the one used as the basis for PRF. By now we use SHA256. */ ret = - _gnutls_hash_init (&session->internals.handshake_mac_handle. - tls12.sha256, GNUTLS_DIG_SHA256); + _gnutls_hash_init (&session->internals.handshake_mac_handle.tls12. + sha256, GNUTLS_DIG_SHA256); if (ret < 0) { gnutls_assert (); @@ -2569,13 +2579,13 @@ _gnutls_handshake_hash_init (gnutls_session_t session) } ret = - _gnutls_hash_init (&session->internals.handshake_mac_handle. - tls12.sha1, GNUTLS_DIG_SHA1); + _gnutls_hash_init (&session->internals.handshake_mac_handle.tls12. + sha1, GNUTLS_DIG_SHA1); if (ret < 0) { gnutls_assert (); - _gnutls_hash_deinit (&session->internals. - handshake_mac_handle.tls12.sha256, NULL); + _gnutls_hash_deinit (&session->internals.handshake_mac_handle. + tls12.sha256, NULL); return GNUTLS_E_MEMORY_ERROR; } } @@ -2741,13 +2751,11 @@ _gnutls_handshake_client (gnutls_session_t session) if (session->internals.resumed_security_parameters.session_id_size > 0) _gnutls_handshake_log ("HSK[%p]: Ask to resume: %s\n", session, - _gnutls_bin2hex (session->internals. - resumed_security_parameters. - session_id, - session->internals. - resumed_security_parameters. - session_id_size, buf, - sizeof (buf))); + _gnutls_bin2hex (session-> + internals.resumed_security_parameters.session_id, + session-> + internals.resumed_security_parameters.session_id_size, + buf, sizeof (buf))); #endif switch (STATE) diff --git a/lib/gnutls_kx.c b/lib/gnutls_kx.c index 3f7bff2afb..82e9702994 100644 --- a/lib/gnutls_kx.c +++ b/lib/gnutls_kx.c @@ -66,11 +66,13 @@ generate_normal_master (gnutls_session_t session, int keep_premaster) _gnutls_bin2hex (PREMASTER.data, PREMASTER.size, buf, sizeof (buf))); _gnutls_hard_log ("INT: CLIENT RANDOM[%d]: %s\n", 32, - _gnutls_bin2hex (session->security_parameters. - client_random, 32, buf, sizeof (buf))); + _gnutls_bin2hex (session-> + security_parameters.client_random, 32, + buf, sizeof (buf))); _gnutls_hard_log ("INT: SERVER RANDOM[%d]: %s\n", 32, - _gnutls_bin2hex (session->security_parameters. - server_random, 32, buf, sizeof (buf))); + _gnutls_bin2hex (session-> + security_parameters.server_random, 32, + buf, sizeof (buf))); if (gnutls_protocol_get_version (session) == GNUTLS_SSL3) { @@ -85,8 +87,8 @@ generate_normal_master (gnutls_session_t session, int keep_premaster) _gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size, rnd, 2 * GNUTLS_RANDOM_SIZE, GNUTLS_MASTER_SIZE, - session->security_parameters. - master_secret); + session-> + security_parameters.master_secret); } else if (session->security_parameters.extensions.oprfi_client_len > 0 && @@ -106,20 +108,24 @@ generate_normal_master (gnutls_session_t session, int keep_premaster) } _gnutls_hard_log ("INT: CLIENT OPRFI[%d]: %s\n", - session->security_parameters. - extensions.oprfi_server_len, - _gnutls_bin2hex (session->security_parameters. - extensions.oprfi_client, - session->security_parameters. - extensions.oprfi_client_len, buf, + session->security_parameters.extensions. + oprfi_server_len, + _gnutls_bin2hex (session-> + security_parameters.extensions. + oprfi_client, + session-> + security_parameters.extensions. + oprfi_client_len, buf, sizeof (buf))); _gnutls_hard_log ("INT: SERVER OPRFI[%d]: %s\n", - session->security_parameters. - extensions.oprfi_server_len, - _gnutls_bin2hex (session->security_parameters. - extensions.oprfi_server, - session->security_parameters. - extensions.oprfi_server_len, buf, + session->security_parameters.extensions. + oprfi_server_len, + _gnutls_bin2hex (session-> + security_parameters.extensions. + oprfi_server, + session-> + security_parameters.extensions. + oprfi_server_len, buf, sizeof (buf))); memcpy (rnd, session->security_parameters.client_random, @@ -170,9 +176,9 @@ generate_normal_master (gnutls_session_t session, int keep_premaster) return ret; _gnutls_hard_log ("INT: MASTER SECRET: %s\n", - _gnutls_bin2hex (session->security_parameters. - master_secret, GNUTLS_MASTER_SIZE, buf, - sizeof (buf))); + _gnutls_bin2hex (session-> + security_parameters.master_secret, + GNUTLS_MASTER_SIZE, buf, sizeof (buf))); return ret; } @@ -237,8 +243,8 @@ _gnutls_send_server_certificate_request (gnutls_session_t session, int again) int data_size = 0; int ret = 0; - if (session->internals.auth_struct-> - gnutls_generate_server_certificate_request == NULL) + if (session->internals. + auth_struct->gnutls_generate_server_certificate_request == NULL) return 0; if (session->internals.send_cert_req <= 0) @@ -250,8 +256,9 @@ _gnutls_send_server_certificate_request (gnutls_session_t session, int again) if (again == 0) { data_size = - session->internals.auth_struct-> - gnutls_generate_server_certificate_request (session, &data); + session->internals. + auth_struct->gnutls_generate_server_certificate_request (session, + &data); if (data_size < 0) { @@ -350,8 +357,8 @@ _gnutls_send_client_certificate_verify (gnutls_session_t session, int again) if (again == 0) { data_size = - session->internals.auth_struct-> - gnutls_generate_client_cert_vrfy (session, &data); + session->internals. + auth_struct->gnutls_generate_client_cert_vrfy (session, &data); if (data_size < 0) { gnutls_assert (); @@ -428,8 +435,8 @@ _gnutls_recv_server_certificate_request (gnutls_session_t session) int datasize; int ret = 0; - if (session->internals.auth_struct-> - gnutls_process_server_certificate_request != NULL) + if (session->internals. + auth_struct->gnutls_process_server_certificate_request != NULL) { ret = @@ -444,8 +451,9 @@ _gnutls_recv_server_certificate_request (gnutls_session_t session) return 0; /* ignored */ ret = - session->internals.auth_struct-> - gnutls_process_server_certificate_request (session, data, datasize); + session->internals. + auth_struct->gnutls_process_server_certificate_request (session, data, + datasize); gnutls_free (data); if (ret < 0) return ret; @@ -516,8 +524,8 @@ _gnutls_send_client_certificate (gnutls_session_t session, int again) /* TLS 1.0 or SSL 3.0 with a valid certificate */ data_size = - session->internals.auth_struct-> - gnutls_generate_client_certificate (session, &data); + session->internals. + auth_struct->gnutls_generate_client_certificate (session, &data); if (data_size < 0) { @@ -578,8 +586,8 @@ _gnutls_send_server_certificate (gnutls_session_t session, int again) if (again == 0) { data_size = - session->internals.auth_struct-> - gnutls_generate_server_certificate (session, &data); + session->internals. + auth_struct->gnutls_generate_server_certificate (session, &data); if (data_size < 0) { @@ -673,8 +681,9 @@ _gnutls_recv_client_certificate (gnutls_session_t session) return 0; } ret = - session->internals.auth_struct-> - gnutls_process_client_certificate (session, data, datasize); + session->internals. + auth_struct->gnutls_process_client_certificate (session, data, + datasize); gnutls_free (data); if (ret < 0 && ret != GNUTLS_E_NO_CERTIFICATE_FOUND) @@ -718,8 +727,9 @@ _gnutls_recv_server_certificate (gnutls_session_t session) } ret = - session->internals.auth_struct-> - gnutls_process_server_certificate (session, data, datasize); + session->internals. + auth_struct->gnutls_process_server_certificate (session, data, + datasize); gnutls_free (data); if (ret < 0) { @@ -769,8 +779,9 @@ _gnutls_recv_client_certificate_verify_message (gnutls_session_t session) } ret = - session->internals.auth_struct-> - gnutls_process_client_cert_vrfy (session, data, datasize); + session->internals. + auth_struct->gnutls_process_client_cert_vrfy (session, data, + datasize); gnutls_free (data); if (ret < 0) return ret; diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c index d9d480968c..39d9ee9380 100644 --- a/lib/gnutls_priority.c +++ b/lib/gnutls_priority.c @@ -453,8 +453,8 @@ gnutls_priority_set (gnutls_session_t session, gnutls_priority_t priority) */ if (session->internals.priorities.protocol.algorithms > 0) _gnutls_set_current_version (session, - session->internals.priorities. - protocol.priority[0]); + session->internals.priorities.protocol. + priority[0]); return 0; } @@ -728,15 +728,14 @@ gnutls_priority_init (gnutls_priority_t * priority_cache, else if (strcasecmp (&broken_list[i][1], "UNSAFE_RENEGOTIATION") == 0) (*priority_cache)->unsafe_renegotiation = 1; - else if (strcasecmp (&broken_list[i][1], - "SAFE_RENEGOTIATION") == 0) + else if (strcasecmp (&broken_list[i][1], "SAFE_RENEGOTIATION") == 0) (*priority_cache)->unsafe_renegotiation = 0; else if (strcasecmp (&broken_list[i][1], "INITIAL_SAFE_RENEGOTIATION") == 0) - { + { (*priority_cache)->unsafe_renegotiation = 0; (*priority_cache)->initial_safe_renegotiation = 1; - } + } else if (strcasecmp (&broken_list[i][1], "DISABLE_SAFE_RENEGOTIATION") == 0) (*priority_cache)->disable_safe_renegotiation = 1; diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c index 1ea5c2d94b..1f0e58a40a 100644 --- a/lib/gnutls_record.c +++ b/lib/gnutls_record.c @@ -371,8 +371,8 @@ _gnutls_send_int (gnutls_session_t session, content_type_t type, _gnutls_record_log ("REC[%p]: Sending Packet[%d] %s(%d) with length: %d\n", session, - (int) _gnutls_uint64touint32 (&session->connection_state. - write_sequence_number), + (int) _gnutls_uint64touint32 (&session-> + connection_state.write_sequence_number), _gnutls_packet2str (type), type, (int) sizeofdata); if (sizeofdata > MAX_RECORD_SEND_SIZE) @@ -904,12 +904,14 @@ begin: _gnutls_io_read_buffered (session, &headers, header_size, -1)) != header_size) { - _gnutls_handshake_log ("XXX[]: ret: %d %s\n", ret, gnutls_strerror(ret)); + _gnutls_handshake_log ("XXX[]: ret: %d %s\n", ret, + gnutls_strerror (ret)); if (ret < 0 && gnutls_error_is_fatal (ret) == 0) return ret; - _gnutls_handshake_log ("XXX2[]: ret: %d %s\n", ret, gnutls_strerror(ret)); + _gnutls_handshake_log ("XXX2[]: ret: %d %s\n", ret, + gnutls_strerror (ret)); session_invalidate (session); if (type == GNUTLS_ALERT) @@ -951,14 +953,13 @@ begin: _gnutls_record_log ("REC[%p]: Expected Packet[%d] %s(%d) with length: %d\n", session, - (int) _gnutls_uint64touint32 (&session->connection_state. - read_sequence_number), + (int) _gnutls_uint64touint32 (&session-> + connection_state.read_sequence_number), _gnutls_packet2str (type), type, (int) sizeofdata); _gnutls_record_log ("REC[%p]: Received Packet[%d] %s(%d) with length: %d\n", session, - (int) - _gnutls_uint64touint32 (&session->connection_state. - read_sequence_number), + (int) _gnutls_uint64touint32 (&session-> + connection_state.read_sequence_number), _gnutls_packet2str (recv_type), recv_type, length); if (length > MAX_RECV_SIZE) @@ -1037,8 +1038,8 @@ begin: _gnutls_record_log ("REC[%p]: Decrypted Packet[%d] %s(%d) with length: %d\n", session, - (int) _gnutls_uint64touint32 (&session->connection_state. - read_sequence_number), + (int) _gnutls_uint64touint32 (&session-> + connection_state.read_sequence_number), _gnutls_packet2str (recv_type), recv_type, decrypted_length); /* increase sequence number diff --git a/lib/gnutls_session_pack.c b/lib/gnutls_session_pack.c index 068f694248..e7edbd1013 100644 --- a/lib/gnutls_session_pack.c +++ b/lib/gnutls_session_pack.c @@ -282,8 +282,8 @@ pack_certificate_auth_info (gnutls_session_t session, */ packed_session->data = gnutls_malloc (packed_session->size + MAX_SEC_PARAMS + 2 + - session->security_parameters. - extensions.session_ticket_len); + session->security_parameters.extensions. + session_ticket_len); if (packed_session->data == NULL) { @@ -517,8 +517,8 @@ pack_srp_auth_info (gnutls_session_t session, gnutls_datum_t * packed_session) */ packed_session->data = gnutls_malloc (packed_session->size + MAX_SEC_PARAMS + 2 + - session->security_parameters. - extensions.session_ticket_len); + session->security_parameters.extensions. + session_ticket_len); if (packed_session->data == NULL) { @@ -624,8 +624,8 @@ pack_anon_auth_info (gnutls_session_t session, */ packed_session->data = gnutls_malloc (packed_session->size + MAX_SEC_PARAMS + 2 + - session->security_parameters. - extensions.session_ticket_len); + session->security_parameters.extensions. + session_ticket_len); if (packed_session->data == NULL) { @@ -779,7 +779,7 @@ pack_psk_auth_info (gnutls_session_t session, gnutls_datum_t * packed_session) hint_size = strlen (info->hint) + 1; /* include the terminating null */ pack_size = 1 + 4 + 4 + username_size + 4 + hint_size + - + 2 + 4 + info->dh.prime.size + 4 + info->dh.generator.size + + +2 + 4 + info->dh.prime.size + 4 + info->dh.generator.size + 4 + info->dh.public_key.size; } else @@ -791,8 +791,8 @@ pack_psk_auth_info (gnutls_session_t session, gnutls_datum_t * packed_session) */ packed_session->data = gnutls_malloc (packed_session->size + MAX_SEC_PARAMS + 2 + - session->security_parameters. - extensions.session_ticket_len); + session->security_parameters.extensions. + session_ticket_len); if (packed_session->data == NULL) { @@ -1067,8 +1067,9 @@ pack_security_parameters (gnutls_session_t session, session->security_parameters.extensions.srp_username, len); pos += len; - _gnutls_write_uint16 (session->security_parameters.extensions. - server_names_size, &packed_session->data[pos]); + _gnutls_write_uint16 (session->security_parameters. + extensions.server_names_size, + &packed_session->data[pos]); pos += 2; for (i = 0; i < session->security_parameters.extensions.server_names_size; @@ -1076,21 +1077,22 @@ pack_security_parameters (gnutls_session_t session, { packed_session->data[pos++] = session->security_parameters.extensions.server_names[i].type; - _gnutls_write_uint16 (session->security_parameters.extensions. - server_names[i].name_length, + _gnutls_write_uint16 (session->security_parameters. + extensions.server_names[i].name_length, &packed_session->data[pos]); pos += 2; memcpy (&packed_session->data[pos], session->security_parameters.extensions.server_names[i].name, - session->security_parameters.extensions.server_names[i]. - name_length); + session->security_parameters.extensions. + server_names[i].name_length); pos += session->security_parameters.extensions.server_names[i].name_length; } - _gnutls_write_uint16 (session->security_parameters.extensions. - session_ticket_len, &packed_session->data[pos]); + _gnutls_write_uint16 (session->security_parameters. + extensions.session_ticket_len, + &packed_session->data[pos]); pos += 2; memcpy (&packed_session->data[pos], session->security_parameters.extensions.session_ticket, @@ -1135,7 +1137,8 @@ unpack_security_parameters (gnutls_session_t session, return GNUTLS_E_INVALID_REQUEST; } - memset(&session->internals.resumed_security_parameters, 0, sizeof(session->internals.resumed_security_parameters)); + memset (&session->internals.resumed_security_parameters, 