sslext.c

costin Wed, 22 Feb 2012 07:06:32 -0800

Author: costin
Date: Wed Feb 22 15:06:05 2012
New Revision: 1292337

URL: http://svn.apache.org/viewvc?rev=1292337&view=rev
Log:
Fix indentation, comments.


Modified:
    tomcat/native/trunk/native/src/sslext.c

Modified: tomcat/native/trunk/native/src/sslext.c
URL: 
http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslext.c?rev=1292337&r1=1292336&r2=1292337&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/sslext.c (original)
+++ tomcat/native/trunk/native/src/sslext.c Wed Feb 22 15:06:05 2012
@@ -31,579 +31,576 @@
 
 TCN_IMPLEMENT_CALL(jint, SSLExt, setSessionData)(TCN_STDARGS, jlong tcsock, 
jbyteArray buf, jint len)
 {
-       tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-       tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
-       jbyte bytes[TCN_BUFFER_SZ];
-       const jbyte *bytesp = &bytes[0];
-
-       if (len > TCN_BUFFER_SZ) {
-               return -1;
-       }
-       (*e)->GetByteArrayRegion(e, buf, 0, len, bytes);
-       SSL_SESSION* ssl_session = d2i_SSL_SESSION(NULL, (const unsigned char 
**)&bytesp, len);
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    jbyte bytes[TCN_BUFFER_SZ];
+    const jbyte *bytesp = &bytes[0];
+
+    if (len > TCN_BUFFER_SZ) {
+        return -1;
+    }
+    (*e)->GetByteArrayRegion(e, buf, 0, len, bytes);
+    SSL_SESSION* ssl_session = d2i_SSL_SESSION(NULL, (const unsigned char 
**)&bytesp, len);
 
-       SSL_set_session(tcssl->ssl, ssl_session);
-       return 0;
+    SSL_set_session(tcssl->ssl, ssl_session);
+    return 0;
 }
 
 TCN_IMPLEMENT_CALL(jbyteArray, SSLExt, getSessionData)(TCN_STDARGS, jlong 
tcsock)
 {
-       tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-       tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
-       SSL_SESSION *sess = SSL_get_session(tcssl->ssl);
-
-       int size = i2d_SSL_SESSION(sess, NULL);
-       if (size == 0 || size > TCN_BUFFER_SZ) {
-               return NULL;
-       }
-
-       jbyteArray javaBytes = (*e)->NewByteArray(e, size);
-       if (javaBytes != NULL) {
-               jbyte bytes[TCN_BUFFER_SZ];
-               unsigned char *bytesp = (unsigned char *)&bytes[0];
-
-               i2d_SSL_SESSION(sess, &bytesp);
-               (*e)->SetByteArrayRegion(e, javaBytes, 0, size, bytes);
-       }
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    SSL_SESSION *sess = SSL_get_session(tcssl->ssl);
+
+    int size = i2d_SSL_SESSION(sess, NULL);
+    if (size == 0 || size > TCN_BUFFER_SZ) {
+        return NULL;
+    }
+
+    jbyteArray javaBytes = (*e)->NewByteArray(e, size);
+    if (javaBytes != NULL) {
+        jbyte bytes[TCN_BUFFER_SZ];
+        unsigned char *bytesp = (unsigned char *)&bytes[0];
+
+        i2d_SSL_SESSION(sess, &bytesp);
+        (*e)->SetByteArrayRegion(e, javaBytes, 0, size, bytes);
+    }
 
-       return javaBytes;
+    return javaBytes;
 }
 
 TCN_IMPLEMENT_CALL(jint, SSLExt, getTicket)(TCN_STDARGS, jlong tcsock, 
jbyteArray buf)
 {
-       tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-       tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
-       int bufLen = (*e)->GetArrayLength(e, buf);
-
-       SSL_SESSION *x = SSL_get_session(tcssl->ssl);
-
-       if (!x->tlsext_tick || x->tlsext_ticklen > bufLen) {
-               return 0;
-       }
-       (*e)->SetByteArrayRegion(e, buf, 0, x->tlsext_ticklen, (jbyte *) 
&x->tlsext_tick[0]);
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    int bufLen = (*e)->GetArrayLength(e, buf);
+
+    SSL_SESSION *x = SSL_get_session(tcssl->ssl);
+
+    if (!x->tlsext_tick || x->tlsext_ticklen > bufLen) {
+        return 0;
+    }
+    (*e)->SetByteArrayRegion(e, buf, 0, x->tlsext_ticklen, (jbyte *) 
&x->tlsext_tick[0]);
 
