Re-add alert variables removed during rebase
authorScott Deboy <sdeboy@secondstryke.com>
Tue, 4 Feb 2014 21:08:43 +0000 (13:08 -0800)
committerBen Laurie <ben@links.org>
Wed, 5 Feb 2014 18:25:46 +0000 (18:25 +0000)
Whitespace fixes

apps/s_client.c
apps/s_server.c
ssl/s23_clnt.c
ssl/s3_clnt.c
ssl/s3_lib.c
ssl/s3_srvr.c
ssl/ssl.h
ssl/ssl_rsa.c
ssl/ssltest.c
ssl/t1_lib.c

index 95c62a7..236dbd3 100644 (file)
@@ -236,22 +236,22 @@ static int server_provided_client_authz = 0;
 static const unsigned char auth_ext_data[]={TLSEXT_AUTHZDATAFORMAT_dtcp};
 
 static int suppdata_cb(SSL *s, unsigned short supp_data_type,
-                      const unsigned char *in,
-                      unsigned short inlen, int *al,
-                      void *arg);
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg);
 
 static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type,
-                                    const unsigned char **out,
-                                     unsigned short *outlen, int *al, void *arg);
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg);
 
 static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type,
-                                   const unsigned char **out, unsigned short *outlen,
-                                    int *al, void *arg);
+                               const unsigned char **out, unsigned short *outlen,
+                               int *al, void *arg);
 
 static int authz_tlsext_cb(SSL *s, unsigned short ext_type,
-                          const unsigned char *in,
-                          unsigned short inlen, int *al,
-                          void *arg);
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg);
 #endif
 
 #ifndef OPENSSL_NO_PSK
@@ -2439,9 +2439,9 @@ static int ocsp_resp_cb(SSL *s, void *arg)
        }
 
 static int authz_tlsext_cb(SSL *s, unsigned short ext_type,
-                          const unsigned char *in,
-                          unsigned short inlen, int *al,
-                          void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        if (TLSEXT_TYPE_server_authz == ext_type)
                server_provided_server_authz
@@ -2455,8 +2455,8 @@ static int authz_tlsext_cb(SSL *s, unsigned short ext_type,
        }
 
 static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type,
-                                   const unsigned char **out, unsigned short *outlen,
-                                    int *al, void *arg)
+                               const unsigned char **out, unsigned short *outlen,
+                               int *al, void *arg)
        {
        if (c_auth)
                {
@@ -2474,9 +2474,9 @@ static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type,
        }
 
 static int suppdata_cb(SSL *s, unsigned short supp_data_type,
-                      const unsigned char *in,
-                      unsigned short inlen, int *al,
-                      void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        if (supp_data_type == TLSEXT_SUPPLEMENTALDATATYPE_authz_data)
                {
@@ -2487,8 +2487,8 @@ static int suppdata_cb(SSL *s, unsigned short supp_data_type,
        }
 
 static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type,
-                                    const unsigned char **out,
-                                     unsigned short *outlen, int *al, void *arg)
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg)
        {
        if (c_auth && server_provided_client_authz && server_provided_server_authz)
                {
index 2996920..47fa2f3 100644 (file)
@@ -331,22 +331,22 @@ static int cert_chain = 0;
 
 #ifndef OPENSSL_NO_TLSEXT
 static int suppdata_cb(SSL *s, unsigned short supp_data_type,
-                      const unsigned char *in,
-                      unsigned short inlen, int *al,
-                      void *arg);
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg);
 
 static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type,
-                                    const unsigned char **out,
-                                     unsigned short *outlen, int *al, void *arg);
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg);
 
 static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type,
-                                   const unsigned char **out, unsigned short *outlen,
-                                    int *al, void *arg);
+                               const unsigned char **out, unsigned short *outlen,
+                               int *al, void *arg);
 
 static int authz_tlsext_cb(SSL *s, unsigned short ext_type,
-                          const unsigned char *in,
-                          unsigned short inlen, int *al,
-                          void *arg);
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg);
 
 static BIO *serverinfo_in = NULL;
 static const char *s_serverinfo_file = NULL;
@@ -3585,9 +3585,9 @@ static void free_sessions(void)
 
