diff options
| author | Simon Josefsson <simon@josefsson.org> | 2008-07-02 15:24:05 +0200 |
|---|---|---|
| committer | Simon Josefsson <simon@josefsson.org> | 2008-07-02 15:24:05 +0200 |
| commit | bade988016aa5d2936c6bdf53570125181cfe2f9 (patch) | |
| tree | 65948be9cd75ccfb8fd2a6c26ad15caed4119cc5 /src | |
| parent | 36f07088e2979bf28e52fec4992d3da04e73eb6c (diff) | |
| download | gnutls-bade988016aa5d2936c6bdf53570125181cfe2f9.tar.gz | |
Indent code.
Diffstat (limited to 'src')
| -rw-r--r-- | src/certtool-cfg.c | 7 | ||||
| -rw-r--r-- | src/certtool.c | 251 | ||||
| -rw-r--r-- | src/cli.c | 113 | ||||
| -rw-r--r-- | src/common.c | 48 | ||||
| -rw-r--r-- | src/crypt.c | 7 | ||||
| -rw-r--r-- | src/psk.c | 7 | ||||
| -rw-r--r-- | src/select.c | 301 | ||||
| -rw-r--r-- | src/serv.c | 121 | ||||
| -rw-r--r-- | src/tests.c | 16 | ||||
| -rw-r--r-- | src/tls_test.c | 39 |
10 files changed, 441 insertions, 469 deletions
diff --git a/src/certtool-cfg.c b/src/certtool-cfg.c index ca3431508c..609c7888fc 100644 --- a/src/certtool-cfg.c +++ b/src/certtool-cfg.c @@ -224,7 +224,7 @@ read_int_with_default (const char *input_str, int def) char *endptr; long l; - printf(input_str, def); + printf (input_str, def); in = readline (""); l = strtol (in, &endptr, 0); @@ -612,7 +612,8 @@ get_serial (void) else { return read_int_with_default - ("Enter the certificate's serial number in decimal (default: %u): ", default_serial); + ("Enter the certificate's serial number in decimal (default: %u): ", + default_serial); } } @@ -897,7 +898,7 @@ get_crl_next_update (void) } const char * -get_proxy_policy (char **policy, size_t *policylen) +get_proxy_policy (char **policy, size_t * policylen) { const char *ret; diff --git a/src/certtool.c b/src/certtool.c index bf0990f7a7..cd9732ed5b 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -209,8 +209,7 @@ print_private_key (gnutls_x509_privkey_t key) ret = gnutls_x509_privkey_export (key, info.outcert_format, buffer, &size); if (ret < 0) - error (EXIT_FAILURE, 0, "privkey_export: %s", - gnutls_strerror (ret)); + error (EXIT_FAILURE, 0, "privkey_export: %s", gnutls_strerror (ret)); } else { @@ -227,8 +226,8 @@ print_private_key (gnutls_x509_privkey_t key) size = sizeof (buffer); ret = - gnutls_x509_privkey_export_pkcs8 (key, info.outcert_format, pass, - flags, buffer, &size); + gnutls_x509_privkey_export_pkcs8 (key, info.outcert_format, pass, + flags, buffer, &size); if (ret < 0) error (EXIT_FAILURE, 0, "privkey_export_pkcs8: %s", gnutls_strerror (ret)); @@ -342,12 +341,10 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, days = get_days (); result = - gnutls_x509_crt_set_expiration_time (crt, - time (NULL) + - days * 24 * 60 * 60); + gnutls_x509_crt_set_expiration_time (crt, + time (NULL) + days * 24 * 60 * 60); if (result < 0) - error (EXIT_FAILURE, 0, "set_expiration: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "set_expiration: %s", gnutls_strerror (result)); if (!batch) fprintf (stderr, "\n\nExtensions.\n"); @@ -372,8 +369,8 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, policylanguage = get_proxy_policy (&policy, &policylen); result = - gnutls_x509_crt_set_proxy (crt, proxypathlen, policylanguage, - policy, policylen); + gnutls_x509_crt_set_proxy (crt, proxypathlen, policylanguage, + policy, policylen); if (result < 0) error (EXIT_FAILURE, 0, "set_proxy: %s", gnutls_strerror (result)); @@ -387,7 +384,7 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, path_len = -1; result = - gnutls_x509_crt_set_basic_constraints (crt, ca_status, path_len); + gnutls_x509_crt_set_basic_constraints (crt, ca_status, path_len); if (result < 0) error (EXIT_FAILURE, 0, "basic_constraints: %s", gnutls_strerror (result)); @@ -399,8 +396,7 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, GNUTLS_KP_TLS_WWW_CLIENT, 0); if (result < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result)); } server = get_tls_server_status (); @@ -414,7 +410,7 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, if (str != NULL) { result = gnutls_x509_crt_set_subject_alternative_name - (crt, GNUTLS_SAN_DNSNAME, str); + (crt, GNUTLS_SAN_DNSNAME, str); } else { @@ -422,7 +418,7 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, if (str != NULL) { result = gnutls_x509_crt_set_subject_alternative_name - (crt, GNUTLS_SAN_IPADDRESS, str); + (crt, GNUTLS_SAN_IPADDRESS, str); } } @@ -432,12 +428,10 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, } result = - gnutls_x509_crt_set_key_purpose_oid (crt, - GNUTLS_KP_TLS_WWW_SERVER, - 0); + gnutls_x509_crt_set_key_purpose_oid (crt, + GNUTLS_KP_TLS_WWW_SERVER, 0); if (result < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result)); } else if (!proxy) { @@ -446,7 +440,7 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, if (str != NULL) { result = gnutls_x509_crt_set_subject_alternative_name - (crt, GNUTLS_SAN_RFC822NAME, str); + (crt, GNUTLS_SAN_RFC822NAME, str); if (result < 0) error (EXIT_FAILURE, 0, "subject_alt_name: %s", gnutls_strerror (result)); @@ -490,9 +484,9 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, if (result) { result = - gnutls_x509_crt_set_key_purpose_oid (crt, - GNUTLS_KP_CODE_SIGNING, - 0); + gnutls_x509_crt_set_key_purpose_oid (crt, + GNUTLS_KP_CODE_SIGNING, + 0); if (result < 0) error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result)); @@ -502,9 +496,9 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, if (result) { result = - gnutls_x509_crt_set_key_purpose_oid (crt, - GNUTLS_KP_OCSP_SIGNING, - 0); + gnutls_x509_crt_set_key_purpose_oid (crt, + GNUTLS_KP_OCSP_SIGNING, + 0); if (result < 0) error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result)); @@ -514,9 +508,9 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, if (result) { result = - gnutls_x509_crt_set_key_purpose_oid (crt, - GNUTLS_KP_TIME_STAMPING, - 0); + gnutls_x509_crt_set_key_purpose_oid (crt, + GNUTLS_KP_TIME_STAMPING, + 0); if (result < 0) error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result)); @@ -553,13 +547,12 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, if (result < 0) { size = sizeof (buffer); - result = - gnutls_x509_crt_get_key_id (ca_crt, 0, buffer, &size); + result = gnutls_x509_crt_get_key_id (ca_crt, 0, buffer, &size); } if (result >= 0) { result = - gnutls_x509_crt_set_authority_key_id (crt, buffer, size); + gnutls_x509_crt_set_authority_key_id (crt, buffer, size); if (result < 0) error (EXIT_FAILURE, 0, "set_authority_key_id: %s", gnutls_strerror (result)); @@ -601,8 +594,7 @@ generate_crl (void) { result = gnutls_x509_crl_set_crt (crl, crts[i], now); if (result < 0) - error (EXIT_FAILURE, 0, "crl_set_crt: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "crl_set_crt: %s", gnutls_strerror (result)); } result = gnutls_x509_crl_set_this_update (crl, now); @@ -612,8 +604,7 @@ generate_crl (void) fprintf (stderr, "Update times.