Hi tech@
This is the second diff for s3_lib.c
Apply it after my previous diff.
This diff cleans up non-whitespace KNF such as missing parens around
returns and redundant if-elses.
--- s3_lib.c.old Sat May 3 12:27:25 2014
+++ s3_lib.c Sat May 3 12:24:37 2014
@@ -1357,7 +1357,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
256,
- 256
+ 256,
},
{
@@ -1372,7 +1372,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94|TLS1_STREAM_MAC,
256,
- 256
+ 256,
},
{
@@ -1387,7 +1387,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_NOT_EXP|SSL_STRONG_NONE,
SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
0,
- 0
+ 0,
},
{
@@ -1402,7 +1402,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_NOT_EXP|SSL_STRONG_NONE,
SSL_HANDSHAKE_MAC_GOST94|TLS1_PRF_GOST94,
0,
- 0
+ 0,
},
#ifndef OPENSSL_NO_CAMELLIA
@@ -2704,7 +2704,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
- 256
+ 256,
},
{
@@ -2719,7 +2719,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF,
256,
- 256
+ 256,
},
{
@@ -2734,7 +2734,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_NOT_EXP|SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT|TLS1_PRF|TLS1_STREAM_MAC,
256,
- 256
+ 256,
},
#endif
@@ -2779,17 +2779,16 @@ ssl3_get_cipher(unsigned int u)
{
if (u < SSL3_NUM_CIPHERS)
return (&(ssl3_ciphers[SSL3_NUM_CIPHERS - 1 - u]));
- else
- return (NULL);
+ return (NULL);
}
int
ssl3_pending(const SSL *s)
{
if (s->rstate == SSL_ST_READ_BODY)
- return 0;
- return (s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ?
- s->s3->rrec.length : 0;
+ return (0);
+ return ((s->s3->rrec.type == SSL3_RT_APPLICATION_DATA) ?
+ s->s3->rrec.length : 0);
}
int
@@ -2844,9 +2843,8 @@ ssl3_free(SSL *s)
if (s->s3->tmp.ca_names != NULL)
sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
- if (s->s3->handshake_buffer) {
+ if (s->s3->handshake_buffer)
BIO_free(s->s3->handshake_buffer);
- }
if (s->s3->handshake_dgst)
ssl3_free_digest_list(s);
#ifndef OPENSSL_NO_SRP
@@ -2908,9 +2906,8 @@ ssl3_clear(SSL *s)
BIO_free(s->s3->handshake_buffer);
s->s3->handshake_buffer = NULL;
}
- if (s->s3->handshake_dgst) {
+ if (s->s3->handshake_dgst)
ssl3_free_digest_list(s);
- }
memset(s->s3, 0, sizeof *s->s3);
s->s3->rbuf.buf = rp;
s->s3->wbuf.buf = wp;
@@ -3005,11 +3002,9 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
}
break;
case SSL_CTRL_SET_TMP_RSA_CB:
- {
SSLerr(SSL_F_SSL3_CTRL,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (ret);
- }
break;
#ifndef OPENSSL_NO_DH
case SSL_CTRL_SET_TMP_DH:
@@ -3041,11 +3036,9 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
}
break;
case SSL_CTRL_SET_TMP_DH_CB:
- {
SSLerr(SSL_F_SSL3_CTRL,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (ret);
- }
break;
#endif
#ifndef OPENSSL_NO_ECDH
@@ -3079,11 +3072,9 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
}
break;
case SSL_CTRL_SET_TMP_ECDH_CB:
- {
SSLerr(SSL_F_SSL3_CTRL,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (ret);
- }
break;
#endif /* !OPENSSL_NO_ECDH */
#ifndef OPENSSL_NO_TLSEXT
@@ -3099,18 +3090,18 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
if (strlen((char *)parg) > TLSEXT_MAXLEN_host_name) {
SSLerr(SSL_F_SSL3_CTRL,
SSL_R_SSL3_EXT_INVALID_SERVERNAME);
- return 0;
+ return (0);
}
if ((s->tlsext_hostname = BUF_strdup((char *)parg))
== NULL) {
SSLerr(SSL_F_SSL3_CTRL,
ERR_R_INTERNAL_ERROR);
- return 0;
+ return (0);
}
} else {
SSLerr(SSL_F_SSL3_CTRL,