 #ifndef OPENSSL_NO_TLSEXT
 static int authz_tlsext_cb(SSL *s, unsigned short ext_type,
-                          const unsigned char *in,
-                          unsigned short inlen, int *al,
-                          void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        if (TLSEXT_TYPE_server_authz == ext_type)
                client_provided_server_authz
@@ -3601,8 +3601,8 @@ static int authz_tlsext_cb(SSL *s, unsigned short ext_type,
        }
 
 static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type,
-                                   const unsigned char **out, unsigned short *outlen,
-                                    int *al, void *arg)
+                               const unsigned char **out, unsigned short *outlen,
+                               int *al, void *arg)
        {
        if (c_auth && client_provided_client_authz && client_provided_server_authz)
                {
@@ -3621,9 +3621,9 @@ static int authz_tlsext_generate_cb(SSL *s, unsigned short ext_type,
        }
 
 static int suppdata_cb(SSL *s, unsigned short supp_data_type,
-                      const unsigned char *in,
-                      unsigned short inlen, int *al,
-                      void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        if (supp_data_type == TLSEXT_SUPPLEMENTALDATATYPE_authz_data)
                {
@@ -3634,8 +3634,8 @@ static int suppdata_cb(SSL *s, unsigned short supp_data_type,
        }
 
 static int auth_suppdata_generate_cb(SSL *s, unsigned short supp_data_type,
-                                    const unsigned char **out,
-                                     unsigned short *outlen, int *al, void *arg)
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg)
        {
        if (c_auth && client_provided_client_authz && client_provided_server_authz)
                {
index 452a19c..60a0284 100644 (file)
@@ -299,6 +299,7 @@ static int ssl23_client_hello(SSL *s)
        unsigned long l;
        int ssl2_compat;
        int version = 0, version_major, version_minor;
+       int al = 0;
 #ifndef OPENSSL_NO_COMP
        int j;
        SSL_COMP *comp;
@@ -553,9 +554,9 @@ static int ssl23_client_hello(SSL *s)
                                SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
                                return -1;
                                }
-                        if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL)
+                       if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL)
                                {
-                                ssl3_send_alert(s,SSL3_AL_FATAL,al);
+                               ssl3_send_alert(s,SSL3_AL_FATAL,al);
                                SSLerr(SSL_F_SSL23_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
                                return -1;
                                }
index eccfcc3..0b9c84d 100644 (file)
@@ -689,6 +689,7 @@ int ssl3_client_hello(SSL *s)
        unsigned char *p,*d;
        int i;
        unsigned long l;
+       int al = 0;
 #ifndef OPENSSL_NO_COMP
        int j;
        SSL_COMP *comp;
@@ -891,9 +892,9 @@ int ssl3_client_hello(SSL *s)
                        SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_CLIENTHELLO_TLSEXT);
                        goto err;
                        }
-                if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL)
+               if ((p = ssl_add_clienthello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL)
                        {
-                        ssl3_send_alert(s,SSL3_AL_FATAL,al);
+                       ssl3_send_alert(s,SSL3_AL_FATAL,al);
                        SSLerr(SSL_F_SSL3_CLIENT_HELLO,ERR_R_INTERNAL_ERROR);
                        goto err;
                        }
@@ -3623,7 +3624,7 @@ int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey)
 #ifndef OPENSSL_NO_TLSEXT
 int tls1_send_client_supplemental_data(SSL *s, int *skip)
        {
-        int al = 0;
+       int al = 0;
        if (s->ctx->cli_supp_data_records_count)
                {
                unsigned char *p = NULL;
@@ -3643,20 +3644,20 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip)
                        if (!record->fn2)
                                continue;
                        cb_retval = record->fn2(s, record->supp_data_type,
-                                &out, &outlen, &al,
-                               record->arg);
+                                                                       &out, &outlen, &al,
+                                                                       record->arg);
                        if (cb_retval == -1)
                                continue; /* skip this supp data entry */
                        if (cb_retval == 0)
                                {
                                SSLerr(SSL_F_TLS1_SEND_CLIENT_SUPPLEMENTAL_DATA,ERR_R_BUF_LIB);
-                                goto f_err;
+                               goto f_err;
                                }
                        if (outlen == 0 || TLSEXT_MAXLEN_supplemental_data < outlen + 4 + length)
                                {
                                SSLerr(SSL_F_TLS1_SEND_CLIENT_SUPPLEMENTAL_DATA,ERR_R_BUF_LIB);
                                return 0;
-                               }
+                               }
                        /* if first entry, write handshake message type */
                        if (length == 0)
                                {
@@ -3668,11 +3669,11 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip)
                                p = (unsigned char *)s->init_buf->data;
                                *(p++) = SSL3_MT_SUPPLEMENTAL_DATA;
                                /* update message length when all
-                                * callbacks complete */
+                               * callbacks complete */
                                size_loc = p;
                                /* skip over handshake length field (3
-                                * bytes) and supp_data length field
-                                * (3 bytes) */
+                               * bytes) and supp_data length field
+                               * (3 bytes) */
                                p += 3 + 3;
                                length += 1 +3 +3;
                                }
@@ -3706,10 +3707,10 @@ int tls1_send_client_supplemental_data(SSL *s, int *skip)
        s->init_off = 0;
        return 1;
 