-       return x->tlsext_ticklen;
+    return x->tlsext_ticklen;
 }
 
 TCN_IMPLEMENT_CALL(jint, SSLExt, setTicket)(TCN_STDARGS, jlong tcsock, 
jbyteArray buf,
-               jint len)
+        jint len)
 {
-       tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-       tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
 
-       char * requestedTicket = apr_pcalloc(tcssl->pool, len);
-       (*e)->GetByteArrayRegion(e, buf, 0, len, (jbyte *) requestedTicket);
-       SSL_set_session_ticket_ext(tcssl->ssl, requestedTicket, len);
-       return 0;
+    jbyte * requestedTicket = apr_pcalloc(tcssl->pool, len);
+    (*e)->GetByteArrayRegion(e, buf, 0, len, (jbyte *) requestedTicket);
+    SSL_set_session_ticket_ext(tcssl->ssl, requestedTicket, len);
+    return 0;
 }
 
 TCN_IMPLEMENT_CALL(jint, SSLExt, setTicketKeys)(TCN_STDARGS, jlong tc_ssl_ctx, 
jbyteArray buf, jint len)
 {
-       tcn_ssl_ctxt_t *sslctx = J2P(tc_ssl_ctx, tcn_ssl_ctxt_t *);
-       unsigned char keys[48];
+    tcn_ssl_ctxt_t *sslctx = J2P(tc_ssl_ctx, tcn_ssl_ctxt_t *);
+    unsigned char keys[48];
 
-       (*e)->GetByteArrayRegion(e, buf, 0, 48, (jbyte *) keys);
+    (*e)->GetByteArrayRegion(e, buf, 0, 48, (jbyte *) keys);
 
-       SSL_CTX_set_tlsext_ticket_keys(sslctx->ctx, keys, sizeof(keys));
-       return 0;
+    SSL_CTX_set_tlsext_ticket_keys(sslctx->ctx, keys, sizeof(keys));
+    return 0;
 }
 
-// Debug code - copied from openssl app
+/* Debug code - copied from openssl app */
 
 long bio_dump_callback(BIO *bio, int cmd, const char *argp,
-               int argi, long argl, long ret)
+        int argi, long argl, long ret)
 {
-       BIO *out;
+    BIO *out;
 
-       out=(BIO *)BIO_get_callback_arg(bio);
-       if (out == NULL) return(ret);
+    out=(BIO *)BIO_get_callback_arg(bio);
+    if (out == NULL) return(ret);
 
-       if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
-       {
-               BIO_printf(out,"SSL read from %p [%p] (%lu bytes => %ld 
(0x%lX))\n",
-                               (void *)bio,argp,(unsigned long)argi,ret,ret);
-               BIO_dump(out,argp,(int)ret);
-               return(ret);
-       }
-       else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
-       {
-               BIO_printf(out,"SSL write to %p [%p] (%lu bytes => %ld 
(0x%lX))\n",
-                               (void *)bio,argp,(unsigned long)argi,ret,ret);
-               BIO_dump(out,argp,(int)ret);
-       }
-       return(ret);
+    if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
+    {
+        BIO_printf(out,"SSL read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
+                (void *)bio,argp,(unsigned long)argi,ret,ret);
+        BIO_dump(out,argp,(int)ret);
+        return(ret);
+    }
+    else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
+    {
+        BIO_printf(out,"SSL write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
+                (void *)bio,argp,(unsigned long)argi,ret,ret);
+        BIO_dump(out,argp,(int)ret);
+    }
+    return(ret);
 }
 
 void msg_cb(int write_p, int version, int content_type,
-               const void *buf, size_t len, SSL *ssl, void *arg)
+        const void *buf, size_t len, SSL *ssl, void *arg)
 {
-       BIO *bio = arg;
-       const char *str_write_p, *str_version, *str_content_type = "", 
*str_details1 = "", *str_details2= "";
+    BIO *bio = arg;
+    const char *str_write_p, *str_version, *str_content_type = "", 
*str_details1 = "", *str_details2= "";
 
-       str_write_p = write_p ? ">>>" : "<<<";
+    str_write_p = write_p ? ">>>" : "<<<";
 