0, + sizeof (session->internals.resumed_security_parameters)); session->internals.resumed_security_parameters.entity = packed_session->data[pos++]; session->internals.resumed_security_parameters.kx_algorithm = @@ -1152,10 +1155,10 @@ unpack_security_parameters (gnutls_session_t session, packed_session->data[pos++]; session->internals.resumed_security_parameters.write_compression_algorithm = packed_session->data[pos++]; - session->internals.resumed_security_parameters.current_cipher_suite. - suite[0] = packed_session->data[pos++]; - session->internals.resumed_security_parameters.current_cipher_suite. - suite[1] = packed_session->data[pos++]; + session->internals.resumed_security_parameters. + current_cipher_suite.suite[0] = packed_session->data[pos++]; + session->internals.resumed_security_parameters. + current_cipher_suite.suite[1] = packed_session->data[pos++]; session->internals.resumed_security_parameters.cert_type = packed_session->data[pos++]; @@ -1204,46 +1207,48 @@ unpack_security_parameters (gnutls_session_t session, /* SRP */ len = packed_session->data[pos++]; /* srp username length */ - memcpy (session->internals.resumed_security_parameters.extensions. - srp_username, &packed_session->data[pos], len); - session->internals.resumed_security_parameters.extensions. - srp_username[len] = 0; + memcpy (session->internals.resumed_security_parameters. + extensions.srp_username, &packed_session->data[pos], len); + session->internals.resumed_security_parameters. + extensions.srp_username[len] = 0; pos += len; - session->internals.resumed_security_parameters.extensions. - server_names_size = _gnutls_read_uint16 (&packed_session->data[pos]); + session->internals.resumed_security_parameters. + extensions.server_names_size = + _gnutls_read_uint16 (&packed_session->data[pos]); pos += 2; for (i = 0; i < - session->internals.resumed_security_parameters.extensions. - server_names_size; i++) + session->internals.resumed_security_parameters. + extensions.server_names_size; i++) { - session->internals.resumed_security_parameters.extensions. - server_names[i].type = packed_session->data[pos++]; - session->internals.resumed_security_parameters.extensions. - server_names[i].name_length = + session->internals.resumed_security_parameters. + extensions.server_names[i].type = packed_session->data[pos++]; + session->internals.resumed_security_parameters. + extensions.server_names[i].name_length = _gnutls_read_uint16 (&packed_session->data[pos]); pos += 2; - memcpy (session->internals.resumed_security_parameters.extensions. - server_names[i].name, &packed_session->data[pos], - session->internals.resumed_security_parameters.extensions. - server_names[i].name_length); + memcpy (session->internals.resumed_security_parameters. + extensions.server_names[i].name, &packed_session->data[pos], + session->internals.resumed_security_parameters. + extensions.server_names[i].name_length); pos += - session->internals.resumed_security_parameters.extensions. - server_names[i].name_length; + session->internals.resumed_security_parameters. + extensions.server_names[i].name_length; } - session->internals.resumed_security_parameters.extensions. - session_ticket_len = _gnutls_read_uint16 (&packed_session->data[pos]); + session->internals.resumed_security_parameters. + extensions.session_ticket_len = + _gnutls_read_uint16 (&packed_session->data[pos]); pos += 2; session->internals.resumed_security_parameters.extensions.session_ticket = - gnutls_malloc (session->internals.resumed_security_parameters.extensions. - session_ticket_len); - memcpy (session->internals.resumed_security_parameters.extensions. - session_ticket, &packed_session->data[pos], - session->internals.resumed_security_parameters.extensions. - session_ticket_len); + gnutls_malloc (session->internals.resumed_security_parameters. + extensions.session_ticket_len); + memcpy (session->internals.resumed_security_parameters. + extensions.session_ticket, &packed_session->data[pos], + session->internals.resumed_security_parameters. + extensions.session_ticket_len); return 0; } diff --git a/lib/gnutls_sig.c b/lib/gnutls_sig.c index 0c78bf359b..693d06df75 100644 --- a/lib/gnutls_sig.c +++ b/lib/gnutls_sig.c @@ -326,11 +326,11 @@ _gnutls_verify_sig (gnutls_cert * cert, /* If the certificate supports signing continue. */ if (cert->key_usage != 0) - if (!(cert->key_usage & KEY_DIGITAL_SIGNATURE)) - { - gnutls_assert (); - return GNUTLS_E_KEY_USAGE_VIOLATION; - } + if (!(cert->key_usage & KEY_DIGITAL_SIGNATURE)) + { + gnutls_assert (); + return GNUTLS_E_KEY_USAGE_VIOLATION; + } if (pk_algo == GNUTLS_PK_UNKNOWN) pk_algo = cert->subject_pk_algorithm; @@ -589,11 +589,13 @@ _gnutls_handshake_verify_cert_vrfy (gnutls_session_t session, } _gnutls_mac_deinit_ssl3_handshake (&td_md5, concat, - session->security_parameters. - master_secret, GNUTLS_MASTER_SIZE); + session-> + security_parameters.master_secret, + GNUTLS_MASTER_SIZE); _gnutls_mac_deinit_ssl3_handshake (&td_sha, &concat[16], - session->security_parameters. - master_secret, GNUTLS_MASTER_SIZE); + session-> + security_parameters.master_secret, + GNUTLS_MASTER_SIZE); } else { @@ -660,8 +662,8 @@ _gnutls_handshake_sign_cert_vrfy12 (gnutls_session_t session, _gnutls_x509_log ("Server did not allow either '%s' or '%s' for signing\n", gnutls_mac_get_name (hash_algo), - gnutls_mac_get_name (session->internals. - handshake_mac_handle.tls12.sha1.algorithm)); + gnutls_mac_get_name (session->internals.handshake_mac_handle. + tls12.sha1.algorithm)); return ret; } } @@ -744,8 +746,9 @@ _gnutls_handshake_sign_cert_vrfy (gnutls_session_t session, } _gnutls_mac_deinit_ssl3_handshake (&td_sha, &concat[16], - session->security_parameters. - master_secret, GNUTLS_MASTER_SIZE); + session-> + security_parameters.master_secret, + GNUTLS_MASTER_SIZE); } else _gnutls_hash_deinit (&td_sha, &concat[16]); @@ -755,8 +758,8 @@ _gnutls_handshake_sign_cert_vrfy (gnutls_session_t session, case GNUTLS_PK_RSA: ret = _gnutls_hash_copy (&td_md5, - &session->internals.handshake_mac_handle. - tls10.md5); + &session->internals.handshake_mac_handle.tls10. + md5); if (ret < 0) { gnutls_assert (); @@ -765,8 +768,9 @@ _gnutls_handshake_sign_cert_vrfy (gnutls_session_t session, if (ver == GNUTLS_SSL3) _gnutls_mac_deinit_ssl3_handshake (&td_md5, concat, - session->security_parameters. - master_secret, GNUTLS_MASTER_SIZE); + session-> + security_parameters.master_secret, + GNUTLS_MASTER_SIZE); else _gnutls_hash_deinit (&td_md5, concat); diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index d770ecdd68..6cc8b68410 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -446,8 +446,8 @@ gnutls_deinit (gnutls_session_t session) } gnutls_free (session->security_parameters.extensions.session_ticket); - gnutls_free (session->internals.resumed_security_parameters.extensions. - session_ticket); + gnutls_free (session->internals.resumed_security_parameters. + extensions.session_ticket); memset (session, 0, sizeof (struct gnutls_session_int)); gnutls_free (session); @@ -1185,8 +1185,8 @@ gnutls_session_is_resumed (gnutls_session_t session) session->security_parameters.session_id_size == session->internals.resumed_security_parameters.session_id_size && memcmp (session->security_parameters.session_id, - session->internals.resumed_security_parameters. - session_id, + session->internals. + resumed_security_parameters.session_id, session->security_parameters.session_id_size) == 0) return 1; } @@ -1211,8 +1211,8 @@ _gnutls_session_is_export (gnutls_session_t session) gnutls_cipher_algorithm_t cipher; cipher = - _gnutls_cipher_suite_get_cipher_algo (&session->security_parameters. - current_cipher_suite); + _gnutls_cipher_suite_get_cipher_algo (&session-> + security_parameters.current_cipher_suite); if (_gnutls_cipher_get_export_flag (cipher) != 0) return 1; @@ -1233,8 +1233,8 @@ _gnutls_session_is_psk (gnutls_session_t session) gnutls_kx_algorithm_t kx; kx = - _gnutls_cipher_suite_get_kx_algo (&session->security_parameters. - current_cipher_suite); + _gnutls_cipher_suite_get_kx_algo (&session-> + security_parameters.current_cipher_suite); if (kx == GNUTLS_KX_PSK || kx == GNUTLS_KX_DHE_PSK) return 1; diff --git a/lib/gnutls_v2_compat.c b/lib/gnutls_v2_compat.c index 45cf8e356a..b5fe6bb193 100644 --- a/lib/gnutls_v2_compat.c +++ b/lib/gnutls_v2_compat.c @@ -179,9 +179,9 @@ _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data, */ if (_gnutls_get_kx_cred (session, - _gnutls_cipher_suite_get_kx_algo (&session->security_parameters. - current_cipher_suite), &err) == NULL - && err != 0) + _gnutls_cipher_suite_get_kx_algo (&session-> + security_parameters.current_cipher_suite), + &err) == NULL && err != 0) { gnutls_assert (); return GNUTLS_E_INSUFFICIENT_CREDENTIALS; @@ -193,8 +193,8 @@ _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data, */ session->internals.auth_struct = _gnutls_kx_auth_struct (_gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (session->internals.auth_struct == NULL) { @@ -247,8 +247,8 @@ _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data, else { _gnutls_generate_session_id (session->security_parameters.session_id, - &session->security_parameters. - session_id_size); + &session-> + security_parameters.session_id_size); session->internals.resumed = RESUME_FALSE; } diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c index 44a9042331..0177768de2 100644 --- a/lib/gnutls_x509.c +++ b/lib/gnutls_x509.c @@ -184,9 +184,9 @@ _gnutls_x509_cert_verify_peers (gnutls_session_t session, peer_certificate_list_size, cred->x509_ca_list, cred->x509_ncas, cred->x509_crl_list, cred->x509_ncrls, - cred->verify_flags | session-> - internals.priorities. - additional_verify_flags, status); + cred->verify_flags | session->internals. + priorities.additional_verify_flags, + status); CLEAR_CERTS; @@ -226,8 +226,8 @@ _gnutls_check_key_cert_match (gnutls_certificate_credentials_t res) 1].params_size, &kid); - _gnutls_x509_write_rsa_params (res->cert_list[res->ncerts - 1][0]. - params, + _gnutls_x509_write_rsa_params (res-> + cert_list[res->ncerts - 1][0].params, res->cert_list[res->ncerts - 1][0].params_size, &cid); } @@ -238,8 +238,8 @@ _gnutls_check_key_cert_match (gnutls_certificate_credentials_t res) res->pkey[res->ncerts - 1].params_size, &kid); - _gnutls_x509_write_dsa_params (res->cert_list[res->ncerts - 1][0]. - params, + _gnutls_x509_write_dsa_params (res-> + cert_list[res->ncerts - 1][0].params, res->cert_list[res->ncerts - 1][0].params_size, &cid); } diff --git a/lib/minitasn1/decoding.c b/lib/minitasn1/decoding.c index 6875baf2e3..648911a4b2 100644 --- a/lib/minitasn1/decoding.c +++ b/lib/minitasn1/decoding.c @@ -288,18 +288,20 @@ _asn1_get_objectid_der (const unsigned char *der, int der_len, int *ret_len, leading = 1; for (k = 1; k < len; k++) { - + /* X.690 mandates that the leading byte must never be 0x80 */ - if (leading != 0 && der[len_len + k] == 0x80) return ASN1_DER_ERROR; + if (leading != 0 && der[len_len + k] == 0x80) + return ASN1_DER_ERROR; leading = 0; /* check for wrap around */ val = val << 7; val |= der[len_len + k] & 0x7F; - if (val < prev_val) return ASN1_DER_ERROR; + if (val < prev_val) + return ASN1_DER_ERROR; prev_val = val; @@ -313,7 +315,7 @@ _asn1_get_objectid_der (const unsigned char *der, int der_len, int *ret_len, } } *ret_len = len + len_len; - + return ASN1_SUCCESS; } @@ -1053,8 +1055,9 @@ asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, move = RIGHT; break; case TYPE_OBJECT_ID: - result = _asn1_get_objectid_der (der + counter, len - counter, &len2, - temp, sizeof (temp)); + result = + _asn1_get_objectid_der (der + counter, len - counter, &len2, + temp, sizeof (temp)); if (result != ASN1_SUCCESS) { asn1_delete_structure (element); @@ -1668,12 +1671,13 @@ asn1_der_decoding_element (ASN1_TYPE * structure, const char *elementName, case TYPE_OBJECT_ID: if (state == FOUND) { - result = _asn1_get_objectid_der (der + counter, len - counter, &len2, - temp, sizeof (temp)); - if (result != ASN1_SUCCESS) - { - return result; - } + result = + _asn1_get_objectid_der (der + counter, len - counter, + &len2, temp, sizeof (temp)); + if (result != ASN1_SUCCESS) + { + return result; + } tlen = strlen (temp); diff --git a/lib/opencdk/read-packet.c b/lib/opencdk/read-packet.c index cae56f1dbf..c957a73908 100644 --- a/lib/opencdk/read-packet.c +++ b/lib/opencdk/read-packet.c @@ -361,8 +361,7 @@ read_secret_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_seckey_t sk) sk->protect.ivlen = 0; else { - sk->protect.ivlen = - gnutls_cipher_get_block_size (sk->protect.algo); + sk->protect.ivlen = gnutls_cipher_get_block_size (sk->protect.algo); if (!sk->protect.ivlen) return CDK_Inv_Packet; rc = stream_read (inp, sk->protect.iv, sk->protect.ivlen, &nread); diff --git a/lib/opencdk/sig-check.c b/lib/opencdk/sig-check.c index 5b68c71c19..5c7a0d5550 100644 --- a/lib/opencdk/sig-check.c +++ b/lib/opencdk/sig-check.c @@ -290,7 +290,7 @@ _cdk_pk_check_sig (cdk_keydb_hd_t keydb, if (is_selfsig) *is_selfsig = 0; if ((knode->pkt->pkttype != CDK_PKT_PUBLIC_KEY && - knode->pkt->pkttype != CDK_PKT_PUBLIC_SUBKEY) || + knode->pkt->pkttype != CDK_PKT_PUBLIC_SUBKEY) || snode->pkt->pkttype != CDK_PKT_SIGNATURE) { gnutls_assert (); @@ -627,7 +627,7 @@ cdk_pk_check_self_sig (cdk_kbnode_t key, int *r_status) *r_status = CDK_KEY_INVALID; return rc; } - else /* For each valid self sig we increase this counter. */ + else /* For each valid self sig we increase this counter. */ sig_ok++; } @@ -641,8 +641,8 @@ cdk_pk_check_self_sig (cdk_kbnode_t key, int *r_status) } } - /* No flags indicate a valid key. */ - *r_status = CDK_KEY_VALID; + /* No flags indicate a valid key. */ + *r_status = CDK_KEY_VALID; - return 0; + return 0; } diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c index 8bdb1c0cad..808dc5a6d3 100644 --- a/lib/x509/pkcs12.c +++ b/lib/x509/pkcs12.c @@ -1140,10 +1140,12 @@ write_attributes (gnutls_pkcs12_bag_t bag, int elem, result = _gnutls_x509_encode_and_write_attribute (KEY_ID_OID, c2, root, - bag->element[elem]. - local_key_id.data, - bag->element[elem]. - local_key_id.size, 1); + bag-> + element[elem].local_key_id. + data, + bag-> + element[elem].local_key_id. + size, 1); if (result < 0) { gnutls_assert (); diff --git a/lib/x509/verify.c b/lib/x509/verify.c index 88b6911a73..856fdd1db7 100644 --- a/lib/x509/verify.c +++ b/lib/x509/verify.c @@ -42,7 +42,8 @@ static int _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, const gnutls_x509_crt_t * trusted_cas, int tcas_size, unsigned int flags, - unsigned int *output, gnutls_x509_crt_t* issuer); + unsigned int *output, + gnutls_x509_crt_t * issuer); static int is_crl_issuer (gnutls_x509_crl_t crl, gnutls_x509_crt_t issuer_cert); @@ -267,7 +268,8 @@ static int _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, const gnutls_x509_crt_t * trusted_cas, int tcas_size, unsigned int flags, - unsigned int *output, gnutls_x509_crt_t *_issuer) + unsigned int *output, + gnutls_x509_crt_t * _issuer) { gnutls_datum_t cert_signed_data = { NULL, 0 }; gnutls_datum_t cert_signature = { NULL, 0 }; @@ -298,7 +300,8 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, return 0; } - if (_issuer != NULL) *_issuer = issuer; + if (_issuer != NULL) + *_issuer = issuer; issuer_version = gnutls_x509_crt_get_version (issuer); if (issuer_version < 0) @@ -401,10 +404,11 @@ gnutls_x509_crt_check_issuer (gnutls_x509_crt_t cert, return is_issuer (cert, issuer); } -static unsigned int check_time(gnutls_x509_crt_t crt, time_t now) +static unsigned int +check_time (gnutls_x509_crt_t crt, time_t now) { -int status = 0; -time_t t; + int status = 0; + time_t t; t = gnutls_x509_crt_get_activation_time (crt); if (t == (time_t) - 1 || now < t) @@ -421,7 +425,7 @@ time_t t; status |= GNUTLS_CERT_INVALID; return status; } - + return 0; } @@ -482,13 +486,14 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t * certificate_list, /* explicity time check for trusted CA that we remove from * list. GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS */ - if (!