diff options
-rw-r--r-- | bootstrap.conf | 2 | ||||
-rw-r--r-- | lib/algorithms/cert_types.c | 9 | ||||
-rw-r--r-- | lib/algorithms/ciphers.c | 25 | ||||
-rw-r--r-- | lib/algorithms/ecc.c | 9 | ||||
-rw-r--r-- | lib/algorithms/groups.c | 5 | ||||
-rw-r--r-- | lib/algorithms/kx.c | 9 | ||||
-rw-r--r-- | lib/algorithms/mac.c | 7 | ||||
-rw-r--r-- | lib/algorithms/protocols.c | 7 | ||||
-rw-r--r-- | lib/algorithms/sign.c | 3 | ||||
-rw-r--r-- | lib/compress.c | 5 | ||||
-rw-r--r-- | lib/priority.c | 35 |
11 files changed, 63 insertions, 53 deletions
diff --git a/bootstrap.conf b/bootstrap.conf index 87bf4d5866..3c9618b21f 100644 --- a/bootstrap.conf +++ b/bootstrap.conf @@ -27,7 +27,7 @@ local_gl_dir=gl/override/ # Reproduce by: gnulib-tool --import --local-dir=gl/override --lib=libgnu --source-base=gl --m4-base=gl/m4 --doc-base=doc --tests-base=gl/tests --aux-dir=build-aux --with-tests --avoid=alignof-tests --avoid=lock-tests --avoid=lseek-tests --lgpl=2 --no-conditional-dependencies --libtool --macro-prefix=gl --no-vc-files alloca byteswap c-ctype extensions func gendocs getline gettext-h gettimeofday hash-pjw-bare havelib intprops lib-msvc-compat lib-symbol-versions maintainer-makefile manywarnings memmem-simple minmax netdb netinet_in pmccabe2html read-file secure_getenv snprintf stdint strcase strndup strtok_r strverscmp sys_socket sys_stat time_r unistd vasprintf vsnprintf warnings gnulib_modules=" -alloca byteswap c-ctype extensions func gendocs getline gettext-h gettimeofday hash-pjw-bare havelib intprops lib-msvc-compat lib-symbol-versions maintainer-makefile manywarnings memmem-simple minmax netdb netinet_in pmccabe2html read-file secure_getenv snprintf stdint strcase strdup-posix strndup strtok_r strverscmp sys_socket sys_stat sys_types time_r unistd valgrind-tests vasprintf vsnprintf warnings +alloca byteswap c-ctype c-strcase extensions func gendocs getline gettext-h gettimeofday hash-pjw-bare havelib intprops lib-msvc-compat lib-symbol-versions maintainer-makefile manywarnings memmem-simple minmax netdb netinet_in pmccabe2html read-file secure_getenv snprintf stdint strcase strdup-posix strndup strtok_r strverscmp sys_socket sys_stat sys_types time_r unistd valgrind-tests vasprintf vsnprintf warnings " unistring_modules=" diff --git a/lib/algorithms/cert_types.c b/lib/algorithms/cert_types.c index dc9fc9a388..6ae4b7e160 100644 --- a/lib/algorithms/cert_types.c +++ b/lib/algorithms/cert_types.c @@ -24,6 +24,7 @@ #include <algorithms.h> #include "errors.h" #include <x509/common.h> +#include "c-strcase.h" /** * gnutls_certificate_type_get_name: @@ -60,11 +61,11 @@ gnutls_certificate_type_t gnutls_certificate_type_get_id(const char *name) { gnutls_certificate_type_t ret = GNUTLS_CRT_UNKNOWN; - if (strcasecmp(name, "X.509") == 0 - || strcasecmp(name, "X509") == 0) + if (c_strcasecmp(name, "X.509") == 0 + || c_strcasecmp(name, "X509") == 0) return GNUTLS_CRT_X509; - if (strcasecmp(name, "RAWPK") == 0 - || strcasecmp(name, "RAWPUBKEY") == 0) + if (c_strcasecmp(name, "RAWPK") == 0 + || c_strcasecmp(name, "RAWPUBKEY") == 0) return GNUTLS_CRT_RAWPK; return