[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Wed Jul 20 11:22:40 UTC 2016
The branch master has been updated
via 2f8e53d7944b3d659c8ae678163eb0f096a6d992 (commit)
via e8aa8b6c8f6d4e2b2bbd5e5721d977b0a6aa3cee (commit)
from c106eaa8ed7c24900e4367fc85cae1a77bc4e5ae (commit)
- Log -----------------------------------------------------------------
commit 2f8e53d7944b3d659c8ae678163eb0f096a6d992
Author: FdaSilvaYY <fdasilvayy at gmail.com>
Date: Wed Jun 29 00:19:46 2016 +0200
Fix if/for/while( in docs
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1292)
commit e8aa8b6c8f6d4e2b2bbd5e5721d977b0a6aa3cee
Author: FdaSilvaYY <fdasilvayy at gmail.com>
Date: Wed Jun 29 00:18:50 2016 +0200
Fix a few if(, for(, while( inside code.
Fix some indentation at the same time
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1292)
-----------------------------------------------------------------------
Summary of changes:
apps/apps.c | 4 +-
apps/s_server.c | 6 +-
crypto/aes/aes_core.c | 8 +-
crypto/async/arch/async_win.c | 2 +-
crypto/async/async.c | 4 +-
crypto/bio/bss_mem.c | 8 +-
crypto/bn/bn_lcl.h | 30 ++---
crypto/include/internal/evp_int.h | 37 +++---
crypto/o_fopen.c | 2 +-
crypto/x509/x_x509a.c | 2 +-
doc/crypto/BIO_f_md.pod | 8 +-
doc/crypto/BIO_f_ssl.pod | 2 +-
doc/crypto/BIO_find_type.pod | 4 +-
doc/crypto/BIO_s_connect.pod | 2 +-
doc/crypto/BIO_s_file.pod | 10 +-
doc/crypto/ENGINE_add.pod | 6 +-
doc/crypto/EVP_DigestInit.pod | 2 +-
doc/crypto/EVP_EncryptInit.pod | 2 +-
doc/ssl/SSL_CTX_set_generate_session_id.pod | 32 ++---
include/openssl/engine.h | 14 +-
ssl/d1_lib.c | 12 +-
ssl/record/rec_layer_s3.c | 4 +-
ssl/record/ssl3_record.c | 10 +-
ssl/ssl_lib.c | 14 +-
ssl/ssl_sess.c | 4 +-
ssl/statem/statem.c | 28 ++--
ssl/statem/statem_dtls.c | 2 +-
ssl/statem/statem_lib.c | 11 +-
ssl/statem/statem_srvr.c | 192 ++++++++++++++--------------
test/asynctest.c | 2 +-
test/verify_extra_test.c | 2 +-
31 files changed, 236 insertions(+), 230 deletions(-)
diff --git a/apps/apps.c b/apps/apps.c
index 3230425..746f565 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1193,7 +1193,7 @@ X509_STORE *setup_verify(char *CAfile, char *CApath, int noCAfile, int noCApath)
if (store == NULL)
goto end;
- if(CAfile != NULL || !noCAfile) {
+ if (CAfile != NULL || !noCAfile) {
lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
if (lookup == NULL)
goto end;
@@ -1206,7 +1206,7 @@ X509_STORE *setup_verify(char *CAfile, char *CApath, int noCAfile, int noCApath)
X509_LOOKUP_load_file(lookup, NULL, X509_FILETYPE_DEFAULT);
}
- if(CApath != NULL || !noCApath) {
+ if (CApath != NULL || !noCApath) {
lookup = X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir());
if (lookup == NULL)
goto end;
diff --git a/apps/s_server.c b/apps/s_server.c
index d545546..cd7155b 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2465,7 +2465,7 @@ static int init_ssl_connection(SSL *con)
int retry = 0;
#ifndef OPENSSL_NO_DTLS
- if(dtlslisten) {
+ if (dtlslisten) {
BIO_ADDR *client = NULL;
if ((client = BIO_ADDR_new()) == NULL) {
@@ -2478,11 +2478,11 @@ static int init_ssl_connection(SSL *con)
int fd = -1;
wbio = SSL_get_wbio(con);
- if(wbio) {
+ if (wbio) {
BIO_get_fd(wbio, &fd);
}
- if(!wbio || BIO_connect(fd, client, 0) == 0) {
+ if (!wbio || BIO_connect(fd, client, 0) == 0) {
BIO_printf(bio_err, "ERROR - unable to connect\n");
BIO_ADDR_free(client);
return 0;
diff --git a/crypto/aes/aes_core.c b/crypto/aes/aes_core.c
index 69be3d8..bd5c779 100644
--- a/crypto/aes/aes_core.c
+++ b/crypto/aes/aes_core.c
@@ -644,9 +644,9 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
rk = key->rd_key;
- if (bits==128)
+ if (bits == 128)
key->rounds = 10;
- else if (bits==192)
+ else if (bits == 192)
key->rounds = 12;
else
key->rounds = 14;
@@ -1222,9 +1222,9 @@ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
rk = key->rd_key;
- if (bits==128)
+ if (bits == 128)
key->rounds = 10;
- else if (bits==192)
+ else if (bits == 192)
key->rounds = 12;
else
key->rounds = 14;
diff --git a/crypto/async/arch/async_win.c b/crypto/async/arch/async_win.c
index 37a3111..077d56c 100644
--- a/crypto/async/arch/async_win.c
+++ b/crypto/async/arch/async_win.c
@@ -25,7 +25,7 @@ void async_local_cleanup(void)
async_ctx *ctx = async_get_ctx();
if (ctx != NULL) {
async_fibre *fibre = &ctx->dispatcher;
- if(fibre != NULL && fibre->fibre != NULL && fibre->converted) {
+ if (fibre != NULL && fibre->fibre != NULL && fibre->converted) {
ConvertFiberToThread();
fibre->fibre = NULL;
}
diff --git a/crypto/async/async.c b/crypto/async/async.c
index 965a195..8c699af 100644
--- a/crypto/async/async.c
+++ b/crypto/async/async.c
@@ -396,7 +396,7 @@ ASYNC_JOB *ASYNC_get_current_job(void)
async_ctx *ctx;
ctx = async_get_ctx();
- if(ctx == NULL)
+ if (ctx == NULL)
return NULL;
return ctx->currjob;
@@ -428,6 +428,6 @@ void ASYNC_unblock_pause(void)
*/
return;
}
- if(ctx->blocked > 0)
+ if (ctx->blocked > 0)
ctx->blocked--;
}
diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c
index 80da3a1..a61ab7c 100644
--- a/crypto/bio/bss_mem.c
+++ b/crypto/bio/bss_mem.c
