From 2204f7c3c7d29b84f49552711a4314cc8b9a0d92 Mon Sep 17 00:00:00 2001
From: Philip Guenther <guenther@cvs.openbsd.org>
Date: Sun, 22 Jun 2014 19:09:38 +0000
Subject: KNF, particularly wrapped lines of calls to PEM_read_bio_FOO() and
 multiline comments

ok jsing@
---
 lib/libssl/ssl_rsa.c | 68 +++++++++++++++++++++++++++++++++-------------------
 1 file changed, 44 insertions(+), 24 deletions(-)

(limited to 'lib/libssl/ssl_rsa.c')

diff --git a/lib/libssl/ssl_rsa.c b/lib/libssl/ssl_rsa.c
index 10276a4b2d8..c1d24cad525 100644
--- a/lib/libssl/ssl_rsa.c
+++ b/lib/libssl/ssl_rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_rsa.c,v 1.14 2014/06/12 15:49:31 deraadt Exp $ */
+/* $OpenBSD: ssl_rsa.c,v 1.15 2014/06/22 19:09:37 guenther Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -103,7 +103,9 @@ SSL_use_certificate_file(SSL *ssl, const char *file, int type)
 		x = d2i_X509_bio(in, NULL);
 	} else if (type == SSL_FILETYPE_PEM) {
 		j = ERR_R_PEM_LIB;
-		x = PEM_read_bio_X509(in, NULL, ssl->ctx->default_passwd_callback, ssl->ctx->default_passwd_callback_userdata);
+		x = PEM_read_bio_X509(in, NULL,
+		    ssl->ctx->default_passwd_callback,
+		    ssl->ctx->default_passwd_callback_userdata);
 	} else {
 		SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
 		goto end;
@@ -184,8 +186,10 @@ ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
 		EVP_PKEY_free(pktmp);
 		ERR_clear_error();
 
-		/* Don't check the public/private key, this is mostly
-		 * for smart cards. */
+		/*
+		 * Don't check the public/private key, this is mostly
+		 * for smart cards.
+		 */
 		if ((pkey->type == EVP_PKEY_RSA) &&
 			(RSA_flags(pkey->pkey.rsa) & RSA_METHOD_FLAG_NO_CHECK))
 ;
@@ -230,7 +234,8 @@ SSL_use_RSAPrivateKey_file(SSL *ssl, const char *file, int type)
 	} else if (type == SSL_FILETYPE_PEM) {
 		j = ERR_R_PEM_LIB;
 		rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
-		ssl->ctx->default_passwd_callback, ssl->ctx->default_passwd_callback_userdata);
+		    ssl->ctx->default_passwd_callback,
+		    ssl->ctx->default_passwd_callback_userdata);
 	} else {
 		SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
 		goto end;
@@ -301,7 +306,8 @@ SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type)
 	if (type == SSL_FILETYPE_PEM) {
 		j = ERR_R_PEM_LIB;
 		pkey = PEM_read_bio_PrivateKey(in, NULL,
-		ssl->ctx->default_passwd_callback, ssl->ctx->default_passwd_callback_userdata);
+		    ssl->ctx->default_passwd_callback,
+		    ssl->ctx->default_passwd_callback_userdata);
 	} else if (type == SSL_FILETYPE_ASN1) {
 		j = ERR_R_ASN1_LIB;
 		pkey = d2i_PrivateKey_bio(in, NULL);
@@ -375,18 +381,22 @@ ssl_set_cert(CERT *c, X509 *x)
 		EVP_PKEY_copy_parameters(pkey, c->pkeys[i].privatekey);
 		ERR_clear_error();
 