-       switch (version)
-       {
-               case SSL2_VERSION:
-               str_version = "SSL 2.0";
-               break;
-               case SSL3_VERSION:
-               str_version = "SSL 3.0 ";
-               break;
-               case TLS1_VERSION:
-               str_version = "TLS 1.0 ";
-               break;
-               case DTLS1_VERSION:
-               str_version = "DTLS 1.0 ";
-               break;
-               case DTLS1_BAD_VER:
-               str_version = "DTLS 1.0 (bad) ";
-               break;
-               default:
-               str_version = "???";
-       }
-
-       if (version == SSL2_VERSION)
-       {
-               str_details1 = "???";
-
-               if (len > 0)
-               {
-                       switch (((const unsigned char*)buf)[0])
-                       {
-                               case 0:
-                               str_details1 = ", ERROR:";
-                               str_details2 = " ???";
-                               if (len >= 3)
-                               {
-                                       unsigned err = (((const unsigned 
char*)buf)[1]<<8) + ((const unsigned char*)buf)[2];
-
-                                       switch (err)
-                                       {
-                                               case 0x0001:
-                                               str_details2 = " 
NO-CIPHER-ERROR";
-                                               break;
-                                               case 0x0002:
-                                               str_details2 = " 
NO-CERTIFICATE-ERROR";
-                                               break;
-                                               case 0x0004:
-                                               str_details2 = " 
BAD-CERTIFICATE-ERROR";
-                                               break;
-                                               case 0x0006:
-                                               str_details2 = " 
UNSUPPORTED-CERTIFICATE-TYPE-ERROR";
-                                               break;
-                                       }
-                               }
-
-                               break;
-                               case 1:
-                               str_details1 = ", CLIENT-HELLO";
-                               break;
-                               case 2:
-                               str_details1 = ", CLIENT-MASTER-KEY";
-                               break;
-                               case 3:
-                               str_details1 = ", CLIENT-FINISHED";
-                               break;
-                               case 4:
-                               str_details1 = ", SERVER-HELLO";
-                               break;
-                               case 5:
-                               str_details1 = ", SERVER-VERIFY";
-                               break;
-                               case 6:
-                               str_details1 = ", SERVER-FINISHED";
-                               break;
-                               case 7:
-                               str_details1 = ", REQUEST-CERTIFICATE";
-                               break;
-                               case 8:
-                               str_details1 = ", CLIENT-CERTIFICATE";
-                               break;
-                       }
-               }
-       }
-
-       if (version == SSL3_VERSION ||
-                       version == TLS1_VERSION ||
-                       version == DTLS1_VERSION ||
-                       version == DTLS1_BAD_VER)
-       {
-               switch (content_type)
-               {
-                       case 20:
-                       str_content_type = "ChangeCipherSpec";
-                       break;
-                       case 21:
-                       str_content_type = "Alert";
-                       break;
-                       case 22:
-                       str_content_type = "Handshake";
-                       break;
-               }
-
-               if (content_type == 21) /* Alert */
-               {
-                       str_details1 = ", ???";
-
-                       if (len == 2)
-                       {
-                               switch (((const unsigned char*)buf)[0])
-                               {
-                                       case 1:
-                                       str_details1 = ", warning";
-                                       break;
-                                       case 2:
-                                       str_details1 = ", fatal";
-                                       break;
-                               }
-
-                               str_details2 = " ???";
-                               switch (((const unsigned char*)buf)[1])
-                               {
-                                       case 0:
-                                       str_details2 = " close_notify";
-                                       break;
-                                       case 10:
-                                       str_details2 = " unexpected_message";
-                                       break;
-                                       case 20:
-                                       str_details2 = " bad_record_mac";
-                                       break;
-                                       case 21:
-                                       str_details2 = " decryption_failed";
-                                       break;
-                                       case 22:
-                                       str_details2 = " record_overflow";
-                                       break;
-                                       case 30:
-                                       str_details2 = " decompression_failure";
-                                       break;
-                                       case 40:
-                                       str_details2 = " handshake_failure";
-                                       break;
-                                       case 42:
-                                       str_details2 = " bad_certificate";
-                                       break;
-                                       case 43:
-                                       str_details2 = " 
unsupported_certificate";
-                                       break;
-                                       case 44:
-                                       str_details2 = " certificate_revoked";
-                                       break;
-                                       case 45:
-                                       str_details2 = " certificate_expired";
-                                       break;
-                                       case 46:
-                                       str_details2 = " certificate_unknown";
