* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
- *
+ *
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
+ *
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
+ * 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
+ *
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
- *
+ *
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* are met:
*
* 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
*/
/* ====================================================================
* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- * ECC cipher suite support in OpenSSL originally developed by
+ * ECC cipher suite support in OpenSSL originally developed by
* SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
*/
/* ====================================================================
static int verbose = 0;
static int debug = 0;
-int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time, clock_t *c_time);
+int doit_biopair(SSL *s_ssl, SSL *c_ssl, long bytes, clock_t *s_time,
+ clock_t *c_time);
int doit(SSL *s_ssl, SSL *c_ssl, long bytes);
static int do_test_cipherlist(void);
ciph = SSL_get_current_cipher(c_ssl);
BIO_printf(bio_stdout, "%s%s, cipher %s %s",
- prefix,
- SSL_get_version(c_ssl),
- SSL_CIPHER_get_version(ciph),
- SSL_CIPHER_get_name(ciph));
+ prefix, SSL_get_version(c_ssl), SSL_CIPHER_get_version(ciph),
+ SSL_CIPHER_get_name(ciph));
cert = SSL_get_peer_certificate(c_ssl);
if (cert != NULL) {
EVP_PKEY *pkey = X509_get_pubkey(cert);
pkey->pkey.rsa != NULL &&
pkey->pkey.rsa->n != NULL) {
BIO_printf(bio_stdout, ", %d bit RSA",
- BN_num_bits(pkey->pkey.rsa->n));
- }
- else if (pkey->type == EVP_PKEY_DSA &&
+ BN_num_bits(pkey->pkey.rsa->n));
+ } else if (pkey->type == EVP_PKEY_DSA &&
pkey->pkey.dsa != NULL &&
pkey->pkey.dsa->p != NULL) {
BIO_printf(bio_stdout, ", %d bit DSA",
- BN_num_bits(pkey->pkey.dsa->p));
+ BN_num_bits(pkey->pkey.dsa->p));
}
EVP_PKEY_free(pkey);
}
if (modes[type] != rw) {
errstr = (rw == CRYPTO_READ) ?
- "CRYPTO_r_unlock on write lock" :
- "CRYPTO_w_unlock on read lock";
+ "CRYPTO_r_unlock on write lock" :
+ "CRYPTO_w_unlock on read lock";
}
modes[type] = 0;
err:
if (errstr) {
/* we cannot use bio_err here */
- fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
- errstr, mode, type, file, line);
+ fprintf(stderr,
+ "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
+ errstr, mode, type, file, line);
}
}
int client_auth = 0;
int server_auth = 0, i;
struct app_verify_arg app_verify_arg =
- { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
+ { APP_CALLBACK_STRING, 0, 0, NULL, NULL };
char *server_cert = TEST_SERVER_CERT;
char *server_key = NULL;
char *client_cert = TEST_CLIENT_CERT;
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT);
-
CRYPTO_set_locking_callback(lock_dbg_cb);
bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT);
}
} else
#ifdef OPENSSL_NO_EC2M
- nid = NID_X9_62_prime256v1;
+ nid = NID_X9_62_prime256v1;
#else
nid = NID_sect163r2;
#endif
SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
- if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) {
+ if (!SSL_CTX_use_certificate_file(s_ctx, server_cert,
+ SSL_FILETYPE_PEM)) {
ERR_print_errors(bio_err);
} else if (!SSL_CTX_use_PrivateKey_file(s_ctx,
(server_key ? server_key : server_cert), SSL_FILETYPE_PEM)) {
if (client_auth) {
SSL_CTX_use_certificate_file(c_ctx, client_cert,
- SSL_FILETYPE_PEM);
+ SSL_FILETYPE_PEM);
SSL_CTX_use_PrivateKey_file(c_ctx,
- (client_key ? client_key : client_cert),
- SSL_FILETYPE_PEM);
+ (client_key ? client_key : client_cert),
+ SSL_FILETYPE_PEM);
}
if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
if (client_auth) {
BIO_printf(bio_err, "client authentication\n");
SSL_CTX_set_verify(s_ctx,
- SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
- verify_callback);
- SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback, &app_verify_arg);
+ SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+ verify_callback);
+ SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
+ &app_verify_arg);
}
if (server_auth) {
BIO_printf(bio_err, "server authentication\n");
SSL_CTX_set_verify(c_ctx, SSL_VERIFY_PEER,
- verify_callback);
- SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback, &app_verify_arg);
+ verify_callback);
+ SSL_CTX_set_cert_verify_callback(c_ctx, app_verify_callback,
+ &app_verify_arg);
}
{
int session_id_context = 0;
- SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context, sizeof session_id_context);
+ SSL_CTX_set_session_id_context(s_ctx,
+ (void *)&session_id_context, sizeof(session_id_context));
}
c_ssl = SSL_new(c_ctx);
if (!reuse)
SSL_set_session(c_ssl, NULL);
if (bio_pair)
- ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time, &c_time);
+ ret = doit_biopair(s_ssl, c_ssl, bytes, &s_time,
+ &c_time);
else
ret = doit(s_ssl, c_ssl, bytes);
}
print_details(c_ssl, "");
}
if ((number > 1) || (bytes > 1L))
- BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n", number, bytes);
+ BIO_printf(bio_stdout, "%d handshakes of %ld bytes done\n",
+ number, bytes);
if (print_time) {
#ifdef CLOCKS_PER_SEC
/* "To determine the time in seconds, the value returned
* by the clock function should be divided by the value
* of the macro CLOCKS_PER_SEC."
