diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2004-01-06 20:36:18 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2004-01-06 20:36:18 +0000 |
| commit | 22a8db8a5ec20001742af1a00acd970665dceeaf (patch) | |
| tree | cb54ad43fe625106004248eea2aa6a24eb0b9ff0 | |
| parent | 1db0788f59187bd5fa1676ddd1e22a3ad94e7df4 (diff) | |
| download | gnutls-22a8db8a5ec20001742af1a00acd970665dceeaf.tar.gz | |
Several bug fixes and cleanups by Arne Thomassen.
37 files changed, 212 insertions, 199 deletions
@@ -1,9 +1,12 @@ +Version 1.1.6 +- Several bug fixes, by Arne Thomassen. + Version 1.1.5 (06/01/2004) - Added the gnutls_sign_algorithm type. Version 1.1.4 (04/01/2004) - Improved gnutls-cli's SRP behaviour in SRP ciphersuites. - If they are of highest priority then the abreviated handshake + If they are of highest priority then the abbreviated handshake is used. - Removed all references of missing files. - Changed handshake behaviour to send the lowest TLS version @@ -355,7 +358,7 @@ Version 0.5.4 (27/08/2002) - Added the TLS_RSA_EXPORT_ARCFOUR_40_MD5 ciphersuite. Version 0.5.3 (23/08/2002) -- No changes. Replaces the tarball of 0.5.2 which accidentaly contained +- No changes. Replaces the tarball of 0.5.2 which accidentally contained code from the unstable branch. Version 0.5.2 (22/08/2002) @@ -530,7 +533,7 @@ Version 0.2.11 (16/11/2001) - Changed the meaning of GNUTLS_E_REHANDSHAKE value. If this value is returned, then the caller should perform a handshake or send an alert to the peer. -- Made receive buffer dynamic. Normaly if no large chunks are received +- Made receive buffer dynamic. Normally if no large chunks are received it occupies less space. - Added max_record_size extension - Bugfixes in session handling diff --git a/configure.in b/configure.in index 784631642d..c876f5b668 100644 --- a/configure.in +++ b/configure.in @@ -12,7 +12,7 @@ AC_DEFINE_UNQUOTED(T_OS, "$target_os", [OS name]) dnl Gnutls Version GNUTLS_MAJOR_VERSION=1 GNUTLS_MINOR_VERSION=1 -GNUTLS_MICRO_VERSION=5 +GNUTLS_MICRO_VERSION=6 GNUTLS_VERSION=$GNUTLS_MAJOR_VERSION.$GNUTLS_MINOR_VERSION.$GNUTLS_MICRO_VERSION AC_DEFINE_UNQUOTED(GNUTLS_VERSION, "$GNUTLS_VERSION", [version of gnutls]) @@ -59,7 +59,7 @@ esac dnl In order to use the reentrant libc functions. dnl I hope it is portable enough. -CFLAGS="${CFLAGS} -D_REENTRANT" +CFLAGS="${CFLAGS} -D_REENTRANT -D_THREAD_SAFE" opt_dmalloc_mode=no AC_MSG_CHECKING([whether in dmalloc mode]) diff --git a/doc/tex/cert_auth.tex b/doc/tex/cert_auth.tex index f950321a1f..9c7e79d015 100644 --- a/doc/tex/cert_auth.tex +++ b/doc/tex/cert_auth.tex @@ -55,7 +55,7 @@ into the credentials structure by using \printfunc{gnutls_certificate_set_x509_trust_file}{gnutls\_certificate\_set\_x509\_trust\_file} or \printfunc{gnutls_certificate_set_openpgp_keyring_file}{gnutls\_certificate\_set\_openpgp\_keyring\_file} -for openpgp keys. Note however that the peer's certificate is not automaticaly verified, +for openpgp keys. Note however that the peer's certificate is not automatically verified, you should call \printfunc{gnutls_certificate_verify_peers}{gnutls\_certificate\_verify\_peers}, after a successful handshake, to verify the signatures of the certificate. An alternative way, which reports @@ -72,7 +72,7 @@ the enabled authentication methods. For example keys marked as sign-only, will n access the plain RSA ciphersuites, but only the DHE\_RSA ones. It is recommended not to use RSA keys for both signing and encryption. If possible use the same key for the DHE\_RSA and RSA\_EXPORT ciphersuites, which use signing, -and a different key for the plain RSA ciphersuites, which uses encryption. +and a different key for the plain RSA ciphersuites, which use encryption. All the key exchange methods shown in \hyperref{figure}{figure }{}{fig:cert} are available in certificate authentication. diff --git a/doc/tex/ex-x509-info.tex b/doc/tex/ex-x509-info.tex index b6740081a5..9f21c6719a 100644 --- a/doc/tex/ex-x509-info.tex +++ b/doc/tex/ex-x509-info.tex @@ -7,10 +7,12 @@ static const char* bin2hex( const void* bin, size_t bin_size) { -static char printable[120]; -unsigned char *_bin; +static char printable[110]; +unsigned char *_bin = bin; char* print; + if (bin_size > 50) bin_size = 50; + print = printable; for (i = 0; i < bin_size; i++) { sprintf(print, "%.2x ", _bin[i]); @@ -65,8 +67,9 @@ static void print_x509_certificate_info(gnutls_session session) size = sizeof(serial); gnutls_x509_crt_get_serial(cert, serial, &size); + size = sizeof( serial); printf("\tCertificate serial number: %s\n", - bin2hex( serial, serial_size)); + bin2hex( serial, size)); /* Extract some of the public key algorithm's parameters */ diff --git a/doc/tex/library.tex b/doc/tex/library.tex index 2b8efec57c..9955ca37b9 100644 --- a/doc/tex/library.tex +++ b/doc/tex/library.tex @@ -27,7 +27,7 @@ Important features of the \gnutls{} library include: \item Thread safety \end{itemize} -Additionaly \gnutls{} provides a limited emulation API for the widely used +Additionally \gnutls{} provides a limited emulation API for the widely used OpenSSL\footnote{\htmladdnormallink{http://www.openssl.org/}{http://www.openssl.org/}} library, to ease integration with existing applications. diff --git a/doc/tex/programs.tex b/doc/tex/programs.tex index 8489f20bea..16e66fd4e1 100644 --- a/doc/tex/programs.tex +++ b/doc/tex/programs.tex @@ -7,7 +7,7 @@ The ``gnutls-srpcrypt'' is a very simple program that emulates the programs in t \emph{Stanford SRP libraries}. It is intended for use in places where you don't expect SRP authentication to be the used for system users. -Traditionaly \emph{libsrp} used two files. One called 'tpasswd' which holds usernames +Traditionally \emph{libsrp} used two files. One called 'tpasswd' which holds usernames and verifiers, and 'tpasswd.conf' which holds generators and primes. \par How to use srpcrypt: diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c index d20cecc3db..db5876317b 100644 --- a/lib/gnutls_algorithms.c +++ b/lib/gnutls_algorithms.c @@ -160,16 +160,15 @@ static const gnutls_cipher_entry algorithms[] = { struct gnutls_hash_entry { const char *name; gnutls_mac_algorithm id; - size_t digestsize; }; typedef struct gnutls_hash_entry gnutls_hash_entry; static const gnutls_hash_entry hash_algorithms[] = { - {"SHA", GNUTLS_MAC_SHA, 20}, - {"MD5", GNUTLS_MAC_MD5, 16}, - {"RIPEMD160", GNUTLS_MAC_RMD160, 20}, - {"NULL", GNUTLS_MAC_NULL, 0}, - {0, 0, 