@@ -144,12 +144,12 @@ static int mem_buf_free(BIO *a, int free_all)
BUF_MEM *b;
BIO_BUF_MEM *bb = (BIO_BUF_MEM *)a->ptr;
- if(bb != NULL) {
+ if (bb != NULL) {
b = bb->buf;
if (a->flags & BIO_FLAGS_MEM_RDONLY)
b->data = NULL;
BUF_MEM_free(b);
- if(free_all) {
+ if (free_all) {
OPENSSL_free(bb->readp);
OPENSSL_free(bb);
}
@@ -165,10 +165,10 @@ static int mem_buf_free(BIO *a, int free_all)
*/
static int mem_buf_sync(BIO *b)
{
- if((b != NULL) && (b->init) && (b->ptr != NULL)) {
+ if (b != NULL && b->init != 0 && b->ptr != NULL) {
BIO_BUF_MEM *bbm = (BIO_BUF_MEM *)b->ptr;
- if(bbm->readp->data != bbm->buf->data) {
+ if (bbm->readp->data != bbm->buf->data) {
memmove(bbm->buf->data, bbm->readp->data, bbm->readp->length);
bbm->buf->length = bbm->readp->length;
bbm->readp->data = bbm->buf->data;
diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h
index ebf17b0..157dadc 100644
--- a/crypto/bn/bn_lcl.h
+++ b/crypto/bn/bn_lcl.h
@@ -157,18 +157,18 @@ int RAND_pseudo_bytes(unsigned char *buf, int num);
# endif
# define bn_pollute(a) \
do { \
- const BIGNUM *_bnum1 = (a); \
- if(_bnum1->top < _bnum1->dmax) { \
- unsigned char _tmp_char; \
- /* We cast away const without the compiler knowing, any \
- * *genuinely* constant variables that aren't mutable \
- * wouldn't be constructed with top!=dmax. */ \
- BN_ULONG *_not_const; \
- memcpy(&_not_const, &_bnum1->d, sizeof(_not_const)); \
- RAND_bytes(&_tmp_char, 1); /* Debug only - safe to ignore error return */\
- memset(_not_const + _bnum1->top, _tmp_char, \
- sizeof(*_not_const) * (_bnum1->dmax - _bnum1->top)); \
- } \
+ const BIGNUM *_bnum1 = (a); \
+ if (_bnum1->top < _bnum1->dmax) { \
+ unsigned char _tmp_char; \
+ /* We cast away const without the compiler knowing, any \
+ * *genuinely* constant variables that aren't mutable \
+ * wouldn't be constructed with top!=dmax. */ \
+ BN_ULONG *_not_const; \
+ memcpy(&_not_const, &_bnum1->d, sizeof(_not_const)); \
+ RAND_bytes(&_tmp_char, 1); /* Debug only - safe to ignore error return */\
+ memset(_not_const + _bnum1->top, _tmp_char, \
+ sizeof(*_not_const) * (_bnum1->dmax - _bnum1->top)); \
+ } \
} while(0)
# ifdef BN_DEBUG_TRIX
# undef RAND_pseudo_bytes
@@ -257,9 +257,9 @@ struct bn_gencb_st {
unsigned int ver; /* To handle binary (in)compatibility */
void *arg; /* callback-specific data */
union {
- /* if(ver==1) - handles old style callbacks */
+ /* if (ver==1) - handles old style callbacks */
void (*cb_1) (int, int, void *);
- /* if(ver==2) - new callback style */
+ /* if (ver==2) - new callback style */
int (*cb_2) (int, int, BN_GENCB *);
} cb;
};
@@ -678,7 +678,7 @@ static ossl_inline BIGNUM *bn_expand(BIGNUM *a, int bits)
if (bits > (INT_MAX - BN_BITS2 + 1))
return NULL;
- if(((bits+BN_BITS2-1)/BN_BITS2) <= (a)->dmax)
+ if (((bits+BN_BITS2-1)/BN_BITS2) <= (a)->dmax)
return a;
return bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2);
diff --git a/crypto/include/internal/evp_int.h b/crypto/include/internal/evp_int.h
index 1c35319..2e4ca02 100644
--- a/crypto/include/internal/evp_int.h
+++ b/crypto/include/internal/evp_int.h
@@ -138,9 +138,9 @@ struct evp_cipher_st {
#define BLOCK_CIPHER_ecb_loop() \
size_t i, bl; \
bl = EVP_CIPHER_CTX_cipher(ctx)->block_size; \
- if(inl < bl) return 1;\
+ if (inl < bl) return 1;\
inl -= bl; \
- for(i=0; i <= inl; i+=bl)
+ for (i=0; i <= inl; i+=bl)
#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
@@ -189,20 +189,25 @@ static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const uns
#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
- size_t chunk=EVP_MAXCHUNK;\
- if (cbits==1) chunk>>=3;\
- if (inl<chunk) chunk=inl;\
- while(inl && inl>=chunk)\
- {\
- int num = EVP_CIPHER_CTX_num(ctx);\
- cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &EVP_C_DATA(kstruct,ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx), &num, EVP_CIPHER_CTX_encrypting(ctx)); \
- EVP_CIPHER_CTX_set_num(ctx, num);\
- inl-=chunk;\
- in +=chunk;\
- out+=chunk;\
- if(inl<chunk) chunk=inl;\
- }\
- return 1;\
+ size_t chunk = EVP_MAXCHUNK;\
+ if (cbits == 1) chunk >>= 3;\
+ if (inl < chunk) chunk = inl;\
+ while (inl && inl >= chunk)\
+ {\
+ int num = EVP_CIPHER_CTX_num(ctx);\
+ cprefix##_cfb##cbits##_encrypt(in, out, (long) \
+ ((cbits == 1) \
+ && !EVP_CIPHER_CTX_test_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS) \
+ ? inl*8 : inl), \
+ &EVP_C_DATA(kstruct, ctx)->ksched, EVP_CIPHER_CTX_iv_noconst(ctx),\
+ &num, EVP_CIPHER_CTX_encrypting(ctx));\
+ EVP_CIPHER_CTX_set_num(ctx, num);\
+ inl -= chunk;\
+ in += chunk;\
+ out += chunk;\
+ if (inl < chunk) chunk = inl;\
+ }\
+ return 1;\
}
#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
diff --git a/crypto/o_fopen.c b/crypto/o_fopen.c
index 0bdb53f..a3a0065 100644
--- a/crypto/o_fopen.c
+++ b/crypto/o_fopen.c
@@ -69,7 +69,7 @@ FILE *openssl_fopen(const char *filename, const char *mode)
if (newname == NULL)
return NULL;
- for(iterator = newname, lastchar = '\0';
+ for (iterator = newname, lastchar = '\0';
*filename; filename++, iterator++) {
if (lastchar == '/' && filename[0] == '.'