\n"); days = get_crl_next_update (); - result = - gnutls_x509_crl_set_next_update (crl, now + days * 24 * 60 * 60); + result = gnutls_x509_crl_set_next_update (crl, now + days * 24 * 60 * 60); if (result < 0) error (EXIT_FAILURE, 0, "next_update: %s", gnutls_strerror (result)); @@ -660,8 +651,7 @@ generate_self_signed (void) error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); size = sizeof (buffer); - result = - gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); + result = gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); if (result < 0) error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); @@ -703,8 +693,7 @@ generate_signed_certificate (void) error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); size = sizeof (buffer); - result = - gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); + result = gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); if (result < 0) error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); @@ -738,8 +727,7 @@ generate_proxy_certificate (void) error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); size = sizeof (buffer); - result = - gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); + result = gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); if (result < 0) error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); @@ -797,10 +785,9 @@ update_signed_certificate (void) days = get_days (); result = - gnutls_x509_crt_set_expiration_time (crt, tim + days * 24 * 60 * 60); + gnutls_x509_crt_set_expiration_time (crt, tim + days * 24 * 60 * 60); if (result < 0) - error (EXIT_FAILURE, 0, "set_expiration: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "set_expiration: %s", gnutls_strerror (result)); fprintf (stderr, "\n\nSigning certificate...\n"); @@ -809,8 +796,7 @@ update_signed_certificate (void) error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); size = sizeof (buffer); - result = - gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); + result = gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); if (result < 0) error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); @@ -819,14 +805,15 @@ update_signed_certificate (void) gnutls_x509_crt_deinit (crt); } -FILE* safe_open_rw(const char* file) +FILE * +safe_open_rw (const char *file) { mode_t oldmask; FILE *fh; if (info.privkey_op != 0) { - oldmask = umask (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH); + oldmask = umask (S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH); } fh = fopen (file, "wb"); @@ -1009,8 +996,8 @@ certificate_info (void) crt_num = MAX_CRTS; ret = - gnutls_x509_crt_list_import (crt, &crt_num, &pem, info.incert_format, - GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED); + gnutls_x509_crt_list_import (crt, &crt_num, &pem, info.incert_format, + GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED); if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) { error (0, 0, @@ -1087,8 +1074,7 @@ pgp_certificate_info (void) } size = sizeof (buffer); - ret = - gnutls_openpgp_crt_export (crt, info.outcert_format, buffer, &size); + ret = gnutls_openpgp_crt_export (crt, info.outcert_format, buffer, &size); if (ret < 0) { error (EXIT_FAILURE, 0, "Export error: %s", gnutls_strerror (ret)); @@ -1119,8 +1105,7 @@ pgp_privkey_info (void) pem.size = size; ret = - gnutls_openpgp_privkey_import (key, &pem, info.incert_format, NULL, - 0); + gnutls_openpgp_privkey_import (key, &pem, info.incert_format, NULL, 0); if (ret < 0) error (EXIT_FAILURE, 0, "Import error: %s", gnutls_strerror (ret)); @@ -1143,8 +1128,7 @@ pgp_privkey_info (void) if (i == -1) ret = gnutls_openpgp_privkey_get_pk_algorithm (key, NULL); else - ret = - gnutls_openpgp_privkey_get_subkey_pk_algorithm (key, i, NULL); + ret = gnutls_openpgp_privkey_get_subkey_pk_algorithm (key, i, NULL); fprintf (outfile, "\tPublic Key Algorithm: "); @@ -1162,13 +1146,13 @@ pgp_privkey_info (void) if (i == -1) ret = - gnutls_openpgp_privkey_export_rsa_raw (key, &m, &e, &d, &p, - &q, &u); + gnutls_openpgp_privkey_export_rsa_raw (key, &m, &e, &d, &p, + &q, &u); else ret = - gnutls_openpgp_privkey_export_subkey_rsa_raw (key, i, &m, - &e, &d, &p, - &q, &u); + gnutls_openpgp_privkey_export_subkey_rsa_raw (key, i, &m, + &e, &d, &p, + &q, &u); if (ret < 0) fprintf (stderr, "Error in key RSA data export: %s\n", gnutls_strerror (ret)); @@ -1182,13 +1166,11 @@ pgp_privkey_info (void) if (i == -1) ret = - gnutls_openpgp_privkey_export_dsa_raw (key, &p, &q, &g, &y, - &x); + gnutls_openpgp_privkey_export_dsa_raw (key, &p, &q, &g, &y, &x); else ret = - gnutls_openpgp_privkey_export_subkey_dsa_raw (key, i, &p, - &q, &g, &y, - &x); + gnutls_openpgp_privkey_export_subkey_dsa_raw (key, i, &p, + &q, &g, &y, &x); if (ret < 0) fprintf (stderr, "Error in key DSA data export: %s\n", gnutls_strerror (ret)); @@ -1211,16 +1193,15 @@ pgp_privkey_info (void) } else { - fprintf (outfile, "Public Key ID: %s\n", - raw_to_string (keyid, 8)); + fprintf (outfile, "Public Key ID: %s\n", raw_to_string (keyid, 8)); } } size = sizeof (buffer); ret = - gnutls_openpgp_privkey_export (key, GNUTLS_OPENPGP_FMT_BASE64, - NULL, 0, buffer, &size); + gnutls_openpgp_privkey_export (key, GNUTLS_OPENPGP_FMT_BASE64, + NULL, 0, buffer, &size); if (ret < 0) error (EXIT_FAILURE, 0, "Export error: %s", gnutls_strerror (ret)); @@ -1253,24 +1234,22 @@ pgp_ring_info (void) count = gnutls_openpgp_keyring_get_crt_count (ring); if (count > 0) - fprintf (outfile, "Keyring contains %d OpenPGP certificates\n\n", - count); + fprintf (outfile, "Keyring contains %d OpenPGP certificates\n\n", count); else error (EXIT_FAILURE, 0, "Keyring error: %s", gnutls_strerror (count)); for (i = 0; i < count; i++) { ret = gnutls_openpgp_keyring_get_crt (ring, i, &crt); - + if (ret < 0) - { + { error (EXIT_FAILURE, 0, "Export error: %s", gnutls_strerror (ret)); - } + } size = sizeof (buffer); ret = - gnutls_openpgp_crt_export (crt, info.outcert_format, buffer, - &size); + gnutls_openpgp_crt_export (crt, info.outcert_format, buffer, &size); if (ret < 0) { error (EXIT_FAILURE, 0, "Export error: %s", gnutls_strerror (ret)); @@ -1307,8 +1286,7 @@ print_hex_datum (gnutls_datum_t * dat) static void -print_certificate_info (gnutls_x509_crt_t crt, FILE * out, - unsigned int all) +print_certificate_info (gnutls_x509_crt_t crt, FILE * out, unsigned int all) { gnutls_datum_t info; int ret; @@ -1316,8 +1294,7 @@ print_certificate_info (gnutls_x509_crt_t crt, FILE * out, if (all) ret = gnutls_x509_crt_print (crt, GNUTLS_CRT_PRINT_FULL, &info); else - ret = - gnutls_x509_crt_print (crt, GNUTLS_CRT_PRINT_UNSIGNED_FULL, &info); + ret = gnutls_x509_crt_print (crt, GNUTLS_CRT_PRINT_UNSIGNED_FULL, &info); if (ret == 0) { fprintf (out, "%s\n", info.data); @@ -1412,8 +1389,8 @@ privkey_info (void) else pass = get_pass (); ret = - gnutls_x509_privkey_import_pkcs8 (key, &pem, info.incert_format, - pass, 0); + gnutls_x509_privkey_import_pkcs8 (key, &pem, info.incert_format, + pass, 0); } if (ret < 0) error (EXIT_FAILURE, 0, "Import error: %s", gnutls_strerror (ret)); @@ -1435,8 +1412,7 @@ privkey_info (void) { gnutls_datum_t m, e, d, p, q, u; - ret = - gnutls_x509_privkey_export_rsa_raw (key, &m, &e, &d, &p, &q, &u); + ret = gnutls_x509_privkey_export_rsa_raw (key, &m, &e, &d, &p, &q, &u); if (ret < 0) fprintf (stderr, "Error in key RSA data export: %s\n", gnutls_strerror (ret)); @@ -1466,8 +1442,7 @@ privkey_info (void) } else { - fprintf (outfile, "Public Key ID: %s\n", - raw_to_string (buffer, size)); + fprintf (outfile, "Public Key ID: %s\n", raw_to_string (buffer, size)); } if (info.fix_key != 0) @@ -1478,8 +1453,7 @@ privkey_info (void) } size = sizeof (buffer); - ret = - gnutls_x509_privkey_export (key, GNUTLS_X509_FMT_PEM, buffer, &size); + ret = gnutls_x509_privkey_export (key, GNUTLS_X509_FMT_PEM, buffer, &size); if (ret < 0) error (EXIT_FAILURE, 0, "Export error: %s", gnutls_strerror (ret)); @@ -1512,15 +1486,14 @@ load_private_key (int mand) dat.size = size; if (!dat.data) - error (EXIT_FAILURE, errno, "reading --load-privkey: %s", - info.privkey); + error (EXIT_FAILURE, errno, "reading --load-privkey: %s", info.privkey); if (info.pkcs8) { const char *pass = get_pass (); ret = - gnutls_x509_privkey_import_pkcs8 (key, &dat, info.incert_format, - pass, 0); + gnutls_x509_privkey_import_pkcs8 (key, &dat, info.incert_format, + pass, 0); } else ret = gnutls_x509_privkey_import (key, &dat, info.incert_format); @@ -1561,8 +1534,7 @@ load_request (void) dat.size = size; if (!dat.data) - error (EXIT_FAILURE, errno, "reading --load-request: %s", - info.request); + error (EXIT_FAILURE, errno, "reading --load-request: %s", info.request); ret = gnutls_x509_crq_import (crq, &dat, info.incert_format); if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR) @@ -1607,8 +1579,8 @@ load_ca_private_key (void) { const char *pass = get_pass (); ret = - gnutls_x509_privkey_import_pkcs8 (key, &dat, info.incert_format, - pass, 0); + gnutls_x509_privkey_import_pkcs8 (key, &dat, info.incert_format, + pass, 0); } else ret = gnutls_x509_privkey_import (key, &dat, info.incert_format); @@ -1641,8 +1613,7 @@ load_ca_cert (void) dat.size = size; if (!dat.data) - error (EXIT_FAILURE, errno, "reading --load-ca-certificate: %s", - info.ca); + error (EXIT_FAILURE, errno, "reading --load-ca-certificate: %s", info.ca); ret = gnutls_x509_crt_import (crt, &dat, info.incert_format); free (dat.data); @@ -1728,8 +1699,7 @@ load_cert_list (int mand, int *crt_size) ptr_size = size; ptr_size -= - (unsigned int) ((unsigned char *) ptr - - (unsigned char *) buffer); + (unsigned int) ((unsigned char *) ptr - (unsigned char *) buffer); if (ptr_size < 0) break; @@ -1846,16 +1816,15 @@ _verify_x509_mem (const void *cert, int cert_size) do { x509_crl_list = - (gnutls_x509_crl_t *) realloc (x509_crl_list, - i * sizeof (gnutls_x509_crl_t)); + (gnutls_x509_crl_t *) realloc (x509_crl_list, + i * sizeof (gnutls_x509_crl_t)); if (x509_crl_list == NULL) error (EXIT_FAILURE, 0, "memory error"); tmp.data = (char *) ptr; tmp.size = cert_size; tmp.size -= - (unsigned int) ((unsigned char *) ptr - - (unsigned char *) cert); + (unsigned int) ((unsigned char *) ptr - (unsigned char *) cert); ret = gnutls_x509_crl_init (&x509_crl_list[i - 1]); if (ret < 0) @@ -1890,8 +1859,8 @@ _verify_x509_mem (const void *cert, int cert_size) do { x509_cert_list = - (gnutls_x509_crt_t *) realloc (x509_cert_list, - i * sizeof (gnutls_x509_crt_t)); + (gnutls_x509_crt_t *) realloc (x509_cert_list, + i * sizeof (gnutls_x509_crt_t)); if (x509_cert_list == NULL) error (EXIT_FAILURE, 0, "memory error"); @@ -1899,7 +1868,7 @@ _verify_x509_mem (const void *cert, int cert_size) tmp.data = (char *) ptr; tmp.size = cert_size; tmp.size -= - (unsigned int) ((unsigned char *) ptr - (unsigned char *) cert); + (unsigned int) ((unsigned char *) ptr - (unsigned char *) cert); ret = gnutls_x509_crt_init (&x509_cert_list[i - 1]); if (ret < 0) @@ -1907,8 +1876,8 @@ _verify_x509_mem (const void *cert, int cert_size) gnutls_strerror (ret)); ret = - gnutls_x509_crt_import (x509_cert_list[i - 1], &tmp, - GNUTLS_X509_FMT_PEM); + gnutls_x509_crt_import (x509_cert_list[i - 1], &tmp, + GNUTLS_X509_FMT_PEM); if (ret < 0) error (EXIT_FAILURE, 0, "Error parsing the certificate[%d]: %s", i, gnutls_strerror (ret)); @@ -1922,8 +1891,7 @@ _verify_x509_mem (const void *cert, int cert_size) name_size = sizeof (name); ret = - gnutls_x509_crt_get_dn (x509_cert_list[i - 2], name, - &name_size); + gnutls_x509_crt_get_dn (x509_cert_list[i - 2], name, &name_size); if (ret < 0) error (EXIT_FAILURE, 0, "get_dn: %s", gnutls_strerror (ret)); @@ -1933,9 +1901,8 @@ _verify_x509_mem (const void *cert, int cert_size) */ issuer_name_size = sizeof (issuer_name); ret = - gnutls_x509_crt_get_issuer_dn (x509_cert_list[i - 2], - issuer_name, - &issuer_name_size); + gnutls_x509_crt_get_issuer_dn (x509_cert_list[i - 2], + issuer_name, &issuer_name_size); if (ret < 0) error (EXIT_FAILURE, 0, "get_issuer_dn: %s", gnutls_strerror (ret)); @@ -1946,13 +1913,11 @@ _verify_x509_mem (const void *cert, int cert_size) */ name_size = sizeof (name); ret = - gnutls_x509_crt_get_dn (x509_cert_list[i - 1], name, - &name_size); + gnutls_x509_crt_get_dn (x509_cert_list[i - 1], name, &name_size); if (ret < 0) error (EXIT_FAILURE, 0, "get_dn: %s", gnutls_strerror (ret)); - fprintf (outfile, "\tVerifying against certificate[%d].