SSL_R_SSL3_EXT_INVALID_SERVERNAME_TYPE);
- return 0;
+ return (0);
}
break;
case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
@@ -3166,7 +3157,7 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
break;
case SSL_CTRL_GET_TLSEXT_STATUS_REQ_OCSP_RESP:
*(unsigned char **)parg = s->tlsext_ocsp_resp;
- return s->tlsext_ocsp_resplen;
+ return (s->tlsext_ocsp_resplen);
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_OCSP_RESP:
if (s->tlsext_ocsp_resp)
free(s->tlsext_ocsp_resp);
@@ -3196,22 +3187,16 @@ ssl3_callback_ctrl(SSL *s, int cmd, void (*fp)(void))
switch (cmd) {
case SSL_CTRL_SET_TMP_RSA_CB:
- {
s->cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
- }
break;
#ifndef OPENSSL_NO_DH
case SSL_CTRL_SET_TMP_DH_CB:
- {
s->cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
- }
break;
#endif
#ifndef OPENSSL_NO_ECDH
case SSL_CTRL_SET_TMP_ECDH_CB:
- {
s->cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
- }
break;
#endif
#ifndef OPENSSL_NO_TLSEXT
@@ -3240,9 +3225,8 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *
(EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) >
(512 / 8))))
return (1);
- else
- return (0);
- /* break; */
+ return (0);
+ break;
case SSL_CTRL_SET_TMP_RSA:
{
RSA *rsa;
@@ -3267,13 +3251,11 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *
return (1);
}
}
- /* break; */
+ break;
case SSL_CTRL_SET_TMP_RSA_CB:
- {
SSLerr(SSL_F_SSL3_CTX_CTRL,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (0);
- }
break;
#ifndef OPENSSL_NO_DH
case SSL_CTRL_SET_TMP_DH:
@@ -3284,28 +3266,26 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *
if ((new = DHparams_dup(dh)) == NULL) {
SSLerr(SSL_F_SSL3_CTX_CTRL,
ERR_R_DH_LIB);
- return 0;
+ return (0);
}
if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) {
if (!DH_generate_key(new)) {
SSLerr(SSL_F_SSL3_CTX_CTRL,
ERR_R_DH_LIB);
DH_free(new);
- return 0;
+ return (0);
}
}
if (cert->dh_tmp != NULL)
DH_free(cert->dh_tmp);
cert->dh_tmp = new;
- return 1;
+ return (1);
}
- /*break; */
+ break;
case SSL_CTRL_SET_TMP_DH_CB:
- {
SSLerr(SSL_F_SSL3_CTX_CTRL,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (0);
- }
break;
#endif
#ifndef OPENSSL_NO_ECDH
@@ -3316,20 +3296,20 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *
if (parg == NULL) {
SSLerr(SSL_F_SSL3_CTX_CTRL,
ERR_R_ECDH_LIB);
- return 0;
+ return (0);
}
ecdh = EC_KEY_dup((EC_KEY *)parg);
if (ecdh == NULL) {
SSLerr(SSL_F_SSL3_CTX_CTRL,
ERR_R_EC_LIB);
- return 0;
+ return (0);
}
if (!(ctx->options & SSL_OP_SINGLE_ECDH_USE)) {
if (!EC_KEY_generate_key(ecdh)) {
EC_KEY_free(ecdh);
SSLerr(SSL_F_SSL3_CTX_CTRL,
ERR_R_ECDH_LIB);
- return 0;
+ return (0);
}
}
@@ -3337,15 +3317,13 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *
EC_KEY_free(cert->ecdh_tmp);
}
cert->ecdh_tmp = ecdh;
- return 1;
+ return (1);
}
- /* break; */
+ break;
case SSL_CTRL_SET_TMP_ECDH_CB:
- {
SSLerr(SSL_F_SSL3_CTX_CTRL,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return (0);
- }
break;
#endif /* !OPENSSL_NO_ECDH */
#ifndef OPENSSL_NO_TLSEXT
@@ -3358,11 +3336,11 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *
unsigned char *keys = parg;
if (!keys)
- return 48;
+ return (48);
if (larg != 48) {
SSLerr(SSL_F_SSL3_CTX_CTRL,
SSL_R_INVALID_TICKET_KEYS_LENGTH);
- return 0;
+ return (0);
}
if (cmd == SSL_CTRL_SET_TLSEXT_TICKET_KEYS) {
memcpy(ctx->tlsext_tick_key_name, keys, 16);