(flags&GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS) && !(flags&GNUTLS_VERIFY_DISABLE_TIME_CHECKS)) + if (!(flags & GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS) + && !(flags & GNUTLS_VERIFY_DISABLE_TIME_CHECKS)) { - status |= check_time(trusted_cas[j], now); + status |= check_time (trusted_cas[j], now); if (status != 0) - { - return status; - } + { + return status; + } } clist_size = i; break; @@ -510,7 +515,8 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t * certificate_list, * in self signed etc certificates. */ ret = _gnutls_verify_certificate2 (certificate_list[clist_size - 1], - trusted_cas, tcas_size, flags, &output, &issuer); + trusted_cas, tcas_size, flags, &output, + &issuer); if (ret == 0) { /* if the last certificate in the certificate @@ -545,24 +551,24 @@ _gnutls_x509_verify_certificate (const gnutls_x509_crt_t * certificate_list, if (!(flags & GNUTLS_VERIFY_DISABLE_TIME_CHECKS)) { /* check the time of the issuer first */ - if (!(flags&GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS)) - { - if (issuer == NULL) - { - gnutls_assert(); - return GNUTLS_E_INTERNAL_ERROR; - } - - status |= check_time(issuer, now); - if (status != 0) - { - return status; - } - } + if (!(flags & GNUTLS_VERIFY_DISABLE_TRUSTED_TIME_CHECKS)) + { + if (issuer == NULL) + { + gnutls_assert (); + return GNUTLS_E_INTERNAL_ERROR; + } + + status |= check_time (issuer, now); + if (status != 0) + { + return status; + } + } for (i = 0; i < clist_size; i++) { - status |= check_time(certificate_list[i], now); + status |= check_time (certificate_list[i], now); if (status != 0) { return status; @@ -1050,8 +1056,7 @@ gnutls_x509_crt_verify (gnutls_x509_crt_t cert, */ *verify = _gnutls_x509_verify_certificate (&cert, 1, - CA_list, CA_list_length, NULL, - 0, flags); + CA_list, CA_list_length, NULL, 0, flags); return 0; } diff --git a/libextra/gl/hmac-md5.c b/libextra/gl/hmac-md5.c index 5e457ece10..b56046a5ea 100644 --- a/libextra/gl/hmac-md5.c +++ b/libextra/gl/hmac-md5.c @@ -31,7 +31,7 @@ int hmac_md5 (const void *key, size_t keylen, - const void *in, size_t inlen, void *resbuf) + const void *in, size_t inlen, void *resbuf) { struct md5_ctx inner; struct md5_ctx outer; diff --git a/libextra/gl/md5.c b/libextra/gl/md5.c index 912738a500..c5c707312f 100644 --- a/libextra/gl/md5.c +++ b/libextra/gl/md5.c @@ -63,7 +63,7 @@ /* This array contains the bytes used to pad the buffer to the next 64-byte boundary. (RFC 1321, 3.1: Step 1) */ -static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ }; +static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ }; /* Initialize structure containing state of computation. @@ -129,13 +129,13 @@ md5_finish_ctx (struct md5_ctx *ctx, void *resbuf) return md5_read_ctx (ctx, resbuf); } -#if 0 /* Not needed by GnuTLS, and it has a large stack frame. */ +#if 0 /* Not needed by GnuTLS, and it has a large stack frame. */ /* Compute MD5 message digest for bytes read from STREAM. The resulting message digest number will be written into the 16 bytes beginning at RESBLOCK. */ int -md5_stream (FILE *stream, void *resblock) +md5_stream (FILE * stream, void *resblock) { struct md5_ctx ctx; size_t sum; @@ -158,33 +158,33 @@ md5_stream (FILE *stream, void *resblock) /* Read block. Take care for partial reads. */ while (1) - { - n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream); - - sum += n; - - if (sum == BLOCKSIZE) - break; - - if (n == 0) - { - /* Check for the error flag IFF N == 0, so that we don't - exit the loop after a partial read due to e.g., EAGAIN - or EWOULDBLOCK. */ - if (ferror (stream)) - { - free (buffer); - return 1; - } - goto process_partial_block; - } - - /* We've read at least one byte, so ignore errors. But always - check for EOF, since feof may be true even though N > 0. - Otherwise, we could end up calling fread after EOF. */ - if (feof (stream)) - goto process_partial_block; - } + { + n = fread (buffer + sum, 1, BLOCKSIZE - sum, stream); + + sum += n; + + if (sum == BLOCKSIZE) + break; + + if (n == 0) + { + /* Check for the error flag IFF N == 0, so that we don't + exit the loop after a partial read due to e.g., EAGAIN + or EWOULDBLOCK. */ + if (ferror (stream)) + { + free (buffer); + return 1; + } + goto process_partial_block; + } + + /* We've read at least one byte, so ignore errors. But always + check for EOF, since feof may be true even though N > 0. + Otherwise, we could end up calling fread after EOF. */ + if (feof (stream)) + goto process_partial_block; + } /* Process buffer with BLOCKSIZE bytes. Note that BLOCKSIZE % 64 == 0 @@ -239,15 +239,15 @@ md5_process_bytes (const void *buffer, size_t len, struct md5_ctx *ctx) ctx->buflen += add; if (ctx->buflen > 64) - { - md5_process_block (ctx->buffer, ctx->buflen & ~63, ctx); + { + md5_process_block (ctx->buffer, ctx->buflen & ~63, ctx); - ctx->buflen &= 63; - /* The regions in the following copy operation cannot overlap. */ - memcpy (ctx->buffer, - &((char *) ctx->buffer)[(left_over + add) & ~63], - ctx->buflen); - } + ctx->buflen &= 63; + /* The regions in the following copy operation cannot overlap. */ + memcpy (ctx->buffer, + &((char *) ctx->buffer)[(left_over + add) & ~63], + ctx->buflen); + } buffer = (const char *) buffer + add; len -= add; @@ -260,19 +260,19 @@ md5_process_bytes (const void *buffer, size_t len, struct md5_ctx *ctx) # define alignof(type) offsetof (struct { char c; type x; }, x) # define UNALIGNED_P(p) (((size_t) p) % alignof (uint32_t) != 0) if (UNALIGNED_P (buffer)) - while (len > 64) - { - md5_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx); - buffer = (const char *) buffer + 64; - len -= 64; - } + while (len > 64) + { + md5_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx); + buffer = (const char *) buffer + 64; + len -= 64; + } else #endif - { - md5_process_block (buffer, len & ~63, ctx); - buffer = (const char *) buffer + (len & ~63); - len &= 63; - } + { + md5_process_block (buffer, len & ~63, ctx); + buffer = (const char *) buffer + (len & ~63); + len &= 63; + } } /* Move remaining bytes in internal buffer. */ @@ -283,11 +283,11 @@ md5_process_bytes (const void *buffer, size_t len, struct md5_ctx *ctx) memcpy (&((char *) ctx->buffer)[left_over], buffer, len); left_over += len; if (left_over >= 64) - { - md5_process_block (ctx->buffer, 64, ctx); - left_over -= 64; - memcpy (ctx->buffer, &ctx->buffer[16], left_over); - } + { + md5_process_block (ctx->buffer, 64, ctx); + left_over -= 64; + memcpy (ctx->buffer, &ctx->buffer[16], left_over); + } ctx->buflen = left_over; } } diff --git a/src/benchmark.c b/src/benchmark.c index 0fe47dc4af..29d6474e8e 100644 --- a/src/benchmark.c +++ b/src/benchmark.c @@ -28,7 +28,7 @@ #include <gnutls/gnutls.h> #include <gnutls/crypto.h> #include <time.h> -#include "timespec.h" /* gnulib gettime */ +#include "timespec.h" /* gnulib gettime */ static unsigned char data[64 * 1024]; diff --git a/src/certtool.c b/src/certtool.c index 04224dceed..13f5fa3639 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -1123,10 +1123,11 @@ pgp_certificate_info (void) } - ret = gnutls_openpgp_crt_verify_self(crt, 0, &verify_status); - if (ret < 0) + ret = gnutls_openpgp_crt_verify_self (crt, 0, &verify_status); + if (ret < 0) { - error (EXIT_FAILURE, 0, "verify signature error: %s", gnutls_strerror (ret)); + error (EXIT_FAILURE, 0, "verify signature error: %s", + gnutls_strerror (ret)); } if (verify_status & GNUTLS_CERT_INVALID) @@ -1135,7 +1136,8 @@ pgp_certificate_info (void) } else { - fprintf (outfile, "Self Signature verification: ok (%x)\n\n", verify_status); + fprintf (outfile, "Self Signature verification: ok (%x)\n\n", + verify_status); } size = sizeof (buffer); @@ -1425,11 +1427,11 @@ print_crq_info (gnutls_x509_crq_t crq, FILE * out) int ret; size_t size; - if (info.outcert_format == GNUTLS_X509_FMT_PEM) + if (info.outcert_format == GNUTLS_X509_FMT_PEM) { ret = gnutls_x509_crq_print (crq, GNUTLS_CRT_PRINT_FULL, &cinfo); if (ret < 0) - error (EXIT_FAILURE, 0, "crq_print: %s", gnutls_strerror (ret)); + error (EXIT_FAILURE, 0, "crq_print: %s", gnutls_strerror (ret)); fprintf (out, "%s\n", cinfo.data); @@ -1982,7 +1984,7 @@ generate_request (void) if (ret < 0) error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (ret)); } - } + } ret = gnutls_x509_crq_set_key (crq, key); if (ret < 0) @@ -2146,7 +2148,8 @@ _verify_x509_mem (const void *cert, int cert_size) fprintf (outfile, "\tVerification output: "); print_verification_res (x509_cert_list[i - 2], x509_cert_list[i - 1], x509_crl_list, - x509_ncrls, GNUTLS_VERIFY_DO_NOT_ALLOW_SAME); + x509_ncrls, + GNUTLS_VERIFY_DO_NOT_ALLOW_SAME); fprintf (outfile, ".\n\n"); } @@ -2194,7 +2197,9 @@ _verify_x509_mem (const void *cert, int cert_size) x509_cert_list[x509_ncerts - 1], x509_crl_list, /* we add GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT since it is * self signed. */ - x509_ncrls, GNUTLS_VERIFY_DO_NOT_ALLOW_SAME|GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT); + x509_ncrls, + GNUTLS_VERIFY_DO_NOT_ALLOW_SAME | + GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT); fprintf (outfile, ".\n\n"); @@ -2206,7 +2211,8 @@ _verify_x509_mem (const void *cert, int cert_size) &x509_cert_list[x509_ncerts - 1], 1, x509_crl_list, x509_ncrls, - GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT|GNUTLS_VERIFY_DO_NOT_ALLOW_SAME, + GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT | + GNUTLS_VERIFY_DO_NOT_ALLOW_SAME, &verify_status); if (ret < 0) error (EXIT_FAILURE, 0, "gnutls_x509_crt_list_verify: %s", @@ -2256,13 +2262,14 @@ _verify_x509_mem (const void *cert, int cert_size) static void print_verification_res (gnutls_x509_crt_t crt, gnutls_x509_crt_t issuer, - gnutls_x509_crl_t * crl_list, int crl_list_size, unsigned int flags) + gnutls_x509_crl_t * crl_list, int crl_list_size, + unsigned int flags) { unsigned int output; int comma = 0; int ret; - ret = gnutls_x509_crt_verify (crt, &issuer, 1, flags , &output); + ret = gnutls_x509_crt_verify (crt, &issuer, 1, flags, &output); if (ret < 0) error (EXIT_FAILURE, 0, "verification error: %s", gnutls_strerror (ret)); @@ -318,10 +318,11 @@ load_keys (void) } -static int cert_verify_callback( gnutls_session_t session) +static int +cert_verify_callback (gnutls_session_t session) { -int rc; -unsigned int status; + int rc; + unsigned int status; if (!x509_cafile && !pgp_keyring) return 0; @@ -331,7 +332,7 @@ unsigned int status; { printf ("*** Verifying server certificate failed...\n"); if (!insecure) - return -1; + return -1; } return 0; @@ -836,7 +837,7 @@ after_handshake: if (FD_ISSET (fileno (stdin), &rset)) { - if ((bytes = read (fileno(stdin), buffer, MAX_BUF - 1)) < 0) + if ((bytes = read (fileno (stdin), buffer, MAX_BUF - 1)) < 0) { if (hd.secure == 0) { @@ -1042,7 +1043,7 @@ do_handshake (socket_st * socket) } else { - gnutls_alert_send_appropriate(socket->session, ret); + gnutls_alert_send_appropriate (socket->session, ret); shutdown (socket->fd, SHUT_RDWR); } return ret; diff --git a/src/serv.c b/src/serv.c index b1b82f6463..9b15a49ee5 100644 --- a/src/serv.c +++ b/src/serv.c @@ -126,11 +126,13 @@ static int wrap_db_delete (void *dbf, gnutls_datum_t key); #define HTTP_STATE_RESPONSE 2 #define HTTP_STATE_CLOSING 3 -LIST_TYPE_DECLARE (listener_item, char *http_request; - char *http_response; int request_length; - int response_length; int response_written; - int http_state; int listen_socket; - int fd; gnutls_session_t tls_session; int handshake_ok;); +LIST_TYPE_DECLARE (listener_item, char *http_request; char *http_response; + int request_length; int response_length; + int response_written; int http_state; + int listen_socket; int fd; + gnutls_session_t tls_session; + int handshake_ok; + ); static const char * safe_strerror (int value) @@ -502,7 +504,7 @@ peer_print_info (gnutls_session_t session, int *ret_length, http_buffer = malloc (len); if (http_buffer == NULL) { - free(crtinfo); + free (crtinfo); return NULL; } @@ -621,7 +623,7 @@ peer_print_info (gnutls_session_t session, int *ret_length, strcat (http_buffer, "<hr><PRE>"); strcat (http_buffer, crtinfo); strcat (http_buffer, "\n</PRE>\n"); - free(crtinfo); + free (crtinfo); } strcat (http_buffer, "<hr><P>Your HTTP header was:<PRE>"); @@ -791,18 +793,20 @@ get_response (gnutls_session_t session, char *request, } else { - fprintf(stderr, "received: %s\n", request); + fprintf (stderr, "received: %s\n", request); if (request[0] == request[1] && request[0] == '*') - { - if (strncmp(request, "**REHANDSHAKE**", sizeof("**REHANDSHAKE**")-1)==0) - { - fprintf(stderr, "*** Sending rehandshake request\n"); - gnutls_rehandshake(session); - } - *response = NULL; - *response_length = 0; - return; - } + { + if (strncmp + (request, "**REHANDSHAKE**", + sizeof ("**REHANDSHAKE**") - 1) == 0) + { + fprintf (stderr, "*** Sending rehandshake request\n"); + gnutls_rehandshake (session); + } + *response = NULL; + *response_length = 0; + return; + } *response = strdup (request); *response_length = ((*response) ? strlen (*response) : 0); } @@ -1222,7 +1226,8 @@ main (int argc, char **argv) ret = gnutls_alert_send_appropriate (j->tls_session, r); } - while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + while (ret == GNUTLS_E_AGAIN + || ret == GNUTLS_E_INTERRUPTED); j->http_state = HTTP_STATE_CLOSING; } else if (r == 0) @@ -1255,7 +1260,7 @@ main (int argc, char **argv) { if (r == GNUTLS_E_REHANDSHAKE) { - fprintf(stderr, "*** Received hello message\n"); + fprintf (stderr, "*** Received hello message\n"); do { r = gnutls_handshake (j->tls_session); @@ -1418,12 +1423,12 @@ main (int argc, char **argv) } } } - else - { + else + { j->request_length = 0; j->http_request[0] = 0; - j->http_state = HTTP_STATE_REQUEST; - } + j->http_state = HTTP_STATE_REQUEST; + } } } lloopend (listener_list, j); diff --git a/src/tests.c b/src/tests.c index 56ed808950..3bccf4aff8 100644 --- a/src/tests.c +++ b/src/tests.c @@ -116,15 +116,16 @@ char prio_str[256] = ""; #define ALL_KX "+RSA:+DHE-RSA:+DHE-DSS:+ANON-DH:+RSA-EXPORT" #define INIT_STR "NONE:" -static inline void _gnutls_priority_set_direct(gnutls_session_t session, const char* str) +static inline void +_gnutls_priority_set_direct (gnutls_session_t session, const char *str) { - const char* err; - int ret = gnutls_priority_set_direct(session, str, &err); - - if (ret < 0) + const char *err; + int ret = gnutls_priority_set_direct (session, str, &err); + + if (ret < 0) { - fprintf(stderr, "Error in %s\n", err); - exit(1); + fprintf (stderr, "Error in %s\n", err); + exit (1); } } @@ -141,7 +142,9 @@ test_server (gnutls_session_t session) buf[sizeof (buf) - 1] = 0; - sprintf(prio_str, ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" + ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -186,7 +189,9 @@ test_export (gnutls_session_t session) { int ret; - sprintf(prio_str, "+ARCFOUR-40:+RSA-EXPORT:"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + "+ARCFOUR-40:+RSA-EXPORT:" ALL_COMP ":" ALL_CERTTYPES ":%s:" + ALL_MACS ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -212,7 +217,9 @@ test_export_info (gnutls_session_t session) if (verbose == 0 || export_true == 0) return TEST_IGNORE; - sprintf(prio_str, "+ARCFOUR-40:+RSA-EXPORT:"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + "+ARCFOUR-40:+RSA-EXPORT:" ALL_COMP ":" ALL_CERTTYPES ":%s:" + ALL_MACS ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -255,7 +262,9 @@ test_dhe (gnutls_session_t session) { int ret; - sprintf(prio_str, ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":+DHE-RSA:+DHE-DSS:"REST, protocol_str); + sprintf (prio_str, + ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":+DHE-RSA:+DHE-DSS:" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -273,7 +282,9 @@ test_safe_renegotiation (gnutls_session_t session) { int ret; - sprintf(prio_str, ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":%%INITIAL_SAFE_RENEGOTIATION", protocol_str); + sprintf (prio_str, + ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" + ALL_KX ":%%INITIAL_SAFE_RENEGOTIATION", protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -288,7 +299,9 @@ test_safe_renegotiation_scsv (gnutls_session_t session) { int ret; - sprintf(prio_str, ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":+VERS-SSL3.0:"ALL_MACS":"ALL_KX":%%INITIAL_SAFE_RENEGOTIATION"); + sprintf (prio_str, + ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":+VERS-SSL3.0:" + ALL_MACS ":" ALL_KX ":%%INITIAL_SAFE_RENEGOTIATION"); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -308,7 +321,9 @@ test_dhe_group (gnutls_session_t session) if (verbose == 0 || pubkey.data == NULL) return TEST_IGNORE; - sprintf(prio_str, ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":+DHE-RSA:+DHE-DSS:"REST, protocol_str); + sprintf (prio_str, + ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":+DHE-RSA:+DHE-DSS:" REST, protocol_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -345,7 +360,9 @@ test_code_t test_ssl3 (gnutls_session_t session) { int ret; - sprintf(prio_str, ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":+VERS-SSL3.0:"ALL_MACS":"ALL_KX":"REST); + sprintf (prio_str, + ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":+VERS-SSL3.0:" + ALL_MACS ":" ALL_KX ":" REST); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -375,7 +392,9 @@ test_bye (gnutls_session_t session) signal (SIGALRM, got_alarm); #endif - sprintf(prio_str, ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" + ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -425,7 +444,9 @@ test_aes (gnutls_session_t session) { int ret; - sprintf(prio_str, INIT_STR "+AES-128-CBC:"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST , protocol_str); + sprintf (prio_str, + INIT_STR "+AES-128-CBC:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -440,7 +461,9 @@ test_camellia (gnutls_session_t session) { int ret; - sprintf(prio_str, INIT_STR "+CAMELLIA-128-CBC:"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR "+CAMELLIA-128-CBC:" ALL_COMP ":" ALL_CERTTYPES ":%s:" + ALL_MACS ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -455,7 +478,9 @@ test_openpgp1 (gnutls_session_t session) { int ret; - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":+CTYPE-OPENPGP:%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":+CTYPE-OPENPGP:%s:" ALL_MACS + ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -477,10 +502,14 @@ test_unknown_ciphersuites (gnutls_session_t session) #ifdef ENABLE_CAMELLIA - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); #else - sprintf(prio_str, INIT_STR "+AES-128-CBC:"ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR "+AES-128-CBC:" ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES + ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); #endif @@ -495,7 +524,9 @@ test_md5 (gnutls_session_t session) { int ret; - sprintf(prio_str, INIT_STR "+AES-128-CBC:"ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:+MD5:"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR "+AES-128-CBC:" ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES + ":%s:+MD5:" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -510,7 +541,9 @@ test_zlib (gnutls_session_t session) { int ret; - sprintf(prio_str, INIT_STR ALL_CIPHERS":+COMP-ZLIB:"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":+COMP-ZLIB:" ALL_CERTTYPES ":%s:" ALL_MACS + ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -525,7 +558,9 @@ test_sha (gnutls_session_t session) { int ret; - sprintf(prio_str, INIT_STR "+AES-128-CBC:"ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:+SHA1:"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR "+AES-128-CBC:" ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES + ":%s:+SHA1:" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -538,7 +573,9 @@ test_3des (gnutls_session_t session) { int ret; - sprintf(prio_str, INIT_STR "+3DES-CBC:"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR "+3DES-CBC:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -551,7 +588,9 @@ test_arcfour (gnutls_session_t session) { int ret; - sprintf(prio_str, INIT_STR "+ARCFOUR-128:"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR "+ARCFOUR-128:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -564,7 +603,9 @@ test_arcfour_40 (gnutls_session_t session) { int ret; - sprintf(prio_str, INIT_STR "+ARCFOUR-40:"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":""+RSA-EXPORT"":"REST, protocol_str); + sprintf (prio_str, + INIT_STR "+ARCFOUR-40:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":" "+RSA-EXPORT" ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -578,7 +619,9 @@ test_tls1 (gnutls_session_t session) { int ret; - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":+VERS-TLS1.0:"ALL_MACS":"ALL_KX":"REST); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES + ":+VERS-TLS1.0:" ALL_MACS ":" ALL_KX ":" REST); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -596,7 +639,9 @@ test_tls1_2 (gnutls_session_t session) { int ret; - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":+VERS-TLS1.2:"ALL_MACS":"ALL_KX":"REST); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES + ":+VERS-TLS1.2:" ALL_MACS ":" ALL_KX ":" REST); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -614,7 +659,9 @@ test_tls1_1 (gnutls_session_t session) { int ret; - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":+VERS-TLS1.1:"ALL_MACS":"ALL_KX":"REST); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES + ":+VERS-TLS1.1:" ALL_MACS ":" ALL_KX ":" REST); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -634,7 +681,10 @@ test_tls1_1_fallback (gnutls_session_t session) if (tls1_1_ok) return TEST_IGNORE; - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:"ALL_MACS":"ALL_KX":"REST); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES + ":+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:" ALL_MACS ":" ALL_KX ":" + REST); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -662,7 +712,9 @@ test_tls_disable (gnutls_session_t session) if (tls1_ok != 0) return TEST_IGNORE; - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -673,7 +725,7 @@ test_tls_disable (gnutls_session_t session) /* disable TLS 1.0 */ if (ssl3_ok != 0) { - strcpy(protocol_str, "+VERS-SSL3.0"); + strcpy (protocol_str, "+VERS-SSL3.0"); } } return ret; @@ -690,7 +742,9 @@ test_rsa_pms (gnutls_session_t session) * If the server is old, buggy and only supports * SSL 3.0 then the handshake will fail. */ - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":+RSA:"REST, protocol_str); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":+RSA:" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -707,7 +761,9 @@ test_code_t test_max_record_size (gnutls_session_t session) { int ret; - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); gnutls_record_set_max_size (session, 512); @@ -728,7 +784,9 @@ test_hello_extension (gnutls_session_t session) { int ret; - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); gnutls_record_set_max_size (session, 512); @@ -755,7 +813,9 @@ test_version_rollback (gnutls_session_t session) * attacks which allow a version downgrade) and this * connection will fail. */ - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); _gnutls_record_set_default_version (session, 3, 0); @@ -781,7 +841,9 @@ test_version_oob (gnutls_session_t session) /* here we enable both SSL 3.0 and TLS 1.0 * and we connect using a 5.5 record version. */ - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); _gnutls_record_set_default_version (session, 5, 5); @@ -802,7 +864,9 @@ test_rsa_pms_version_check (gnutls_session_t session) * * A normal server would abort this handshake. */ - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); _gnutls_rsa_pms_set_version (session, 5, 5); /* use SSL 5.5 version */ @@ -818,7 +882,9 @@ test_anonymous (gnutls_session_t session) { int ret; - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":+ANON-DH:"REST, protocol_str); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":+ANON-DH:" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_ANON, anon_cred); @@ -841,7 +907,9 @@ test_session_resume2 (gnutls_session_t session) if (session == NULL) return TEST_IGNORE; - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -884,7 +952,9 @@ test_certificate (gnutls_session_t session) if (verbose == 0) return TEST_IGNORE; - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); @@ -949,7 +1019,9 @@ test_server_cas (gnutls_session_t session) if (verbose == 0) return TEST_IGNORE; - sprintf(prio_str, INIT_STR ALL_CIPHERS":"ALL_COMP":"ALL_CERTTYPES":%s:"ALL_MACS":"ALL_KX":"REST, protocol_str); + sprintf (prio_str, + INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS + ":" ALL_KX ":" REST, protocol_str); _gnutls_priority_set_direct (session, prio_str); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); diff --git a/src/tls_test.c b/src/tls_test.c index e3989f560f..72cf42853f 100644 --- a/src/tls_test.c +++ b/src/tls_test.c @@ -80,8 +80,10 @@ typedef struct } TLS_TEST; static const TLS_TEST tls_tests[] = { - {"for Safe renegotiation support", test_safe_renegotiation, "yes", "no", "dunno"}, - {"for Safe renegotiation support (SCSV)", test_safe_renegotiation_scsv, "yes", "no", "dunno"}, + {"for Safe renegotiation support", test_safe_renegotiation, "yes", "no", + "dunno"}, + {"for Safe renegotiation support (SCSV)", test_safe_renegotiation_scsv, + "yes", "no", "dunno"}, {"for TLS 1.2 support", test_tls1_2, "yes", "no", "dunno"}, {"for TLS 1.1 support", test_tls1_1, "yes", "no", "dunno"}, {"fallback from TLS 1.1 to", test_tls1_1_fallback, "TLS 1.0", "failed", diff --git a/tests/anonself.c b/tests/anonself.c index 9b0753e8e4..51eb885de3 100644 --- a/tests/anonself.c +++ b/tests/anonself.c @@ -102,18 +102,22 @@ client (void) } else { - if (debug) success ("client: Handshake was completed\n"); + if (debug) + success ("client: Handshake was completed\n"); } - if (debug) success ("client: TLS version is: %s\n", - gnutls_protocol_get_name (gnutls_protocol_get_version (session))); + if (debug) + success ("client: TLS version is: %s\n", + gnutls_protocol_get_name (gnutls_protocol_get_version + (session))); gnutls_record_send (session, MSG, strlen (MSG)); ret = gnutls_record_recv (session, buffer, MAX_BUF); if (ret == 0) { - if (debug) success ("client: Peer has closed the TLS connection\n"); + if (debug) + success ("client: Peer has closed the TLS connection\n"); goto end; } else if (ret < 0) @@ -126,9 +130,9 @@ client (void) { printf ("- Received %d bytes: ", ret); for (ii = 0; ii < ret; ii++) - { - fputc (buffer[ii], stdout); - } + { + fputc (buffer[ii], stdout); + } fputs ("\n", stdout); } @@ -239,7 +243,8 @@ server_start (void) return; } - if (debug) success ("server: ready. Listening to port '%d'.\n", PORT); + if (debug) + success ("server: ready. Listening to port '%d'.\n", PORT); } static void @@ -255,7 +260,8 @@ server (void) gnutls_anon_allocate_server_credentials (&anoncred); - if (debug) success ("Launched, generating DH parameters...\n"); + if (debug) + success ("Launched, generating DH parameters...