&& filename[1] != '.' && filename[1] != '/') {
diff --git a/crypto/x509/x_x509a.c b/crypto/x509/x_x509a.c
index 2efa214..67b01a7 100644
--- a/crypto/x509/x_x509a.c
+++ b/crypto/x509/x_x509a.c
@@ -76,7 +76,7 @@ int X509_keyid_set1(X509 *x, unsigned char *id, int len)
}
if ((aux = aux_get(x)) == NULL)
return 0;
- if (aux->keyid ==NULL
+ if (aux->keyid == NULL
&& (aux->keyid = ASN1_OCTET_STRING_new()) == NULL)
return 0;
return ASN1_STRING_set(aux->keyid, id, len);
diff --git a/doc/crypto/BIO_f_md.pod b/doc/crypto/BIO_f_md.pod
index b2c1433..32f0046 100644
--- a/doc/crypto/BIO_f_md.pod
+++ b/doc/crypto/BIO_f_md.pod
@@ -107,7 +107,7 @@ The next example digests data by reading through a chain instead:
do {
rdlen = BIO_read(bio, buf, sizeof(buf));
/* Might want to do something with the data here */
- } while(rdlen > 0);
+ } while (rdlen > 0);
This next example retrieves the message digests from a BIO chain and
outputs them. This could be used with the examples above.
@@ -120,14 +120,14 @@ outputs them. This could be used with the examples above.
do {
EVP_MD *md;
mdtmp = BIO_find_type(mdtmp, BIO_TYPE_MD);
- if(!mdtmp) break;
+ if (!mdtmp) break;
BIO_get_md(mdtmp, &md);
printf("%s digest", OBJ_nid2sn(EVP_MD_type(md)));
mdlen = BIO_gets(mdtmp, mdbuf, EVP_MAX_MD_SIZE);
- for(i = 0; i < mdlen; i++) printf(":%02X", mdbuf[i]);
+ for (i = 0; i < mdlen; i++) printf(":%02X", mdbuf[i]);
printf("\n");
mdtmp = BIO_next(mdtmp);
- } while(mdtmp);
+ } while (mdtmp);
BIO_free_all(bio);
diff --git a/doc/crypto/BIO_f_ssl.pod b/doc/crypto/BIO_f_ssl.pod
index 318b3c8..3f9635e 100644
--- a/doc/crypto/BIO_f_ssl.pod
+++ b/doc/crypto/BIO_f_ssl.pod
@@ -180,7 +180,7 @@ unencrypted example in L<BIO_s_connect(3)>.
BIO_puts(sbio, "GET / HTTP/1.0\n\n");
for ( ; ; ) {
len = BIO_read(sbio, tmpbuf, 1024);
- if(len <= 0)
+ if (len <= 0)
break;
BIO_write(out, tmpbuf, len);
}
diff --git a/doc/crypto/BIO_find_type.pod b/doc/crypto/BIO_find_type.pod
index b87e87b..ff7b488 100644
--- a/doc/crypto/BIO_find_type.pod
+++ b/doc/crypto/BIO_find_type.pod
@@ -49,12 +49,12 @@ Traverse a chain looking for digest BIOs:
do {
btmp = BIO_find_type(btmp, BIO_TYPE_MD);
- if(btmp == NULL) break; /* Not found */
+ if (btmp == NULL) break; /* Not found */
/* btmp is a digest BIO, do something with it ...*/
...
btmp = BIO_next(btmp);
- } while(btmp);
+ } while (btmp);
=head1 COPYRIGHT
diff --git a/doc/crypto/BIO_s_connect.pod b/doc/crypto/BIO_s_connect.pod
index 29192a6..2143acd 100644
--- a/doc/crypto/BIO_s_connect.pod
+++ b/doc/crypto/BIO_s_connect.pod
@@ -176,7 +176,7 @@ to retrieve a page and copy the result to standard output.
BIO_puts(cbio, "GET / HTTP/1.0\n\n");
for ( ; ; ) {
len = BIO_read(cbio, tmpbuf, 1024);
- if(len <= 0)
+ if (len <= 0)
break;
BIO_write(out, tmpbuf, len);
}
diff --git a/doc/crypto/BIO_s_file.pod b/doc/crypto/BIO_s_file.pod
index b77b00f..e19d824 100644
--- a/doc/crypto/BIO_s_file.pod
+++ b/doc/crypto/BIO_s_file.pod
@@ -92,15 +92,15 @@ Alternative technique:
BIO *bio_out;
bio_out = BIO_new(BIO_s_file());
- if(bio_out == NULL) /* Error ... */
- if(!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE)) /* Error ... */
+ if (bio_out == NULL) /* Error ... */
+ if (!BIO_set_fp(bio_out, stdout, BIO_NOCLOSE)) /* Error ... */
BIO_printf(bio_out, "Hello World\n");
Write to a file:
BIO *out;
out = BIO_new_file("filename.txt", "w");
- if(!out) /* Error occurred */
+ if (!out) /* Error occurred */
BIO_printf(out, "Hello World\n");
BIO_free(out);
@@ -108,8 +108,8 @@ Alternative technique:
BIO *out;
out = BIO_new(BIO_s_file());
- if(out == NULL) /* Error ... */
- if(!BIO_write_filename(out, "filename.txt")) /* Error ... */
+ if (out == NULL) /* Error ... */
+ if (!BIO_write_filename(out, "filename.txt")) /* Error ... */
BIO_printf(out, "Hello World\n");
BIO_free(out);
diff --git a/doc/crypto/ENGINE_add.pod b/doc/crypto/ENGINE_add.pod
index da86532..37384f6 100644
--- a/doc/crypto/ENGINE_add.pod
+++ b/doc/crypto/ENGINE_add.pod
@@ -472,8 +472,8 @@ boolean success or failure.
const char **post_cmds, int post_num)
{
ENGINE *e = ENGINE_by_id(engine_id);
- if(!e) return 0;
- while(pre_num--) {
+ if (!e) return 0;
+ while (pre_num--) {
if(!ENGINE_ctrl_cmd_string(e, pre_cmds[0], pre_cmds[1], 0)) {
fprintf(stderr, "Failed command (%s - %s:%s)\n", engine_id,
pre_cmds[0], pre_cmds[1] ? pre_cmds[1] : "(NULL)");
@@ -482,7 +482,7 @@ boolean success or failure.
