diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/certtool-cfg.c | 138 | ||||
-rw-r--r-- | src/certtool.c | 26 | ||||
-rw-r--r-- | src/cli.c | 30 | ||||
-rw-r--r-- | src/danetool.c | 4 | ||||
-rw-r--r-- | src/list.h | 2 | ||||
-rw-r--r-- | src/ocsptool-common.c | 4 | ||||
-rw-r--r-- | src/ocsptool.c | 4 | ||||
-rw-r--r-- | src/pkcs11.c | 112 | ||||
-rw-r--r-- | src/serv.c | 36 | ||||
-rw-r--r-- | src/tests.c | 2 |
10 files changed, 179 insertions, 179 deletions
diff --git a/src/certtool-cfg.c b/src/certtool-cfg.c index d149021bcb..f4f5ca3045 100644 --- a/src/certtool-cfg.c +++ b/src/certtool-cfg.c @@ -73,7 +73,7 @@ struct cfg_options { unsigned type; /* used when parsing */ - unsigned found; + unsigned found; }; static struct cfg_options available_options[] = { @@ -237,12 +237,12 @@ void cfg_init(void) i = 0; \ s_name = malloc(sizeof(char*)*MAX_ENTRIES); \ do { \ - if (val && !strcmp(val->pzName, name)==0) \ - continue; \ - s_name[i] = strdup(val->v.strVal); \ - i++; \ - if (i>=MAX_ENTRIES) \ - break; \ + if (val && !strcmp(val->pzName, name)==0) \ + continue; \ + s_name[i] = strdup(val->v.strVal); \ + i++; \ + if (i>=MAX_ENTRIES) \ + break; \ } while((val = optionNextValue(pov, val)) != NULL); \ s_name[i] = NULL; \ } \ @@ -259,31 +259,31 @@ void cfg_init(void) i = 0; \ s_name = malloc(sizeof(char*)*MAX_ENTRIES); \ do { \ - if (val && !strcmp(val->pzName, name)==0) \ - continue; \ - len = strlen(val->v.strVal); \ - if (sizeof(str) > len) { \ - strcpy(str, val->v.strVal); \ + if (val && !strcmp(val->pzName, name)==0) \ + continue; \ + len = strlen(val->v.strVal); \ + if (sizeof(str) > len) { \ + strcpy(str, val->v.strVal); \ } else { \ - memcpy(str, val->v.strVal, sizeof(str)-1); \ - str[sizeof(str)-1] = 0; \ + memcpy(str, val->v.strVal, sizeof(str)-1); \ + str[sizeof(str)-1] = 0; \ } \ - if ((p=strchr(str, ' ')) == NULL && (p=strchr(str, '\t')) == NULL) { \ - fprintf(stderr, "Error parsing %s\n", name); \ - exit(1); \ - } \ - p[0] = 0; \ - p++; \ - s_name[i] = strdup(str); \ - while(*p==' ' || *p == '\t') p++; \ - if (p[0] == 0) { \ - fprintf(stderr, "Error (2) parsing %s\n", name); \ - exit(1); \ - } \ - s_name[i+1] = strdup(p); \ - i+=2; \ - if (i>=MAX_ENTRIES) \ - break; \ + if ((p=strchr(str, ' ')) == NULL && (p=strchr(str, '\t')) == NULL) { \ + fprintf(stderr, "Error parsing %s\n", name); \ + exit(1); \ + } \ + p[0] = 0; \ + p++; \ + s_name[i] = strdup(str); \ + while(*p==' ' || *p == '\t') p++; \ + if (p[0] == 0) { \ + fprintf(stderr, "Error (2) parsing %s\n", name); \ + exit(1); \ + } \ + s_name[i+1] = strdup(p); \ + i+=2; \ + if (i>=MAX_ENTRIES) \ + break; \ } while((val = optionNextValue(pov, val)) != NULL); \ s_name[i] = NULL; \ } \ @@ -299,8 +299,8 @@ void cfg_init(void) /* READ_NUMERIC only returns a long */ #define CHECK_LONG_OVERFLOW(x) \ if (x == LONG_MAX) { \ - fprintf(stderr, "overflow in number\n"); \ - exit(1); \ + fprintf(stderr, "overflow in number\n"); \ + exit(1); \ } #define READ_NUMERIC(name, s_name) \ @@ -308,9 +308,9 @@ void cfg_init(void) if (val != NULL) \ { \ if (val->valType == OPARG_TYPE_NUMERIC) \ - s_name = val->v.longVal; \ + s_name = val->v.longVal; \ else if (val->valType == OPARG_TYPE_STRING) \ - s_name = strtol(val->v.strVal, NULL, 10); \ + s_name = strtol(val->v.strVal, NULL, 10); \ } #define HEX_DECODE(hex, output, output_size) \ @@ -339,7 +339,7 @@ unsigned len, cmp; cmp = strcasecmp(val->pzName, available_options[j].name); if (cmp == 0) { - if (available_options[j].type != OPTION_MULTI_LINE && + if (available_options[j].type != OPTION_MULTI_LINE && available_options[j].found != 0) { fprintf(stderr, "Warning: multiple options found for '%s'; only the first will be taken into account.