diff options
author | Scott Deboy <sdeboy@secondstryke.com> | 2013-07-31 11:28:30 -0700 |
---|---|---|
committer | Ben Laurie <ben@links.org> | 2013-09-05 13:40:35 +0100 |
commit | 4f678084d6c95061d906abd645b992eff246a415 (patch) | |
tree | a1faef003459b4d4a303cad5d181f68a2b7aec0a | |
parent | 9b61b25ba0b9165aacffb4ed1a5061ef0e77b6fe (diff) | |
download | openssl-new-4f678084d6c95061d906abd645b992eff246a415.tar.gz |
Remove end-of-line whitespace, change an int i to size_t i
-rw-r--r-- | CHANGES | 2 | ||||
-rw-r--r-- | apps/s_client.c | 5 | ||||
-rw-r--r-- | apps/s_server.c | 7 | ||||
-rw-r--r-- | doc/apps/s_client.pod | 2 | ||||
-rw-r--r-- | doc/apps/s_server.pod | 4 | ||||
-rw-r--r-- | ssl/s3_clnt.c | 2 | ||||
-rw-r--r-- | ssl/s3_srvr.c | 18 | ||||
-rw-r--r-- | ssl/ssl.h | 20 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 10 | ||||
-rw-r--r-- | ssl/ssltest.c | 6 |
10 files changed, 36 insertions, 40 deletions
@@ -4,7 +4,7 @@ Changes between 1.0.x and 1.1.0 [xx XXX xxxx] - *) Add callbacks supporting generation and retrieval of supplemental + *) Add callbacks supporting generation and retrieval of supplemental data entries. [Scott Deboy <sdeboy@apache.org>, Trevor Perrin and Ben Laurie] diff --git a/apps/s_client.c b/apps/s_client.c index c2b1cf9edc..e914158b07 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -2428,14 +2428,14 @@ static int authz_tlsext_cb(SSL *s, unsigned short ext_type, TLSEXT_AUTHZDATAFORMAT_dtcp, inlen) != NULL); } - + if (TLSEXT_TYPE_client_authz == ext_type) { server_provided_client_authz = (memchr(in, TLSEXT_AUTHZDATAFORMAT_dtcp, inlen) != NULL); } - + return 1; } @@ -2448,7 +2448,6 @@ static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type, if (!c_auth_require_reneg || (c_auth_require_reneg && SSL_num_renegotiations(s))) { *out = auth_ext_data; - *outlen = 1; return 1; } diff --git a/apps/s_server.c b/apps/s_server.c index 9ffbabffcf..3a454263fc 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -3574,14 +3574,14 @@ static int authz_tlsext_cb(SSL *s, unsigned short ext_type, TLSEXT_AUTHZDATAFORMAT_dtcp, inlen) != NULL); } - + if (TLSEXT_TYPE_client_authz == ext_type) { client_provided_client_authz = (memchr(in, TLSEXT_AUTHZDATAFORMAT_dtcp, inlen) != NULL); } - + return 1; } @@ -3594,7 +3594,6 @@ static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type, if (!c_auth_require_reneg || (c_auth_require_reneg && SSL_num_renegotiations(s))) { *out = auth_ext_data; - *outlen = 1; return 1; } @@ -3627,7 +3626,7 @@ static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type, { result = OPENSSL_malloc(10); memcpy(result, "1234512345", 10); - *out = result; + *out = result; *outlen = 10; return 1; } diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod index 85138a4d22..8a762e47ae 100644 --- a/doc/apps/s_client.pod +++ b/doc/apps/s_client.pod @@ -268,7 +268,7 @@ file. =item B<-auth> -send RFC 5878 client and server authorization extensions in the Client Hello as well as +send RFC 5878 client and server authorization extensions in the Client Hello as well as supplemental data if the server also sent the authorization extensions in the Server Hello. =item B<-auth_require_reneg> diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod index 3b0962ee4c..ddfc27de4e 100644 --- a/doc/apps/s_server.pod +++ b/doc/apps/s_server.pod @@ -319,7 +319,7 @@ ServerHello extension will be returned. =item B<-auth> -send RFC 5878 client and server authorization extensions in the Client Hello as well as +send RFC 5878 client and server authorization extensions in the Client Hello as well as supplemental data if the server also sent the authorization extensions in the Server Hello. =item B<-auth_require_reneg> @@ -328,7 +328,7 @@ only send RFC 5878 client and server authorization extensions during renegotiati =item