aboutsummaryrefslogtreecommitdiff
path: root/lib/gtls.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gtls.c')
-rw-r--r--lib/gtls.c44
1 files changed, 23 insertions, 21 deletions
diff --git a/lib/gtls.c b/lib/gtls.c
index 71ceb34d9..1a2dfd467 100644
--- a/lib/gtls.c
+++ b/lib/gtls.c
@@ -197,14 +197,14 @@ static gnutls_datum load_file (const char *file)
long filelen;
void *ptr;
- if (!(f = fopen(file, "r")))
+ if(!(f = fopen(file, "r")))
return loaded_file;
- if (fseek(f, 0, SEEK_END) != 0
- || (filelen = ftell(f)) < 0
- || fseek(f, 0, SEEK_SET) != 0
- || !(ptr = malloc((size_t)filelen)))
+ if(fseek(f, 0, SEEK_END) != 0
+ || (filelen = ftell(f)) < 0
+ || fseek(f, 0, SEEK_SET) != 0
+ || !(ptr = malloc((size_t)filelen)))
goto out;
- if (fread(ptr, 1, (size_t)filelen, f) < (size_t)filelen) {
+ if(fread(ptr, 1, (size_t)filelen, f) < (size_t)filelen) {
free(ptr);
goto out;
}
@@ -282,7 +282,7 @@ static CURLcode handshake(struct connectdata *conn,
if(nonblocking)
return CURLE_OK;
}
- else if (rc < 0) {
+ else if(rc < 0) {
failf(data, "gnutls_handshake() failed: %s", gnutls_strerror(rc));
return CURLE_SSL_CONNECT_ERROR;
}
@@ -357,7 +357,8 @@ gtls_connect_step1(struct connectdata *conn,
return CURLE_OUT_OF_MEMORY;
}
- rc = gnutls_srp_set_client_credentials(conn->ssl[sockindex].srp_client_cred,
+ rc = gnutls_srp_set_client_credentials(conn->ssl[sockindex].
+ srp_client_cred,
data->set.ssl.username,
data->set.ssl.password);
if(rc != GNUTLS_E_SUCCESS) {
@@ -412,13 +413,13 @@ gtls_connect_step1(struct connectdata *conn,
/* convenient assign */
session = conn->ssl[sockindex].session;
- if ((0 == Curl_inet_pton(AF_INET, conn->host.name, &addr)) &&
+ if((0 == Curl_inet_pton(AF_INET, conn->host.name, &addr)) &&
#ifdef ENABLE_IPV6
- (0 == Curl_inet_pton(AF_INET6, conn->host.name, &addr)) &&
+ (0 == Curl_inet_pton(AF_INET6, conn->host.name, &addr)) &&
#endif
- sni &&
- (gnutls_server_name_set(session, GNUTLS_NAME_DNS, conn->host.name,
- strlen(conn->host.name)) < 0))
+ sni &&
+ (gnutls_server_name_set(session, GNUTLS_NAME_DNS, conn->host.name,
+ strlen(conn->host.name)) < 0))
infof(data, "WARNING: failed to configure server name indication (SNI) "
"TLS extension\n");
@@ -447,7 +448,8 @@ gtls_connect_step1(struct connectdata *conn,
data->set.str[STRING_CERT],
data->set.str[STRING_KEY] ?
data->set.str[STRING_KEY] : data->set.str[STRING_CERT],
- do_file_type(data->set.str[STRING_CERT_TYPE]) ) != GNUTLS_E_SUCCESS) {
+ do_file_type(data->set.str[STRING_CERT_TYPE]) ) !=
+ GNUTLS_E_SUCCESS) {
failf(data, "error reading X.509 key or certificate file");
return CURLE_SSL_CONNECT_ERROR;
}
@@ -458,10 +460,10 @@ gtls_connect_step1(struct connectdata *conn,
if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
rc = gnutls_credentials_set(session, GNUTLS_CRD_SRP,
conn->ssl[sockindex].srp_client_cred);
- if (rc != GNUTLS_E_SUCCESS) {
+ if(rc != GNUTLS_E_SUCCESS)
failf(data, "gnutls_credentials_set() failed: %s", gnutls_strerror(rc));
- }
- } else
+ }
+ else
#endif
rc = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE,
conn->ssl[sockindex].cred);
@@ -586,13 +588,13 @@ gtls_connect_step3(struct connectdata *conn,
gnutls_x509_crt_t format */
gnutls_x509_crt_import(x509_cert, chainp, GNUTLS_X509_FMT_DER);
- if (data->set.ssl.issuercert) {
+ if(data->set.ssl.issuercert) {
gnutls_x509_crt_init(&x509_issuer);
issuerp = load_file(data->set.ssl.issuercert);
gnutls_x509_crt_import(x509_issuer, &issuerp, GNUTLS_X509_FMT_PEM);
rc = gnutls_x509_crt_check_issuer(x509_cert,x509_issuer);
unload_file(issuerp);
- if (rc <= 0) {
+ if(rc <= 0) {
failf(data, "server certificate issuer check failed (IssuerCert: %s)",
data->set.ssl.issuercert?data->set.ssl.issuercert:"none");
return CURLE_SSL_ISSUER_ERROR;
@@ -743,7 +745,7 @@ after_server_cert_verification:
gnutls_session_get_data(session, connect_sessionid, &connect_idsize);
incache = !(Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL));
- if (incache) {
+ if(incache) {
/* there was one before in the cache, so instead of risking that the
previous one was rejected, we just kill that and store the new */
Curl_ssl_delsessionid(conn, ssl_sessionid);
@@ -869,7 +871,7 @@ static void close_one(struct connectdata *conn,
conn->ssl[idx].cred = NULL;
}
#ifdef USE_TLS_SRP
- if (conn->ssl[idx].srp_client_cred) {
+ if(conn->ssl[idx].srp_client_cred) {
gnutls_srp_free_client_credentials(conn->ssl[idx].srp_client_cred);
conn->ssl[idx].srp_client_cred = NULL;
}