-                                       break;
-                                       case 47:
-                                       str_details2 = " illegal_parameter";
-                                       break;
-                                       case 48:
-                                       str_details2 = " unknown_ca";
-                                       break;
-                                       case 49:
-                                       str_details2 = " access_denied";
-                                       break;
-                                       case 50:
-                                       str_details2 = " decode_error";
-                                       break;
-                                       case 51:
-                                       str_details2 = " decrypt_error";
-                                       break;
-                                       case 60:
-                                       str_details2 = " export_restriction";
-                                       break;
-                                       case 70:
-                                       str_details2 = " protocol_version";
-                                       break;
-                                       case 71:
-                                       str_details2 = " insufficient_security";
-                                       break;
-                                       case 80:
-                                       str_details2 = " internal_error";
-                                       break;
-                                       case 90:
-                                       str_details2 = " user_canceled";
-                                       break;
-                                       case 100:
-                                       str_details2 = " no_renegotiation";
-                                       break;
-                                       case 110:
-                                       str_details2 = " unsupported_extension";
-                                       break;
-                                       case 111:
-                                       str_details2 = " 
certificate_unobtainable";
-                                       break;
-                                       case 112:
-                                       str_details2 = " unrecognized_name";
-                                       break;
-                                       case 113:
-                                       str_details2 = " 
bad_certificate_status_response";
-                                       break;
-                                       case 114:
-                                       str_details2 = " 
bad_certificate_hash_value";
-                                       break;
-                               }
-                       }
-               }
-
-               if (content_type == 22) /* Handshake */
-               {
-                       str_details1 = "???";
-
-                       if (len > 0)
-                       {
-                               switch (((const unsigned char*)buf)[0])
-                               {
-                                       case 0:
-                                       str_details1 = ", HelloRequest";
-                                       break;
-                                       case 1:
-                                       str_details1 = ", ClientHello";
-                                       break;
-                                       case 2:
-                                       str_details1 = ", ServerHello";
-                                       break;
-                                       case 3:
-                                       str_details1 = ", HelloVerifyRequest";
-                                       break;
-                                       case 11:
-                                       str_details1 = ", Certificate";
-                                       break;
-                                       case 12:
-                                       str_details1 = ", ServerKeyExchange";
-                                       break;
-                                       case 13:
-                                       str_details1 = ", CertificateRequest";
-                                       break;
-                                       case 14:
-                                       str_details1 = ", ServerHelloDone";
-                                       break;
-                                       case 15:
-                                       str_details1 = ", CertificateVerify";
-                                       break;
-                                       case 16:
-                                       str_details1 = ", ClientKeyExchange";
-                                       break;
-                                       case 20:
-                                       str_details1 = ", Finished";
-                                       break;
-                               }
-                       }
-               }
-       }
-
-       BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, 
str_version, str_content_type, (unsigned long)len, str_details1, str_details2);
-
-       if (len > 0)
-       {
-               size_t num, i;
+    switch (version)
+    {
+        case SSL2_VERSION:
+        str_version = "SSL 2.0";
+        break;
+        case SSL3_VERSION:
+        str_version = "SSL 3.0 ";
+        break;
+        case TLS1_VERSION:
+        str_version = "TLS 1.0 ";
+        break;
+        case DTLS1_VERSION:
+        str_version = "DTLS 1.0 ";
+        break;
+        case DTLS1_BAD_VER:
+        str_version = "DTLS 1.0 (bad) ";
+        break;
+        default:
+        str_version = "???";
+    }
+
+    if (version == SSL2_VERSION)
+    {
+        str_details1 = "???";
+
+        if (len > 0)
+        {
+            switch (((const unsigned char*)buf)[0])
+            {
+                case 0:
+                str_details1 = ", ERROR:";
+                str_details2 = " ???";
+                if (len >= 3)
+                {
+                    unsigned err = (((const unsigned char*)buf)[1]<<8) + 
((const unsigned char*)buf)[2];
+
+                    switch (err)
+                    {
+                        case 0x0001:
+                        str_details2 = " NO-CIPHER-ERROR";
+                        break;
+                        case 0x0002:
+                        str_details2 = " NO-CERTIFICATE-ERROR";
+                        break;
+                        case 0x0004:
+                        str_details2 = " BAD-CERTIFICATE-ERROR";
+                        break;
+                        case 0x0006:
+                        str_details2 = " UNSUPPORTED-CERTIFICATE-TYPE-ERROR";
+                        break;
+                    }