\n", - i - 1); + fprintf (outfile, "\tVerifying against certificate[%d].\n", i - 1); if (strcmp (issuer_name, name) != 0) { @@ -1997,8 +1962,8 @@ _verify_x509_mem (const void *cert, int cert_size) */ issuer_name_size = sizeof (issuer_name); ret = - gnutls_x509_crt_get_issuer_dn (x509_cert_list[x509_ncerts - 1], - issuer_name, &issuer_name_size); + gnutls_x509_crt_get_issuer_dn (x509_cert_list[x509_ncerts - 1], + issuer_name, &issuer_name_size); if (ret < 0) error (EXIT_FAILURE, 0, "get_issuer_dn: %s", gnutls_strerror (ret)); @@ -2162,8 +2127,7 @@ verify_crl (void) fprintf (outfile, "Verification output: "); ret = gnutls_x509_crl_verify (crl, &issuer, 1, 0, &output); if (ret < 0) - error (EXIT_FAILURE, 0, "Verification error: %s", - gnutls_strerror (ret)); + error (EXIT_FAILURE, 0, "Verification error: %s", gnutls_strerror (ret)); if (output & GNUTLS_CERT_INVALID) { @@ -2244,8 +2208,8 @@ generate_pkcs8 (void) size = sizeof (buffer); result = - gnutls_x509_privkey_export_pkcs8 (key, info.outcert_format, - password, flags, buffer, &size); + gnutls_x509_privkey_export_pkcs8 (key, info.outcert_format, + password, flags, buffer, &size); if (result < 0) error (EXIT_FAILURE, 0, "key_export: %s", gnutls_strerror (result)); @@ -2333,8 +2297,7 @@ generate_pkcs12 (void) result = gnutls_pkcs12_bag_encrypt (bag, password, flags); if (result < 0) - error (EXIT_FAILURE, 0, "bag_encrypt: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "bag_encrypt: %s", gnutls_strerror (result)); result = gnutls_pkcs12_set_bag (pkcs12, bag); if (result < 0) @@ -2356,22 +2319,18 @@ generate_pkcs12 (void) size = sizeof (buffer); result = - gnutls_x509_privkey_export_pkcs8 (key, GNUTLS_X509_FMT_DER, - password, flags, buffer, - &size); + gnutls_x509_privkey_export_pkcs8 (key, GNUTLS_X509_FMT_DER, + password, flags, buffer, &size); if (result < 0) - error (EXIT_FAILURE, 0, "key_export: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "key_export: %s", gnutls_strerror (result)); data.data = buffer; data.size = size; result = - gnutls_pkcs12_bag_set_data (kbag, - GNUTLS_BAG_PKCS8_ENCRYPTED_KEY, - &data); + gnutls_pkcs12_bag_set_data (kbag, + GNUTLS_BAG_PKCS8_ENCRYPTED_KEY, &data); if (result < 0) - error (EXIT_FAILURE, 0, "bag_set_data: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "bag_set_data: %s", gnutls_strerror (result)); index = result; @@ -2403,8 +2362,7 @@ generate_pkcs12 (void) error (EXIT_FAILURE, 0, "generate_mac: %s", gnutls_strerror (result)); size = sizeof (buffer); - result = - gnutls_pkcs12_export (pkcs12, info.outcert_format, buffer, &size); + result = gnutls_pkcs12_export (pkcs12, info.outcert_format, buffer, &size); if (result < 0) error (EXIT_FAILURE, 0, "pkcs12_export: %s", gnutls_strerror (result)); @@ -2458,8 +2416,7 @@ print_bag_data (gnutls_pkcs12_bag_t bag) fprintf (stderr, "\tType: %s\n", BAGTYPE (type)); name = NULL; - result = - gnutls_pkcs12_bag_get_friendly_name (bag, i, (char **) &name); + result = gnutls_pkcs12_bag_get_friendly_name (bag, i, (char **) &name); if (result < 0) error (EXIT_FAILURE, 0, "get_friendly_name: %s", gnutls_strerror (type)); @@ -2471,8 +2428,7 @@ print_bag_data (gnutls_pkcs12_bag_t bag) result = gnutls_pkcs12_bag_get_key_id (bag, i, &id); if (result < 0) error (EXIT_FAILURE, 0, "get_key_id: %s", gnutls_strerror (type)); - fprintf (outfile, "\tKey ID: %s\n", - raw_to_string (id.data, id.size)); + fprintf (outfile, "\tKey ID: %s\n", raw_to_string (id.data, id.size)); result = gnutls_pkcs12_bag_get_data (bag, i, &cdata); if (result < 0) @@ -2683,8 +2639,7 @@ smime_to_pkcs7 (void) { len = getline (&lineptr, &linesize, infile); if (len == -1) - error (EXIT_FAILURE, 0, - "Cannot find RFC 2822 header/body separator"); + error (EXIT_FAILURE, 0, "Cannot find RFC 2822 header/body separator"); } while (strcmp (lineptr, "\r\n") != 0 && strcmp (lineptr, "\n") != 0); @@ -45,8 +45,8 @@ #include "cli-gaa.h" #if defined _WIN32 || defined __WIN32__ -int _win_select(int max_fd, fd_set * rfds, fd_set * wfds, fd_set * efds, - const struct timeval *tv); +int _win_select (int max_fd, fd_set * rfds, fd_set * wfds, fd_set * efds, + const struct timeval *tv); #define select _win_select #endif @@ -164,23 +164,25 @@ static gnutls_x509_privkey_t x509_key = NULL; static gnutls_openpgp_crt_t pgp_crt = NULL; static gnutls_openpgp_privkey_t pgp_key = NULL; -static void get_keyid( gnutls_openpgp_keyid_t keyid, const char* str) +static void +get_keyid (gnutls_openpgp_keyid_t keyid, const char *str) { - size_t keyid_size = sizeof(keyid); + size_t keyid_size = sizeof (keyid); - if (strlen(str) != 16) - { - fprintf(stderr, "The OpenPGP subkey ID has to be 16 hexadecimal characters.\n"); - exit(1); - } + if (strlen (str) != 16) + { + fprintf (stderr, + "The OpenPGP subkey ID has to be 16 hexadecimal characters.\n"); + exit (1); + } - if (gnutls_hex2bin (str, strlen(str), keyid, &keyid_size) < 0) - { - fprintf(stderr, "Error converting hex string: %s.\n", str); - exit(1); - } - - return; + if (gnutls_hex2bin (str, strlen (str), keyid, &keyid_size) < 0) + { + fprintf (stderr, "Error converting hex string: %s.