More cleanup.

diff --git a/apps/s_cb.c b/apps/s_cb.c
index 927f9d91e1e8c103092c4f23f94930e87f1600b5..8127e77143ee1f6b927136d12518d02756bd80c1 100644 (file)
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -876,12 +876,12 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
                                case 16:
                                        str_details1 = ", ClientKeyExchange";
                                        break;
                                case 16:
                                        str_details1 = ", ClientKeyExchange";
                                        break;

-                               case 23:
-                                       str_details1 = ", SupplementalData";
-                                       break;

                                case 20:
                                        str_details1 = ", Finished";
                                        break;
                                case 20:
                                        str_details1 = ", Finished";
                                        break;

+                               case 23:
+                                       str_details1 = ", SupplementalData";
+                                       break;

                                        }
                                }
                        }
                                        }
                                }
                        }

diff --git a/apps/s_client.c b/apps/s_client.c
index 028018ad766be3caa4acb9dceb973683616b35ad..b4ea03ba773e9e0ebc19e87af2bea43c6a825a5b 100644 (file)
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -2434,18 +2434,12 @@ static int authz_tlsext_cb(SSL *s, unsigned short ext_type,
                           void *arg)
        {
        if (TLSEXT_TYPE_server_authz == ext_type)
                           void *arg)
        {
        if (TLSEXT_TYPE_server_authz == ext_type)

-               {
-               server_provided_server_authz = (memchr(in,
-               TLSEXT_AUTHZDATAFORMAT_dtcp,
-               inlen) != NULL);
-               }
+               server_provided_server_authz
+                 = (memchr(in, TLSEXT_AUTHZDATAFORMAT_dtcp, inlen) != NULL);

 
        if (TLSEXT_TYPE_client_authz == ext_type)
 
        if (TLSEXT_TYPE_client_authz == ext_type)

-               {
-               server_provided_client_authz = (memchr(in,
-               TLSEXT_AUTHZDATAFORMAT_dtcp,
-               inlen) != NULL);
-               }
+               server_provided_client_authz
+                 = (memchr(in, TLSEXT_AUTHZDATAFORMAT_dtcp, inlen) != NULL);

 
        return 1;
        }
 
        return 1;
        }


@@ -2487,7 +2481,8 @@ static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type,
        unsigned char *result;
        if (c_auth && server_provided_client_authz && server_provided_server_authz)
                {
        unsigned char *result;
        if (c_auth && server_provided_client_authz && server_provided_server_authz)
                {

-               if (!c_auth_require_reneg || (c_auth_require_reneg && SSL_num_renegotiations(s)))
+               if (!c_auth_require_reneg
+                   || (c_auth_require_reneg && SSL_num_renegotiations(s)))

                        {
                        result = OPENSSL_malloc(10);
                        memcpy(result, "5432154321", 10);
                        {
                        result = OPENSSL_malloc(10);
                        memcpy(result, "5432154321", 10);

diff --git a/apps/s_server.c b/apps/s_server.c
index cf40da528df9b42f2bcf93361786fdb58a1fe399..29189fde2903846c8440721c2c7662cc4925fceb 100644 (file)
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -1056,7 +1056,7 @@ int MAIN(int argc, char *argv[])
        EVP_PKEY *s_key = NULL, *s_dkey = NULL;
        int no_cache = 0, ext_cache = 0;
        int rev = 0, naccept = -1;
        EVP_PKEY *s_key = NULL, *s_dkey = NULL;
        int no_cache = 0, ext_cache = 0;
        int rev = 0, naccept = -1;

-    int c_no_resumption_on_reneg = 0;
+       int c_no_resumption_on_reneg = 0;

 #ifndef OPENSSL_NO_TLSEXT
        EVP_PKEY *s_key2 = NULL;
        X509 *s_cert2 = NULL;
 #ifndef OPENSSL_NO_TLSEXT
        EVP_PKEY *s_key2 = NULL;
        X509 *s_cert2 = NULL;


@@ -1961,10 +1961,8 @@ bad:
                }
 #endif
 
                }
 #endif
 

-    if (c_no_resumption_on_reneg)
-        {
-        SSL_CTX_set_options(ctx, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
-        }
+       if (c_no_resumption_on_reneg)
+               SSL_CTX_set_options(ctx, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);

        if (!set_cert_key_stuff(ctx, s_cert, s_key, s_chain, build_chain))
                goto end;
 #ifndef OPENSSL_NO_TLSEXT
        if (!set_cert_key_stuff(ctx, s_cert, s_key, s_chain, build_chain))
                goto end;
 #ifndef OPENSSL_NO_TLSEXT


