diff options
| author | Matt Caswell <matt@openssl.org> | 2015-01-19 12:42:01 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2015-01-22 09:49:13 +0000 |
| commit | 00ea17f9d76aec3d7a44cff263e74291b6294ac9 (patch) | |
| tree | 76705fd033e07ab4273fc318f6d4a8eb6c70eeb8 | |
| parent | 3e8042c38f3a4be8933b0f773fd1e79f50e12e56 (diff) | |
Fix source where indent will not be able to cope
Conflicts:
apps/ciphers.c
ssl/s3_pkt.c
Conflicts:
crypto/ec/ec_curve.c
Conflicts:
crypto/ec/ec_curve.c
ssl/s3_clnt.c
ssl/s3_srvr.c
ssl/ssl_sess.c
Conflicts:
apps/ciphers.c
crypto/bn/bn.h
crypto/ec/ec_curve.c
ssl/t1_enc.c
ssl/t1_lib.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
| -rw-r--r-- | apps/s_client.c | 3 | ||||
| -rw-r--r-- | apps/s_time.c | 3 | ||||
| -rw-r--r-- | crypto/bn/bn.h | 50 | ||||
| -rw-r--r-- | crypto/dh/dh.h | 4 | ||||
| -rw-r--r-- | demos/easy_tls/easy-tls.c | 3 | ||||
| -rw-r--r-- | ssl/s23_srvr.c | 7 | ||||
| -rw-r--r-- | ssl/s3_clnt.c | 8 | ||||
| -rw-r--r-- | ssl/s3_enc.c | 3 | ||||
| -rw-r--r-- | ssl/s3_srvr.c | 5 | ||||
| -rw-r--r-- | ssl/ssltest.c | 3 | ||||
| -rw-r--r-- | ssl/t1_enc.c | 4 | ||||
| -rw-r--r-- | ssl/tls1.h | 31 |
12 files changed, 85 insertions, 39 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index c8cf1c6aca..857d5189b5 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -159,7 +159,8 @@ typedef unsigned int u_int; /*#define SSL_HOST_NAME "193.118.187.102" */ #define SSL_HOST_NAME "localhost" -/*#define TEST_CERT "client.pem" */ /* no default cert. */ +/* no default cert. */ +/*#define TEST_CERT "client.pem" */ #undef BUFSIZZ #define BUFSIZZ 1024*8 diff --git a/apps/s_time.c b/apps/s_time.c index 957378f1dd..926c5b75e4 100644 --- a/apps/s_time.c +++ b/apps/s_time.c @@ -141,7 +141,8 @@ #define SSL_CONNECT_NAME "localhost:4433" -/*#define TEST_CERT "client.pem" */ /* no default cert. */ +/* no default cert. */ +/*#define TEST_CERT "client.pem" */ #undef BUFSIZZ #define BUFSIZZ 1024*10 diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h index b0de1cb41f..2062da202e 100644 --- a/crypto/bn/bn.h +++ b/crypto/bn/bn.h @@ -604,23 +604,32 @@ int BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, * be expanded to the appropriate size if needed. */ -int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); /*r = a + b*/ +/*r = a + b*/ +int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); #define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b) -int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p); /*r=a mod p*/ +/*r=a mod p*/ +int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p); +/* r = (a * b) mod p */ int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const BIGNUM *p, BN_CTX *ctx); /* r = (a * b) mod p */ + const BIGNUM *p, BN_CTX *ctx); +/* r = (a * a) mod p */ int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - BN_CTX *ctx); /* r = (a * a) mod p */ + BN_CTX *ctx); +/* r = (1 / b) mod p */ int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p, - BN_CTX *ctx); /* r = (1 / b) mod p */ + BN_CTX *ctx); +/* r = (a / b) mod p */ int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const BIGNUM *p, BN_CTX *ctx); /* r = (a / b) mod p */ + const BIGNUM *p, BN_CTX *ctx); +/* r = (a ^ b) mod p */ int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const BIGNUM *p, BN_CTX *ctx); /* r = (a ^ b) mod p */ + const BIGNUM *p, BN_CTX *ctx); +/* r = sqrt(a) mod p */ int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - BN_CTX *ctx); /* r = sqrt(a) mod p */ + BN_CTX *ctx); +/* r^2 + r = a mod p */ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, - BN_CTX *ctx); /* r^2 + r = a mod p */ + BN_CTX *ctx); #define BN_GF2m_cmp(a, b) BN_ucmp((a), (b)) /*- * Some functions allow for representation of the irreducible polynomials @@ -628,22 +637,29 @@ int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, * t^p[0] + t^p[1] + ... + t^p[k] * where m = p[0] > p[1] > ... > p[k] = 0. */ +/* r = a mod p */ int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[]); - /* r = a mod p */ +/* r = (a * b) mod