\n", str); + exit (1); + } + + return; } /* Load the certificate and the private key. @@ -297,34 +299,35 @@ load_keys (void) unload_file (data); if (info.pgp_subkey != NULL) - { - gnutls_openpgp_keyid_t keyid; - - if (strcasecmp(info.pgp_subkey, "auto")==0) - { - ret = gnutls_openpgp_crt_get_auth_subkey( pgp_crt, keyid, 1); - if (ret < 0) - { - fprintf (stderr, - "*** Error setting preferred sub key id (%s): %s\n", info.pgp_subkey, - gnutls_strerror (ret)); - exit (1); - } - } - else - get_keyid( keyid, info.pgp_subkey); - - ret = gnutls_openpgp_crt_set_preferred_key_id( pgp_crt, keyid); - if (ret >= 0) - ret = gnutls_openpgp_privkey_set_preferred_key_id( pgp_key, keyid); - if (ret < 0) - { - fprintf (stderr, - "*** Error setting preferred sub key id (%s): %s\n", info.pgp_subkey, - gnutls_strerror (ret)); - exit (1); - } - } + { + gnutls_openpgp_keyid_t keyid; + + if (strcasecmp (info.pgp_subkey, "auto") == 0) + { + ret = gnutls_openpgp_crt_get_auth_subkey (pgp_crt, keyid, 1); + if (ret < 0) + { + fprintf (stderr, + "*** Error setting preferred sub key id (%s): %s\n", + info.pgp_subkey, gnutls_strerror (ret)); + exit (1); + } + } + else + get_keyid (keyid, info.pgp_subkey); + + ret = gnutls_openpgp_crt_set_preferred_key_id (pgp_crt, keyid); + if (ret >= 0) + ret = + gnutls_openpgp_privkey_set_preferred_key_id (pgp_key, keyid); + if (ret < 0) + { + fprintf (stderr, + "*** Error setting preferred sub key id (%s): %s\n", + info.pgp_subkey, gnutls_strerror (ret)); + exit (1); + } + } fprintf (stderr, "Processed 1 client PGP certificate...\n"); } @@ -420,7 +423,7 @@ cert_callback (gnutls_session_t session, static gnutls_session_t init_tls_session (const char *hostname) { -const char *err; + const char *err; gnutls_session_t session; @@ -428,8 +431,8 @@ const char *err; if (gnutls_priority_set_direct (session, info.priorities, &err) < 0) { - fprintf(stderr, "Syntax error at: %s\n", err); - exit(1); + fprintf (stderr, "Syntax error at: %s\n", err); + exit (1); } /* allow the use of private ciphersuites. @@ -971,9 +974,8 @@ srp_username_callback (gnutls_session_t session, return 0; } -static int psk_callback (gnutls_session_t session, - char **username, - gnutls_datum_t * key) +static int +psk_callback (gnutls_session_t session, char **username, gnutls_datum_t * key) { const char *hint = gnutls_psk_client_get_hint (session); char *passwd; @@ -1022,12 +1024,11 @@ static int psk_callback (gnutls_session_t session, } ret = gnutls_psk_netconf_derive_key (passwd, - *username, - hint ? hint : "", - key); + *username, hint ? hint : "", key); if (ret < 0) { - fprintf (stderr, "Error deriving password: %s\n", gnutls_strerror (ret)); + fprintf (stderr, "Error deriving password: %s\n", + gnutls_strerror (ret)); gnutls_free (*username); return ret; } @@ -1097,7 +1098,9 @@ init_global_tls_stuff (void) #ifdef ENABLE_OPENPGP if (pgp_keyring != NULL) { - ret = gnutls_certificate_set_openpgp_keyring_file (xcred, pgp_keyring, GNUTLS_OPENPGP_FMT_BASE64); + ret = + gnutls_certificate_set_openpgp_keyring_file (xcred, pgp_keyring, + GNUTLS_OPENPGP_FMT_BASE64); if (ret < 0) { fprintf (stderr, "Error setting the OpenPGP keyring file\n"); diff --git a/src/common.c b/src/common.c index a181597598..ae7569ed61 100644 --- a/src/common.c +++ b/src/common.c @@ -153,8 +153,8 @@ print_x509_info (gnutls_session_t session, const char *hostname, int insecure) printf (" # The hostname in the certificate does NOT match '%s'.\n", hostname); - if (!insecure) - exit(1); + if (!insecure) + exit (1); } else { @@ -282,7 +282,8 @@ print_x509_info (gnutls_session_t session, const char *hostname, int insecure) #ifdef ENABLE_OPENPGP void -print_openpgp_info (gnutls_session_t session, const char *hostname, int insecure) +print_openpgp_info (gnutls_session_t session, const char *hostname, + int insecure) { char digest[20]; @@ -344,12 +345,13 @@ print_openpgp_info (gnutls_session_t session, const char *hostname, int insecure printf (" # The hostname in the certificate does NOT match '%s'.\n", hostname); - if (!insecure) - exit(1); + if (!insecure) + exit (1); } else { - printf (" # The hostname in the certificate matches '%s'.\n", hostname); + printf (" # The hostname in the certificate matches '%s'.\n", + hostname); } } @@ -445,10 +447,8 @@ void print_dh_info (gnutls_session_t session, const char *str) { printf ("- %sDiffie-Hellman parameters\n", str); - printf (" - Using prime: %d bits\n", - gnutls_dh_get_prime_bits (session)); - printf (" - Secret key: %d bits\n", - gnutls_dh_get_secret_bits (session)); + printf (" - Using prime: %d bits\n", gnutls_dh_get_prime_bits (session)); + printf (" - Secret key: %d bits\n", gnutls_dh_get_secret_bits (session)); printf (" - Peer's public key: %d bits\n", gnutls_dh_get_peers_public_bits (session)); @@ -475,8 +475,7 @@ print_dh_info (gnutls_session_t session, const char *str) goto out; } - ret = gnutls_dh_params_import_raw (dh_params, &raw_prime, - &raw_gen); + ret = gnutls_dh_params_import_raw (dh_params, &raw_prime, &raw_gen); if (ret) { fprintf (stderr, "gnutls_dh_params_import_raw %d\n", ret); @@ -485,8 +484,7 @@ print_dh_info (gnutls_session_t session, const char *str) ret = gnutls_dh_params_export_pkcs3 (dh_params, GNUTLS_X509_FMT_PEM, - params_data, - ¶ms_data_size); + params_data, ¶ms_data_size); if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) { fprintf (stderr, "gnutls_dh_params_export_pkcs3 %d\n", ret); @@ -502,8 +500,7 @@ print_dh_info (gnutls_session_t session, const char *str) ret = gnutls_dh_params_export_pkcs3 (dh_params, GNUTLS_X509_FMT_PEM, - params_data, - ¶ms_data_size); + params_data, ¶ms_data_size); if (ret) { fprintf (stderr, "gnutls_dh_params_export_pkcs3-2 %d\n", ret); @@ -606,12 +603,13 @@ print_info (gnutls_session_t session, const char *hostname, int insecure) tmp = SU (gnutls_compression_get_name (gnutls_compression_get (session))); printf ("- Compression: %s\n", tmp); - if (verbose) { - char id[32]; - size_t id_size = sizeof(id); - gnutls_session_get_id (session, id, &id_size); - printf("- Session ID: %s\n", raw_to_string(id, id_size) ); - } + if (verbose) + { + char id[32]; + size_t id_size = sizeof (id); + gnutls_session_get_id (session, id, &id_size); + printf ("- Session ID: %s\n", raw_to_string (id, id_size)); + } fflush (stdout); @@ -631,9 +629,9 @@ print_cert_info (gnutls_session_t session, const char *hostname, int insecure) { case GNUTLS_CRT_UNKNOWN: printf ("Unknown\n"); - + if (!insecure) - exit(1); + exit (1); break; case GNUTLS_CRT_X509: printf ("X.509\n"); @@ -788,7 +786,7 @@ void parse_protocols (char **protocols, int protocols_size, int *protocol_priority) { int i, j; - + if (protocols != NULL && protocols_size > 0) { DEPRECATED; diff --git a/src/crypt.c b/src/crypt.c index f6a49a701e..5558a98f34 100644 --- a/src/crypt.c +++ b/src/crypt.c @@ -48,7 +48,7 @@ srptool_version (void) #include <gnutls/gnutls.h> #include <gnutls/extra.h> #include <crypt-gaa.h> -#include "../lib/random.h" /* for random */ +#include "../lib/random.h" /* for random */ #include <sys/types.h> #include <sys/stat.h> @@ -71,7 +71,8 @@ srptool_version (void) int crypt_int (const char *username, const char *passwd, int salt, char *tpasswd_conf, char *tpasswd, int uindex); -static int read_conf_values (gnutls_datum_t * g, gnutls_datum_t * n, char *str); +static int read_conf_values (gnutls_datum_t * g, gnutls_datum_t * n, + char *str); static int _verify_passwd_int (const char *username, const char *passwd, char *verifier, char *salt, const gnutls_datum_t * g, @@ -218,7 +219,7 @@ _verify_passwd_int (const char *username, const char *passwd, /* encode the verifier into _salt */ salt_size = sizeof (_salt); - memset(_salt, 0, salt_size); + memset (_salt, 0, salt_size); if (gnutls_srp_base64_encode (&new_verifier, _salt, &salt_size) < 0) { fprintf (stderr, "Encoding error\n"); @@ -48,7 +48,7 @@ psktool_version (void) #include <gnutls/extra.h> #include <psk-gaa.h> -#include "../lib/random.h" /* for random */ +#include "../lib/random.h" /* for random */ #include "getpass.h" #include <sys/types.h> @@ -148,8 +148,7 @@ main (int argc, char **argv) ret = gnutls_psk_netconf_derive_key (passwd, info.username, - info.netconf_hint, - &dkey); + info.netconf_hint, &dkey); } else { @@ -158,7 +157,7 @@ main (int argc, char **argv) printf ("Generating a random key for user '%s'\n", info.username); - ret = _gnutls_rnd (RND_RANDOM, (char*)key, info.key_size); + ret = _gnutls_rnd (RND_RANDOM, (char *) key, info.key_size); if (ret < 0) { fprintf (stderr, "Not enough randomness\n"); diff --git a/src/select.c b/src/select.c index d310409cb6..dffc553a24 100644 --- a/src/select.c +++ b/src/select.c @@ -59,8 +59,9 @@ * cause this function call to take up to 100 ms longer than you specified. * - Pipes are not checked for writability or errors (errno = ENOSYS) */ -int _win_select(int max_fd, fd_set * rfds, fd_set * wfds, fd_set * efds, - const struct timeval *tv) +int +_win_select (int max_fd, fd_set * rfds, fd_set * wfds, fd_set * efds, + const struct timeval *tv) { DWORD ms_total, limit; HANDLE handles[MAXIMUM_WAIT_OBJECTS], hPipes[MAXIMUM_WAIT_OBJECTS]; @@ -79,184 +80,186 @@ int _win_select(int max_fd, fd_set * rfds, fd_set * wfds, fd_set * efds, iPipes = 0; /* calculate how long we need to wait in milliseconds */ - if(tv == NULL) + if (tv == NULL) ms_total = INFINITE; else - { - ms_total = tv->tv_sec * 1000; - ms_total += tv->tv_usec / 1000; - } + { + ms_total = tv->tv_sec * 1000; + ms_total += tv->tv_usec / 1000; + } /* select() may be used as a portable way to sleep */ if (!(rfds || wfds || efds)) - { - Sleep(ms_total); + { + Sleep (ms_total); - return 0; - } + return 0; + } - FD_ZERO(&sock_read); - FD_ZERO(&sock_write); - FD_ZERO(&sock_except); + FD_ZERO (&sock_read); + FD_ZERO (&sock_write); + FD_ZERO (&sock_except); /* build an array of handles for non-sockets */ - for(i = 0; i < max_fd; i++) - { - if(SAFE_FD_ISSET(i, rfds) || SAFE_FD_ISSET(i, wfds) || - SAFE_FD_ISSET(i, efds)) + for (i = 0; i < max_fd; i++) { - unsigned long ulVal; - - if (ioctlsocket(i, FIONREAD, &ulVal) != SOCKET_ERROR && _get_osfhandle(i) == -1) - { - /* socket */ - if(SAFE_FD_ISSET(i, rfds)) - FD_SET(i, &sock_read); - - if(SAFE_FD_ISSET(i, wfds)) - FD_SET(i, &sock_write); - - if(SAFE_FD_ISSET(i, efds)) - FD_SET(i, &sock_except); - - if(i > sock_max_fd) - sock_max_fd = i; - } - else - { - if (GetFileType((HANDLE) i) == FILE_TYPE_PIPE) - hPipes[iPipes++] = (HANDLE) i; /* Pipe */ - else - { - handles[n_handles] = (HANDLE) _get_osfhandle(i); - if ((DWORD) handles[n_handles] == 0xffffffff) - handles[n_handles] = (HANDLE) i; - handle_slot_to_fd[n_handles] = i; - n_handles++; - } - } + if (SAFE_FD_ISSET (i, rfds) || SAFE_FD_ISSET (i, wfds) || + SAFE_FD_ISSET (i, efds)) + { + unsigned long ulVal; + + if (ioctlsocket (i, FIONREAD, &ulVal) != SOCKET_ERROR + && _get_osfhandle (i) == -1) + { + /* socket */ + if (SAFE_FD_ISSET (i, rfds)) + FD_SET (i, &sock_read); + + if (SAFE_FD_ISSET (i, wfds)) + FD_SET (i, &sock_write); + + if (SAFE_FD_ISSET (i, efds)) + FD_SET (i, &sock_except); + + if (i > sock_max_fd) + sock_max_fd = i; + } + else + { + if (GetFileType ((HANDLE) i) == FILE_TYPE_PIPE) + hPipes[iPipes++] = (HANDLE) i; /* Pipe */ + else + { + handles[n_handles] = (HANDLE) _get_osfhandle (i); + if ((DWORD) handles[n_handles] == 0xffffffff) + handles[n_handles] = (HANDLE) i; + handle_slot_to_fd[n_handles] = i; + n_handles++; + } + } + } } - } - if((n_handles == 0) && (iPipes == 0)) - { - /* plain sockets only - let winsock handle the whole thing */ - if ((retcode = select(max_fd, rfds, wfds, efds, tv)) == SOCKET_ERROR) - SetErrnoFromWinsockError(WSAGetLastError()); - return retcode; - } + if ((n_handles == 0) && (iPipes == 0)) + { + /* plain sockets only - let winsock handle the whole thing */ + if ((retcode = select (max_fd, rfds, wfds, efds, tv)) == SOCKET_ERROR) + SetErrnoFromWinsockError (WSAGetLastError ()); + return retcode; + } /* mixture of handles and sockets; lets multiplex between * winsock and waiting on the handles */ - FD_ZERO(&aread); - FD_ZERO(&awrite); - FD_ZERO(&aexcept); + FD_ZERO (&aread); + FD_ZERO (&awrite); + FD_ZERO (&aexcept); - limit = GetTickCount() + ms_total; + limit = GetTickCount () + ms_total; do - { - retcode = 0; - - if(sock_max_fd >= 0) { - /* overwrite the zero'd sets here; the select call - * will clear those that are not active */ - aread = sock_read; - awrite = sock_write; - aexcept = sock_except; - - tvslice.tv_sec = 0; - tvslice.tv_usec = 100000; - - if ((retcode = select(sock_max_fd + 1, &aread, &awrite, &aexcept, - &tvslice)) == SOCKET_ERROR) - { - SetErrnoFromWinsockError(WSAGetLastError()); - - return -1; - } - } + retcode = 0; - if(n_handles > 0) - { - /* check handles */ - DWORD wret; - - wret = - MsgWaitForMultipleObjects(n_handles, handles, FALSE, - retcode > 0 ? 