* -- ISO/IEC 9899 */
- BIO_printf(bio_stdout, "Approximate total server time: %6.2f s\n"
- "Approximate total client time: %6.2f s\n",
- (double)s_time/CLOCKS_PER_SEC,
- (double)c_time/CLOCKS_PER_SEC);
+ BIO_printf(bio_stdout,
+ "Approximate total server time: %6.2f s\n"
+ "Approximate total client time: %6.2f s\n",
+ (double)s_time/CLOCKS_PER_SEC,
+ (double)c_time/CLOCKS_PER_SEC);
#else
/* "`CLOCKS_PER_SEC' undeclared (first use this function)"
* -- cc on NeXTstep/OpenStep */
BIO_printf(bio_stdout,
- "Approximate total server time: %6.2f units\n"
- "Approximate total client time: %6.2f units\n",
- (double)s_time,
- (double)c_time);
+ "Approximate total server time: %6.2f units\n"
+ "Approximate total client time: %6.2f units\n",
+ (double)s_time,
+ (double)c_time);
#endif
}
{
long cw_num = count, cr_num = count, sw_num = count, sr_num = count;
BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL;
- BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL;
+ BIO *server = NULL, *server_io = NULL;
+ BIO *client = NULL, *client_io = NULL;
int ret = 1;
size_t bufsiz = 256; /* small buffer for testing */
if (debug)
if (SSL_in_init(c_ssl))
printf("client waiting in SSL_connect - %s\n",
- SSL_state_string_long(c_ssl));
+ SSL_state_string_long(c_ssl));
if (cw_num > 0) {
/* Write to server. */
if (debug)
if (SSL_in_init(s_ssl))
printf("server waiting in SSL_accept - %s\n",
- SSL_state_string_long(s_ssl));
+ SSL_state_string_long(s_ssl));
if (sw_num > 0) {
/* Write to client. */
int progress = 0;
/* io1 to io2 */
- do
- {
+ do {
size_t num;
int r;
if (r != (int)num) /* can't happen */
{
fprintf(stderr, "ERROR: BIO_write could not write "
- "BIO_ctrl_get_write_guarantee() bytes");
+ "BIO_ctrl_get_write_guarantee() bytes");
goto err;
}
progress = 1;
if (debug)
printf((io1 == client_io) ?
- "C->S relaying: %d bytes\n" :
- "S->C relaying: %d bytes\n",
- (int)num);
+ "C->S relaying: %d bytes\n" :
+ "S->C relaying: %d bytes\n",
+ (int)num);
}
} while (r1 && r2);
if (r != (int)num) /* can't happen */
{
fprintf(stderr, "ERROR: BIO_read could not read "
- "BIO_ctrl_pending() bytes");
+ "BIO_ctrl_pending() bytes");
goto err;
}
progress = 1;
if (r != (int)num) /* can't happen */
{
fprintf(stderr, "ERROR: BIO_nwrite() did not accept "
- "BIO_nwrite0() bytes");
+ "BIO_nwrite0() bytes");
goto err;
}
if (debug)
printf((io2 == client_io) ?
- "C->S relaying: %d bytes\n" :
- "S->C relaying: %d bytes\n",
- (int)num);
+ "C->S relaying: %d bytes\n" :
+ "S->C relaying: %d bytes\n",
+ (int)num);
}
} /* no loop, BIO_ctrl_get_read_request now returns 0 anyway */
fprintf(stderr, "This can happen for SSL2 because "
"CLIENT-FINISHED and SERVER-VERIFY are written \n"
"concurrently ...");
- if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0
- && strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0) {
+ if (strncmp("2SCF", SSL_state_string(c_ssl), 4) == 0 &&
+ strncmp("2SSV", SSL_state_string(s_ssl), 4) == 0) {
fprintf(stderr, " ok.\n");
goto end;
}
end:
ret = 0;
- err:
+err:
ERR_print_errors(bio_err);
if (server)
printf("server:SSL_write()\n");
else
printf("server:SSL_read()\n"); */
- }
+ }
- if (do_client && debug) {
+ if (do_client && debug) {
if (SSL_in_init(c_ssl))
printf("client waiting in SSL_connect - %s\n",
SSL_state_string_long(c_ssl));
printf("client:SSL_write()\n");
else
printf("client:SSL_read()\n"); */
- }
+ }
- if (!do_client && !do_server) {
+ if (!do_client && !do_server) {
fprintf(stdout, "ERROR IN STARTUP\n");
ERR_print_errors(bio_err);
break;
s_write = 0;
c_r = 1;
if (sw_num <= 0)
- done|=S_DONE;
+ done |= S_DONE;
}
}
}
- if ((done & S_DONE)
- && (done & C_DONE)) break;
+ if ((done & S_DONE) && (done & C_DONE))
+ break;
}
if (verbose)
char *s, buf[256];
s = X509_NAME_oneline(X509_get_subject_name(ctx->current_cert), buf,
- sizeof buf);
+ sizeof buf);
if (s != NULL) {
if (ok)
fprintf(stderr, "depth=%d %s\n",
if (xs->ex_flags & EXFLAG_PROXY) {
unsigned int *letters =
X509_STORE_CTX_get_ex_data(ctx,
- get_proxy_auth_ex_data_idx());
+ get_proxy_auth_ex_data_idx());
if (letters) {
int found_any = 0;
int i;
PROXY_CERT_INFO_EXTENSION *pci =
X509_get_ext_d2i(xs, NID_proxyCertInfo,
- NULL, NULL);
+ NULL, NULL);
switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
case NID_Independent:
process_proxy_debug(int indent, const char *format, ...)
