diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-12-16 17:30:42 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-12-16 17:30:42 +0100 |
| commit | 6eb6bbfe8e504a611145f454f4045e8f49fd5e44 (patch) | |
| tree | baba850cc86ee2d9d61de89da1cdfe408ad8694a /src/common.c | |
| parent | bdcfdac13179eccee6294402f2654fece149f82b (diff) | |
| download | gnutls-6eb6bbfe8e504a611145f454f4045e8f49fd5e44.tar.gz | |
Indented code. Use same indentation but with -nut to avoid usage of tabs. In several editors tabs can be configured not to be 8 spaces and this produces artifacts with the current indentation that is a mixture of tabs and spaces.
Diffstat (limited to 'src/common.c')
| -rw-r--r-- | src/common.c | 646 |
1 files changed, 323 insertions, 323 deletions
diff --git a/src/common.c b/src/common.c index cbd40e2d9c..5f79273ef6 100644 --- a/src/common.c +++ b/src/common.c @@ -62,7 +62,7 @@ raw_to_string (const unsigned char *raw, size_t raw_size) for (i = 0; i < raw_size; i++) { sprintf (&(buf[i * 3]), "%02X%s", raw[i], - (i == raw_size - 1) ? "" : ":"); + (i == raw_size - 1) ? "" : ":"); } buf[sizeof (buf) - 1] = '\0'; @@ -94,64 +94,64 @@ print_x509_info (gnutls_session_t session, const char *hostname, int insecure) gnutls_x509_crt_init (&crt); ret = gnutls_x509_crt_import (crt, &cert_list[j], GNUTLS_X509_FMT_DER); if (ret < 0) - { - fprintf (stderr, "Decoding error: %s\n", gnutls_strerror (ret)); - return; - } + { + fprintf (stderr, "Decoding error: %s\n", gnutls_strerror (ret)); + return; + } printf (" - Certificate[%d] info:\n - ", j); if (verbose) - ret = gnutls_x509_crt_print (crt, GNUTLS_CRT_PRINT_FULL, &cinfo); + ret = gnutls_x509_crt_print (crt, GNUTLS_CRT_PRINT_FULL, &cinfo); else - ret = gnutls_x509_crt_print (crt, GNUTLS_CRT_PRINT_ONELINE, &cinfo); + ret = gnutls_x509_crt_print (crt, GNUTLS_CRT_PRINT_ONELINE, &cinfo); if (ret == 0) - { - printf ("%s\n", cinfo.data); - gnutls_free (cinfo.data); - } + { + printf ("%s\n", cinfo.data); + gnutls_free (cinfo.data); + } if (print_cert) - { - size_t size = 0; - char *p = NULL; - - ret = gnutls_x509_crt_export (crt, GNUTLS_X509_FMT_PEM, p, &size); - if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) - { - p = malloc (size); - if (!p) - { - fprintf (stderr, "gnutls_malloc\n"); - exit (1); - } - - ret = gnutls_x509_crt_export (crt, GNUTLS_X509_FMT_PEM, - p, &size); - } - if (ret < 0) - { - fprintf (stderr, "Encoding error: %s\n", gnutls_strerror (ret)); - return; - } - - fputs ("\n", stdout); - fputs (p, stdout); - fputs ("\n", stdout); - - gnutls_free (p); - } + { + size_t size = 0; + char *p = NULL; + + ret = gnutls_x509_crt_export (crt, GNUTLS_X509_FMT_PEM, p, &size); + if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) + { + p = malloc (size); + if (!p) + { + fprintf (stderr, "gnutls_malloc\n"); + exit (1); + } + + ret = gnutls_x509_crt_export (crt, GNUTLS_X509_FMT_PEM, + p, &size); + } + if (ret < 0) + { + fprintf (stderr, "Encoding error: %s\n", gnutls_strerror (ret)); + return; + } + + fputs ("\n", stdout); + fputs (p, stdout); + fputs ("\n", stdout); + + gnutls_free (p); + } if (j == 0 && hostname != NULL) - { - /* Check the hostname of the first certificate if it matches - * the name of the host we connected to. - */ - if (gnutls_x509_crt_check_hostname (crt, hostname) == 