ret; diff --git a/lib/algorithms/ciphers.c b/lib/algorithms/ciphers.c index 6014da2aea..bbdb1c8524 100644 --- a/lib/algorithms/ciphers.c +++ b/lib/algorithms/ciphers.c @@ -24,9 +24,10 @@ #include <algorithms.h> #include "errors.h" #include <x509/common.h> +#include "c-strcase.h" -/* Note that all algorithms are in CBC or STREAM modes. +/* Note that all algorithms are in CBC or STREAM modes. * Do not add any algorithms in other modes (avoid modified algorithms). * View first: "The order of encryption and authentication for * protecting communications" by Hugo Krawczyk - CRYPTO 2001 @@ -54,7 +55,7 @@ static const cipher_entry_st algorithms[] = { .cipher_iv = 16}, { .name = "AES-128-CBC", .id = GNUTLS_CIPHER_AES_128_CBC, - .blocksize = 16, + .blocksize = 16, .keysize = 16, .type = CIPHER_BLOCK, .explicit_iv = 16, @@ -121,14 +122,14 @@ static const cipher_entry_st algorithms[] = { .id = GNUTLS_CIPHER_ARCFOUR_128, .blocksize = 1, .keysize = 16, - .type = CIPHER_STREAM, + .type = CIPHER_STREAM, 0, 0, 0, 0}, - { .name = "ESTREAM-SALSA20-256", + { .name = "ESTREAM-SALSA20-256", .id = GNUTLS_CIPHER_ESTREAM_SALSA20_256, .blocksize = 64, .keysize = 32, .type = CIPHER_STREAM, 0, 0, 8, 0}, - { .name = "SALSA20-256", + { .name = "SALSA20-256", .id = GNUTLS_CIPHER_SALSA20_256, .blocksize = 64, .keysize = 32, @@ -218,24 +219,24 @@ static const cipher_entry_st algorithms[] = { .type = CIPHER_STREAM, .implicit_iv = 8, .cipher_iv = 8}, - { .name = "3DES-CBC", + { .name = "3DES-CBC", .id = GNUTLS_CIPHER_3DES_CBC, .blocksize = 8, .keysize = 24, .type = CIPHER_BLOCK, .explicit_iv = 8, .cipher_iv = 8}, - { .name = "DES-CBC", + { .name = "DES-CBC", .id = GNUTLS_CIPHER_DES_CBC, .blocksize = 8, .keysize = 8, .type = CIPHER_BLOCK, .explicit_iv = 8, .cipher_iv = 8}, - { .name = "ARCFOUR-40", + { .name = "ARCFOUR-40", .id = GNUTLS_CIPHER_ARCFOUR_40, .blocksize = 1, - .keysize = 5, + .keysize = 5, .type = CIPHER_STREAM}, { .name = "RC2-40", .id = GNUTLS_CIPHER_RC2_40_CBC, @@ -275,7 +276,7 @@ const cipher_entry_st *_gnutls_cipher_to_entry(gnutls_cipher_algorithm_t c) const cipher_entry_st *cipher_name_to_entry(const char *name) { GNUTLS_CIPHER_LOOP( - if (strcasecmp(p->name, name) == 0) { + if (c_strcasecmp(p->name, name) == 0) { return p; } ); @@ -382,9 +383,9 @@ gnutls_cipher_algorithm_t gnutls_cipher_get_id(const char *name) gnutls_cipher_algorithm_t ret = GNUTLS_CIPHER_UNKNOWN; GNUTLS_CIPHER_LOOP( - if (strcasecmp(p->name, name) == 0) { + if (c_strcasecmp(p->name, name) == 0) { if (p->id == GNUTLS_CIPHER_NULL || _gnutls_cipher_exists(p->id)) - ret = p->id; + ret = p->id; break; } ); diff --git a/lib/algorithms/ecc.c b/lib/algorithms/ecc.c index 7537708d90..9777ac2337 100644 --- a/lib/algorithms/ecc.c +++ b/lib/algorithms/ecc.c @@ -25,6 +25,7 @@ #include "errors.h" #include <x509/common.h> #include <pk.h> +#include "c-strcase.h" /* Supported ECC curves */ @@ -161,7 +162,7 @@ const gnutls_ecc_curve_t *gnutls_ecc_curve_list(void) int i = 0; GNUTLS_ECC_CURVE_LOOP( - if (_gnutls_pk_curve_exists(p->id)) + if (_gnutls_pk_curve_exists(p->id)) supported_curves[i++] = p->id; ); supported_curves[i++] = 