Hi tech@
Some KNF whitespace cleanup in s3_lib.c that can be checked with tr and md5.
Another diff will follow for the non-whitespace KNF cleanup.
Index: src/ssl/s3_lib.c
===================================================================
RCS file: /cvs/src/lib/libssl/src/ssl/s3_lib.c,v
retrieving revision 1.35
diff -u -p -r1.35 s3_lib.c
--- src/ssl/s3_lib.c 24 Apr 2014 13:06:52 -0000 1.35
+++ src/ssl/s3_lib.c 2 May 2014 04:31:24 -0000
@@ -169,8 +169,9 @@ const char ssl3_version_str[]="SSLv3" OP
/* list of available SSLv3 ciphers (sorted by id) */
OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
-/* The RSA ciphers */
-/* Cipher 01 */
+ /* The RSA ciphers */
+
+ /* Cipher 01 */
{
1,
SSL3_TXT_RSA_NULL_MD5,
@@ -186,7 +187,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
0,
},
-/* Cipher 02 */
+ /* Cipher 02 */
{
1,
SSL3_TXT_RSA_NULL_SHA,
@@ -202,7 +203,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
0,
},
-/* Cipher 03 */
+ /* Cipher 03 */
{
1,
SSL3_TXT_RSA_RC4_40_MD5,
@@ -218,7 +219,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
},
-/* Cipher 04 */
+ /* Cipher 04 */
{
1,
SSL3_TXT_RSA_RC4_128_MD5,
@@ -234,7 +235,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
},
-/* Cipher 05 */
+ /* Cipher 05 */
{
1,
SSL3_TXT_RSA_RC4_128_SHA,
@@ -250,7 +251,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
},
-/* Cipher 06 */
+ /* Cipher 06 */
{
1,
SSL3_TXT_RSA_RC2_40_MD5,
@@ -266,7 +267,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
},
-/* Cipher 07 */
+ /* Cipher 07 */
#ifndef OPENSSL_NO_IDEA
{
1,
@@ -284,7 +285,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
},
#endif
-/* Cipher 08 */
+ /* Cipher 08 */
{
1,
SSL3_TXT_RSA_DES_40_CBC_SHA,
@@ -300,7 +301,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
56,
},
-/* Cipher 09 */
+ /* Cipher 09 */
{
1,
SSL3_TXT_RSA_DES_64_CBC_SHA,
@@ -316,7 +317,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
56,
},
-/* Cipher 0A */
+ /* Cipher 0A */
{
1,
SSL3_TXT_RSA_DES_192_CBC3_SHA,
@@ -332,8 +333,9 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
168,
},
-/* The DH ciphers */
-/* Cipher 0B */
+ /* The DH ciphers */
+
+ /* Cipher 0B */
{
0,
SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
@@ -349,7 +351,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
56,
},
-/* Cipher 0C */
+ /* Cipher 0C */
{
0, /* not implemented (non-ephemeral DH) */
SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
@@ -365,7 +367,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
56,
},
-/* Cipher 0D */
+ /* Cipher 0D */
{
0, /* not implemented (non-ephemeral DH) */
SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
@@ -381,7 +383,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
168,
},
-/* Cipher 0E */
+ /* Cipher 0E */
{
0, /* not implemented (non-ephemeral DH) */
SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
@@ -397,7 +399,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
56,
},
-/* Cipher 0F */
+ /* Cipher 0F */
{
0, /* not implemented (non-ephemeral DH) */
SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
@@ -413,7 +415,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
56,
},
-/* Cipher 10 */
+ /* Cipher 10 */
{
0, /* not implemented (non-ephemeral DH) */
SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
@@ -429,8 +431,9 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
168,
},
-/* The Ephemeral DH ciphers */
-/* Cipher 11 */
+ /* The Ephemeral DH ciphers */
+
+ /* Cipher 11 */
{
1,
SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
@@ -446,7 +449,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
56,
},
-/* Cipher 12 */
+ /* Cipher 12 */
{
1,
SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
@@ -462,7 +465,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
56,
},
-/* Cipher 13 */
+ /* Cipher 13 */
{
1,
SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
@@ -478,7 +481,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
168,
},
-/* Cipher 14 */
+ /* Cipher 14 */
{
1,
SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
@@ -494,7 +497,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
56,
},
-/* Cipher 15 */
+ /* Cipher 15 */
{
1,
SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
@@ -510,7 +513,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
56,
},
-/* Cipher 16 */
+ /* Cipher 16 */
{
1,
SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
@@ -526,7 +529,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
168,
},
-/* Cipher 17 */
+ /* Cipher 17 */
{
1,
SSL3_TXT_ADH_RC4_40_MD5,
@@ -542,7 +545,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
},
-/* Cipher 18 */
+ /* Cipher 18 */
{
1,
SSL3_TXT_ADH_RC4_128_MD5,
@@ -558,7 +561,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
},
-/* Cipher 19 */
+ /* Cipher 19 */
{
1,
SSL3_TXT_ADH_DES_40_CBC_SHA,
@@ -574,7 +577,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
},
-/* Cipher 1A */
+ /* Cipher 1A */
{
1,
SSL3_TXT_ADH_DES_64_CBC_SHA,
@@ -590,7 +593,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
56,
},
-/* Cipher 1B */
+ /* Cipher 1B */
{
1,
SSL3_TXT_ADH_DES_192_CBC_SHA,
@@ -605,9 +608,11 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
168,
168,
},
+
#ifndef OPENSSL_NO_KRB5
-/* The Kerberos ciphers*/
-/* Cipher 1E */
+ /* The Kerberos ciphers */
+
+ /* Cipher 1E */
{
1,
SSL3_TXT_KRB5_DES_64_CBC_SHA,
@@ -623,7 +628,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
56,
},
-/* Cipher 1F */
+ /* Cipher 1F */
{
1,
SSL3_TXT_KRB5_DES_192_CBC3_SHA,
@@ -639,7 +644,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
168,
},
-/* Cipher 20 */
+ /* Cipher 20 */
{
1,
SSL3_TXT_KRB5_RC4_128_SHA,
@@ -655,7 +660,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
},
-/* Cipher 21 */
+ /* Cipher 21 */
{
1,
SSL3_TXT_KRB5_IDEA_128_CBC_SHA,
@@ -671,7 +676,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
},
-/* Cipher 22 */
+ /* Cipher 22 */
{
1,
SSL3_TXT_KRB5_DES_64_CBC_MD5,
@@ -687,7 +692,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
56,
},
-/* Cipher 23 */
+ /* Cipher 23 */
{
1,
SSL3_TXT_KRB5_DES_192_CBC3_MD5,
@@ -703,7 +708,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
168,
},
-/* Cipher 24 */
+ /* Cipher 24 */
{
1,
SSL3_TXT_KRB5_RC4_128_MD5,
@@ -719,7 +724,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
},
-/* Cipher 25 */
+ /* Cipher 25 */
{
1,
SSL3_TXT_KRB5_IDEA_128_CBC_MD5,
@@ -735,7 +740,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
},
-/* Cipher 26 */
+ /* Cipher 26 */
{
1,
SSL3_TXT_KRB5_DES_40_CBC_SHA,
@@ -751,7 +756,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
56,
},
-/* Cipher 27 */
+ /* Cipher 27 */
{
1,
SSL3_TXT_KRB5_RC2_40_CBC_SHA,
@@ -767,7 +772,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
},
-/* Cipher 28 */
+ /* Cipher 28 */
{
1,
SSL3_TXT_KRB5_RC4_40_SHA,
@@ -783,7 +788,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
},
-/* Cipher 29 */
+ /* Cipher 29 */
{
1,
SSL3_TXT_KRB5_DES_40_CBC_MD5,
@@ -799,7 +804,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
56,
},
-/* Cipher 2A */
+ /* Cipher 2A */
{
1,
SSL3_TXT_KRB5_RC2_40_CBC_MD5,
@@ -815,7 +820,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
},
-/* Cipher 2B */
+ /* Cipher 2B */
{
1,
SSL3_TXT_KRB5_RC4_40_MD5,
@@ -830,10 +835,11 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
40,
128,
},
-#endif /* OPENSSL_NO_KRB5 */
+#endif /* OPENSSL_NO_KRB5 */
+
+ /* New AES ciphersuites */
-/* New AES ciphersuites */
-/* Cipher 2F */
+ /* Cipher 2F */
{
1,
TLS1_TXT_RSA_WITH_AES_128_SHA,
@@ -848,7 +854,8 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
128,
},
-/* Cipher 30 */
+
+ /* Cipher 30 */
{
0,
TLS1_TXT_DH_DSS_WITH_AES_128_SHA,
