diff options
Diffstat (limited to 'lib/vtls')
| -rw-r--r-- | lib/vtls/cyassl.c | 4 | ||||
| -rw-r--r-- | lib/vtls/cyassl.h | 2 | ||||
| -rw-r--r-- | lib/vtls/gtls.c | 6 | ||||
| -rw-r--r-- | lib/vtls/nss.c | 6 | ||||
| -rw-r--r-- | lib/vtls/openssl.c | 37 |
5 files changed, 28 insertions, 27 deletions
diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c index fcacec8e6..cc29b0d10 100644 --- a/lib/vtls/cyassl.c +++ b/lib/vtls/cyassl.c @@ -140,7 +140,7 @@ cyassl_connect_step1(struct connectdata *conn, data->set.str[STRING_SSL_CAPATH])) { if(data->set.ssl.verifypeer) { /* Fail if we insist on successfully verifying the server. */ - failf(data,"error setting certificate verify locations:\n" + failf(data, "error setting certificate verify locations:\n" " CAfile: %s\n CApath: %s", data->set.str[STRING_SSL_CAFILE]? data->set.str[STRING_SSL_CAFILE]: "none", @@ -214,7 +214,7 @@ cyassl_connect_step1(struct connectdata *conn, /* we got a session id, use it! */ if(!SSL_set_session(conssl->handle, ssl_sessionid)) { failf(data, "SSL: SSL_set_session failed: %s", - ERR_error_string(SSL_get_error(conssl->handle, 0),NULL)); + ERR_error_string(SSL_get_error(conssl->handle, 0), NULL)); return CURLE_SSL_CONNECT_ERROR; } /* Informational message */ diff --git a/lib/vtls/cyassl.h b/lib/vtls/cyassl.h index 75d11cd50..b492ffa96 100644 --- a/lib/vtls/cyassl.h +++ b/lib/vtls/cyassl.h @@ -26,7 +26,7 @@ #ifdef USE_CYASSL CURLcode Curl_cyassl_connect(struct connectdata *conn, int sockindex); -bool Curl_cyassl_data_pending(const struct connectdata* conn,int connindex); +bool Curl_cyassl_data_pending(const struct connectdata* conn, int connindex); int Curl_cyassl_shutdown(struct connectdata* conn, int sockindex); /* close a SSL connection */ diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index 439b6fff6..fbf4586e8 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -779,7 +779,7 @@ gtls_connect_step3(struct connectdata *conn, unsigned int cert_list_size; const gnutls_datum_t *chainp; unsigned int verify_status; - gnutls_x509_crt_t x509_cert,x509_issuer; + gnutls_x509_crt_t x509_cert, x509_issuer; gnutls_datum_t issuerp; char certbuf[256] = ""; /* big enough? */ size_t size; @@ -897,7 +897,7 @@ gtls_connect_step3(struct connectdata *conn, gnutls_x509_crt_init(&x509_issuer); issuerp = load_file(data->set.ssl.issuercert); gnutls_x509_crt_import(x509_issuer, &issuerp, GNUTLS_X509_FMT_PEM); - rc = gnutls_x509_crt_check_issuer(x509_cert,x509_issuer); + rc = gnutls_x509_crt_check_issuer(x509_cert, x509_issuer); gnutls_x509_crt_deinit(x509_issuer); unload_file(issuerp); if(rc <= 0) { @@ -906,7 +906,7 @@ gtls_connect_step3(struct connectdata *conn, gnutls_x509_crt_deinit(x509_cert); return CURLE_SSL_ISSUER_ERROR; } - infof(data,"\t server certificate issuer check OK (Issuer Cert: %s)\n", + infof(data, "\t server certificate issuer check OK (Issuer Cert: %s)\n", data->set.ssl.issuercert?data->set.ssl.issuercert:"none"); } diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c index 82fab8597..ee22e9db3 100644 --- a/lib/vtls/nss.c +++ b/lib/vtls/nss.c @@ -861,7 +861,7 @@ static SECStatus BadCertHandler(void *arg, PRFileDesc *sock) static SECStatus check_issuer_cert(PRFileDesc *sock, char *issuer_nickname) { - CERTCertificate *cert,*cert_issuer,*issuer; + CERTCertificate *cert, *cert_issuer, *issuer; SECStatus res=SECSuccess; void *proto_win = NULL; @@ -872,7 +872,7 @@ static SECStatus check_issuer_cert(PRFileDesc *sock, */ cert = SSL_PeerCertificate(sock); - cert_issuer = CERT_FindCertIssuer(cert,PR_Now(),certUsageObjectSigner); + cert_issuer = CERT_FindCertIssuer(cert, PR_Now(), certUsageObjectSigner); proto_win = SSL_RevealPinArg(sock); issuer = PK11_FindCertFromNickname(issuer_nickname, proto_win); @@ -1734,7 +1734,7 @@ static CURLcode nss_do_connect(struct connectdata *conn, int sockindex) } if(SECFailure == ret) { - infof(data,"SSL certificate issuer check failed\n"); + infof(data, "SSL certificate issuer check failed\n"); result = CURLE_SSL_ISSUER_ERROR; goto error; } diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 8a4a6a13d..f5610bb1e 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -484,7 +484,7 @@ int cert_stuff(struct connectdata *conn, STACK_OF(X509) *ca = NULL; int i; - f = fopen(cert_file,"rb"); + f = fopen(cert_file, "rb"); if(!f) { failf(data, "could not open PKCS12 file '%s'", cert_file); return 0; @@ -605,7 +605,7 @@ int cert_stuff(struct connectdata *conn, #endif /* the typecast below was added to please mingw32 */ priv_key = (EVP_PKEY *) - ENGINE_load_private_key(data->state.engine,key_file, + ENGINE_load_private_key(data->state.engine, key_file, #ifdef HAVE_ENGINE_LOAD_FOUR_ARGS ui_method, #endif @@ -647,7 +647,7 @@ int cert_stuff(struct connectdata *conn, ssl=SSL_new(ctx); if(!ssl) { - failf(data,"unable to create an SSL structure"); + failf(data, "unable to create an SSL structure"); return 0; } @@ -657,7 +657,7 @@ int cert_stuff(struct connectdata *conn, leak memory as the previous version: */ if(x509) { EVP_PKEY *pktmp = X509_get_pubkey(x509); - EVP_PKEY_copy_parameters(pktmp,SSL_get_privatekey(ssl)); + EVP_PKEY_copy_parameters(pktmp, SSL_get_privatekey(ssl)); EVP_PKEY_free(pktmp); } @@ -881,7 +881,7 @@ CURLcode Curl_ossl_set_engine_default(struct SessionHandle *data) #ifdef HAVE_OPENSSL_ENGINE_H if(data->state.engine) { if(ENGINE_set_default(data->state.engine, ENGINE_METHOD_ALL) > 0) { - infof(data,"set default crypto engine '%s'\n", + infof(data, "set default crypto engine '%s'\n", ENGINE_get_id(data->state.engine)); } else { @@ -1070,7 +1070,7 @@ static int asn1_output(const ASN1_UTCTIME *tm, const char *asn1_string; int gmt=FALSE; int i; - int year=0,month=0,day=0,hour=0,minute=0,second=0; + int year=0, month=0, day=0, hour=0, minute=0, second=0; i=tm->length; asn1_string=(const char *)tm->data; @@ -1229,7 +1229,7 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) else { /* we have to look to the last occurrence of a commonName in the distinguished one to get the most significant one. */ - int j,i=-1 ; + int j, i=-1; /* The following is done because of a bug in 0.9.6b */ @@ -1246,7 +1246,8 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) UTF8 etc. */ if(i>=0) { - ASN1_STRING *tmp = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i)); + ASN1_STRING *tmp = + X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, i)); /* In OpenSSL 0.9.7d and earlier, ASN1_STRING_to_UTF8 fails if the input is