0) - hostname_ok = 1; - else - hostname_ok = 2; - } + { + /* Check the hostname of the first certificate if it matches + * the name of the host we connected to. + */ + if (gnutls_x509_crt_check_hostname (crt, hostname) == 0) + hostname_ok = 1; + else + hostname_ok = 2; + } gnutls_x509_crt_deinit (crt); } @@ -159,9 +159,9 @@ print_x509_info (gnutls_session_t session, const char *hostname, int insecure) if (hostname_ok == 1) { printf ("- The hostname in the certificate does NOT match '%s'\n", - hostname); + hostname); if (!insecure) - exit (1); + exit (1); } else if (hostname_ok == 2) { @@ -173,7 +173,7 @@ print_x509_info (gnutls_session_t session, const char *hostname, int insecure) static void print_openpgp_info (gnutls_session_t session, const char *hostname, - int insecure) + int insecure) { gnutls_openpgp_crt_t crt; @@ -190,65 +190,65 @@ print_openpgp_info (gnutls_session_t session, const char *hostname, gnutls_openpgp_crt_init (&crt); ret = gnutls_openpgp_crt_import (crt, &cert_list[0], - GNUTLS_OPENPGP_FMT_RAW); + GNUTLS_OPENPGP_FMT_RAW); if (ret < 0) - { - fprintf (stderr, "Decoding error: %s\n", gnutls_strerror (ret)); - return; - } + { + fprintf (stderr, "Decoding error: %s\n", gnutls_strerror (ret)); + return; + } if (verbose) - ret = gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_FULL, &cinfo); + ret = gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_FULL, &cinfo); else - ret = - gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_ONELINE, &cinfo); + ret = + gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_ONELINE, &cinfo); if (ret == 0) - { - printf (" - %s\n", cinfo.data); - gnutls_free (cinfo.data); - } + { + printf (" - %s\n", cinfo.data); + gnutls_free (cinfo.data); + } if (print_cert) - { - size_t size = 0; - char *p = NULL; - - ret = gnutls_openpgp_crt_export (crt, GNUTLS_OPENPGP_FMT_BASE64, - p, &size); - if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) - { - p = malloc (size); - if (!p) - { - fprintf (stderr, "gnutls_malloc\n"); - exit (1); - } - - ret = gnutls_openpgp_crt_export (crt, GNUTLS_OPENPGP_FMT_BASE64, - p, &size); - } - if (ret < 0) - { - fprintf (stderr, "Encoding error: %s\n", gnutls_strerror (ret)); - return; - } - - fputs (p, stdout); - fputs ("\n", stdout); - - gnutls_free (p); - } + { + size_t size = 0; + char *p = NULL; + + ret = gnutls_openpgp_crt_export (crt, GNUTLS_OPENPGP_FMT_BASE64, + p, &size); + if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) + { + p = malloc (size); + if (!p) + { + fprintf (stderr, "gnutls_malloc\n"); + exit (1); + } + + ret = gnutls_openpgp_crt_export (crt, GNUTLS_OPENPGP_FMT_BASE64, + p, &size); + } + if (ret < 0) + { + fprintf (stderr, "Encoding error: %s\n", gnutls_strerror (ret)); + return; + } + + fputs (p, stdout); + fputs ("\n", stdout); + + gnutls_free (p); + } if (hostname != NULL) - { - /* Check the hostname of the first certificate if it matches - * the name of the host we connected to. - */ - if (gnutls_openpgp_crt_check_hostname (crt, hostname) == 0) - hostname_ok = 1; - else - hostname_ok = 2; - } + { + /* Check the hostname of the first certificate if it matches + * the name of the host we connected to. + */ + if (gnutls_openpgp_crt_check_hostname (crt, hostname) == 0) + hostname_ok = 1; + else + hostname_ok = 2; + } gnutls_openpgp_crt_deinit (crt); } @@ -256,9 +256,9 @@ print_openpgp_info (gnutls_session_t session, const char *hostname, if (hostname_ok == 1) { printf ("- The hostname in the certificate does NOT match '%s'\n", - hostname); + hostname); if (!insecure) - exit (1); + exit (1); } else if (hostname_ok == 2) { @@ -278,7 +278,7 @@ print_cert_vrfy (gnutls_session_t session) if (rc < 0) { printf ("- Could not verify certificate (err: %s)\n", - gnutls_strerror (rc)); + gnutls_strerror (rc)); return; } @@ -291,31 +291,31 @@ print_cert_vrfy (gnutls_session_t session) if (gnutls_certificate_type_get (session) == GNUTLS_CRT_X509) { if (status & GNUTLS_CERT_REVOKED) - printf ("- Peer's certificate chain revoked\n"); + printf ("- Peer's certificate chain revoked\n"); if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) - printf ("- Peer's certificate issuer is unknown\n"); + printf ("- Peer's certificate issuer is unknown\n"); if (status & GNUTLS_CERT_SIGNER_NOT_CA) - printf ("- Peer's certificate issuer is not a CA\n"); + printf ("- Peer's certificate issuer is not a CA\n"); if (status & GNUTLS_CERT_INSECURE_ALGORITHM) - printf ("- Peer's certificate chain uses insecure algorithm\n"); + printf ("- Peer's certificate chain uses insecure algorithm\n"); if (status & GNUTLS_CERT_NOT_ACTIVATED) - printf - ("- Peer's certificate chain uses not yet valid certificate\n"); + printf + ("- Peer's certificate chain uses not yet valid certificate\n"); if (status & GNUTLS_CERT_EXPIRED) - printf ("- Peer's certificate chain uses expired certificate\n"); + printf ("- Peer's certificate chain uses expired certificate\n"); if (status & GNUTLS_CERT_INVALID) - printf ("- Peer's certificate is NOT trusted\n"); + printf ("- Peer's certificate is NOT trusted\n"); else - printf ("- Peer's certificate is trusted\n"); + printf ("- Peer's certificate is trusted\n"); } else { if (status & GNUTLS_CERT_INVALID) - printf ("- Peer's key is invalid\n"); + printf ("- Peer's key is invalid\n"); else - printf ("- Peer's key is valid\n"); + printf ("- Peer's key is valid\n"); if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) - printf ("- Could not find a signer of the peer's key\n"); + printf ("- Could not find a signer of the peer's key\n"); } } @@ -326,7 +326,7 @@ print_dh_info (gnutls_session_t session, const char *str) printf (" - Using prime: %d bits\n", gnutls_dh_get_prime_bits (session)); printf (" - Secret key: %d bits\n", gnutls_dh_get_secret_bits (session)); printf (" - Peer's public key: %d bits\n", - gnutls_dh_get_peers_public_bits (session)); + gnutls_dh_get_peers_public_bits (session)); if (print_cert) { @@ -339,52 +339,52 @@ print_dh_info (gnutls_session_t session, const char *str) ret = gnutls_dh_get_group (session, &raw_gen, &raw_prime); if (ret) - { - fprintf (stderr, "gnutls_dh_get_group %d\n", ret); - goto out; - } + { + fprintf (stderr, "gnutls_dh_get_group %d\n", ret); + goto out; + } ret = gnutls_dh_params_init (&dh_params); if (ret) - { - fprintf (stderr, "gnutls_dh_params_init %d\n", ret); - goto out; - } + { + fprintf (stderr, "gnutls_dh_params_init %d\n", ret); + goto out; + } ret = gnutls_dh_params_import_raw (dh_params, &raw_prime, &raw_gen); if (ret) - { - fprintf (stderr, "gnutls_dh_params_import_raw %d\n", ret); - goto out; - } + { + fprintf (stderr, "gnutls_dh_params_import_raw %d\n", ret); + goto out; + } ret = gnutls_dh_params_export_pkcs3 (dh_params, - GNUTLS_X509_FMT_PEM, - params_data, ¶ms_data_size); + GNUTLS_X509_FMT_PEM, + params_data, ¶ms_data_size); if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) - { - fprintf (stderr, "gnutls_dh_params_export_pkcs3 %d\n", ret); - goto out; - } + { + fprintf (stderr, "gnutls_dh_params_export_pkcs3 %d\n", ret); + goto out; + } params_data = gnutls_malloc (params_data_size); if (!params_data) - { - fprintf (stderr, "gnutls_malloc %d\n", ret); - goto out; - } + { + fprintf (stderr, "gnutls_malloc %d\n", ret); + goto out; + } ret = gnutls_dh_params_export_pkcs3 (dh_params, - GNUTLS_X509_FMT_PEM, - params_data, ¶ms_data_size); + GNUTLS_X509_FMT_PEM, + params_data, ¶ms_data_size); if (ret) - { - fprintf (stderr, "gnutls_dh_params_export_pkcs3-2 %d\n", ret); - goto out; - } + { + fprintf (stderr, "gnutls_dh_params_export_pkcs3-2 %d\n", ret); + goto out; + } printf (" - PKCS#3 format:\n\n%.*s\n", (int) params_data_size, - params_data); + params_data); out: gnutls_free (params_data); @@ -420,8 +420,8 @@ print_info (gnutls_session_t session, const char *hostname, int insecure) * side. */ if (gnutls_srp_server_get_username (session) != NULL) - printf ("- SRP authentication. Connected as '%s'\n", - gnutls_srp_server_get_username (session)); + printf ("- SRP authentication. Connected as '%s'\n", + gnutls_srp_server_get_username (session)); break; #endif #ifdef ENABLE_PSK @@ -429,15 +429,15 @@ print_info (gnutls_session_t session, const char *hostname, int insecure) /* This returns NULL in server side. */ if (gnutls_psk_client_get_hint (session) != NULL) - printf ("- PSK authentication. PSK hint '%s'\n", - gnutls_psk_client_get_hint (session)); + printf ("- PSK authentication. PSK hint '%s'\n", + gnutls_psk_client_get_hint (session)); /* This returns NULL in client side. */ if (gnutls_psk_server_get_username (session) != NULL) - printf ("- PSK authentication. Connected as '%s'\n", - gnutls_psk_server_get_username (session)); + printf ("- PSK authentication. Connected as '%s'\n", + gnutls_psk_server_get_username (session)); if (kx == GNUTLS_KX_DHE_PSK) - print_dh_info (session, "Ephemeral "); + print_dh_info (session, "Ephemeral "); break; #endif case GNUTLS_CRD_IA: @@ -445,19 +445,19 @@ print_info (gnutls_session_t session, const char *hostname, int insecure) break; case GNUTLS_CRD_CERTIFICATE: { - char dns[256]; - size_t dns_size = sizeof (dns); - unsigned int type; - - /* This fails in client side */ - if (gnutls_server_name_get (session, dns, &dns_size, &type, 0) == 0) - { - printf ("- Given server name[%d]: %s\n", type, dns); - } + char dns[256]; + size_t dns_size = sizeof (dns); + unsigned int type; + + /* This fails in client side */ + if (gnutls_server_name_get (session, dns, &dns_size, &type, 0) == 0) + { + printf ("- Given server name[%d]: %s\n", type, dns); + } } if (kx == GNUTLS_KX_DHE_RSA || kx == GNUTLS_KX_DHE_DSS) - print_dh_info (session, "Ephemeral "); + print_dh_info (session, "Ephemeral "); print_cert_info (session, hostname, insecure); @@ -494,18 +494,18 @@ print_info (gnutls_session_t session, const char *hostname, int insecure) int rc; rc = - gnutls_session_channel_binding (session, GNUTLS_CB_TLS_UNIQUE, &cb); + gnutls_session_channel_binding (session, GNUTLS_CB_TLS_UNIQUE, &cb); if (rc) - fprintf (stderr, "Channel binding error: %s\n", gnutls_strerror (rc)); + fprintf (stderr, "Channel binding error: %s\n", gnutls_strerror (rc)); else - { - size_t i; - - printf ("- Channel binding 'tls-unique': "); - for (i = 0; i < cb.size; i++) - printf ("%02x", cb.data[i]); - printf ("\n"); - } + { + size_t i; + + printf ("- Channel binding 'tls-unique': "); + for (i = 0; i < cb.size; i++) + printf ("%02x", cb.data[i]); + printf ("\n"); + } } /* Warning: Do not print anything more here. The 'Compression:' @@ -531,7 +531,7 @@ print_cert_info (gnutls_session_t session, const char *hostname, int insecure) printf ("Unknown\n"); if (!insecure) - exit (1); + exit (1); break; case GNUTLS_CRT_X509: printf ("X.509\n"); @@ -560,16 +560,16 @@ print_list (int verbose) printf ("Cipher suites:\n"); for (i = 0; (name = gnutls_cipher_suite_info - (i, id, &kx, &cipher, &mac, &version)); i++) + (i, id, &kx, &cipher, &mac, &version)); i++) { - printf ("%-50s\t0x%02x, 0x%02x\t%s\n", - name, - (unsigned char) id[0], (unsigned char) id[1], - gnutls_protocol_get_name (version)); - if (verbose) - printf ("\tKey exchange: %s\n\tCipher: %s\n\tMAC: %s\n\n", - gnutls_kx_get_name (kx), - gnutls_cipher_get_name (cipher), gnutls_mac_get_name (mac)); + printf ("%-50s\t0x%02x, 0x%02x\t%s\n", + name, + (unsigned char) id[0], (unsigned char) id[1], + gnutls_protocol_get_name (version)); + if (verbose) + printf ("\tKey exchange: %s\n\tCipher: %s\n\tMAC: %s\n\n", + gnutls_kx_get_name (kx), + gnutls_cipher_get_name (cipher), gnutls_mac_get_name (mac)); } } @@ -579,11 +579,11 @@ print_list (int verbose) printf ("Certificate types: "); for (; *p; p++) { - printf ("%s", gnutls_certificate_type_get_name (*p)); - if (*(p + 1)) - printf (", "); - else - printf ("\n"); + printf ("%s", gnutls_certificate_type_get_name (*p)); + if (*(p + 1)) + printf (", "); + else + printf ("\n"); } } @@ -593,11 +593,11 @@ print_list (int verbose) printf ("Protocols: "); for (; *p; p++) { - printf ("%s", gnutls_protocol_get_name (*p)); - if (*(p + 1)) - printf (", "); - else - printf ("\n"); + printf ("%s", gnutls_protocol_get_name (*p)); + if (*(p + 1)) + printf (", "); + else + printf ("\n"); } } @@ -607,11 +607,11 @@ print_list (int verbose) printf ("Ciphers: "); for (; *p; p++) { - printf ("%s", gnutls_cipher_get_name (*p)); - if (*(p + 1)) - printf (", "); - else - printf ("\n"); + printf ("%s", gnutls_cipher_get_name (*p)); + if (*(p + 1)) + printf (", "); + else + printf ("\n"); } } @@ -621,11 +621,11 @@ print_list (int verbose) printf ("MACs: "); for (; *p; p++) { - printf ("%s", gnutls_mac_get_name (*p)); - if (*(p + 1)) - printf (", "); - else - printf ("\n"); + printf ("%s", gnutls_mac_get_name (*p)); + if (*(p + 1)) + printf (", "); + else + printf ("\n"); } } @@ -635,11 +635,11 @@ print_list (int verbose) printf ("Key exchange algorithms: "); for (; *p; p++) { - printf ("%s", gnutls_kx_get_name (*p)); - if (*(p + 1)) - printf (", "); - else - printf ("\n"); + printf ("%s", gnutls_kx_get_name (*p)); + if (*(p + 1)) + printf (", "); + else + printf ("\n"); } } @@ -649,11 +649,11 @@ print_list (int verbose) printf ("Compression: "); for (; *p; p++) { - printf ("%s", gnutls_compression_get_name (*p)); - if (*(p + 1)) - printf (", "); - else - printf ("\n"); + printf ("%s", gnutls_compression_get_name (*p)); + if (*(p + 1)) + printf (", "); + else + printf ("\n"); } } @@ -663,11 +663,11 @@ print_list (int verbose) printf ("Public Key Systems: "); for (; *p; p++) { - printf ("%s", gnutls_pk_algorithm_get_name (*p)); - if (*(p + 1)) - printf (", "); - else - printf ("\n"); + printf ("%s", gnutls_pk_algorithm_get_name (*p)); + if (*(p + 1)) + printf (", "); + else + printf ("\n"); } } @@ -677,11 +677,11 @@ print_list (int verbose) printf ("PK-signatures: "); for (; *p; p++) { - printf ("%s", gnutls_sign_algorithm_get_name (*p)); - if (*(p + 1)) - printf (", "); - else - printf ("\n"); + printf ("%s", gnutls_sign_algorithm_get_name (*p)); + if (*(p + 1)) + printf (", "); + else + printf ("\n"); } } } @@ -702,18 +702,18 @@ parse_protocols (char **protocols, int protocols_size, int *protocol_priority) DEPRECATED; for (j = i = 0; i < protocols_size; i++) - { - if (strncasecmp (protocols[i], "SSL", 3) == 0) - protocol_priority[j++] = GNUTLS_SSL3; - else if (strncasecmp (protocols[i], "TLS1.1", 6) == 0) - protocol_priority[j++] = GNUTLS_TLS1_1; - else if (strncasecmp (protocols[i], "TLS1.2", 6) == 0) - protocol_priority[j++] = GNUTLS_TLS1_2; - else if (strncasecmp (protocols[i], "TLS", 3) == 0) - protocol_priority[j++] = GNUTLS_TLS1_0; - else - fprintf (stderr, "Unknown protocol: '%s'\n", protocols[i]); - } + { + if (strncasecmp (protocols[i], "SSL", 3) == 0) + protocol_priority[j++] = GNUTLS_SSL3; + else if (strncasecmp (protocols[i], "TLS1.1", 6) == 0) + protocol_priority[j++] = GNUTLS_TLS1_1; + else if (strncasecmp (protocols[i], "TLS1.2", 6) == 0) + protocol_priority[j++] = GNUTLS_TLS1_2; + else if (strncasecmp (protocols[i], "TLS", 3) == 0) + protocol_priority[j++] = GNUTLS_TLS1_0; + else + fprintf (stderr, "Unknown protocol: '%s'\n", protocols[i]); + } protocol_priority[j] = 0; } } @@ -728,28 +728,28 @@ parse_ciphers (char **ciphers, int nciphers, int *cipher_priority) { DEPRECATED; for (j = i = 0; i < nciphers; i++) - { - if (strncasecmp (ciphers[i], "AES-2", 5) == 0) - cipher_priority[j++] = GNUTLS_CIPHER_AES_256_CBC; - else if (strncasecmp (ciphers[i], "AES", 3) == 0) - cipher_priority[j++] = GNUTLS_CIPHER_AES_128_CBC; - else if (strncasecmp (ciphers[i], "3DE", 3) == 0) - cipher_priority[j++] = GNUTLS_CIPHER_3DES_CBC; - else if (strcasecmp (ciphers[i], "ARCFOUR-40") == 0) - cipher_priority[j++] = GNUTLS_CIPHER_ARCFOUR_40; - else if (strcasecmp (ciphers[i], "ARCFOUR") == 0) - cipher_priority[j++] = GNUTLS_CIPHER_ARCFOUR_128; + { + if (strncasecmp (ciphers[i], "AES-2", 5) == 0) + cipher_priority[j++] = GNUTLS_CIPHER_AES_256_CBC; + else if (strncasecmp (ciphers[i], "AES", 3) == 0) + cipher_priority[j++] = GNUTLS_CIPHER_AES_128_CBC; + else if (strncasecmp (ciphers[i], "3DE", 3) == 0) + cipher_priority[j++] = GNUTLS_CIPHER_3DES_CBC; + else if (strcasecmp (ciphers[i], "ARCFOUR-40") == 0) + cipher_priority[j++] = GNUTLS_CIPHER_ARCFOUR_40; + else if (strcasecmp (ciphers[i], "ARCFOUR") == 0) + cipher_priority[j++] = GNUTLS_CIPHER_ARCFOUR_128; #ifdef ENABLE_CAMELLIA - else if (strncasecmp (ciphers[i], "CAMELLIA-2", 10) == 0) - cipher_priority[j++] = GNUTLS_CIPHER_CAMELLIA_256_CBC; - else if (strncasecmp (ciphers[i], "CAM", 3) == 0) - cipher_priority[j++] = GNUTLS_CIPHER_CAMELLIA_128_CBC; + else if (strncasecmp (ciphers[i], "CAMELLIA-2", 10) == 0) + cipher_priority[j++] = GNUTLS_CIPHER_CAMELLIA_256_CBC; + else if (strncasecmp (ciphers[i], "CAM", 3) == 0) + cipher_priority[j++] = GNUTLS_CIPHER_CAMELLIA_128_CBC; #endif - else if (strncasecmp (ciphers[i], "NUL", 3) == 0) - cipher_priority[j++] = GNUTLS_CIPHER_NULL; - else - fprintf (stderr, "Unknown cipher: '%s'\n", ciphers[i]); - } + else if (strncasecmp (ciphers[i], "NUL", 3) == 0) + cipher_priority[j++] = GNUTLS_CIPHER_NULL; + else + fprintf (stderr, "Unknown cipher: '%s'\n", ciphers[i]); + } cipher_priority[j] = 0; } } @@ -764,22 +764,22 @@ parse_macs (char **macs, int nmacs, int *mac_priority) { DEPRECATED; for (j = i = 0; i < nmacs; i++) - { - if (strncasecmp (macs[i], "MD5", 3) == 0) - mac_priority[j++] = GNUTLS_MAC_MD5; - else if (strncasecmp (macs[i], "RMD", 3) == 0) - mac_priority[j++] = GNUTLS_MAC_RMD160; - else if (strncasecmp (macs[i], "SHA512", 6) == 0) - mac_priority[j++] = GNUTLS_MAC_SHA512; - else if (strncasecmp (macs[i], "SHA384", 6) == 0) - mac_priority[j++] = GNUTLS_MAC_SHA384; - else if (strncasecmp (macs[i], "SHA256", 6) == 0) - mac_priority[j++] = GNUTLS_MAC_SHA256; - else if (strncasecmp (macs[i], "SHA", 3) == 0) - mac_priority[j++] = GNUTLS_MAC_SHA1; - else - fprintf (stderr, "Unknown MAC: '%s'\n", macs[i]); - } + { + if (strncasecmp (macs[i], "MD5", 3) == 0) + mac_priority[j++] = GNUTLS_MAC_MD5; + else if (strncasecmp (macs[i], "RMD", 3) == 0) + mac_priority[j++] = GNUTLS_MAC_RMD160; + else if (strncasecmp (macs[i], "SHA512", 6) == 0) + mac_priority[j++] = GNUTLS_MAC_SHA512; + else if (strncasecmp (macs[i], "SHA384", 6) == 0) + mac_priority[j++] = GNUTLS_MAC_SHA384; + else if (strncasecmp (macs[i], "SHA256", 6) == 0) + mac_priority[j++] = GNUTLS_MAC_SHA256; + else if (strncasecmp (macs[i], "SHA", 3) == 0) + mac_priority[j++] = GNUTLS_MAC_SHA1; + else + fprintf (stderr, "Unknown MAC: '%s'\n", macs[i]); + } mac_priority[j] = 0; } } @@ -793,14 +793,14 @@ parse_ctypes (char **ctype, int nctype, int *cert_type_priority) { DEPRECATED; for (j = i = 0; i < nctype; i++) - { - if (strncasecmp (ctype[i], "OPE", 3) == 0) - cert_type_priority[j++] = GNUTLS_CRT_OPENPGP; - else if (strncasecmp (ctype[i], "X", 1) == 0) - cert_type_priority[j++] = GNUTLS_CRT_X509; - else - fprintf (stderr, "Unknown certificate type: '%s'\n", ctype[i]); - } + { + if (strncasecmp (ctype[i], "OPE", 3) == 0) + cert_type_priority[j++] = GNUTLS_CRT_OPENPGP; + else if (strncasecmp (ctype[i], "X", 1) == 0) + cert_type_priority[j++] = GNUTLS_CRT_X509; + else + fprintf (stderr, "Unknown certificate type: '%s'\n", ctype[i]); + } cert_type_priority[j] = 0; } } @@ -815,30 +815,30 @@ parse_kx (char **kx, int nkx, int *kx_priority) { DEPRECATED; for (j = i = 0; i < nkx; i++) - { - if (strcasecmp (kx[i], "SRP") == 0) - kx_priority[j++] = GNUTLS_KX_SRP; - else if (strcasecmp (kx[i], "SRP-RSA") == 0) - kx_priority[j++] = GNUTLS_KX_SRP_RSA; - else if (strcasecmp (kx[i], "SRP-DSS") == 0) - kx_priority[j++] = GNUTLS_KX_SRP_DSS; - else if (strcasecmp (kx[i], "RSA") == 0) - kx_priority[j++] = GNUTLS_KX_RSA; - else if (strcasecmp (kx[i], "PSK") == 0) - kx_priority[j++] = GNUTLS_KX_PSK; - else if (strcasecmp (kx[i], "DHE-PSK") == 0) - kx_priority[j++] = GNUTLS_KX_DHE_PSK; - else if (strcasecmp (kx[i], "RSA-EXPORT") == 