-		/* Don't check the public/private key, this is mostly
-		 * for smart cards. */
+		/*
+		 * Don't check the public/private key, this is mostly
+		 * for smart cards.
+		 */
 		if ((c->pkeys[i].privatekey->type == EVP_PKEY_RSA) &&
 			(RSA_flags(c->pkeys[i].privatekey->pkey.rsa) &
 		RSA_METHOD_FLAG_NO_CHECK))
 ;
 		else
 		if (!X509_check_private_key(x, c->pkeys[i].privatekey)) {
-			/* don't fail for a cert/key mismatch, just free
+			/*
+			 * don't fail for a cert/key mismatch, just free
 			 * current private key (when switching to a different
 			 * cert & key, first this function should be used,
-			 * then ssl_set_pkey */
+			 * then ssl_set_pkey
+			 */
 			EVP_PKEY_free(c->pkeys[i].privatekey);
 			c->pkeys[i].privatekey = NULL;
 			/* clear error queue */
@@ -429,7 +439,8 @@ SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
 		x = d2i_X509_bio(in, NULL);
 	} else if (type == SSL_FILETYPE_PEM) {
 		j = ERR_R_PEM_LIB;
-		x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
+		x = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback,
+		    ctx->default_passwd_callback_userdata);
 	} else {
 		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
 		goto end;
@@ -515,7 +526,8 @@ SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, const char *file, int type)
 	} else if (type == SSL_FILETYPE_PEM) {
 		j = ERR_R_PEM_LIB;
 		rsa = PEM_read_bio_RSAPrivateKey(in, NULL,
-		ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
+		    ctx->default_passwd_callback,
+		    ctx->default_passwd_callback_userdata);
 	} else {
 		SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
 		goto end;
@@ -553,7 +565,8 @@ int
 SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
 {
 	if (pkey == NULL) {
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
+		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,
+		    ERR_R_PASSED_NULL_PARAMETER);
 		return (0);
 	}
 	if (!ssl_cert_inst(&ctx->cert)) {
@@ -583,12 +596,14 @@ SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
 	if (type == SSL_FILETYPE_PEM) {
 		j = ERR_R_PEM_LIB;
 		pkey = PEM_read_bio_PrivateKey(in, NULL,
-		ctx->default_passwd_callback, ctx->default_passwd_callback_userdata);
+		    ctx->default_passwd_callback,
+		    ctx->default_passwd_callback_userdata);
 	} else if (type == SSL_FILETYPE_ASN1) {
 		j = ERR_R_ASN1_LIB;
 		pkey = d2i_PrivateKey_bio(in, NULL);
 	} else {
-		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE);
+		SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,
+		    SSL_R_BAD_SSL_FILETYPE);
 		goto end;
 	}
 	if (pkey == NULL) {
@@ -622,7 +637,8 @@ SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const unsigned char *d,
 }
 
 
-/* Read a file that contains our certificate in "PEM" format,
+/*
+ * Read a file that contains our certificate in "PEM" format,
  * possibly followed by a sequence of CA certificates that should be
  * sent to the peer in the Certificate message.
  */
@@ -647,7 +663,7 @@ SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
 	}
 
 	x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback,
-	ctx->default_passwd_callback_userdata);
+	    ctx->default_passwd_callback_userdata);
 	if (x == NULL) {
 		SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB);
 		goto end;
@@ -659,7 +675,8 @@ SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
 		ret = 0;
 	/* Key/certificate mismatch doesn't imply ret==0 ... */
 	if (ret) {
-		/* If we could set up our certificate, now proceed to
+		/*
+		 * If we could set up our certificate, now proceed to
 		 * the CA certificates.
 		 */
 		X509 *ca;
@@ -672,23 +689,26 @@ SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file)
 		}
 
 		while ((ca = PEM_read_bio_X509(in, NULL,
-		ctx->default_passwd_callback,
-		ctx->default_passwd_callback_userdata))
-		!= NULL) {
+		    ctx->default_passwd_callback,
+		    ctx->default_passwd_callback_userdata)) != NULL) {
 			r = SSL_CTX_add_extra_chain_cert(ctx, ca);
 			if (!r) {
 				X509_free(ca);
 				ret = 0;
 				goto end;
 			}
-			/* Note that we must not free r if it was successfully
+			/*
+			 * Note that we must not free r if it was successfully
 			 * added to the chain (while we must free the main
 			 * certificate, since its reference count is increased
-			 * by SSL_CTX_use_certificate). */
+			 * by SSL_CTX_use_certificate).
+			 */
 		}
+
 		/* When the while loop ends, it's usually just EOF. */
 		err = ERR_peek_last_error();
-		if (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
+		if (ERR_GET_LIB(err) == ERR_LIB_PEM &&
+		    ERR_GET_REASON(err) == PEM_R_NO_START_LINE)
 			ERR_clear_error();
 		else
 			ret = 0; /* some real error */
-- 
cgit v1.2.3