+                }
+
+                break;
+                case 1:
+                str_details1 = ", CLIENT-HELLO";
+                break;
+                case 2:
+                str_details1 = ", CLIENT-MASTER-KEY";
+                break;
+                case 3:
+                str_details1 = ", CLIENT-FINISHED";
+                break;
+                case 4:
+                str_details1 = ", SERVER-HELLO";
+                break;
+                case 5:
+                str_details1 = ", SERVER-VERIFY";
+                break;
+                case 6:
+                str_details1 = ", SERVER-FINISHED";
+                break;
+                case 7:
+                str_details1 = ", REQUEST-CERTIFICATE";
+                break;
+                case 8:
+                str_details1 = ", CLIENT-CERTIFICATE";
+                break;
+            }
+        }
+    }
+
+    if (version == SSL3_VERSION ||
+            version == TLS1_VERSION ||
+            version == DTLS1_VERSION ||
+            version == DTLS1_BAD_VER)
+    {
+        switch (content_type)
+        {
+            case 20:
+            str_content_type = "ChangeCipherSpec";
+            break;
+            case 21:
+            str_content_type = "Alert";
+            break;
+            case 22:
+            str_content_type = "Handshake";
+            break;
+        }
+
+        if (content_type == 21) /* Alert */
+        {
+            str_details1 = ", ???";
+
+            if (len == 2)
+            {
+                switch (((const unsigned char*)buf)[0])
+                {
+                    case 1:
+                    str_details1 = ", warning";
+                    break;
+                    case 2:
+                    str_details1 = ", fatal";
+                    break;
+                }
+
+                str_details2 = " ???";
+                switch (((const unsigned char*)buf)[1])
+                {
+                    case 0:
+                    str_details2 = " close_notify";
+                    break;
+                    case 10:
+                    str_details2 = " unexpected_message";
+                    break;
+                    case 20:
+                    str_details2 = " bad_record_mac";
+                    break;
+                    case 21:
+                    str_details2 = " decryption_failed";
+                    break;
+                    case 22:
+                    str_details2 = " record_overflow";
+                    break;
+                    case 30:
+                    str_details2 = " decompression_failure";
+                    break;
+                    case 40:
+                    str_details2 = " handshake_failure";
+                    break;
+                    case 42:
+                    str_details2 = " bad_certificate";
+                    break;
+                    case 43:
+                    str_details2 = " unsupported_certificate";
+                    break;
+                    case 44:
+                    str_details2 = " certificate_revoked";
+                    break;
+                    case 45:
+                    str_details2 = " certificate_expired";
+                    break;
+                    case 46:
+                    str_details2 = " certificate_unknown";
+                    break;
+                    case 47:
+                    str_details2 = " illegal_parameter";
+                    break;
+                    case 48:
+                    str_details2 = " unknown_ca";
+                    break;
+                    case 49:
+                    str_details2 = " access_denied";
+                    break;
+                    case 50:
+                    str_details2 = " decode_error";
+                    break;
+                    case 51:
+                    str_details2 = " decrypt_error";
+                    break;
+                    case 60:
+                    str_details2 = " export_restriction";
+                    break;
+                    case 70:
+                    str_details2 = " protocol_version";
+                    break;
+                    case 71:
+                    str_details2 = " insufficient_security";
+                    break;
+                    case 80:
+                    str_details2 = " internal_error";
+                    break;
+                    case 90:
+                    str_details2 = " user_canceled";
+                    break;
+                    case 100:
+                    str_details2 = " no_renegotiation";
+                    break;
+                    case 110:
+                    str_details2 = " unsupported_extension";
+                    break;
+                    case 111:
+                    str_details2 = " certificate_unobtainable";
+                    break;
+                    case 112:
+                    str_details2 = " unrecognized_name";
+                    break;
+                    case 113:
+                    str_details2 = " bad_certificate_status_response";
+                    break;
+                    case 114:
+                    str_details2 = " bad_certificate_hash_value";
+                    break;
+                }
+            }
+        }
+
+        if (content_type == 22) /* Handshake */
+        {
+            str_details1 = "???";
+
+            if (len > 0)
+            {
+                switch (((const unsigned char*)buf)[0])
+                {
+                    case 0:
+                    str_details1 = ", HelloRequest";
+                    break;
+                    case 1:
+                    str_details1 = ", ClientHello";
+                    break;
+                    case 2:
+                    str_details1 = ", ServerHello";
+                    break;
+                    case 3:
+                    str_details1 = ", HelloVerifyRequest";
+                    break;
+                    case 11:
+                    str_details1 = ", Certificate";
+                    break;
+                    case 12:
+                    str_details1 = ", ServerKeyExchange";
+                    break;
+                    case 13:
+                    str_details1 = ", CertificateRequest";
+                    break;
+                    case 14:
+                    str_details1 = ", ServerHelloDone";
+                    break;
+                    case 15:
+                    str_details1 = ", CertificateVerify";
+                    break;
+                    case 16:
+                    str_details1 = ", ClientKeyExchange";
+                    break;
+                    case 20:
+                    str_details1 = ", Finished";
+                    break;
+                }
+            }
+        }
+    }
+
+    BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version, 
str_content_type, (unsigned long)len, str_details1, str_details2);
+
+    if (len > 0)
+    {
+        size_t num, i;
 