0; @@ -184,7 +185,7 @@ gnutls_ecc_curve_t gnutls_oid_to_ecc_curve(const char *oid) gnutls_ecc_curve_t ret = GNUTLS_ECC_CURVE_INVALID; GNUTLS_ECC_CURVE_LOOP( - if (p->oid != NULL && strcasecmp(p->oid, oid) == 0 && _gnutls_pk_curve_exists(p->id)) { + if (p->oid != NULL && c_strcasecmp(p->oid, oid) == 0 && _gnutls_pk_curve_exists(p->id)) { ret = p->id; break; } @@ -209,7 +210,7 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get_id(const char *name) gnutls_ecc_curve_t ret = GNUTLS_ECC_CURVE_INVALID; GNUTLS_ECC_CURVE_LOOP( - if (strcasecmp(p->name, name) == 0 && _gnutls_pk_curve_exists(p->id)) { + if (c_strcasecmp(p->name, name) == 0 && _gnutls_pk_curve_exists(p->id)) { ret = p->id; break; } @@ -304,7 +305,7 @@ const char *gnutls_ecc_curve_get_oid(gnutls_ecc_curve_t curve) GNUTLS_ECC_CURVE_LOOP( if (p->id == curve) { - ret = p->oid; + ret = p->oid; break; } ); diff --git a/lib/algorithms/groups.c b/lib/algorithms/groups.c index ccff59f098..70f0ee28c7 100644 --- a/lib/algorithms/groups.c +++ b/lib/algorithms/groups.c @@ -25,6 +25,7 @@ #include "errors.h" #include <x509/common.h> #include <pk.h> +#include "c-strcase.h" /* Supported ECC curves */ @@ -176,7 +177,7 @@ const gnutls_group_t *gnutls_group_list(void) int i = 0; GNUTLS_GROUP_LOOP( - if (p->curve == 0 || _gnutls_pk_curve_exists(p->curve)) + if (p->curve == 0 || _gnutls_pk_curve_exists(p->curve)) groups[i++] = p->id; ); groups[i++] = 0; @@ -201,7 +202,7 @@ gnutls_group_t gnutls_group_get_id(const char *name) gnutls_group_t ret = GNUTLS_GROUP_INVALID; GNUTLS_GROUP_LOOP( - if (strcasecmp(p->name, name) == 0 && ( + if (c_strcasecmp(p->name, name) == 0 && ( p->curve == 0 ||_gnutls_pk_curve_exists(p->curve))) { ret = p->id; break; diff --git a/lib/algorithms/kx.c b/lib/algorithms/kx.c index 51f3f077a1..22d6d37dd5 100644 --- a/lib/algorithms/kx.c +++ b/lib/algorithms/kx.c @@ -25,6 +25,7 @@ #include "errors.h" #include <x509/common.h> #include "state.h" +#include "c-strcase.h" extern mod_auth_st rsa_auth_struct; extern mod_auth_st dhe_rsa_auth_struct; @@ -42,7 +43,7 @@ extern mod_auth_st srp_rsa_auth_struct; extern mod_auth_st srp_dss_auth_struct; -/* Cred type mappings to KX algorithms +/* Cred type mappings to KX algorithms * FIXME: The mappings are not 1-1. Some KX such as SRP_RSA require * more than one credentials type. */ @@ -180,7 +181,7 @@ gnutls_kx_algorithm_t gnutls_kx_get_id(const char *name) gnutls_kx_algorithm_t ret = GNUTLS_KX_UNKNOWN; GNUTLS_KX_LOOP( - if (strcasecmp(p->name, name) == 0 && (int)p->algorithm != GNUTLS_KX_INVALID) { + if (c_strcasecmp(p->name, name) == 0 && (int)p->algorithm != GNUTLS_KX_INVALID) { ret = p->algorithm; break; } @@ -198,7 +199,7 @@ int _gnutls_kx_get_id(const char *name) gnutls_kx_algorithm_t ret = GNUTLS_KX_UNKNOWN; GNUTLS_KX_LOOP( - if (strcasecmp(p->name, name) == 0) { + if (c_strcasecmp(p->name, name) == 0) { ret = p->algorithm; break; } @@ -265,7 +266,7 @@ bool _gnutls_kx_allows_false_start(gnutls_session_t session) ret = 0; } else if (gnutls_dh_get_prime_bits(session) < bits) ret = 0; - } else + } else #endif if (algorithm == GNUTLS_KX_ECDHE_RSA || algorithm == GNUTLS_KX_ECDHE_ECDSA) { bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_EC, GNUTLS_SEC_PARAM_HIGH); diff --git a/lib/algorithms/mac.c b/lib/algorithms/mac.c index 8fc1da2254..6573b35686 100644 --- a/lib/algorithms/mac.c +++ b/lib/algorithms/mac.c @@ -25,6 +25,7 @@ #include <algorithms.h> #include "errors.h" #include <x509/common.h> +#include "c-strcase.h" #define MAC_OID_SHA1 "1.2.840.113549.2.7" #define MAC_OID_SHA224 "1.2.840.113549.2.8" @@ -229,7 +230,7 @@ gnutls_digest_algorithm_t gnutls_digest_get_id(const char *name) gnutls_digest_algorithm_t ret = GNUTLS_DIG_UNKNOWN; GNUTLS_HASH_LOOP( - if (p->oid != NULL && strcasecmp(p->name, name) == 0) { + if (p->oid != NULL && c_strcasecmp(p->name, name) == 0) { if (_gnutls_digest_exists((gnutls_digest_algorithm_t)p->id)) ret = (gnutls_digest_algorithm_t)p->id; break; @@ -254,7 +255,7 @@ gnutls_mac_algorithm_t gnutls_mac_get_id(const char *name) gnutls_mac_algorithm_t ret = GNUTLS_MAC_UNKNOWN; GNUTLS_HASH_LOOP( - if (strcasecmp(p->name, name) == 0) { + if (c_strcasecmp(p->name, name) == 0) { if (p->placeholder != 0 || _gnutls_mac_exists(p->id)) ret = p->id; break; @@ -351,7 +352,7 @@ const gnutls_digest_algorithm_t *gnutls_digest_list(void) GNUTLS_HASH_LOOP( if (p->oid != NULL && (p->placeholder != 0 || _gnutls_mac_exists(p->id))) { - + supported_digests[i++] = (gnutls_digest_algorithm_t)p->id; } ); diff --git a/lib/algorithms/protocols.c b/lib/algorithms/protocols.c index f2277a9e28..501cf350c3 100644 --- a/lib/algorithms/protocols.c +++ b/lib/algorithms/protocols.c @@ -24,6 +24,7 @@ #include <algorithms.h> #include "errors.h" #include <x509/common.h> +#include "c-strcase.h" /* TLS Versions */ static const version_entry_st sup_versions[] = { @@ -242,7 +243,7 @@ const version_entry_st *_gnutls_version_lowest(gnutls_session_t session) return min_v; } -/* Returns the maximum version in the priorities +/* Returns the maximum version in the priorities */ const version_entry_st *_gnutls_version_max(gnutls_session_t session) { @@ -296,7 +297,7 @@ const version_entry_st *_gnutls_legacy_version_max(gnutls_session_t session) } /* Returns the number of bytes written to buffer or a negative - * error code. It will return GNUTLS_E_UNSUPPORTED_VERSION_PACKET + * error code. It will return GNUTLS_E_UNSUPPORTED_VERSION_PACKET * if there is no version >= TLS 1.3. */ int _gnutls_write_supported_versions(gnutls_session_t session, uint8_t *buffer, ssize_t buffer_size) @@ -411,7 +412,7 @@ gnutls_protocol_t gnutls_protocol_get_id(const char *name) gnutls_protocol_t ret = GNUTLS_VERSION_UNKNOWN; for (p = sup_versions; p->name != NULL; p++) { - if (strcasecmp(p->name, name) == 0) { + if (c_strcasecmp(p->name, name) == 0) { ret = p->id; break; } diff --git a/lib/algorithms/sign.c b/lib/algorithms/sign.c index f870ecc545..fcefc9d5eb 100644 --- a/lib/algorithms/sign.c +++ b/lib/algorithms/sign.c @@ -26,6 +26,7 @@ #include "errors.h" #include <x509/common.h> #include <assert.h> +#include "c-strcase.h" /* signature algorithms; */ @@ -503,7 +504,7 @@ gnutls_sign_algorithm_t gnutls_sign_get_id(const char *name) gnutls_sign_algorithm_t ret = GNUTLS_SIGN_UNKNOWN; GNUTLS_SIGN_LOOP( - if (strcasecmp(p->name, name) == 0) { + if (c_strcasecmp(p->name, name) == 0) { ret = p->id; break; } diff --git a/lib/compress.c b/lib/compress.c index a24c7c878f..e510df11b9 100644 --- a/lib/compress.c +++ b/lib/compress.c @@ -21,6 +21,7 @@ */ #include "gnutls_int.h" +#include "c-strcase.h" /* Compatibility compression functions */ @@ -53,7 +54,7 @@ const char *gnutls_compression_get_name(gnutls_compression_method_t **/ gnutls_compression_method_t gnutls_compression_get_id(const char *name) { - if (strcasecmp(name, "NULL") == 0) + if (c_strcasecmp(name, "NULL") == 0) return GNUTLS_COMP_NULL; return GNUTLS_COMP_UNKNOWN; @@ -62,7 +63,7 @@ gnutls_compression_method_t gnutls_compression_get_id(const char *name) /** * gnutls_compression_list: * - * Get a list of compression methods. + * Get a list of compression methods. * * Returns: a zero-terminated list of #gnutls_compression_method_t * integers indicating the available compression methods. diff --git a/lib/priority.c b/lib/priority.c index 53c0d552dd..a9f0403d26 100644 --- a/lib/priority.c +++ b/lib/priority.c @@ -35,6 +35,7 @@ #include "errno.h" #include "ext/srp.h" #include <gnutls/gnutls.h> +#include "c-strcase.h" #define MAX_ELEMENTS 64 @@ -261,7 +262,7 @@ static const int _kx_priority_secure[] = { GNUTLS_KX_RSA, /* KX-RSA is now ahead of DHE-RSA and DHE-DSS due to the compatibility * issues the DHE ciphersuites have. That is, one cannot enforce a specific - * security level without dropping the connection. + * security level without dropping the connection. */ #ifdef ENABLE_DHE GNUTLS_KX_DHE_RSA, @@ -651,7 +652,7 @@ struct priority_groups_st { bool no_tickets; }; -static const struct priority_groups_st pgroups[] = +static const struct priority_groups_st pgroups[] = { {.name = LEVEL_NORMAL, .cipher_list = &cipher_priority_normal, @@ -767,8 +768,8 @@ int check_level(const char *level, gnutls_priority_t priority_cache, if (pgroups[i].name == NULL) return 0; - if (strcasecmp(level, pgroups[i].name) == 0 || - (pgroups[i].alias != NULL && strcasecmp(level, pgroups[i].alias) == 0)) { + if (c_strcasecmp(level, pgroups[i].name) == 0 || + (pgroups[i].alias != NULL && c_strcasecmp(level, pgroups[i].alias) == 0)) { if (pgroups[i].proto_list != NULL) func(&priority_cache->protocol, *pgroups[i].proto_list); func(&priority_cache->_cipher, *pgroups[i].cipher_list); @@ -1443,8 +1444,8 @@ static int set_ciphersuite_list(gnutls_priority_t priority_cache) * included as a fallback only. The ciphers are sorted by security * margin. * - * "PFS" means all "secure" ciphersuites that support perfect forward secrecy. - * The 256-bit ciphers are included as a fallback only. + * "PFS" means all "secure" ciphersuites that support perfect forward secrecy. + * The 256-bit ciphers are included as a fallback only. * The ciphers are sorted by security margin. * * "SECURE128" means all "secure" ciphersuites of security level 128-bit @@ -1494,9 +1495,9 @@ static int set_ciphersuite_list(gnutls_priority_t priority_cache) * "SECURE128:-VERS-SSL3.0" means that