@@ -3376,16 +3354,16 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *
memcpy(keys + 32,
ctx->tlsext_tick_aes_key, 16);
}
- return 1;
+ return (1);
}
#ifdef TLSEXT_TYPE_opaque_prf_input
case SSL_CTRL_SET_TLSEXT_OPAQUE_PRF_INPUT_CB_ARG:
ctx->tlsext_opaque_prf_input_callback_arg = parg;
- return 1;
+ return (1);
#endif
case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
ctx->tlsext_status_arg = parg;
- return 1;
+ return (1);
break;
#ifndef OPENSSL_NO_SRP
case SSL_CTRL_SET_TLS_EXT_SRP_USERNAME:
@@ -3399,12 +3377,12 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *
strlen((const char *)parg) < 1) {
SSLerr(SSL_F_SSL3_CTX_CTRL,
SSL_R_INVALID_SRP_USERNAME);
- return 0;
+ return (0);
}
if ((ctx->srp_ctx.login = BUF_strdup((char *)parg)) == NULL) {
SSLerr(SSL_F_SSL3_CTX_CTRL,
ERR_R_INTERNAL_ERROR);
- return 0;
+ return (0);
}
break;
case SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD:
@@ -3453,22 +3431,16 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*f
switch (cmd) {
case SSL_CTRL_SET_TMP_RSA_CB:
- {
cert->rsa_tmp_cb = (RSA *(*)(SSL *, int, int))fp;
- }
break;
#ifndef OPENSSL_NO_DH
case SSL_CTRL_SET_TMP_DH_CB:
- {
cert->dh_tmp_cb = (DH *(*)(SSL *, int, int))fp;
- }
break;
#endif
#ifndef OPENSSL_NO_ECDH
case SSL_CTRL_SET_TMP_ECDH_CB:
- {
cert->ecdh_tmp_cb = (EC_KEY *(*)(SSL *, int, int))fp;
- }
break;
#endif
#ifndef OPENSSL_NO_TLSEXT
@@ -3513,8 +3485,10 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*f
return (1);
}
-/* This function needs to check if the ciphers required are actually
- * available */
+/*
+ * This function needs to check if the ciphers required are actually
+ * available.
+ */
const SSL_CIPHER *
ssl3_get_cipher_by_char(const unsigned char *p)
{
@@ -3530,9 +3504,8 @@ ssl3_get_cipher_by_char(const unsigned char *p)
fprintf(stderr, "Unknown cipher ID %x\n", (p[0] << 8) | p[1]);
#endif
if (cp == NULL || cp->valid == 0)
- return NULL;
- else
- return cp;
+ return (NULL);
+ return (cp);
}
int
@@ -3859,9 +3832,8 @@ ssl3_get_req_cert_type(SSL *s, unsigned char *p)
* ECDSA certs can be used with RSA cipher suites as well
* so we don't need to check for SSL_kECDH or SSL_kEECDH
*/
- if (s->version >= TLS1_VERSION) {
+ if (s->version >= TLS1_VERSION)
p[ret++] = TLS_CT_ECDSA_SIGN;
- }
#endif
return (ret);
}
@@ -3889,8 +3861,10 @@ ssl3_shutdown(SSL *s)
* Our shutdown alert has been sent now, and if it still needs
* to be written, s->s3->alert_dispatch will be true
*/
- if (s->s3->alert_dispatch)
- return (-1); /* return WANT_WRITE */
+ if (s->s3->alert_dispatch) {
+ /* return WANT_WRITE */
+ return (-1);
+ }
} else if (s->s3->alert_dispatch) {
/* resend it if not sent */
#if 1
@@ -3909,15 +3883,15 @@ ssl3_shutdown(SSL *s)
/* If we are waiting for a close from our peer, we are closed */
s->method->ssl_read_bytes(s, 0, NULL, 0, 0);
if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN)) {
- return (-1); /* return WANT_READ */
+ /* return WANT_READ */
+ return (-1);
}
}
if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
!s->s3->alert_dispatch)
return (1);
- else
- return (0);
+ return (0);
}
int
@@ -4063,6 +4037,6 @@ ssl_get_algorithm2(SSL *s)
if (s->method->version == TLS1_2_VERSION &&
alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
- return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;
- return alg2;
+ return (SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256);
+ return (alg2);
}
