src - OpenBSD base system

diff options


context:
space:
mode:

author	Philip Guenther <guenther@cvs.openbsd.org>	2014-06-22 19:09:38 +0000
committer	Philip Guenther <guenther@cvs.openbsd.org>	2014-06-22 19:09:38 +0000
commit	2204f7c3c7d29b84f49552711a4314cc8b9a0d92 (patch)
tree	77d027745f79e5079c13159d2c2693e8a5219ca6 /lib/libssl/ssl_rsa.c
parent	2673fac3e7f84c2960223a3d3d1131768936a946 (diff)

KNF, particularly wrapped lines of calls to PEM_read_bio_FOO() and

multiline comments ok jsing@

Diffstat (limited to 'lib/libssl/ssl_rsa.c')

-rw-r--r--

lib/libssl/ssl_rsa.c

1 files changed, 44 insertions, 24 deletions

diff --git a/lib/libssl/ssl_rsa.c b/lib/libssl/ssl_rsa.c
index 10276a4b2d8..c1d24cad525 100644
--- a/lib/libssl/ssl_rsa.c
+++ b/lib/libssl/ssl_rsa.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ssl_rsa.c,v 1.14 2014/06/12 15:49:31 deraadt Exp $ */

+/* $OpenBSD: ssl_rsa.c,v 1.15 2014/06/22 19:09:37 guenther Exp $ */

@@ -103,7 +103,9 @@ SSL_use_certificate_file(SSL *ssl, const char *file, int type)

x = d2i_X509_bio(in, NULL);

} else if (type == SSL_FILETYPE_PEM) {

j = ERR_R_PEM_LIB;

- x = PEM_read_bio_X509(in, NULL, ssl->ctx->default_passwd_callback, ssl->ctx->default_passwd_callback_userdata);

+ x = PEM_read_bio_X509(in, NULL,

+ ssl->ctx->default_passwd_callback,

+ ssl->ctx->default_passwd_callback_userdata);

} else {

SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);

goto end;

@@ -184,8 +186,10 @@ ssl_set_pkey(CERT *c, EVP_PKEY *pkey)

EVP_PKEY_free(pktmp);

ERR_clear_error();

- /* Don't check the public/private key, this is mostly

- * for smart cards. */

+ /*

+ * Don't check the public/private key, this is mostly

+ * for smart cards.

+ */

if ((pkey->type == EVP_PKEY_RSA) &&

(RSA_flags(pkey->pkey.rsa) & RSA_METHOD_FLAG_NO_CHECK))

;

@@ -230,7 +234,8 @@ SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)

} else if (type == SSL_FILETYPE_PEM) {

j = ERR_R_PEM_LIB;

rsa = PEM_read_bio_RSAPrivateKey(in, NULL,

- ssl->ctx->default_passwd_callback, ssl->ctx->default_passwd_callback_userdata);

+ ssl->ctx->default_passwd_callback,

+ ssl->ctx->default_passwd_callback_userdata);

} else {

SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);

goto end;

@@ -301,7 +306,8 @@ SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)

if (type == SSL_FILETYPE_PEM) {

j = ERR_R_PEM_LIB;

pkey = PEM_read_bio_PrivateKey(in, NULL,

- ssl->ctx->default_passwd_callback, ssl->ctx->default_passwd_callback_userdata);

+ ssl->ctx->default_passwd_callback,

+ ssl->ctx->default_passwd_callback_userdata);

} else if (type == SSL_FILETYPE_ASN1) {

j = ERR_R_ASN1_LIB;

pkey = d2i_PrivateKey_bio(in, NULL);

@@ -375,18 +381,22 @@ ssl_set_cert(CERT *c, X509 *x)

EVP_PKEY_copy_parameters(pkey, c->pkeys[i].privatekey);

ERR_clear_error();

- /* Don't check the public/private key, this is mostly

- * for smart cards. */

+ /*

+ * Don't check the public/private key, this is mostly

+ * for smart cards.