only secure ciphers are * and enabled, SSL3.0 is disabled. * - * "NONE:+VERS-TLS-ALL:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:+SIGN-RSA-SHA1", + * "NONE:+VERS-TLS-ALL:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL:+SIGN-RSA-SHA1", * - * "NONE:+VERS-TLS-ALL:+AES-128-CBC:+ECDHE-RSA:+SHA1:+COMP-NULL:+SIGN-RSA-SHA1:+CURVE-SECP256R1", + * "NONE:+VERS-TLS-ALL:+AES-128-CBC:+ECDHE-RSA:+SHA1:+COMP-NULL:+SIGN-RSA-SHA1:+CURVE-SECP256R1", * * "SECURE256:+SECURE128", * @@ -1632,7 +1633,7 @@ gnutls_priority_init(gnutls_priority_t * priority_cache, break_list(darg, broken_list, &broken_list_size); /* This is our default set of protocol version, certificate types. */ - if (strcasecmp(broken_list[0], LEVEL_NONE) != 0) { + if (c_strcasecmp(broken_list[0], LEVEL_NONE) != 0) { _set_priority(&(*priority_cache)->protocol, protocol_priority); _set_priority(&(*priority_cache)->client_ctype, @@ -2065,7 +2066,7 @@ int gnutls_set_default_priority_append(gnutls_session_t session, * @list: will point to an integer list * * Get a list of available elliptic curves in the priority - * structure. + * structure. * * Deprecated: This function has been replaced by * gnutls_priority_group_list() since 3.6.0. @@ -2100,7 +2101,7 @@ gnutls_priority_ecc_curve_list(gnutls_priority_t pcache, * @list: will point to an integer list * * Get a list of available groups in the priority - * structure. + * structure. * * Returns: the number of items, or an error code. * @@ -2123,7 +2124,7 @@ gnutls_priority_group_list(gnutls_priority_t pcache, * @list: will point to an integer list * * Get a list of available key exchange methods in the priority - * structure. + * structure. * * Returns: the number of items, or an error code. * Since: 3.2.3 @@ -2145,7 +2146,7 @@ gnutls_priority_kx_list(gnutls_priority_t pcache, * @list: will point to an integer list * * Get a list of available ciphers in the priority - * structure. + * structure. * * Returns: the number of items, or an error code. * Since: 3.2.3 @@ -2167,7 +2168,7 @@ gnutls_priority_cipher_list(gnutls_priority_t pcache, * @list: will point to an integer list * * Get a list of available MAC algorithms in the priority - * structure. + * structure. * * Returns: the number of items, or an error code. * Since: 3.2.3 @@ -2189,7 +2190,7 @@ gnutls_priority_mac_list(gnutls_priority_t pcache, * @list: will point to an integer list * * Get a list of available compression method in the priority - * structure. + * structure. * * Returns: the number of methods, or an error code. * Since: 3.0 @@ -2210,7 +2211,7 @@ gnutls_priority_compression_list(gnutls_priority_t pcache, * @list: will point to an integer list * * Get a list of available TLS version numbers in the priority - * structure. + * structure. * * Returns: the number of protocols, or an error code. * Since: 3.0 @@ -2232,7 +2233,7 @@ gnutls_priority_protocol_list(gnutls_priority_t pcache, * @list: will point to an integer list * * Get a list of available signature algorithms in the priority - * structure. + * structure. * * Returns: the number of algorithms, or an error code. * Since: 3.0 |