\n"); generate_dh_params (); @@ -267,9 +273,10 @@ server (void) sd = accept (listen_sd, (SA *) & sa_cli, &client_len); - if (debug) success ("server: connection from %s, port %d\n", - inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, - sizeof (topbuf)), ntohs (sa_cli.sin_port)); + if (debug) + success ("server: connection from %s, port %d\n", + inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, + sizeof (topbuf)), ntohs (sa_cli.sin_port)); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); ret = gnutls_handshake (session); @@ -280,10 +287,13 @@ server (void) fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret)); return; } - if (debug) success ("server: Handshake was completed\n"); + if (debug) + success ("server: Handshake was completed\n"); - if (debug) success ("server: TLS version is: %s\n", - gnutls_protocol_get_name (gnutls_protocol_get_version (session))); + if (debug) + success ("server: TLS version is: %s\n", + gnutls_protocol_get_name (gnutls_protocol_get_version + (session))); /* see the Getting peer's information example */ /* print_info(session); */ @@ -296,7 +306,8 @@ server (void) if (ret == 0) { - if (debug) success ("server: Peer has closed the GNUTLS connection\n"); + if (debug) + success ("server: Peer has closed the GNUTLS connection\n"); break; } else if (ret < 0) @@ -326,7 +337,8 @@ server (void) gnutls_global_deinit (); - if (debug) success ("server: finished\n"); + if (debug) + success ("server: finished\n"); } void diff --git a/tests/certder.c b/tests/certder.c index 3baa22d72f..054aa51c0b 100644 --- a/tests/certder.c +++ b/tests/certder.c @@ -325,7 +325,8 @@ doit (void) if (ret != GNUTLS_E_ASN1_DER_ERROR) fail ("crt3_import %d\n", ret); - if (debug) success ("done\n"); + if (debug) + success ("done\n"); gnutls_x509_crt_deinit (cert); diff --git a/tests/chainverify.c b/tests/chainverify.c index 60bd0361e6..6a31220b8c 100644 --- a/tests/chainverify.c +++ b/tests/chainverify.c @@ -756,7 +756,8 @@ tls_log_func (int level, const char *str) fprintf (stderr, "|<%d>| %s", level, str); } -void doit (void) +void +doit (void) { int exit_val = 0; size_t i; @@ -766,7 +767,7 @@ void doit (void) if (ret != 0) { fail ("%d: %s\n", ret, gnutls_strerror (ret)); - exit(EXIT_FAILURE); + exit (EXIT_FAILURE); } gnutls_global_set_log_function (tls_log_func); @@ -781,11 +782,13 @@ void doit (void) gnutls_datum_t tmp; size_t j; - if (debug) printf ("Chain '%s' (%d)...\n", chains[i].name, (int) i); + if (debug) + printf ("Chain '%s' (%d)...\n", chains[i].name, (int) i); for (j = 0; chains[i].chain[j]; j++) { - if (debug) printf ("\tAdding certificate %d...", (int) j); + if (debug) + printf ("\tAdding certificate %d...", (int) j); ret = gnutls_x509_crt_init (&certs[j]); if (ret < 0) @@ -796,17 +799,20 @@ void doit (void) tmp.size = strlen (chains[i].chain[j]); ret = gnutls_x509_crt_import (certs[j], &tmp, GNUTLS_X509_FMT_PEM); - if (debug) printf ("done\n"); + if (debug) + printf ("done\n"); if (ret < 0) error (EXIT_FAILURE, 0, "gnutls_x509_crt_import[%d,%d]: %s", (int) i, (int) j, gnutls_strerror (ret)); gnutls_x509_crt_print (certs[j], GNUTLS_CRT_PRINT_ONELINE, &tmp); - if (debug) printf ("\tCertificate %d: %.*s\n", (int) j, tmp.size, tmp.data); + if (debug) + printf ("\tCertificate %d: %.*s\n", (int) j, tmp.size, tmp.data); gnutls_free (tmp.data); } - if (debug) printf ("\tAdding CA certificate..."); + if (debug) + printf ("\tAdding CA certificate..."); ret = gnutls_x509_crt_init (&ca); if (ret < 0) @@ -821,13 +827,16 @@ void doit (void) error (EXIT_FAILURE, 0, "gnutls_x509_crt_import: %s", gnutls_strerror (ret)); - if (debug) printf ("done\n"); + if (debug) + printf ("done\n"); gnutls_x509_crt_print (ca, GNUTLS_CRT_PRINT_ONELINE, &tmp); - if (debug) printf ("\tCA Certificate: %.*s\n", tmp.size, tmp.data); + if (debug) + printf ("\tCA Certificate: %.*s\n", tmp.size, tmp.data); gnutls_free (tmp.data); - if (debug) printf ("\tVerifying..."); + if (debug) + printf ("\tVerifying..."); ret = gnutls_x509_crt_list_verify (certs, j, &ca, 1, NULL, 0, @@ -835,29 +844,33 @@ void doit (void) &verify_status); if (ret < 0) error (EXIT_FAILURE, 0, "gnutls_x509_crt_list_verify[%d,%d]: %s", - (int)i, (int)j, gnutls_strerror (ret)); + (int) i, (int) j, gnutls_strerror (ret)); if (verify_status != chains[i].expected_verify_result) { - fail("verify_status: %d expected: %d", - verify_status, chains[i].expected_verify_result); - - if (debug) exit(1); + fail ("verify_status: %d expected: %d", + verify_status, chains[i].expected_verify_result); + + if (debug) + exit (1); } else if (debug) printf ("done\n"); - if (debug) printf ("\tCleanup..."); + if (debug) + printf ("\tCleanup..."); gnutls_x509_crt_deinit (ca); for (j = 0; chains[i].chain[j]; j++) gnutls_x509_crt_deinit (certs[j]); - if (debug) printf ("done\n"); + if (debug) + printf ("done\n"); } gnutls_global_deinit (); - if (debug) printf ("Exit status...%d\n", exit_val); + if (debug) + printf ("Exit status...%d\n", exit_val); - exit(exit_val); + exit (exit_val); } diff --git a/tests/crq_apis.c b/tests/crq_apis.c index bc71544a0e..d1b8dec00e 100644 --- a/tests/crq_apis.c +++ b/tests/crq_apis.c @@ -127,13 +127,13 @@ doit (void) s = 0; ret = gnutls_x509_crq_get_challenge_password (crq, NULL, &s); if (ret != 0 || s != 3) - fail ("gnutls_x509_crq_get_challenge_password2 %d/%d\n", ret, (int)s); + fail ("gnutls_x509_crq_get_challenge_password2 %d/%d\n", ret, (int) s); s = 10; ret = gnutls_x509_crq_get_challenge_password (crq, smallbuf, &s); if (ret != 0 || s != 3 || strcmp (smallbuf, "foo") != 0) fail ("gnutls_x509_crq_get_challenge_password3 %d/%d/%s\n", - ret,(int) s, smallbuf); + ret, (int) s, smallbuf); s = 0; ret = gnutls_x509_crq_get_extension_info (crq, 0, NULL, &s, NULL); @@ -190,7 +190,8 @@ doit (void) ret = gnutls_x509_crq_print (crq, GNUTLS_CRT_PRINT_FULL, &out); if (ret != 0) fail ("gnutls_x509_crq_print\n"); - if (debug) printf ("crq: %.*s\n", out.size, out.data); + if (debug) + printf ("crq: %.*s\n", out.size, out.data); gnutls_free (out.data); ret = gnutls_x509_crt_set_version (crt, 3); @@ -204,7 +205,8 @@ doit (void) ret = gnutls_x509_crt_print (crt, GNUTLS_CRT_PRINT_FULL, &out); if (ret != 0) fail ("gnutls_x509_crt_print\n"); - if (debug) printf ("crt: %.*s\n", out.size, out.data); + if (debug) + printf ("crt: %.*s\n", out.size, out.data); gnutls_free (out.data); gnutls_x509_crq_deinit (crq); diff --git a/tests/crq_key_id.c b/tests/crq_key_id.c index 7f28ef6496..16db47defa 100644 --- a/tests/crq_key_id.c +++ b/tests/crq_key_id.c @@ -150,7 +150,8 @@ doit (void) ret = memcmp (crq_key_id, pkey_key_id, crq_key_id_len); if (ret == 0) { - if (debug) success ("Key ids are identical. OK.\n"); + if (debug) + success ("Key ids are identical. OK.\n"); } else { @@ -160,7 +161,7 @@ doit (void) else { fail ("Key_id lengths differ incorrectly: %d - %d\n", - (int)crq_key_id_len, (int)pkey_key_id_len); + (int) crq_key_id_len, (int) pkey_key_id_len); } diff --git a/tests/cve-2008-4989.c b/tests/cve-2008-4989.c index ca38db53e0..16a9fd121e 100644 --- a/tests/cve-2008-4989.c +++ b/tests/cve-2008-4989.c @@ -165,7 +165,7 @@ main (int argc, char *argv[]) { ret = gnutls_x509_crt_init (&certs[i]); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_crt_init[%d]: %s", (int)i, + error (EXIT_FAILURE, 0, "gnutls_x509_crt_init[%d]: %s", (int) i, gnutls_strerror (ret)); tmp.data = (char *) pem_certs[i]; @@ -173,7 +173,7 @@ main (int argc, char *argv[]) ret = gnutls_x509_crt_import (certs[i], &tmp, GNUTLS_X509_FMT_PEM); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_crt_import[%d]: %s", (int)i, + error (EXIT_FAILURE, 0, "gnutls_x509_crt_import[%d]: %s", (int) i, gnutls_strerror (ret)); } @@ -196,7 +196,7 @@ main (int argc, char *argv[]) GNUTLS_VERIFY_DISABLE_TIME_CHECKS, &verify_status); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_crt_list_verify[%d]: %s", (int)i, + error (EXIT_FAILURE, 0, "gnutls_x509_crt_list_verify[%d]: %s", (int) i, gnutls_strerror (ret)); if (verify_status != (GNUTLS_CERT_SIGNER_NOT_FOUND | GNUTLS_CERT_INVALID)) @@ -228,7 +228,7 @@ main (int argc, char *argv[]) GNUTLS_VERIFY_DISABLE_TIME_CHECKS, &verify_status); if (ret < 0) - error (EXIT_FAILURE, 0, "gnutls_x509_crt_list_verify[%d]: %s", (int)i, + error (EXIT_FAILURE, 0, "gnutls_x509_crt_list_verify[%d]: %s", (int) i, gnutls_strerror (ret)); if (verify_status != 0) diff --git a/tests/dhepskself.c b/tests/dhepskself.c index d3493f2d8a..5b65119174 100644 --- a/tests/dhepskself.c +++ b/tests/dhepskself.c @@ -102,7 +102,8 @@ client (void) } else { - if (debug) success ("client: Handshake was completed\n"); + if (debug) + success ("client: Handshake was completed\n"); } gnutls_record_send (session, MSG, strlen (MSG)); @@ -110,7 +111,8 @@ client (void) ret = gnutls_record_recv (session, buffer, MAX_BUF); if (ret == 0) { - if (debug) success ("client: Peer has closed the TLS connection\n"); + if (debug) + success ("client: Peer has closed the TLS connection\n"); goto end; } else if (ret < 0) @@ -123,7 +125,7 @@ client (void) { printf ("- Received %d bytes: ", ret); for (ii = 0; ii < ret; ii++) - fputc (buffer[ii], stdout); + fputc (buffer[ii], stdout); fputs ("\n", stdout); } @@ -185,7 +187,8 @@ generate_dh_params (void) static int pskfunc (gnutls_session_t session, const char *username, gnutls_datum_t * key) { - if (debug) printf ("psk callback to get %s's password\n", username); + if (debug) + printf ("psk callback to get %s's password\n", username); key->data = gnutls_malloc (4); key->data[0] = 0xDE; key->data[1] = 0xAD; @@ -208,7 +211,8 @@ int optval = 1; static void server_start (void) { - if (debug) success ("Launched, generating DH parameters...\n"); + if (debug) + success ("Launched, generating DH parameters...\n"); /* Socket operations */ @@ -244,7 +248,8 @@ server_start (void) return; } - if (debug) success ("server: ready. Listening to port '%d'.\n", PORT); + if (debug) + success ("server: ready. Listening to port '%d'.\n", PORT); } static void @@ -270,9 +275,10 @@ server (void) sd = accept (listen_sd, (SA *) & sa_cli, &client_len); - if (debug) success ("server: connection from %s, port %d\n", - inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, - sizeof (topbuf)), ntohs (sa_cli.sin_port)); + if (debug) + success ("server: connection from %s, port %d\n", + inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, + sizeof (topbuf)), ntohs (sa_cli.sin_port)); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); ret = gnutls_handshake (session); @@ -283,7 +289,8 @@ server (void) fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret)); return; } - if (debug) success ("server: Handshake was completed\n"); + if (debug) + success ("server: Handshake was completed\n"); /* see the Getting peer's information example */ /* print_info(session); */ @@ -296,7 +303,8 @@ server (void) if (ret == 0) { - if (debug) success ("server: Peer has closed the GNUTLS connection\n"); + if (debug) + success ("server: Peer has closed the GNUTLS connection\n"); break; } else if (ret < 0) @@ -326,7 +334,8 @@ server (void) gnutls_global_deinit (); - if (debug) success ("server: finished\n"); + if (debug) + success ("server: finished\n"); } void diff --git a/tests/dn.c b/tests/dn.c index 66ac122a17..5500e690c4 100644 --- a/tests/dn.c +++ b/tests/dn.c @@ -126,7 +126,8 @@ doit (void) print_dn (xdn); } - if (debug) success ("done\n"); + if (debug) + success ("done\n"); gnutls_x509_crt_deinit (cert); gnutls_global_deinit (); diff --git a/tests/dn2.c b/tests/dn2.c index 9b21690ec9..f9493b9077 100644 --- a/tests/dn2.c +++ b/tests/dn2.c @@ -92,11 +92,12 @@ doit (void) if (out.size != strlen (info) || strcmp (out.data, info) != 0) fail ("comparison fail (%d/%d)\nexpect: %s\n got: %.*s\n", - out.size, (int)strlen (info), info, out.size, out.data); + out.size, (int) strlen (info), info, out.size, out.data); gnutls_x509_crt_deinit (cert); gnutls_global_deinit (); gnutls_free (out.data); - if (debug) success ("done\n"); + if (debug) + success ("done\n"); } diff --git a/tests/finished.c b/tests/finished.c index 58df1afeba..1b2ad94fea 100644 --- a/tests/finished.c +++ b/tests/finished.c @@ -49,7 +49,8 @@ size_t to_client_len; static ssize_t client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) { - if (debug) success ("client_pull len %d has %d\n", (int)len, (int)to_client_len); + if (debug) + success ("client_pull len %d has %d\n", (int) len, (int) to_client_len); if (to_client_len < len) { @@ -71,9 +72,9 @@ client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) size_t newlen = to_server_len + len; char *tmp; - if (debug) + if (debug) { - success ("client_push len %d has %d\n", (int)len, (int)to_server_len); + success ("client_push len %d has %d\n", (int) len, (int) to_server_len); hexprint (data, len); } @@ -94,7 +95,8 @@ client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) static ssize_t server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) { - if (debug) success ("server_pull len %d has %d\n", (int)len, (int)to_server_len); + if (debug) + success ("server_pull len %d has %d\n", (int) len, (int) to_server_len); if (to_server_len < len) { @@ -116,9 +118,9 @@ server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) size_t newlen = to_client_len + len; char *tmp; - if (debug) + if (debug) { - success ("server_push len %d has %d\n", (int)len, (int)to_client_len); + success ("server_push len %d has %d\n", (int) len, (int) to_client_len); hexprint (data, len); } @@ -140,9 +142,9 @@ static void client_finished_callback (gnutls_session_t session, const void *finished, size_t len) { - if (debug) + if (debug) { - success ("client finished (length %d)\n", (int)len); + success ("client finished (length %d)\n", (int) len); hexprint (finished, len); } } @@ -151,9 +153,9 @@ static void server_finished_callback (gnutls_session_t session, const void *finished, size_t len) { - if (debug) + if (debug) { - success ("server finished (length %d)\n", (int)len); + success ("server finished (length %d)\n", (int) len); hexprint (finished, len); } } @@ -214,24 +216,30 @@ doit (void) { if (cret == GNUTLS_E_AGAIN) { - if (debug) success ("loop invoking client:\n"); + if (debug) + success ("loop invoking client:\n"); cret = gnutls_handshake (client); - if (debug) success ("client %d: %s\n", cret, gnutls_strerror (cret)); + if (debug) + success ("client %d: %s\n", cret, gnutls_strerror (cret)); } if (sret == GNUTLS_E_AGAIN) { - if (debug) success ("loop invoking server:\n"); + if (debug) + success ("loop invoking server:\n"); sret = gnutls_handshake (server); - if (debug) success ("server %d: %s\n", sret, gnutls_strerror (sret)); + if (debug) + success ("server %d: %s\n", sret, gnutls_strerror (sret)); } } while (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN); - if (debug) success ("Handshake established\n"); + if (debug) + success ("Handshake established\n"); ns = gnutls_record_send (client, MSG, strlen (MSG)); - if (debug) success ("client: sent %d\n", (int)ns); + if (debug) + success ("client: sent %d\n", (int) ns); ret = gnutls_record_recv (server, buffer, MAX_BUF); if (ret == 0) @@ -247,7 +255,8 @@ doit (void) } ns = gnutls_record_send (server, MSG, strlen (MSG)); - if (debug) success ("server: sent %d\n", (int)ns); + if (debug) + success ("server: sent %d\n", (int) ns); ret = gnutls_record_recv (client, buffer, MAX_BUF); if (ret == 0) diff --git a/tests/gc.c b/tests/gc.c index 47c927b8de..b0aaed8145 100644 --- a/tests/gc.c +++ b/tests/gc.c @@ -49,9 +49,10 @@ doit (void) { if (memcmp (digest, "\x3c\xb0\x9d\x83\x28\x01\xef\xc0" "\x7b\xb3\xaf\x42\x69\xe5\x93\x9a", 16) == 0) - { - if (debug) success ("_gnutls_hmac_fast(MD5) OK\n"); - } + { + if (debug) + success ("_gnutls_hmac_fast(MD5) OK\n"); + } else { hexprint (digest, 16); @@ -69,9 +70,10 @@ doit (void) if (memcmp (digest, "\x58\x93\x7a\x58\xfe\xea\x82\xf8" "\x0e\x64\x62\x01\x40\x2b\x2c\xed\x5d\x54\xc1\xfa", 20) == 0) - { - if (debug) success ("_gnutls_hmac_fast(SHA1) OK\n"); - } + { + if (debug) + success ("_gnutls_hmac_fast(SHA1) OK\n"); + } else { hexprint (digest, 20); @@ -87,8 +89,9 @@ doit (void) if (memcmp (digest, "\x09\xb7\x85\x57\xdd\xf6\x07\x15" "\x1c\x52\x34\xde\xba\x5c\xdc\x59", 16) == 0) { - if (debug) success ("_gnutls_pkcs5_pbkdf2_sha1() OK\n"); - } + if (debug) + success ("_gnutls_pkcs5_pbkdf2_sha1() OK\n"); + } else { hexprint (digest, 16); diff --git a/tests/hostname-check.c b/tests/hostname-check.c index 5e9328d807..29d6278c20 100644 --- a/tests/hostname-check.c +++ b/tests/hostname-check.c @@ -693,7 +693,8 @@ doit (void) fail ("gnutls_openpgp_crt_init: %d\n", ret); #endif - if (debug) success ("Testing pem1...