-               BIO_printf(bio, "   ");
-               num = len;
+        BIO_printf(bio, "   ");
+        num = len;
 #if 0
-               if (num > 16)
-               num = 16;
+        if (num > 16)
+        num = 16;
 #endif
-               for (i = 0; i < num; i++)
-               {
-                       if (i % 16 == 0 && i > 0)
-                       BIO_printf(bio, "\n   ");
-                       BIO_printf(bio, " %02x", ((const unsigned 
char*)buf)[i]);
-               }
-               if (i < len)
-               BIO_printf(bio, " ...");
-               BIO_printf(bio, "\n");
-       }
-       (void)BIO_flush(bio);
+        for (i = 0; i < num; i++)
+        {
+            if (i % 16 == 0 && i > 0)
+            BIO_printf(bio, "\n   ");
+            BIO_printf(bio, " %02x", ((const unsigned char*)buf)[i]);
+        }
+        if (i < len)
+        BIO_printf(bio, " ...");
+        BIO_printf(bio, "\n");
+    }
+    (void)BIO_flush(bio);
 }
 
 TCN_IMPLEMENT_CALL(jint, SSLExt, debug)(TCN_STDARGS, jlong tcsock)
 {
-       tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-       tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
 
-       BIO_set_callback(SSL_get_rbio(tcssl->ssl), bio_dump_callback);
-       BIO_set_callback(SSL_get_wbio(tcssl->ssl), bio_dump_callback);
+    BIO_set_callback(SSL_get_rbio(tcssl->ssl), bio_dump_callback);
+    BIO_set_callback(SSL_get_wbio(tcssl->ssl), bio_dump_callback);
 
-       BIO_set_callback_arg(SSL_get_rbio(tcssl->ssl), (char *) 
tcssl->ctx->bio_os);
-       BIO_set_callback_arg(SSL_get_wbio(tcssl->ssl), (char *) 
tcssl->ctx->bio_os);
+    BIO_set_callback_arg(SSL_get_rbio(tcssl->ssl), (char *) 
tcssl->ctx->bio_os);
+    BIO_set_callback_arg(SSL_get_wbio(tcssl->ssl), (char *) 
tcssl->ctx->bio_os);
 
-       SSL_set_msg_callback(tcssl->ssl, msg_cb);
-       SSL_set_msg_callback_arg(tcssl->ssl, (char *) tcssl->ctx->bio_os);
-       return 0;
+    SSL_set_msg_callback(tcssl->ssl, msg_cb);
+    SSL_set_msg_callback_arg(tcssl->ssl, (char *) tcssl->ctx->bio_os);
+    return 0;
 }
 
 TCN_IMPLEMENT_CALL( jint, SSLExt, sslSetMode)(TCN_STDARGS, jlong tcsock, jint 
jmode)
 {
-       tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-       tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
-       int mode = SSL_get_mode(tcssl->ssl);
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    int mode = SSL_get_mode(tcssl->ssl);
 
-       mode |= jmode;
-       SSL_set_mode(tcssl->ssl, mode);
+    mode |= jmode;
+    SSL_set_mode(tcssl->ssl, mode);
 
-       return mode;
+    return mode;
 }
 
-
 #else
 
 /* OpenSSL is not supported.
  * Create empty stubs.
  */
-TCN_IMPLEMENT_CALL( jint, SSLExt, debug)(TCN_STDARGS, jlong tcsock)
-{
-       return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL( jint, SSLExt, debug)(TCN_STDARGS, jlong tcsock) {
+    return (jint) -APR_ENOTIMPL;
 }
 
-TCN_IMPLEMENT_CALL( jint, SSLExt, setSessionData)(TCN_STDARGS, jlong tcsock, 
jbyteArray buf, jint len)
-{
-       return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL( jint, SSLExt, setSessionData)(TCN_STDARGS, jlong tcsock,
+        jbyteArray buf, jint len) {
+    return (jint) -APR_ENOTIMPL;
 }
 
-TCN_IMPLEMENT_CALL( jbyteArray, SSLExt, getSessionData)(TCN_STDARGS, jlong 
tcsock)
-{
-       return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL( jbyteArray, SSLExt, getSessionData)(TCN_STDARGS,
+        jlong tcsock) {
+    return (jint) -APR_ENOTIMPL;
 }
 
-TCN_IMPLEMENT_CALL( jint, SSLExt, getTicket)(TCN_STDARGS, jlong tcsock, 
jbyteArray buf)
-{
-       return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL( jint, SSLExt, getTicket)(TCN_STDARGS, jlong tcsock,
+        jbyteArray buf) {
+    return (jint) -APR_ENOTIMPL;
 }
 
-TCN_IMPLEMENT_CALL( jint, SSLExt, setTicket)(TCN_STDARGS, jlong tcsock, 
jbyteArray buf, jint len)
-{
-       return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL( jint, SSLExt, setTicket)(TCN_STDARGS, jlong tcsock,
+        jbyteArray buf, jint len) {
+    return (jint) -APR_ENOTIMPL;
 }
 