0} + {"SHA", GNUTLS_MAC_SHA}, + {"MD5", GNUTLS_MAC_MD5}, + {"RIPEMD160", GNUTLS_MAC_RMD160}, + {"NULL", GNUTLS_MAC_NULL}, + {0, 0} }; #define GNUTLS_HASH_LOOP(b) \ @@ -482,15 +481,6 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { /* Generic Functions */ -/* HASHES */ -int _gnutls_mac_get_digest_size(gnutls_mac_algorithm algorithm) -{ - size_t ret = 0; - GNUTLS_HASH_ALG_LOOP(ret = p->digestsize); - return ret; - -} - inline int _gnutls_mac_priority(gnutls_session session, gnutls_mac_algorithm algorithm) { /* actually returns the priority */ unsigned int i; @@ -1364,7 +1354,7 @@ gnutls_pk_algorithm _gnutls_map_pk_get_pk(gnutls_kx_algorithm kx_algorithm) return ret; } -/* Returns the encipher type for the the given key exchange algorithm. +/* Returns the encipher type for the given key exchange algorithm. * That one of CIPHER_ENCRYPT, CIPHER_SIGN, CIPHER_IGN. * * ex. GNUTLS_KX_RSA requires a certificate able to encrypt... so returns CIPHER_ENCRYPT. diff --git a/lib/gnutls_algorithms.h b/lib/gnutls_algorithms.h index db3789a00e..7038e99ff2 100644 --- a/lib/gnutls_algorithms.h +++ b/lib/gnutls_algorithms.h @@ -31,7 +31,6 @@ int _gnutls_version_get_minor( gnutls_protocol_version ver); gnutls_protocol_version _gnutls_version_get( int major, int minor); /* functions for macs */ -int _gnutls_mac_get_digest_size(gnutls_mac_algorithm algorithm); const char* gnutls_mac_get_name(gnutls_mac_algorithm algorithm); int _gnutls_mac_is_ok(gnutls_mac_algorithm algorithm); int _gnutls_mac_priority(gnutls_session session, gnutls_mac_algorithm algorithm); diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c index 62e1d71a87..a7a2297780 100644 --- a/lib/gnutls_cert.c +++ b/lib/gnutls_cert.c @@ -264,7 +264,7 @@ void gnutls_certificate_server_set_request(gnutls_session session, * * This function specifies what we, in case of a client, are going * to do when we have to send a certificate. If this callback - * function is not provided then gnutls will automaticaly try to + * function is not provided then gnutls will automatically try to * find an appropriate certificate to send. The appropriate certificate * is chosen based on the CAs sent by the server, and the requested * public key algorithms. @@ -299,7 +299,7 @@ void gnutls_certificate_client_set_select_function(gnutls_session session, * * This function specifies what we, in case of a server, are going * to do when we have to send a certificate. If this callback - * function is not provided then gnutls will automaticaly try to + * function is not provided then gnutls will automatically try to * find an appropriate certificate to send. (actually send the first in the list) * * In case the callback returned a negative number then gnutls will diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c index 2d19e0fb82..078ed0dd42 100644 --- a/lib/gnutls_cipher.c +++ b/lib/gnutls_cipher.c @@ -145,7 +145,10 @@ int _gnutls_decrypt(gnutls_session session, opaque *ciphertext, if (gtxt.size > data_size) { gnutls_assert(); _gnutls_free_datum( >xt); - return GNUTLS_E_MEMORY_ERROR; + /* This shouldn't have happen and + * is a TLS fatal error. + */ + return GNUTLS_E_INTERNAL_ERROR; } memcpy( data, gtxt.data, gtxt.size); @@ -254,7 +257,7 @@ int _gnutls_compressed2ciphertext(gnutls_session session, GNUTLS_MAC_HANDLE td; uint8 type = _type; uint8 major, minor; - int hash_size = _gnutls_mac_get_digest_size(session->security_parameters.write_mac_algorithm); + int hash_size = _gnutls_hash_get_algo_len(session->security_parameters.write_mac_algorithm); gnutls_protocol_version ver; int blocksize = _gnutls_cipher_get_block_size(session->security_parameters. @@ -285,7 +288,7 @@ int _gnutls_compressed2ciphertext(gnutls_session session, _gnutls_hmac(td, UINT64DATA(session->connection_state.write_sequence_number), 8); _gnutls_hmac(td, &type, 1); - if ( ver >= GNUTLS_TLS1) { /* TLS 1.0 only */ + if ( ver >= GNUTLS_TLS1) { /* TLS 1.0 or higher */ _gnutls_hmac(td, &major, 1); _gnutls_hmac(td, &minor, 1); } @@ -365,7 +368,7 @@ int _gnutls_ciphertext2compressed(gnutls_session session, int ret, i, pad_failed = 0; uint8 major, minor; gnutls_protocol_version ver; - int hash_size = _gnutls_mac_get_digest_size(session->security_parameters.read_mac_algorithm); + int hash_size = _gnutls_hash_get_algo_len(session->security_parameters.read_mac_algorithm); ver = gnutls_protocol_get_version( session); minor = _gnutls_version_get_minor(ver); @@ -441,7 +444,7 @@ int _gnutls_ciphertext2compressed(gnutls_session session, pad_failed = GNUTLS_E_DECRYPTION_FAILED; } - /* Check the pading bytes (TLS 1.x only) + /* Check the pading bytes (TLS 1.x) */ if ( ver >= GNUTLS_TLS1) for (i=2;i<pad;i++) { @@ -465,7 +468,7 @@ int _gnutls_ciphertext2compressed(gnutls_session session, _gnutls_hmac(td, UINT64DATA(session->connection_state.read_sequence_number), 8); _gnutls_hmac(td, &type, 1); - if ( ver >= GNUTLS_TLS1) { /* TLS 1.0 only */ + if ( ver >= GNUTLS_TLS1) { /* TLS 1.x */ _gnutls_hmac(td, &major, 1); _gnutls_hmac(td, &minor, 1); } diff --git a/lib/gnutls_constate.c b/lib/gnutls_constate.c index fca9088d5b..bc7b9ae6da 100644 --- a/lib/gnutls_constate.c +++ b/lib/gnutls_constate.c @@ -362,7 +362,7 @@ int _gnutls_set_read_keys(gnutls_session session) mac_algo = session->security_parameters.read_mac_algorithm; algo = session->security_parameters.read_bulk_cipher_algorithm; - hash_size = _gnutls_mac_get_digest_size(mac_algo); + hash_size = _gnutls_hash_get_algo_len(mac_algo); IV_size = _gnutls_cipher_get_iv_size(algo); key_size = gnutls_cipher_get_key_size(algo); export_flag = _gnutls_cipher_get_export_flag(algo); @@ -382,7 +382,7 @@ int _gnutls_set_write_keys(gnutls_session session) mac_algo = session->security_parameters.write_mac_algorithm; algo = session->security_parameters.write_bulk_cipher_algorithm; - hash_size = _gnutls_mac_get_digest_size(mac_algo); + hash_size = _gnutls_hash_get_algo_len(mac_algo); IV_size = _gnutls_cipher_get_iv_size(algo); key_size = gnutls_cipher_get_key_size(algo); export_flag = _gnutls_cipher_get_export_flag(algo); @@ -535,7 +535,7 @@ int _gnutls_read_connection_state_init(gnutls_session session) mac_size = - _gnutls_mac_get_digest_size(session->security_parameters. + _gnutls_hash_get_algo_len(session->security_parameters. read_mac_algorithm); _gnutls_handshake_log @@ -718,7 +718,7 @@ int _gnutls_write_connection_state_init(gnutls_session session) write_compression_state, 0); mac_size = - _gnutls_mac_get_digest_size(session->security_parameters. + _gnutls_hash_get_algo_len(session->security_parameters. write_mac_algorithm); _gnutls_handshake_log