@@ -863,7 +870,8 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
128,
},
-/* Cipher 31 */
+
+ /* Cipher 31 */
{
0,
TLS1_TXT_DH_RSA_WITH_AES_128_SHA,
@@ -878,7 +886,8 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
128,
},
-/* Cipher 32 */
+
+ /* Cipher 32 */
{
1,
TLS1_TXT_DHE_DSS_WITH_AES_128_SHA,
@@ -893,7 +902,8 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
128,
},
-/* Cipher 33 */
+
+ /* Cipher 33 */
{
1,
TLS1_TXT_DHE_RSA_WITH_AES_128_SHA,
@@ -908,7 +918,8 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
128,
},
-/* Cipher 34 */
+
+ /* Cipher 34 */
{
1,
TLS1_TXT_ADH_WITH_AES_128_SHA,
@@ -924,7 +935,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
},
-/* Cipher 35 */
+ /* Cipher 35 */
{
1,
TLS1_TXT_RSA_WITH_AES_256_SHA,
@@ -939,7 +950,8 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
256,
256,
},
-/* Cipher 36 */
+
+ /* Cipher 36 */
{
0,
TLS1_TXT_DH_DSS_WITH_AES_256_SHA,
@@ -955,7 +967,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
256,
},
-/* Cipher 37 */
+ /* Cipher 37 */
{
0, /* not implemented (non-ephemeral DH) */
TLS1_TXT_DH_RSA_WITH_AES_256_SHA,
@@ -971,7 +983,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
256,
},
-/* Cipher 38 */
+ /* Cipher 38 */
{
1,
TLS1_TXT_DHE_DSS_WITH_AES_256_SHA,
@@ -987,7 +999,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
256,
},
-/* Cipher 39 */
+ /* Cipher 39 */
{
1,
TLS1_TXT_DHE_RSA_WITH_AES_256_SHA,
@@ -1020,6 +1032,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
},
/* TLS v1.2 ciphersuites */
+
/* Cipher 3B */
{
1,
@@ -1217,6 +1230,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
#endif /* OPENSSL_NO_CAMELLIA */
/* TLS v1.2 ciphersuites */
+
/* Cipher 67 */
{
1,
@@ -1345,6 +1359,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
256,
256
},
+
{
1,
"GOST2001-GOST89-GOST89",
@@ -1359,6 +1374,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
256,
256
},
+
{
1,
"GOST94-NULL-GOST94",
@@ -1373,6 +1389,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
0,
0
},
+
{
1,
"GOST2001-NULL-GOST94",
@@ -1406,6 +1423,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
256,
256,
},
+
/* Cipher 85 */
{
0, /* not implemented (non-ephemeral DH) */
@@ -1551,7 +1569,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
256,
256,
},
-#endif /* OPENSSL_NO_PSK */
+#endif /* OPENSSL_NO_PSK */
#ifndef OPENSSL_NO_SEED
/* SEED ciphersuites from RFC4162 */
@@ -1651,7 +1669,6 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
128,
128,
},
-
#endif /* OPENSSL_NO_SEED */
/* GCM ciphersuites from RFC5288 */
@@ -2248,7 +2265,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
256,
256,
},
-#endif /* OPENSSL_NO_ECDH */
+#endif /* OPENSSL_NO_ECDH */
#ifndef OPENSSL_NO_SRP
/* Cipher C01A */
@@ -2394,9 +2411,9 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
256,
256,
},
-#endif /* OPENSSL_NO_SRP */
-#ifndef OPENSSL_NO_ECDH
+#endif /* OPENSSL_NO_SRP */
+#ifndef OPENSSL_NO_ECDH
/* HMAC based TLS v1.2 ciphersuites from RFC5289 */
/* Cipher C023 */
@@ -2656,12 +2673,10 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
256,
256,
},
-
#endif /* OPENSSL_NO_ECDH */
-
#ifdef TEMP_GOST_TLS
-/* Cipher FF00 */
+ /* Cipher FF00 */
{
1,
"GOST-MD5",
@@ -2676,6 +2691,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
256,
256,
},
+
{
1,
"GOST-GOST94",
@@ -2690,6 +2706,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
256,
256
},
+
{
1,
"GOST-GOST89MAC",
@@ -2704,6 +2721,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
256,
256
},
+
{
1,
"GOST-GOST89STREAM",
@@ -2736,8 +2754,8 @@ SSL3_ENC_METHOD SSLv3_enc_data = {
SSL3_MD_SERVER_FINISHED_CONST, 4,
ssl3_alert_code,
(int (*)(SSL *, unsigned char *, size_t, const char *,
- size_t, const unsigned char *, size_t,
- int use_context))ssl_undefined_function,
+ size_t, const unsigned char *, size_t,
