summaryrefslogtreecommitdiffstats
path: root/lib/libssl/src
diff options
context:
space:
mode:
authorjsing <jsing@openbsd.org>2014-04-14 14:59:47 +0000
committerjsing <jsing@openbsd.org>2014-04-14 14:59:47 +0000
commit7c408a0868fbcc7733ea48d1a7de8769964192b6 (patch)
treea714d5f1a8a4f05018ffe886ad8f0b9e5369d092 /lib/libssl/src
parentRemove the CAPI engine: It is a backend for the Windows CryptoAPI and (diff)
downloadwireguard-openbsd-7c408a0868fbcc7733ea48d1a7de8769964192b6.tar.xz
wireguard-openbsd-7c408a0868fbcc7733ea48d1a7de8769964192b6.zip
First pass at applying KNF to the OpenSSL code, which almost makes it
readable. This pass is whitespace only and can readily be verified using tr and md5.
Diffstat (limited to 'lib/libssl/src')
-rw-r--r--lib/libssl/src/ssl/LPdir_unix.c102
-rw-r--r--lib/libssl/src/ssl/bio_ssl.c545
-rw-r--r--lib/libssl/src/ssl/tls_srp.c388
3 files changed, 514 insertions, 521 deletions
diff --git a/lib/libssl/src/ssl/LPdir_unix.c b/lib/libssl/src/ssl/LPdir_unix.c
index b004cd99e8a..000a1bd8193 100644
--- a/lib/libssl/src/ssl/LPdir_unix.c
+++ b/lib/libssl/src/ssl/LPdir_unix.c
@@ -56,72 +56,66 @@
# define LP_ENTRY_SIZE 255
#endif
-struct LP_dir_context_st
-{
- DIR *dir;
- char entry_name[LP_ENTRY_SIZE+1];
+struct LP_dir_context_st {
+ DIR *dir;
+ char entry_name[LP_ENTRY_SIZE + 1];
};
-const char *LP_find_file(LP_DIR_CTX **ctx, const char *directory)
+const char
+*LP_find_file(LP_DIR_CTX **ctx, const char *directory)
{
- struct dirent *direntry = NULL;
-
- if (ctx == NULL || directory == NULL)
- {
- errno = EINVAL;
- return 0;
- }
+ struct dirent *direntry = NULL;
- errno = 0;
- if (*ctx == NULL)
- {
- *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
- if (*ctx == NULL)
- {
- errno = ENOMEM;
- return 0;
+ if (ctx == NULL || directory == NULL) {
+ errno = EINVAL;
+ return 0;
}
- memset(*ctx, '\0', sizeof(LP_DIR_CTX));
- (*ctx)->dir = opendir(directory);
- if ((*ctx)->dir == NULL)
- {
- int save_errno = errno; /* Probably not needed, but I'm paranoid */
- free(*ctx);
- *ctx = NULL;
- errno = save_errno;
- return 0;
+ errno = 0;
+ if (*ctx == NULL) {
+ *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX));
+ if (*ctx == NULL) {
+ errno = ENOMEM;
+ return 0;
+ }
+ memset(*ctx, '\0', sizeof(LP_DIR_CTX));
+
+ (*ctx)->dir = opendir(directory);
+ if ((*ctx)->dir == NULL) {
+ int save_errno = errno; /* Probably not needed, but I'm paranoid */
+ free(*ctx);
+ *ctx = NULL;
+ errno = save_errno;
+ return 0;
+ }
}
- }
- direntry = readdir((*ctx)->dir);
- if (direntry == NULL)
- {
- return 0;
- }
+ direntry = readdir((*ctx)->dir);
+ if (direntry == NULL) {
+ return 0;
+ }
- strncpy((*ctx)->entry_name, direntry->d_name, sizeof((*ctx)->entry_name) - 1);
- (*ctx)->entry_name[sizeof((*ctx)->entry_name) - 1] = '\0';
- return (*ctx)->entry_name;
+ strncpy((*ctx)->entry_name, direntry->d_name, sizeof((*ctx)->entry_name) - 1);
+ (*ctx)->entry_name[sizeof((*ctx)->entry_name) - 1] = '\0';
+ return (*ctx)->entry_name;
}
-int LP_find_file_end(LP_DIR_CTX **ctx)
+int
+LP_find_file_end(LP_DIR_CTX **ctx)
{
- if (ctx != NULL && *ctx != NULL)
- {
- int ret = closedir((*ctx)->dir);
+ if (ctx != NULL && *ctx != NULL) {
+ int ret = closedir((*ctx)->dir);
- free(*ctx);
- switch (ret)
- {
- case 0:
- return 1;
- case -1:
- return 0;
- default:
- break;
+ free(*ctx);
+ switch (ret) {
+ case 0:
+ return 1;
+ case -1:
+ return 0;
+ default:
+ break;
+ }
}
- }
- errno = EINVAL;
- return 0;
+ errno = EINVAL;
+ return 0;
}
diff --git a/lib/libssl/src/ssl/bio_ssl.c b/lib/libssl/src/ssl/bio_ssl.c
index e9552caee2a..65077aaa00d 100644
--- a/lib/libssl/src/ssl/bio_ssl.c
+++ b/lib/libssl/src/ssl/bio_ssl.c
@@ -72,8 +72,7 @@ static long ssl_ctrl(BIO *h, int cmd, long arg1, void *arg2);
static int ssl_new(BIO *h);
static int ssl_free(BIO *data);
static long ssl_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
-typedef struct bio_ssl_st
- {
+typedef struct bio_ssl_st {
SSL *ssl; /* The ssl handle :-) */
/* re-negotiate every time the total number of bytes is this size */
int num_renegotiates;
@@ -81,11 +80,10 @@ typedef struct bio_ssl_st
unsigned long byte_count;
unsigned long renegotiate_timeout;
unsigned long last_time;
- } BIO_SSL;
+} BIO_SSL;
-static BIO_METHOD methods_sslp=
- {
- BIO_TYPE_SSL,"ssl",
+static BIO_METHOD methods_sslp = {
+ BIO_TYPE_SSL, "ssl",
ssl_write,
ssl_read,
ssl_puts,
@@ -94,106 +92,105 @@ static BIO_METHOD methods_sslp=
ssl_new,
ssl_free,
ssl_callback_ctrl,
- };
+};
-BIO_METHOD *BIO_f_ssl(void)
- {
- return(&methods_sslp);
- }
+BIO_METHOD
+*BIO_f_ssl(void)
+{
+ return (&methods_sslp);
