aboutsummaryrefslogtreecommitdiff
path: root/lib/vtls
diff options
context:
space:
mode:
Diffstat (limited to 'lib/vtls')
-rw-r--r--lib/vtls/cyassl.c4
-rw-r--r--lib/vtls/cyassl.h2
-rw-r--r--lib/vtls/gtls.c6
-rw-r--r--lib/vtls/nss.c6
-rw-r--r--lib/vtls/openssl.c37
5 files changed, 28 insertions, 27 deletions
diff --git a/lib/vtls/cyassl.c b/lib/vtls/cyassl.c
index fcacec8e6..cc29b0d10 100644
--- a/lib/vtls/cyassl.c
+++ b/lib/vtls/cyassl.c
@@ -140,7 +140,7 @@ cyassl_connect_step1(struct connectdata *conn,
data->set.str[STRING_SSL_CAPATH])) {
if(data->set.ssl.verifypeer) {
/* Fail if we insist on successfully verifying the server. */
- failf(data,"error setting certificate verify locations:\n"
+ failf(data, "error setting certificate verify locations:\n"
" CAfile: %s\n CApath: %s",
data->set.str[STRING_SSL_CAFILE]?
data->set.str[STRING_SSL_CAFILE]: "none",
@@ -214,7 +214,7 @@ cyassl_connect_step1(struct connectdata *conn,
/* we got a session id, use it! */
if(!SSL_set_session(conssl->handle, ssl_sessionid)) {
failf(data, "SSL: SSL_set_session failed: %s",
- ERR_error_string(SSL_get_error(conssl->handle, 0),NULL));
+ ERR_error_string(SSL_get_error(conssl->handle, 0), NULL));
return CURLE_SSL_CONNECT_ERROR;
}
/* Informational message */
diff --git a/lib/vtls/cyassl.h b/lib/vtls/cyassl.h
index 75d11cd50..b492ffa96 100644
--- a/lib/vtls/cyassl.h
+++ b/lib/vtls/cyassl.h
@@ -26,7 +26,7 @@
#ifdef USE_CYASSL
CURLcode Curl_cyassl_connect(struct connectdata *conn, int sockindex);
-bool Curl_cyassl_data_pending(const struct connectdata* conn,int connindex);
+bool Curl_cyassl_data_pending(const struct connectdata* conn, int connindex);
int Curl_cyassl_shutdown(struct connectdata* conn, int sockindex);
/* close a SSL connection */
diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c
index 439b6fff6..fbf4586e8 100644
--- a/lib/vtls/gtls.c
+++ b/lib/vtls/gtls.c
@@ -779,7 +779,7 @@ gtls_connect_step3(struct connectdata *conn,
unsigned int cert_list_size;
const gnutls_datum_t *chainp;
unsigned int verify_status;
- gnutls_x509_crt_t x509_cert,x509_issuer;
+ gnutls_x509_crt_t x509_cert, x509_issuer;
gnutls_datum_t issuerp;
char certbuf[256] = ""; /* big enough? */
size_t size;
@@ -897,7 +897,7 @@ gtls_connect_step3(struct connectdata *conn,
gnutls_x509_crt_init(&x509_issuer);
issuerp = load_file(data->set.ssl.issuercert);
gnutls_x509_crt_import(x509_issuer, &issuerp, GNUTLS_X509_FMT_PEM);
- rc = gnutls_x509_crt_check_issuer(x509_cert,x509_issuer);
+ rc = gnutls_x509_crt_check_issuer(x509_cert, x509_issuer);
gnutls_x509_crt_deinit(x509_issuer);
unload_file(issuerp);
if(rc <= 0) {
@@ -906,7 +906,7 @@ gtls_connect_step3(struct connectdata *conn,
gnutls_x509_crt_deinit(x509_cert);
return CURLE_SSL_ISSUER_ERROR;
}
- infof(data,"\t server certificate issuer check OK (Issuer Cert: %s)\n",
+ infof(data, "\t server certificate issuer check OK (Issuer Cert: %s)\n",
data->set.ssl.issuercert?data->set.ssl.issuercert:"none");
}
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index 82fab8597..ee22e9db3 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -861,7 +861,7 @@ static SECStatus BadCertHandler(void *arg, PRFileDesc *sock)
static SECStatus check_issuer_cert(PRFileDesc *sock,
char *issuer_nickname)
{
- CERTCertificate *cert,*cert_issuer,*issuer;
+ CERTCertificate *cert, *cert_issuer, *issuer;
SECStatus res=SECSuccess;
void *proto_win = NULL;
@@ -872,7 +872,7 @@ static SECStatus check_issuer_cert(PRFileDesc *sock,
*/
cert = SSL_PeerCertificate(sock);
- cert_issuer = CERT_FindCertIssuer(cert,PR_Now(),certUsageObjectSigner);
+ cert_issuer = CERT_FindCertIssuer(cert, PR_Now(), certUsageObjectSigner);
