More more fixes by Arne.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2003-09-01 13:39:33 +0000
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2003-09-01 13:39:33 +0000
commit: 675d3421130896b07e60055eba2419fcce7ff4f1 (patch)
tree: 297bdaf5dc5502dce40a87de37f41c9dc5a6ea9b /lib
parent: 883f6614e01dd939f85219f9b13f64a19e4de1e9 (diff)
download: gnutls-675d3421130896b07e60055eba2419fcce7ff4f1.tar.gz
6 files changed, 51 insertions, 85 deletions
diff --git a/lib/gnutls_errors.c b/lib/gnutls_errors.c
index 2529e1e646..e13931ed34 100644
--- a/lib/gnutls_errors.c
+++ b/lib/gnutls_errors.c
@@ -87,22 +87,22 @@ static gnutls_error_entry error_algorithms[] = {
 	ERROR_ENTRY("Base64 decoding error.", GNUTLS_E_BASE64_DECODING_ERROR, 1 ), 
 	ERROR_ENTRY("Base64 encoding error.", GNUTLS_E_BASE64_ENCODING_ERROR, 1 ), 
 	ERROR_ENTRY("Parsing error in SRP password file.", GNUTLS_E_SRP_PWD_PARSING_ERROR, 1 ), 
-	ERROR_ENTRY("The requested data, were not available.", GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE, 0 ), 
+	ERROR_ENTRY("The requested data were not available.", GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE, 0 ), 
 	ERROR_ENTRY("Error in the pull function.", GNUTLS_E_PULL_ERROR, 1 ), 
 	ERROR_ENTRY("Error in the push function.", GNUTLS_E_PUSH_ERROR, 1 ), 
-	ERROR_ENTRY("The upper limit in record packet sequence number has been reached. Wow!", GNUTLS_E_RECORD_LIMIT_REACHED, 1 ), 
+	ERROR_ENTRY("The upper limit of record packet sequence numbers has been reached. Wow!", GNUTLS_E_RECORD_LIMIT_REACHED, 1 ),
 	ERROR_ENTRY("Error in the certificate.", GNUTLS_E_CERTIFICATE_ERROR, 1 ), 
 	ERROR_ENTRY("Unknown Subject Alternative name in X.509 certificate.", GNUTLS_E_X509_UNKNOWN_SAN, 1 ), 
 
 	ERROR_ENTRY("Unsupported critical extension in X.509 certificate.", GNUTLS_E_X509_UNSUPPORTED_CRITICAL_EXTENSION, 1 ), 
-	ERROR_ENTRY("Key usage violation in certificate, has been detected.", GNUTLS_E_KEY_USAGE_VIOLATION, 1 ), 
+	ERROR_ENTRY("Key usage violation in certificate has been detected.", GNUTLS_E_KEY_USAGE_VIOLATION, 1 ), 
 	ERROR_ENTRY("Function was interrupted.", GNUTLS_E_AGAIN, 0 ), 
 	ERROR_ENTRY("Function was interrupted.", GNUTLS_E_INTERRUPTED, 0 ), 
 	ERROR_ENTRY("Rehandshake was requested by the peer.", GNUTLS_E_REHANDSHAKE, 0 ),
 	ERROR_ENTRY("TLS Application data were received, while expected handshake data.", GNUTLS_E_GOT_APPLICATION_DATA, 1 ), 
 	ERROR_ENTRY("Error in Database backend.", GNUTLS_E_DB_ERROR, 1 ), 
 	ERROR_ENTRY("The certificate type is not supported.", GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE, 1 ), 
-	ERROR_ENTRY("The memory buffer given, is too short to hold parameters.", GNUTLS_E_SHORT_MEMORY_BUFFER, 1 ), 
+	ERROR_ENTRY("The given memory buffer is too short to hold parameters.", GNUTLS_E_SHORT_MEMORY_BUFFER, 1 ),
 	ERROR_ENTRY("The request is invalid.", GNUTLS_E_INVALID_REQUEST, 1 ), 
 	ERROR_ENTRY("An illegal parameter has been received.", GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER, 1 ), 
 	ERROR_ENTRY("Error while reading file.", GNUTLS_E_FILE_ERROR, 1 ), 
@@ -139,10 +139,10 @@ static gnutls_error_entry error_algorithms[] = {
         ERROR_ENTRY("The certificate has unsupported attributes.", GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE, 1),
         ERROR_ENTRY("The hash algorithm is unknown.", GNUTLS_E_UNKNOWN_HASH_ALGORITHM, 1),
         ERROR_ENTRY("The PKCS structure's content type is unknown.", GNUTLS_E_UNKNOWN_PKCS_CONTENT_TYPE, 1),
-        ERROR_ENTRY("The PKCS structure's Bag type is unknown.", GNUTLS_E_UNKNOWN_PKCS_BAG_TYPE, 1),
-        ERROR_ENTRY("The password given contains invalid characters.", GNUTLS_E_INVALID_PASSWORD, 1),
+        ERROR_ENTRY("The PKCS structure's bag type is unknown.", GNUTLS_E_UNKNOWN_PKCS_BAG_TYPE, 1),
+        ERROR_ENTRY("The given password contains invalid characters.", GNUTLS_E_INVALID_PASSWORD, 1),
         ERROR_ENTRY("The Message Authentication Code verification failed.", GNUTLS_E_MAC_VERIFY_FAILED, 1),
-	{0, 0, 0, 0}
+	{NULL, NULL, 0, 0}
 };
 