+ int use_context))ssl_undefined_function,
};
long
@@ -2930,7 +2948,7 @@ srp_password_from_info_cb(SSL *s, void *
long
ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
{
- int ret = 0;
+ int ret = 0;
if (cmd == SSL_CTRL_SET_TMP_RSA || cmd == SSL_CTRL_SET_TMP_RSA_CB ||
cmd == SSL_CTRL_SET_TMP_DH || cmd == SSL_CTRL_SET_TMP_DH_CB) {
@@ -2969,101 +2987,101 @@ ssl3_ctrl(SSL *s, int cmd, long larg, vo
break;
case SSL_CTRL_SET_TMP_RSA:
{
- RSA *rsa = (RSA *)parg;
- if (rsa == NULL) {
- SSLerr(SSL_F_SSL3_CTRL,
- ERR_R_PASSED_NULL_PARAMETER);
- return (ret);
- }
- if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) {
- SSLerr(SSL_F_SSL3_CTRL,
- ERR_R_RSA_LIB);
- return (ret);
- }
- if (s->cert->rsa_tmp != NULL)
- RSA_free(s->cert->rsa_tmp);
- s->cert->rsa_tmp = rsa;
- ret = 1;
+ RSA *rsa = (RSA *)parg;
+ if (rsa == NULL) {
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return (ret);
+ }
+ if ((rsa = RSAPrivateKey_dup(rsa)) == NULL) {
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_RSA_LIB);
+ return (ret);
+ }
+ if (s->cert->rsa_tmp != NULL)
+ RSA_free(s->cert->rsa_tmp);
+ s->cert->rsa_tmp = rsa;
+ ret = 1;
}
break;
case SSL_CTRL_SET_TMP_RSA_CB:
{
- SSLerr(SSL_F_SSL3_CTRL,
- ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (ret);
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (ret);
}
break;
#ifndef OPENSSL_NO_DH
case SSL_CTRL_SET_TMP_DH:
{
- DH *dh = (DH *)parg;
- if (dh == NULL) {
- SSLerr(SSL_F_SSL3_CTRL,
- ERR_R_PASSED_NULL_PARAMETER);
- return (ret);
- }
- if ((dh = DHparams_dup(dh)) == NULL) {
+ DH *dh = (DH *)parg;
+ if (dh == NULL) {
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return (ret);
+ }
+ if ((dh = DHparams_dup(dh)) == NULL) {
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_DH_LIB);
+ return (ret);
+ }
+ if (!(s->options & SSL_OP_SINGLE_DH_USE)) {
+ if (!DH_generate_key(dh)) {
+ DH_free(dh);
SSLerr(SSL_F_SSL3_CTRL,
ERR_R_DH_LIB);
return (ret);
}
- if (!(s->options & SSL_OP_SINGLE_DH_USE)) {
- if (!DH_generate_key(dh)) {
- DH_free(dh);
- SSLerr(SSL_F_SSL3_CTRL,
- ERR_R_DH_LIB);
- return (ret);
- }
- }
- if (s->cert->dh_tmp != NULL)
- DH_free(s->cert->dh_tmp);
- s->cert->dh_tmp = dh;
- ret = 1;
+ }
+ if (s->cert->dh_tmp != NULL)
+ DH_free(s->cert->dh_tmp);
+ s->cert->dh_tmp = dh;
+ ret = 1;
}
break;
case SSL_CTRL_SET_TMP_DH_CB:
{
- SSLerr(SSL_F_SSL3_CTRL,
- ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (ret);
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (ret);
}
break;
#endif
#ifndef OPENSSL_NO_ECDH
case SSL_CTRL_SET_TMP_ECDH:
{
- EC_KEY *ecdh = NULL;
+ EC_KEY *ecdh = NULL;
- if (parg == NULL) {
- SSLerr(SSL_F_SSL3_CTRL,
- ERR_R_PASSED_NULL_PARAMETER);
- return (ret);
- }
- if (!EC_KEY_up_ref((EC_KEY *)parg)) {
+ if (parg == NULL) {
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_PASSED_NULL_PARAMETER);
+ return (ret);
+ }
+ if (!EC_KEY_up_ref((EC_KEY *)parg)) {
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_ECDH_LIB);
+ return (ret);
+ }
+ ecdh = (EC_KEY *)parg;
+ if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) {
+ if (!EC_KEY_generate_key(ecdh)) {
+ EC_KEY_free(ecdh);
SSLerr(SSL_F_SSL3_CTRL,
ERR_R_ECDH_LIB);
return (ret);
}
- ecdh = (EC_KEY *)parg;
- if (!(s->options & SSL_OP_SINGLE_ECDH_USE)) {
- if (!EC_KEY_generate_key(ecdh)) {
- EC_KEY_free(ecdh);
- SSLerr(SSL_F_SSL3_CTRL,
- ERR_R_ECDH_LIB);
- return (ret);
- }
- }
- if (s->cert->ecdh_tmp != NULL)
- EC_KEY_free(s->cert->ecdh_tmp);
- s->cert->ecdh_tmp = ecdh;
- ret = 1;
+ }
+ if (s->cert->ecdh_tmp != NULL)
+ EC_KEY_free(s->cert->ecdh_tmp);
+ s->cert->ecdh_tmp = ecdh;
+ ret = 1;
}
break;
case SSL_CTRL_SET_TMP_ECDH_CB:
{
- SSLerr(SSL_F_SSL3_CTRL,
- ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (ret);
+ SSLerr(SSL_F_SSL3_CTRL,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (ret);