proto_win = SSL_RevealPinArg(sock);
issuer = PK11_FindCertFromNickname(issuer_nickname, proto_win);
@@ -1734,7 +1734,7 @@ static CURLcode nss_do_connect(struct connectdata *conn, int sockindex)
}
if(SECFailure == ret) {
- infof(data,"SSL certificate issuer check failed\n");
+ infof(data, "SSL certificate issuer check failed\n");
result = CURLE_SSL_ISSUER_ERROR;
goto error;
}
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 8a4a6a13d..f5610bb1e 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -484,7 +484,7 @@ int cert_stuff(struct connectdata *conn,
STACK_OF(X509) *ca = NULL;
int i;
- f = fopen(cert_file,"rb");
+ f = fopen(cert_file, "rb");
if(!f) {
failf(data, "could not open PKCS12 file '%s'", cert_file);
return 0;
@@ -605,7 +605,7 @@ int cert_stuff(struct connectdata *conn,
#endif
/* the typecast below was added to please mingw32 */
priv_key = (EVP_PKEY *)
- ENGINE_load_private_key(data->state.engine,key_file,
+ ENGINE_load_private_key(data->state.engine, key_file,
#ifdef HAVE_ENGINE_LOAD_FOUR_ARGS
ui_method,
#endif
@@ -647,7 +647,7 @@ int cert_stuff(struct connectdata *conn,
ssl=SSL_new(ctx);
if(!ssl) {
- failf(data,"unable to create an SSL structure");
+ failf(data, "unable to create an SSL structure");
return 0;
}
@@ -657,7 +657,7 @@ int cert_stuff(struct connectdata *conn,
leak memory as the previous version: */
if(x509) {
EVP_PKEY *pktmp = X509_get_pubkey(x509);
- EVP_PKEY_copy_parameters(pktmp,SSL_get_privatekey(ssl));
+ EVP_PKEY_copy_parameters(pktmp, SSL_get_privatekey(ssl));
EVP_PKEY_free(pktmp);
}
@@ -881,7 +881,7 @@ CURLcode Curl_ossl_set_engine_default(struct SessionHandle *data)
#ifdef HAVE_OPENSSL_ENGINE_H
if(data->state.engine) {
if(ENGINE_set_default(data->state.engine, ENGINE_METHOD_ALL) > 0) {
- infof(data,"set default crypto engine '%s'\n",
+ infof(data, "set default crypto engine '%s'\n",
ENGINE_get_id(data->state.engine));
}
else {
@@ -1070,7 +1070,7 @@ static int asn1_output(const ASN1_UTCTIME *tm,
const char *asn1_string;
int gmt=FALSE;
int i;
- int year=0,month=0,day=0,hour=0,minute=0,second=0;
+ int year=0, month=0, day=0, hour=0, minute=0, second=0;
i=tm->length;
asn1_string=(const char *)tm->data;
@@ -1229,7 +1229,7 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert)
else {
/* we have to look to the last occurrence of a commonName in the
distinguished one to get the most significant one. */
- int j,i=-1 ;
+ int j, i=-1;
/* The following is done because of a bug in 0.9.6b */
@@ -1246,7 +1246,8 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert)
UTF8 etc. */
if(i>=0) {
- ASN1_STRING *tmp = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i));
+ ASN1_STRING *tmp =
+ X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, i));
/* In OpenSSL 0.9.7d and earlier, ASN1_STRING_to_UTF8 fails if the input
is already UTF-8 encoded. We check for this case and copy the raw
@@ -1965,7 +1966,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
failf(data, "Unable to set SRP user name");
return CURLE_BAD_FUNCTION_ARGUMENT;
}
- if(!SSL_CTX_set_srp_password(connssl->ctx,data->set.ssl.password)) {
+ if(!SSL_CTX_set_srp_password(connssl->ctx, data->set.ssl.password)) {
failf(data, "failed setting SRP password");
return CURLE_BAD_FUNCTION_ARGUMENT;
}
@@ -1987,7 +1988,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
data->set.str[STRING_SSL_CAPATH])) {
if(data->set.ssl.verifypeer) {
/* Fail if we insist on successfully verifying the server. */
- failf(data,"error setting certificate verify locations:\n"
+ failf(data, "error setting certificate verify locations:\n"
" CAfile: %s\n CApath: %s",
data->set.str[STRING_SSL_CAFILE]?