-TCN_IMPLEMENT_CALL( jint, SSLExt, setTicketKeys)(TCN_STDARGS, jlong 
tc_ssl_ctx, jbyteArray buf, jint len)
-{
-       return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL( jint, SSLExt, setTicketKeys)(TCN_STDARGS, jlong tc_ssl_ctx,
+        jbyteArray buf, jint len) {
+    return (jint) -APR_ENOTIMPL;
 }
 
-TCN_IMPLEMENT_CALL( jint, SSLExt, sslSetMode)(TCN_STDARGS, jlong tc_ssl_ctx, 
jint mode)
-{
-       return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL( jint, SSLExt, sslSetMode)(TCN_STDARGS, jlong tc_ssl_ctx,
+        jint mode) {
+    return (jint) -APR_ENOTIMPL;
 }
 
 #endif
 
-// if ssl is not available - this will not be defined
+/* if ssl is not available - this will not be defined */
 #ifdef SSL_set_tlsext_host_name
 TCN_IMPLEMENT_CALL(jint, SSLExt, setSNI)(TCN_STDARGS, jlong tcsock, jbyteArray 
buf, jint len)
 {
-       tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-       tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
-       unsigned char bytes[TCN_BUFFER_SZ];
-       const unsigned char *bytesp = &bytes[0];
-
-       if (len > TCN_BUFFER_SZ) {
-               return -1;
-       }
-       (*e)->GetByteArrayRegion(e, buf, 0, len, bytes);
-       SSL_set_tlsext_host_name(tcssl->ssl, &bytesp);
-       return 0;
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    unsigned char bytes[TCN_BUFFER_SZ];
+    const unsigned char *bytesp = &bytes[0];
+
+    if (len > TCN_BUFFER_SZ) {
+        return -1;
+    }
+    (*e)->GetByteArrayRegion(e, buf, 0, len, bytes);
+    SSL_set_tlsext_host_name(tcssl->ssl, &bytesp);
+    return 0;
 }
 #else
-TCN_IMPLEMENT_CALL(jint, SSLExt, setSNI)(TCN_STDARGS, jlong tcsock, jbyteArray 
buf, jint len)
-{
-       return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL(jint, SSLExt, setSNI)(TCN_STDARGS, jlong tcsock,
+        jbyteArray buf, jint len) {
+    return (jint) -APR_ENOTIMPL;
 }
 #endif
 
 #ifdef  OPENSSL_NPN_NEGOTIATED 
-// See ssl_client_socket_openssl.cc
-//     tools/flip_server/spdy_ssl.cc
-
+/* See ssl_client_socket_openssl.cc
+ tools/flip_server/spdy_ssl.cc
+ */
 /** Callback in client mode.
  */
 static int cb_request_npn(SSL *ssl, unsigned char **out, unsigned char *outlen,
-               const unsigned char *in, unsigned int inlen, void *arg)
+        const unsigned char *in, unsigned int inlen, void *arg)
 {
-       tcn_ssl_ctxt_t *tcsslctx = (tcn_ssl_ctxt_t *)arg;
-       /* TODO: verify in contains the protocol... */
+    tcn_ssl_ctxt_t *tcsslctx = (tcn_ssl_ctxt_t *)arg;
+    /* TODO: verify in contains the protocol... */
 
-       /* This callback only returns the protocol string, rather than a length
-        prefixed set. We assume that NEXT_PROTO_STRING is a one element list 
and
-        remove the first byte to chop off the length prefix. */
-       if (tcsslctx->npn != 0) {
-               int status = SSL_select_next_proto(out, outlen, in, inlen,
-                               tcsslctx->npn,
-                               strlen(tcsslctx->npn));
-               switch (status) {
-                       case OPENSSL_NPN_UNSUPPORTED:
-                       break;
-                       case OPENSSL_NPN_NEGOTIATED://1
-                       break;
-                       case OPENSSL_NPN_NO_OVERLAP://2
-                       break;
-               }
-       }
-       return SSL_TLSEXT_ERR_OK;
+    /* This callback only returns the protocol string, rather than a length
+     prefixed set. We assume that NEXT_PROTO_STRING is a one element list and
+     remove the first byte to chop off the length prefix. */
+    if (tcsslctx->npn != 0) {
+        int status = SSL_select_next_proto(out, outlen, in, inlen,
+                tcsslctx->npn,
+                strlen(tcsslctx->npn));
+        switch (status) {
+            case OPENSSL_NPN_UNSUPPORTED:
+            break;
+            case OPENSSL_NPN_NEGOTIATED:
+            break;
+            case OPENSSL_NPN_NO_OVERLAP:
+            break;
+        }
+    }
+    return SSL_TLSEXT_ERR_OK;
 }
 