}
break;
#endif /* !OPENSSL_NO_ECDH */
@@ -3098,7 +3116,6 @@ ssl3_ctrl(SSL *s, int cmd, long larg, vo
s->tlsext_debug_arg = parg;
ret = 1;
break;
-
#ifdef TLSEXT_TYPE_opaque_prf_input
case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT:
if (larg > 12288) {
@@ -3126,36 +3143,29 @@ ssl3_ctrl(SSL *s, int cmd, long larg, vo
s->tlsext_opaque_prf_input_len = 0;
break;
#endif
-
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
s->tlsext_status_type = larg;
ret = 1;
break;
-
case SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS:
*(STACK_OF(X509_EXTENSION) **)parg = s->tlsext_ocsp_exts;
ret = 1;
break;
-
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS:
s->tlsext_ocsp_exts = parg;
ret = 1;
break;
-
case SSL_CTRL_GET_TLSEXT_STATUS_REQ_IDS:
*(STACK_OF(OCSP_RESPID) **)parg = s->tlsext_ocsp_ids;
ret = 1;
break;
-
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_IDS:
s->tlsext_ocsp_ids = parg;
ret = 1;
break;
-
case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
*(unsigned char **)parg = s->tlsext_ocsp_resp;
return s->tlsext_ocsp_resplen;
-
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
if (s->tlsext_ocsp_resp)
free(s->tlsext_ocsp_resp);
@@ -3163,7 +3173,6 @@ ssl3_ctrl(SSL *s, int cmd, long larg, vo
s->tlsext_ocsp_resplen = larg;
ret = 1;
break;
-
#endif /* !OPENSSL_NO_TLSEXT */
default:
break;
@@ -3187,21 +3196,21 @@ ssl3_callback_ctrl(SSL *s, int cmd, void
switch (cmd) {
case SSL_CTRL_SET_TMP_RSA_CB:
{
- s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
+ s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
}
break;
#ifndef OPENSSL_NO_DH
case SSL_CTRL_SET_TMP_DH_CB:
{
- s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
+ s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
}
break;
#endif
#ifndef OPENSSL_NO_ECDH
case SSL_CTRL_SET_TMP_ECDH_CB:
{
- s->cert->ecdh_tmp_cb =
- (EC_KEY *(*)(SSL *, int, int))fp;
+ s->cert->ecdh_tmp_cb =
+ (EC_KEY *(*)(SSL *, int, int))fp;
}
break;
#endif
@@ -3236,106 +3245,106 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, lon
/* break; */
case SSL_CTRL_SET_TMP_RSA:
{
- RSA *rsa;
- int i;
+ RSA *rsa;
+ int i;
- rsa = (RSA *)parg;
- i = 1;
- if (rsa == NULL)
+ rsa = (RSA *)parg;
+ i = 1;
+ if (rsa == NULL)
+ i = 0;
+ else {
+ if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
i = 0;
- else {
- if ((rsa = RSAPrivateKey_dup(rsa)) == NULL)
- i = 0;
- }
- if (!i) {
- SSLerr(SSL_F_SSL3_CTX_CTRL,
- ERR_R_RSA_LIB);
- return (0);
- } else {
- if (cert->rsa_tmp != NULL)
- RSA_free(cert->rsa_tmp);
- cert->rsa_tmp = rsa;
- return (1);
- }
+ }
+ if (!i) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_RSA_LIB);
+ return (0);
+ } else {
+ if (cert->rsa_tmp != NULL)
+ RSA_free(cert->rsa_tmp);
+ cert->rsa_tmp = rsa;
+ return (1);
+ }
}
/* break; */
case SSL_CTRL_SET_TMP_RSA_CB:
{
- SSLerr(SSL_F_SSL3_CTX_CTRL,
- ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (0);
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (0);
}
break;
#ifndef OPENSSL_NO_DH
case SSL_CTRL_SET_TMP_DH:
{
- DH *new = NULL, *dh;
+ DH *new = NULL, *dh;
- dh = (DH *)parg;
- if ((new = DHparams_dup(dh)) == NULL) {
+ dh = (DH *)parg;
+ if ((new = DHparams_dup(dh)) == NULL) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_DH_LIB);
+ return 0;
+ }
+ if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) {
+ if (!DH_generate_key(new)) {
SSLerr(SSL_F_SSL3_CTX_CTRL,
ERR_R_DH_LIB);
+ DH_free(new);
return 0;
}
- if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) {
- if (!DH_generate_key(new)) {
- SSLerr(SSL_F_SSL3_CTX_CTRL,
- ERR_R_DH_LIB);
- DH_free(new);
- return 0;
- }
- }
- if (cert->dh_tmp != NULL)
- DH_free(cert->dh_tmp);
- cert->dh_tmp = new;
- return 1;
+ }
+ if (cert->dh_tmp != NULL)
+ DH_free(cert->dh_tmp);
+ cert->dh_tmp = new;
+ return 1;
}
/*break; */