data->set.str[STRING_SSL_CAFILE]: "none",
@@ -2021,9 +2022,9 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
lookup=X509_STORE_add_lookup(SSL_CTX_get_cert_store(connssl->ctx),
X509_LOOKUP_file());
if(!lookup ||
- (!X509_load_crl_file(lookup,data->set.str[STRING_SSL_CRLFILE],
+ (!X509_load_crl_file(lookup, data->set.str[STRING_SSL_CRLFILE],
X509_FILETYPE_PEM)) ) {
- failf(data,"error loading CRL file: %s",
+ failf(data, "error loading CRL file: %s",
data->set.str[STRING_SSL_CRLFILE]);
return CURLE_SSL_CRL_BADFILE;
}
@@ -2051,7 +2052,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
result = (*data->set.ssl.fsslctx)(data, connssl->ctx,
data->set.ssl.fsslctxp);
if(result) {
- failf(data,"error signaled by ssl ctx callback");
+ failf(data, "error signaled by ssl ctx callback");
return result;
}
}
@@ -2091,7 +2092,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
/* we got a session id, use it! */
if(!SSL_set_session(connssl->handle, ssl_sessionid)) {
failf(data, "SSL: SSL_set_session failed: %s",
- ERR_error_string(ERR_get_error(),NULL));
+ ERR_error_string(ERR_get_error(), NULL));
return CURLE_SSL_CONNECT_ERROR;
}
/* Informational message */
@@ -2101,7 +2102,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
/* pass the raw socket into the SSL layers */
if(!SSL_set_fd(connssl->handle, (int)sockfd)) {
failf(data, "SSL: SSL_set_fd failed: %s",
- ERR_error_string(ERR_get_error(),NULL));
+ ERR_error_string(ERR_get_error(), NULL));
return CURLE_SSL_CONNECT_ERROR;
}
@@ -2462,7 +2463,7 @@ static CURLcode get_cert_chain(struct connectdata *conn,
num=X509_get_serialNumber(x);
if(num->length <= 4) {
value = ASN1_INTEGER_get(num);
- infof(data," Serial Number: %ld (0x%lx)\n", value, value);
+ infof(data, " Serial Number: %ld (0x%lx)\n", value, value);
snprintf(bufp, CERTBUFFERSIZE, "%lx", value);
}
else {
@@ -2481,7 +2482,7 @@ static CURLcode get_cert_chain(struct connectdata *conn,
left-=4;
}
if(num->length)
- infof(data," Serial Number: %s\n", bufp);
+ infof(data, " Serial Number: %s\n", bufp);
else
bufp[0]=0;
}
@@ -2719,7 +2720,7 @@ static CURLcode servercert(struct connectdata *conn,
fclose(fp);
- if(X509_check_issued(issuer,connssl->server_cert) != X509_V_OK) {
+ if(X509_check_issued(issuer, connssl->server_cert) != X509_V_OK) {
if(strict)
failf(data, "SSL: Certificate issuer check failed (%s)",
data->set.str[STRING_SSL_ISSUERCERT]);