+}
-static int ssl_new(BIO *bi)
- {
+static int
+ssl_new(BIO *bi)
+{
BIO_SSL *bs;
- bs=(BIO_SSL *)OPENSSL_malloc(sizeof(BIO_SSL));
- if (bs == NULL)
- {
- BIOerr(BIO_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
- return(0);
- }
- memset(bs,0,sizeof(BIO_SSL));
- bi->init=0;
- bi->ptr=(char *)bs;
- bi->flags=0;
- return(1);
+ bs = (BIO_SSL *)OPENSSL_malloc(sizeof(BIO_SSL));
+ if (bs == NULL) {
+ BIOerr(BIO_F_SSL_NEW, ERR_R_MALLOC_FAILURE);
+ return (0);
}
-
-static int ssl_free(BIO *a)
- {
+ memset(bs, 0, sizeof(BIO_SSL));
+ bi->init = 0;
+ bi->ptr = (char *)bs;
+ bi->flags = 0;
+ return (1);
+}
+
+static int
+ssl_free(BIO *a)
+{
BIO_SSL *bs;
- if (a == NULL) return(0);
- bs=(BIO_SSL *)a->ptr;
- if (bs->ssl != NULL) SSL_shutdown(bs->ssl);
- if (a->shutdown)
- {
+ if (a == NULL)
+ return (0);
+ bs = (BIO_SSL *)a->ptr;
+ if (bs->ssl != NULL)
+ SSL_shutdown(bs->ssl);
+ if (a->shutdown) {
if (a->init && (bs->ssl != NULL))
SSL_free(bs->ssl);
- a->init=0;
- a->flags=0;
- }
+ a->init = 0;
+ a->flags = 0;
+ }
if (a->ptr != NULL)
OPENSSL_free(a->ptr);
- return(1);
- }
-
-static int ssl_read(BIO *b, char *out, int outl)
- {
- int ret=1;
+ return (1);
+}
+
+static int
+ssl_read(BIO *b, char *out, int outl)
+{
+ int ret = 1;
BIO_SSL *sb;
SSL *ssl;
- int retry_reason=0;
- int r=0;
+ int retry_reason = 0;
+ int r = 0;
- if (out == NULL) return(0);
- sb=(BIO_SSL *)b->ptr;
- ssl=sb->ssl;
+ if (out == NULL)
+ return (0);
+ sb = (BIO_SSL *)b->ptr;
+ ssl = sb->ssl;
BIO_clear_retry_flags(b);
#if 0
- if (!SSL_is_init_finished(ssl))
- {
+ if (!SSL_is_init_finished(ssl)) {
/* ret=SSL_do_handshake(ssl); */
- if (ret > 0)
- {
+ if (ret > 0) {
- outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
- ret= -1;
+ outflags = (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
+ ret = -1;
goto end;
- }
}
+ }
#endif
/* if (ret > 0) */
- ret=SSL_read(ssl,out,outl);
+ ret = SSL_read(ssl, out, outl);
- switch (SSL_get_error(ssl,ret))
- {
+ switch (SSL_get_error(ssl, ret)) {
case SSL_ERROR_NONE:
- if (ret <= 0) break;
- if (sb->renegotiate_count > 0)
- {
- sb->byte_count+=ret;
- if (sb->byte_count > sb->renegotiate_count)
- {
- sb->byte_count=0;
+ if (ret <= 0)
+ break;
+ if (sb->renegotiate_count > 0) {
+ sb->byte_count += ret;
+ if (sb->byte_count > sb->renegotiate_count) {
+ sb->byte_count = 0;
sb->num_renegotiates++;
SSL_renegotiate(ssl);
- r=1;
- }
+ r = 1;
}
- if ((sb->renegotiate_timeout > 0) && (!r))
- {
+ }
+ if ((sb->renegotiate_timeout > 0) && (!r)) {
unsigned long tm;
- tm=(unsigned long)time(NULL);
- if (tm > sb->last_time+sb->renegotiate_timeout)
- {
- sb->last_time=tm;
+ tm = (unsigned long)time(NULL);
+ if (tm > sb->last_time + sb->renegotiate_timeout) {
+ sb->last_time = tm;
sb->num_renegotiates++;
SSL_renegotiate(ssl);
- }
}
+ }
break;
case SSL_ERROR_WANT_READ:
@@ -204,71 +201,69 @@ static int ssl_read(BIO *b, char *out, int outl)
break;
case SSL_ERROR_WANT_X509_LOOKUP:
BIO_set_retry_special(b);
- retry_reason=BIO_RR_SSL_X509_LOOKUP;
+ retry_reason = BIO_RR_SSL_X509_LOOKUP;
break;
case SSL_ERROR_WANT_ACCEPT:
BIO_set_retry_special(b);
- retry_reason=BIO_RR_ACCEPT;
+ retry_reason = BIO_RR_ACCEPT;
break;
case SSL_ERROR_WANT_CONNECT:
BIO_set_retry_special(b);
- retry_reason=BIO_RR_CONNECT;
+ retry_reason = BIO_RR_CONNECT;
break;
case SSL_ERROR_SYSCALL:
case SSL_ERROR_SSL:
case SSL_ERROR_ZERO_RETURN:
default:
break;
- }
-
- b->retry_reason=retry_reason;
- return(ret);
}
-static int ssl_write(BIO *b, const char *out, int outl)
- {
- int ret,r=0;
- int retry_reason=0;
+ b->retry_reason = retry_reason;
+ return (ret);
+}
+
+static int
+ssl_write(BIO *b, const char *out, int outl)
+{
+ int ret, r = 0;
+ int retry_reason = 0;
SSL *ssl;
BIO_SSL *bs;
- if (out == NULL) return(0);
- bs=(BIO_SSL *)b->ptr;
- ssl=bs->ssl;
+ if (out == NULL)
+ return (0);
+ bs = (BIO_SSL *)b->ptr;
+ ssl = bs->ssl;
BIO_clear_retry_flags(b);
/* ret=SSL_do_handshake(ssl);
if (ret > 0) */
- ret=SSL_write(ssl,out,outl);
+ ret = SSL_write(ssl, out, outl);
- switch (SSL_get_error(ssl,ret))
- {
+ switch (SSL_get_error(ssl, ret)) {
case SSL_ERROR_NONE:
- if (ret <= 0) break;
- if (bs->renegotiate_count > 0)
- {
- bs->byte_count+=ret;
- if (bs->byte_count > bs->renegotiate_count)
- {
- bs->byte_count=0;
+ if (ret <= 0)
+ break;
+ if (bs->renegotiate_count > 0) {
+ bs->byte_count += ret;
+ if (bs->byte_count > bs->renegotiate_count) {
+ bs->byte_count = 0;
bs->num_renegotiates++;
SSL_renegotiate(ssl);
- r=1;
- }
+ r = 1;
}
- if ((bs->renegotiate_timeout > 0) && (!r))
- {
+ }
+ if ((bs->renegotiate_timeout > 0) && (!r)) {
unsigned long tm;