case SSL_CTRL_SET_TMP_DH_CB:
{
- SSLerr(SSL_F_SSL3_CTX_CTRL,
- ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (0);
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (0);
}
break;
#endif
#ifndef OPENSSL_NO_ECDH
case SSL_CTRL_SET_TMP_ECDH:
{
- EC_KEY *ecdh = NULL;
+ EC_KEY *ecdh = NULL;
- if (parg == NULL) {
+ if (parg == NULL) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_ECDH_LIB);
+ return 0;
+ }
+ ecdh = EC_KEY_dup((EC_KEY *)parg);
+ if (ecdh == NULL) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_EC_LIB);
+ return 0;
+ }
+ if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) {
+ if (!EC_KEY_generate_key(ecdh)) {
+ EC_KEY_free(ecdh);
SSLerr(SSL_F_SSL3_CTX_CTRL,
ERR_R_ECDH_LIB);
return 0;
}
- ecdh = EC_KEY_dup((EC_KEY *)parg);
- if (ecdh == NULL) {
- SSLerr(SSL_F_SSL3_CTX_CTRL,
- ERR_R_EC_LIB);
- return 0;
- }
- if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) {
- if (!EC_KEY_generate_key(ecdh)) {
- EC_KEY_free(ecdh);
- SSLerr(SSL_F_SSL3_CTX_CTRL,
- ERR_R_ECDH_LIB);
- return 0;
- }
- }
+ }
- if (cert->ecdh_tmp != NULL) {
- EC_KEY_free(cert->ecdh_tmp);
- }
- cert->ecdh_tmp = ecdh;
- return 1;
+ if (cert->ecdh_tmp != NULL) {
+ EC_KEY_free(cert->ecdh_tmp);
+ }
+ cert->ecdh_tmp = ecdh;
+ return 1;
}
/* break; */
case SSL_CTRL_SET_TMP_ECDH_CB:
{
- SSLerr(SSL_F_SSL3_CTX_CTRL,
- ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- return (0);
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return (0);
}
break;
#endif /* !OPENSSL_NO_ECDH */
@@ -3346,43 +3355,40 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, lon
case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
case SSL_CTRL_GET_TLSEXT_TICKET_KEYS:
{
- unsigned char *keys = parg;
- if (!keys)
- return 48;
- if (larg != 48) {
- SSLerr(SSL_F_SSL3_CTX_CTRL,
- SSL_R_INVALID_TICKET_KEYS_LENGTH);
- return 0;
- }
- if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
- memcpy(ctx->tlsext_tick_key_name, keys, 16);
- memcpy(ctx->tlsext_tick_hmac_key,
- keys + 16, 16);
- memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
- } else {
- memcpy(keys, ctx->tlsext_tick_key_name, 16);
- memcpy(keys + 16,
- ctx->tlsext_tick_hmac_key, 16);
- memcpy(keys + 32,
- ctx->tlsext_tick_aes_key, 16);
- }
- return 1;
+ unsigned char *keys = parg;
+ if (!keys)
+ return 48;
+ if (larg != 48) {
+ SSLerr(SSL_F_SSL3_CTX_CTRL,
+ SSL_R_INVALID_TICKET_KEYS_LENGTH);
+ return 0;
+ }
+ if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
+ memcpy(ctx->tlsext_tick_key_name, keys, 16);
+ memcpy(ctx->tlsext_tick_hmac_key,
+ keys + 16, 16);
+ memcpy(ctx->tlsext_tick_aes_key, keys + 32, 16);
+ } else {
+ memcpy(keys, ctx->tlsext_tick_key_name, 16);
+ memcpy(keys + 16,
+ ctx->tlsext_tick_hmac_key, 16);
+ memcpy(keys + 32,
+ ctx->tlsext_tick_aes_key, 16);
+ }
+ return 1;
}
-
#ifdef TLSEXT_TYPE_opaque_prf_input
case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
ctx->tlsext_opaque_prf_input_callback_arg = parg;
return 1;
#endif
-
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
ctx->tlsext_status_arg = parg;
return 1;
break;
-
#ifndef OPENSSL_NO_SRP
case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
- ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ ctx->srp_ctx.srp_Mask |= SSL_kSRP;
if (ctx->srp_ctx.login != NULL)
free(ctx->srp_ctx.login);
ctx->srp_ctx.login = NULL;
@@ -3406,36 +3412,31 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, lon
ctx->srp_ctx.info = parg;
break;
case SSL_CTRL_SET_SRP_ARG:
- ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ ctx->srp_ctx.srp_Mask |= SSL_kSRP;
ctx->srp_ctx.SRP_cb_arg = parg;
break;
-
case SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH:
ctx->srp_ctx.strength = larg;
break;
#endif
#endif /* !OPENSSL_NO_TLSEXT */
-
/* A Thawte special :-) */
case SSL_CTRL_EXTRA_CHAIN_CERT:
if (ctx->extra_certs == NULL) {