-f_err:
-        ssl3_send_alert(s,SSL3_AL_FATAL,al);
-        return 0;
-}
+       f_err:
+               ssl3_send_alert(s,SSL3_AL_FATAL,al);
+               return 0;
+       }
 
 int tls1_get_server_supplemental_data(SSL *s)
        {
@@ -3724,12 +3725,12 @@ int tls1_get_server_supplemental_data(SSL *s)
        int cb_retval = 0;
 
        n=s->method->ssl_get_message(s,
-               SSL3_ST_CR_SUPPLEMENTAL_DATA_A,
-               SSL3_ST_CR_SUPPLEMENTAL_DATA_B,
-               SSL3_MT_SUPPLEMENTAL_DATA,
-               /* use default limit */
-               TLSEXT_MAXLEN_supplemental_data,
-               &ok);
+                                       SSL3_ST_CR_SUPPLEMENTAL_DATA_A,
+                                       SSL3_ST_CR_SUPPLEMENTAL_DATA_B,
+                                       SSL3_MT_SUPPLEMENTAL_DATA,
+                                       /* use default limit */
+                                       TLSEXT_MAXLEN_supplemental_data,
+                                       &ok);
 
        if (!ok) return((int)n);
 
@@ -3750,9 +3751,11 @@ int tls1_get_server_supplemental_data(SSL *s)
                /* if there is a callback for this supp data type, send it */
                for (i=0; i < s->ctx->cli_supp_data_records_count; i++)
                        {
-                       if (s->ctx->cli_supp_data_records[i].supp_data_type == supp_data_entry_type && s->ctx->cli_supp_data_records[i].fn1)
+                       if (s->ctx->cli_supp_data_records[i].supp_data_type == supp_data_entry_type &&
+                               s->ctx->cli_supp_data_records[i].fn1)
                                {
-                               cb_retval = s->ctx->cli_supp_data_records[i].fn1(s, supp_data_entry_type, p, supp_data_entry_len, &al, s->ctx->cli_supp_data_records[i].arg);
+                               cb_retval = s->ctx->cli_supp_data_records[i].fn1(s, supp_data_entry_type, p,
+                               supp_data_entry_len, &al, s->ctx->cli_supp_data_records[i].arg);
                                if (cb_retval == 0)
                                        {
                                        SSLerr(SSL_F_TLS1_GET_SERVER_SUPPLEMENTAL_DATA, ERR_R_SSL_LIB);
@@ -3763,8 +3766,8 @@ int tls1_get_server_supplemental_data(SSL *s)
                p += supp_data_entry_len;
                }
        return 1;
-f_err:
-       ssl3_send_alert(s,SSL3_AL_FATAL,al);
-       return -1;
+       f_err:
+               ssl3_send_alert(s,SSL3_AL_FATAL,al);
+               return -1;
        }
 #endif
index 31074f2..d97082e 100644 (file)
@@ -3029,8 +3029,8 @@ void ssl3_free(SSL *s)
        SSL_SRP_CTX_free(s);
 #endif
 #ifndef OPENSSL_NO_TLSEXT
-        if (s->s3->serverinfo_client_tlsext_custom_types != NULL)
-                OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types);
+       if (s->s3->serverinfo_client_tlsext_custom_types != NULL)
+               OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types);
 #endif
        OPENSSL_cleanse(s->s3,sizeof *s->s3);
        OPENSSL_free(s->s3);
@@ -3076,12 +3076,12 @@ void ssl3_clear(SSL *s)
                }
 #endif
 #ifndef OPENSSL_NO_TLSEXT
-        if (s->s3->serverinfo_client_tlsext_custom_types != NULL)
+       if (s->s3->serverinfo_client_tlsext_custom_types != NULL)
                {
-                OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types);
-                s->s3->serverinfo_client_tlsext_custom_types = NULL;
+               OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types);
+               s->s3->serverinfo_client_tlsext_custom_types = NULL;
                }
-        s->s3->serverinfo_client_tlsext_custom_types_count = 0;
+       s->s3->serverinfo_client_tlsext_custom_types_count = 0;
 #ifndef OPENSSL_NO_EC
        s->s3->is_probably_safari = 0;
 #endif /* !OPENSSL_NO_EC */
index 54266fb..1e2f251 100644 (file)
@@ -1504,7 +1504,8 @@ int ssl3_send_server_hello(SSL *s)
        {
        unsigned char *buf;
        unsigned char *p,*d;
-        int i,sl,al;
+       int i,sl;
+       int al = 0;
        unsigned long l;
 