diff --git a/lib/gnutls_errors.c b/lib/gnutls_errors.c index 3adaea9f26..390e713104 100644 --- a/lib/gnutls_errors.c +++ b/lib/gnutls_errors.c @@ -206,8 +206,8 @@ void gnutls_perror(int error) * @error: is an error returned by a gnutls function. Error is always a negative value. * * This function is similar to strerror(). Differences: it accepts an error - * number returned by a gnutls function; it might return NULL in the case of - * an unknown error number. + * number returned by a gnutls function; In case of an unknown error + * a descriptive string is sent instead of NULL. **/ const char* gnutls_strerror(int error) { @@ -216,7 +216,7 @@ const char* gnutls_strerror(int error) /* avoid prefix */ GNUTLS_ERROR_ALG_LOOP(ret = p->desc); - + if (ret == NULL) return "(unknown error code)"; return ret; } diff --git a/lib/gnutls_global.c b/lib/gnutls_global.c index c89fd3332e..0c6bf8525a 100644 --- a/lib/gnutls_global.c +++ b/lib/gnutls_global.c @@ -328,7 +328,7 @@ parse_version_string( const char *s, int *major, int *minor, int *micro ) * gnutls_check_version - This function checks the library's version * @req_version: the version to check * - * Check that the the version of the library is at minimum the requested one + * Check that the version of the library is at minimum the requested one * and return the version string; return NULL if the condition is not * satisfied. If a NULL is passed to this function, no check is done, * but the version string is simply returned. diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 38767ba350..9d9de3d230 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -1784,7 +1784,7 @@ int _gnutls_recv_hello(gnutls_session session, opaque *data, int datalen) /** * gnutls_rehandshake - This function will renegotiate security parameters - * @session: is a a &gnutls_session structure. + * @session: is a &gnutls_session structure. * * This function will renegotiate security parameters with the * client. This should only be called in case of a server. @@ -2518,7 +2518,7 @@ int _gnutls_remove_unwanted_ciphersuites(gnutls_session session, /** * gnutls_handshake_set_max_packet_length - This function will set the maximum length of a handshake message - * @session: is a a &gnutls_session structure. + * @session: is a &gnutls_session structure. * @max: is the maximum number. * * This function will set the maximum size of a handshake message. diff --git a/lib/gnutls_hash_int.c b/lib/gnutls_hash_int.c index b7dd519c16..9877fc46d7 100644 --- a/lib/gnutls_hash_int.c +++ b/lib/gnutls_hash_int.c @@ -31,8 +31,8 @@ GNUTLS_HASH_HANDLE _gnutls_hash_init(gnutls_mac_algorithm algorithm) { - GNUTLS_MAC_HANDLE ret = NULL; - gcry_error_t result = 0; + GNUTLS_MAC_HANDLE ret; + gcry_error_t result; ret = gnutls_malloc(sizeof(GNUTLS_MAC_HANDLE_INT)); if (ret == NULL) { @@ -54,8 +54,7 @@ GNUTLS_HASH_HANDLE _gnutls_hash_init(gnutls_mac_algorithm algorithm) break; default: gnutls_assert(); - gnutls_free( ret); - ret = GNUTLS_HASH_FAILED; + result = -1; } if (result) { @@ -79,7 +78,7 @@ int _gnutls_hash_get_algo_len(gnutls_mac_algorithm algorithm) ret = gcry_md_get_algo_dlen(GCRY_MD_MD5); break; case GNUTLS_MAC_RMD160: - ret = gcry_md_get_algo_dlen(GCRY_MD_MD5); + ret = gcry_md_get_algo_dlen(GCRY_MD_RMD160); break; default: ret = 0; break; @@ -125,12 +124,12 @@ void _gnutls_hash_deinit(GNUTLS_HASH_HANDLE handle, void *digest) opaque *mac; int maclen; - maclen = gcry_md_get_algo_dlen(gcry_md_get_algo(handle->handle)); + maclen = _gnutls_hash_get_algo_len( handle->algorithm); + gcry_md_final(handle->handle); mac = gcry_md_read(handle->handle, 0); if (digest != NULL) - memcpy(digest, mac, - _gnutls_hash_get_algo_len(handle->algorithm)); + memcpy(digest, mac, maclen); gcry_md_close(handle->handle); @@ -142,7 +141,7 @@ GNUTLS_MAC_HANDLE _gnutls_hmac_init(gnutls_mac_algorithm algorithm, const void *key, int keylen) { GNUTLS_MAC_HANDLE ret; - gcry_error_t result = 0; + gcry_error_t result; ret = gnutls_malloc(sizeof(GNUTLS_MAC_HANDLE_INT)); if (ret == NULL) @@ -159,12 +158,15 @@ GNUTLS_MAC_HANDLE _gnutls_hmac_init(gnutls_mac_algorithm algorithm, result = gcry_md_open(&ret->handle, GCRY_MD_RMD160, GCRY_MD_FLAG_HMAC); break; default: - gnutls_free(ret); - ret = GNUTLS_MAC_FAILED; + gnutls_assert(); + result = -1; } - if (result) + if (result) { + gnutls_assert(); + gnutls_free(ret); ret = GNUTLS_MAC_FAILED; + } if (ret != GNUTLS_MAC_FAILED) { gcry_md_setkey(ret->handle, key, keylen); @@ -177,26 +179,12 @@ GNUTLS_MAC_HANDLE _gnutls_hmac_init(gnutls_mac_algorithm algorithm, return ret; } - -int _gnutls_hmac_get_algo_len(gnutls_mac_algorithm algorithm) -{ - return _gnutls_hash_get_algo_len( algorithm); -} - -int _gnutls_hmac(GNUTLS_MAC_HANDLE handle, const void *text, size_t textlen) -{ - - gcry_md_write(handle->handle, text, textlen); - return 0; - -} - void _gnutls_hmac_deinit(GNUTLS_MAC_HANDLE handle, void *digest) { opaque *mac; int maclen; - maclen = gcry_md_get_algo_dlen(gcry_md_get_algo(handle->handle)); + maclen = _gnutls_hash_get_algo_len( handle->algorithm); gcry_md_final(handle->handle); mac = gcry_md_read(handle->handle, 0); diff --git a/lib/gnutls_hash_int.h b/lib/gnutls_hash_int.h index 9a106b0989..eee1db96f3 100644 --- a/lib/gnutls_hash_int.h +++ b/lib/gnutls_hash_int.h @@ -38,8 +38,8 @@ typedef GNUTLS_MAC_HANDLE GNUTLS_HASH_HANDLE; #define GNUTLS_MAC_FAILED NULL GNUTLS_MAC_HANDLE _gnutls_hmac_init( gnutls_mac_algorithm algorithm, const void* key, int keylen); -int _gnutls_hmac_get_algo_len(gnutls_mac_algorithm algorithm); -int _gnutls_hmac(GNUTLS_MAC_HANDLE handle, const void* text, size_t textlen); +#define _gnutls_hmac_get_algo_len _gnutls_hash_get_algo_len +#define _gnutls_hmac _gnutls_hash void _gnutls_hmac_deinit( GNUTLS_MAC_HANDLE handle, void* digest); GNUTLS_MAC_HANDLE _gnutls_mac_init_ssl3( gnutls_mac_algorithm algorithm, void* key, int keylen); diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index c20ab7b8f1..91c0e8585b 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -581,7 +581,7 @@ typedef struct { */ uint16 proposed_record_size; - /* holds the the selected certificate and key. + /* holds the selected certificate and key. * use _gnutls_selected_certs_deinit() and _gnutls_selected_certs_set() * to change them. */ diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c index eb0c22028b..91d77d2207 100644 --- a/lib/gnutls_record.c +++ b/lib/gnutls_record.c @@ -877,10 +877,10 @@ ssize_t