> On 26 Aug 2022, at 07:01, Maxim Dounin <mdou...@mdounin.ru> wrote: > > # HG changeset patch > # User Maxim Dounin <mdou...@mdounin.ru> > # Date 1661481953 -10800 > # Fri Aug 26 05:45:53 2022 +0300 > # Node ID 84919c2ee8173f704649a8cb4901887e1bf79588 > # Parent d5c6eae914325fb6a9b19105fe09aecd04da21e2 > SSL: style. > > Runtime OCSP functions separated from configuration ones. > > diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h > --- a/src/event/ngx_event_openssl.h > +++ b/src/event/ngx_event_openssl.h > @@ -205,10 +205,12 @@ ngx_int_t ngx_ssl_ocsp(ngx_conf_t *cf, n > ngx_uint_t depth, ngx_shm_zone_t *shm_zone); > ngx_int_t ngx_ssl_ocsp_resolver(ngx_conf_t *cf, ngx_ssl_t *ssl, > ngx_resolver_t *resolver, ngx_msec_t resolver_timeout); > + > ngx_int_t ngx_ssl_ocsp_validate(ngx_connection_t *c); > ngx_int_t ngx_ssl_ocsp_get_status(ngx_connection_t *c, const char **s); > void ngx_ssl_ocsp_cleanup(ngx_connection_t *c); > ngx_int_t ngx_ssl_ocsp_cache_init(ngx_shm_zone_t *shm_zone, void *data); > + > ngx_array_t *ngx_ssl_read_password_file(ngx_conf_t *cf, ngx_str_t *file); > ngx_array_t *ngx_ssl_preserve_passwords(ngx_conf_t *cf, > ngx_array_t *passwords); >
Speaking of style, this reminds me of various more style issues. # HG changeset patch # User Sergey Kandaurov <pluk...@nginx.com> # Date 1663066823 -14400 # Tue Sep 13 15:00:23 2022 +0400 # Node ID e3da137555cfb6a3eb80aae196a49b945a4f5048 # Parent 3b0846bd090e06cf277879d4ba4a67a0a2569233 SSL: style. Using suitable naming for SSL_CTX variables. diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -64,7 +64,7 @@ static ngx_ssl_session_t *ngx_ssl_get_ca const #endif u_char *id, int len, int *copy); -static void ngx_ssl_remove_session(SSL_CTX *ssl, ngx_ssl_session_t *sess); +static void ngx_ssl_remove_session(SSL_CTX *ssl_ctx, ngx_ssl_session_t *sess); static void ngx_ssl_expire_sessions(ngx_ssl_session_cache_t *cache, ngx_slab_pool_t *shpool, ngx_uint_t n); static void ngx_ssl_session_rbtree_insert_value(ngx_rbtree_node_t *temp, @@ -4050,16 +4050,16 @@ done: void -ngx_ssl_remove_cached_session(SSL_CTX *ssl, ngx_ssl_session_t *sess) +ngx_ssl_remove_cached_session(SSL_CTX *ssl_ctx, ngx_ssl_session_t *sess) { - SSL_CTX_remove_session(ssl, sess); - - ngx_ssl_remove_session(ssl, sess); + SSL_CTX_remove_session(ssl_ctx, sess); + + ngx_ssl_remove_session(ssl_ctx, sess); } static void -ngx_ssl_remove_session(SSL_CTX *ssl, ngx_ssl_session_t *sess) +ngx_ssl_remove_session(SSL_CTX *ssl_ctx, ngx_ssl_session_t *sess) { u_char *id; uint32_t hash; @@ -4071,7 +4071,7 @@ ngx_ssl_remove_session(SSL_CTX *ssl, ngx ngx_ssl_sess_id_t *sess_id; ngx_ssl_session_cache_t *cache; - shm_zone = SSL_CTX_get_ex_data(ssl, ngx_ssl_session_cache_index); + shm_zone = SSL_CTX_get_ex_data(ssl_ctx, ngx_ssl_session_cache_index); if (shm_zone == NULL) { return; diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h --- a/src/event/ngx_event_openssl.h +++ b/src/event/ngx_event_openssl.h @@ -233,7 +233,7 @@ ngx_int_t ngx_ssl_session_cache_init(ngx ngx_int_t ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c, ngx_uint_t flags); -void ngx_ssl_remove_cached_session(SSL_CTX *ssl, ngx_ssl_session_t *sess); +void ngx_ssl_remove_cached_session(SSL_CTX *ssl_ctx, ngx_ssl_session_t *sess); ngx_int_t ngx_ssl_set_session(ngx_connection_t *c, ngx_ssl_session_t *session); ngx_ssl_session_t *ngx_ssl_get_session(ngx_connection_t *c); ngx_ssl_session_t *ngx_ssl_get0_session(ngx_connection_t *c); # HG changeset patch # User Sergey Kandaurov <pluk...