- tm=(unsigned long)time(NULL);
- if (tm > bs->last_time+bs->renegotiate_timeout)
- {
- bs->last_time=tm;
+ tm = (unsigned long)time(NULL);
+ if (tm > bs->last_time + bs->renegotiate_timeout) {
+ bs->last_time = tm;
bs->num_renegotiates++;
SSL_renegotiate(ssl);
- }
}
+ }
break;
case SSL_ERROR_WANT_WRITE:
BIO_set_retry_write(b);
@@ -278,34 +273,34 @@ static int ssl_write(BIO *b, const char *out, int outl)
break;
case SSL_ERROR_WANT_X509_LOOKUP:
BIO_set_retry_special(b);
- retry_reason=BIO_RR_SSL_X509_LOOKUP;
+ retry_reason = BIO_RR_SSL_X509_LOOKUP;
break;
case SSL_ERROR_WANT_CONNECT:
BIO_set_retry_special(b);
- retry_reason=BIO_RR_CONNECT;
+ retry_reason = BIO_RR_CONNECT;
case SSL_ERROR_SYSCALL:
case SSL_ERROR_SSL:
default:
break;
- }
-
- b->retry_reason=retry_reason;
- return(ret);
}
-static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
- {
- SSL **sslp,*ssl;
+ b->retry_reason = retry_reason;
+ return (ret);
+}
+
+static long
+ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+ SSL **sslp, *ssl;
BIO_SSL *bs;
- BIO *dbio,*bio;
- long ret=1;
+ BIO *dbio, *bio;
+ long ret = 1;
- bs=(BIO_SSL *)b->ptr;
- ssl=bs->ssl;
+ bs = (BIO_SSL *)b->ptr;
+ ssl = bs->ssl;
if ((ssl == NULL) && (cmd != BIO_C_SET_SSL))
- return(0);
- switch (cmd)
- {
+ return (0);
+ switch (cmd) {
case BIO_CTRL_RESET:
SSL_shutdown(ssl);
@@ -317,14 +312,14 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
SSL_clear(ssl);
if (b->next_bio != NULL)
- ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ ret = BIO_ctrl(b->next_bio, cmd, num, ptr);
else if (ssl->rbio != NULL)
- ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
+ ret = BIO_ctrl(ssl->rbio, cmd, num, ptr);
else
- ret=1;
+ ret = 1;
break;
case BIO_CTRL_INFO:
- ret=0;
+ ret = 0;
break;
case BIO_C_SSL_MODE:
if (num) /* client mode */
@@ -333,273 +328,273 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
SSL_set_accept_state(ssl);
break;
case BIO_C_SET_SSL_RENEGOTIATE_TIMEOUT:
- ret=bs->renegotiate_timeout;
- if (num < 60) num=5;
- bs->renegotiate_timeout=(unsigned long)num;
- bs->last_time=(unsigned long)time(NULL);
+ ret = bs->renegotiate_timeout;
+ if (num < 60)
+ num = 5;
+ bs->renegotiate_timeout = (unsigned long)num;
+ bs->last_time = (unsigned long)time(NULL);
break;
case BIO_C_SET_SSL_RENEGOTIATE_BYTES:
- ret=bs->renegotiate_count;
+ ret = bs->renegotiate_count;
if ((long)num >=512)
- bs->renegotiate_count=(unsigned long)num;
+ bs->renegotiate_count = (unsigned long)num;
break;
case BIO_C_GET_SSL_NUM_RENEGOTIATES:
- ret=bs->num_renegotiates;
+ ret = bs->num_renegotiates;
break;
case BIO_C_SET_SSL:
- if (ssl != NULL)
- {
+ if (ssl != NULL) {
ssl_free(b);
if (!ssl_new(b))
return 0;
- }
- b->shutdown=(int)num;
- ssl=(SSL *)ptr;
- ((BIO_SSL *)b->ptr)->ssl=ssl;
- bio=SSL_get_rbio(ssl);
- if (bio != NULL)
- {
+ }
+ b->shutdown = (int)num;
+ ssl = (SSL *)ptr;
+ ((BIO_SSL *)b->ptr)->ssl = ssl;
+ bio = SSL_get_rbio(ssl);
+ if (bio != NULL) {
if (b->next_bio != NULL)
- BIO_push(bio,b->next_bio);
- b->next_bio=bio;
- CRYPTO_add(&bio->references,1,CRYPTO_LOCK_BIO);
- }
- b->init=1;
+ BIO_push(bio, b->next_bio);
+ b->next_bio = bio;
+ CRYPTO_add(&bio->references, 1, CRYPTO_LOCK_BIO);
+ }
+ b->init = 1;
break;
case BIO_C_GET_SSL:
- if (ptr != NULL)
- {
- sslp=(SSL **)ptr;
- *sslp=ssl;
- }
- else
- ret=0;
+ if (ptr != NULL) {
+ sslp = (SSL **)ptr;
+ *sslp = ssl;
+ } else
+ ret = 0;
break;
case BIO_CTRL_GET_CLOSE:
- ret=b->shutdown;
+ ret = b->shutdown;
break;
case BIO_CTRL_SET_CLOSE:
- b->shutdown=(int)num;
+ b->shutdown = (int)num;
break;
case BIO_CTRL_WPENDING:
- ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
+ ret = BIO_ctrl(ssl->wbio, cmd, num, ptr);
break;
case BIO_CTRL_PENDING:
- ret=SSL_pending(ssl);
+ ret = SSL_pending(ssl);
if (ret == 0)
- ret=BIO_pending(ssl->rbio);
+ ret = BIO_pending(ssl->rbio);
break;
case BIO_CTRL_FLUSH:
BIO_clear_retry_flags(b);
- ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
+ ret = BIO_ctrl(ssl->wbio, cmd, num, ptr);
BIO_copy_next_retry(b);
break;
case BIO_CTRL_PUSH:
- if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio))
- {
- SSL_set_bio(ssl,b->next_bio,b->next_bio);
- CRYPTO_add(&b->next_bio->references,1,CRYPTO_LOCK_BIO);
- }
+ if ((b->next_bio != NULL) && (b->next_bio != ssl->rbio)) {
+ SSL_set_bio(ssl, b->next_bio, b->next_bio);
+ CRYPTO_add(&b->next_bio->references, 1, CRYPTO_LOCK_BIO);
+ }
break;
case BIO_CTRL_POP:
/* Only detach if we are the BIO explicitly being popped */
- if (b == ptr)
- {
+ if (b == ptr) {
/* Shouldn't happen in practice because the
* rbio and wbio are the same when pushed.