gnutls_record_send( gnutls_session session, const void *data, size_t siz * @sizeofdata: is the length of the data * * This function has the similar semantics to send(). The only - * difference is that is accepts a GNUTLS session. + * difference is that it accepts a GNUTLS session. * - * If the server requests a renegotiation the client may receive - * and error code of GNUTLS_E_REHANDSHAKE. This message may be + * If the server requests a renegotiation, the client may receive + * an error code of GNUTLS_E_REHANDSHAKE. This message may be * simply ignored, replied with an alert containing NO_RENEGOTIATION, * or replied with a new handshake. * diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index 1ed1310df8..d63893d55b 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -21,7 +21,7 @@ */ /* Functions to manipulate the session (gnutls_int.h), and some other stuff - * are included here. The file's name is traditionaly gnutls_state even if the + * are included here. The file's name is traditionally gnutls_state even if the * state has been renamed to session. */ @@ -755,7 +755,7 @@ void gnutls_session_set_ptr(gnutls_session session, void* ptr) /** * gnutls_record_get_direction - This function will return the direction of the last interrupted function call - * @session: is a a &gnutls_session structure. + * @session: is a &gnutls_session structure. * * This function provides information about the internals of the record * protocol and is only useful if a prior gnutls function call (e.g. diff --git a/lib/x509/crl.c b/lib/x509/crl.c index 552f1e6c9c..3ae42dced9 100644 --- a/lib/x509/crl.c +++ b/lib/x509/crl.c @@ -56,6 +56,7 @@ int gnutls_x509_crl_init(gnutls_x509_crl * crl) &(*crl)->crl); if (result != ASN1_SUCCESS) { gnutls_assert(); + gnutls_free( *crl); return _gnutls_asn2err(result); } return 0; /* success */ @@ -155,7 +156,7 @@ int gnutls_x509_crl_import(gnutls_x509_crl crl, const gnutls_datum * data, * gnutls_x509_crl_get_issuer_dn - This function returns the CRL's issuer distinguished name * @crl: should contain a gnutls_x509_crl structure * @buf: a pointer to a structure to hold the peer's name (may be null) - * @sizeof_buf: initialy holds the size of 'buf' + * @sizeof_buf: initially holds the size of @buf * * This function will copy the name of the CRL issuer in the provided buffer. The name * will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in RFC2253. The output @@ -188,7 +189,7 @@ int gnutls_x509_crl_get_issuer_dn(gnutls_x509_crl crl, char *buf, * @indx: In case multiple same OIDs exist in the RDN, this specifies which to send. Use zero to get the first one. * @raw_flag: If non zero returns the raw DER data of the DN part. * @buf: a pointer to a structure to hold the peer's name (may be null) - * @sizeof_buf: initialy holds the size of 'buf' + * @sizeof_buf: initially holds the size of @buf * * This function will extract the part of the name of the CRL issuer specified * by the given OID. The output will be encoded as described in RFC2253. The output @@ -225,7 +226,7 @@ int gnutls_x509_crl_get_issuer_dn_by_oid(gnutls_x509_crl crl, * @crl: should contain a gnutls_x509_crl structure * @indx: Specifies which DN OID to send. Use zero to get the first one. * @oid: a pointer to a structure to hold the name (may be null) - * @sizeof_oid: initialy holds the size of 'oid' + * @sizeof_oid: initially holds the size of 'oid' * * This function will extract the requested OID of the name of the CRL issuer, specified * by the given index. @@ -398,7 +399,7 @@ int gnutls_x509_crl_get_crt_count(gnutls_x509_crl crl) * @crl: should contain a gnutls_x509_crl structure * @index: the index of the certificate to extract (starting from 0) * @serial: where the serial number will be copied - * @serial_size: initialy holds the size of serial + * @serial_size: initially holds the size of serial * @time: if non null, will hold the time this certificate was revoked * * This function will return the serial number of the specified, by the index, diff --git a/lib/x509/crq.c b/lib/x509/crq.c index 585b8239ea..e6d4d1669c 100644 --- a/lib/x509/crq.c +++ b/lib/x509/crq.c @@ -60,6 +60,7 @@ int gnutls_x509_crq_init(gnutls_x509_crq * crq) &((*crq)->crq)); if (result != ASN1_SUCCESS) { gnutls_assert(); + gnutls_free( *crq); return _gnutls_asn2err(result); } return 0; /* success */ @@ -147,9 +148,7 @@ int gnutls_x509_crq_import(gnutls_x509_crq crq, const gnutls_datum * data, goto cleanup; } - if (need_free) _gnutls_free_datum( &_data); - - return 0; + result = 0; cleanup: if (need_free) _gnutls_free_datum( &_data); @@ -162,7 +161,7 @@ int gnutls_x509_crq_import(gnutls_x509_crq crq, const gnutls_datum * data, * gnutls_x509_crq_get_dn - This function returns the Certificate request subject's distinguished name * @crq: should contain a gnutls_x509_crq structure * @buf: a pointer to a structure to hold the name (may be null) - * @sizeof_buf: initialy holds the size of @buf + * @sizeof_buf: initially holds the size of @buf * * This function will copy the name of the Certificate request subject in the provided buffer. The name * will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in RFC2253. The output @@ -194,7 +193,7 @@ int gnutls_x509_crq_get_dn(gnutls_x509_crq crq, char *buf, * @indx: In case multiple same OIDs exist in the RDN, this specifies which to send. Use zero to get the first one. * @raw_flag: If non zero returns the raw DER data of the DN part. * @buf: a pointer to a structure to hold the name (may be null) - * @sizeof_buf: initialy holds the size of @buf + * @sizeof_buf: initially holds the size of @buf * * This function will extract the part of the name of the Certificate request subject, specified * by the given OID. The output will be encoded as described in RFC2253. The output @@ -229,7 +228,7 @@ int gnutls_x509_crq_get_dn_by_oid(gnutls_x509_crq crq, const char* oid, * @crq: should contain a gnutls_x509_crq structure * @indx: Specifies which DN OID to send. Use zero to get the first one. * @oid: a pointer to a structure to hold the name (may be null) - * @sizeof_oid: initialy holds the size of @oid + * @sizeof_oid: initially holds the size of @oid * * This function will extract the requested OID of the name of the Certificate request subject, specified * by the given index. @@ -396,7 +395,7 @@ static int parse_attribute(ASN1_TYPE asn1_struct, * gnutls_x509_crq_get_challenge_password - This function will get the challenge password * @crq: should contain a gnutls_x509_crq