From 3c1c12420a0b910543fd8d31e904aecf64f67c0a Mon Sep 17 00:00:00 2001 From: job Date: Wed, 8 Sep 2021 09:49:24 +0000 Subject: [PATCH] Fix indentation of comments and labels OK tb@ --- lib/libcrypto/x509/x509_addr.c | 162 +++++++++++++++---------------- lib/libcrypto/x509/x509_asid.c | 170 ++++++++++++++++----------------- 2 files changed, 167 insertions(+), 165 deletions(-) diff --git a/lib/libcrypto/x509/x509_addr.c b/lib/libcrypto/x509/x509_addr.c index 110b5b63f84..1530c3174ce 100644 --- a/lib/libcrypto/x509/x509_addr.c +++ b/lib/libcrypto/x509/x509_addr.c @@ -623,7 +623,7 @@ make_addressPrefix(IPAddressOrRange **result, unsigned char *addr, *result = aor; return 1; -err: + err: IPAddressOrRange_free(aor); return 0; } @@ -686,7 +686,7 @@ make_addressRange(IPAddressOrRange **result, unsigned char *min, *result = aor; return 1; -err: + err: IPAddressOrRange_free(aor); return 0; } @@ -734,7 +734,7 @@ make_IPAddressFamily(IPAddrBlocks *addr, const unsigned afi, return f; -err: + err: IPAddressFamily_free(f); return NULL; } @@ -906,15 +906,15 @@ X509v3_addr_is_canonical(IPAddrBlocks *addr) IPAddressOrRanges *aors; int i, j, k; - /* - * Empty extension is canonical. - */ + /* + * Empty extension is canonical. + */ if (addr == NULL) return 1; - /* - * Check whether the top-level list is in order. - */ + /* + * Check whether the top-level list is in order. + */ for (i = 0; i < sk_IPAddressFamily_num(addr) - 1; i++) { const IPAddressFamily *a = sk_IPAddressFamily_value(addr, i); const IPAddressFamily *b = sk_IPAddressFamily_value(addr, i + 1); @@ -922,17 +922,18 @@ X509v3_addr_is_canonical(IPAddrBlocks *addr) return 0; } - /* - * Top level's ok, now check each address family. - */ + /* + * Top level's ok, now check each address family. + */ for (i = 0; i < sk_IPAddressFamily_num(addr); i++) { IPAddressFamily *f = sk_IPAddressFamily_value(addr, i); int length = length_from_afi(X509v3_addr_get_afi(f)); - /* - * Inheritance is canonical. Anything other than inheritance or - * a SEQUENCE OF IPAddressOrRange is an ASN.1 error or something. - */ + /* + * Inheritance is canonical. Anything other than inheritance + * or a SEQUENCE OF IPAddressOrRange is an ASN.1 error or + * something. + */ if (f == NULL || f->ipAddressChoice == NULL) return 0; switch (f->ipAddressChoice->type) { @@ -944,9 +945,9 @@ X509v3_addr_is_canonical(IPAddrBlocks *addr) return 0; } - /* - * It's an IPAddressOrRanges sequence, check it. - */ + /* + * It's an IPAddressOrRanges sequence, check it. + */ aors = f->ipAddressChoice->u.addressesOrRanges; if (sk_IPAddressOrRange_num(aors) == 0) return 0; @@ -959,35 +960,36 @@ X509v3_addr_is_canonical(IPAddrBlocks *addr) !extract_min_max(b, b_min, b_max, length)) return 0; - /* - * Punt misordered list, overlapping start, or inverted range. - */ + /* + * Punt misordered list, overlapping start, or inverted + * range. + */ if (memcmp(a_min, b_min, length) >= 0 || memcmp(a_min, a_max, length) > 0 || memcmp(b_min, b_max, length) > 0) return 0; - /* - * Punt if adjacent or overlapping. Check for adjacency by - * subtracting one from b_min first. - */ + /* + * Punt if adjacent or overlapping. Check for adjacency by + * subtracting one from b_min first. + */ for (k = length - 1; k >= 0 && b_min[k]-- == 0x00; k--) ; if (memcmp(a_max, b_min, length) >= 0) return 