*/
if (ssl->rbio != ssl->wbio)
BIO_free_all(ssl->wbio);
if (b->next_bio != NULL)
- CRYPTO_add(&b->next_bio->references,-1,CRYPTO_LOCK_BIO);
- ssl->wbio=NULL;
- ssl->rbio=NULL;
- }
+ CRYPTO_add(&b->next_bio->references, -1, CRYPTO_LOCK_BIO);
+ ssl->wbio = NULL;
+ ssl->rbio = NULL;
+ }
break;
case BIO_C_DO_STATE_MACHINE:
BIO_clear_retry_flags(b);
- b->retry_reason=0;
- ret=(int)SSL_do_handshake(ssl);
+ b->retry_reason = 0;
+ ret = (int)SSL_do_handshake(ssl);
- switch (SSL_get_error(ssl,(int)ret))
- {
+ switch (SSL_get_error(ssl,(int)ret)) {
case SSL_ERROR_WANT_READ:
BIO_set_flags(b,
- BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
+ BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
break;
case SSL_ERROR_WANT_WRITE:
BIO_set_flags(b,
- BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
+ BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
break;
case SSL_ERROR_WANT_CONNECT:
BIO_set_flags(b,
- BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
- b->retry_reason=b->next_bio->retry_reason;
+ BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
+ b->retry_reason = b->next_bio->retry_reason;
break;
default:
break;
- }
+ }
break;
case BIO_CTRL_DUP:
- dbio=(BIO *)ptr;
+ dbio = (BIO *)ptr;
if (((BIO_SSL *)dbio->ptr)->ssl != NULL)
SSL_free(((BIO_SSL *)dbio->ptr)->ssl);
- ((BIO_SSL *)dbio->ptr)->ssl=SSL_dup(ssl);
- ((BIO_SSL *)dbio->ptr)->renegotiate_count=
- ((BIO_SSL *)b->ptr)->renegotiate_count;
- ((BIO_SSL *)dbio->ptr)->byte_count=
- ((BIO_SSL *)b->ptr)->byte_count;
- ((BIO_SSL *)dbio->ptr)->renegotiate_timeout=
- ((BIO_SSL *)b->ptr)->renegotiate_timeout;
- ((BIO_SSL *)dbio->ptr)->last_time=
- ((BIO_SSL *)b->ptr)->last_time;
- ret=(((BIO_SSL *)dbio->ptr)->ssl != NULL);
+ ((BIO_SSL *)dbio->ptr)->ssl = SSL_dup(ssl);
+ ((BIO_SSL *)dbio->ptr)->renegotiate_count =
+ ((BIO_SSL *)b->ptr)->renegotiate_count;
+ ((BIO_SSL *)dbio->ptr)->byte_count =
+ ((BIO_SSL *)b->ptr)->byte_count;
+ ((BIO_SSL *)dbio->ptr)->renegotiate_timeout =
+ ((BIO_SSL *)b->ptr)->renegotiate_timeout;
+ ((BIO_SSL *)dbio->ptr)->last_time =
+ ((BIO_SSL *)b->ptr)->last_time;
+ ret = (((BIO_SSL *)dbio->ptr)->ssl != NULL);
break;
case BIO_C_GET_FD:
- ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
+ ret = BIO_ctrl(ssl->rbio, cmd, num, ptr);
break;
case BIO_CTRL_SET_CALLBACK:
{
#if 0 /* FIXME: Should this be used? -- Richard Levitte */
- SSLerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
- ret = -1;
+ SSLerr(SSL_F_SSL_CTRL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ ret = -1;
#else
- ret=0;
+ ret = 0;
#endif
}
break;
case BIO_CTRL_GET_CALLBACK:
{
- void (**fptr)(const SSL *xssl,int type,int val);
+ void (**fptr)(const SSL *xssl, int type, int val);
- fptr=(void (**)(const SSL *xssl,int type,int val))ptr;
- *fptr=SSL_get_info_callback(ssl);
+ fptr = (void (**)(const SSL *xssl, int type, int val))ptr;
+ *fptr = SSL_get_info_callback(ssl);
}
break;
default:
- ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
+ ret = BIO_ctrl(ssl->rbio, cmd, num, ptr);
break;
- }
- return(ret);
}
+ return (ret);
+}
-static long ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
- {
+static long
+ssl_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
+{
SSL *ssl;
BIO_SSL *bs;
- long ret=1;
+ long ret = 1;
- bs=(BIO_SSL *)b->ptr;
- ssl=bs->ssl;
- switch (cmd)
- {
+ bs = (BIO_SSL *)b->ptr;
+ ssl = bs->ssl;
+ switch (cmd) {
case BIO_CTRL_SET_CALLBACK:
{
/* FIXME: setting this via a completely different prototype
seems like a crap idea */
- SSL_set_info_callback(ssl,(void (*)(const SSL *,int,int))fp);
+ SSL_set_info_callback(ssl,(void (*)(const SSL *, int, int))fp);
}
break;
default:
- ret=BIO_callback_ctrl(ssl->rbio,cmd,fp);
+ ret = BIO_callback_ctrl(ssl->rbio, cmd, fp);
break;
- }
- return(ret);
}
-
-static int ssl_puts(BIO *bp, const char *str)
- {
- int n,ret;