\n"); + if (debug) + success ("Testing pem1...\n"); data.data = pem1; data.size = strlen (pem1); @@ -705,7 +706,8 @@ doit (void) if (ret) fail ("Hostname incorrectly matches (%d)\n", ret); - if (debug) success ("Testing pem2...\n"); + if (debug) + success ("Testing pem2...\n"); data.data = pem2; data.size = strlen (pem2); @@ -725,7 +727,8 @@ doit (void) if (ret) fail ("Hostname incorrectly matches (%d)\n", ret); - if (debug) success ("Testing pem3...\n"); + if (debug) + success ("Testing pem3...\n"); data.data = pem3; data.size = strlen (pem3); @@ -745,7 +748,8 @@ doit (void) if (ret) fail ("Hostname incorrectly matches (%d)\n", ret); - if (debug) success ("Testing pem4...\n"); + if (debug) + success ("Testing pem4...\n"); data.data = pem4; data.size = strlen (pem4); @@ -769,7 +773,8 @@ doit (void) if (ret) fail ("Hostname incorrectly matches (%d)\n", ret); - if (debug) success ("Testing pem5...\n"); + if (debug) + success ("Testing pem5...\n"); data.data = pem5; data.size = strlen (pem5); @@ -789,7 +794,8 @@ doit (void) if (ret) fail ("Hostname incorrectly matches (%d)\n", ret); - if (debug) success ("Testing pem6...\n"); + if (debug) + success ("Testing pem6...\n"); data.data = pem6; data.size = strlen (pem6); @@ -805,7 +811,8 @@ doit (void) if (!ret) fail ("Hostname incorrectly does not match (%d)\n", ret); - if (debug) success ("Testing pem7...\n"); + if (debug) + success ("Testing pem7...\n"); data.data = pem7; data.size = strlen (pem7); @@ -829,7 +836,8 @@ doit (void) if (!ret) fail ("Hostname incorrectly does not match (%d)\n", ret); - if (debug) success ("Testing pem8...\n"); + if (debug) + success ("Testing pem8...\n"); data.data = pem8; data.size = strlen (pem8); @@ -853,7 +861,8 @@ doit (void) if (ret) fail ("Hostname incorrectly matches (%d)\n", ret); - if (debug) success ("Testing pem9...\n"); + if (debug) + success ("Testing pem9...\n"); data.data = pem9; data.size = strlen (pem9); @@ -869,7 +878,8 @@ doit (void) if (!ret) fail ("Hostname incorrectly does not match (%d)\n", ret); - if (debug) success ("Testing pem10...\n"); + if (debug) + success ("Testing pem10...\n"); data.data = pem10; data.size = strlen (pem10); @@ -882,7 +892,8 @@ doit (void) fail ("Hostname incorrectly matches (%d)\n", ret); #ifdef ENABLE_OPENPGP - if (debug) success ("Testing pem11...\n"); + if (debug) + success ("Testing pem11...\n"); data.data = pem11; data.size = strlen (pem11); diff --git a/tests/init_roundtrip.c b/tests/init_roundtrip.c index e232f8de89..29e3a844d1 100644 --- a/tests/init_roundtrip.c +++ b/tests/init_roundtrip.c @@ -48,5 +48,6 @@ doit (void) gnutls_global_deinit (); - if (debug) success ("init-deinit round-trip success\n"); + if (debug) + success ("init-deinit round-trip success\n"); } diff --git a/tests/mini-eagain.c b/tests/mini-eagain.c index 872a16bd95..b7240703f6 100644 --- a/tests/mini-eagain.c +++ b/tests/mini-eagain.c @@ -225,7 +225,8 @@ doit (void) } while (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN); handshake = 0; - if (debug) success ("Handshake established\n"); + if (debug) + success ("Handshake established\n"); ns = gnutls_record_send (client, MSG, strlen (MSG)); //success ("client: sent %d\n", ns); @@ -248,7 +249,8 @@ doit (void) else { transferred += ret; - if (debug) fputs ("*", stdout); + if (debug) + fputs ("*", stdout); } ns = gnutls_record_send (server, MSG, strlen (MSG)); @@ -270,11 +272,13 @@ doit (void) else { transferred += ret; - if (debug) fputs (".", stdout); + if (debug) + fputs (".", stdout); } } while (transferred < 7000); - if (debug) fputs ("\n", stdout); + if (debug) + fputs ("\n", stdout); gnutls_bye (client, GNUTLS_SHUT_RDWR); gnutls_bye (server, GNUTLS_SHUT_RDWR); diff --git a/tests/mini.c b/tests/mini.c index c415f5e0b8..315bbfec35 100644 --- a/tests/mini.c +++ b/tests/mini.c @@ -48,7 +48,7 @@ static ssize_t client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) { if (debug) - success ("client_pull len %d has %d\n", (int)len, (int)to_client_len); + success ("client_pull len %d has %d\n", (int) len, (int) to_client_len); if (to_client_len < len) { @@ -72,7 +72,7 @@ client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) if (debug) { - success ("client_push len %d has %d\n", (int)len, (int)to_server_len); + success ("client_push len %d has %d\n", (int) len, (int) to_server_len); hexprint (data, len); } @@ -94,7 +94,7 @@ static ssize_t server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) { if (debug) - success ("server_pull len %d has %d\n", (int)len, (int)to_server_len); + success ("server_pull len %d has %d\n", (int) len, (int) to_server_len); if (to_server_len < len) { @@ -118,7 +118,7 @@ server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) if (debug) { - success ("server_push len %d has %d\n", (int)len, (int)to_client_len); + success ("server_push len %d has %d\n", (int) len, (int) to_client_len); hexprint (data, len); } @@ -193,22 +193,27 @@ doit (void) if (debug) success ("loop invoking client:\n"); cret = gnutls_handshake (client); - if (debug) success ("client %d: %s\n", cret, gnutls_strerror (cret)); + if (debug) + success ("client %d: %s\n", cret, gnutls_strerror (cret)); } if (sret == GNUTLS_E_AGAIN) { - if (debug) success ("loop invoking server:\n"); + if (debug) + success ("loop invoking server:\n"); sret = gnutls_handshake (server); - if (debug) success ("server %d: %s\n", sret, gnutls_strerror (sret)); + if (debug) + success ("server %d: %s\n", sret, gnutls_strerror (sret)); } } while (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN); - if (debug) success ("Handshake established\n"); + if (debug) + success ("Handshake established\n"); ns = gnutls_record_send (client, MSG, strlen (MSG)); - if (debug) success ("client: sent %d\n", (int)ns); + if (debug) + success ("client: sent %d\n", (int) ns); ret = gnutls_record_recv (server, buffer, MAX_BUF); if (ret == 0) @@ -227,7 +232,8 @@ doit (void) } ns = gnutls_record_send (server, MSG, strlen (MSG)); - if (debug) success ("server: sent %d\n", (int)ns); + if (debug) + success ("server: sent %d\n", (int) ns); ret = gnutls_record_recv (client, buffer, MAX_BUF); if (ret == 0) @@ -241,12 +247,12 @@ doit (void) else { if (debug) - { - printf ("client: received %d: ", ret); - for (n = 0; n < ret; n++) + { + printf ("client: received %d: ", ret); + for (n = 0; n < ret; n++) fputc (buffer[n], stdout); - fputs ("\n", stdout); - } + fputs ("\n", stdout); + } } gnutls_bye (client, GNUTLS_SHUT_RDWR); diff --git a/tests/netconf-psk.c b/tests/netconf-psk.c index 6b03257ac2..604f4d91e0 100644 --- a/tests/netconf-psk.c +++ b/tests/netconf-psk.c @@ -57,7 +57,8 @@ doit (void) if (gnutls_psk_netconf_derive_key ("password", "psk_identity", "psk_identity_hint", &key) == 0) { - if (debug) success ("success: gnutls_psk_netconf_derive_key\n"); + if (debug) + success ("success: gnutls_psk_netconf_derive_key\n"); } else fail ("gnutls_psk_netconf_derive_key failure\n"); @@ -67,7 +68,8 @@ doit (void) if (key.size == 20 && memcmp (key.data, known, 20) == 0) { - if (debug) success ("success: match.\n"); + if (debug) + success ("success: match.\n"); } else fail ("FAIL: key differ.\n"); diff --git a/tests/nul-in-x509-names.c b/tests/nul-in-x509-names.c index c4b85f7a6b..6995826c4f 100644 --- a/tests/nul-in-x509-names.c +++ b/tests/nul-in-x509-names.c @@ -30,7 +30,7 @@ #include <gnutls/gnutls.h> #include <gnutls/x509.h> -#include "utils.h" +#include "utils.h" /* Thanks to Tomas Hoger <thoger@redhat.com> for generating the two certs that trigger this bug. */ @@ -90,7 +90,8 @@ const gnutls_datum_t badguy_nul_san = { badguy_nul_san_data, sizeof (badguy_nul_san_data) }; -void doit(void) +void +doit (void) { gnutls_x509_crt_t crt; int ret; @@ -99,48 +100,50 @@ void doit(void) if (ret < 0) { fail ("gnutls_global_init"); - exit(1); + exit (1); } ret = gnutls_x509_crt_init (&crt); if (ret != 0) { - fail("gnutls_x509_crt_init"); - exit(1); + fail ("gnutls_x509_crt_init"); + exit (1); } ret = gnutls_x509_crt_import (crt, &badguy_nul_cn, GNUTLS_X509_FMT_PEM); if (ret < 0) { - fail("gnutls_x509_crt_import"); - exit(1); + fail ("gnutls_x509_crt_import"); + exit (1); } ret = gnutls_x509_crt_check_hostname (crt, "www.bank.com"); if (ret == 0) { - if (debug) success("gnutls_x509_crt_check_hostname OK (NUL-IN-CN)"); + if (debug) + success ("gnutls_x509_crt_check_hostname OK (NUL-IN-CN)"); } else { - fail("gnutls_x509_crt_check_hostname BROKEN (NUL-IN-CN)"); + fail ("gnutls_x509_crt_check_hostname BROKEN (NUL-IN-CN)"); } ret = gnutls_x509_crt_import (crt, &badguy_nul_san, GNUTLS_X509_FMT_PEM); if (ret < 0) { fail ("gnutls_x509_crt_import"); - exit(1); + exit (1); } ret = gnutls_x509_crt_check_hostname (crt, "www.bank.com"); if (ret == 0) { - if (debug) success("gnutls_x509_crt_check_hostname OK (NUL-IN-SAN)"); + if (debug) + success ("gnutls_x509_crt_check_hostname OK (NUL-IN-SAN)"); } else { - fail("gnutls_x509_crt_check_hostname BROKEN (NUL-IN-SAN)"); + fail ("gnutls_x509_crt_check_hostname BROKEN (NUL-IN-SAN)"); } gnutls_x509_crt_deinit (crt); diff --git a/tests/openpgp-keyring.c b/tests/openpgp-keyring.c index df69ad1a4e..2ddd0edcfc 100644 --- a/tests/openpgp-keyring.c +++ b/tests/openpgp-keyring.c @@ -229,7 +229,8 @@ doit (void) if (ret != 0) fail ("keyring-check-id second key %d\n", ret); - if (debug) success ("done\n"); + if (debug) + success ("done\n"); gnutls_openpgp_keyring_deinit (keyring); gnutls_global_deinit (); diff --git a/tests/openpgpself.c b/tests/openpgpself.c index edc42425ac..c9ebbb78b6 100644 --- a/tests/openpgpself.c +++ b/tests/openpgpself.c @@ -120,7 +120,8 @@ client (void) /* sets the trusted cas file */ - if (debug) success ("Setting key files...\n"); + if (debug) + success ("Setting key files...\n"); ret = gnutls_certificate_set_openpgp_key_mem (xcred, &cert, &key, GNUTLS_OPENPGP_FMT_BASE64); @@ -142,7 +143,8 @@ client (void) /* connect to the peer */ - if (debug) success ("Connecting...\n"); + if (debug) + success ("Connecting...\n"); sd = tcp_connect (); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); @@ -157,23 +159,27 @@ client (void) gnutls_perror (ret); goto end; } - else if (debug) + else if (debug) { success ("client: Handshake was completed\n"); } - if (debug) success ("client: TLS version is: %s\n", - gnutls_protocol_get_name (gnutls_protocol_get_version (session))); + if (debug) + success ("client: TLS version is: %s\n", + gnutls_protocol_get_name (gnutls_protocol_get_version + (session))); /* see the Getting peer's information example */ - if (debug) print_info (session); + if (debug) + print_info (session); gnutls_record_send (session, MSG, strlen (MSG)); ret = gnutls_record_recv (session, buffer, MAX_BUF); if (ret == 0) { - if (debug) success ("client: Peer has closed the TLS connection\n"); + if (debug) + success ("client: Peer has closed the TLS connection\n"); goto end; } else if (ret < 0) @@ -184,12 +190,12 @@ client (void) if (debug) { - printf ("- Received %d bytes: ", ret); - for (ii = 0; ii < ret; ii++) - { - fputc (buffer[ii], stdout); - } - fputs ("\n", stdout); + printf ("- Received %d bytes: ", ret); + for (ii = 0; ii < ret; ii++) + { + fputc (buffer[ii], stdout); + } + fputs ("\n", stdout); } gnutls_bye (session, GNUTLS_SHUT_RDWR); @@ -376,7 +382,8 @@ server_start (void) return; } - if (debug) success ("server: ready. Listening to port '%d'.\n", PORT); + if (debug) + success ("server: ready. Listening to port '%d'.\n", PORT); } static void @@ -400,7 +407,8 @@ server (void) fail ("Could not set server key files...\n"); } - if (debug) success ("Launched, setting DH parameters...\n"); + if (debug) + success ("Launched, setting DH parameters...\n"); generate_dh_params (); @@ -412,9 +420,10 @@ server (void) sd = accept (listen_sd, (SA *) & sa_cli, &client_len); - if (debug) success ("server: connection from %s, port %d\n", - inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, - sizeof (topbuf)), ntohs (sa_cli.sin_port)); + if (debug) + success ("server: connection from %s, port %d\n", + inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, + sizeof (topbuf)), ntohs (sa_cli.sin_port)); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); ret = gnutls_handshake (session); @@ -425,13 +434,17 @@ server (void) fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret)); return; } - if (debug) success ("server: Handshake was completed\n"); + if (debug) + success ("server: Handshake was completed\n"); - if (debug) success ("server: TLS version is: %s\n", - gnutls_protocol_get_name (gnutls_protocol_get_version (session))); + if (debug) + success ("server: TLS version is: %s\n", + gnutls_protocol_get_name (gnutls_protocol_get_version + (session))); /* see the Getting peer's information example */ - if (debug) print_info (session); + if (debug) + print_info (session); i = 0; for (;;) @@ -441,7 +454,8 @@ server (void) if (ret == 0) { - if (debug) success ("server: Peer has closed the GNUTLS connection\n"); + if (debug) + success ("server: Peer has closed the GNUTLS connection\n"); break; } else if (ret < 0) @@ -471,7 +485,8 @@ server (void) gnutls_global_deinit (); - if (debug) success ("server: finished\n"); + if (debug) + success ("server: finished\n"); } diff --git a/tests/parse_ca.c b/tests/parse_ca.c index c02124a43f..18bb4b394f 100644 --- a/tests/parse_ca.c +++ b/tests/parse_ca.c @@ -76,5 +76,6 @@ doit (void) gnutls_global_deinit (); - if (debug) success ("import ok\n"); + if (debug) + success ("import ok\n"); } diff --git a/tests/pkcs12_encode.c b/tests/pkcs12_encode.c index 18c3fe8684..6558b56ec2 100644 --- a/tests/pkcs12_encode.c +++ b/tests/pkcs12_encode.c @@ -65,7 +65,8 @@ static char ca_pem[] = "PfqUpIhz5Bbm7J4=\n" "-----END CERTIFICATE-----\n"; const gnutls_datum_t ca_dat = { ca_pem, sizeof (ca_pem) }; -void doit(void) +void +doit (void) { gnutls_pkcs12_t pkcs12; gnutls_x509_crt_t client; @@ -158,7 +159,8 @@ void doit(void) if (ret < 0) error (EXIT_FAILURE, 0, "pkcs12_export: %d", ret); - if (debug) fwrite (outbuf, size, 1, stdout); + if (debug) + fwrite (outbuf, size, 1, stdout); /* Cleanup. */ gnutls_pkcs12_deinit (pkcs12); diff --git a/tests/pkcs12_s2k.c b/tests/pkcs12_s2k.c index 447d628359..4136f2b599 100644 --- a/tests/pkcs12_s2k.c +++ b/tests/pkcs12_s2k.c @@ -138,11 +138,12 @@ doit (void) if (debug) printf ("ij: %d.