0; - /* - * Check for range that should be expressed as a prefix. - */ + /* + * Check for range that should be expressed as a prefix. + */ if (a->type == IPAddressOrRange_addressRange && range_should_be_prefix(a_min, a_max, length) >= 0) return 0; } - /* - * Check range to see if it's inverted or should be a - * prefix. - */ + /* + * Check range to see if it's inverted or should be a + * prefix. + */ j = sk_IPAddressOrRange_num(aors) - 1; { IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j); @@ -1003,9 +1005,9 @@ X509v3_addr_is_canonical(IPAddrBlocks *addr) } } - /* - * If we made it through all that, we're happy. - */ + /* + * If we made it through all that, we're happy. + */ return 1; } @@ -1017,14 +1019,14 @@ IPAddressOrRanges_canonize(IPAddressOrRanges *aors, const unsigned afi) { int i, j, length = length_from_afi(afi); - /* - * Sort the IPAddressOrRanges sequence. - */ + /* + * Sort the IPAddressOrRanges sequence. + */ sk_IPAddressOrRange_sort(aors); - /* - * Clean up representation issues, punt on duplicates or overlaps. - */ + /* + * Clean up representation issues, punt on duplicates or overlaps. + */ for (i = 0; i < sk_IPAddressOrRange_num(aors) - 1; i++) { IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, i); IPAddressOrRange *b = sk_IPAddressOrRange_value(aors, i + 1); @@ -1035,23 +1037,23 @@ IPAddressOrRanges_canonize(IPAddressOrRanges *aors, const unsigned afi) !extract_min_max(b, b_min, b_max, length)) return 0; - /* - * Punt inverted ranges. - */ + /* + * Punt inverted ranges. + */ if (memcmp(a_min, a_max, length) > 0 || memcmp(b_min, b_max, length) > 0) return 0; - /* - * Punt overlaps. - */ + /* + * Punt overlaps. + */ if (memcmp(a_max, b_min, length) >= 0) return 0; - /* - * Merge if a and b are adjacent. We check for - * adjacency by subtracting one from b_min first. - */ + /* + * Merge if a and b are adjacent. We check for + * adjacency by subtracting one from b_min first. + */ for (j = length - 1; j >= 0 && b_min[j]-- == 0x00; j--) ; if (memcmp(a_max, b_min, length) == 0) { @@ -1067,9 +1069,9 @@ IPAddressOrRanges_canonize(IPAddressOrRanges *aors, const unsigned afi) } } - /* - * Check for inverted final range. - */ + /* + * Check for inverted final range. + */ j = sk_IPAddressOrRange_num(aors) - 1; { IPAddressOrRange *a = sk_IPAddressOrRange_value(aors, j); @@ -1159,10 +1161,10 @@ v2i_IPAddrBlocks(const struct v3_ext_method *method, struct v3_ext_ctx *ctx, length = length_from_afi(afi); - /* - * Handle SAFI, if any, and strdup() so we can null-terminate - * the other input values. - */ + /* + * Handle SAFI, if any, and strdup() so we can null-terminate + * the other input values. + */ if (safi != NULL) { *safi = strtoul(val->value, &t, 0); t += strspn(t, " \t"); @@ -1181,10 +1183,10 @@ v2i_IPAddrBlocks(const struct v3_ext_method *method, struct v3_ext_ctx *ctx, goto err; } - /* - * Check for inheritance. Not worth additional complexity to - * optimize this (seldom-used) case. - */ + /* + * Check for inheritance. Not worth additional complexity to + * optimize this (seldom-used) case. + */ if (strcmp(s, "inherit") == 0) { if (!X509v3_addr_add_inherit(addr, afi, safi)) { X509V3error(X509V3_R_INVALID_INHERITANCE); @@ -1261,14 +1263,14 @@ v2i_IPAddrBlocks(const struct v3_ext_method *method, struct v3_ext_ctx *ctx, s = NULL; } - /* - * Canonize the result, then we're done. - */ + /* + * Canonize the result, then we're done. + */ if (!X509v3_addr_canonize(addr)) goto err; return addr; -err: + err: free(s); sk_IPAddressFamily_pop_free(addr, IPAddressFamily_free); return NULL; @@ -1409,11 +1411,11 @@ addr_validate_path_internal(X509_STORE_CTX *ctx, STACK_OF(X509)*chain, OPENSSL_assert(ctx != NULL || ext != NULL); OPENSSL_assert(ctx == NULL || ctx->verify_cb != NULL); - /* - * Figure out where to start. If we don't have an extension to - * check, we're done. Otherwise, check canonical form and - * set up for walking up the chain. - */ + /* + * Figure out where to start. If we don't have an extension to check, + * we're done. Otherwise, check canonical form and set up for walking + * up the chain. + */ if (ext != NULL) { i = -1; x = NULL; @@ -1434,10 +1436,10 @@ addr_validate_path_internal(X509_STORE_CTX *ctx, STACK_OF(X509)*chain, goto done; } - /* - * Now walk up the chain. No cert may list resources that its - * parent doesn't list. - */ + /* + * Now walk up the chain. No cert may list resources that its parent + * doesn't list. + */ for (i++; i < sk_X509_num(chain); i++) { x = sk_X509_value(chain, i); if (!X509v3_addr_is_canonical(x->rfc3779_addr)) @@ -1483,9 +1485,9 @@ addr_validate_path_internal(X509_STORE_CTX *ctx, STACK_OF(X509)*chain, } } - /* - * Trust anchor can't inherit. - */ + /* + * Trust anchor can't inherit. + */ if (x->rfc3779_addr != NULL) { for (j = 0; j < sk_IPAddressFamily_num(x->rfc3779_addr); j++) { IPAddressFamily *fp = @@ -1497,7 +1499,7 @@ addr_validate_path_internal(X509_STORE_CTX *ctx, STACK_OF(X509)*chain, } } -done: + done: sk_IPAddressFamily_free(child); return ret; } diff --git a/lib/libcrypto/x509/x509_asid.c b/lib/libcrypto/x509/x509_asid.c index b44b01489f4..ed99ca7b6d6 100644 --- a/lib/libcrypto/x509/x509_asid.c +++ b/lib/libcrypto/x509/x509_asid.c @@ -414,7 +414,7 @@ X509v3_asid_add_id_or_range(ASIdentifiers *asid, int which, ASN1_INTEGER *min, goto err; return 1; -err: + err: ASIdOrRange_free(aor); return 0; } @@ -452,22 +452,22 @@ ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice) BIGNUM *bn = NULL; int i, ret = 0; - /* - * Empty element or inheritance is canonical. - */ + /* + * Empty element or inheritance is canonical. + */ if (choice == NULL || choice->type == ASIdentifierChoice_inherit) return 1; - /* - * If not a list, or if empty list, it's broken. - */ + /* + * If not a list, or if empty list, it's broken. + */ if (choice->type != ASIdentifierChoice_asIdsOrRanges || sk_ASIdOrRange_num(choice->u.asIdsOrRanges) == 0) return 0; - /* - * It's a list, check it. - */ + /* + * It's a list, check it. + */ for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; i++) { ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i); @@ -483,17 +483,17 @@ ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice) !extract_min_max(b, &b_min, &b_max)) goto done; - /* - * Punt misordered list, overlapping start, or inverted range. - */ + /* + * Punt misordered list, overlapping start, or inverted range. + */ if (ASN1_INTEGER_cmp(a_min, b_min) >= 0 || ASN1_INTEGER_cmp(a_min, a_max) > 0 || ASN1_INTEGER_cmp(b_min, b_max) > 0) goto done; - /* - * Calculate a_max + 1 to check for adjacency. - */ + /* + * Calculate a_max + 1 to check for adjacency. + */ if ((bn == NULL && (bn = BN_new()) == NULL) || ASN1_INTEGER_to_BN(a_max, bn) == NULL || !BN_add_word(bn, 1)) { @@ -508,16 +508,16 @@ ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice) goto done; } - /* - * Punt if adjacent or overlapping. - */ + /* + * Punt if adjacent or overlapping. + */ if (ASN1_INTEGER_cmp(a_max_plus_one, b_min) >= 0) goto done; } - /* - * Check for inverted range. - */ + /* + * Check for inverted range. + */ i = sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; { ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, @@ -532,7 +532,7 @@ ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice) ret = 1; -done: + done: ASN1_INTEGER_free(a_max_plus_one); BN_free(bn); return ret; @@ -560,30 +560,30 @@ ASIdentifierChoice_canonize(ASIdentifierChoice *choice) BIGNUM *bn = NULL; int i, ret = 0; - /* - * Nothing to do for empty element or inheritance. - */ + /* + * Nothing to do for empty element or inheritance. + */ if (choice == NULL || choice->type == ASIdentifierChoice_inherit) return 1; - /* - * If not a list, or if empty list, it's broken. - */ + /* + * If not a list, or if empty list, it's broken. + */ if (choice->type != ASIdentifierChoice_asIdsOrRanges || sk_ASIdOrRange_num(choice->u.asIdsOrRanges) == 0) { X509V3error(X509V3_R_EXTENSION_VALUE_ERROR); return 0; } - /* - * We have a non-empty list. Sort it. - */ + /* + * We have a non-empty list. Sort it. + */ sk_ASIdOrRange_sort(choice->u.asIdsOrRanges); - /* - * Now check for errors and suboptimal encoding, rejecting the - * former and fixing the latter. - */ + /* + * Now check for errors and suboptimal encoding, rejecting the + * former and fixing the latter. + */ for (i = 0; i < sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; i++) { ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, i); @@ -599,29 +599,29 @@ ASIdentifierChoice_canonize(ASIdentifierChoice *choice) !extract_min_max(b, &b_min, &b_max)) goto done; - /* - * Make sure we're properly sorted (paranoia). - */ + /* + * Make sure we're properly sorted (paranoia). + */ OPENSSL_assert(ASN1_INTEGER_cmp(a_min, b_min) <= 0); - /* - * Punt inverted ranges. - */ + /* + * Punt inverted ranges. + */ if (ASN1_INTEGER_cmp(a_min, a_max) > 0 || ASN1_INTEGER_cmp(b_min, b_max) > 0) goto done; - /* - * Check for overlaps. - */ + /* + * Check for overlaps. + */ if (ASN1_INTEGER_cmp(a_max, b_min) >= 0) { X509V3error(X509V3_R_EXTENSION_VALUE_ERROR); goto done; } - /* - * Calculate a_max + 1 to check for adjacency. - */ + /* + * Calculate a_max + 1 to check for adjacency. + */ if ((bn == NULL && (bn = BN_new()) == NULL) || ASN1_INTEGER_to_BN(a_max, bn) == NULL || !BN_add_word(bn, 1)) { @@ -636,9 +636,9 @@ ASIdentifierChoice_canonize(ASIdentifierChoice *choice) goto done; } - /* - * If a and b are adjacent, merge them. - */ + /* + * If a and b are adjacent, merge them. + */ if (ASN1_INTEGER_cmp(a_max_plus_one, b_min) == 0) { ASRange *r; switch (a->type) { @@ -673,9 +673,9 @@ ASIdentifierChoice_canonize(ASIdentifierChoice *choice) } } - /* - * Check for final inverted range. - */ + /* + * Check for final inverted range. + */ i = sk_ASIdOrRange_num(choice->u.asIdsOrRanges) - 1; { ASIdOrRange *a = sk_ASIdOrRange_value(choice->u.asIdsOrRanges, @@ -688,12 +688,12 @@ ASIdentifierChoice_canonize(ASIdentifierChoice *choice) } } - /* Paranoia */ + /* Paranoia */ OPENSSL_assert(ASIdentifierChoice_is_canonical(choice)); ret = 1; -done: + done: ASN1_INTEGER_free(a_max_plus_one); BN_free(bn); return ret; @@ -730,9 +730,9 @@ v2i_ASIdentifiers(const struct v3_ext_method *method, struct v3_ext_ctx *ctx, CONF_VALUE *val = sk_CONF_VALUE_value(values, i); int i1 = 0, i2 = 0, i3 = 0, is_range = 0, which = 0; - /* - * Figure out whether this is an AS or an RDI. - */ + /* + * Figure out whether this is an AS or an RDI. + */ if (!name_cmp(val->name, "AS")) { which = V3_ASID_ASNUM; } else if (!name_cmp(val->name, "RDI")) { @@ -743,9 +743,9 @@ v2i_ASIdentifiers(const struct v3_ext_method *method, struct v3_ext_ctx *ctx, goto err; } - /* - * Handle inheritance. - */ + /* + * Handle inheritance. + */ if (strcmp(val->value, "inherit") == 0) { if (X509v3_asid_add_inherit(asid, which)) continue; @@ -754,9 +754,9 @@ v2i_ASIdentifiers(const struct v3_ext_method *method, struct v3_ext_ctx *ctx, goto err; } - /* - * Number, range, or mistake, pick it apart and figure out which. - */ + /* + * Number, range, or mistake, pick it apart and figure out which + */ i1 = strspn(val->value, "0123456789"); if (val->value[i1] == '\0') { is_range = 0; @@ -778,9 +778,9 @@ v2i_ASIdentifiers(const struct v3_ext_method *method, struct v3_ext_ctx *ctx, } } - /* - * Syntax is ok, read and add it. - */ + /* + * Syntax is ok, read and add it. + */ if (!is_range) { if (!X509V3_get_value_int(val, &min)) { X509V3error(ERR_R_MALLOC_FAILURE); @@ -812,14 +812,14 @@ v2i_ASIdentifiers(const struct v3_ext_method *method, struct v3_ext_ctx *ctx, min = max = NULL; } - /* - * Canonize the result, then we're done. - */ + /* + * Canonize the result, then we're done. + */ if (!X509v3_asid_canonize(asid)) goto err; return asid; -err: + err: ASIdentifiers_free(asid); ASN1_INTEGER_free(min); ASN1_INTEGER_free(max); @@ -941,11 +941,11 @@ asid_validate_path_internal(X509_STORE_CTX *ctx, STACK_OF(X509)*chain, OPENSSL_assert(ctx != NULL || ext != NULL); OPENSSL_assert(ctx == NULL || ctx->verify_cb != NULL); - /* - * Figure out where to start. If we don't have an extension to - * check, we're done. Otherwise, check canonical form and - * set up for walking up the chain. - */ + /* + * Figure out where to start. If we don't have an extension to + * check, we're done. Otherwise, check canonical form and + * set up for walking up the chain. + */ if (ext != NULL) { i = -1; x = NULL; @@ -978,10 +978,10 @@ asid_validate_path_internal(X509_STORE_CTX *ctx, STACK_OF(X509)*chain, } } - /* - * Now walk up the chain. Extensions must be in canonical form, no - * cert may list resources that its parent doesn't list. - */ + /* + * Now walk up the chain. Extensions must be in canonical form, no + * cert may list resources that its parent doesn't list. + */ for (i++; i < sk_X509_num(chain); i++) { x = sk_X509_value(chain, i); OPENSSL_assert(x != NULL); @@ -1028,9 +1028,9 @@ asid_validate_path_internal(X509_STORE_CTX *ctx, STACK_OF(X509)*chain, } } - /* - * Trust anchor can't inherit. - */ + /* + * Trust anchor can't inherit. + */ OPENSSL_assert(x != NULL); if (x->rfc3779_asid != NULL) { @@ -1042,7 +1042,7 @@ asid_validate_path_internal(X509_STORE_CTX *ctx, STACK_OF(X509)*chain, validation_err(X509_V_ERR_UNNESTED_RESOURCE); } -done: + done: return ret; } -- 2.20.1