-
- n=strlen(str);
- ret=BIO_write(bp,str,n);
- return(ret);
- }
-
-BIO *BIO_new_buffer_ssl_connect(SSL_CTX *ctx)
- {
+ return (ret);
+}
+
+static int
+ssl_puts(BIO *bp, const char *str)
+{
+ int n, ret;
+
+ n = strlen(str);
+ ret = BIO_write(bp, str, n);
+ return (ret);
+}
+
+BIO
+*BIO_new_buffer_ssl_connect(SSL_CTX *ctx)
+{
#ifndef OPENSSL_NO_SOCK
- BIO *ret=NULL,*buf=NULL,*ssl=NULL;
+ BIO *ret = NULL, *buf = NULL, *ssl = NULL;
- if ((buf=BIO_new(BIO_f_buffer())) == NULL)
- return(NULL);
- if ((ssl=BIO_new_ssl_connect(ctx)) == NULL)
+ if ((buf = BIO_new(BIO_f_buffer())) == NULL)
+ return (NULL);
+ if ((ssl = BIO_new_ssl_connect(ctx)) == NULL)
goto err;
- if ((ret=BIO_push(buf,ssl)) == NULL)
+ if ((ret = BIO_push(buf, ssl)) == NULL)
goto err;
- return(ret);
+ return (ret);
err:
- if (buf != NULL) BIO_free(buf);
- if (ssl != NULL) BIO_free(ssl);
+ if (buf != NULL)
+ BIO_free(buf);
+ if (ssl != NULL)
+ BIO_free(ssl);
#endif
- return(NULL);
- }
+ return (NULL);
+}
-BIO *BIO_new_ssl_connect(SSL_CTX *ctx)
- {
+BIO
+*BIO_new_ssl_connect(SSL_CTX *ctx)
+{
#ifndef OPENSSL_NO_SOCK
- BIO *ret=NULL,*con=NULL,*ssl=NULL;
+ BIO *ret = NULL, *con = NULL, *ssl = NULL;
- if ((con=BIO_new(BIO_s_connect())) == NULL)
- return(NULL);
- if ((ssl=BIO_new_ssl(ctx,1)) == NULL)
+ if ((con = BIO_new(BIO_s_connect())) == NULL)
+ return (NULL);
+ if ((ssl = BIO_new_ssl(ctx, 1)) == NULL)
goto err;
- if ((ret=BIO_push(ssl,con)) == NULL)
+ if ((ret = BIO_push(ssl, con)) == NULL)
goto err;
- return(ret);
+ return (ret);
err:
- if (con != NULL) BIO_free(con);
+ if (con != NULL)
+ BIO_free(con);
#endif
- return(NULL);
- }
+ return (NULL);
+}
-BIO *BIO_new_ssl(SSL_CTX *ctx, int client)
- {
+BIO
+*BIO_new_ssl(SSL_CTX *ctx, int client)
+{
BIO *ret;
SSL *ssl;
- if ((ret=BIO_new(BIO_f_ssl())) == NULL)
- return(NULL);
- if ((ssl=SSL_new(ctx)) == NULL)
- {
+ if ((ret = BIO_new(BIO_f_ssl())) == NULL)
+ return (NULL);
+ if ((ssl = SSL_new(ctx)) == NULL) {
BIO_free(ret);
- return(NULL);
- }
+ return (NULL);
+ }
if (client)
SSL_set_connect_state(ssl);
else
SSL_set_accept_state(ssl);
-
- BIO_set_ssl(ret,ssl,BIO_CLOSE);
- return(ret);
- }
-int BIO_ssl_copy_session_id(BIO *t, BIO *f)
- {
- t=BIO_find_type(t,BIO_TYPE_SSL);
- f=BIO_find_type(f,BIO_TYPE_SSL);
+ BIO_set_ssl(ret, ssl, BIO_CLOSE);
+ return (ret);
+}
+
+int
+BIO_ssl_copy_session_id(BIO *t, BIO *f)
+{
+ t = BIO_find_type(t, BIO_TYPE_SSL);
+ f = BIO_find_type(f, BIO_TYPE_SSL);
if ((t == NULL) || (f == NULL))
- return(0);
- if ( (((BIO_SSL *)t->ptr)->ssl == NULL) ||
- (((BIO_SSL *)f->ptr)->ssl == NULL))
- return(0);
+ return (0);
+ if ((((BIO_SSL *)t->ptr)->ssl == NULL) ||
+ (((BIO_SSL *)f->ptr)->ssl == NULL))
+ return (0);
SSL_copy_session_id(((BIO_SSL *)t->ptr)->ssl,((BIO_SSL *)f->ptr)->ssl);
- return(1);
- }
+ return (1);
+}
-void BIO_ssl_shutdown(BIO *b)
- {
+void
+BIO_ssl_shutdown(BIO *b)
+{
SSL *s;
- while (b != NULL)
- {
- if (b->method->type == BIO_TYPE_SSL)
- {
- s=((BIO_SSL *)b->ptr)->ssl;
+ while (b != NULL) {
+ if (b->method->type == BIO_TYPE_SSL) {
+ s = ((BIO_SSL *)b->ptr)->ssl;
SSL_shutdown(s);
break;
- }
- b=b->next_bio;
}
+ b = b->next_bio;
}
+}
diff --git a/lib/libssl/src/ssl/tls_srp.c b/lib/libssl/src/ssl/tls_srp.c
index 2315a7c0a2e..25ab73af9db 100644
--- a/lib/libssl/src/ssl/tls_srp.c
+++ b/lib/libssl/src/ssl/tls_srp.c
@@ -63,8 +63,8 @@
#include <openssl/srp.h>
#include <openssl/err.h>
-int SSL_CTX_SRP_CTX_free(struct ssl_ctx_st *ctx)
- {
+int
+SSL_CTX_SRP_CTX_free(struct ssl_ctx_st *ctx) {
if (ctx == NULL)
return 0;
OPENSSL_free(ctx->srp_ctx.login);
@@ -93,10 +93,10 @@ int SSL_CTX_SRP_CTX_free(struct ssl_ctx_st *ctx)
ctx->srp_ctx.strength = SRP_MINIMAL_N;
ctx->srp_ctx.srp_Mask = 0;
return (1);
- }
+}
-int SSL_SRP_CTX_free(struct ssl_st *s)
- {
+int
+SSL_SRP_CTX_free(struct ssl_st *s) {
if (s == NULL)