structure * @pass: will hold a null terminated password - * @sizeof_pass: Initialy holds the size of pass. + * @sizeof_pass: Initially holds the size of @pass. * * This function will return the challenge password in the * request. @@ -461,15 +460,14 @@ int gnutls_x509_crq_set_dn_by_oid(gnutls_x509_crq crq, const char* oid, int gnutls_x509_crq_set_version(gnutls_x509_crq crq, unsigned int version) { int result; -char null = version; +unsigned char null = version; if (crq==NULL) { gnutls_assert(); return GNUTLS_E_INVALID_REQUEST; } - null -= 1; - if (null < 0) null = 0; + if (null > 0) null--; result = asn1_write_value( crq->crq, "certificationRequestInfo.version", &null, 1); if (result != ASN1_SUCCESS) { @@ -700,7 +698,6 @@ int result; bits); if (result < 0) { gnutls_assert(); - return result; } return result; diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c index 49eed5da4c..27bbe41218 100644 --- a/lib/x509/pkcs12.c +++ b/lib/x509/pkcs12.c @@ -130,6 +130,7 @@ int gnutls_pkcs12_init(gnutls_pkcs12 * pkcs12) &(*pkcs12)->pkcs12); if (result != ASN1_SUCCESS) { gnutls_assert(); + gnutls_free( *pkcs12); return _gnutls_asn2err(result); } return 0; /* success */ diff --git a/lib/x509/pkcs7.c b/lib/x509/pkcs7.c index 4eac6054d6..3b969f32fb 100644 --- a/lib/x509/pkcs7.c +++ b/lib/x509/pkcs7.c @@ -146,6 +146,7 @@ int gnutls_pkcs7_init(gnutls_pkcs7 * pkcs7) &(*pkcs7)->pkcs7); if (result != ASN1_SUCCESS) { gnutls_assert(); + gnutls_free( *pkcs7); return _gnutls_asn2err(result); } return 0; /* success */ diff --git a/lib/x509/x509.c b/lib/x509/x509.c index db258a8b2f..96096d6aaf 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -58,6 +58,7 @@ int gnutls_x509_crt_init(gnutls_x509_crt * cert) &(*cert)->cert); if (result != ASN1_SUCCESS) { gnutls_assert(); + gnutls_free( *cert); return _gnutls_asn2err(result); } return 0; /* success */ @@ -215,7 +216,7 @@ int gnutls_x509_crt_import(gnutls_x509_crt cert, const gnutls_datum * data, * gnutls_x509_crt_get_issuer_dn - This function returns the Certificate's issuer distinguished name * @cert: should contain a gnutls_x509_crt structure * @buf: a pointer to a structure to hold the name (may be null) - * @sizeof_buf: initialy holds the size of 'buf' + * @sizeof_buf: initially holds the size of @buf * * This function will copy the name of the Certificate issuer in the provided buffer. The name * will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in RFC2253. The output @@ -247,7 +248,7 @@ int gnutls_x509_crt_get_issuer_dn(gnutls_x509_crt cert, char *buf, * @indx: In case multiple same OIDs exist in the RDN, this specifies which to send. Use zero to get the first one. * @raw_flag: If non zero returns the raw DER data of the DN part. * @buf: a pointer to a structure to hold the name (may be null) - * @sizeof_buf: initialy holds the size of @buf + * @sizeof_buf: initially holds the size of @buf * * This function will extract the part of the name of the Certificate issuer specified * by the given OID. The output will be encoded as described in RFC2253. The output @@ -282,7 +283,7 @@ int gnutls_x509_crt_get_issuer_dn_by_oid(gnutls_x509_crt cert, const char* oid, * @cert: should contain a gnutls_x509_crt structure * @indx: This specifies which OID to return. Use zero to get the first one. * @oid: a pointer to a buffer to hold the OID (may be null) - * @sizeof_oid: initialy holds the size of @oid + * @sizeof_oid: initially holds the size of @oid * * This function will extract the OIDs of the name of the Certificate issuer specified * by the given index. @@ -310,7 +311,7 @@ int gnutls_x509_crt_get_issuer_dn_oid(gnutls_x509_crt cert, * gnutls_x509_crt_get_dn - This function returns the Certificate's distinguished name * @cert: should contain a gnutls_x509_crt structure * @buf: a pointer to a structure to hold the name (may be null) - * @sizeof_buf: initialy holds the size of @buf + * @sizeof_buf: initially holds the size of @buf * * This function will copy the name of the Certificate in the provided buffer. The name * will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in RFC2253. The output @@ -342,7 +343,7 @@ int gnutls_x509_crt_get_dn(gnutls_x509_crt cert, char *buf, * @indx: In case multiple same OIDs exist in the RDN, this specifies which to send. Use zero to get the first one. * @raw_flag: If non zero returns the raw DER data of the DN part. * @buf: a pointer to a structure to hold the name (may be null) - * @sizeof_buf: initialy holds the size of @buf + * @sizeof_buf: initially holds the size of @buf * * This function will extract the part of the name of the Certificate subject, specified * by the given OID. The output @@ -377,7 +378,7 @@ int gnutls_x509_crt_get_dn_by_oid(gnutls_x509_crt cert, const char* oid, * @cert: should contain a gnutls_x509_crt structure * @indx: This specifies which OID to return. Use zero to get the first one. * @oid: a pointer to a buffer to hold the OID (may be null) - * @sizeof_oid: initialy holds the size of @oid + * @sizeof_oid: initially holds the size of @oid * * This function will extract the OIDs of the name of the Certificate subject specified * by the given index. @@ -903,7 +904,7 @@ int gnutls_x509_crt_get_key_usage(gnutls_x509_crt cert, unsigned int *key_usage, * @oid: holds an Object Identified in null terminated string * @indx: In case multiple same OIDs exist in the extensions, this specifies which to send. Use zero to get the first one. * @buf: a pointer to a structure to hold the name (may be null) - * @sizeof_buf: initialy holds the size of @buf + * @sizeof_buf: initially holds the size of @buf * @critical: will be non zero if the extension is marked as critical * * This function will return the extension specified by the OID in the certificate. @@ -959,7 +960,7 @@ int gnutls_x509_crt_get_extension_by_oid(gnutls_x509_crt cert, const char* oid, * @cert: should contain a gnutls_x509_crt structure * @indx: Specifies which extension OID to send. Use zero to get the first one. * @oid: a pointer to a structure to hold the OID (may be null) - * @sizeof_oid: initialy holds the size of @oid + * @sizeof_oid: initially holds the size of @oid * * This function will return the requested extension OID in the certificate. * The extension OID will be stored as a string in the provided buffer. @@ -1084,7 +1085,7 @@ int _gnutls_x509_crt_get_raw_dn( gnutls_x509_crt cert, * @cert: should contain a gnutls_x509_crt structure * @algo: is a digest algorithm * @buf: a pointer to a structure to hold the