if ((ctx->extra_certs = sk_X509_new_null()) == NULL)
return (0);
}
- sk_X509_push(ctx->extra_certs,(X509 *)parg);
+ sk_X509_push(ctx->extra_certs, (X509 *)parg);
break;
-
case SSL_CTRL_GET_EXTRA_CHAIN_CERTS:
*(STACK_OF(X509) **)parg = ctx->extra_certs;
break;
-
case SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS:
if (ctx->extra_certs) {
sk_X509_pop_free(ctx->extra_certs, X509_free);
ctx->extra_certs = NULL;
}
break;
-
default:
return (0);
}
@@ -3452,20 +3453,20 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int
switch (cmd) {
case SSL_CTRL_SET_TMP_RSA_CB:
{
- cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
+ cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
}
break;
#ifndef OPENSSL_NO_DH
case SSL_CTRL_SET_TMP_DH_CB:
{
- cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
+ cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
}
break;
#endif
#ifndef OPENSSL_NO_ECDH
case SSL_CTRL_SET_TMP_ECDH_CB:
{
- cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
+ cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
}
break;
#endif
@@ -3474,36 +3475,32 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int
ctx->tlsext_servername_callback =
(int (*)(SSL *, int *, void *))fp;
break;
-
#ifdef TLSEXT_TYPE_opaque_prf_input
case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB:
ctx->tlsext_opaque_prf_input_callback =
(int (*)(SSL *, void *, size_t, void *))fp;
break;
#endif
-
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
ctx->tlsext_status_cb = (int (*)(SSL *, void *))fp;
break;
-
case SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB:
ctx->tlsext_ticket_key_cb = (int (*)(SSL *, unsigned char *,
unsigned char *, EVP_CIPHER_CTX *, HMAC_CTX *, int))fp;
break;
-
#ifndef OPENSSL_NO_SRP
case SSL_CTRL_SET_SRP_VERIFY_PARAM_CB:
- ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ ctx->srp_ctx.srp_Mask |= SSL_kSRP;
ctx->srp_ctx.SRP_verify_param_callback =
(int (*)(SSL *, void *))fp;
break;
case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB:
- ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ ctx->srp_ctx.srp_Mask |= SSL_kSRP;
ctx->srp_ctx.TLS_ext_srp_username_callback =
(int (*)(SSL *, int *, void *))fp;
break;
case SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB:
- ctx->srp_ctx.srp_Mask|=SSL_kSRP;
+ ctx->srp_ctx.srp_Mask |= SSL_kSRP;
ctx->srp_ctx.SRP_give_srp_client_pwd_callback =
(char *(*)(SSL *, void *))fp;
break;
@@ -3552,7 +3549,8 @@ ssl3_put_cipher_by_char(const SSL_CIPHER
return (2);
}
-SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
+SSL_CIPHER *
+ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
STACK_OF(SSL_CIPHER) *srvr)
{
SSL_CIPHER *c, *ret = NULL;
@@ -3585,13 +3583,13 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, S
(void *)srvr);
for (i = 0; i < sk_SSL_CIPHER_num(srvr); ++i) {
c = sk_SSL_CIPHER_value(srvr, i);
- printf("%p:%s\n",(void *)c, c->name);
+ printf("%p:%s\n", (void *)c, c->name);
}
printf("Client sent %d from %p:\n", sk_SSL_CIPHER_num(clnt),
(void *)clnt);
for (i = 0; i < sk_SSL_CIPHER_num(clnt); ++i) {
c = sk_SSL_CIPHER_value(clnt, i);
- printf("%p:%s\n",(void *)c, c->name);
+ printf("%p:%s\n", (void *)c, c->name);
}
#endif
@@ -3622,15 +3620,15 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, S
#endif
#ifdef KSSL_DEBUG
-/* printf("ssl3_choose_cipher %d alg= %lx\n", i,c->algorithms);*/
-#endif /* KSSL_DEBUG */
+/* printf("ssl3_choose_cipher %d alg= %lx\n", i, c->algorithms); */
+#endif /* KSSL_DEBUG */
alg_k = c->algorithm_mkey;
alg_a = c->algorithm_auth;
#ifndef OPENSSL_NO_KRB5
if (alg_k & SSL_kKRB5) {
- if (!kssl_keytab_is_available(s->kssl_ctx) )
+ if (!kssl_keytab_is_available(s->kssl_ctx))
continue;
}
#endif /* OPENSSL_NO_KRB5 */
@@ -3651,7 +3649,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, S