B<-no_resumption_on_reneg> -set SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag. Required in order to receive supplemental data +set SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag. Required in order to receive supplemental data during renegotiation if auth and auth_require_reneg are set. =back diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 4b0074da7c..0f78a32199 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -3653,7 +3653,6 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip) SSLerr(SSL_F_TLS1_SEND_CLIENT_SUPPLEMENTAL_DATA,ERR_R_BUF_LIB); return 0; } - p = (unsigned char *)s->init_buf->data; *(p++) = SSL3_MT_SUPPLEMENTAL_DATA; //update message length when all callbacks complete @@ -3682,7 +3681,6 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip) s->state = SSL3_ST_CW_SUPPLEMENTAL_DATA_B; s->init_num = length; s->init_off = 0; - return ssl3_do_write(s, SSL3_RT_HANDSHAKE); } } diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 3936daefec..ad3a4d8fc1 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -3708,14 +3708,14 @@ int tls1_send_server_supplemental_data(SSL *s, int *skip) srv_supp_data_record *record = NULL; size_t length = 0; size_t i = 0; - + for (i = 0; i < s->ctx->srv_supp_data_records_count; i++) { const unsigned char *out = NULL; unsigned short outlen = 0; int cb_retval = 0; record = &s->ctx->srv_supp_data_records[i]; - + /* NULL callback or -1 omits supp data entry */ if (!record->fn1) continue; @@ -3775,11 +3775,11 @@ int tls1_send_server_supplemental_data(SSL *s, int *skip) s->state = SSL3_ST_SW_SUPPLEMENTAL_DATA_B; s->init_num = length; s->init_off = 0; - + return ssl3_do_write(s, SSL3_RT_HANDSHAKE); } } - + //no supp data message sent *skip = 1; s->init_num = 0; @@ -3797,8 +3797,8 @@ int tls1_get_client_supplemental_data(SSL *s) unsigned short supp_data_entry_type = 0; unsigned long supp_data_entry_len = 0; unsigned long supp_data_len = 0; - int i; - + size_t i = 0; + n=s->method->ssl_get_message(s, SSL3_ST_SR_SUPPLEMENTAL_DATA_A, SSL3_ST_SR_SUPPLEMENTAL_DATA_B, @@ -3806,12 +3806,12 @@ int tls1_get_client_supplemental_data(SSL *s) /* use default limit */ TLSEXT_MAXLEN_supplemental_data, &ok); - + if (!ok) return((int)n); - + p = (unsigned char *)s->init_msg; d = p; - + /* The message cannot be empty */ if (n < 3) { @@ -434,7 +434,7 @@ typedef struct { void *arg; } custom_srv_ext_record; -/* Callbacks and structures for handling Supplemental Data: +/* Callbacks and structures for handling Supplemental Data: * srv_supp_data_first_cb_fn - server sends Supplemental Data * srv_supp_data_second_cb_fn - server receives Supplemental Data * cli_supp_data_first_cb_fn - client receives Supplemental Data @@ -443,16 +443,16 @@ typedef struct { * All these functions return nonzero on success. Zero will terminate * the handshake (and return a specific TLS Fatal alert, if the function * declaration has an "al" parameter). -1 for the "sending" functions - * will result in no supplemental data entry being added to the + * will result in no supplemental data entry being added to the * supplemental data message for the provided supplemental data type. - * + * * "supp_data_type" is a Supplemental Data Type from 0-65535. * "in" is a pointer to TLS "supplemental_data_entry" being provided to the cb. * "out" is used by the callback to return a pointer to "supplemental data" * which OpenSSL will later copy into the TLS handshake. The contents * of this buffer should not be changed until the handshake is complete. * "inlen" and "outlen" are Supplemental Data lengths from 0-65535. - * "al" is a TLS "AlertDescription" from 0-255 which WILL be sent as a + * "al" is a TLS "AlertDescription" from 0-255 which WILL be sent as a * fatal TLS alert, if the callback returns zero. */ typedef int (*srv_supp_data_first_cb_fn)(SSL *s, unsigned