}
pre_cmds += 2;
}
- if(!ENGINE_init(e)) {
+ if (!ENGINE_init(e)) {
fprintf(stderr, "Failed initialisation\n");
ENGINE_free(e);
return 0;
diff --git a/doc/crypto/EVP_DigestInit.pod b/doc/crypto/EVP_DigestInit.pod
index 1f2da05..d615b31 100644
--- a/doc/crypto/EVP_DigestInit.pod
+++ b/doc/crypto/EVP_DigestInit.pod
@@ -223,7 +223,7 @@ digest name passed on the command line.
EVP_MD_CTX_free(mdctx);
printf("Digest is: ");
- for(i = 0; i < md_len; i++)
+ for (i = 0; i < md_len; i++)
printf("%02x", md_value[i]);
printf("\n");
diff --git a/doc/crypto/EVP_EncryptInit.pod b/doc/crypto/EVP_EncryptInit.pod
index bffe72b..8286a71 100644
--- a/doc/crypto/EVP_EncryptInit.pod
+++ b/doc/crypto/EVP_EncryptInit.pod
@@ -603,7 +603,7 @@ with a 128-bit key:
for(;;)
{
inlen = fread(inbuf, 1, 1024, in);
- if(inlen <= 0) break;
+ if (inlen <= 0) break;
if(!EVP_CipherUpdate(ctx, outbuf, &outlen, inbuf, inlen))
{
/* Error */
diff --git a/doc/ssl/SSL_CTX_set_generate_session_id.pod b/doc/ssl/SSL_CTX_set_generate_session_id.pod
index 95b7e9e..515fd25 100644
--- a/doc/ssl/SSL_CTX_set_generate_session_id.pod
+++ b/doc/ssl/SSL_CTX_set_generate_session_id.pod
@@ -90,25 +90,27 @@ server id given, and will fill the rest with pseudo random bytes:
#define MAX_SESSION_ID_ATTEMPTS 10
static int generate_session_id(const SSL *ssl, unsigned char *id,
unsigned int *id_len)
- {
+ {
unsigned int count = 0;
- do {
- RAND_pseudo_bytes(id, *id_len);
- /* Prefix the session_id with the required prefix. NB: If our
- * prefix is too long, clip it - but there will be worse effects
- * anyway, eg. the server could only possibly create 1 session
- * ID (ie. the prefix!) so all future session negotiations will
- * fail due to conflicts. */
- memcpy(id, session_id_prefix,
- (strlen(session_id_prefix) < *id_len) ?
- strlen(session_id_prefix) : *id_len);
- }
- while(SSL_has_matching_session_id(ssl, id, *id_len) &&
+ do {
+ RAND_pseudo_bytes(id, *id_len);
+ /*
+ * Prefix the session_id with the required prefix. NB: If our
+ * prefix is too long, clip it - but there will be worse effects
+ * anyway, eg. the server could only possibly create 1 session
+ * ID (ie. the prefix!) so all future session negotiations will
+ * fail due to conflicts.
+ */
+ memcpy(id, session_id_prefix,
+ (strlen(session_id_prefix) < *id_len) ?
+ strlen(session_id_prefix) : *id_len);
+ }
+ while (SSL_has_matching_session_id(ssl, id, *id_len) &&
(++count < MAX_SESSION_ID_ATTEMPTS));
- if(count >= MAX_SESSION_ID_ATTEMPTS)
+ if (count >= MAX_SESSION_ID_ATTEMPTS)
return 0;
return 1;
- }
+ }
=head1 RETURN VALUES
diff --git a/include/openssl/engine.h b/include/openssl/engine.h
index b1e5c1f..21c6961 100644
--- a/include/openssl/engine.h
+++ b/include/openssl/engine.h
@@ -696,7 +696,7 @@ typedef unsigned long (*dynamic_v_check_fn) (unsigned long ossl_version);
# define IMPLEMENT_DYNAMIC_CHECK_FN() \
OPENSSL_EXPORT unsigned long v_check(unsigned long v); \
OPENSSL_EXPORT unsigned long v_check(unsigned long v) { \
- if(v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
+ if (v >= OSSL_DYNAMIC_OLDEST) return OSSL_DYNAMIC_VERSION; \
return 0; }
/*
@@ -724,13 +724,13 @@ typedef int (*dynamic_bind_engine) (ENGINE *e, const char *id,
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns); \
OPENSSL_EXPORT \
int bind_engine(ENGINE *e, const char *id, const dynamic_fns *fns) { \
- if(ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
- CRYPTO_set_mem_functions(fns->mem_fns.malloc_fn, \
- fns->mem_fns.realloc_fn, \
- fns->mem_fns.free_fn); \
+ if (ENGINE_get_static_state() == fns->static_state) goto skip_cbs; \
+ CRYPTO_set_mem_functions(fns->mem_fns.malloc_fn, \
+ fns->mem_fns.realloc_fn, \
+ fns->mem_fns.free_fn); \
skip_cbs: \
- if(!fn(e,id)) return 0; \
- return 1; }
+ if (!fn(e, id)) return 0; \
+ return 1; }
/*
* If the loading application (or library) and the loaded ENGINE library
diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c
index a20f30a..0a98555 100644
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@@ -433,7 +433,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client)
rbio = SSL_get_rbio(s);
wbio = SSL_get_wbio(s);
- if(!rbio || !wbio) {
+ if (!rbio || !wbio) {
SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_BIO_NOT_SET);
return -1;
}
@@ -487,7 +487,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client)
n = BIO_read(rbio, buf, SSL3_RT_MAX_PLAIN_LENGTH);
if (n <= 0) {
- if(BIO_should_retry(rbio)) {
+ if (BIO_should_retry(rbio)) {
/* Non-blocking IO */
goto end;
}
@@ -581,7 +581,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client)
}
/* Message sequence number can only be 0 or 1 */
- if(msgseq > 2) {
+ if (msgseq > 2) {
SSLerr(SSL_F_DTLSV1_LISTEN, SSL_R_INVALID_SEQUENCE_NUMBER);
goto end;
}
@@ -752,14 +752,14 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client)
* maybe they're not. We ignore errors here - some BIOs do not
* support this.