already UTF-8 encoded. We check for this case and copy the raw @@ -1965,7 +1966,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) failf(data, "Unable to set SRP user name"); return CURLE_BAD_FUNCTION_ARGUMENT; } - if(!SSL_CTX_set_srp_password(connssl->ctx,data->set.ssl.password)) { + if(!SSL_CTX_set_srp_password(connssl->ctx, data->set.ssl.password)) { failf(data, "failed setting SRP password"); return CURLE_BAD_FUNCTION_ARGUMENT; } @@ -1987,7 +1988,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) data->set.str[STRING_SSL_CAPATH])) { if(data->set.ssl.verifypeer) { /* Fail if we insist on successfully verifying the server. */ - failf(data,"error setting certificate verify locations:\n" + failf(data, "error setting certificate verify locations:\n" " CAfile: %s\n CApath: %s", data->set.str[STRING_SSL_CAFILE]? data->set.str[STRING_SSL_CAFILE]: "none", @@ -2021,9 +2022,9 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) lookup=X509_STORE_add_lookup(SSL_CTX_get_cert_store(connssl->ctx), X509_LOOKUP_file()); if(!lookup || - (!X509_load_crl_file(lookup,data->set.str[STRING_SSL_CRLFILE], + (!X509_load_crl_file(lookup, data->set.str[STRING_SSL_CRLFILE], X509_FILETYPE_PEM)) ) { - failf(data,"error loading CRL file: %s", + failf(data, "error loading CRL file: %s", data->set.str[STRING_SSL_CRLFILE]); return CURLE_SSL_CRL_BADFILE; } @@ -2051,7 +2052,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) result = (*data->set.ssl.fsslctx)(data, connssl->ctx, data->set.ssl.fsslctxp); if(result) { - failf(data,"error signaled by ssl ctx callback"); + failf(data, "error signaled by ssl ctx callback"); return result; } } @@ -2091,7 +2092,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) /* we got a session id, use it! */ if(!SSL_set_session(connssl->handle, ssl_sessionid)) { failf(data, "SSL: SSL_set_session failed: %s", - ERR_error_string(ERR_get_error(),NULL)); + ERR_error_string(ERR_get_error(), NULL)); return CURLE_SSL_CONNECT_ERROR; } /* Informational message */ @@ -2101,7 +2102,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) /* pass the raw socket into the SSL layers */ if(!SSL_set_fd(connssl->handle, (int)sockfd)) { failf(data, "SSL: SSL_set_fd failed: %s", - ERR_error_string(ERR_get_error(),NULL)); + ERR_error_string(ERR_get_error(), NULL)); return CURLE_SSL_CONNECT_ERROR; } @@ -2462,7 +2463,7 @@ static CURLcode get_cert_chain(struct connectdata *conn, num=X509_get_serialNumber(x); if(num->length <= 4) { value = ASN1_INTEGER_get(num); - infof(data," Serial Number: %ld (0x%lx)\n", value, value); + infof(data, " Serial Number: %ld (0x%lx)\n", value, value); snprintf(bufp, CERTBUFFERSIZE, "%lx", value); } else { @@ -2481,7 +2482,7 @@ static CURLcode get_cert_chain(struct connectdata *conn, left-=4; } if(num->length) - infof(data," Serial Number: %s\n", bufp); + infof(data, " Serial Number: %s\n", bufp); else bufp[0]=0; } @@ -2719,7 +2720,7 @@ static CURLcode servercert(struct connectdata *conn, fclose(fp); - if(X509_check_issued(issuer,connssl->server_cert) != X509_V_OK) { + if(X509_check_issued(issuer, connssl->server_cert) != X509_V_OK) { if(strict) failf(data, "SSL: Certificate issuer check failed (%s)", data->set.str[STRING_SSL_ISSUERCERT]); |