\n", available_options[j].name); } @@ -1463,18 +1463,18 @@ time_t get_date(const char* date) struct timespec r; if (date==NULL || parse_datetime(&r, date, NULL) == 0) { - fprintf(stderr, "Cannot parse date: %s\n", date); - exit(1); - } - - return r.tv_sec; + fprintf(stderr, "Cannot parse date: %s\n", date); + exit(1); + } + + return r.tv_sec; } time_t get_activation_date(void) { if (batch && cfg.activation_date != NULL) { - return get_date(cfg.activation_date); + return get_date(cfg.activation_date); } return time(NULL); @@ -1484,7 +1484,7 @@ time_t get_crl_revocation_date(void) { if (batch && cfg.revocation_date != NULL) { - return get_date(cfg.revocation_date); + return get_date(cfg.revocation_date); } return time(NULL); @@ -1494,7 +1494,7 @@ time_t get_crl_this_update_date(void) { if (batch && cfg.this_update_date != NULL) { - return get_date(cfg.this_update_date); + return get_date(cfg.this_update_date); } return time(NULL); @@ -1506,26 +1506,26 @@ time_t days_to_secs(int days) time_t secs = days; time_t now = time(NULL); - if (secs != (time_t)-1) { - if (INT_MULTIPLY_OVERFLOW(secs, 24*60*60)) { - goto overflow; - } else { - secs *= 24*60*60; - } - } - - if (secs != (time_t)-1) { - if (INT_ADD_OVERFLOW(secs, now)) { - goto overflow; - } else { - secs += now; - } - } - - return secs; + if (secs != (time_t)-1) { + if (INT_MULTIPLY_OVERFLOW(secs, 24*60*60)) { + goto overflow; + } else { + secs *= 24*60*60; + } + } + + if (secs != (time_t)-1) { + if (INT_ADD_OVERFLOW(secs, now)) { + goto overflow; + } else { + secs += now; + } + } + + return secs; overflow: - fprintf(stderr, "Overflow while parsing days\n"); - exit(1); + fprintf(stderr, "Overflow while parsing days\n"); + exit(1); } static @@ -1533,13 +1533,13 @@ time_t get_int_date(const char *txt_val, int int_val, const char *msg) { if (batch) { if (txt_val == NULL) { - time_t secs; - - if (int_val == 0 || int_val < -2) - secs = days_to_secs(365); - else { - secs = days_to_secs(int_val); - } + time_t secs; + + if (int_val == 0 || int_val < -2) + secs = days_to_secs(365); + else { + secs = days_to_secs(int_val); + } return secs; } else diff --git a/src/certtool.c b/src/certtool.c index e6563ea8b8..e27f055093 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -58,7 +58,7 @@ void pkcs7_info(common_info_st *); void pkcs7_sign(common_info_st *, unsigned embed); void pkcs7_generate(common_info_st *); void pkcs8_info(void); -void pkcs8_info_int(gnutls_datum_t *data, unsigned format, +void pkcs8_info_int(gnutls_datum_t *data, unsigned format, unsigned ignore_err, FILE *out, const char *tab); void crq_info(void); void smime_to_pkcs7(void); @@ -2324,14 +2324,14 @@ static gnutls_x509_trust_list_t load_tl(common_info_st * cinfo) } ret = - gnutls_x509_trust_list_add_trust_mem(list, &tmp, - tmp2.data?&tmp2:NULL, - cinfo->incert_format, - 0, 0); + gnutls_x509_trust_list_add_trust_mem(list, &tmp, + tmp2.data?