0 : 100, QS_ALLEVENTS); - - if(wret == WAIT_TIMEOUT) - { - /* set retcode to 0; this is the default. - * select() may have set it to something else, - * in which case we leave it alone, so this branch - * does nothing */ - ; - } - else if(wret == WAIT_FAILED) - { - SetErrnoFromWinError(GetLastError()); - - return -1; - } - else - { - for(i = 0; i < n_handles; i++) - { - if(WAIT_OBJECT_0 == WaitForSingleObject(handles[i], 0)) - { - if(SAFE_FD_ISSET(handle_slot_to_fd[i], rfds)) - { - FD_SET(handle_slot_to_fd[i], &aread); - } - - if(SAFE_FD_ISSET(handle_slot_to_fd[i], wfds)) - FD_SET(handle_slot_to_fd[i], &awrite); - - if(SAFE_FD_ISSET(handle_slot_to_fd[i], efds)) - FD_SET(handle_slot_to_fd[i], &aexcept); - - retcode++; - } - } - } - } + if (sock_max_fd >= 0) + { + /* overwrite the zero'd sets here; the select call + * will clear those that are not active */ + aread = sock_read; + awrite = sock_write; + aexcept = sock_except; - /* Poll Pipes */ - for(i = 0; i < iPipes; i++) - { - DWORD dwBytes; - if(SAFE_FD_ISSET(hPipes[i], rfds)) - { - if (! PeekNamedPipe(hPipes[i], NULL, 0, NULL, &dwBytes, NULL)) + tvslice.tv_sec = 0; + tvslice.tv_usec = 100000; + + if ((retcode = select (sock_max_fd + 1, &aread, &awrite, &aexcept, + &tvslice)) == SOCKET_ERROR) + { + SetErrnoFromWinsockError (WSAGetLastError ()); + + return -1; + } + } + + if (n_handles > 0) + { + /* check handles */ + DWORD wret; + + wret = + MsgWaitForMultipleObjects (n_handles, handles, FALSE, + retcode > 0 ? 0 : 100, QS_ALLEVENTS); + + if (wret == WAIT_TIMEOUT) + { + /* set retcode to 0; this is the default. + * select() may have set it to something else, + * in which case we leave it alone, so this branch + * does nothing */ + ; + } + else if (wret == WAIT_FAILED) + { + SetErrnoFromWinError (GetLastError ()); + + return -1; + } + else + { + for (i = 0; i < n_handles; i++) + { + if (WAIT_OBJECT_0 == WaitForSingleObject (handles[i], 0)) + { + if (SAFE_FD_ISSET (handle_slot_to_fd[i], rfds)) + { + FD_SET (handle_slot_to_fd[i], &aread); + } + + if (SAFE_FD_ISSET (handle_slot_to_fd[i], wfds)) + FD_SET (handle_slot_to_fd[i], &awrite); + + if (SAFE_FD_ISSET (handle_slot_to_fd[i], efds)) + FD_SET (handle_slot_to_fd[i], &aexcept); + + retcode++; + } + } + } + } + + /* Poll Pipes */ + for (i = 0; i < iPipes; i++) + { + DWORD dwBytes; + if (SAFE_FD_ISSET (hPipes[i], rfds)) { - retcode = -1; - SetErrnoFromWinError(GetLastError()); + if (!PeekNamedPipe (hPipes[i], NULL, 0, NULL, &dwBytes, NULL)) + { + retcode = -1; + SetErrnoFromWinError (GetLastError ()); + } + else if (dwBytes) + { + FD_SET ((int) hPipes[i], &aread); + retcode++; + } } - else if (dwBytes) + else if (SAFE_FD_ISSET (hPipes[i], wfds) + || SAFE_FD_ISSET (hPipes[i], efds)) { - FD_SET((int) hPipes[i], &aread); - retcode++; + errno = ENOSYS; + return -1; /* Not implemented */ } - } - else if (SAFE_FD_ISSET(hPipes[i], wfds) || SAFE_FD_ISSET(hPipes[i], efds)) - { - errno = ENOSYS; - return -1; /* Not implemented */ - } + } } - } - while(retcode == 0 && (ms_total == INFINITE || GetTickCount() < limit)); + while (retcode == 0 && (ms_total == INFINITE || GetTickCount () < limit)); - if(rfds) + if (rfds) *rfds = aread; - if(wfds) + if (wfds) *wfds = awrite; - if(efds) + if (efds) *efds = aexcept; return retcode; diff --git a/src/serv.c b/src/serv.c index c03c191fc5..e765a07a05 100644 --- a/src/serv.c +++ b/src/serv.c @@ -39,8 +39,8 @@ #include <list.h> #if defined _WIN32 || defined __WIN32__ -int _win_select(int max_fd, fd_set * rfds, fd_set * wfds, fd_set * efds, - const struct timeval *tv); +int _win_select (int max_fd, fd_set * rfds, fd_set * wfds, fd_set * efds, + const struct timeval *tv); #define select _win_select #endif @@ -132,11 +132,12 @@ static int wrap_db_delete (void *dbf, gnutls_datum_t key); #define HTTP_STATE_RESPONSE 2 #define HTTP_STATE_CLOSING 3 -LIST_TYPE_DECLARE (listener_item, char *http_request; - char *http_response; int request_length; - int response_length; int response_written; - int http_state; - int fd; gnutls_session_t tls_session; int handshake_ok;); +LIST_TYPE_DECLARE (listener_item, char *http_request; char *http_response; + int request_length; int response_length; + int response_written; int http_state; int fd; + gnutls_session_t tls_session; + int handshake_ok; + ); static const char * safe_strerror (int value) @@ -265,7 +266,8 @@ static_dh_params (void) exit (1); } - ret = gnutls_dh_params_import_pkcs3 (dh_params, ¶ms, GNUTLS_X509_FMT_PEM); + ret = + gnutls_dh_params_import_pkcs3 (dh_params, ¶ms, GNUTLS_X509_FMT_PEM); if (ret < 0) { @@ -344,8 +346,7 @@ int oprfi_callback (gnutls_session_t session, void *userdata, size_t oprfi_len, - const unsigned char *in_oprfi, - unsigned char *out_oprfi) + const unsigned char *in_oprfi, unsigned char *out_oprfi) { size_t ourlen = strlen (info.opaque_prf_input); size_t i; @@ -356,7 +357,7 @@ oprfi_callback (gnutls_session_t session, printf ("%02x", in_oprfi[i]); printf ("\n"); - memset(out_oprfi, 0, oprfi_len); + memset (out_oprfi, 0, oprfi_len); strncpy (out_oprfi, info.opaque_prf_input, oprfi_len); return 0; @@ -385,8 +386,8 @@ initialize_session (void) if (gnutls_priority_set_direct (session, info.priorities, &err) < 0) { - fprintf(stderr, "Syntax error at: %s\n", err); - exit(1); + fprintf (stderr, "Syntax error at: %s\n", err); + exit (1); } if (cipher_priority[0]) @@ -415,17 +416,18 @@ initialize_session (void) if (disable_client_cert) gnutls_certificate_server_set_request (session, GNUTLS_CERT_IGNORE); - else { - if (require_cert) - gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUIRE); - else - gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST); - } + else + { + if (require_cert) + gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUIRE); + else + gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST); + } /* Set maximum compatibility mode. This is only suggested on public webservers * that need to trade security for compatibility */ - gnutls_session_enable_compatibility_mode( session); + gnutls_session_enable_compatibility_mode (session); #ifdef ENABLE_OPRFI if (info.opaque_prf_input) @@ -446,7 +448,8 @@ static const char DEFAULT_DATA[] = */ #define tmp2 &http_buffer[strlen(http_buffer)] char * -peer_print_info (gnutls_session_t session, int *ret_length, const char *header) +peer_print_info (gnutls_session_t session, int *ret_length, + const char *header) { const char *tmp; unsigned char sesid[32]; @@ -661,34 +664,36 @@ listen_socket (const char *name, int listen_port) for (ptr = res; (ptr != NULL) && (s == -1); ptr = ptr->ai_next) { - if ((s = socket (ptr->ai_family, ptr->ai_socktype, ptr->ai_protocol)) < 0) - { - perror ("socket() failed"); - continue; - } + if ((s = + socket (ptr->ai_family, ptr->ai_socktype, ptr->ai_protocol)) < 