 static int cb_server_npn(SSL *ssl, const unsigned char **out, unsigned int 
*outlen,
-               void *arg)
+        void *arg)
 {
-       tcn_ssl_ctxt_t *tcsslctx = (tcn_ssl_ctxt_t *)arg;
-       if (tcsslctx->npn != 0) {
-               *out = (unsigned char*) tcsslctx->npn;
-               *outlen = strlen(tcsslctx->npn);
-       }
-       return SSL_TLSEXT_ERR_OK;
+    tcn_ssl_ctxt_t *tcsslctx = (tcn_ssl_ctxt_t *)arg;
+    if (tcsslctx->npn != 0) {
+        *out = (unsigned char*) tcsslctx->npn;
+        *outlen = strlen(tcsslctx->npn);
+    }
+    return SSL_TLSEXT_ERR_OK;
 }
 
 TCN_IMPLEMENT_CALL(jint, SSLExt, setNPN)(TCN_STDARGS, jlong tc_ssl_ctx,
-               jbyteArray buf, jint len)
+        jbyteArray buf, jint len)
 {
-       tcn_ssl_ctxt_t *sslctx = J2P(tc_ssl_ctx, tcn_ssl_ctxt_t *);
+    tcn_ssl_ctxt_t *sslctx = J2P(tc_ssl_ctx, tcn_ssl_ctxt_t *);
 
-       sslctx->npn = apr_pcalloc(sslctx->pool, len);
-       (*e)->GetByteArrayRegion(e, buf, 0, len, &sslctx->npn[0]);
+    sslctx->npn = apr_pcalloc(sslctx->pool, len);
+    (*e)->GetByteArrayRegion(e, buf, 0, len, &sslctx->npn[0]);
 
-       if (sslctx->mode == SSL_MODE_SERVER) {
-               SSL_CTX_set_next_protos_advertised_cb(sslctx->ctx, 
cb_server_npn, sslctx);
-       } else {
-               SSL_CTX_set_next_proto_select_cb(sslctx->ctx, cb_request_npn, 
sslctx);
-       }
-       return 0;
+    if (sslctx->mode == SSL_MODE_SERVER) {
+        SSL_CTX_set_next_protos_advertised_cb(sslctx->ctx, cb_server_npn, 
sslctx);
+    } else {
+        SSL_CTX_set_next_proto_select_cb(sslctx->ctx, cb_request_npn, sslctx);
+    }
+    return 0;
 }
 
 /** Only valid after handshake 
  */
 TCN_IMPLEMENT_CALL(jint, SSLExt, getNPN)(TCN_STDARGS, jlong tcsock, jbyteArray 
buf)
 {
-       const unsigned char *npn;
-       unsigned npn_len;
-       tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-       tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
-       int bufLen = (*e)->GetArrayLength(e, buf);
-
-       SSL_get0_next_proto_negotiated(tcssl->ssl, &npn, &npn_len);
-
-       if (npn_len == 0 || bufLen < npn_len) {
-               return 0;
-       }
-       int len = npn_len;
-       (*e)->SetByteArrayRegion(e, buf, 0, len, npn);
+    const unsigned char *npn;
+    unsigned npn_len;
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    int bufLen = (*e)->GetArrayLength(e, buf);
+
+    SSL_get0_next_proto_negotiated(tcssl->ssl, &npn, &npn_len);
+
+    if (npn_len == 0 || bufLen < npn_len) {
+        return 0;
+    }
+    int len = npn_len;
+    (*e)->SetByteArrayRegion(e, buf, 0, len, npn);
 
-       return len;
+    return len;
 }
 
 #else
 
 TCN_IMPLEMENT_CALL(jint, SSLExt, setNPN)(TCN_STDARGS, jlong tc_ssl_ctx,
-               jbyteArray buf, jint len)
-{
-       return (jint)-APR_ENOTIMPL;
+        jbyteArray buf, jint len) {
+    return (jint) -APR_ENOTIMPL;
 }
 
-TCN_IMPLEMENT_CALL(jint, SSLExt, getNPN)(TCN_STDARGS, jlong tcsock, jbyteArray 
buf)
-{
-       return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL(jint, SSLExt, getNPN)(TCN_STDARGS, jlong tcsock,
+        jbyteArray buf) {
+    return (jint) -APR_ENOTIMPL;
 }
 
 #endif



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1292337 - /tomcat/native/trunk/native/src/sslext.c

Reply via email to