fingerprint (may be null) - * @sizeof_buf: initialy holds the size of @buf + * @sizeof_buf: initially holds the size of @buf * * This function will calculate and copy the certificate's fingerprint * in the provided buffer. diff --git a/lib/x509/x509_write.c b/lib/x509/x509_write.c index 076d964408..d458c252f2 100644 --- a/lib/x509/x509_write.c +++ b/lib/x509/x509_write.c @@ -123,15 +123,14 @@ int gnutls_x509_crt_set_issuer_dn_by_oid(gnutls_x509_crt crt, const char* oid, int gnutls_x509_crt_set_version(gnutls_x509_crt crt, unsigned int version) { int result; -char null = version; +unsigned char null = version; if (crt==NULL) { gnutls_assert(); return GNUTLS_E_INVALID_REQUEST; } - null -= 1; - if (null < 0) null = 0; + if (null > 0) null--; result = asn1_write_value( crt->cert, "tbsCertificate.version", &null, 1); if (result != ASN1_SUCCESS) { diff --git a/lib/x509/xml.c b/lib/x509/xml.c index 24df070219..4cac03abe4 100644 --- a/lib/x509/xml.c +++ b/lib/x509/xml.c @@ -604,7 +604,7 @@ _gnutls_asn1_get_structure_xml(ASN1_TYPE structure, * @detail: The detail level (must be GNUTLS_XML_SHOW_ALL or GNUTLS_XML_NORMAL) * * This function will return the XML structures of the given X.509 certificate. - * The XML structures are allocated internaly (with malloc) and stored into res. + * The XML structures are allocated internally (with malloc) and stored into res. * Returns a negative error code in case of an error. * **/ diff --git a/lib/x509_b64.c b/lib/x509_b64.c index 9b233af614..234ca13c1a 100644 --- a/lib/x509_b64.c +++ b/lib/x509_b64.c @@ -164,12 +164,14 @@ int _gnutls_base64_encode(const uint8 * data, size_t data_size, uint8 ** result) } #define INCR(what, size) \ + do { \ what+=size; \ if (what > ret) { \ gnutls_assert(); \ gnutls_free( (*result)); *result = NULL; \ return GNUTLS_E_INTERNAL_ERROR; \ - } + } \ + } while(0) /* encodes data and puts the result into result (locally allocated) * The result_size (including the null terminator) is the return value. diff --git a/libextra/gnutls_extra.c b/libextra/gnutls_extra.c index 6d3bfd5a45..1bda1681aa 100644 --- a/libextra/gnutls_extra.c +++ b/libextra/gnutls_extra.c @@ -293,7 +293,7 @@ parse_version_string( const char *s, int *major, int *minor, int *micro ) } /**************** - * Check that the the version of the library is at minimum the requested one + * Check that the version of the library is at minimum the requested one * and return the version string; return NULL if the condition is not * satisfied. If a NULL is passed to this function, no check is done, * but the version string is simply returned. diff --git a/libextra/gnutls_srp.c b/libextra/gnutls_srp.c index 2befd82c12..4b5d34b09d 100644 --- a/libextra/gnutls_srp.c +++ b/libextra/gnutls_srp.c @@ -530,7 +530,7 @@ int i; * * This function specifies what we, in case of a server, are going * to do when we have to use a password file. If this callback - * function is not provided then gnutls will automaticaly select the + * function is not provided then gnutls will automatically select the * first password file * * In case the callback returned a negative number then gnutls will diff --git a/src/certtool-gaa.c b/src/certtool-gaa.c index ff62cddee2..fac7e054ef 100644 --- a/src/certtool-gaa.c +++ b/src/certtool-gaa.c @@ -1,4 +1,4 @@ -/* File generated by GAA 1.6.3 +/* File generated by GAA 1.6.5 */ #define GAA_NO_WIN32 #line 1 "certtool.gaa" @@ -1095,6 +1095,7 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) { int pos_ini; int a; + char ca; int i = 0, len = 0, newline = 0; if(argc == 1) { @@ -1143,11 +1144,12 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) fseek(file,pos_ini, SEEK_SET); do { - if(fscanf(file, "%c", &a) != 1) + if(fscanf(file, "%c", &ca) != 1) { i+=2; break; } + a = ca; tmp_str->str[i] = a; i++; } diff --git a/src/certtool.c b/src/certtool.c index f7cdca28be..e4f26c365a 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -126,13 +126,14 @@ char input[128]; static const char* read_str( const char* input_str) { static char input[128]; +int len; fputs( input_str, stderr); - fgets( input, sizeof(input), stdin); + if (fgets( input, sizeof(input), stdin) == NULL) return NULL; - input[strlen(input)-1] = 0; - - if (strlen(input)==0) return NULL; + len = strlen(input); + if ( (len > 0) && (input[len-1] == '\n') ) input[len-1] = 0; + if (input[0] == 0) return NULL; return input; } @@ -1055,9 +1056,7 @@ static void print_certificate_info( gnutls_x509_crt crt, FILE* out, unsigned int if (ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { - const char* str = gnutls_strerror(ret); - if (str == NULL) str = "unknown error"; - fprintf(out, "Error getting subject key id: %s\n", str); + fprintf(out, "Error getting subject key id: %s\n", gnutls_strerror(ret)); } if (ret >= 0) { @@ -1120,9 +1119,7 @@ static void print_certificate_info( gnutls_x509_crt crt, FILE* out, unsigned int size = sizeof(buffer); if ((ret=gnutls_x509_crt_get_fingerprint(crt, GNUTLS_DIG_MD5, buffer, &size)) < 0) { - const char* str = gnutls_strerror(ret); - if (str == NULL) str = "unknown error"; - fprintf(out, "Error in fingerprint calculation: %s\n", str); + fprintf(out, "Error in fingerprint calculation: %s\n", gnutls_strerror(ret)); } else { print = printable; for (i = 0; i < size; i++) { @@ -1136,9 +1133,7 @@ static void print_certificate_info( gnutls_x509_crt crt, FILE* out, unsigned int size = sizeof(buffer); if ((ret=gnutls_x509_crt_get_key_id(crt, 0, buffer, &size)) < 0) { - const char* str = gnutls_strerror(ret); - if (str == NULL) str = "unknown error"; - fprintf(out, "Error in key id calculation: %s\n", str); + fprintf(out, "Error in key id calculation: %s\n", gnutls_strerror(ret)); } else { print = printable; for (i = 0; i < size; i++) { @@ -1306,9 +1301,7 @@ void privkey_info( void) size = sizeof(buffer); if ((ret=gnutls_x509_privkey_get_key_id(key, 0, buffer, &size)) < 0) { - const char* str = gnutls_strerror(ret); - if (str == NULL) str = "unknown error"; - fprintf(stderr, "Error in key id calculation: %s\n", str); + fprintf(stderr, "Error in key id calculation: %s\n", gnutls_strerror(ret)); } else { print = printable; for (i = 0; i < size; i++) { @@ -2493,8 +2486,7 @@ void certtool_version(void) void print_license(void) { - fprintf(stdout, - "\nCopyright (C) 2001-2003 Nikos Mavroyanopoulos\n" + fputs( "\nCopyright (C) 2004 Free Software Foundation\n" "This program is free software; you can redistribute it and/or modify \n" "it under the terms of the GNU General Public License as published by \n" "the Free Software Foundation; either version 2 of the License, or \n" @@ -2505,5 +2497,5 @@ void print_license(void) "GNU General Public License for more details. \n" "\n" "You should have received a copy of the GNU General Public License \n" "along with this program; if not, write to the Free Software \n" - "Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.