{
static const char indentation[] =
- ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
- ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */
+ ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
+ ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */
char my_format[256];
va_list args;
ok = -1;
goto end;
}
- end:
+end:
*cond_end = cond;
if (ok >= 0 && negate)
ok = !ok;
goto end;
}
}
- end:
+end:
if (debug)
process_proxy_debug(indent,
- "End process_proxy_cond_multipliers at position %d: %s, returning %d\n",
+ "End process_proxy_cond_multipliers at position %d: %s, "
+ "returning %d\n",
*pos, cond, ok);
*cond_end = cond;
goto end;
}
}
- end:
+end:
if (debug)
process_proxy_debug(indent,
- "End process_proxy_cond_adders at position %d: %s, returning %d\n",
+ "End process_proxy_cond_adders at position %d: %s, returning %d\n",
*pos, cond, ok);
*cond_end = cond;
fprintf(stderr, "In app_verify_callback, allowing cert. ");
fprintf(stderr, "Arg is: %s\n", cb_arg->string);
fprintf(stderr, "Finished printing do we have a context? 0x%p a cert? 0x%p\n",
- (void *)ctx, (void *)ctx->cert);
+ (void *)ctx, (void *)ctx->cert);
if (ctx->cert)
s = X509_NAME_oneline(X509_get_subject_name(ctx->cert), buf, 256);
if (s != NULL) {
const char *cond_end = NULL;
ok = process_proxy_cond(letters,
- cb_arg->proxy_cond, &cond_end);
+ cb_arg->proxy_cond, &cond_end);
if (ok < 0)
exit(3);
}
if (!ok)
fprintf(stderr, "Proxy rights check with condition '%s' proved invalid\n",
- cb_arg->proxy_cond);
+ cb_arg->proxy_cond);
else
fprintf(stderr, "Proxy rights check with condition '%s' proved valid\n",
- cb_arg->proxy_cond);
+ cb_arg->proxy_cond);
}
}
return (ok);
}
if (bn)
BN_free(bn);
- return (rsa_tmp);
+ return (rsa_tmp);
}
static void
};
DH *dh;
- if ((dh = DH_new()) == NULL) return (NULL);
- dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
+ if ((dh = DH_new()) == NULL)
+ return (NULL);
+ dh->p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL);
dh->g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL);
if ((dh->p == NULL) || (dh->g == NULL)) {
DH_free(dh);
};
DH *dh;
- if ((dh = DH_new()) == NULL) return (NULL);
- dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
+ if ((dh = DH_new()) == NULL)
+ return (NULL);
+ dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
if ((dh->p == NULL) || (dh->g == NULL)) {
DH_free(dh);
};
DH *dh;
- if ((dh = DH_new()) == NULL) return (NULL);
- dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
+ if ((dh = DH_new()) == NULL)
+ return (NULL);
+ dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
if ((dh->p == NULL) || (dh->g == NULL)) {
DH_free(dh);
meth = SSLv3_method();
tci = NULL;
while ((ci = meth->get_cipher(i++)) != NULL) {
- if (tci != NULL)
+ if (tci != NULL) {
if (ci->id >= tci->id) {
- fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
- return 0;
+ fprintf(stderr,
+ "failed %lx vs. %lx\n", ci->id, tci->id);
+ return 0;
+ }
}
tci = ci;
}
meth = TLSv1_method();
tci = NULL;
while ((ci = meth->get_cipher(i++)) != NULL) {
- if (tci != NULL)
+ if (tci != NULL) {
if (ci->id >= tci->id) {
- fprintf(stderr, "failed %lx vs. %lx\n", ci->id, tci->id);
- return 0;
+ fprintf(stderr,
+ "failed %lx vs. %lx\n", ci->id, tci->id);
+ return 0;
+ }
}
tci = ci;
}
projects / openbsd / commitdiff