&tmp2:NULL, + cinfo->incert_format, + 0, 0); if (ret < 0) { int ret2 = - gnutls_x509_trust_list_add_trust_mem(list, &tmp, - tmp2.data?&tmp2:NULL, + gnutls_x509_trust_list_add_trust_mem(list, &tmp, + tmp2.data?&tmp2:NULL, GNUTLS_X509_FMT_PEM, 0, 0); if (ret2 >= 0) @@ -2519,7 +2519,7 @@ _verify_x509_mem(const void *cert, int cert_size, const void *ca, vflags, &output, detailed_verification); - } else { + } else { ret = gnutls_x509_trust_list_verify_crt(list, x509_cert_list, x509_ncerts, @@ -2595,7 +2595,7 @@ static void verify_chain(void) buf[size] = 0; _verify_x509_mem(buf, size, NULL, 0, 0, OPT_ARG(VERIFY_PURPOSE), - OPT_ARG(VERIFY_HOSTNAME), OPT_ARG(VERIFY_EMAIL)); + OPT_ARG(VERIFY_HOSTNAME), OPT_ARG(VERIFY_EMAIL)); free(buf); } @@ -2736,8 +2736,8 @@ static void print_dn(const char *prefix, const gnutls_datum_t *raw) fprintf(outfile, "%s: %s\n", prefix, str.data); cleanup: - gnutls_x509_dn_deinit(dn); - gnutls_free(str.data); + gnutls_x509_dn_deinit(dn); + gnutls_free(str.data); } static void print_raw(const char *prefix, const gnutls_datum_t *raw) @@ -3448,7 +3448,7 @@ void pkcs12_bag_enc_info(gnutls_pkcs12_bag_t bag, FILE *out) const char *str; char *oid = NULL; - ret = gnutls_pkcs12_bag_enc_info(bag, + ret = gnutls_pkcs12_bag_enc_info(bag, &schema, &cipher, salt, &salt_size, &iter_count, &oid); if (ret == GNUTLS_E_UNKNOWN_CIPHER_TYPE) { fprintf(out, "\tSchema: unsupported (%s)\n", oid); @@ -3623,7 +3623,7 @@ void pkcs12_info(common_info_st * cinfo) } } -void pkcs8_info_int(gnutls_datum_t *data, unsigned format, +void pkcs8_info_int(gnutls_datum_t *data, unsigned format, unsigned ignore_err, FILE *out, const char *tab) { int ret; @@ -751,21 +751,21 @@ gnutls_session_t init_tls_session(const char *host) GNUTLS_HB_PEER_ALLOWED_TO_SEND); #ifdef ENABLE_DTLS_SRTP - if (HAVE_OPT(SRTP_PROFILES)) { - ret = - gnutls_srtp_set_profile_direct(session, - OPT_ARG(SRTP_PROFILES), - &err); - if (ret == GNUTLS_E_INVALID_REQUEST) - fprintf(stderr, "Syntax error at: %s\n", err); - else if (ret != 0) - fprintf(stderr, "Error in profiles: %s\n", - gnutls_strerror(ret)); - else fprintf(stderr,"DTLS profile set to %s\n", - OPT_ARG(SRTP_PROFILES)); - - if (ret != 0) exit(1); - } + if (HAVE_OPT(SRTP_PROFILES)) { + ret = + gnutls_srtp_set_profile_direct(session, + OPT_ARG(SRTP_PROFILES), + &err); + if (ret == GNUTLS_E_INVALID_REQUEST) + fprintf(stderr, "Syntax error at: %s\n", err); + else if (ret != 0) + fprintf(stderr, "Error in profiles: %s\n", + gnutls_strerror(ret)); + else fprintf(stderr,"DTLS profile set to %s\n", + OPT_ARG(SRTP_PROFILES)); + + if (ret != 0) exit(1); + } #endif diff --git a/src/danetool.c b/src/danetool.c index d5883569a3..0334d94c5e 100644 --- a/src/danetool.c +++ b/src/danetool.c @@ -372,8 +372,8 @@ static void dane_check(const char *host, const char *proto, cstr = dane_match_type_name(match); if (cstr == NULL) cstr= "Unknown"; - fprintf(outfile, "Contents: %s (%.2x)\n", cstr, match); - fprintf(outfile, "Data: %s\n", lbuffer); + fprintf(outfile, "Contents: %s (%.2x)\n", cstr, match); + fprintf(outfile, "Data: %s\n", lbuffer); } /* Verify the DANE data */ diff --git a/src/list.h b/src/list.h index 0cccd25857..138f6d476d 100644 --- a/src/list.h +++ b/src/list.h @@ -288,7 +288,7 @@ struct list { memset (__t, 0, (l).item_size); \ __t->prev = (void *) p; \ __t->next = (void *) q; \ - q->prev = (void *) __t; \ + q->prev = (void *) __t; \ p->next = (void *) __t; \ (l).length++; \ } diff --git a/src/ocsptool-common.c b/src/ocsptool-common.c index 19c5af7fa7..654cda08ae 100644 --- a/src/ocsptool-common.c +++ b/src/ocsptool-common.c @@ -409,7 +409,7 @@ check_ocsp_response(gnutls_x509_crt_t cert, } if (nonce) { - gnutls_datum_t rnonce; + gnutls_datum_t rnonce; ret = gnutls_ocsp_resp_get_nonce(resp, NULL, &rnonce); if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { @@ -430,7 +430,7 @@ check_ocsp_response(gnutls_x509_crt_t cert, exit(1); } - gnutls_free(rnonce.data); + gnutls_free(rnonce.data); } finish_ok: diff --git a/src/ocsptool.c b/src/ocsptool.c index 5e38410429..c7610e9a5c 100644 --- a/src/ocsptool.c +++ b/src/ocsptool.c @@ -323,7 +323,7 @@ static int _verify_response(gnutls_datum_t * data, gnutls_datum_t * nonce, } if (nonce) { - gnutls_datum_t rnonce; + gnutls_datum_t rnonce; ret = gnutls_ocsp_resp_get_nonce(resp, NULL, &rnonce); if (ret < 0) { @@ -338,7 +338,7 @@ static int _verify_response(gnutls_datum_t * data, gnutls_datum_t * nonce, exit(1); } - gnutls_free(rnonce.data); + gnutls_free(rnonce.data); } if (HAVE_OPT(LOAD_TRUST)) { diff --git a/src/pkcs11.c b/src/pkcs11.c index 4bc7c985e9..62f0be6b91 100644 --- a/src/pkcs11.c +++ b/src/pkcs11.c @@ -377,16 +377,16 @@ pkcs11_export(FILE * outfile, const char *url, unsigned int flags, ret = gnutls_pkcs11_obj_export3(obj, info->outcert_format, &t); if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, + fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); - exit(1); - } + exit(1); + } fwrite(t.data, 1, t.size, outfile); gnutls_free(t.data); if (info->outcert_format == GNUTLS_X509_FMT_PEM) - fputs("\n\n", outfile); + fputs("\n\n", outfile); gnutls_pkcs11_obj_deinit(obj); @@ -432,62 +432,62 @@ pkcs11_export_chain(FILE * outfile, const char *url, unsigned int flags, ret = gnutls_x509_crt_import_pkcs11(xcrt, obj); if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, + fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); - exit(1); - } + exit(1); + } ret = gnutls_pkcs11_obj_export3(obj, GNUTLS_X509_FMT_PEM, &t); if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, + fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); - exit(1); - } + exit(1); + } fwrite(t.data, 1, t.size, outfile); - fputs("\n\n", outfile); - gnutls_free(t.data); - - gnutls_pkcs11_obj_deinit(obj); - - do { - ret = gnutls_pkcs11_get_raw_issuer(url, xcrt, &t, GNUTLS_X509_FMT_PEM, 0); - if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) - break; - if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, - __LINE__, gnutls_strerror(ret)); - exit(1); - } - - fwrite(t.data, 1, t.size, outfile); - fputs("\n\n", outfile); - - gnutls_x509_crt_deinit(xcrt); - - ret = gnutls_x509_crt_init(&xcrt); - if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, - __LINE__, gnutls_strerror(ret)); - exit(1); - } - - ret = gnutls_x509_crt_import(xcrt, &t, GNUTLS_X509_FMT_PEM); - if (ret < 0) { - fprintf(stderr, "Error in %s:%d: %s\n", __func__, - __LINE__, gnutls_strerror(ret)); - exit(1); - } - - gnutls_free(t.data); - - ret = gnutls_x509_crt_check_issuer(xcrt, xcrt); - if (ret != 0) { - /* self signed */ - break; - } - - } while(1); - + fputs("\n\n", outfile); + gnutls_free(t.data); + + gnutls_pkcs11_obj_deinit(obj); + + do { + ret = gnutls_pkcs11_get_raw_issuer(url, xcrt, &t, GNUTLS_X509_FMT_PEM, 0); + if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) + break; + if (ret < 0) { + fprintf(stderr, "Error in %s:%d: %s\n", __func__, + __LINE__, gnutls_strerror(ret)); + exit(1); + } + + fwrite(t.data, 1, t.size, outfile); + fputs("\n\n", outfile); + + gnutls_x509_crt_deinit(xcrt); + + ret = gnutls_x509_crt_init(&xcrt); + if (ret < 0) { + fprintf(stderr, "Error in %s:%d: %s\n", __func__, + __LINE__, gnutls_strerror(ret)); + exit(1); + } + + ret = gnutls_x509_crt_import(xcrt, &t, GNUTLS_X509_FMT_PEM); + if (ret < 0) { + fprintf(stderr, "Error in %s:%d: %s\n", __func__, + __LINE__, gnutls_strerror(ret)); + exit(1); + } + + gnutls_free(t.data); + + ret = gnutls_x509_crt_check_issuer(xcrt, xcrt); + if (ret != 0) { + /* self signed */ + break; + } + + } while(1); + UNFIX; return; } @@ -840,8 +840,8 @@ pkcs11_export_pubkey(FILE * outfile, const char *url, int detailed, unsigned int ret = gnutls_pkcs11_privkey_export_pubkey(pkey, - GNUTLS_X509_FMT_PEM, &pubkey, - flags); + GNUTLS_X509_FMT_PEM, &pubkey, + flags); if (ret < 0) { fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__, gnutls_strerror(ret)); diff --git a/src/serv.c b/src/serv.c index 1695725f55..37851a8450 100644 --- a/src/serv.c +++ b/src/serv.c @@ -470,21 +470,21 @@ gnutls_session_t initialize_session(int dtls) GNUTLS_HB_PEER_ALLOWED_TO_SEND); #ifdef ENABLE_DTLS_SRTP - if (HAVE_OPT(SRTP_PROFILES)) { - ret = - gnutls_srtp_set_profile_direct(session, - OPT_ARG(SRTP_PROFILES), - &err); - if (ret == GNUTLS_E_INVALID_REQUEST) - fprintf(stderr, "Syntax error at: %s\n", err); - else if (ret != 0) - fprintf(stderr, "Error in profiles: %s\n", - gnutls_strerror(ret)); - else fprintf(stderr,"DTLS profile set to %s\n", - OPT_ARG(SRTP_PROFILES)); - - if (ret != 0) exit(1); - } + if (HAVE_OPT(SRTP_PROFILES)) { + ret = + gnutls_srtp_set_profile_direct(session, + OPT_ARG(SRTP_PROFILES), + &err); + if (ret == GNUTLS_E_INVALID_REQUEST) + fprintf(stderr, "Syntax error at: %s\n", err); + else if (ret != 0) + fprintf(stderr, "Error in profiles: %s\n", + gnutls_strerror(ret)); + else fprintf(stderr,"DTLS profile set to %s\n", + OPT_ARG(SRTP_PROFILES)); + + if (ret != 0) exit(1); + } #endif @@ -739,7 +739,7 @@ const char *human_addr(const struct sockaddr *sa, socklen_t salen, if (getnameinfo(sa, salen, buf, buflen, NULL, 0, NI_NUMERICHOST) != 0) { return "(error)"; - } + } l = strlen(buf); buf += l; @@ -755,7 +755,7 @@ const char *human_addr(const struct sockaddr *sa, socklen_t salen, if (getnameinfo(sa, salen, NULL, 0, buf, buflen, NI_NUMERICSERV) != 0) { snprintf(buf, buflen, "%s", " unknown"); - } + } return save_buf; } @@ -1485,7 +1485,7 @@ static void tcp_server(const char *name, int port) if (r == GNUTLS_E_HEARTBEAT_PING_RECEIVED) { gnutls_heartbeat_pong(j->tls_session, 0); } else if (r == GNUTLS_E_REHANDSHAKE) { - try_rehandshake(j); + try_rehandshake(j); } else { j->http_state = HTTP_STATE_CLOSING; if (r < 0) { diff --git a/src/tests.c b/src/tests.c index aa5cf18917..b235f0c383 100644 --- a/src/tests.c +++ b/src/tests.c @@ -465,7 +465,7 @@ test_code_t test_dhe_group(gnutls_session_t session) print = raw_to_string(prime.data, prime.size); if (print) { fprintf(fp, " Prime [%d bits]: %s\n", prime.size * 8, - print); + print); } gnutls_dh_get_pubkey(session, &pubkey2); |