*/
- if(BIO_dgram_get_peer(rbio, tmpclient) > 0) {
+ if (BIO_dgram_get_peer(rbio, tmpclient) > 0) {
(void)BIO_dgram_set_peer(wbio, tmpclient);
}
BIO_ADDR_free(tmpclient);
tmpclient = NULL;
if (BIO_write(wbio, buf, reclen) < (int)reclen) {
- if(BIO_should_retry(wbio)) {
+ if (BIO_should_retry(wbio)) {
/*
* Non-blocking IO...but we're stateless, so we're just
* going to drop this packet.
@@ -770,7 +770,7 @@ int DTLSv1_listen(SSL *s, BIO_ADDR *client)
}
if (BIO_flush(wbio) <= 0) {
- if(BIO_should_retry(wbio)) {
+ if (BIO_should_retry(wbio)) {
/*
* Non-blocking IO...but we're stateless, so we're just
* going to drop this packet.
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index 9461284..b562913 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -60,7 +60,7 @@ void RECORD_LAYER_clear(RECORD_LAYER *rl)
rl->wpend_buf = NULL;
SSL3_BUFFER_clear(&rl->rbuf);
- for(pipes = 0; pipes < rl->numwpipes; pipes++)
+ for (pipes = 0; pipes < rl->numwpipes; pipes++)
SSL3_BUFFER_clear(&rl->wbuf[pipes]);
rl->numwpipes = 0;
rl->numrpipes = 0;
@@ -1186,7 +1186,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
goto f_err;
}
- if(s->method->version == TLS_ANY_VERSION
+ if (s->method->version == TLS_ANY_VERSION
&& (s->server || rr->type != SSL3_RT_ALERT)) {
/*
* If we've got this far and still haven't decided on what version
diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c
index 3630cd9..b4d8981 100644
--- a/ssl/record/ssl3_record.c
+++ b/ssl/record/ssl3_record.c
@@ -291,7 +291,7 @@ int ssl3_get_record(SSL *s)
* or s->packet_length == SSL2_RT_HEADER_LENGTH + rr->length
* and we have that many bytes in s->packet
*/
- if(rr[num_recs].rec_version == SSL2_VERSION) {
+ if (rr[num_recs].rec_version == SSL2_VERSION) {
rr[num_recs].input =
&(RECORD_LAYER_get_packet(&s->rlayer)[SSL2_RT_HEADER_LENGTH]);
} else {
@@ -703,8 +703,8 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, unsigned int n_recs, int send)
bs = EVP_CIPHER_block_size(EVP_CIPHER_CTX_cipher(ds));
if (n_recs > 1) {
- if(!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ds))
- & EVP_CIPH_FLAG_PIPELINE)) {
+ if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ds))
+ & EVP_CIPH_FLAG_PIPELINE)) {
/*
* We shouldn't have been called with pipeline data if the
* cipher doesn't support pipelining
@@ -777,7 +777,7 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, unsigned int n_recs, int send)
unsigned char *data[SSL_MAX_PIPELINES];
/* Set the output buffers */
- for(ctr = 0; ctr < n_recs; ctr++) {
+ for (ctr = 0; ctr < n_recs; ctr++) {
data[ctr] = recs[ctr].data;
}
if (EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS,
@@ -785,7 +785,7 @@ int tls1_enc(SSL *s, SSL3_RECORD *recs, unsigned int n_recs, int send)
SSLerr(SSL_F_TLS1_ENC, SSL_R_PIPELINE_FAILURE);
}
/* Set the input buffers */
- for(ctr = 0; ctr < n_recs; ctr++) {
+ for (ctr = 0; ctr < n_recs; ctr++) {
data[ctr] = recs[ctr].input;
}
if (EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_SET_PIPELINE_INPUT_BUFS,
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 4fafd18..bf63a6c 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1393,7 +1393,7 @@ int SSL_check_private_key(const SSL *ssl)
int SSL_waiting_for_async(SSL *s)
{
- if(s->job)
+ if (s->job)
return 1;
return 0;
@@ -1452,7 +1452,7 @@ static int ssl_start_async_job(SSL *s, struct ssl_async_args *args,
if (s->waitctx == NULL)
return -1;
}
- switch(ASYNC_start_job(&s->job, s->waitctx, &ret, func, args,
+ switch (ASYNC_start_job(&s->job, s->waitctx, &ret, func, args,
sizeof(struct ssl_async_args))) {
case ASYNC_ERR:
s->rwstate = SSL_NOTHING;
@@ -1509,7 +1509,7 @@ int SSL_read(SSL *s, void *buf, int num)
return (0);
}
- if((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) {
+ if ((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) {
struct ssl_async_args args;
args.s = s;
@@ -1534,7 +1534,7 @@ int SSL_peek(SSL *s, void *buf, int num)
if (s->shutdown & SSL_RECEIVED_SHUTDOWN) {
return (0);
}
- if((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) {
+ if ((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) {
struct ssl_async_args args;
args.s = s;
@@ -1562,7 +1562,7 @@ int SSL_write(SSL *s, const void *buf, int num)
return (-1);
}
- if((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) {
+ if ((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) {
struct ssl_async_args args;
args.s = s;
@@ -1592,7 +1592,7 @@ int SSL_shutdown(SSL *s)
}
if (!SSL_in_init(s)) {
- if((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) {
+ if ((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) {
struct ssl_async_args args;
args.s = s;
@@ -2983,7 +2983,7 @@ int SSL_do_handshake(SSL *s)
s->method->ssl_renegotiate_check(s);
if (SSL_in_init(s) || SSL_in_before(s)) {
- if((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) {