p */ int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const unsigned int p[], BN_CTX *ctx); /* r = (a * b) mod p */ + const unsigned int p[], BN_CTX *ctx); +/* r = (a * a) mod p */ int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[], - BN_CTX *ctx); /* r = (a * a) mod p */ + BN_CTX *ctx); +/* r = (1 / b) mod p */ int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const unsigned int p[], - BN_CTX *ctx); /* r = (1 / b) mod p */ + BN_CTX *ctx); +/* r = (a / b) mod p */ int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const unsigned int p[], BN_CTX *ctx); /* r = (a / b) mod p */ + const unsigned int p[], BN_CTX *ctx); +/* r = (a ^ b) mod p */ int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, - const unsigned int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */ + const unsigned int p[], BN_CTX *ctx); +/* r = sqrt(a) mod p */ int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, - const unsigned int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */ + const unsigned int p[], BN_CTX *ctx); +/* r^2 + r = a mod p */ int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a, - const unsigned int p[], BN_CTX *ctx); /* r^2 + r = a mod p */ + const unsigned int p[], BN_CTX *ctx); int BN_GF2m_poly2arr(const BIGNUM *a, unsigned int p[], int max); int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a); diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h index 10475ac4b3..1c687054a5 100644 --- a/crypto/dh/dh.h +++ b/crypto/dh/dh.h @@ -102,9 +102,11 @@ struct dh_method /* Methods here */ int (*generate_key)(DH *dh); int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh); + + /* Can be null */ int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, - BN_MONT_CTX *m_ctx); /* Can be null */ + BN_MONT_CTX *m_ctx); int (*init)(DH *dh); int (*finish)(DH *dh); diff --git a/demos/easy_tls/easy-tls.c b/demos/easy_tls/easy-tls.c index 64090c41ca..b433036715 100644 --- a/demos/easy_tls/easy-tls.c +++ b/demos/easy_tls/easy-tls.c @@ -809,8 +809,9 @@ max(int a, int b) return a > b ? a : b; } +/* timeout, -1 means no timeout */ static void -tls_sockets_select(int read_select_1, int read_select_2, int write_select_1, int write_select_2, int seconds /* timeout, -1 means no timeout */) +tls_sockets_select(int read_select_1, int read_select_2, int write_select_1, int write_select_2, int seconds) { int maxfd, n; fd_set reads, writes; diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c index 25e1422520..77c27335aa 100644 --- a/ssl/s23_srvr.c +++ b/ssl/s23_srvr.c @@ -313,10 +313,11 @@ int ssl23_get_client_hello(SSL *s) } } + /* p[4] < 5 ... silly record length? */ else if ((p[0] == SSL3_RT_HANDSHAKE) && (p[1] == SSL3_VERSION_MAJOR) && (p[5] == SSL3_MT_CLIENT_HELLO) && - ((p[3] == 0 && p[4] < 5 /* silly record length? */) + ((p[3] == 0 && p[4] < 5) || (p[9] >= p[1]))) { /* @@ -445,8 +446,10 @@ int ssl23_get_client_hello(SSL *s) if (j <= 0) return(j); ssl3_finish_mac(s, s->packet+2, s->packet_length-2); + + /* CLIENT-HELLO */ if (s->msg_callback) - s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */ + s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg); p=s->packet; p+=5; diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 68e237a2ad..ff26321a10 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -712,7 +712,7 @@ int ssl3_get_server_hello(SSL *s) SSL3_ST_CR_SRVR_HELLO_A, SSL3_ST_CR_SRVR_HELLO_B, -1, - 20000, /* ?? */ + 20000, &ok); if (!ok) return((int)n); @@ -1932,11 +1932,12 @@ int ssl3_get_server_done(SSL *s) int ok,ret=0; long n; + /* Second to last param should be very small, like 0 :-) */ n=s->method->ssl_get_message(s, SSL3_ST_CR_SRVR_DONE_A, SSL3_ST_CR_SRVR_DONE_B, SSL3_MT_SERVER_DONE, - 30, /* should be very small, like 0 :-) */ + 30, &ok); if (!ok) return((int)n); @@ -2680,7 +2681,8 @@ int ssl3_check_cert_and_algorithm(SSL *s) { if (check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509, s->s3->tmp.new_cipher) == 0) - { /* check failed */ + { + /* check failed */ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_BAD_ECC_CERT); goto