0) - kx_priority[j++] = GNUTLS_KX_RSA_EXPORT; - else if (strncasecmp (kx[i], "DHE-RSA", 7) == 0) - kx_priority[j++] = GNUTLS_KX_DHE_RSA; - else if (strncasecmp (kx[i], "DHE-DSS", 7) == 0) - kx_priority[j++] = GNUTLS_KX_DHE_DSS; - else if (strncasecmp (kx[i], "ANON", 4) == 0) - kx_priority[j++] = GNUTLS_KX_ANON_DH; - else - fprintf (stderr, "Unknown key exchange: '%s'\n", kx[i]); - } + { + if (strcasecmp (kx[i], "SRP") == 0) + kx_priority[j++] = GNUTLS_KX_SRP; + else if (strcasecmp (kx[i], "SRP-RSA") == 0) + kx_priority[j++] = GNUTLS_KX_SRP_RSA; + else if (strcasecmp (kx[i], "SRP-DSS") == 0) + kx_priority[j++] = GNUTLS_KX_SRP_DSS; + else if (strcasecmp (kx[i], "RSA") == 0) + kx_priority[j++] = GNUTLS_KX_RSA; + else if (strcasecmp (kx[i], "PSK") == 0) + kx_priority[j++] = GNUTLS_KX_PSK; + else if (strcasecmp (kx[i], "DHE-PSK") == 0) + kx_priority[j++] = GNUTLS_KX_DHE_PSK; + else if (strcasecmp (kx[i], "RSA-EXPORT") == 0) + kx_priority[j++] = GNUTLS_KX_RSA_EXPORT; + else if (strncasecmp (kx[i], "DHE-RSA", 7) == 0) + kx_priority[j++] = GNUTLS_KX_DHE_RSA; + else if (strncasecmp (kx[i], "DHE-DSS", 7) == 0) + kx_priority[j++] = GNUTLS_KX_DHE_DSS; + else if (strncasecmp (kx[i], "ANON", 4) == 0) + kx_priority[j++] = GNUTLS_KX_ANON_DH; + else + fprintf (stderr, "Unknown key exchange: '%s'\n", kx[i]); + } kx_priority[j] = 0; } } @@ -852,18 +852,18 @@ parse_comp (char **comp, int ncomp, int *comp_priority) { DEPRECATED; for (j = i = 0; i < ncomp; i++) - { - if (strncasecmp (comp[i], "NUL", 3) == 0) - comp_priority[j++] = GNUTLS_COMP_NULL; - else if (strncasecmp (comp[i], "ZLI", 3) == 0) - comp_priority[j++] = GNUTLS_COMP_DEFLATE; - else if (strncasecmp (comp[i], "DEF", 3) == 0) - comp_priority[j++] = GNUTLS_COMP_DEFLATE; - else if (strncasecmp (comp[i], "LZO", 3) == 0) - comp_priority[j++] = GNUTLS_COMP_LZO; - else - fprintf (stderr, "Unknown compression: '%s'\n", comp[i]); - } + { + if (strncasecmp (comp[i], "NUL", 3) == 0) + comp_priority[j++] = GNUTLS_COMP_NULL; + else if (strncasecmp (comp[i], "ZLI", 3) == 0) + comp_priority[j++] = GNUTLS_COMP_DEFLATE; + else if (strncasecmp (comp[i], "DEF", 3) == 0) + comp_priority[j++] = GNUTLS_COMP_DEFLATE; + else if (strncasecmp (comp[i], "LZO", 3) == 0) + comp_priority[j++] = GNUTLS_COMP_LZO; + else + fprintf (stderr, "Unknown compression: '%s'\n", comp[i]); + } comp_priority[j] = 0; } } @@ -910,8 +910,8 @@ service_to_port (const char *service) static int pin_callback (void *user, int attempt, const char *token_url, - const char *token_label, unsigned int flags, char *pin, - size_t pin_max) + const char *token_label, unsigned int flags, char *pin, + size_t pin_max) { const char *password; int len; @@ -920,7 +920,7 @@ pin_callback (void *user, int attempt, const char *token_url, static char cached_pin[32] = ""; printf ("PIN required for token '%s' with URL '%s'\n", token_label, - token_url); + token_url); if (flags & GNUTLS_PKCS11_PIN_FINAL_TRY) printf ("*** This is the final try before locking!\n"); if (flags & GNUTLS_PKCS11_PIN_COUNT_LOW) @@ -929,10 +929,10 @@ pin_callback (void *user, int attempt, const char *token_url, if (flags == 0 && cached_url != NULL) { if (strcmp (cached_url, token_url) == 0) - { - strcpy (pin, cached_pin); - return 0; - } + { + strcpy (pin, cached_pin); + return 0; + } } password = getpass ("Enter pin: "); |