+ if ((s->mode & SSL_MODE_ASYNC) && ASYNC_get_current_job() == NULL) {
struct ssl_async_args args;
args.s = s;
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 74250c2..44bc8a3 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -174,7 +174,7 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
}
#endif
- if(src->ciphers != NULL) {
+ if (src->ciphers != NULL) {
dest->ciphers = sk_SSL_CIPHER_dup(src->ciphers);
if (dest->ciphers == NULL)
goto err;
@@ -210,7 +210,7 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
if (ticket != 0) {
dest->tlsext_tick = OPENSSL_memdup(src->tlsext_tick, src->tlsext_ticklen);
- if(dest->tlsext_tick == NULL)
+ if (dest->tlsext_tick == NULL)
goto err;
} else {
dest->tlsext_tick_lifetime_hint = 0;
diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c
index c34110b..9bfd29d 100644
--- a/ssl/statem/statem.c
+++ b/ssl/statem/statem.c
@@ -380,8 +380,8 @@ static int state_machine(SSL *s, int server)
st->read_state_first_init = 1;
}
- while(st->state != MSG_FLOW_FINISHED) {
- if(st->state == MSG_FLOW_READING) {
+ while (st->state != MSG_FLOW_FINISHED) {
+ if (st->state == MSG_FLOW_READING) {
ssret = read_state_machine(s);
if (ssret == SUB_STATE_FINISHED) {
st->state = MSG_FLOW_WRITING;
@@ -484,7 +484,7 @@ static SUB_STATE_RETURN read_state_machine(SSL *s) {
cb = get_callback(s);
- if(s->server) {
+ if (s->server) {
transition = ossl_statem_server_read_transition;
process_message = ossl_statem_server_process_message;
max_message_size = ossl_statem_server_max_message_size;
@@ -501,8 +501,8 @@ static SUB_STATE_RETURN read_state_machine(SSL *s) {
st->read_state_first_init = 0;
}
- while(1) {
- switch(st->read_state) {
+ while (1) {
+ switch (st->read_state) {
case READ_STATE_HEADER:
/* Get the state the peer wants to move to */
if (SSL_IS_DTLS(s)) {
@@ -530,7 +530,7 @@ static SUB_STATE_RETURN read_state_machine(SSL *s) {
* Validate that we are allowed to move to the new state and move
* to that state if so
*/
- if(!transition(s, mt)) {
+ if (!transition(s, mt)) {
ossl_statem_set_error(s);
return SUB_STATE_ERROR;
}
@@ -586,7 +586,7 @@ static SUB_STATE_RETURN read_state_machine(SSL *s) {
case READ_STATE_POST_PROCESS:
st->read_state_work = post_process_message(s, st->read_state_work);
- switch(st->read_state_work) {
+ switch (st->read_state_work) {
default:
return SUB_STATE_ERROR;
@@ -683,7 +683,7 @@ static SUB_STATE_RETURN write_state_machine(SSL *s)
cb = get_callback(s);
- if(s->server) {
+ if (s->server) {
transition = ossl_statem_server_write_transition;
pre_work = ossl_statem_server_pre_work;
post_work = ossl_statem_server_post_work;
@@ -695,8 +695,8 @@ static SUB_STATE_RETURN write_state_machine(SSL *s)
construct_message = ossl_statem_client_construct_message;
}
- while(1) {
- switch(st->write_state) {
+ while (1) {
+ switch (st->write_state) {
case WRITE_STATE_TRANSITION:
if (cb != NULL) {
/* Notify callback of an impending state change */
@@ -705,7 +705,7 @@ static SUB_STATE_RETURN write_state_machine(SSL *s)
else
cb(s, SSL_CB_CONNECT_LOOP, 1);
}
- switch(transition(s)) {
+ switch (transition(s)) {
case WRITE_TRAN_CONTINUE:
st->write_state = WRITE_STATE_PRE_WORK;
st->write_state_work = WORK_MORE_A;
@@ -721,7 +721,7 @@ static SUB_STATE_RETURN write_state_machine(SSL *s)
break;
case WRITE_STATE_PRE_WORK:
- switch(st->write_state_work = pre_work(s, st->write_state_work)) {
+ switch (st->write_state_work = pre_work(s, st->write_state_work)) {
default:
return SUB_STATE_ERROR;
@@ -732,7 +732,7 @@ static SUB_STATE_RETURN write_state_machine(SSL *s)
case WORK_FINISHED_STOP:
return SUB_STATE_END_HANDSHAKE;
}
- if(construct_message(s) == 0)
+ if (construct_message(s) == 0)
return SUB_STATE_ERROR;
/* Fall through */
@@ -750,7 +750,7 @@ static SUB_STATE_RETURN write_state_machine(SSL *s)
/* Fall through */
case WRITE_STATE_POST_WORK:
- switch(st->write_state_work = post_work(s, st->write_state_work)) {
+ switch (st->write_state_work = post_work(s, st->write_state_work)) {
default:
return SUB_STATE_ERROR;
diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c
index 3979bf3..5929113 100644
--- a/ssl/statem/statem_dtls.c
+++ b/ssl/statem/statem_dtls.c
@@ -728,7 +728,7 @@ static int dtls_get_reassembled_message(SSL *s, long *len)
*len = i;
return 0;
}
- if(recvd_type == SSL3_RT_CHANGE_CIPHER_SPEC) {
+ if (recvd_type == SSL3_RT_CHANGE_CIPHER_SPEC) {
if (wire[0] != SSL3_MT_CCS) {
al = SSL_AD_UNEXPECTED_MESSAGE;
SSLerr(SSL_F_DTLS_GET_REASSEMBLED_MESSAGE,
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index 258b897..df07800 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -401,15 +401,14 @@ int tls_get_message_header(SSL *s, int *mt)
*mt = *p;
s->s3->tmp.message_type = *(p++);
- if(RECORD_LAYER_is_sslv2_record(&s->rlayer)) {
+ if (RECORD_LAYER_is_sslv2_record(&s->rlayer)) {
/*
* Only happens with SSLv3+ in an SSLv2 backward compatible