@nginx.com> # Date 1663199989 -14400 # Thu Sep 15 03:59:49 2022 +0400 # Node ID b13b26ab24e9f12a808301bf4c8713d52c7944aa # Parent e3da137555cfb6a3eb80aae196a49b945a4f5048 SSL: fixed indentation. diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -998,12 +998,12 @@ static int ngx_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store) { #if (NGX_DEBUG) + int err, depth; char *subject, *issuer; - int err, depth; X509 *cert; X509_NAME *sname, *iname; + ngx_ssl_conn_t *ssl_conn; ngx_connection_t *c; - ngx_ssl_conn_t *ssl_conn; ssl_conn = X509_STORE_CTX_get_ex_data(x509_store, SSL_get_ex_data_X509_STORE_CTX_idx()); @@ -2274,8 +2274,8 @@ ngx_ssl_recv(ngx_connection_t *c, u_char static ssize_t ngx_ssl_recv_early(ngx_connection_t *c, u_char *buf, size_t size) { - int n, bytes; - size_t readbytes; + int n, bytes; + size_t readbytes; if (c->ssl->last == NGX_ERROR) { c->read->error = 1; @@ -2528,9 +2528,9 @@ ngx_chain_t * ngx_ssl_send_chain(ngx_connection_t *c, ngx_chain_t *in, off_t limit) { int n; - ngx_uint_t flush; ssize_t send, size, file_size; ngx_buf_t *buf; + ngx_uint_t flush; ngx_chain_t *cl; if (!c->ssl->buffer) { @@ -3491,9 +3491,9 @@ ngx_ssl_error(ngx_uint_t level, ngx_log_ { int flags; u_long n; - va_list args; u_char *p, *last; u_char errstr[NGX_MAX_CONF_ERRSTR]; + va_list args; const char *data; last = errstr + NGX_MAX_CONF_ERRSTR; @@ -3809,12 +3809,12 @@ ngx_ssl_new_session(ngx_ssl_conn_t *ssl_ int len; u_char *p, *session_id; size_t n; + SSL_CTX *ssl_ctx; uint32_t hash; - SSL_CTX *ssl_ctx; unsigned int session_id_length; ngx_shm_zone_t *shm_zone; + ngx_slab_pool_t *shpool; ngx_connection_t *c; - ngx_slab_pool_t *shpool; ngx_ssl_sess_id_t *sess_id; ngx_ssl_session_cache_t *cache; @@ -3959,12 +3959,12 @@ ngx_ssl_get_cached_session(ngx_ssl_conn_ const u_char *p; ngx_shm_zone_t *shm_zone; ngx_slab_pool_t *shpool; + ngx_connection_t *c; ngx_rbtree_node_t *node, *sentinel; ngx_ssl_session_t *sess; ngx_ssl_sess_id_t *sess_id; ngx_ssl_session_cache_t *cache; u_char buf[NGX_SSL_MAX_SESSION_SIZE]; - ngx_connection_t *c; hash = ngx_crc32_short((u_char *) (uintptr_t) id, (size_t) len); *copy = 0; @@ -4500,7 +4500,7 @@ ngx_ssl_session_ticket_key_callback(ngx_ static void ngx_ssl_session_ticket_keys_cleanup(void *data) { - ngx_array_t *keys = data; + ngx_array_t *keys = data; ngx_explicit_memzero(keys->elts, keys->nelts * sizeof(ngx_ssl_session_ticket_key_t)); @@ -4525,7 +4525,7 @@ ngx_ssl_session_ticket_keys(ngx_conf_t * void ngx_ssl_cleanup_ctx(void *data) { - ngx_ssl_t *ssl = data; + ngx_ssl_t *ssl = data; X509 *cert, *next; @@ -4544,7 +4544,7 @@ ngx_ssl_cleanup_ctx(void *data) ngx_int_t ngx_ssl_check_host(ngx_connection_t *c, ngx_str_t *name) { - X509 *cert; + X509 *cert; cert = SSL_get_peer_certificate(c->ssl->connection); if (cert == NULL) { @@ -4575,8 +4575,8 @@ ngx_ssl_check_host(ngx_connection_t *c, int n, i; X509_NAME *sname; ASN1_STRING *str; + GENERAL_NAME *altname; X509_NAME_ENTRY *entry; - GENERAL_NAME *altname; STACK_OF(GENERAL_NAME) *altnames; /* @@ -4851,9 +4851,9 @@ ngx_ssl_get_curves(ngx_connection_t *c, { #ifdef SSL_CTRL_GET_CURVES - int *curves, n, i, nid; - u_char *p; - size_t len; + int *curves, n, i, nid; + u_char *p; + size_t len; n = SSL_get1_curves(c->ssl->connection, NULL); @@ -5046,9 +5046,9 @@ ngx_ssl_get_alpn_protocol(ngx_connection ngx_int_t ngx_ssl_get_raw_certificate(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) { - size_t len; BIO *bio; X509 *cert; + size_t len; s->len = 0; @@ -5098,8 +5098,8 @@ ngx_ssl_get_certificate(ngx_connection_t { u_char *p; size_t len; + ngx_str_t cert; ngx_uint_t i; - ngx_str_t cert; if (ngx_ssl_get_raw_certificate(c, pool, &cert) != NGX_OK) { return NGX_ERROR; @@ -5280,8 +5280,8 @@ ngx_ssl_get_subject_dn_legacy(ngx_connec ngx_str_t *s) { char *p; + X509 *cert; size_t len; - X509 *cert; X509_NAME *name; s->len = 0; @@ -5328,8 +5328,8 @@ ngx_ssl_get_issuer_dn_legacy(ngx_connect ngx_str_t *s) { char *p; + X509 *cert; size_t len; - X509 *cert; X509_NAME *name; s->len = 0; @@ -5374,9 +5374,9 @@ ngx_ssl_get_issuer_dn_legacy(ngx_connect ngx_int_t ngx_ssl_get_serial_number(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s) { - size_t len; + BIO *bio; X509 *cert; - BIO *bio; + size_t len; s->len = 0; -- Sergey Kandaurov _______________________________________________ nginx-devel mailing list -- nginx-devel@nginx.org To unsubscribe send an email to nginx-devel-le...@nginx.org