return 0;
OPENSSL_free(s->srp_ctx.login);
@@ -125,10 +125,10 @@ int SSL_SRP_CTX_free(struct ssl_st *s)
s->srp_ctx.strength = SRP_MINIMAL_N;
s->srp_ctx.srp_Mask = 0;
return (1);
- }
+}
-int SSL_SRP_CTX_init(struct ssl_st *s)
- {
+int
+SSL_SRP_CTX_init(struct ssl_st *s) {
SSL_CTX *ctx;
if ((s == NULL) || ((ctx = s->ctx) == NULL))
@@ -154,31 +154,29 @@ int SSL_SRP_CTX_init(struct ssl_st *s)
s->srp_ctx.strength = ctx->srp_ctx.strength;
if (((ctx->srp_ctx.N != NULL) &&
- ((s->srp_ctx.N = BN_dup(ctx->srp_ctx.N)) == NULL)) ||
- ((ctx->srp_ctx.g != NULL) &&
- ((s->srp_ctx.g = BN_dup(ctx->srp_ctx.g)) == NULL)) ||
- ((ctx->srp_ctx.s != NULL) &&
- ((s->srp_ctx.s = BN_dup(ctx->srp_ctx.s)) == NULL)) ||
- ((ctx->srp_ctx.B != NULL) &&
- ((s->srp_ctx.B = BN_dup(ctx->srp_ctx.B)) == NULL)) ||
- ((ctx->srp_ctx.A != NULL) &&
- ((s->srp_ctx.A = BN_dup(ctx->srp_ctx.A)) == NULL)) ||
- ((ctx->srp_ctx.a != NULL) &&
- ((s->srp_ctx.a = BN_dup(ctx->srp_ctx.a)) == NULL)) ||
- ((ctx->srp_ctx.v != NULL) &&
- ((s->srp_ctx.v = BN_dup(ctx->srp_ctx.v)) == NULL)) ||
- ((ctx->srp_ctx.b != NULL) &&
- ((s->srp_ctx.b = BN_dup(ctx->srp_ctx.b)) == NULL)))
- {
- SSLerr(SSL_F_SSL_SRP_CTX_INIT,ERR_R_BN_LIB);
+ ((s->srp_ctx.N = BN_dup(ctx->srp_ctx.N)) == NULL)) ||
+ ((ctx->srp_ctx.g != NULL) &&
+ ((s->srp_ctx.g = BN_dup(ctx->srp_ctx.g)) == NULL)) ||
+ ((ctx->srp_ctx.s != NULL) &&
+ ((s->srp_ctx.s = BN_dup(ctx->srp_ctx.s)) == NULL)) ||
+ ((ctx->srp_ctx.B != NULL) &&
+ ((s->srp_ctx.B = BN_dup(ctx->srp_ctx.B)) == NULL)) ||
+ ((ctx->srp_ctx.A != NULL) &&
+ ((s->srp_ctx.A = BN_dup(ctx->srp_ctx.A)) == NULL)) ||
+ ((ctx->srp_ctx.a != NULL) &&
+ ((s->srp_ctx.a = BN_dup(ctx->srp_ctx.a)) == NULL)) ||
+ ((ctx->srp_ctx.v != NULL) &&
+ ((s->srp_ctx.v = BN_dup(ctx->srp_ctx.v)) == NULL)) ||
+ ((ctx->srp_ctx.b != NULL) &&
+ ((s->srp_ctx.b = BN_dup(ctx->srp_ctx.b)) == NULL))) {
+ SSLerr(SSL_F_SSL_SRP_CTX_INIT, ERR_R_BN_LIB);
goto err;
- }
- if ((ctx->srp_ctx.login != NULL) &&
- ((s->srp_ctx.login = BUF_strdup(ctx->srp_ctx.login)) == NULL))
- {
- SSLerr(SSL_F_SSL_SRP_CTX_INIT,ERR_R_INTERNAL_ERROR);
+ }
+ if ((ctx->srp_ctx.login != NULL) &&
+ ((s->srp_ctx.login = BUF_strdup(ctx->srp_ctx.login)) == NULL)) {
+ SSLerr(SSL_F_SSL_SRP_CTX_INIT, ERR_R_INTERNAL_ERROR);
goto err;
- }
+ }
s->srp_ctx.srp_Mask = ctx->srp_ctx.srp_Mask;
return (1);
@@ -193,10 +191,10 @@ err:
BN_free(s->srp_ctx.b);
BN_free(s->srp_ctx.v);
return (0);
- }
+}
-int SSL_CTX_SRP_CTX_init(struct ssl_ctx_st *ctx)
- {
+int
+SSL_CTX_SRP_CTX_init(struct ssl_ctx_st *ctx) {
if (ctx == NULL)
return 0;
@@ -222,134 +220,119 @@ int SSL_CTX_SRP_CTX_init(struct ssl_ctx_st *ctx)
ctx->srp_ctx.strength = SRP_MINIMAL_N;
return (1);
- }
+}
/* server side */
-int SSL_srp_server_param_with_username(SSL *s, int *ad)
- {
+int
+SSL_srp_server_param_with_username(SSL *s, int *ad)
+{
unsigned char b[SSL_MAX_MASTER_KEY_LENGTH];
int al;
*ad = SSL_AD_UNKNOWN_PSK_IDENTITY;
if ((s->srp_ctx.TLS_ext_srp_username_callback !=NULL) &&
- ((al = s->srp_ctx.TLS_ext_srp_username_callback(s, ad, s->srp_ctx.SRP_cb_arg))!=SSL_ERROR_NONE))
- return al;
+ ((al = s->srp_ctx.TLS_ext_srp_username_callback(s, ad,
+ s->srp_ctx.SRP_cb_arg)) != SSL_ERROR_NONE))
+ return al;
*ad = SSL_AD_INTERNAL_ERROR;
- if ((s->srp_ctx.N == NULL) ||
- (s->srp_ctx.g == NULL) ||
- (s->srp_ctx.s == NULL) ||
- (s->srp_ctx.v == NULL))
+ if ((s->srp_ctx.N == NULL) || (s->srp_ctx.g == NULL) ||
+ (s->srp_ctx.s == NULL) || (s->srp_ctx.v == NULL))
return SSL3_AL_FATAL;
if (RAND_bytes(b, sizeof(b)) <= 0)
return SSL3_AL_FATAL;
- s->srp_ctx.b = BN_bin2bn(b,sizeof(b),NULL);
- OPENSSL_cleanse(b,sizeof(b));
+ s->srp_ctx.b = BN_bin2bn(b, sizeof(b), NULL);
+ OPENSSL_cleanse(b, sizeof(b));
/* Calculate: B = (kv + g^b) % N */
- return ((s->srp_ctx.B = SRP_Calc_B(s->srp_ctx.b, s->srp_ctx.N, s->srp_ctx.g, s->srp_ctx.v)) != NULL)?