        if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
@@ -1574,9 +1575,9 @@ int ssl3_send_server_hello(SSL *s)
                        SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO,SSL_R_SERVERHELLO_TLSEXT);
                        return -1;
                        }
-                if ((p = ssl_add_serverhello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL)
+               if ((p = ssl_add_serverhello_tlsext(s, p, buf+SSL3_RT_MAX_PLAIN_LENGTH, &al)) == NULL)
                        {
-                        ssl3_send_alert(s, SSL3_AL_FATAL, al);
+                       ssl3_send_alert(s, SSL3_AL_FATAL, al);
                        SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO,ERR_R_INTERNAL_ERROR);
                        return -1;
                        }
@@ -3704,7 +3705,7 @@ int ssl3_get_next_proto(SSL *s)
 
 int tls1_send_server_supplemental_data(SSL *s, int *skip)
        {
-        int al = 0;
+       int al = 0;
        if (s->ctx->srv_supp_data_records_count)
                {
                unsigned char *p = NULL;
@@ -3724,14 +3725,14 @@ int tls1_send_server_supplemental_data(SSL *s, int *skip)
                        if (!record->fn1)
                                continue;
                        cb_retval = record->fn1(s, record->supp_data_type,
-                        &out, &outlen, &al,
+                                                                       &out, &outlen, &al,
                        record->arg);
                        if (cb_retval == -1)
                                continue; /* skip this supp data entry */
                        if (cb_retval == 0)
                                {
                                SSLerr(SSL_F_TLS1_SEND_SERVER_SUPPLEMENTAL_DATA,ERR_R_BUF_LIB);
-                                goto f_err;
+                               goto f_err;
                                }
                        if (outlen == 0 || TLSEXT_MAXLEN_supplemental_data < outlen + 4 + length)
                                {
@@ -3794,8 +3795,8 @@ int tls1_send_server_supplemental_data(SSL *s, int *skip)
        s->init_off = 0;
        return 1;
 f_err:
-        ssl3_send_alert(s,SSL3_AL_FATAL,al);
-        return 0;
+       ssl3_send_alert(s,SSL3_AL_FATAL,al);
+       return 0;
        }
 
 int tls1_get_client_supplemental_data(SSL *s)
@@ -3811,12 +3812,12 @@ int tls1_get_client_supplemental_data(SSL *s)
        size_t i = 0;
 
        n=s->method->ssl_get_message(s,
-       SSL3_ST_SR_SUPPLEMENTAL_DATA_A,
-       SSL3_ST_SR_SUPPLEMENTAL_DATA_B,
-       SSL3_MT_SUPPLEMENTAL_DATA,
-       /* use default limit */
-       TLSEXT_MAXLEN_supplemental_data,
-       &ok);
+                                                                SSL3_ST_SR_SUPPLEMENTAL_DATA_A,
+                                                                SSL3_ST_SR_SUPPLEMENTAL_DATA_B,
+                                                                SSL3_MT_SUPPLEMENTAL_DATA,
+                                                                /* use default limit */
+                                                                TLSEXT_MAXLEN_supplemental_data,
+                                                                &ok);
 
        if (!ok) return((int)n);
 
index ede930e..210a389 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -410,19 +410,19 @@ typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len, S
  */
 typedef int (*custom_cli_ext_first_cb_fn)(SSL *s, unsigned short ext_type,
                                          const unsigned char **out,
-                                          unsigned short *outlen, int *al, void *arg);
+                                         unsigned short *outlen, int *al, void *arg);
 typedef int (*custom_cli_ext_second_cb_fn)(SSL *s, unsigned short ext_type,
-                                          const unsigned char *in,
-                                          unsigned short inlen, int *al,
-                                          void *arg); 
+                                         const unsigned char *in,
+                                         unsigned short inlen, int *al,
+                                         void *arg);
 
 typedef int (*custom_srv_ext_first_cb_fn)(SSL *s, unsigned short ext_type,
                                          const unsigned char *in,
                                          unsigned short inlen, int *al,
                                          void *arg);
 typedef int (*custom_srv_ext_second_cb_fn)(SSL *s, unsigned short ext_type,
-                                          const unsigned char **out,
-                                           unsigned short *outlen, int *al, void *arg);
+                                         const unsigned char **out,
+                                         unsigned short *outlen, int *al, void *arg);
 
 typedef struct {
        unsigned short ext_type;
@@ -460,20 +460,20 @@ typedef struct {
  *     fatal TLS alert, if the callback returns zero.
  */
 typedef int (*srv_supp_data_first_cb_fn)(SSL *s, unsigned short supp_data_type,
-            const unsigned char **out,
-             unsigned short *outlen, int *al, void *arg);
+                                         const unsigned char **out,
+                                         unsigned short *outlen, int *al, void *arg);
 typedef int (*srv_supp_data_second_cb_fn)(SSL *s, unsigned short supp_data_type,
-            const unsigned char *in,
-            unsigned short inlen, int *al,
-            void *arg);
+                                         const unsigned char *in,
+                                         unsigned short inlen, int *al,
+                                         void *arg);
 