\n\n"); + "Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.\n\n", stdout); } diff --git a/src/cli-gaa.c b/src/cli-gaa.c index 6ace4e17d7..0311a1a527 100644 --- a/src/cli-gaa.c +++ b/src/cli-gaa.c @@ -1,4 +1,4 @@ -/* File generated by GAA 1.6.2 +/* File generated by GAA 1.6.5 */ #define GAA_NO_WIN32 #line 1 "cli.gaa" @@ -477,7 +477,7 @@ int gaa_getint(char *arg) { int tmp; char a; - if(sscanf(arg, "%d%c", &tmp, &a) != 1) + if(sscanf(arg, "%d%c", &tmp, &a) < 1) { printf("Option %s: '%s' isn't an integer\n", gaa_current_option, arg); GAAERROR(-1); @@ -503,7 +503,7 @@ float gaa_getfloat(char *arg) { float tmp; char a; - if(sscanf(arg, "%f%c", &tmp, &a) != 1) + if(sscanf(arg, "%f%c", &tmp, &a) < 1) { printf("Option %s: '%s' isn't a float number\n", gaa_current_option, arg); GAAERROR(-1); @@ -1203,7 +1203,8 @@ typedef struct gaastrnode gaa_str_node; int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) { int pos_ini; - char a; + int a; + char ca; int i = 0, len = 0, newline = 0; if(argc == 1) { @@ -1211,7 +1212,8 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) len = 2; } - if(fscanf(file,"%c", &a) != 1) return 0; + a = fgetc( file); + if (a == EOF) return 0; while(a == ' ' || a == 9 || a == '\n') { @@ -1220,7 +1222,8 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) newline=1; len = 2; } - if(fscanf(file,"%c", &a) != 1) return 0; + a = fgetc( file); + if (a == EOF) return 0; } pos_ini = ftell(file) - 1; @@ -1229,7 +1232,8 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) { len++; - if(fscanf(file,"%c", &a) != 1) a = ' '; + a = fgetc( file); + if(a==EOF) return 0; //a = ' '; } len += 1; @@ -1249,11 +1253,12 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) fseek(file,pos_ini, SEEK_SET); do { - if(fscanf(file, "%c", &a) != 1) + if(fscanf(file, "%c", &ca) != 1) { i+=2; break; } + a = ca; tmp_str->str[i] = a; i++; } @@ -1280,7 +1285,7 @@ int gaa_file(char *name, gaainfo *gaaval) if((file = fopen(name, "r")) == NULL) { printf("Couldn't open '%s' configuration file for reading\n", name); - return 0; + return 1; } tmp_str = &first_str; diff --git a/src/common.c b/src/common.c index 0ef06e3eec..a73fa26329 100644 --- a/src/common.c +++ b/src/common.c @@ -1,3 +1,24 @@ +/* + * Copyright (C) 2000,2001,2002,2003 Nikos Mavroyanopoulos + * Copyright (C) 2004 Free Software Foundation + * + * This file is part of GNUTLS. + * + * GNUTLS is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * GNUTLS is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + #include <config.h> #include <stdio.h> #include <stdlib.h> @@ -69,9 +90,7 @@ void print_x509_info(gnutls_session session, const char* hostname) gnutls_x509_crt_import(crt, &cert_list[j], GNUTLS_X509_FMT_DER); if (ret < 0) { - const char* str = gnutls_strerror(ret); - if (str == NULL) str = str_unknown; - fprintf(stderr, "Decoding error: %s\n", str); + fprintf(stderr, "Decoding error: %s\n", gnutls_strerror(ret)); return; } @@ -110,10 +129,8 @@ void print_x509_info(gnutls_session session, const char* hostname) ret = gnutls_x509_crt_to_xml( crt, &xml_data, 0); if (ret < 0) { - const char* str = gnutls_strerror(ret); - if (str == NULL) str = str_unknown; fprintf(stderr, "XML encoding error: %s\n", - str); + gnutls_strerror(ret)); return; } @@ -147,9 +164,7 @@ void print_x509_info(gnutls_session session, const char* hostname) digest_size = sizeof(digest); if ((ret=gnutls_x509_crt_get_fingerprint(crt, GNUTLS_DIG_MD5, digest, &digest_size)) < 0) { - const char* str = gnutls_strerror(ret); - if (str == NULL) str = str_unknown; - fprintf(stderr, "Error in fingerprint calculation: %s\n", str); + fprintf(stderr, "Error in fingerprint calculation: %s\n", gnutls_strerror(ret)); } else { print = printable; for (i = 0; i < digest_size; i++) { @@ -225,9 +240,7 @@ void print_openpgp_info(gnutls_session session, const char* hostname) ret = gnutls_openpgp_key_import(crt, &cert_list[0], GNUTLS_OPENPGP_FMT_RAW); if (ret < 0) { - const char* str = gnutls_strerror(ret); - if (str == NULL) str = str_unknown; - fprintf(stderr, "Decoding error: %s\n", str); + fprintf(stderr, "Decoding error: %s\n", gnutls_strerror(ret)); return; } @@ -262,10 +275,8 @@ void print_openpgp_info(gnutls_session session, const char* hostname) ret = gnutls_openpgp_key_to_xml( crt, &xml_data, 0); if (ret < 0) { - const char* str = gnutls_strerror(ret); - if (str == NULL) str = str_unknown; fprintf(stderr, "XML encoding error: %s\n", - str); + gnutls_strerror(ret)); return; } @@ -511,19 +522,19 @@ void print_list(void) void print_license(void) { - fprintf(stdout, - "\nCopyright (C) 2001-2003 Nikos Mavroyanopoulos\n" - "This program is free software; you can redistribute it and/or modify \n" - "it under the terms of the GNU General Public License as published by \n" - "the Free Software Foundation; either version 2 of the License, or \n" - "(at your option) any later version. \n" "\n" - "This program is distributed in the hope that it will be useful, \n" - "but WITHOUT ANY WARRANTY; without even the implied warranty of \n" - "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the \n" - "GNU General Public License for more details. \n" "\n" - "You should have received a copy of the GNU General Public License \n" - "along with this program; if not, write to the Free Software \n" - "Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.\n\n"); +fputs( "\nCopyright (C) 2004 Free Software Foundation\n" + "This program is free software; you can redistribute it and/or modify \n" + "it under the terms of the GNU General Public License as published by \n" + "the Free Software Foundation; either version 2 of the License, or \n" + "(at your option) any later version. \n" "\n" + "This program is distributed in the hope that it will be useful, \n" + "but WITHOUT ANY WARRANTY; without even the implied warranty of \n" + "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the \n" + "GNU General Public License for more details. \n" "\n" + "You should have received a copy of the GNU General Public License \n" + "along with this program; if not, write to the Free Software \n" + "Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.\n\n", + stdout); } void parse_protocols(char **protocols, int protocols_size, @@ -665,11 +676,11 @@ char* ret; ret = inet_ntoa( *((struct in_addr*)src)); - if (strlen(ret) > cnt) { + if (ret == NULL || strlen(ret) > cnt) { return NULL; } strcpy( dst, ret); - + return dst; } #endif diff --git a/src/crypt-gaa.c b/src/crypt-gaa.c index 80d2043175..77f4a8f4e8 100644 --- a/src/crypt-gaa.c +++ b/src/crypt-gaa.c @@ -1,4 +1,4 @@ -/* File generated by GAA 1.6.2 +/* File generated by GAA 1.6.5 */ #define GAA_NO_WIN32 #line 1 "crypt.gaa" @@ -757,7 +757,8 @@ typedef struct gaastrnode gaa_str_node; int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) { int pos_ini; - char a; + int a; + char ca; int i = 0, len = 0, newline = 0; if(argc == 1) { @@ -765,7 +766,8 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) len = 2; } - if(fscanf(file,"%c", &a) != 1) return 0; + a = fgetc( file); + if (a == EOF) return 0; while(a == ' ' || a == 9 || a == '\n') { @@ -774,7 +776,8 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) newline=1; len = 2; } - if(fscanf(file,"%c", &a) != 1) return 0; + a = fgetc( file); + if (a == EOF) return 0; } pos_ini = ftell(file) - 1; @@ -783,7 +786,8 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) { len++; - if(fscanf(file,"%c", &a) != 1) a = ' '; + a = fgetc( file); + if(a==EOF) return 0; //a = ' '; } len += 1; @@ -803,11 +807,12 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) fseek(file,pos_ini, SEEK_SET); do { - if(fscanf(file, "%c", &a) != 1) + if(fscanf(file, "%c", &ca) != 1) { i+=2; break; } + a = ca; tmp_str->str[i] = a; i++; } @@ -834,7 +839,7 @@ int gaa_file(char *name, gaainfo *gaaval) if((file = fopen(name, "r")) == NULL) { printf("Couldn't open '%s' configuration file for reading\n", name); - return 0; + return 1; } tmp_str = &first_str; diff --git a/src/serv-gaa.c b/src/serv-gaa.c index 15876fa31d..5afd23da06 100644 --- a/src/serv-gaa.c +++ b/src/serv-gaa.c @@ -1,4 +1,4 @@ -/* File generated by GAA 1.6.2 +/* File generated by GAA 1.6.5 */ #define GAA_NO_WIN32 #line 1 "serv.gaa" @@ -463,7 +463,7 @@ int gaa_getint(char *arg) { int tmp; char a; - if(sscanf(arg, "%d%c", &tmp, &a) != 1) + if(sscanf(arg, "%d%c", &tmp, &a) < 1) { printf("Option %s: '%s' isn't an integer\n", gaa_current_option, arg); GAAERROR(-1); @@ -489,7 +489,7 @@ float gaa_getfloat(char *arg) { float tmp; char a; - if(sscanf(arg, "%f%c", &tmp, &a) != 1) + if(sscanf(arg, "%f%c", &tmp, &a) < 1) { printf("Option %s: '%s' isn't a float number\n", gaa_current_option, arg); GAAERROR(-1); @@ -1155,7 +1155,8 @@ typedef struct gaastrnode gaa_str_node; int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) { int pos_ini; - char a; + int a; + char ca; int i = 0, len = 0, newline = 0; if(argc == 1) { @@ -1163,7 +1164,8 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) len = 2; } - if(fscanf(file,"%c", &a) != 1) return 0; + a = fgetc( file); + if (a == EOF) return 0; while(a == ' ' || a == 9 || a == '\n') { @@ -1172,7 +1174,8 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) newline=1; len = 2; } - if(fscanf(file,"%c", &a) != 1) return 0; + a = fgetc( file); + if (a == EOF) return 0; } pos_ini = ftell(file) - 1; @@ -1181,7 +1184,8 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) { len++; - if(fscanf(file,"%c", &a) != 1) a = ' '; + a = fgetc( file); + if(a==EOF) return 0; //a = ' '; } len += 1; @@ -1201,11 +1205,12 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) fseek(file,pos_ini, SEEK_SET); do { - if(fscanf(file, "%c", &a) != 1) + if(fscanf(file, "%c", &ca) != 1) { i+=2; break; } + a = ca; tmp_str->str[i] = a; i++; } @@ -1232,7 +1237,7 @@ int gaa_file(char *name, gaainfo *gaaval) if((file = fopen(name, "r")) == NULL) { printf("Couldn't open '%s' configuration file for reading\n", name); - return 0; + return 1; } tmp_str = &first_str; diff --git a/src/serv.c b/src/serv.c index 2a96f2a256..8128731074 100644 --- a/src/serv.c +++ b/src/serv.c @@ -1130,8 +1130,8 @@ static int wrap_db_delete(void *dbf, gnutls_datum key) void print_serv_license(void) { - fprintf(stdout, - "\nCopyright (C) 2001-2003 Paul Sheer, Nikos Mavroyanopoulos\n" + fputs( "\nCopyright (C) 2001-2003 Paul Sheer, Nikos Mavroyanopoulos\n" + "\nCopyright (C) 2004 Free Software Foundation\n" "This program is free software; you can redistribute it and/or modify \n" "it under the terms of the GNU General Public License as published by \n" "the Free Software Foundation; either version 2 of the License, or \n" @@ -1142,7 +1142,7 @@ void print_serv_license(void) "GNU General Public License for more details. \n" "\n" "You should have received a copy of the GNU General Public License \n" "along with this program; if not, write to the Free Software \n" - "Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.\n\n"); + "Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.\n\n", stdout); } #ifdef HAVE_LIBOPENCDK diff --git a/src/tls_test-gaa.c b/src/tls_test-gaa.c index ec5fc2acb0..f9fd4f2488 100644 --- a/src/tls_test-gaa.c +++ b/src/tls_test-gaa.c @@ -1,4 +1,4 @@ -/* File generated by GAA 1.6.2 +/* File generated by GAA 1.6.5 */ #define GAA_NO_WIN32 #line 1 "tls_test.gaa" @@ -681,7 +681,8 @@ typedef struct gaastrnode gaa_str_node; int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) { int pos_ini; - char a; + int a; + char ca; int i = 0, len = 0, newline = 0; if(argc == 1) { @@ -689,7 +690,8 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) len = 2; } - if(fscanf(file,"%c", &a) != 1) return 0; + a = fgetc( file); + if (a == EOF) return 0; while(a == ' ' || a == 9 || a == '\n') { @@ -698,7 +700,8 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) newline=1; len = 2; } - if(fscanf(file,"%c", &a) != 1) return 0; + a = fgetc( file); + if (a == EOF) return 0; } pos_ini = ftell(file) - 1; @@ -707,7 +710,8 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) { len++; - if(fscanf(file,"%c", &a) != 1) a = ' '; + a = fgetc( file); + if(a==EOF) return 0; //a = ' '; } len += 1; @@ -727,11 +731,12 @@ int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc) fseek(file,pos_ini, SEEK_SET); do { - if(fscanf(file, "%c", &a) != 1) + if(fscanf(file, "%c", &ca) != 1) { i+=2; break; } + a = ca; tmp_str->str[i] = a; i++; } @@ -758,7 +763,7 @@ int gaa_file(char *name, gaainfo *gaaval) if((file = fopen(name, "r")) == NULL) { printf("Couldn't open '%s' configuration file for reading\n", name); - return 0; + return 1; } tmp_str = &first_str; |