0) + { + perror ("socket() failed"); + continue; + } yes = 1; if (setsockopt - (s, SOL_SOCKET, SO_REUSEADDR, (const void *) &yes, sizeof (yes)) < 0) - { - perror ("setsockopt() failed"); - failed: - close (s); - s = -1; - continue; - } + (s, SOL_SOCKET, SO_REUSEADDR, (const void *) &yes, + sizeof (yes)) < 0) + { + perror ("setsockopt() failed"); + failed: + close (s); + s = -1; + continue; + } if (bind (s, res->ai_addr, res->ai_addrlen) < 0) - { - perror ("bind() failed"); - goto failed; - } + { + perror ("bind() failed"); + goto failed; + } if (listen (s, 10) < 0) - { - perror ("listen() failed"); - goto failed; - } + { + perror ("listen() failed"); + goto failed; + } } freeaddrinfo (res); @@ -774,20 +779,22 @@ tls_log_func (int level, const char *str) static void gaa_parser (int argc, char **argv); -static int get_port (const struct sockaddr_storage *addr) +static int +get_port (const struct sockaddr_storage *addr) { switch (addr->ss_family) { - case AF_INET6: - return ntohs (((const struct sockaddr_in6 *)addr)->sin6_port); - case AF_INET: - return ntohs (((const struct sockaddr_in *)addr)->sin_port); + case AF_INET6: + return ntohs (((const struct sockaddr_in6 *) addr)->sin6_port); + case AF_INET: + return ntohs (((const struct sockaddr_in *) addr)->sin_port); } return -1; } -static const char *addr_ntop (const struct sockaddr *sa, socklen_t salen, - char *buf, size_t buflen) +static const char * +addr_ntop (const struct sockaddr *sa, socklen_t salen, + char *buf, size_t buflen) { if (getnameinfo (sa, salen, buf, buflen, NULL, 0, NI_NUMERICHOST) == 0) { @@ -899,7 +906,8 @@ main (int argc, char **argv) if (pgp_keyring != NULL) { ret = - gnutls_certificate_set_openpgp_keyring_file (cert_cred, pgp_keyring, GNUTLS_OPENPGP_FMT_BASE64); + gnutls_certificate_set_openpgp_keyring_file (cert_cred, pgp_keyring, + GNUTLS_OPENPGP_FMT_BASE64); if (ret < 0) { fprintf (stderr, "Error setting the OpenPGP keyring file\n"); @@ -911,7 +919,8 @@ main (int argc, char **argv) { if (info.pgp_subkey != NULL) ret = gnutls_certificate_set_openpgp_key_file2 - (cert_cred, pgp_certfile, pgp_keyfile, info.pgp_subkey, GNUTLS_OPENPGP_FMT_BASE64); + (cert_cred, pgp_certfile, pgp_keyfile, info.pgp_subkey, + GNUTLS_OPENPGP_FMT_BASE64); else ret = gnutls_certificate_set_openpgp_key_file (cert_cred, pgp_certfile, pgp_keyfile, GNUTLS_OPENPGP_FMT_BASE64); @@ -1151,8 +1160,9 @@ main (int argc, char **argv) if (verbose == 0) { printf ("\n* connection from %s, port %d\n", - addr_ntop ((struct sockaddr *)&client_address, calen, - topbuf, sizeof (topbuf)), + addr_ntop ((struct sockaddr *) + &client_address, calen, topbuf, + sizeof (topbuf)), get_port (&client_address)); print_info (j->tls_session, NULL, 1); } @@ -1247,8 +1257,9 @@ main (int argc, char **argv) if (verbose == 0) { printf ("- connection from %s, port %d\n", - addr_ntop ((struct sockaddr*) &client_address, calen, - topbuf, sizeof (topbuf)), + addr_ntop ((struct sockaddr *) + &client_address, calen, topbuf, + sizeof (topbuf)), get_port (&client_address)); print_info (j->tls_session, NULL, 1); diff --git a/src/tests.c b/src/tests.c index 844013f26a..0c56328d40 100644 --- a/src/tests.c +++ b/src/tests.c @@ -104,11 +104,13 @@ do_handshake (gnutls_session_t session) } static int protocol_priority[16] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; + static const int kx_priority[16] = { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, GNUTLS_KX_ANON_DH, GNUTLS_KX_RSA_EXPORT, 0 }; + static const int cipher_priority[16] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128, GNUTLS_CIPHER_ARCFOUR_40, 0 @@ -154,7 +156,7 @@ ADD_CIPHER (gnutls_session_t session, int cipher) static void ADD_CIPHER4 (gnutls_session_t session, int cipher1, int cipher2, int cipher3, - int cipher4) + int cipher4) { static int _cipher_priority[] = { 0, 0, 0, 0, 0 }; _cipher_priority[0] = cipher1; @@ -216,8 +218,8 @@ ADD_PROTOCOL3 (gnutls_session_t session, int p1, int p2, int p3) static int srp_detected; int -_test_srp_username_callback (gnutls_session_t session, - char **username, char **password) +_test_srp_username_callback (gnutls_session_t session, + char **username, char **password) { srp_detected = 1; @@ -514,8 +516,8 @@ test_bye (gnutls_session_t session) old = siginterrupt (SIGALRM, 1); alarm (secs); #else - setsockopt ((int)gnutls_transport_get_ptr (session), SOL_SOCKET, SO_RCVTIMEO, - (char *) &secs, sizeof (int)); + setsockopt ((int) gnutls_transport_get_ptr (session), SOL_SOCKET, + SO_RCVTIMEO, (char *) &secs, sizeof (int)); #endif do @@ -604,10 +606,10 @@ test_unknown_ciphersuites (gnutls_session_t session) int ret; #ifdef ENABLE_CAMELLIA ADD_CIPHER4 (session, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, - GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_CIPHER_ARCFOUR_128); + GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_CIPHER_ARCFOUR_128); #else ADD_CIPHER4 (session, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, - GNUTLS_CIPHER_ARCFOUR_128, 0); + GNUTLS_CIPHER_ARCFOUR_128, 0); #endif ADD_ALL_COMP (session); ADD_ALL_CERTTYPES (session); diff --git a/src/tls_test.c b/src/tls_test.c index fc2efcca08..7354d19b8d 100644 --- a/src/tls_test.c +++ b/src/tls_test.c @@ -237,26 +237,25 @@ main (int argc, char **argv) sd = -1; for (ptr = res; ptr != NULL; ptr = ptr->ai_next) - { - sd = socket(ptr->ai_family, ptr->ai_socktype, ptr->ai_protocol); - if (sd == -1) - { - continue; - } - - getnameinfo (ptr->ai_addr, ptr->ai_addrlen, buffer, MAX_BUF, - NULL, 0, NI_NUMERICHOST); - if (tt++ == 0) printf("Connecting to '%s:%d'...\n", buffer, port); - if ((err = connect(sd, ptr->ai_addr, ptr->ai_addrlen)) != 0) - { - close (sd); - sd = -1; - continue; - } - } - ERR(err, "connect") - - gnutls_init (&state, GNUTLS_CLIENT); + { + sd = socket (ptr->ai_family, ptr->ai_socktype, ptr->ai_protocol); + if (sd == -1) + { + continue; + } + + getnameinfo (ptr->ai_addr, ptr->ai_addrlen, buffer, MAX_BUF, + NULL, 0, NI_NUMERICHOST); + if (tt++ == 0) + printf ("Connecting to '%s:%d'...\n", buffer, port); + if ((err = connect (sd, ptr->ai_addr, ptr->ai_addrlen)) != 0) + { + close (sd); + sd = -1; + continue; + } + } + ERR (err, "connect") gnutls_init (&state, GNUTLS_CLIENT); gnutls_transport_set_ptr (state, (gnutls_transport_ptr_t) sd); do |