- SSL_ERROR_NONE:SSL3_AL_FATAL;
- }
+ return ((s->srp_ctx.B = SRP_Calc_B(s->srp_ctx.b, s->srp_ctx.N, s->srp_ctx.g, s->srp_ctx.v)) != NULL) ? SSL_ERROR_NONE : SSL3_AL_FATAL;
+}
/* If the server just has the raw password, make up a verifier entry on the fly */
-int SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass, const char *grp)
- {
+int
+SSL_set_srp_server_param_pw(SSL *s, const char *user, const char *pass, const char *grp)
+{
SRP_gN *GN = SRP_get_default_gN(grp);
- if(GN == NULL) return -1;
+ if (GN == NULL)
+ return -1;
s->srp_ctx.N = BN_dup(GN->N);
s->srp_ctx.g = BN_dup(GN->g);
- if(s->srp_ctx.v != NULL)
- {
+ if (s->srp_ctx.v != NULL) {
BN_clear_free(s->srp_ctx.v);
s->srp_ctx.v = NULL;
- }
- if(s->srp_ctx.s != NULL)
- {
+ }
+ if (s->srp_ctx.s != NULL) {
BN_clear_free(s->srp_ctx.s);
s->srp_ctx.s = NULL;
- }
- if(!SRP_create_verifier_BN(user, pass, &s->srp_ctx.s, &s->srp_ctx.v, GN->N, GN->g)) return -1;
-
- return 1;
}
+ if (!SRP_create_verifier_BN(user, pass, &s->srp_ctx.s, &s->srp_ctx.v,
+ GN->N, GN->g))
+ return -1;
-int SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
- BIGNUM *sa, BIGNUM *v, char *info)
- {
- if (N!= NULL)
- {
- if (s->srp_ctx.N != NULL)
- {
- if (!BN_copy(s->srp_ctx.N,N))
- {
+ return 1;
+}
+
+int
+SSL_set_srp_server_param(SSL *s, const BIGNUM *N, const BIGNUM *g,
+ BIGNUM *sa, BIGNUM *v, char *info)
+{
+ if (N != NULL) {
+ if (s->srp_ctx.N != NULL) {
+ if (!BN_copy(s->srp_ctx.N, N)) {
BN_free(s->srp_ctx.N);
s->srp_ctx.N = NULL;
- }
}
- else
+ } else
s->srp_ctx.N = BN_dup(N);
- }
- if (g!= NULL)
- {
- if (s->srp_ctx.g != NULL)
- {
- if (!BN_copy(s->srp_ctx.g,g))
- {
+ }
+ if (g != NULL) {
+ if (s->srp_ctx.g != NULL) {
+ if (!BN_copy(s->srp_ctx.g, g)) {
BN_free(s->srp_ctx.g);
s->srp_ctx.g = NULL;
- }
}
- else
+ } else
s->srp_ctx.g = BN_dup(g);
- }
- if (sa!= NULL)
- {
- if (s->srp_ctx.s != NULL)
- {
- if (!BN_copy(s->srp_ctx.s,sa))
- {
+ }
+ if (sa != NULL) {
+ if (s->srp_ctx.s != NULL) {
+ if (!BN_copy(s->srp_ctx.s, sa)) {
BN_free(s->srp_ctx.s);
s->srp_ctx.s = NULL;
- }
}
- else
+ } else
s->srp_ctx.s = BN_dup(sa);
- }
- if (v!= NULL)
- {
- if (s->srp_ctx.v != NULL)
- {
- if (!BN_copy(s->srp_ctx.v,v))
- {
+ }
+ if (v != NULL) {
+ if (s->srp_ctx.v != NULL) {
+ if (!BN_copy(s->srp_ctx.v, v)) {
BN_free(s->srp_ctx.v);
s->srp_ctx.v = NULL;
- }
}
- else
+ } else
s->srp_ctx.v = BN_dup(v);
- }
+ }
s->srp_ctx.info = info;
- if (!(s->srp_ctx.N) ||
- !(s->srp_ctx.g) ||
- !(s->srp_ctx.s) ||
- !(s->srp_ctx.v))
+ if (!(s->srp_ctx.N) || !(s->srp_ctx.g) ||
+ !(s->srp_ctx.s) || !(s->srp_ctx.v))
return -1;
return 1;
- }
+}
-int SRP_generate_server_master_secret(SSL *s,unsigned char *master_key)
- {
+int
+SRP_generate_server_master_secret(SSL *s, unsigned char *master_key)
+{
BIGNUM *K = NULL, *u = NULL;
int ret = -1, tmp_len;
unsigned char *tmp = NULL;
- if (!SRP_Verify_A_mod_N(s->srp_ctx.A,s->srp_ctx.N))
+ if (!SRP_Verify_A_mod_N(s->srp_ctx.A, s->srp_ctx.N))
goto err;
- if (!(u = SRP_Calc_u(s->srp_ctx.A,s->srp_ctx.B,s->srp_ctx.N)))
+ if (!(u = SRP_Calc_u(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N)))
goto err;
if (!(K = SRP_Calc_server_key(s->srp_ctx.A, s->srp_ctx.v, u, s->srp_ctx.b, s->srp_ctx.N)))
goto err;
@@ -358,21 +341,21 @@ int SRP_generate_server_master_secret(SSL *s,unsigned char *master_key)
if ((tmp = OPENSSL_malloc(tmp_len)) == NULL)
goto err;
BN_bn2bin(K, tmp);
- ret = s->method->ssl3_enc->generate_master_secret(s,master_key,tmp,tmp_len);
+ ret = s->method->ssl3_enc->generate_master_secret(s, master_key, tmp, tmp_len);
err:
- if (tmp)
- {
- OPENSSL_cleanse(tmp,tmp_len) ;
+ if (tmp) {
+ OPENSSL_cleanse(tmp, tmp_len);
OPENSSL_free(tmp);
- }
+ }
BN_clear_free(K);
BN_clear_free(u);
return ret;
- }
+}
/* client side */
-int SRP_generate_client_master_secret(SSL *s,unsigned char *master_key)
- {
+int
+SRP_generate_client_master_secret(SSL *s, unsigned char *master_key)
+{
BIGNUM *x = NULL, *u = NULL, *K = NULL;
int ret = -1, tmp_len;
char *passwd = NULL;
@@ -380,128 +363,149 @@ int SRP_generate_client_master_secret(SSL *s,unsigned char *master_key)
/* Checks if b % n == 0
*/
- if (SRP_Verify_B_mod_N(s->srp_ctx.B,s->srp_ctx.N)==0) goto err;
- if (!(u = SRP_Calc_u(s->srp_ctx.A,s->srp_ctx.B,s->srp_ctx.N))) goto err;
- if (s->srp_ctx.SRP_give_srp_client_pwd_callback == NULL) goto err;
- if (!(passwd = s->srp_ctx.SRP_give_srp_client_pwd_callback(s, s->srp_ctx.SRP_cb_arg))) goto err;
- if (!(x = SRP_Calc_x(s->srp_ctx.s,s->srp_ctx.login,passwd))) goto err;
- if (!(K = SRP_Calc_client_key(s->srp_ctx.N, s->srp_ctx.B, s->srp_ctx.g, x, s->srp_ctx.a, u))) goto err;
+ if (SRP_Verify_B_mod_N(s->srp_ctx.B, s->srp_ctx.N) == 0)
+ goto err;
+ if (!(u = SRP_Calc_u(s->srp_ctx.A, s->srp_ctx.B, s->srp_ctx.N)))
+ goto err;
+ if (s->srp_ctx.SRP_give_srp_client_pwd_callback == NULL)
+ goto err;
+ if (!(passwd = s->srp_ctx.SRP_give_srp_client_pwd_callback(s,
+ s->srp_ctx.SRP_cb_arg)))
+ goto err;