 #define GNUTLS_ERROR_LOOP(b) \
@@ -165,7 +165,7 @@ static gnutls_error_entry error_algorithms[] = {
   * may be fatal for you (your program).
   *
   * This is only useful if you are dealing with errors from the
-  * record layer, or the handshake layer.
+  * record layer or the handshake layer.
   *
   **/
 int gnutls_error_is_fatal(int error)
@@ -181,7 +181,7 @@ int gnutls_error_is_fatal(int error)
   * @error: is an error returned by a gnutls function. Error is always a negative value.
   *
   * This function is like perror(). The only difference is that it accepts an 
-  * error returned by a gnutls function. 
+  * error number returned by a gnutls function.
   **/
 void gnutls_perror(int error)
 {
@@ -198,8 +198,9 @@ void gnutls_perror(int error)
   * gnutls_strerror - Returns a string with a description of an error
   * @error: is an error returned by a gnutls function. Error is always a negative value.
   *
-  * This function is similar to strerror(). The only difference is that it 
-  * accepts an error (number) returned by a gnutls function. 
+  * This function is similar to strerror(). Differences: it accepts an error
+  * number returned by a gnutls function; it might return NULL in the case of
+  * an unknown error number.
   **/
 const char* gnutls_strerror(int error)
 {
diff --git a/lib/gnutls_extensions.c b/lib/gnutls_extensions.c
index 95a3e60863..5d8bd6334b 100644
--- a/lib/gnutls_extensions.c
+++ b/lib/gnutls_extensions.c
@@ -86,8 +86,8 @@ const char *_gnutls_extension_get_name(uint16 type)
  * requested ones. Otherwise it's a fatal error.
  */
 static int _gnutls_extension_list_check( gnutls_session session, uint16 type) {
-int i;
 	if (session->security_parameters.entity==GNUTLS_CLIENT) {
+		int i;
 		for(i=0;i<session->internals.extensions_sent_size;i++) {
 			if (type==session->internals.extensions_sent[i])
 				return 0; /* ok found */
@@ -177,13 +177,12 @@ int (*ext_func_send)( gnutls_session, opaque*, int);
 
 
 	(*data) = gnutls_malloc(2); /* allocate size for size */
-	pos+=2;
-	
 	if ((*data)==NULL) {
 		gnutls_assert();
 		return GNUTLS_E_MEMORY_ERROR;
 	}
-	
+
+	pos+=2;
 	next = MAX_EXT_TYPES; /* maximum supported extensions */
 	do {
 		next--;
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index 22c6ae5e94..66f8263d21 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -1503,8 +1503,8 @@ static int _gnutls_send_client_hello(gnutls_session session, int again)
 
 		if (session_id_len > 0) {
 			memcpy(&data[pos], SessionID, session_id_len);
+			pos += session_id_len;
 		}
-		pos += session_id_len;
 
 
 		/* Copy the ciphersuites.
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 10f2a034df..a46426f44b 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -60,7 +60,7 @@ typedef void * gnutls_transport_ptr;
  */
 #define MAX_HASH_SIZE 20
 
-#define MAX_LOG_SIZE 1024 /* maximum number of log message */
+#define MAX_LOG_SIZE 1024 /* maximum size of log message */
 #define MAX_SRP_USERNAME 128
 #define MAX_SERVER_NAME_SIZE 128
 
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c
index 559c71ab48..fefbcedb99 100644
--- a/lib/gnutls_priority.c
+++ b/lib/gnutls_priority.c
@@ -34,22 +34,17 @@
   *
   * Sets the priority on the ciphers supported by gnutls.
   * Priority is higher for ciphers specified before others.
-  * After specifying the ciphers you want, you should add 0.
+  * After specifying the ciphers you want, you must append a 0.
   * Note that the priority is set on the client. The server does
   * not use the algorithm's priority except for disabling
   * algorithms that were not specified.
   **/
 int gnutls_cipher_set_priority(gnutls_session session, const int *list)
 {
-	const int *_list = list;
 	int num = 0, i;
 