* ClientHello
+ *
+ * Total message size is the remaining record bytes to read
+ * plus the SSL3_HM_HEADER_LENGTH bytes that we already read
*/
- /*
- * Total message size is the remaining record bytes to read
- * plus the SSL3_HM_HEADER_LENGTH bytes that we already read
- */
l = RECORD_LAYER_get_rrec_length(&s->rlayer)
+ SSL3_HM_HEADER_LENGTH;
if (l && !BUF_MEM_grow_clean(s->init_buf, (int)l)) {
@@ -482,7 +481,7 @@ int tls_get_message_body(SSL *s, unsigned long *len)
#endif
/* Feed this message into MAC computation. */
- if(RECORD_LAYER_is_sslv2_record(&s->rlayer)) {
+ if (RECORD_LAYER_is_sslv2_record(&s->rlayer)) {
if (!ssl3_finish_mac(s, (unsigned char *)s->init_buf->data,
s->init_num)) {
SSLerr(SSL_F_TLS_GET_MESSAGE_BODY, ERR_R_EVP_LIB);
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 07a80f9..e56d791 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -81,7 +81,7 @@ int ossl_statem_server_read_transition(SSL *s, int mt)
{
OSSL_STATEM *st = &s->statem;
- switch(st->hand_state) {
+ switch (st->hand_state) {
case TLS_ST_BEFORE:
case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
if (mt == SSL3_MT_CLIENT_HELLO) {
@@ -311,113 +311,113 @@ WRITE_TRAN ossl_statem_server_write_transition(SSL *s)
{
OSSL_STATEM *st = &s->statem;
- switch(st->hand_state) {
- case TLS_ST_BEFORE:
- /* Just go straight to trying to read from the client */;
- return WRITE_TRAN_FINISHED;
-
- case TLS_ST_OK:
- /* We must be trying to renegotiate */
- st->hand_state = TLS_ST_SW_HELLO_REQ;
- return WRITE_TRAN_CONTINUE;
-
- case TLS_ST_SW_HELLO_REQ:
- st->hand_state = TLS_ST_OK;
- ossl_statem_set_in_init(s, 0);
- return WRITE_TRAN_CONTINUE;
+ switch (st->hand_state) {
+ case TLS_ST_BEFORE:
+ /* Just go straight to trying to read from the client */;
+ return WRITE_TRAN_FINISHED;
- case TLS_ST_SR_CLNT_HELLO:
- if (SSL_IS_DTLS(s) && !s->d1->cookie_verified
- && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE))
- st->hand_state = DTLS_ST_SW_HELLO_VERIFY_REQUEST;
- else
- st->hand_state = TLS_ST_SW_SRVR_HELLO;
- return WRITE_TRAN_CONTINUE;
+ case TLS_ST_OK:
+ /* We must be trying to renegotiate */
+ st->hand_state = TLS_ST_SW_HELLO_REQ;
+ return WRITE_TRAN_CONTINUE;
- case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
- return WRITE_TRAN_FINISHED;
+ case TLS_ST_SW_HELLO_REQ:
+ st->hand_state = TLS_ST_OK;
+ ossl_statem_set_in_init(s, 0);
+ return WRITE_TRAN_CONTINUE;
- case TLS_ST_SW_SRVR_HELLO:
- if (s->hit) {
- if (s->tlsext_ticket_expected)
- st->hand_state = TLS_ST_SW_SESSION_TICKET;
- else
- st->hand_state = TLS_ST_SW_CHANGE;
- } else {
- /* Check if it is anon DH or anon ECDH, */
- /* normal PSK or SRP */
- if (!(s->s3->tmp.new_cipher->algorithm_auth &
- (SSL_aNULL | SSL_aSRP | SSL_aPSK))) {
- st->hand_state = TLS_ST_SW_CERT;
- } else if (send_server_key_exchange(s)) {
- st->hand_state = TLS_ST_SW_KEY_EXCH;
- } else if (send_certificate_request(s)) {
- st->hand_state = TLS_ST_SW_CERT_REQ;
- } else {
- st->hand_state = TLS_ST_SW_SRVR_DONE;
- }
- }
- return WRITE_TRAN_CONTINUE;
+ case TLS_ST_SR_CLNT_HELLO:
+ if (SSL_IS_DTLS(s) && !s->d1->cookie_verified
+ && (SSL_get_options(s) & SSL_OP_COOKIE_EXCHANGE))
+ st->hand_state = DTLS_ST_SW_HELLO_VERIFY_REQUEST;
+ else
+ st->hand_state = TLS_ST_SW_SRVR_HELLO;
+ return WRITE_TRAN_CONTINUE;
- case TLS_ST_SW_CERT:
- if (s->tlsext_status_expected) {
- st->hand_state = TLS_ST_SW_CERT_STATUS;
- return WRITE_TRAN_CONTINUE;
- }
- /* Fall through */
+ case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
+ return WRITE_TRAN_FINISHED;
- case TLS_ST_SW_CERT_STATUS:
- if (send_server_key_exchange(s)) {
+ case TLS_ST_SW_SRVR_HELLO:
+ if (s->hit) {
+ if (s->tlsext_ticket_expected)
+ st->hand_state = TLS_ST_SW_SESSION_TICKET;
+ else
+ st->hand_state = TLS_ST_SW_CHANGE;
+ } else {
+ /* Check if it is anon DH or anon ECDH, */
+ /* normal PSK or SRP */
+ if (!(s->s3->tmp.new_cipher->algorithm_auth &
+ (SSL_aNULL | SSL_aSRP | SSL_aPSK))) {
+ st->hand_state = TLS_ST_SW_CERT;
+ } else if (send_server_key_exchange(s)) {
st->hand_state = TLS_ST_SW_KEY_EXCH;
- return WRITE_TRAN_CONTINUE;
- }
- /* Fall through */
-
- case TLS_ST_SW_KEY_EXCH:
- if (send_certificate_request(s)) {
+ } else if (send_certificate_request(s)) {
st->hand_state = TLS_ST_SW_CERT_REQ;
- return WRITE_TRAN_CONTINUE;
+ } else {
+ st->hand_state = TLS_ST_SW_SRVR_DONE;
}
- /* Fall through */
+ }
+ return WRITE_TRAN_CONTINUE;
- case TLS_ST_SW_CERT_REQ:
- st->hand_state = TLS_ST_SW_SRVR_DONE;
+ case TLS_ST_SW_CERT:
+ if (s->tlsext_status_expected) {
+ st->hand_state = TLS_ST_SW_CERT_STATUS;
return WRITE_TRAN_CONTINUE;
+ }
+ /* Fall through */
- case TLS_ST_SW_SRVR_DONE:
- return WRITE_TRAN_FINISHED;
-
- case TLS_ST_SR_FINISHED:
- if (s->hit) {
- st->hand_state = TLS_ST_OK;
- ossl_statem_set_in_init(s, 0);
- return WRITE_TRAN_CONTINUE;