 typedef int (*cli_supp_data_first_cb_fn)(SSL *s, unsigned short supp_data_type,
-            const unsigned char *in,
-            unsigned short inlen, int *al,
-            void *arg);
+                                         const unsigned char *in,
+                                         unsigned short inlen, int *al,
+                                         void *arg);
 typedef int (*cli_supp_data_second_cb_fn)(SSL *s, unsigned short supp_data_type,
-            const unsigned char **out,
-             unsigned short *outlen, int *al, void *arg);
+                                         const unsigned char **out,
+                                         unsigned short *outlen, int *al, void *arg);
 
 typedef struct {
        unsigned short supp_data_type;
index 063eea5..799210f 100644 (file)
@@ -844,71 +844,71 @@ static int serverinfo_find_extension(const unsigned char *serverinfo,
        }
 
 static int serverinfo_srv_first_cb(SSL *s, unsigned short ext_type,
-                                  const unsigned char *in,
-                                  unsigned short inlen, int *al,
-                                  void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
-        size_t i = 0;
+       size_t i = 0;
        if (inlen != 0)
                {
                *al = SSL_AD_DECODE_ERROR;
                return 0;
                }
-        //if already in list, error out
-        for (i = 0; i < s->s3->serverinfo_client_tlsext_custom_types_count; i++)
-                {
-                if (s->s3->serverinfo_client_tlsext_custom_types[i] == ext_type)
-                        {
-                        *al = SSL_AD_DECODE_ERROR;
-                        return 0;
-                        }
-                }
-        s->s3->serverinfo_client_tlsext_custom_types_count++;
-        s->s3->serverinfo_client_tlsext_custom_types = OPENSSL_realloc(
-        s->s3->serverinfo_client_tlsext_custom_types,
-        s->s3->serverinfo_client_tlsext_custom_types_count * 2);
-        if (s->s3->serverinfo_client_tlsext_custom_types == NULL)
-                {
-                s->s3->serverinfo_client_tlsext_custom_types_count = 0;
-                *al = TLS1_AD_INTERNAL_ERROR;
-                return 0;
-                }
-        s->s3->serverinfo_client_tlsext_custom_types[
-        s->s3->serverinfo_client_tlsext_custom_types_count - 1] = ext_type;
+       //if already in list, error out
+       for (i = 0; i < s->s3->serverinfo_client_tlsext_custom_types_count; i++)
+               {
+               if (s->s3->serverinfo_client_tlsext_custom_types[i] == ext_type)
+                       {
+                       *al = SSL_AD_DECODE_ERROR;
+                       return 0;
+                       }
+               }
+       s->s3->serverinfo_client_tlsext_custom_types_count++;
+       s->s3->serverinfo_client_tlsext_custom_types = OPENSSL_realloc(
+       s->s3->serverinfo_client_tlsext_custom_types,
+       s->s3->serverinfo_client_tlsext_custom_types_count * 2);
+       if (s->s3->serverinfo_client_tlsext_custom_types == NULL)
+               {
+               s->s3->serverinfo_client_tlsext_custom_types_count = 0;
+               *al = TLS1_AD_INTERNAL_ERROR;
+               return 0;
+               }
+       s->s3->serverinfo_client_tlsext_custom_types[
+       s->s3->serverinfo_client_tlsext_custom_types_count - 1] = ext_type;
 
        return 1;
        }
 
 static int serverinfo_srv_second_cb(SSL *s, unsigned short ext_type,
-                                   const unsigned char **out, unsigned short *outlen, 
-                                    int *al, void *arg)
+                               const unsigned char **out, unsigned short *outlen,
+                               int *al, void *arg)
        {
        const unsigned char *serverinfo = NULL;
        size_t serverinfo_length = 0;
-        size_t i = 0;
-        unsigned int match = 0;
-        /* Did the client send a TLS extension for this type? */
-        for (i = 0; i < s->s3->serverinfo_client_tlsext_custom_types_count; i++)
-                {
-                if (s->s3->serverinfo_client_tlsext_custom_types[i] == ext_type)
-                        {
-                        match = 1;
-                        break;
-                        }
-                }
-        if (!match)
-        {
-                //extension not sent by client...don't send extension
-                return -1;
-        }
+       size_t i = 0;
+       unsigned int match = 0;
+       /* Did the client send a TLS extension for this type? */
+       for (i = 0; i < s->s3->serverinfo_client_tlsext_custom_types_count; i++)
+               {
+               if (s->s3->serverinfo_client_tlsext_custom_types[i] == ext_type)
+                       {
+                       match = 1;
+                       break;
+                       }
+               }
+       if (!match)
+               {
+               //extension not sent by client...don't send extension
+               return -1;
+               }
 