ok = (alg_k & mask_k) && (alg_a & mask_a);
#ifdef CIPHER_DEBUG
printf("%d:[%08lX:%08lX:%08lX:%08lX]%p:%s\n",
- ok, alg_k, alg_a, mask_k, mask_a,(void *)c,
+ ok, alg_k, alg_a, mask_k, mask_a, (void *)c,
c->name);
#endif
}
@@ -3745,7 +3743,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, S
}
if ((ec_search1 != 0) || (ec_search2 != 0)) {
for (j = 0; j <
s->session->tlsext_ellipticcurvelist_length / 2; j++) {
- if
((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) &&
(s->session->tlsext_ellipticcurvelist[2*j + 1] == ec_search2)) {
+ if
((s->session->tlsext_ellipticcurvelist[2 * j] == ec_search1) &&
(s->session->tlsext_ellipticcurvelist[2 * j + 1] == ec_search2)) {
ec_ok = 1;
break;
}
@@ -3784,7 +3782,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, S
}
if ((ec_search1 != 0) || (ec_search2 != 0)) {
for (j = 0; j <
s->session->tlsext_ellipticcurvelist_length / 2; j++) {
- if
((s->session->tlsext_ellipticcurvelist[2*j] == ec_search1) &&
(s->session->tlsext_ellipticcurvelist[2*j + 1] == ec_search2)) {
+ if
((s->session->tlsext_ellipticcurvelist[2 * j] == ec_search1) &&
(s->session->tlsext_ellipticcurvelist[2 * j + 1] == ec_search2)) {
ec_ok = 1;
break;
}
@@ -3834,12 +3832,12 @@ ssl3_get_req_cert_type(SSL *s, unsigned
#endif
#ifndef OPENSSL_NO_DH
- if (alg_k & (SSL_kDHr|SSL_kEDH)) {
+ if (alg_k & (SSL_kDHr | SSL_kEDH)) {
p[ret++] = SSL3_CT_RSA_FIXED_DH;
p[ret++] = SSL3_CT_DSS_FIXED_DH;
}
if ((s->version == SSL3_VERSION) &&
- (alg_k & (SSL_kEDH|SSL_kDHd|SSL_kDHr))) {
+ (alg_k & (SSL_kEDH | SSL_kDHd | SSL_kDHr))) {
p[ret++] = SSL3_CT_RSA_EPHEMERAL_DH;
p[ret++] = SSL3_CT_DSS_EPHEMERAL_DH;
}
@@ -3847,7 +3845,7 @@ ssl3_get_req_cert_type(SSL *s, unsigned
p[ret++] = SSL3_CT_RSA_SIGN;
p[ret++] = SSL3_CT_DSS_SIGN;
#ifndef OPENSSL_NO_ECDH
- if ((alg_k & (SSL_kECDHr|SSL_kECDHe)) && (s->version >= TLS1_VERSION)) {
+ if ((alg_k & (SSL_kECDHr | SSL_kECDHe)) && (s->version >=
TLS1_VERSION)) {
p[ret++] = TLS_CT_RSA_FIXED_ECDH;
p[ret++] = TLS_CT_ECDSA_FIXED_ECDH;
}
@@ -3875,12 +3873,12 @@ ssl3_shutdown(SSL *s)
* we don't want to send messages :-)
*/
if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE)) {
- s->shutdown = (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+ s->shutdown = (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
return (1);
}
if (!(s->shutdown & SSL_SENT_SHUTDOWN)) {
- s->shutdown|=SSL_SENT_SHUTDOWN;
+ s->shutdown |= SSL_SENT_SHUTDOWN;
#if 1
ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_CLOSE_NOTIFY);
#endif
@@ -3889,7 +3887,7 @@ ssl3_shutdown(SSL *s)
* to be written, s->s3->alert_dispatch will be true
*/
if (s->s3->alert_dispatch)
- return(-1); /* return WANT_WRITE */
+ return (-1); /* return WANT_WRITE */
} else if (s->s3->alert_dispatch) {
/* resend it if not sent */
#if 1
@@ -3908,11 +3906,11 @@ ssl3_shutdown(SSL *s)
/* If we are waiting for a close from our peer, we are closed */
s->method->ssl_read_bytes(s, 0, NULL, 0, 0);
if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
- return(-1); /* return WANT_READ */
+ return (-1); /* return WANT_READ */
}
}
- if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
+ if ((s->shutdown == (SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN)) &&
!s->s3->alert_dispatch)
return (1);
else
@@ -3960,7 +3958,7 @@ ssl3_write(SSL *s, const void *buf, int
/* We have flushed the buffer, so remove it */
ssl_free_wbio_buffer(s);
- s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
+ s->s3->flags &= ~SSL3_FLAGS_POP_BUFFER;
ret = s->s3->delay_buf_pop_ret;
s->s3->delay_buf_pop_ret = 0;
@@ -4061,7 +4059,7 @@ ssl_get_algorithm2(SSL *s)
long alg2 = s->s3->tmp.new_cipher->algorithm2;
if (s->method->version == TLS1_2_VERSION &&
- alg2 == (SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF))
+ alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
return alg2;
}