%d: %s\n", i, j, - _gnutls_bin2hex (key, sizeof (key), tmp, sizeof (tmp))); + _gnutls_bin2hex (key, sizeof (key), tmp, sizeof (tmp))); x++; } } - if (debug) printf ("\n"); + if (debug) + printf ("\n"); for (i = 0; i < sizeof (tv) / sizeof (tv[0]); i++) { @@ -158,12 +159,14 @@ doit (void) fail ("_gnutls_pkcs12_string_to_key failed[3]\n"); if (debug) - printf ("tv[%d]: %s\n", i, - _gnutls_bin2hex (key, tv[i].keylen, tmp, sizeof (tmp))); + printf ("tv[%d]: %s\n", i, + _gnutls_bin2hex (key, tv[i].keylen, tmp, sizeof (tmp))); } - if (debug) printf ("\n"); + if (debug) + printf ("\n"); gnutls_global_deinit (); - if (debug) success ("_gnutls_pkcs12_string_to_key ok\n"); + if (debug) + success ("_gnutls_pkcs12_string_to_key ok\n"); } diff --git a/tests/pkcs12_s2k_pem.c b/tests/pkcs12_s2k_pem.c index 1970111c0d..b9b7a0b5e4 100644 --- a/tests/pkcs12_s2k_pem.c +++ b/tests/pkcs12_s2k_pem.c @@ -284,7 +284,7 @@ main (void) keys[i].password, 0); if (ret != keys[i].expected_result) { - printf ("fail[%d]: %d: %s\n", (int)i, ret, gnutls_strerror (ret)); + printf ("fail[%d]: %d: %s\n", (int) i, ret, gnutls_strerror (ret)); return 1; } diff --git a/tests/pskself.c b/tests/pskself.c index b4181188ed..6ef343dfb2 100644 --- a/tests/pskself.c +++ b/tests/pskself.c @@ -94,7 +94,8 @@ client (void) } else { - if (debug) success ("client: Handshake was completed\n"); + if (debug) + success ("client: Handshake was completed\n"); } gnutls_record_send (session, MSG, strlen (MSG)); @@ -102,7 +103,8 @@ client (void) ret = gnutls_record_recv (session, buffer, MAX_BUF); if (ret == 0) { - if (debug) success ("client: Peer has closed the TLS connection\n"); + if (debug) + success ("client: Peer has closed the TLS connection\n"); goto end; } else if (ret < 0) @@ -166,7 +168,8 @@ initialize_tls_session (void) static int pskfunc (gnutls_session_t session, const char *username, gnutls_datum_t * key) { - if (debug) printf ("psk: username %s\n", username); + if (debug) + printf ("psk: username %s\n", username); key->data = gnutls_malloc (4); key->data[0] = 0xDE; key->data[1] = 0xAD; @@ -189,7 +192,8 @@ int optval = 1; static void server_start (void) { - if (debug) success ("Launched...\n"); + if (debug) + success ("Launched...\n"); /* Socket operations */ @@ -225,7 +229,8 @@ server_start (void) return; } - if (debug) success ("server: ready. Listening to port '%d'.\n", PORT); + if (debug) + success ("server: ready. Listening to port '%d'.\n", PORT); } static void @@ -244,9 +249,10 @@ server (void) sd = accept (listen_sd, (SA *) & sa_cli, &client_len); - if (debug) success ("server: connection from %s, port %d\n", - inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, - sizeof (topbuf)), ntohs (sa_cli.sin_port)); + if (debug) + success ("server: connection from %s, port %d\n", + inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, + sizeof (topbuf)), ntohs (sa_cli.sin_port)); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); ret = gnutls_handshake (session); @@ -257,7 +263,8 @@ server (void) fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret)); return; } - if (debug) success ("server: Handshake was completed\n"); + if (debug) + success ("server: Handshake was completed\n"); /* see the Getting peer's information example */ /* print_info(session); */ @@ -270,7 +277,8 @@ server (void) if (ret == 0) { - if (debug) success ("server: Peer has closed the GNUTLS connection\n"); + if (debug) + success ("server: Peer has closed the GNUTLS connection\n"); break; } else if (ret < 0) @@ -298,7 +306,8 @@ server (void) gnutls_global_deinit (); - if (debug) success ("server: finished\n"); + if (debug) + success ("server: finished\n"); } void diff --git a/tests/resume.c b/tests/resume.c index 1faf0b17d7..8486f18a23 100644 --- a/tests/resume.c +++ b/tests/resume.c @@ -153,7 +153,8 @@ client (struct params_res *params) } else { - if (debug) success ("client: Handshake was completed\n"); + if (debug) + success ("client: Handshake was completed\n"); } if (t == 0) @@ -170,9 +171,10 @@ client (struct params_res *params) if (gnutls_session_is_resumed (session) != 0) { if (params->expect_resume) - { - if (debug) success ("- Previous session was resumed\n"); - } + { + if (debug) + success ("- Previous session was resumed\n"); + } else fail ("- Previous session was resumed\n"); } @@ -181,9 +183,11 @@ client (struct params_res *params) if (params->expect_resume) fail ("*** Previous session was NOT resumed\n"); else - { - if (debug) success ("*** Previous session was NOT resumed (expected)\n"); - } + { + if (debug) + success + ("*** Previous session was NOT resumed (expected)\n"); + } } } @@ -192,7 +196,8 @@ client (struct params_res *params) ret = gnutls_record_recv (session, buffer, MAX_BUF); if (ret == 0) { - if (debug) success ("client: Peer has closed the TLS connection\n"); + if (debug) + success ("client: Peer has closed the TLS connection\n"); goto end; } else if (ret < 0) @@ -330,13 +335,15 @@ global_start (void) return; } - if (debug) success ("server: ready. Listening to port '%d'.\n", PORT); + if (debug) + success ("server: ready. Listening to port '%d'.\n", PORT); } static void global_stop (void) { - if (debug) success ("global stop\n"); + if (debug) + success ("global stop\n"); gnutls_anon_free_server_credentials (anoncred); @@ -363,7 +370,8 @@ server (struct params_res *params) gnutls_global_init (); gnutls_anon_allocate_server_credentials (&anoncred); - if (debug) success ("Launched, generating DH parameters...\n"); + if (debug) + success ("Launched, generating DH parameters...\n"); generate_dh_params (); @@ -386,9 +394,10 @@ server (struct params_res *params) sd = accept (listen_sd, (SA *) & sa_cli, &client_len); - if (debug) success ("server: connection from %s, port %d\n", - inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, - sizeof (topbuf)), ntohs (sa_cli.sin_port)); + if (debug) + success ("server: connection from %s, port %d\n", + inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, + sizeof (topbuf)), ntohs (sa_cli.sin_port)); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); ret = gnutls_handshake (session); @@ -400,7 +409,8 @@ server (struct params_res *params) gnutls_strerror (ret)); return; } - if (debug) success ("server: Handshake was completed\n"); + if (debug) + success ("server: Handshake was completed\n"); /* see the Getting peer's information example */ /* print_info(session); */ @@ -413,7 +423,8 @@ server (struct params_res *params) if (ret == 0) { - if (debug) success ("server: Peer has closed the GNUTLS connection\n"); + if (debug) + success ("server: Peer has closed the GNUTLS connection\n"); break; } else if (ret < 0) @@ -447,7 +458,8 @@ server (struct params_res *params) gnutls_free (session_ticket_key.data); session_ticket_key.data = NULL; - if (debug) success ("server: finished\n"); + if (debug) + success ("server: finished\n"); } void @@ -457,7 +469,8 @@ doit (void) for (i = 0; resume_tests[i].desc; i++) { - if (debug) printf ("%s\n", resume_tests[i].desc); + if (debug) + printf ("%s\n", resume_tests[i].desc); global_start (); if (error_count) @@ -527,7 +540,8 @@ wrap_db_deinit (void) static int wrap_db_store (void *dbf, gnutls_datum_t key, gnutls_datum_t data) { - if (debug) success ("resume db storing... (%d-%d)\n", key.size, data.size); + if (debug) + success ("resume db storing... (%d-%d)\n", key.size, data.size); if (debug) { @@ -576,7 +590,8 @@ wrap_db_fetch (void *dbf, gnutls_datum_t key) gnutls_datum_t res = { NULL, 0 }; int i; - if (debug) success ("resume db fetch... (%d)\n", key.size); + if (debug) + success ("resume db fetch... (%d)\n", key.size); if (debug) { unsigned int i; @@ -598,7 +613,8 @@ wrap_db_fetch (void *dbf, gnutls_datum_t key) if (key.size == cache_db[i].session_id_size && memcmp (key.data, cache_db[i].session_id, key.size) == 0) { - if (debug) success ("resume db fetch... return info\n"); + if (debug) + success ("resume db fetch... return info\n"); res.size = cache_db[i].session_data_size; diff --git a/tests/set_pkcs12_cred.c b/tests/set_pkcs12_cred.c index 200f8b661a..69b54896cc 100644 --- a/tests/set_pkcs12_cred.c +++ b/tests/set_pkcs12_cred.c @@ -51,8 +51,9 @@ doit (void) if (!password) password = "foobar"; - if (debug) success ("Reading PKCS#12 blob from `%s' using password `%s'.\n", - file, password); + if (debug) + success ("Reading PKCS#12 blob from `%s' using password `%s'.\n", + file, password); ret = gnutls_certificate_set_x509_simple_pkcs12_file (x509cred, file, GNUTLS_X509_FMT_DER, @@ -60,7 +61,8 @@ doit (void) if (ret < 0) fail ("x509_pkcs12 failed %d: %s\n", ret, gnutls_strerror (ret)); - if (debug) success ("Read file OK\n"); + if (debug) + success ("Read file OK\n"); gnutls_certificate_free_credentials (x509cred); @@ -79,8 +81,9 @@ doit (void) if (!password) password = ""; - if (debug) success ("Reading PKCS#12 blob from `%s' using password `%s'.\n", - file, password); + if (debug) + success ("Reading PKCS#12 blob from `%s' using password `%s'.\n", + file, password); ret = gnutls_certificate_set_x509_simple_pkcs12_file (x509cred, file, GNUTLS_X509_FMT_DER, @@ -88,7 +91,8 @@ doit (void) if (ret < 0) fail ("x509_pkcs12 failed %d: %s\n", ret, gnutls_strerror (ret)); - if (debug) success ("Read file OK\n"); + if (debug) + success ("Read file OK\n"); gnutls_certificate_free_credentials (x509cred); diff --git a/tests/simple.c b/tests/simple.c index 3449de1a28..f0981afb1e 100644 --- a/tests/simple.c +++ b/tests/simple.c @@ -32,7 +32,7 @@ void doit (void) { - if (debug) + if (debug) { printf ("GnuTLS header version %s.\n", GNUTLS_VERSION); printf ("GnuTLS library version %s.\n", gnutls_check_version (NULL)); @@ -52,9 +52,10 @@ doit (void) for (i = 0; algs[i]; i++) { - if (debug) printf ("pk_list[%d] = %d = %s = %d\n", (int)i, algs[i], - gnutls_pk_algorithm_get_name (algs[i]), - gnutls_pk_get_id (gnutls_pk_algorithm_get_name (algs[i]))); + if (debug) + printf ("pk_list[%d] = %d = %s = %d\n", (int) i, algs[i], + gnutls_pk_algorithm_get_name (algs[i]), + gnutls_pk_get_id (gnutls_pk_algorithm_get_name (algs[i]))); if (gnutls_pk_get_id (gnutls_pk_algorithm_get_name (algs[i])) != algs[i]) fail ("gnutls_pk id's doesn't match\n"); @@ -64,7 +65,8 @@ doit (void) if (pk != GNUTLS_PK_UNKNOWN) fail ("gnutls_pk unknown test failed (%d)\n", pk); - if (debug) success ("gnutls_pk_list ok\n"); + if (debug) + success ("gnutls_pk_list ok\n"); } { @@ -79,10 +81,10 @@ doit (void) for (i = 0; algs[i]; i++) { if (debug) - printf ("sign_list[%d] = %d = %s = %d\n", (int)i, algs[i], - gnutls_sign_algorithm_get_name (algs[i]), - gnutls_sign_get_id (gnutls_sign_algorithm_get_name - (algs[i]))); + printf ("sign_list[%d] = %d = %s = %d\n", (int) i, algs[i], + gnutls_sign_algorithm_get_name (algs[i]), + gnutls_sign_get_id (gnutls_sign_algorithm_get_name + (algs[i]))); if (gnutls_sign_get_id (gnutls_sign_algorithm_get_name (algs[i])) != algs[i]) fail ("gnutls_sign id's doesn't match\n"); @@ -92,6 +94,7 @@ doit (void) if (pk != GNUTLS_PK_UNKNOWN) fail ("gnutls_sign unknown test failed (%d)\n", pk); - if (debug) success ("gnutls_sign_list ok\n"); + if (debug) + success ("gnutls_sign_list ok\n"); } } diff --git a/tests/tlsia.c b/tests/tlsia.c index 9e6bd6c785..8e1778c0c5 100644 --- a/tests/tlsia.c +++ b/tests/tlsia.c @@ -61,10 +61,10 @@ client_avp (gnutls_session_t session, void *ptr, if (debug) { if (last) - printf ("client: received %d bytes AVP: `%.*s'\n", - (int)lastlen, (int) lastlen, last); + printf ("client: received %d bytes AVP: `%.*s'\n", + (int) lastlen, (int) lastlen, last); else - printf ("client: new application phase\n"); + printf ("client: new application phase\n"); } switch (iter) @@ -97,7 +97,8 @@ client_avp (gnutls_session_t session, void *ptr, return -1; *newlen = strlen (*new); - if (debug) printf ("client: sending %d bytes AVP: `%s'\n", (int)*newlen, *new); + if (debug) + printf ("client: sending %d bytes AVP: `%s'\n", (int) *newlen, *new); gnutls_ia_permute_inner_secret (session, 3, "foo"); @@ -159,7 +160,8 @@ client (void) } else { - if (debug) success ("client: Handshake was completed\n"); + if (debug) + success ("client: Handshake was completed\n"); } /* @@ -173,7 +175,8 @@ client (void) fail ("client: No TLS/IA negotiation\n"); else { - if (debug) success ("client: TLS/IA handshake\n"); + if (debug) + success ("client: TLS/IA handshake\n"); ret = gnutls_ia_handshake (session); @@ -185,7 +188,8 @@ client (void) } else { - if (debug) success ("client: TLS/IA Handshake was completed\n"); + if (debug) + success ("client: TLS/IA Handshake was completed\n"); } } @@ -194,7 +198,8 @@ client (void) ret = gnutls_record_recv (session, buffer, MAX_BUF); if (ret == 0) { - if (debug) success ("client: Peer has closed the TLS connection\n"); + if (debug) + success ("client: Peer has closed the TLS connection\n"); goto end; } else if (ret < 0) @@ -295,7 +300,7 @@ server_avp (gnutls_session_t session, void *ptr, if (last && debug) printf ("server: received %d bytes AVP: `%.*s'\n", - (int)lastlen, (int) lastlen, last); + (int) lastlen, (int) lastlen, last); gnutls_ia_permute_inner_secret (session, 3, "foo"); @@ -344,13 +349,15 @@ server_avp (gnutls_session_t session, void *ptr, if (strcmp (p, "1") == 0) { - if (debug) success ("server: Sending IntermediatePhaseFinished...\n"); + if (debug) + success ("server: Sending IntermediatePhaseFinished...\n"); return 1; } if (strcmp (p, "2") == 0) { - if (debug) success ("server: Sending FinalPhaseFinished...\n"); + if (debug) + success ("server: Sending FinalPhaseFinished...