f_err; } diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 03951a655b..59e085fd59 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -639,13 +639,14 @@ int ssl3_mac(SSL *ssl, unsigned char *md, int send) header[j++] = rec->length >> 8; header[j++] = rec->length & 0xff; + /* Final param == is SSLv3 */ ssl3_cbc_digest_record( hash, md, &md_size, header, rec->input, rec->length + md_size, orig_len, mac_sec, md_size, - 1 /* is SSLv3 */); + 1); } else { diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 06485c9af8..38ba566320 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -873,8 +873,9 @@ int ssl3_get_client_hello(SSL *s) } /* else cookie verification succeeded */ } + /* default verification */ else if ( memcmp(s->d1->rcvd_cookie, s->d1->cookie, - s->d1->cookie_len) != 0) /* default verification */ + s->d1->cookie_len) != 0) { al=SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, @@ -1807,7 +1808,7 @@ int ssl3_get_client_key_exchange(SSL *s) SSL3_ST_SR_KEY_EXCH_A, SSL3_ST_SR_KEY_EXCH_B, SSL3_MT_CLIENT_KEY_EXCHANGE, - 2048, /* ??? */ + 2048, &ok); if (!ok) return((int)n); diff --git a/ssl/ssltest.c b/ssl/ssltest.c index f5e752b7d8..020b576b3d 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -1797,9 +1797,10 @@ static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) static void process_proxy_debug(int indent, const char *format, ...) { + /* That's 80 > */ static const char indentation[] = ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" - ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */ + ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; char my_format[256]; va_list args; diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index b884957d49..a1df6af7d9 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -746,6 +746,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) * timing-side channel information about how many blocks of * data we are hashing because that gives an attacker a * timing-oracle. */ + /* Final param == not SSLv3 */ ssl3_cbc_digest_record( hash, md, &md_size, @@ -753,7 +754,8 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) rec->length + md_size, orig_len, ssl->s3->read_mac_secret, EVP_MD_size(ssl->read_hash), - 0 /* not SSLv3 */); + /* not SSLv3 */ + 0); } else { diff --git a/ssl/tls1.h b/ssl/tls1.h index d6f5aeee2c..2b2c7aa8ad 100644 --- a/ssl/tls1.h +++ b/ssl/tls1.h @@ -406,21 +406,36 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) #ifdef CHARSET_EBCDIC #undef TLS_MD_CLIENT_FINISH_CONST -#define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*client finished*/ +/*client finished*/ +#define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64" + #undef TLS_MD_SERVER_FINISH_CONST -#define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*server finished*/ +/*server finished*/ +#define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64" + #undef TLS_MD_SERVER_WRITE_KEY_CONST -#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/ +/*server write key*/ +#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" + #undef TLS_MD_KEY_EXPANSION_CONST -#define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e" /*key expansion*/ +/*key expansion*/ +#define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e" + #undef TLS_MD_CLIENT_WRITE_KEY_CONST -#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*client write key*/ +/*client write key*/ +#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" + #undef TLS_MD_SERVER_WRITE_KEY_CONST -#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/ +/*server write key*/ +#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" + #undef TLS_MD_IV_BLOCK_CONST -#define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b" /*IV block*/ +/*IV block*/ +#define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b" + #undef TLS_MD_MASTER_SECRET_CONST -#define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ +/*master secret*/ +#define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" #endif #ifdef __cplusplus |