- } else if (s->tlsext_ticket_expected) {
- st->hand_state = TLS_ST_SW_SESSION_TICKET;
- } else {
- st->hand_state = TLS_ST_SW_CHANGE;
- }
+ case TLS_ST_SW_CERT_STATUS:
+ if (send_server_key_exchange(s)) {
+ st->hand_state = TLS_ST_SW_KEY_EXCH;
return WRITE_TRAN_CONTINUE;
+ }
+ /* Fall through */
- case TLS_ST_SW_SESSION_TICKET:
- st->hand_state = TLS_ST_SW_CHANGE;
+ case TLS_ST_SW_KEY_EXCH:
+ if (send_certificate_request(s)) {
+ st->hand_state = TLS_ST_SW_CERT_REQ;
return WRITE_TRAN_CONTINUE;
+ }
+ /* Fall through */
- case TLS_ST_SW_CHANGE:
- st->hand_state = TLS_ST_SW_FINISHED;
- return WRITE_TRAN_CONTINUE;
+ case TLS_ST_SW_CERT_REQ:
+ st->hand_state = TLS_ST_SW_SRVR_DONE;
+ return WRITE_TRAN_CONTINUE;
- case TLS_ST_SW_FINISHED:
- if (s->hit) {
- return WRITE_TRAN_FINISHED;
- }
+ case TLS_ST_SW_SRVR_DONE:
+ return WRITE_TRAN_FINISHED;
+
+ case TLS_ST_SR_FINISHED:
+ if (s->hit) {
st->hand_state = TLS_ST_OK;
ossl_statem_set_in_init(s, 0);
return WRITE_TRAN_CONTINUE;
+ } else if (s->tlsext_ticket_expected) {
+ st->hand_state = TLS_ST_SW_SESSION_TICKET;
+ } else {
+ st->hand_state = TLS_ST_SW_CHANGE;
+ }
+ return WRITE_TRAN_CONTINUE;
+
+ case TLS_ST_SW_SESSION_TICKET:
+ st->hand_state = TLS_ST_SW_CHANGE;
+ return WRITE_TRAN_CONTINUE;
- default:
- /* Shouldn't happen */
- return WRITE_TRAN_ERROR;
+ case TLS_ST_SW_CHANGE:
+ st->hand_state = TLS_ST_SW_FINISHED;
+ return WRITE_TRAN_CONTINUE;
+
+ case TLS_ST_SW_FINISHED:
+ if (s->hit) {
+ return WRITE_TRAN_FINISHED;
+ }
+ st->hand_state = TLS_ST_OK;
+ ossl_statem_set_in_init(s, 0);
+ return WRITE_TRAN_CONTINUE;
+
+ default:
+ /* Shouldn't happen */
+ return WRITE_TRAN_ERROR;
}
}
@@ -429,7 +429,7 @@ WORK_STATE ossl_statem_server_pre_work(SSL *s, WORK_STATE wst)
{
OSSL_STATEM *st = &s->statem;
- switch(st->hand_state) {
+ switch (st->hand_state) {
case TLS_ST_SW_HELLO_REQ:
s->shutdown = 0;
if (SSL_IS_DTLS(s))
@@ -510,7 +510,7 @@ WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst)
s->init_num = 0;
- switch(st->hand_state) {
+ switch (st->hand_state) {
case TLS_ST_SW_HELLO_REQ:
if (statem_flush(s) != 1)
return WORK_MORE_A;
@@ -621,7 +621,7 @@ int ossl_statem_server_construct_message(SSL *s)
{
OSSL_STATEM *st = &s->statem;
- switch(st->hand_state) {
+ switch (st->hand_state) {
case DTLS_ST_SW_HELLO_VERIFY_REQUEST:
return dtls_construct_hello_verify_request(s);
@@ -698,7 +698,7 @@ unsigned long ossl_statem_server_max_message_size(SSL *s)
{
OSSL_STATEM *st = &s->statem;
- switch(st->hand_state) {
+ switch (st->hand_state) {
case TLS_ST_SR_CLNT_HELLO:
return CLIENT_HELLO_MAX_LENGTH;
@@ -737,7 +737,7 @@ MSG_PROCESS_RETURN ossl_statem_server_process_message(SSL *s, PACKET *pkt)
{
OSSL_STATEM *st = &s->statem;
- switch(st->hand_state) {
+ switch (st->hand_state) {
case TLS_ST_SR_CLNT_HELLO:
return tls_process_client_hello(s, pkt);
@@ -777,7 +777,7 @@ WORK_STATE ossl_statem_server_post_process_message(SSL *s, WORK_STATE wst)
{
OSSL_STATEM *st = &s->statem;
- switch(st->hand_state) {
+ switch (st->hand_state) {
case TLS_ST_SR_CLNT_HELLO:
return tls_post_process_client_hello(s, wst);
@@ -968,7 +968,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
* use version from inside client hello, not from record header (may
* differ: see RFC 2246, Appendix E, second paragraph)
*/
- if(!PACKET_get_net_2(pkt, (unsigned int *)&s->client_version)) {
+ if (!PACKET_get_net_2(pkt, (unsigned int *)&s->client_version)) {
al = SSL_AD_DECODE_ERROR;
SSLerr(SSL_F_TLS_PROCESS_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT);
goto f_err;
@@ -3236,7 +3236,7 @@ STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,
if ((skp == NULL) || (*skp == NULL)) {
sk = sk_SSL_CIPHER_new_null(); /* change perhaps later */
- if(sk == NULL) {
+ if (sk == NULL) {
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST, ERR_R_MALLOC_FAILURE);
*al = SSL_AD_INTERNAL_ERROR;
return NULL;
diff --git a/test/asynctest.c b/test/asynctest.c
index 026536b..5057ce1 100644
--- a/test/asynctest.c
+++ b/test/asynctest.c
@@ -56,7 +56,7 @@ static int waitfd(void *args)
waitctx = ASYNC_get_wait_ctx(job);
if (waitctx == NULL)
return 0;
- if(!ASYNC_WAIT_CTX_set_wait_fd(waitctx, waitctx, MAGIC_WAIT_FD, NULL, NULL))
+ if (!ASYNC_WAIT_CTX_set_wait_fd(waitctx, waitctx, MAGIC_WAIT_FD, NULL, NULL))
return 0;
ASYNC_pause_job();
diff --git a/test/verify_extra_test.c b/test/verify_extra_test.c
index cbc6d8c..cc05bc2 100644
--- a/test/verify_extra_test.c
+++ b/test/verify_extra_test.c
@@ -122,7 +122,7 @@ static int test_alt_chains_cert_forgery(const char *roots_f,
i = X509_verify_cert(sctx);
- if(i == 0 && X509_STORE_CTX_get_error(sctx) == X509_V_ERR_INVALID_CA) {
+ if (i == 0 && X509_STORE_CTX_get_error(sctx) == X509_V_ERR_INVALID_CA) {
/* This is the result we were expecting: Test passed */
ret = 1;
}
More information about the openssl-commits
mailing list