-	while (*_list != 0) {
-		num++;
-		++_list;
-	}
-
-	num = GMIN(MAX_ALGOS, num);
+	while (list[num] != 0) num++;
+	if (num > MAX_ALGOS) num = MAX_ALGOS;
 	session->internals.cipher_algorithm_priority.algorithms = num;
 
 	for (i = 0; i < num; i++) {
@@ -67,23 +62,17 @@ int gnutls_cipher_set_priority(gnutls_session session, const int *list)
   *
   * Sets the priority on the key exchange algorithms supported by gnutls.
   * Priority is higher for algorithms specified before others.
-  * After specifying the algorithms you want, you should add 0.
+  * After specifying the algorithms you want, you must append a 0.
   * Note that the priority is set on the client. The server does
   * not use the algorithm's priority except for disabling
   * algorithms that were not specified.
  **/
 int gnutls_kx_set_priority(gnutls_session session, const int *list)
 {
-	const int *_list = list;
 	int num = 0, i;
 
-	while (*_list != 0) {
-		num++;
-		++_list;
-	}
-
-
-	num = GMIN(MAX_ALGOS, num);
+	while (list[num] != 0) num++;
+	if (num > MAX_ALGOS) num = MAX_ALGOS;
 	session->internals.kx_algorithm_priority.algorithms = num;
 
 	for (i = 0; i < num; i++) {
@@ -101,23 +90,17 @@ int gnutls_kx_set_priority(gnutls_session session, const int *list)
   *
   * Sets the priority on the mac algorithms supported by gnutls.
   * Priority is higher for algorithms specified before others.
-  * After specifying the algorithms you want, you should add 0.
+  * After specifying the algorithms you want, you must append a 0.
   * Note that the priority is set on the client. The server does
   * not use the algorithm's priority except for disabling
   * algorithms that were not specified.
   **/
 int gnutls_mac_set_priority(gnutls_session session, const int *list)
 {
-	const int *_list = list;
 	int num = 0, i;
 
-	while (*_list != 0) {
-		num++;
-		++_list;
-	}
-
-
-	num = GMIN(MAX_ALGOS, num);
+	while (list[num] != 0) num++;
+	if (num > MAX_ALGOS) num = MAX_ALGOS;
 	session->internals.mac_algorithm_priority.algorithms = num;
 
 	for (i = 0; i < num; i++) {
@@ -135,7 +118,7 @@ int gnutls_mac_set_priority(gnutls_session session, const int *list)
   *
   * Sets the priority on the compression algorithms supported by gnutls.
   * Priority is higher for algorithms specified before others.
-  * After specifying the algorithms you want, you should add 0.
+  * After specifying the algorithms you want, you must append a 0.
   * Note that the priority is set on the client. The server does
   * not use the algorithm's priority except for disabling
   * algorithms that were not specified.
@@ -148,15 +131,10 @@ int gnutls_mac_set_priority(gnutls_session session, const int *list)
 int gnutls_compression_set_priority(gnutls_session session,
 				    const int *list)
 {
-	const int *_list = list;
 	int num = 0, i;
 
-	while (*_list != 0) {
-		num++;
-		++_list;
-	}
-
-	num = GMIN(MAX_ALGOS, num);
+	while (list[num] != 0) num++;
+	if (num > MAX_ALGOS) num = MAX_ALGOS;
 	session->internals.compression_method_priority.algorithms = num;
 
 	for (i = 0; i < num; i++) {
@@ -178,16 +156,10 @@ int gnutls_compression_set_priority(gnutls_session session,
   **/
 int gnutls_protocol_set_priority(gnutls_session session, const int *list)
 {
-	const int *_list = list;
 	int num = 0, i;
 
-	while (*_list != 0) {
-		num++;
-		++_list;
-	}
-
-
-	num = GMIN(MAX_ALGOS, num);
+	while (list[num] != 0) num++;
+	if (num > MAX_ALGOS) num = MAX_ALGOS;
 	session->internals.protocol_priority.algorithms = num;
 
 	for (i = 0; i < num; i++) {
@@ -195,12 +167,10 @@ int gnutls_protocol_set_priority(gnutls_session session, const int *list)
 	}
 
