diff options
author | Matt Caswell <matt@openssl.org> | 2015-01-19 12:42:01 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-01-22 09:24:04 +0000 |
commit | bc2d623c0e8a8ae33218c61bcd6729aae23ae666 (patch) | |
tree | 26753d390c30ad76c63c5424927493f9425af5be /ssl | |
parent | c695ebe2a09cb7f9aaec3c435ab94d36a6d6aece (diff) |
Fix source where indent will not be able to cope
Conflicts:
apps/ciphers.c
ssl/s3_pkt.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/s23_srvr.c | 7 | ||||
-rw-r--r-- | ssl/s3_clnt.c | 8 | ||||
-rw-r--r-- | ssl/s3_enc.c | 3 | ||||
-rw-r--r-- | ssl/s3_srvr.c | 8 | ||||
-rw-r--r-- | ssl/ssl_sess.c | 3 | ||||
-rw-r--r-- | ssl/ssltest.c | 3 | ||||
-rw-r--r-- | ssl/t1_enc.c | 3 | ||||
-rw-r--r-- | ssl/t1_lib.c | 4 | ||||
-rw-r--r-- | ssl/tls1.h | 31 |
9 files changed, 49 insertions, 21 deletions
diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c index 5576a7dabc..512fc8f7fc 100644 --- a/ssl/s23_srvr.c +++ b/ssl/s23_srvr.c @@ -334,10 +334,11 @@ int ssl23_get_client_hello(SSL *s) } } + /* p[4] < 5 ... silly record length? */ else if ((p[0] == SSL3_RT_HANDSHAKE) && (p[1] == SSL3_VERSION_MAJOR) && (p[5] == SSL3_MT_CLIENT_HELLO) && - ((p[3] == 0 && p[4] < 5 /* silly record length? */) + ((p[3] == 0 && p[4] < 5) || (p[9] >= p[1]))) { /* @@ -485,8 +486,10 @@ int ssl23_get_client_hello(SSL *s) if (j <= 0) return(j); ssl3_finish_mac(s, s->packet+2, s->packet_length-2); + + /* CLIENT-HELLO */ if (s->msg_callback) - s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */ + s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg); p=s->packet; p+=5; diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 9d7e9529b8..e7f5a98ed0 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -885,7 +885,7 @@ int ssl3_get_server_hello(SSL *s) SSL3_ST_CR_SRVR_HELLO_A, SSL3_ST_CR_SRVR_HELLO_B, -1, - 20000, /* ?? */ + 20000, &ok); if (!ok) return((int)n); @@ -2423,11 +2423,12 @@ int ssl3_get_server_done(SSL *s) int ok,ret=0; long n; + /* Second to last param should be very small, like 0 :-) */ n=s->method->ssl_get_message(s, SSL3_ST_CR_SRVR_DONE_A, SSL3_ST_CR_SRVR_DONE_B, SSL3_MT_SERVER_DONE, - 30, /* should be very small, like 0 :-) */ + 30, &ok); if (!ok) return((int)n); @@ -3549,7 +3550,8 @@ int ssl3_check_cert_and_algorithm(SSL *s) { if (ssl_check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509, s) == 0) - { /* check failed */ + { + /* check failed */ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_BAD_ECC_CERT); goto f_err; } diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 1fbdd2b066..c3b0749238 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -797,13 +797,14 @@ int n_ssl3_mac(SSL *ssl, unsigned char *md, int send) header[j++] = rec->length >> 8; header[j++] = rec->length & 0xff; + /* Final param == is SSLv3 */ ssl3_cbc_digest_record( hash, md, &md_size, header, rec->input, rec->length + md_size, orig_len, mac_sec, md_size, - 1 /* is SSLv3 */); + 1); } else { diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 868ab197e6..3a168799f9 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1044,8 +1044,9 @@ int ssl3_get_client_hello(SSL *s) } /* else cookie verification succeeded */ } + /* default verification */ else if ( memcmp(s->d1->rcvd_cookie, s->d1->cookie, - s->d1->cookie_len) != 0) /* default verification */ + s->d1->cookie_len) != 0) { al=SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, @@ -2162,7 +2163,7 @@ int ssl3_get_client_key_exchange(SSL *s) SSL3_ST_SR_KEY_EXCH_A, SSL3_ST_SR_KEY_EXCH_B, SSL3_MT_CLIENT_KEY_EXCHANGE, - 2048, /* ??? */ + 2048, &ok); if (!ok) return((int)n); @@ -3605,11 +3606,12 @@ int ssl3_get_next_proto(SSL *s) return -1; } + /* See the payload format below */ n=s->method->ssl_get_message(s, SSL3_ST_SR_NEXT_PROTO_A, SSL3_ST_SR_NEXT_PROTO_B, SSL3_MT_NEXT_PROTO, - 514, /* See the payload format below */ + 514, &ok); if (!ok) diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 750e5b8c60..a8856209d0 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -473,7 +473,8 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len, try_session_cache = 0; #ifndef OPENSSL_NO_TLSEXT - r = tls1_process_ticket(s, session_id, len, limit, &ret); /* sets s->tlsext_ticket_expected */ + /* sets s->tlsext_ticket_expected */ + r = tls1_process_ticket(s, session_id, len, limit, &ret); switch (r) { case -1: /* Error during processing */ diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 8b57c3028e..5802ee1d30 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -2553,9 +2553,10 @@ static int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx) static void process_proxy_debug(int indent, const char *format, ...) { + /* That's 80 > */ static const char indentation[] = ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>" - ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */ + ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; char my_format[256]; va_list args; diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 306232aac0..f8e58355e1 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -1045,6 +1045,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) * timing-side channel information about how many blocks of * data we are hashing because that gives an attacker a * timing-oracle. */ + /* Final param == not SSLv3 */ ssl3_cbc_digest_record( mac_ctx, md, &md_size, @@ -1052,7 +1053,7 @@ int tls1_mac(SSL *ssl, unsigned char *md, int send) rec->length + md_size, orig_len, ssl->s3->read_mac_secret, ssl->s3->read_mac_secret_size, - 0 /* not SSLv3 */); + 0); } else { diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index b702de25c0..8b8c9cd71f 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -2283,8 +2283,10 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char if (s->s3->client_opaque_prf_input != NULL) /* shouldn't really happen */ OPENSSL_free(s->s3->client_opaque_prf_input); + + /* dummy byte just to get non-NULL */ if (s->s3->client_opaque_prf_input_len == 0) - s->s3->client_opaque_prf_input = OPENSSL_malloc(1); /* dummy byte just to get non-NULL */ + s->s3->client_opaque_prf_input = OPENSSL_malloc(1); else s->s3->client_opaque_prf_input = BUF_memdup(sdata, s->s3->client_opaque_prf_input_len); if (s->s3->client_opaque_prf_input == NULL) diff --git a/ssl/tls1.h b/ssl/tls1.h index 874479b820..910de40eed 100644 --- a/ssl/tls1.h +++ b/ssl/tls1.h @@ -740,21 +740,36 @@ SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb) #ifdef CHARSET_EBCDIC #undef TLS_MD_CLIENT_FINISH_CONST -#define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*client finished*/ +/*client finished*/ +#define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64" + #undef TLS_MD_SERVER_FINISH_CONST -#define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*server finished*/ +/*server finished*/ +#define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64" + #undef TLS_MD_SERVER_WRITE_KEY_CONST -#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/ +/*server write key*/ +#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" + #undef TLS_MD_KEY_EXPANSION_CONST -#define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e" /*key expansion*/ +/*key expansion*/ +#define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e" + #undef TLS_MD_CLIENT_WRITE_KEY_CONST -#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*client write key*/ +/*client write key*/ +#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" + #undef TLS_MD_SERVER_WRITE_KEY_CONST -#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/ +/*server write key*/ +#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" + #undef TLS_MD_IV_BLOCK_CONST -#define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b" /*IV block*/ +/*IV block*/ +#define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b" + #undef TLS_MD_MASTER_SECRET_CONST -#define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/ +/*master secret*/ +#define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" #endif /* TLS Session Ticket extension struct */ |