short supp_data_type, @@ -1341,25 +1341,25 @@ int SSL_CTX_set_custom_srv_ext(SSL_CTX *ctx, unsigned short ext_type, custom_srv_ext_second_cb_fn fn2, void *arg); /* Register callbacks to handle Supplemental Data as client or server. - * + * * For SSL_CTX_set_srv_supp_data, a NULL srv_supp_data_first_cb_fn results in no supplemental data - * being sent by the server for that TLS extension. + * being sent by the server for that TLS extension. * A NULL srv_supp_data_second_cb_fn results in no supplemental data * being received by the server for that TLS extension. - * + * * For SSL_CTX_set_cli_supp_data, a NULL cli_supp_data_first_cb_fn results in no supplemental data - * being received by the client for that TLS extension. + * being received by the client for that TLS extension. * A NULL cli_supp_data_second_cb_fn results in no supplemental data * being sent by the client for that TLS extension. * * Returns nonzero on success. You cannot register twice for the same supp_data_type. */ -int SSL_CTX_set_srv_supp_data(SSL_CTX *ctx, +int SSL_CTX_set_srv_supp_data(SSL_CTX *ctx, unsigned short supp_data_type, srv_supp_data_first_cb_fn fn1, srv_supp_data_second_cb_fn fn2, void *arg); -int SSL_CTX_set_cli_supp_data(SSL_CTX *ctx, +int SSL_CTX_set_cli_supp_data(SSL_CTX *ctx, unsigned short supp_data_type, cli_supp_data_first_cb_fn fn1, cli_supp_data_second_cb_fn fn2, void *arg); diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index fe7b9b7239..0b2d5ffd95 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1848,12 +1848,12 @@ int SSL_CTX_set_cli_supp_data(SSL_CTX *ctx, { size_t i; cli_supp_data_record* record; - + /* Check for duplicates */ for (i=0; i < ctx->cli_supp_data_records_count; i++) if (supp_data_type == ctx->cli_supp_data_records[i].supp_data_type) return 0; - + ctx->cli_supp_data_records = OPENSSL_realloc(ctx->cli_supp_data_records, (ctx->cli_supp_data_records_count+1) * sizeof(cli_supp_data_record)); if (!ctx->cli_supp_data_records) @@ -1877,12 +1877,12 @@ int SSL_CTX_set_srv_supp_data(SSL_CTX *ctx, { size_t i; srv_supp_data_record* record; - + /* Check for duplicates */ for (i=0; i < ctx->srv_supp_data_records_count; i++) if (supp_data_type == ctx->srv_supp_data_records[i].supp_data_type) return 0; - + ctx->srv_supp_data_records = OPENSSL_realloc(ctx->srv_supp_data_records, (ctx->srv_supp_data_records_count+1) * sizeof(srv_supp_data_record)); if (!ctx->srv_supp_data_records) @@ -1896,7 +1896,7 @@ int SSL_CTX_set_srv_supp_data(SSL_CTX *ctx, record->fn1 = fn1; record->fn2 = fn2; record->arg = arg; - + return 1; } diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 16bdb8f40a..20b169dcd4 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -1770,15 +1770,15 @@ bad: //client and server both send and receive, verify additional arg passed back SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_0, supp_data_0_srv_first_cb, supp_data_0_srv_second_cb, s_ssl); SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_0, supp_data_0_cli_first_cb, supp_data_0_cli_second_cb, c_ssl); - + //-1 response from sending server/client doesn't receive, -1 response from sending client/server doesn't receive SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_1, supp_data_1_srv_first_cb, supp_data_1_srv_second_cb, NULL); SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_1, supp_data_1_cli_first_cb, supp_data_1_cli_second_cb, NULL); - + //null sending server/client doesn't receive, null sending client/server doesn't receive SSL_CTX_set_srv_supp_data(s_ctx, CUSTOM_SUPP_DATA_TYPE_2, /*supp_data_2_srv_first_cb*/NULL, supp_data_2_srv_second_cb, NULL); SSL_CTX_set_cli_supp_data(c_ctx, CUSTOM_SUPP_DATA_TYPE_2, supp_data_2_cli_first_cb, /*supp_data_2_cli_second_cb*/NULL, NULL); - + //alerts set to non-zero and zero return values not tested } #ifndef OPENSSL_NO_KRB5 |