@@ -3569,18 +3567,12 @@ static int authz_tlsext_cb(SSL *s, unsigned short ext_type,
                           void *arg)
        {
        if (TLSEXT_TYPE_server_authz == ext_type)
                           void *arg)
        {
        if (TLSEXT_TYPE_server_authz == ext_type)

-               {
-               client_provided_server_authz = (memchr(in,
-               TLSEXT_AUTHZDATAFORMAT_dtcp,
-               inlen) != NULL);
-               }
+               client_provided_server_authz
+                 = memchr(in,  TLSEXT_AUTHZDATAFORMAT_dtcp, inlen) != NULL;

 
        if (TLSEXT_TYPE_client_authz == ext_type)
 
        if (TLSEXT_TYPE_client_authz == ext_type)

-               {
-               client_provided_client_authz = (memchr(in,
-               TLSEXT_AUTHZDATAFORMAT_dtcp,
-               inlen) != NULL);
-               }
+               client_provided_client_authz
+                 = memchr(in, TLSEXT_AUTHZDATAFORMAT_dtcp, inlen) != NULL;

 
        return 1;
        }
 
        return 1;
        }


@@ -3591,7 +3583,8 @@ static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type,
        {
        if (c_auth && client_provided_client_authz && client_provided_server_authz)
                {
        {
        if (c_auth && client_provided_client_authz && client_provided_server_authz)
                {

-               if (!c_auth_require_reneg || (c_auth_require_reneg && SSL_num_renegotiations(s)))
+               if (!c_auth_require_reneg
+                   || (c_auth_require_reneg && SSL_num_renegotiations(s)))

                        {
                        *out = auth_ext_data;
                        *outlen = 1;
                        {
                        *out = auth_ext_data;
                        *outlen = 1;


@@ -3622,7 +3615,8 @@ static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type,
        unsigned char *result;
        if (c_auth && client_provided_client_authz && client_provided_server_authz)
                {
        unsigned char *result;
        if (c_auth && client_provided_client_authz && client_provided_server_authz)
                {

-               if (!c_auth_require_reneg || (c_auth_require_reneg && SSL_num_renegotiations(s)))
+               if (!c_auth_require_reneg
+                   || (c_auth_require_reneg && SSL_num_renegotiations(s)))

                        {
                        result = OPENSSL_malloc(10);
                        memcpy(result, "1234512345", 10);
                        {
                        result = OPENSSL_malloc(10);
                        memcpy(result, "1234512345", 10);

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 87d738cdf9e2dfcf2a3a825dd5a968c899805b38..5ceb62488cf890ee462340c8469d709772e57313 100644 (file)
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -3564,9 +3564,11 @@ int ssl3_check_finished(SSL *s)
        {
        int ok;
        long n;
        {
        int ok;
        long n;

-/*     Read the message to see if it is supplemental data, regardless if there is a session ticket
-       this function is called when we really expect a Certificate
-       message, so permit appropriate message length */
+
+       /* Read the message to see if it is supplemental data,
+        * regardless if there is a session ticket this function is
+        * called when we really expect a Certificate message, so
+        * permit appropriate message length */

        n=s->method->ssl_get_message(s,
                SSL3_ST_CR_CERT_A,
                SSL3_ST_CR_CERT_B,
        n=s->method->ssl_get_message(s,
                SSL3_ST_CR_CERT_A,
                SSL3_ST_CR_CERT_B,


@@ -3577,9 +3579,7 @@ int ssl3_check_finished(SSL *s)
        s->s3->tmp.reuse_message = 1;
 
        if (s->s3->tmp.message_type == SSL3_MT_SUPPLEMENTAL_DATA)
        s->s3->tmp.reuse_message = 1;
 
        if (s->s3->tmp.message_type == SSL3_MT_SUPPLEMENTAL_DATA)

-               {

                return 3;
                return 3;

-               }

        /* If we have no ticket it cannot be a resumed session. */
        if (!s->session->tlsext_tick)
                return 1;
        /* If we have no ticket it cannot be a resumed session. */
        if (!s->session->tlsext_tick)
                return 1;


@@ -3727,7 +3727,7 @@ int tls1_get_server_supplemental_data(SSL *s)
                goto f_err;
                }
        n2l3(p, supp_data_len);
                goto f_err;
                }
        n2l3(p, supp_data_len);

-       while (p<d+supp_data_len)
+       while (p < d+supp_data_len)

                {
                n2s(p, supp_data_entry_type);
                n2s(p, supp_data_entry_len);
                {
                n2s(p, supp_data_entry_type);
                n2s(p, supp_data_entry_len);


@@ -3744,7 +3744,7 @@ int tls1_get_server_supplemental_data(SSL *s)
                                        }
                                }
                        }
                                        }
                                }
                        }

-               p+=supp_data_entry_len;
+               p += supp_data_entry_len;

                }
        return 1;
 f_err:
                }
        return 1;
 f_err:

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 0a8f206f9f96b44efdcd8fda127c993ae23a19eb..02653a4983b4b6222cf5d0f02c0be5e23ee039cc 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -903,9 +903,7 @@ int ssl3_check_client_hello(SSL *s)
        s->s3->tmp.reuse_message = 1;
 #ifndef OPENSSL_NO_TLSEXT
        if (s->s3->tmp.message_type == SSL3_MT_SUPPLEMENTAL_DATA)
        s->s3->tmp.reuse_message = 1;
 #ifndef OPENSSL_NO_TLSEXT
        if (s->s3->tmp.message_type == SSL3_MT_SUPPLEMENTAL_DATA)

-               {

                return 3;
                return 3;

-               }

 #endif
        if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
                {
 #endif
        if (s->s3->tmp.message_type == SSL3_MT_CLIENT_HELLO)
                {

diff --git a/ssl/ssl.h b/ssl/ssl.h
index f4caef71bdadac3bf91bb50b2cd2e3ef31ee8916..fdcacb972eaa29b629db752b66a7c43e85ca2b9d 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1189,11 +1189,11 @@ struct ssl_ctx_st
        custom_srv_ext_record *custom_srv_ext_records;
        size_t custom_srv_ext_records_count;
 
        custom_srv_ext_record *custom_srv_ext_records;
        size_t custom_srv_ext_records_count;
 

-    /* Arrays containing the callbacks for Supplemental Data. */
-    cli_supp_data_record *cli_supp_data_records;
-    size_t cli_supp_data_records_count;
-    srv_supp_data_record *srv_supp_data_records;
-    size_t srv_supp_data_records_count;
+       /* Arrays containing the callbacks for Supplemental Data. */
+       cli_supp_data_record *cli_supp_data_records;
+       size_t cli_supp_data_records_count;
+       srv_supp_data_record *srv_supp_data_records;
+       size_t srv_supp_data_records_count;

        };
 
 #endif
        };
 
 #endif

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 0b2d5ffd95575e565b8df2a61ac560885d4112f3..54f02a67c49978b9a240d819298db18ceca7abf0 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1855,7 +1855,7 @@ int SSL_CTX_set_cli_supp_data(SSL_CTX *ctx,
                        return 0;
 
        ctx->cli_supp_data_records = OPENSSL_realloc(ctx->cli_supp_data_records,
                        return 0;
 
        ctx->cli_supp_data_records = OPENSSL_realloc(ctx->cli_supp_data_records,

-       (ctx->cli_supp_data_records_count+1) * sizeof(cli_supp_data_record));
+         (ctx->cli_supp_data_records_count+1) * sizeof(cli_supp_data_record));

        if (!ctx->cli_supp_data_records)
                {
                ctx->cli_supp_data_records_count = 0;
        if (!ctx->cli_supp_data_records)
                {
                ctx->cli_supp_data_records_count = 0;


@@ -1884,7 +1884,7 @@ int SSL_CTX_set_srv_supp_data(SSL_CTX *ctx,
                        return 0;
 
        ctx->srv_supp_data_records = OPENSSL_realloc(ctx->srv_supp_data_records,
                        return 0;
 
        ctx->srv_supp_data_records = OPENSSL_realloc(ctx->srv_supp_data_records,

-       (ctx->srv_supp_data_records_count+1) * sizeof(srv_supp_data_record));
+         (ctx->srv_supp_data_records_count+1) * sizeof(srv_supp_data_record));

        if (!ctx->srv_supp_data_records)
                {
                ctx->srv_supp_data_records_count = 0;
        if (!ctx->srv_supp_data_records)
                {
                ctx->srv_supp_data_records_count = 0;

diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index a461eb805c473c20b35cdf8aa0524a2b6d8ec112..3c232115f2122730d963b872f39fdcfe79d6bbfd 100644 (file)
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -521,7 +521,7 @@ int custom_ext = 0;
 /* This set based on extension callbacks */
 int custom_ext_error = 0;
 
 /* This set based on extension callbacks */
 int custom_ext_error = 0;
 

-/*Not IETF assigned supplemental data types*/
+/* Not IETF assigned supplemental data types */

 #define CUSTOM_SUPP_DATA_TYPE_0 100
 #define CUSTOM_SUPP_DATA_TYPE_1 101
 #define CUSTOM_SUPP_DATA_TYPE_2 102
 #define CUSTOM_SUPP_DATA_TYPE_0 100
 #define CUSTOM_SUPP_DATA_TYPE_1 101
 #define CUSTOM_SUPP_DATA_TYPE_2 102