diff options
author | Zoltan Fridrich <zfridric@redhat.com> | 2023-01-27 10:27:21 +0100 |
---|---|---|
committer | Zoltan Fridrich <zfridric@redhat.com> | 2023-01-27 14:48:43 +0100 |
commit | c6b2345c02d65525a90fa057dd13d5f7ee687471 (patch) | |
tree | 59e2eb55fca3f6b1e0a4c05fd4d8c19edd201b37 | |
parent | 8ae1242930bd863d1cac3ed21afae4bea233a778 (diff) | |
download | gnutls-c6b2345c02d65525a90fa057dd13d5f7ee687471.tar.gz |
Fix indent errors
Co-authored-by: Simon Josefsson <simon@josefsson.org>
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
-rw-r--r-- | lib/algorithms/secparams.c | 72 | ||||
-rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 2 | ||||
-rw-r--r-- | lib/tls13/key_update.c | 27 | ||||
-rw-r--r-- | lib/x509/privkey.c | 23 |
4 files changed, 68 insertions, 56 deletions
diff --git a/lib/algorithms/secparams.c b/lib/algorithms/secparams.c index efd1f47530..09424bada7 100644 --- a/lib/algorithms/secparams.c +++ b/lib/algorithms/secparams.c @@ -58,10 +58,6 @@ static const gnutls_sec_params_entry sec_params[] = { {NULL, 0, 0, 0, 0, 0} }; -#define GNUTLS_SEC_PARAM_LOOP(b) \ - { const gnutls_sec_params_entry *p; \ - for(p = sec_params; p->name != NULL; p++) { b ; } } - /** * gnutls_sec_param_to_pk_bits: * @algo: is a public key algorithm @@ -82,19 +78,21 @@ gnutls_sec_param_to_pk_bits(gnutls_pk_algorithm_t algo, gnutls_sec_param_t param) { unsigned int ret = 0; + const gnutls_sec_params_entry *p; /* handle DSA differently */ - GNUTLS_SEC_PARAM_LOOP( - if (p->sec_param == param) { - if (algo == GNUTLS_PK_DSA) - ret = p->dsa_bits; - else if (IS_EC(algo)||IS_GOSTEC(algo)) - ret = p->ecc_bits; - else - ret = p->pk_bits; - break; + for (p = sec_params; p->name; p++) { + if (p->sec_param == param) { + if (algo == GNUTLS_PK_DSA) + ret = p->dsa_bits; + else if (IS_EC(algo) || IS_GOSTEC(algo)) + ret = p->ecc_bits; + else + ret = p->pk_bits; + break; + } } - ); + return ret; } @@ -114,13 +112,16 @@ unsigned int gnutls_sec_param_to_symmetric_bits(gnutls_sec_param_t param) { unsigned int ret = 0; + const gnutls_sec_params_entry *p; /* handle DSA differently */ - GNUTLS_SEC_PARAM_LOOP( - if (p->sec_param == param) { - ret = p->bits; break; + for (p = sec_params; p->name; p++) { + if (p->sec_param == param) { + ret = p->bits; + break; + } } - ); + return ret; } @@ -130,12 +131,14 @@ gnutls_sec_param_to_symmetric_bits(gnutls_sec_param_t param) unsigned int _gnutls_pk_bits_to_subgroup_bits(unsigned int pk_bits) { unsigned int ret = 0; + const gnutls_sec_params_entry *p; - GNUTLS_SEC_PARAM_LOOP( + for (p = sec_params; p->name; p++) { ret = p->subgroup_bits; if (p->pk_bits >= pk_bits) break; - ); + } + return ret; } @@ -144,7 +147,9 @@ unsigned int _gnutls_pk_bits_to_subgroup_bits(unsigned int pk_bits) */ gnutls_digest_algorithm_t _gnutls_pk_bits_to_sha_hash(unsigned int pk_bits) { - GNUTLS_SEC_PARAM_LOOP( + const gnutls_sec_params_entry *p; + + for (p = sec_params; p->name; p++) { if (p->pk_bits >= pk_bits) { if (p->bits <= 128) return GNUTLS_DIG_SHA256; @@ -153,7 +158,8 @@ gnutls_digest_algorithm_t _gnutls_pk_bits_to_sha_hash(unsigned int pk_bits) else return GNUTLS_DIG_SHA512; } - ); + } + return GNUTLS_DIG_SHA256; } @@ -171,13 +177,14 @@ gnutls_digest_algorithm_t _gnutls_pk_bits_to_sha_hash(unsigned int pk_bits) const char *gnutls_sec_param_get_name(gnutls_sec_param_t param) { const char *ret = "Unknown"; + const gnutls_sec_params_entry *p; - GNUTLS_SEC_PARAM_LOOP( + for (p = sec_params; p->name; p++) { if (p->sec_param == param) { ret = p->name; break; } - ); + } return ret; } @@ -199,24 +206,23 @@ gnutls_sec_param_t gnutls_pk_bits_to_sec_param(gnutls_pk_algorithm_t algo, unsigned int bits) { gnutls_sec_param_t ret = GNUTLS_SEC_PARAM_INSECURE; + const gnutls_sec_params_entry *p; if (bits == 0) return GNUTLS_SEC_PARAM_UNKNOWN; - if (IS_EC(algo)||IS_GOSTEC(algo)) { - GNUTLS_SEC_PARAM_LOOP( - if (p->ecc_bits > bits) { + if (IS_EC(algo) || IS_GOSTEC(algo)) { + for (p = sec_params; p->name; p++) { + if (p->ecc_bits > bits) break; - } ret = p->sec_param; - ); + } } else { - GNUTLS_SEC_PARAM_LOOP( - if (p->pk_bits > bits) { + for (p = sec_params; p->name; p++) { + if (p->pk_bits > bits) break; - } ret = p->sec_param; - ); + } } return ret; diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index bbb4336ae9..ac3301dc58 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -2428,7 +2428,9 @@ int gnutls_dh_params_cpy(gnutls_dh_params_t dst, gnutls_dh_params_t src); /* Session stuff */ +/* *INDENT-OFF* */ @DEFINE_IOVEC_T@ +/* *INDENT-ON* */ typedef ssize_t(*gnutls_pull_func) (gnutls_transport_ptr_t, void *, size_t); diff --git a/lib/tls13/key_update.c b/lib/tls13/key_update.c index 56fecfaa65..10d2c77050 100644 --- a/lib/tls13/key_update.c +++ b/lib/tls13/key_update.c @@ -37,16 +37,17 @@ * If this operation fails with GNUTLS_E_INTERNAL_ERROR, KTLS is disabled * because KTLS most likely doesn't support key update. */ -#define SET_KTLS_KEYS(session, interface)\ -{\ -if(_gnutls_ktls_set_keys(session, interface) < 0) {\ - session->internals.ktls_enabled = 0;\ - session->internals.invalid_connection = true;\ - session->internals.resumable = false;\ - _gnutls_audit_log(session,\ - "invalidating session: KTLS - couldn't update keys\n");\ - ret = GNUTLS_E_INTERNAL_ERROR;\ -}\ +static inline int set_ktls_keys(gnutls_session_t session, + gnutls_transport_ktls_enable_flags_t iface) +{ + if (_gnutls_ktls_set_keys(session, iface) < 0) { + session->internals.ktls_enabled = 0; + session->internals.invalid_connection = true; + session->internals.resumable = false; + _gnutls_audit_log(session, "invalidating session: KTLS - couldn't update keys\n"); + return GNUTLS_E_INTERNAL_ERROR; + } + return 0; } static int update_keys(gnutls_session_t session, hs_stage_t stage) @@ -71,16 +72,16 @@ static int update_keys(gnutls_session_t session, hs_stage_t stage) return gnutls_assert_val(ret); if (IS_KTLS_ENABLED(session, GNUTLS_KTLS_SEND)) - SET_KTLS_KEYS(session, GNUTLS_KTLS_SEND) + ret = set_ktls_keys(session, GNUTLS_KTLS_SEND); } else { ret = _tls13_connection_state_init(session, stage); if (ret < 0) return gnutls_assert_val(ret); if (IS_KTLS_ENABLED(session, GNUTLS_KTLS_SEND) && stage == STAGE_UPD_OURS) - SET_KTLS_KEYS(session, GNUTLS_KTLS_SEND) + ret = set_ktls_keys(session, GNUTLS_KTLS_SEND); else if (IS_KTLS_ENABLED(session, GNUTLS_KTLS_RECV) && stage == STAGE_UPD_PEERS) - SET_KTLS_KEYS(session, GNUTLS_KTLS_RECV) + ret = set_ktls_keys(session, GNUTLS_KTLS_RECV); } if (ret < 0) return gnutls_assert_val(ret); diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c index 674dc71dce..54253818d5 100644 --- a/lib/x509/privkey.c +++ b/lib/x509/privkey.c @@ -434,13 +434,6 @@ decode_dsa_key(const gnutls_datum_t * raw_key, gnutls_x509_privkey_t pkey) #define MAX_PEM_HEADER_SIZE 25 -#define IF_CHECK_FOR(pemstr, _algo, cptr, bptr, size, key) \ - if (left > sizeof(pemstr) && memcmp(cptr, pemstr, sizeof(pemstr)-1) == 0) { \ - result = _gnutls_fbase64_decode(pemstr, bptr, size, &_data); \ - if (result >= 0) \ - key->params.algo = _algo; \ - } - /** * gnutls_x509_privkey_import: * @key: The data to store the parsed key @@ -505,9 +498,19 @@ gnutls_x509_privkey_import(gnutls_x509_privkey_t key, ptr += sizeof("-----BEGIN ")-1; - IF_CHECK_FOR(PEM_KEY_RSA, GNUTLS_PK_RSA, ptr, begin_ptr, left, key) - else IF_CHECK_FOR(PEM_KEY_ECC, GNUTLS_PK_EC, ptr, begin_ptr, left, key) - else IF_CHECK_FOR(PEM_KEY_DSA, GNUTLS_PK_DSA, ptr, begin_ptr, left, key) + if (left > sizeof(PEM_KEY_RSA) && memcmp(ptr, PEM_KEY_RSA, sizeof(PEM_KEY_RSA)-1) == 0) { + result = _gnutls_fbase64_decode(PEM_KEY_RSA, begin_ptr, left, &_data); + if (result >= 0) + key->params.algo = GNUTLS_PK_RSA; + } else if (left > sizeof(PEM_KEY_ECC) && memcmp(ptr, PEM_KEY_ECC, sizeof(PEM_KEY_ECC)-1) == 0) { + result = _gnutls_fbase64_decode(PEM_KEY_ECC, begin_ptr, left, &_data); + if (result >= 0) + key->params.algo = GNUTLS_PK_EC; + } else if (left > sizeof(PEM_KEY_DSA) && memcmp(ptr, PEM_KEY_DSA, sizeof(PEM_KEY_DSA)-1) == 0) { + result = _gnutls_fbase64_decode(PEM_KEY_DSA, begin_ptr, left, &_data); + if (result >= 0) + key->params.algo = GNUTLS_PK_DSA; + } if (key->params.algo == GNUTLS_PK_UNKNOWN && left >= sizeof(PEM_KEY_PKCS8)) { if (memcmp(ptr, PEM_KEY_PKCS8, sizeof(PEM_KEY_PKCS8)-1) == 0) { |