+ if (!(x = SRP_Calc_x(s->srp_ctx.s, s->srp_ctx.login, passwd)))
+ goto err;
+ if (!(K = SRP_Calc_client_key(s->srp_ctx.N, s->srp_ctx.B, s->srp_ctx.g,
+ x, s->srp_ctx.a, u)))
+ goto err;
tmp_len = BN_num_bytes(K);
if ((tmp = OPENSSL_malloc(tmp_len)) == NULL) goto err;
- BN_bn2bin(K, tmp);
- ret = s->method->ssl3_enc->generate_master_secret(s,master_key,tmp,tmp_len);
+ BN_bn2bin(K, tmp);
+ ret = s->method->ssl3_enc->generate_master_secret(s, master_key,
+ tmp, tmp_len);
err:
- if (tmp)
- {
- OPENSSL_cleanse(tmp,tmp_len) ;
+ if (tmp) {
+ OPENSSL_cleanse(tmp, tmp_len);
OPENSSL_free(tmp);
- }
+ }
BN_clear_free(K);
BN_clear_free(x);
- if (passwd)
- {
- OPENSSL_cleanse(passwd,strlen(passwd)) ;
+ if (passwd) {
+ OPENSSL_cleanse(passwd, strlen(passwd));
OPENSSL_free(passwd);
- }
+ }
BN_clear_free(u);
return ret;
- }
+}
-int SRP_Calc_A_param(SSL *s)
- {
+int
+SRP_Calc_A_param(SSL *s)
+{
unsigned char rnd[SSL_MAX_MASTER_KEY_LENGTH];
if (BN_num_bits(s->srp_ctx.N) < s->srp_ctx.strength)
return -1;
- if (s->srp_ctx.SRP_verify_param_callback ==NULL &&
- !SRP_check_known_gN_param(s->srp_ctx.g,s->srp_ctx.N))
- return -1 ;
+ if (s->srp_ctx.SRP_verify_param_callback ==NULL &&
+ !SRP_check_known_gN_param(s->srp_ctx.g, s->srp_ctx.N))
+ return -1;
RAND_bytes(rnd, sizeof(rnd));
s->srp_ctx.a = BN_bin2bn(rnd, sizeof(rnd), s->srp_ctx.a);
OPENSSL_cleanse(rnd, sizeof(rnd));
- if (!(s->srp_ctx.A = SRP_Calc_A(s->srp_ctx.a,s->srp_ctx.N,s->srp_ctx.g)))
+ if (!(s->srp_ctx.A = SRP_Calc_A(s->srp_ctx.a, s->srp_ctx.N,
+ s->srp_ctx.g)))
return -1;
/* We can have a callback to verify SRP param!! */
- if (s->srp_ctx.SRP_verify_param_callback !=NULL)
- return s->srp_ctx.SRP_verify_param_callback(s,s->srp_ctx.SRP_cb_arg);
+ if (s->srp_ctx.SRP_verify_param_callback !=NULL)
+ return s->srp_ctx.SRP_verify_param_callback(s,
+ s->srp_ctx.SRP_cb_arg);
return 1;
- }
+}
-BIGNUM *SSL_get_srp_g(SSL *s)
- {
+BIGNUM
+*SSL_get_srp_g(SSL *s)
+{
if (s->srp_ctx.g != NULL)
return s->srp_ctx.g;
return s->ctx->srp_ctx.g;
- }
+}
-BIGNUM *SSL_get_srp_N(SSL *s)
- {
+BIGNUM
+*SSL_get_srp_N(SSL *s)
+{
if (s->srp_ctx.N != NULL)
return s->srp_ctx.N;
return s->ctx->srp_ctx.N;
- }
+}
-char *SSL_get_srp_username(SSL *s)
- {
+char
+*SSL_get_srp_username(SSL *s)
+{
if (s->srp_ctx.login != NULL)
return s->srp_ctx.login;
return s->ctx->srp_ctx.login;
- }
+}
-char *SSL_get_srp_userinfo(SSL *s)
- {
+char
+*SSL_get_srp_userinfo(SSL *s)
+{
if (s->srp_ctx.info != NULL)
return s->srp_ctx.info;
return s->ctx->srp_ctx.info;
- }
+}
#define tls1_ctx_ctrl ssl3_ctx_ctrl
#define tls1_ctx_callback_ctrl ssl3_ctx_callback_ctrl
-int SSL_CTX_set_srp_username(SSL_CTX *ctx,char *name)
- {
- return tls1_ctx_ctrl(ctx,SSL_CTRL_SET_TLS_EXT_SRP_USERNAME,0,name);
- }
-
-int SSL_CTX_set_srp_password(SSL_CTX *ctx,char *password)
- {
- return tls1_ctx_ctrl(ctx,SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD,0,password);
- }
-
-int SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength)
- {
+int
+SSL_CTX_set_srp_username(SSL_CTX *ctx, char *name)
+{
+ return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_USERNAME, 0, name);
+}
+
+int
+SSL_CTX_set_srp_password(SSL_CTX *ctx, char *password)
+{
+ return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_PASSWORD, 0, password);
+}
+
+int
+SSL_CTX_set_srp_strength(SSL_CTX *ctx, int strength)
+{
return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_STRENGTH, strength,
- NULL);
- }
-
-int SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx, int (*cb)(SSL *,void *))
- {
- return tls1_ctx_callback_ctrl(ctx,SSL_CTRL_SET_SRP_VERIFY_PARAM_CB,
- (void (*)(void))cb);
- }
-
-int SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg)
- {
- return tls1_ctx_ctrl(ctx,SSL_CTRL_SET_SRP_ARG,0,arg);
- }
-
-int SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
- int (*cb)(SSL *,int *,void *))
- {
- return tls1_ctx_callback_ctrl(ctx,SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB,
- (void (*)(void))cb);
- }
-
-int SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx, char *(*cb)(SSL *,void *))
- {
- return tls1_ctx_callback_ctrl(ctx,SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB,
- (void (*)(void))cb);
- }
+ NULL);
+}
+
+int
+SSL_CTX_set_srp_verify_param_callback(SSL_CTX *ctx, int (*cb)(SSL *, void *))
+{
+ return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_VERIFY_PARAM_CB,
+ (void (*)(void))cb);
+}
+
+int
+SSL_CTX_set_srp_cb_arg(SSL_CTX *ctx, void *arg)
+{
+ return tls1_ctx_ctrl(ctx, SSL_CTRL_SET_SRP_ARG, 0, arg);
+}
+
+int
+SSL_CTX_set_srp_username_callback(SSL_CTX *ctx,
+ int (*cb)(SSL *, int *, void *))
+{
+ return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_TLS_EXT_SRP_USERNAME_CB,
+ (void (*)(void))cb);
+}
+
+int
+SSL_CTX_set_srp_client_pwd_callback(SSL_CTX *ctx, char *(*cb)(SSL *, void *))
+{
+ return tls1_ctx_callback_ctrl(ctx, SSL_CTRL_SET_SRP_GIVE_CLIENT_PWD_CB,
+ (void (*)(void))cb);
+}
#endif
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.