\n"); return 2; } @@ -359,7 +366,8 @@ server_avp (gnutls_session_t session, void *ptr, return -1; *newlen = strlen (*new); - if (debug) printf ("server: sending %d bytes AVP: `%s'\n", (int)*newlen, *new); + if (debug) + printf ("server: sending %d bytes AVP: `%s'\n", (int) *newlen, *new); return 0; } @@ -401,7 +409,8 @@ server_start (void) return; } - if (debug) success ("server: ready. Listening to port '%d'\n", PORT); + if (debug) + success ("server: ready. Listening to port '%d'\n", PORT); } static void @@ -419,7 +428,8 @@ server (void) gnutls_anon_allocate_server_credentials (&anoncred); gnutls_ia_allocate_server_credentials (&iacred); - if (debug) success ("Launched, generating DH parameters...\n"); + if (debug) + success ("Launched, generating DH parameters...\n"); generate_dh_params (); @@ -431,9 +441,10 @@ server (void) sd = accept (listen_sd, (SA *) & sa_cli, &client_len); - if (debug) success ("server: connection from %s, port %d\n", - inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, - sizeof (topbuf)), ntohs (sa_cli.sin_port)); + if (debug) + success ("server: connection from %s, port %d\n", + inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, + sizeof (topbuf)), ntohs (sa_cli.sin_port)); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); @@ -449,13 +460,15 @@ server (void) fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret)); return; } - if (debug) success ("server: Handshake was completed\n"); + if (debug) + success ("server: Handshake was completed\n"); if (!gnutls_ia_handshake_p (session)) fail ("server: No TLS/IA negotiation\n"); else { - if (debug) success ("server: TLS/IA handshake\n"); + if (debug) + success ("server: TLS/IA handshake\n"); ret = gnutls_ia_handshake (session); @@ -467,7 +480,8 @@ server (void) } else { - if (debug) success ("server: TLS/IA Handshake was completed\n"); + if (debug) + success ("server: TLS/IA Handshake was completed\n"); } } @@ -482,7 +496,8 @@ server (void) if (ret == 0) { - if (debug) success ("server: Peer has closed the GNUTLS connection\n"); + if (debug) + success ("server: Peer has closed the GNUTLS connection\n"); break; } else if (ret < 0) @@ -524,7 +539,8 @@ server (void) gnutls_global_deinit (); - if (debug) success ("server: finished\n"); + if (debug) + success ("server: finished\n"); } void diff --git a/tests/utils.c b/tests/utils.c index 7e39dff439..6d6c352352 100644 --- a/tests/utils.c +++ b/tests/utils.c @@ -69,7 +69,7 @@ escapeprint (const char *str, size_t len) { size_t i; - printf (" (length %d bytes):\n\t", (int)len); + printf (" (length %d bytes):\n\t", (int) len); for (i = 0; i < len; i++) { if (((str[i] & 0xFF) >= 'A' && (str[i] & 0xFF) <= 'Z') || diff --git a/tests/x509_altname.c b/tests/x509_altname.c index 569aca96d2..8dbc8932c7 100644 --- a/tests/x509_altname.c +++ b/tests/x509_altname.c @@ -122,7 +122,8 @@ doit (void) fail ("unexpected number of alt names: %i\n", alt_name_count); } - if (debug) success ("done\n"); + if (debug) + success ("done\n"); gnutls_x509_crt_deinit (cert); gnutls_global_deinit (); diff --git a/tests/x509dn.c b/tests/x509dn.c index 08e7954bc3..eabad48a89 100644 --- a/tests/x509dn.c +++ b/tests/x509dn.c @@ -124,7 +124,8 @@ cert_callback (gnutls_session_t session, return -1; } - if (debug) success ("client: invoked to provide client cert.\n"); + if (debug) + success ("client: invoked to provide client cert.\n"); result = gnutls_x509_dn_init (&dn); if (result < 0) @@ -138,16 +139,19 @@ cert_callback (gnutls_session_t session, { gnutls_x509_ava_st val; - if (debug) success ("client: imported DN.\n"); + if (debug) + success ("client: imported DN.\n"); if (gnutls_x509_dn_get_rdn_ava (dn, 0, 0, &val) == 0) { - if (debug) success ("client: got RDN 0.\n"); + if (debug) + success ("client: got RDN 0.\n"); if (val.value.size == strlen (EXPECT_RDN0) && strncmp (val.value.data, EXPECT_RDN0, val.value.size) == 0) { - if (debug) success ("client: RND 0 correct.\n"); + if (debug) + success ("client: RND 0 correct.\n"); } else { @@ -224,21 +228,26 @@ client (void) } else { - if (debug) success ("client: Handshake was completed\n"); + if (debug) + success ("client: Handshake was completed\n"); } - if (debug) success ("client: TLS version is: %s\n", - gnutls_protocol_get_name (gnutls_protocol_get_version (session))); + if (debug) + success ("client: TLS version is: %s\n", + gnutls_protocol_get_name (gnutls_protocol_get_version + (session))); /* see the Getting peer's information example */ - if (debug) print_info (session); + if (debug) + print_info (session); gnutls_record_send (session, MSG, strlen (MSG)); ret = gnutls_record_recv (session, buffer, MAX_BUF); if (ret == 0) { - if (debug) success ("client: Peer has closed the TLS connection\n"); + if (debug) + success ("client: Peer has closed the TLS connection\n"); goto end; } else if (ret < 0) @@ -251,9 +260,9 @@ client (void) { printf ("- Received %d bytes: ", ret); for (ii = 0; ii < ret; ii++) - { - fputc (buffer[ii], stdout); - } + { + fputc (buffer[ii], stdout); + } fputs ("\n", stdout); } @@ -408,7 +417,8 @@ server_start (void) return; } - if (debug) success ("server: ready. Listening to port '%d'.\n", PORT); + if (debug) + success ("server: ready. Listening to port '%d'.\n", PORT); } static void @@ -428,7 +438,8 @@ server (void) gnutls_certificate_set_x509_key_mem (x509_cred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); - if (debug) success ("Launched, generating DH parameters...\n"); + if (debug) + success ("Launched, generating DH parameters...\n"); generate_dh_params (); @@ -440,9 +451,10 @@ server (void) sd = accept (listen_sd, (SA *) & sa_cli, &client_len); - if (debug) success ("server: connection from %s, port %d\n", - inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, - sizeof (topbuf)), ntohs (sa_cli.sin_port)); + if (debug) + success ("server: connection from %s, port %d\n", + inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, + sizeof (topbuf)), ntohs (sa_cli.sin_port)); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); ret = gnutls_handshake (session); @@ -453,13 +465,17 @@ server (void) fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret)); return; } - if (debug) success ("server: Handshake was completed\n"); + if (debug) + success ("server: Handshake was completed\n"); - if (debug) success ("server: TLS version is: %s\n", - gnutls_protocol_get_name (gnutls_protocol_get_version (session))); + if (debug) + success ("server: TLS version is: %s\n", + gnutls_protocol_get_name (gnutls_protocol_get_version + (session))); /* see the Getting peer's information example */ - if (debug) print_info (session); + if (debug) + print_info (session); i = 0; for (;;) @@ -469,7 +485,8 @@ server (void) if (ret == 0) { - if (debug) success ("server: Peer has closed the GNUTLS connection\n"); + if (debug) + success ("server: Peer has closed the GNUTLS connection\n"); break; } else if (ret < 0) @@ -499,7 +516,8 @@ server (void) gnutls_global_deinit (); - if (debug) success ("server: finished\n"); + if (debug) + success ("server: finished\n"); } diff --git a/tests/x509self.c b/tests/x509self.c index e0e620f89e..39aaeca225 100644 --- a/tests/x509self.c +++ b/tests/x509self.c @@ -161,17 +161,21 @@ client (void) success ("client: Handshake was completed\n"); } - if (debug) success ("client: TLS version is: %s\n", - gnutls_protocol_get_name (gnutls_protocol_get_version (session))); + if (debug) + success ("client: TLS version is: %s\n", + gnutls_protocol_get_name (gnutls_protocol_get_version + (session))); /* see the Getting peer's information example */ - if (debug) print_info (session); + if (debug) + print_info (session); ret = gnutls_record_send (session, MSG, strlen (MSG)); if (ret == strlen (MSG)) { - if (debug) success ("client: sent record.\n"); + if (debug) + success ("client: sent record.\n"); } else { @@ -182,15 +186,18 @@ client (void) ret = gnutls_record_recv (session, buffer, MAX_BUF); - if (debug) success ("client: recv returned %d.\n", ret); + if (debug) + success ("client: recv returned %d.\n", ret); if (ret == GNUTLS_E_REHANDSHAKE) { - if (debug) success ("client: doing handshake!\n"); + if (debug) + success ("client: doing handshake!\n"); ret = gnutls_handshake (session); if (ret == 0) { - if (debug) success ("client: handshake complete, reading again.\n"); + if (debug) + success ("client: handshake complete, reading again.\n"); ret = gnutls_record_recv (session, buffer, MAX_BUF); } else @@ -201,7 +208,8 @@ client (void) if (ret == 0) { - if (debug) success ("client: Peer has closed the TLS connection\n"); + if (debug) + success ("client: Peer has closed the TLS connection\n"); goto end; } else if (ret < 0) @@ -210,13 +218,13 @@ client (void) goto end; } - if (debug) + if (debug) { printf ("- Received %d bytes: ", ret); for (ii = 0; ii < ret; ii++) - { - fputc (buffer[ii], stdout); - } + { + fputc (buffer[ii], stdout); + } fputs ("\n", stdout); } @@ -372,7 +380,8 @@ server_start (void) return; } - if (debug) success ("server: ready. Listening to port '%d'.\n", PORT); + if (debug) + success ("server: ready. Listening to port '%d'.\n", PORT); } static void @@ -392,7 +401,8 @@ server (void) gnutls_certificate_set_x509_key_mem (x509_cred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); - if (debug) success ("Launched, generating DH parameters...\n"); + if (debug) + success ("Launched, generating DH parameters...\n"); generate_dh_params (); @@ -404,9 +414,10 @@ server (void) sd = accept (listen_sd, (SA *) & sa_cli, &client_len); - if (debug) success ("server: connection from %s, port %d\n", - inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, - sizeof (topbuf)), ntohs (sa_cli.sin_port)); + if (debug) + success ("server: connection from %s, port %d\n", + inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, + sizeof (topbuf)), ntohs (sa_cli.sin_port)); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); ret = gnutls_handshake (session); @@ -421,11 +432,13 @@ server (void) { success ("server: Handshake was completed\n"); success ("server: TLS version is: %s\n", - gnutls_protocol_get_name (gnutls_protocol_get_version (session))); + gnutls_protocol_get_name (gnutls_protocol_get_version + (session))); } /* see the Getting peer's information example */ - if (debug) print_info (session); + if (debug) + print_info (session); i = 0; for (;;) @@ -435,7 +448,8 @@ server (void) if (ret == 0) { - if (debug) success ("server: Peer has closed the GNUTLS connection\n"); + if (debug) + success ("server: Peer has closed the GNUTLS connection\n"); break; } else if (ret < 0) @@ -448,7 +462,8 @@ server (void) gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST); - if (debug) success ("server: got data, forcing rehandshake.\n"); + if (debug) + success ("server: got data, forcing rehandshake.\n"); ret = gnutls_rehandshake (session); if (ret < 0) @@ -466,7 +481,8 @@ server (void) break; } - if (debug) success ("server: rehandshake complete.\n"); + if (debug) + success ("server: rehandshake complete.\n"); /* echo data back to the client */ @@ -488,7 +504,8 @@ server (void) gnutls_global_deinit (); - if (debug) success ("server: finished\n"); + if (debug) + success ("server: finished\n"); } diff --git a/tests/x509sign-verify.c b/tests/x509sign-verify.c index 4253864f5f..e582d875c7 100644 --- a/tests/x509sign-verify.c +++ b/tests/x509sign-verify.c @@ -148,7 +148,8 @@ doit (void) for (i = 0; i < sizeof (key_dat) / sizeof (key_dat[0]); i++) { - if (debug) success ("loop %d\n", (int)i); + if (debug) + success ("loop %d\n", (int) i); ret = gnutls_x509_privkey_init (&key); if (ret < 0) diff --git a/tests/x509signself.c b/tests/x509signself.c index 52115db7ee..c05ecee7f5 100644 --- a/tests/x509signself.c +++ b/tests/x509signself.c @@ -190,21 +190,26 @@ client (void) } else { - if (debug) success ("client: Handshake was completed\n"); + if (debug) + success ("client: Handshake was completed\n"); } - if (debug) success ("client: TLS version is: %s\n", - gnutls_protocol_get_name (gnutls_protocol_get_version (session))); + if (debug) + success ("client: TLS version is: %s\n", + gnutls_protocol_get_name (gnutls_protocol_get_version + (session))); /* see the Getting peer's information example */ - if (debug) print_info (session); + if (debug) + print_info (session); gnutls_record_send (session, MSG, strlen (MSG)); ret = gnutls_record_recv (session, buffer, MAX_BUF); if (ret == 0) { - if (debug) success ("client: Peer has closed the TLS connection\n"); + if (debug) + success ("client: Peer has closed the TLS connection\n"); goto end; } else if (ret < 0) @@ -217,9 +222,9 @@ client (void) { printf ("- Received %d bytes: ", ret); for (ii = 0; ii < ret; ii++) - { - fputc (buffer[ii], stdout); - } + { + fputc (buffer[ii], stdout); + } fputs ("\n", stdout); } @@ -373,7 +378,8 @@ server_start (void) return; } - if (debug) success ("server: ready. Listening to port '%d'.\n", PORT); + if (debug) + success ("server: ready. Listening to port '%d'.\n", PORT); } static void @@ -393,7 +399,8 @@ server (void) gnutls_certificate_set_x509_key_mem (x509_cred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); - if (debug) success ("Launched, generating DH parameters...\n"); + if (debug) + success ("Launched, generating DH parameters...\n"); generate_dh_params (); @@ -405,9 +412,10 @@ server (void) sd = accept (listen_sd, (SA *) & sa_cli, &client_len); - if (debug) success ("server: connection from %s, port %d\n", - inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, - sizeof (topbuf)), ntohs (sa_cli.sin_port)); + if (debug) + success ("server: connection from %s, port %d\n", + inet_ntop (AF_INET, &sa_cli.sin_addr, topbuf, + sizeof (topbuf)), ntohs (sa_cli.sin_port)); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); ret = gnutls_handshake (session); @@ -418,13 +426,17 @@ server (void) fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret)); return; } - if (debug) success ("server: Handshake was completed\n"); + if (debug) + success ("server: Handshake was completed\n"); - if (debug) success ("server: TLS version is: %s\n", - gnutls_protocol_get_name (gnutls_protocol_get_version (session))); + if (debug) + success ("server: TLS version is: %s\n", + gnutls_protocol_get_name (gnutls_protocol_get_version + (session))); /* see the Getting peer's information example */ - if (debug) print_info (session); + if (debug) + print_info (session); i = 0; for (;;) @@ -434,7 +446,8 @@ server (void) if (ret == 0) { - if (debug) success ("server: Peer has closed the GNUTLS connection\n"); + if (debug) + success ("server: Peer has closed the GNUTLS connection\n"); break; } else if (ret < 0) @@ -464,7 +477,8 @@ server (void) gnutls_global_deinit (); - if (debug) success ("server: finished\n"); + if (debug) + success ("server: finished\n"); } |