        /* Is there serverinfo data for the chosen server cert? */
        if ((ssl_get_server_cert_serverinfo(s, &serverinfo,
-                                           &serverinfo_length)) != 0)
+               &serverinfo_length)) != 0)
                {
                /* Find the relevant extension from the serverinfo */
                int retval = serverinfo_find_extension(serverinfo, serverinfo_length,
-                                                      ext_type, out, outlen);
+                                                       ext_type, out, outlen);
                if (retval == 0)
                        return 0; /* Error */
                if (retval == -1)
index abdb1b8..036e2c4 100644 (file)
@@ -563,8 +563,8 @@ static int verify_serverinfo()
  */
 
 static int custom_ext_0_cli_first_cb(SSL *s, unsigned short ext_type,
-                                    const unsigned char **out,
-                                     unsigned short *outlen, int *al, void *arg)
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg)
        {
        if (ext_type != CUSTOM_EXT_TYPE_0)
                custom_ext_error = 1;
@@ -572,17 +572,17 @@ static int custom_ext_0_cli_first_cb(SSL *s, unsigned short ext_type,
        }
 
 static int custom_ext_0_cli_second_cb(SSL *s, unsigned short ext_type,
-                                     const unsigned char *in,
-                                     unsigned short inlen, int *al,
-                                     void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        custom_ext_error = 1; /* Shouldn't be called */
        return 0;
        }
 
 static int custom_ext_1_cli_first_cb(SSL *s, unsigned short ext_type,
-                                    const unsigned char **out,
-                                     unsigned short *outlen, int *al, void *arg)
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg)
        {
        if (ext_type != CUSTOM_EXT_TYPE_1)
                custom_ext_error = 1;
@@ -592,17 +592,17 @@ static int custom_ext_1_cli_first_cb(SSL *s, unsigned short ext_type,
        }
 
 static int custom_ext_1_cli_second_cb(SSL *s, unsigned short ext_type,
-                                     const unsigned char *in,
-                                     unsigned short inlen, int *al,
-                                     void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        custom_ext_error = 1; /* Shouldn't be called */
        return 0;
        }
 
 static int custom_ext_2_cli_first_cb(SSL *s, unsigned short ext_type,
-                                    const unsigned char **out,
-                                     unsigned short *outlen, int *al, void *arg)
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg)
        {
        if (ext_type != CUSTOM_EXT_TYPE_2)
                custom_ext_error = 1;
@@ -612,9 +612,9 @@ static int custom_ext_2_cli_first_cb(SSL *s, unsigned short ext_type,
        }
 
 static int custom_ext_2_cli_second_cb(SSL *s, unsigned short ext_type,
-                                     const unsigned char *in,
-                                     unsigned short inlen, int *al,
-                                     void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        if (ext_type != CUSTOM_EXT_TYPE_2)
                custom_ext_error = 1;
@@ -624,8 +624,8 @@ static int custom_ext_2_cli_second_cb(SSL *s, unsigned short ext_type,
        }
 
 static int custom_ext_3_cli_first_cb(SSL *s, unsigned short ext_type,
-                                    const unsigned char **out,
-                                     unsigned short *outlen, int *al, void *arg)
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg)
        {
        if (ext_type != CUSTOM_EXT_TYPE_3)
                custom_ext_error = 1;
@@ -635,9 +635,9 @@ static int custom_ext_3_cli_first_cb(SSL *s, unsigned short ext_type,
        }
 
 static int custom_ext_3_cli_second_cb(SSL *s, unsigned short ext_type,
-                                     const unsigned char *in,
-                                     unsigned short inlen, int *al,
-                                     void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        if (ext_type != CUSTOM_EXT_TYPE_3)
                custom_ext_error = 1;
@@ -650,9 +650,9 @@ static int custom_ext_3_cli_second_cb(SSL *s, unsigned short ext_type,
 
 //custom_ext_0_cli_first_cb returns -1 - the server won't receive a callback for this extension
 static int custom_ext_0_srv_first_cb(SSL *s, unsigned short ext_type,
-                                    const unsigned char *in,
-                                    unsigned short inlen, int *al,
-                                    void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        custom_ext_error = 1;
        return 0; /* Shouldn't be called */
@@ -660,16 +660,16 @@ static int custom_ext_0_srv_first_cb(SSL *s, unsigned short ext_type,
 