 	/* set the current version to the first in the chain.
-	 * This will be overriden later.
+	 * This will be overridden later.
 	 */
 	if (num > 0)
-		_gnutls_set_current_version(session,
-					    session->internals.
-					    protocol_priority.priority[0]);
+		_gnutls_set_current_version(session, list[0]);
 
 	return 0;
 }
@@ -212,7 +182,7 @@ int gnutls_protocol_set_priority(gnutls_session session, const int *list)
   *
   * Sets the priority on the certificate types supported by gnutls.
   * Priority is higher for types specified before others.
-  * After specifying the types you want, you should add 0.
+  * After specifying the types you want, you must append a 0.
   * Note that the certificate type priority is set on the client. 
   * The server does not use the cert type priority except for disabling
   * types that were not specified.
@@ -221,16 +191,11 @@ int gnutls_certificate_type_set_priority(gnutls_session session,
 					 const int *list)
 {
 #ifdef HAVE_LIBOPENCDK
-	const int *_list = list;
-	int num = 0, i;
-
 
-	while (*_list != 0) {
-		num++;
-		++_list;
-	}
+	int num = 0, i;
 
-	num = GMIN(MAX_ALGOS, num);
+	while (list[num] != 0) num++;
+	if (num > MAX_ALGOS) num = MAX_ALGOS;
 	session->internals.cert_type_priority.algorithms = num;
 
 	for (i = 0; i < num; i++) {
@@ -240,10 +205,11 @@ int gnutls_certificate_type_set_priority(gnutls_session session,
 
 	return 0;
 
-#endif
+#else
 
 	return GNUTLS_E_UNIMPLEMENTED_FEATURE;
 
+#endif
 }
 
 /**
@@ -267,16 +233,16 @@ int gnutls_certificate_type_set_priority(gnutls_session session,
   **/
 int gnutls_set_default_priority(gnutls_session session)
 {
-	static const int protocol_priority[4] =
+	static const int protocol_priority[] =
 	    { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
-	static const int kx_priority[8] =
+	static const int kx_priority[] =
 	    { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, 0 };
-	static const int cipher_priority[8] = {
+	static const int cipher_priority[] = {
 	  GNUTLS_CIPHER_RIJNDAEL_256_CBC, GNUTLS_CIPHER_RIJNDAEL_128_CBC,
 	  GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128, 0
 	};
-	static const int comp_priority[4] = { GNUTLS_COMP_NULL, 0 };
-	static const int mac_priority[4] =
+	static const int comp_priority[] = { GNUTLS_COMP_NULL, 0 };
+	static const int mac_priority[] =
 	    { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
 
 	gnutls_cipher_set_priority(session, cipher_priority);
@@ -305,20 +271,20 @@ int gnutls_set_default_priority(gnutls_session session)
   **/
 int gnutls_set_default_export_priority(gnutls_session session)
 {
-	static const int protocol_priority[4] = {
+	static const int protocol_priority[] = {
 	    GNUTLS_TLS1, GNUTLS_SSL3, 0 
 	};
-	static const int kx_priority[8] = {
+	static const int kx_priority[] = {
 	    GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA,
             GNUTLS_KX_RSA_EXPORT, 0 
         };
-	static const int cipher_priority[8] = {
+	static const int cipher_priority[] = {
 	   GNUTLS_CIPHER_RIJNDAEL_256_CBC, GNUTLS_CIPHER_RIJNDAEL_128_CBC,
 	   GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128,
 	   GNUTLS_CIPHER_ARCFOUR_40, 0
 	};
-	static const int comp_priority[4] = { GNUTLS_COMP_NULL, 0 };
-	static const int mac_priority[4] =
+	static const int comp_priority[] = { GNUTLS_COMP_NULL, 0 };
+	static const int mac_priority[] =
 	    { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
 
 	gnutls_cipher_set_priority(session, cipher_priority);
diff --git a/lib/x509_b64.c b/lib/x509_b64.c
index ebe317bca2..5881bf0bdb 100644
--- a/lib/x509_b64.c
+++ b/lib/x509_b64.c
@@ -358,8 +358,8 @@ int _gnutls_fbase64_decode( const opaque* header, const opaque * data, size_t da
 			   uint8 ** result)
 {
 	int ret;
-	const char top[] = "-----BEGIN ";
-	const char bottom[] = "\n-----END ";
+	static const char top[] = "-----BEGIN ";
+	static const char bottom[] = "\n-----END ";
 	uint8 *rdata;
 	int rdata_size;
 	uint8 *kdata;
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2003-09-01 13:39:33 +0000
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2003-09-01 13:39:33 +0000
commit	675d3421130896b07e60055eba2419fcce7ff4f1 (patch)
tree	297bdaf5dc5502dce40a87de37f41c9dc5a6ea9b /lib
parent	883f6614e01dd939f85219f9b13f64a19e4de1e9 (diff)
download	gnutls-675d3421130896b07e60055eba2419fcce7ff4f1.tar.gz