+ */

if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&

(RSA_flags(c->pkeys[i].privatekey->pkey.rsa) &

RSA_METHOD_FLAG_NO_CHECK))

;

else

if (!X509_check_private_key(x, c->pkeys[i].privatekey)) {

- /* don't fail for a cert/key mismatch, just free

+ /*

+ * don't fail for a cert/key mismatch, just free

* current private key (when switching to a different

* cert & key, first this function should be used,

- * then ssl_set_pkey */

+ * then ssl_set_pkey

+ */

EVP_PKEY_free(c->pkeys[i].privatekey);

c->pkeys[i].privatekey = NULL;

/* clear error queue */

@@ -429,7 +439,8 @@ SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)

x = d2i_X509_bio(in, NULL);

} else if (type == SSL_FILETYPE_PEM) {

j = ERR_R_PEM_LIB;

- x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);

+ x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback,

+ ctx->default_passwd_callback_userdata);

} else {

SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);

goto end;

@@ -515,7 +526,8 @@ SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)

} else if (type == SSL_FILETYPE_PEM) {

j = ERR_R_PEM_LIB;

rsa = PEM_read_bio_RSAPrivateKey(in, NULL,

- ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);

+ ctx->default_passwd_callback,

+ ctx->default_passwd_callback_userdata);

} else {

SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);

goto end;

@@ -553,7 +565,8 @@ int

SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)

{

if (pkey == NULL) {

- SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);

+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,

+ ERR_R_PASSED_NULL_PARAMETER);

return (0);

}

if (!ssl_cert_inst(&ctx->cert)) {

@@ -583,12 +596,14 @@ SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)

if (type == SSL_FILETYPE_PEM) {

j = ERR_R_PEM_LIB;

pkey = PEM_read_bio_PrivateKey(in, NULL,

- ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);

+ ctx->default_passwd_callback,

+ ctx->default_passwd_callback_userdata);

} else if (type == SSL_FILETYPE_ASN1) {

j = ERR_R_ASN1_LIB;

pkey = d2i_PrivateKey_bio(in, NULL);

} else {

- SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);

+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,

+ SSL_R_BAD_SSL_FILETYPE);

goto end;

}

if (pkey == NULL) {

@@ -622,7 +637,8 @@ SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const unsigned char *d,

}

-/* Read a file that contains our certificate in "PEM" format,

+/*

+ * Read a file that contains our certificate in "PEM" format,

* possibly followed by a sequence of CA certificates that should be

* sent to the peer in the Certificate message.

@@ -647,7 +663,7 @@ SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)

}

x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback,

- ctx->default_passwd_callback_userdata);

+ ctx->default_passwd_callback_userdata);

if (x == NULL) {

SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);

goto end;

@@ -659,7 +675,8 @@ SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)

ret = 0;

/* Key/certificate mismatch doesn't imply ret==0 ... */

if (ret) {

- /* If we could set up our certificate, now proceed to

+ /*

+ * If we could set up our certificate, now proceed to

* the CA certificates.

X509 *ca;

@@ -672,23 +689,26 @@ SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)

}

while ((ca = PEM_read_bio_X509(in, NULL,

- ctx->default_passwd_callback,

- ctx->default_passwd_callback_userdata))

- != NULL) {

+ ctx->default_passwd_callback,

+ ctx->default_passwd_callback_userdata)) != NULL) {

r = SSL_CTX_add_extra_chain_cert(ctx, ca);

if (!r) {

X509_free(ca);

ret = 0;

goto end;

}

- /* Note that we must not free r if it was successfully

+ /*

+ * Note that we must not free r if it was successfully

* added to the chain (while we must free the main

* certificate, since its reference count is increased

- * by SSL_CTX_use_certificate). */

+ * by SSL_CTX_use_certificate).

+ */

}

/* When the while loop ends, it's usually just EOF. */

err = ERR_peek_last_error();

- if (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)

+ if (ERR_GET_LIB(err) == ERR_LIB_PEM &&

+ ERR_GET_REASON(err) == PEM_R_NO_START_LINE)

ERR_clear_error();

else

ret = 0; /* some real error */