 //'generate' callbacks are always called, even if the 'receive' callback isn't called
 static int custom_ext_0_srv_second_cb(SSL *s, unsigned short ext_type,
-                                     const unsigned char **out,
-                                      unsigned short *outlen, int *al, void *arg)
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg)
        {
         return -1; /* Don't send an extension */
        }
 
 static int custom_ext_1_srv_first_cb(SSL *s, unsigned short ext_type,
-                                    const unsigned char *in,
-                                    unsigned short inlen, int *al,
-                                    void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        if (ext_type != CUSTOM_EXT_TYPE_1)
                custom_ext_error = 1;           
@@ -682,16 +682,16 @@ static int custom_ext_1_srv_first_cb(SSL *s, unsigned short ext_type,
        }
 
 static int custom_ext_1_srv_second_cb(SSL *s, unsigned short ext_type,
-                                     const unsigned char **out,
-                                      unsigned short *outlen, int *al, void *arg)
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg)
        {
        return -1; /* Don't send an extension */
        }
 
 static int custom_ext_2_srv_first_cb(SSL *s, unsigned short ext_type,
-                                    const unsigned char *in,
-                                    unsigned short inlen, int *al,
-                                    void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        if (ext_type != CUSTOM_EXT_TYPE_2)
                custom_ext_error = 1;           
@@ -704,8 +704,8 @@ static int custom_ext_2_srv_first_cb(SSL *s, unsigned short ext_type,
        }
 
 static int custom_ext_2_srv_second_cb(SSL *s, unsigned short ext_type,
-                                     const unsigned char **out,
-                                      unsigned short *outlen, int *al, void *arg)
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg)
        {
        *out = NULL;
        *outlen = 0;
@@ -713,9 +713,9 @@ static int custom_ext_2_srv_second_cb(SSL *s, unsigned short ext_type,
        }
 
 static int custom_ext_3_srv_first_cb(SSL *s, unsigned short ext_type,
-                                    const unsigned char *in,
-                                    unsigned short inlen, int *al,
-                                    void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        if (ext_type != CUSTOM_EXT_TYPE_3)
                custom_ext_error = 1;           
@@ -728,8 +728,8 @@ static int custom_ext_3_srv_first_cb(SSL *s, unsigned short ext_type,
        }
 
 static int custom_ext_3_srv_second_cb(SSL *s, unsigned short ext_type,
-                                     const unsigned char **out,
-                                      unsigned short *outlen, int *al, void *arg)
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg)
        {
        *out = (const unsigned char*)custom_ext_srv_string;
        *outlen = strlen(custom_ext_srv_string);
@@ -737,8 +737,8 @@ static int custom_ext_3_srv_second_cb(SSL *s, unsigned short ext_type,
        }
 
 static int supp_data_0_srv_first_cb(SSL *s, unsigned short supp_data_type,
-                                   const unsigned char **out,
-                                    unsigned short *outlen, int *al, void *arg)
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg)
        {
        *out = (const unsigned char*)supp_data_0_string;
        *outlen = strlen(supp_data_0_string);
@@ -748,9 +748,9 @@ static int supp_data_0_srv_first_cb(SSL *s, unsigned short supp_data_type,
        }
 
 static int supp_data_0_srv_second_cb(SSL *s, unsigned short supp_data_type,
-                                    const unsigned char *in,
-                                    unsigned short inlen, int *al,
-                                    void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        if (supp_data_type != CUSTOM_SUPP_DATA_TYPE_0)
                suppdata_error = 1;
@@ -764,34 +764,34 @@ static int supp_data_0_srv_second_cb(SSL *s, unsigned short supp_data_type,
        }
 
 static int supp_data_1_srv_first_cb(SSL *s, unsigned short supp_data_type,
-                                   const unsigned char **out,
-                                    unsigned short *outlen, int *al, void *arg)
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg)
        {
        return -1;
        }
 
 static int supp_data_1_srv_second_cb(SSL *s, unsigned short supp_data_type,
-                                    const unsigned char *in,
-                                    unsigned short inlen, int *al,
-                                    void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        suppdata_error = 1;
        return 1;
        }
 
 static int supp_data_2_srv_second_cb(SSL *s, unsigned short supp_data_type,
-                                    const unsigned char *in,
-                                    unsigned short inlen, int *al,
-                                    void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        suppdata_error = 1;
        return 1;
        }
 
 static int supp_data_0_cli_first_cb(SSL *s, unsigned short supp_data_type,
-                                   const unsigned char *in,
-                                   unsigned short inlen, int *al,
-                                   void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        if (supp_data_type != CUSTOM_SUPP_DATA_TYPE_0)
                suppdata_error = 1;
@@ -805,8 +805,8 @@ static int supp_data_0_cli_first_cb(SSL *s, unsigned short supp_data_type,
        }
 
 static int supp_data_0_cli_second_cb(SSL *s, unsigned short supp_data_type,
-                                    const unsigned char **out,
-                                     unsigned short *outlen, int *al, void *arg)
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg)
        {
        *out = (const unsigned char*)supp_data_0_string;
        *outlen = strlen(supp_data_0_string);
@@ -816,25 +816,25 @@ static int supp_data_0_cli_second_cb(SSL *s, unsigned short supp_data_type,
        }
 
 static int supp_data_1_cli_first_cb(SSL *s, unsigned short supp_data_type,
-                                   const unsigned char *in,
-                                   unsigned short inlen, int *al,
-                                   void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        suppdata_error = 1;
        return 1;
        }
 
 static int supp_data_1_cli_second_cb(SSL *s, unsigned short supp_data_type,
-                                    const unsigned char **out,
-                                     unsigned short *outlen, int *al, void *arg)
+                               const unsigned char **out,
+                               unsigned short *outlen, int *al, void *arg)
        {
        return -1;
        }
 
 static int supp_data_2_cli_first_cb(SSL *s, unsigned short supp_data_type,
-                                   const unsigned char *in,
-                                   unsigned short inlen, int *al,
-                                   void *arg)
+                               const unsigned char *in,
+                               unsigned short inlen, int *al,
+                               void *arg)
        {
        suppdata_error = 1;
        return 1;
index 0354e70..8e2d6b1 100644 (file)
@@ -1453,8 +1453,8 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
                                {
                                int cb_retval = 0;
                                cb_retval = record->fn1(s, record->ext_type,
-                                                        &out, &outlen, al,
-                                                       record->arg);
+                                                                               &out, &outlen, al,
+                                                                               record->arg);
                                if (cb_retval == 0)
                                        return NULL; /* error */
                                if (cb_retval == -1)
@@ -1513,8 +1513,8 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
        {
        int extdatalen=0;
        unsigned char *ret = p;
-        size_t i;
-        custom_srv_ext_record *record;
+       size_t i;
+       custom_srv_ext_record *record;
 #ifndef OPENSSL_NO_NEXTPROTONEG
        int next_proto_neg_seen;
 #endif
@@ -1698,29 +1698,29 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *p, unsigned cha
                }
 #endif
 
-        for (i = 0; i < s->ctx->custom_srv_ext_records_count; i++)
+       for (i = 0; i < s->ctx->custom_srv_ext_records_count; i++)
                {
-                record = &s->ctx->custom_srv_ext_records[i];
-                const unsigned char *out = NULL;
-                unsigned short outlen = 0;
-                int cb_retval = 0;
-
-                /* NULL callback or -1 omits extension */
-                if (!record->fn2)
-                        break;
-                cb_retval = record->fn2(s, record->ext_type,
-                &out, &outlen, al,
-                record->arg);
-                if (cb_retval == 0)
-                        return NULL; /* error */
-                if (cb_retval == -1)
-                        break; /* skip this extension */
-                if (limit < ret + 4 + outlen)
-                        return NULL;
-                s2n(record->ext_type, ret);
-                s2n(outlen, ret);
-                memcpy(ret, out, outlen);
-                ret += outlen;
+               record = &s->ctx->custom_srv_ext_records[i];
+               const unsigned char *out = NULL;
+               unsigned short outlen = 0;
+               int cb_retval = 0;
+
+               /* NULL callback or -1 omits extension */
+               if (!record->fn2)
+                       break;
+               cb_retval = record->fn2(s, record->ext_type,
+                                                               &out, &outlen, al,
+                                                               record->arg);
+               if (cb_retval == 0)
+                       return NULL; /* error */
+               if (cb_retval == -1)
+                       break; /* skip this extension */
+               if (limit < ret + 4 + outlen)
+                       return NULL;
+               s2n(record->ext_type, ret);
+               s2n(outlen, ret);
+               memcpy(ret, out, outlen);
+               ret += outlen;
                }
 #ifdef TLSEXT_TYPE_encrypt_then_mac
        if (s->s3->flags & TLS1_FLAGS_ENCRYPT_THEN_MAC)
@@ -1935,12 +1935,12 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p, unsigned char
                }
 
        /* Clear observed custom extensions */
-        s->s3->serverinfo_client_tlsext_custom_types_count = 0;
-        if (s->s3->serverinfo_client_tlsext_custom_types != NULL)
+       s->s3->serverinfo_client_tlsext_custom_types_count = 0;
+       if (s->s3->serverinfo_client_tlsext_custom_types != NULL)
                {
-                OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types);
-                s->s3->serverinfo_client_tlsext_custom_types = NULL;
-               }               
+               OPENSSL_free(s->s3->serverinfo_client_tlsext_custom_types);
+               s->s3->serverinfo_client_tlsext_custom_types = NULL;
+               }
 
 #ifndef OPENSSL_NO_HEARTBEATS
        s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |