From 51bda43f5ebcbd239c986e80bb7a4ffeabf0d3c0 Mon Sep 17 00:00:00 2001 From: S-P Chan Date: Mon, 19 Dec 2022 04:46:03 +0800 Subject: [PATCH] tls: clean up trailing whitespace --- src/modules/tls/sbufq.h | 18 ++++----- src/modules/tls/tls_bio.h | 6 +-- src/modules/tls/tls_cfg.c | 2 +- src/modules/tls/tls_cfg.h | 4 +- src/modules/tls/tls_config.h | 2 +- src/modules/tls/tls_ct_q.h | 12 +++--- src/modules/tls/tls_ct_wrq.c | 16 ++++---- src/modules/tls/tls_ct_wrq.h | 6 +-- src/modules/tls/tls_domain.c | 56 ++++++++++++++-------------- src/modules/tls/tls_domain.h | 8 ++-- src/modules/tls/tls_dump_vf.h | 4 +- src/modules/tls/tls_locking.h | 2 +- src/modules/tls/tls_map.c | 4 +- src/modules/tls/tls_map.h | 2 +- src/modules/tls/tls_mod.h | 2 +- src/modules/tls/tls_rpc.c | 2 +- src/modules/tls/tls_select.c | 70 +++++++++++++++++------------------ src/modules/tls/tls_util.c | 2 +- src/modules/tls/tls_util.h | 2 +- src/modules/tls/tls_verify.h | 4 +- 20 files changed, 112 insertions(+), 112 deletions(-) diff --git a/src/modules/tls/sbufq.h b/src/modules/tls/sbufq.h index 4f6bafa430e..e9fc4c2b8dc 100644 --- a/src/modules/tls/sbufq.h +++ b/src/modules/tls/sbufq.h @@ -1,4 +1,4 @@ -/* +/* * Kamailio TLS module * * Copyright (C) 2010 iptelorg GmbH @@ -135,14 +135,14 @@ inline static int sbufq_add(struct sbuffer_queue* q, const void* data, * @param min_buf_size - min size to allocate for new buffer elements * @return 0 on success, -1 on error (mem. allocation) */ -inline static int sbufq_insert(struct sbuffer_queue* q, const void* data, +inline static int sbufq_insert(struct sbuffer_queue* q, const void* data, unsigned int size, unsigned int min_buf_size) { struct sbuf_elem* b; - + if (likely(q->first==0)) /* if empty, use sbufq_add */ return sbufq_add(q, data, size, min_buf_size); - + if (unlikely(q->offset)){ LOG(L_CRIT, "BUG: non-null offset %d (bad call, should" "never be called after sbufq_run())\n", q->offset); @@ -164,7 +164,7 @@ inline static int sbufq_insert(struct sbuffer_queue* q, const void* data, q->first=b; memcpy(b->buf, data, size); } - + q->queued+=size; return 0; error: @@ -185,7 +185,7 @@ inline static unsigned int sbufq_destroy(struct sbuffer_queue* q) struct sbuf_elem* b; struct sbuf_elem* next_b; int unqueued; - + unqueued=0; if (likely(q->first)){ b=q->first; @@ -205,7 +205,7 @@ inline static unsigned int sbufq_destroy(struct sbuffer_queue* q) /** tries to flush the queue. - * Tries to flush as much as possible from the given queue, using the + * Tries to flush as much as possible from the given queue, using the * given callback. * WARNING: it does no attempt to synchronize access/lock. If needed it should * be called under lock. @@ -238,7 +238,7 @@ inline static int sbufq_flush(struct sbuffer_queue* q, int* flags, int ret; int block_size; char* buf; - + *flags=0; ret=0; while(q->first){ @@ -250,7 +250,7 @@ inline static int sbufq_flush(struct sbuffer_queue* q, int* flags, ret+=n; if (likely(n==block_size)){ b=q->first; - q->first=q->first->next; + q->first=q->first->next; shm_free(b); q->offset=0; q->queued-=block_size; diff --git a/src/modules/tls/tls_bio.h b/src/modules/tls/tls_bio.h index dd154678e2a..9f1edcab518 100644 --- a/src/modules/tls/tls_bio.h +++ b/src/modules/tls/tls_bio.h @@ -1,4 +1,4 @@ -/* +/* * Kamailio TLS module * * Copyright (C) 2010 iptelorg GmbH @@ -15,12 +15,12 @@ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - + /** openssl BIOs for reading/writing via a fixed memory buffer. * @file modules/tls/tls_bio.h * @ingroup tls */ - + #ifndef __tls_bio_h #define __tls_bio_h diff --git a/src/modules/tls/tls_cfg.c b/src/modules/tls/tls_cfg.c index 6a229bc851d..27df2ffa8b3 100644 --- a/src/modules/tls/tls_cfg.c +++ b/src/modules/tls/tls_cfg.c @@ -1,4 +1,4 @@ -/* +/* * Kamailio TLS module * * Copyright (C) 2010 iptelorg GmbH diff --git a/src/modules/tls/tls_cfg.h b/src/modules/tls/tls_cfg.h index b2f6919b25a..be3ccdaa888 100644 --- a/src/modules/tls/tls_cfg.h +++ b/src/modules/tls/tls_cfg.h @@ -1,6 +1,6 @@ -/* +/* * TLS module - * + * * Copyright (C) 2010 iptelorg GmbH * Copyright (C) 2013 Motorola Solutions, Inc. * diff --git a/src/modules/tls/tls_config.h b/src/modules/tls/tls_config.h index a215351d2cc..ae7e9ea7c42 100644 --- a/src/modules/tls/tls_config.h +++ b/src/modules/tls/tls_config.h @@ -1,4 +1,4 @@ -/* +/* * TLS module * * Copyright (C) 2005,2006 iptelorg GmbH diff --git a/src/modules/tls/tls_ct_q.h b/src/modules/tls/tls_ct_q.h index 7e7703ec7ac..ab0c64e5e15 100644 --- a/src/modules/tls/tls_ct_q.h +++ b/src/modules/tls/tls_ct_q.h @@ -1,4 +1,4 @@ -/* +/* * TLS module * * Copyright (C) 2010 iptelorg GmbH @@ -52,7 +52,7 @@ inline static int tls_ct_q_add(tls_ct_q** ct_q, const void* data, unsigned int size, unsigned int min_buf_size) { tls_ct_q* q; - + q = *ct_q; if (likely(q == 0)){ q=shm_malloc(sizeof(tls_ct_q)); @@ -70,7 +70,7 @@ inline static int tls_ct_q_add(tls_ct_q** ct_q, const void* data, /** * @brief Destroy a buffer queue - * + * * Everything is destroyed from a buffer queue (shm_free()'d), included the queue head. * @warning it does no attempt to synchronize access/lock. If needed it should * be called under lock. @@ -80,7 +80,7 @@ inline static int tls_ct_q_add(tls_ct_q** ct_q, const void* data, inline static unsigned int tls_ct_q_destroy(tls_ct_q** ct_q) { unsigned int ret; - + ret = 0; if (likely(ct_q && *ct_q)) { ret = sbufq_destroy(*ct_q); @@ -94,8 +94,8 @@ inline static unsigned int tls_ct_q_destroy(tls_ct_q** ct_q) /** * @brief Tries to flush the tls clear text queue - * - * Tries to flush as much as possible from the given queue, using the + * + * Tries to flush as much as possible from the given queue, using the * given callback. * @warning it does no attempt to synchronize access/lock. If needed it should * be called under lock. diff --git a/src/modules/tls/tls_ct_wrq.c b/src/modules/tls/tls_ct_wrq.c index 20dad39aae8..c3b61563535 100644 --- a/src/modules/tls/tls_ct_wrq.c +++ b/src/modules/tls/tls_ct_wrq.c @@ -1,4 +1,4 @@ -/* +/* * TLS module * * Copyright (C) 2010 iptelorg GmbH @@ -96,7 +96,7 @@ static int ssl_flush(void* tcp_c, void* error, const void* buf, unsigned size) int ssl_error; struct tls_extra_data* tls_c; SSL* ssl; - + tls_c = ((struct tcp_connection*)tcp_c)->extra_data; ssl = tls_c->ssl; ssl_error = SSL_ERROR_NONE; @@ -119,7 +119,7 @@ static int ssl_flush(void* tcp_c, void* error, const void* buf, unsigned size) if (unlikely(n <= 0)) ssl_error = SSL_get_error(ssl, n); } - + *(long*)error = ssl_error; return n; } @@ -128,7 +128,7 @@ static int ssl_flush(void* tcp_c, void* error, const void* buf, unsigned size) /** * @brief Wrapper over tls_ct_q_flush() - * + * * Wrapper over tls_ct_q_flush(), besides doing a tls_ct_q_add it * also keeps track of queue size and total queued bytes. * @param c TCP connection @@ -143,7 +143,7 @@ int tls_ct_wq_flush(struct tcp_connection* c, tls_ct_q** ct_q, { int ret; long error; - + error = SSL_ERROR_NONE; ret = tls_ct_q_flush(ct_q, flags, ssl_flush, c, &error); *ssl_err = (int)error; @@ -156,7 +156,7 @@ int tls_ct_wq_flush(struct tcp_connection* c, tls_ct_q** ct_q, /** * @brief Wrapper over tls_ct_q_add() - * + * * Wrapper over tls_ct_q_add(), besides doing a tls_ct_q_add it * also keeps track of queue size and total queued bytes. * If the maximum queue size is exceeded => error. @@ -169,7 +169,7 @@ int tls_ct_wq_flush(struct tcp_connection* c, tls_ct_q** ct_q, int tls_ct_wq_add(tls_ct_q** ct_q, const void* data, unsigned int size) { int ret; - + if (unlikely( (*ct_q && (((*ct_q)->queued + size) > cfg_get(tls, tls_cfg, con_ct_wq_max))) || (atomic_get(tls_total_ct_wq) + size) > @@ -195,7 +195,7 @@ int tls_ct_wq_add(tls_ct_q** ct_q, const void* data, unsigned int size) unsigned int tls_ct_wq_free(tls_ct_q** ct_q) { unsigned int ret; - + if (likely((ret = tls_ct_q_destroy(ct_q)) > 0)) atomic_add(tls_total_ct_wq, -ret); return ret; diff --git a/src/modules/tls/tls_ct_wrq.h b/src/modules/tls/tls_ct_wrq.h index e27ec492947..15df8ce51b0 100644 --- a/src/modules/tls/tls_ct_wrq.h +++ b/src/modules/tls/tls_ct_wrq.h @@ -1,4 +1,4 @@ -/* +/* * TLS module * * Copyright (C) 2010 iptelorg GmbH @@ -57,7 +57,7 @@ unsigned int tls_ct_wq_total_bytes(); /** * @brief Wrapper over tls_ct_q_flush() - * + * * Wrapper over tls_ct_q_flush(), besides doing a tls_ct_q_add it * also keeps track of queue size and total queued bytes. * @param c TCP connection @@ -72,7 +72,7 @@ int tls_ct_wq_flush(struct tcp_connection* c, tls_ct_q** tc_q, /** * @brief Wrapper over tls_ct_q_add() - * + * * Wrapper over tls_ct_q_add(), besides doing a tls_ct_q_add it * also keeps track of queue size and total queued bytes. * If the maximum queue size is exceeded => error. diff --git a/src/modules/tls/tls_domain.c b/src/modules/tls/tls_domain.c index c6eac207384..c967f5b44d7 100644 --- a/src/modules/tls/tls_domain.c +++ b/src/modules/tls/tls_domain.c @@ -173,7 +173,7 @@ static void setup_dh(SSL_CTX *ctx) /** * @brief Create a new TLS domain structure - * + * * Create a new domain structure in new allocated shared memory. * @param type domain Type * @param ip domain IP @@ -274,7 +274,7 @@ void tls_destroy_cfg(void) *tls_domains_cfg = (*tls_domains_cfg)->next; tls_free_cfg(ptr); } - + shm_free(tls_domains_cfg); tls_domains_cfg = 0; } @@ -315,7 +315,7 @@ char* tls_domain_str(tls_domain_t* d) /** * @brief Initialize TLS domain parameters that have not been configured yet - * + * * Initialize TLS domain parameters that have not been configured from * parent domain (usually one of default domains) * @param d initialized domain @@ -326,19 +326,19 @@ static int ksr_tls_fill_missing(tls_domain_t* d, tls_domain_t* parent) { if (d->method == TLS_METHOD_UNSPEC) d->method = parent->method; LOG(L_INFO, "%s: tls_method=%d\n", tls_domain_str(d), d->method); - + if (d->method < 1 || d->method >= TLS_METHOD_MAX) { ERR("%s: Invalid TLS method value\n", tls_domain_str(d)); return -1; } - + if (!d->cert_file.s) { if (shm_asciiz_dup(&d->cert_file.s, parent->cert_file.s) < 0) return -1; d->cert_file.len = parent->cert_file.len; } LOG(L_INFO, "%s: certificate='%s'\n", tls_domain_str(d), d->cert_file.s); - + if (!d->ca_file.s){ if (shm_asciiz_dup(&d->ca_file.s, parent->ca_file.s) < 0) return -1; @@ -359,29 +359,29 @@ static int ksr_tls_fill_missing(tls_domain_t* d, tls_domain_t* parent) d->crl_file.len = parent->crl_file.len; } LOG(L_INFO, "%s: crl='%s'\n", tls_domain_str(d), d->crl_file.s); - + if (d->require_cert == -1) d->require_cert = parent->require_cert; LOG(L_INFO, "%s: require_certificate=%d\n", tls_domain_str(d), d->require_cert); - + if (!d->cipher_list.s) { if ( shm_asciiz_dup(&d->cipher_list.s, parent->cipher_list.s) < 0) return -1; d->cipher_list.len = parent->cipher_list.len; } LOG(L_INFO, "%s: cipher_list='%s'\n", tls_domain_str(d), d->cipher_list.s); - + if (!d->pkey_file.s) { if (shm_asciiz_dup(&d->pkey_file.s, parent->pkey_file.s) < 0) return -1; d->pkey_file.len = parent->pkey_file.len; } LOG(L_INFO, "%s: private_key='%s'\n", tls_domain_str(d), d->pkey_file.s); - + if (d->verify_cert == -1) d->verify_cert = parent->verify_cert; LOG(L_INFO, "%s: verify_certificate=%d\n", tls_domain_str(d), d->verify_cert); - + if (d->verify_depth == -1) d->verify_depth = parent->verify_depth; LOG(L_INFO, "%s: verify_depth=%d\n", tls_domain_str(d), d->verify_depth); @@ -392,7 +392,7 @@ static int ksr_tls_fill_missing(tls_domain_t* d, tls_domain_t* parent) } -/** +/** * @brief Called for ctx, with 2 args * @param ctx SSL context * @param larg ? @@ -415,7 +415,7 @@ static int tls_domain_foreach_CTX(tls_domain_t* d, per_ctx_cbk_f ctx_cbk, { int i,ret; int procs_no; - + procs_no=get_max_procs(); for(i = 0; i < procs_no; i++) { if ((ret=ctx_cbk(d->ctx[i], l1, p2))<0) @@ -515,12 +515,12 @@ static int tls_foreach_CTX_in_cfg(tls_domains_cfg_t* cfg, /** * @brief Fix pathnames when loading domain keys or other list - * + * * Fix pathnames, to be used when loading the domain key, cert, ca list a.s.o. * It will replace path with a fixed shm allocated version. Assumes path->s * was shm allocated. * @param path path to be fixed. If it starts with '.' or '/' is left alone - * (forced "relative" or "absolute" path). Otherwise the path is considered + * (forced "relative" or "absolute" path). Otherwise the path is considered * to be relative to the main config file directory * (e.g. for /etc/ser/ser.cfg => /etc/ser/\). * @return 0 on success, -1 on error @@ -578,7 +578,7 @@ static int load_cert(tls_domain_t* d) TLS_ERR("load_cert:"); return -1; } - + } return 0; } @@ -732,7 +732,7 @@ static int set_verification(tls_domain_t* d) if (d->require_cert || d->verify_client == TLS_VERIFY_CLIENT_ON) { verify_mode = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT; - LOG(L_INFO, "%s: %s MUST present valid certificate\n", + LOG(L_INFO, "%s: %s MUST present valid certificate\n", tls_domain_str(d), d->type & TLS_DOMAIN_SRV ? "Client" : "Server"); } else { if (d->verify_cert || d->verify_client >= TLS_VERIFY_CLIENT_OPTIONAL) { @@ -808,7 +808,7 @@ static void sr_ssl_ctx_info_callback(const SSL *ssl, int event, int ret) } /** - * @brief Configure generic SSL parameters + * @brief Configure generic SSL parameters * @param d domain * @return 0 */ @@ -821,7 +821,7 @@ static int set_ssl_options(tls_domain_t* d) long ssl_version; STACK_OF(SSL_COMP)* comp_methods; #endif - + procs_no=get_max_procs(); options=SSL_OP_ALL; /* all the bug workarrounds by default */ #if OPENSSL_VERSION_NUMBER >= 0x00907000L @@ -834,7 +834,7 @@ static int set_ssl_options(tls_domain_t* d) * enabled disable SSL_OP_TLS_BLOCK_PADDING_BUG (set by SSL_OP_ALL), * see openssl #1204 http://rt.openssl.org/Ticket/Display.html?id=1204 */ - + comp_methods=SSL_COMP_get_compression_methods(); if (comp_methods && (sk_SSL_COMP_num(comp_methods) > 0)){ options &= ~SSL_OP_TLS_BLOCK_PADDING_BUG; @@ -859,7 +859,7 @@ static int set_ssl_options(tls_domain_t* d) /** - * @brief Configure TLS session cache parameters + * @brief Configure TLS session cache parameters * @param d domain * @return 0 */ @@ -868,7 +868,7 @@ static int set_session_cache(tls_domain_t* d) int i; int procs_no; str tls_session_id; - + procs_no=get_max_procs(); tls_session_id=cfg_get(tls, tls_cfg, session_id); for(i = 0; i < procs_no; i++) { @@ -1299,7 +1299,7 @@ static int load_engine_private_key(tls_domain_t* d) } #endif /** - * @brief Load a private key from a file + * @brief Load a private key from a file * @param d TLS domain * @return 0 on success, -1 on error */ @@ -1307,7 +1307,7 @@ static int load_private_key(tls_domain_t* d) { int idx, ret_pwd, i; int procs_no; - + if (!d->pkey_file.s || !d->pkey_file.len) { DBG("%s: No private key specified\n", tls_domain_str(d)); return 0; @@ -1319,7 +1319,7 @@ static int load_private_key(tls_domain_t* d) for(i = 0; i < procs_no; i++) { SSL_CTX_set_default_passwd_cb(d->ctx[i], passwd_cb); SSL_CTX_set_default_passwd_cb_userdata(d->ctx[i], d->pkey_file.s); - + for(idx = 0, ret_pwd = 0; idx < 3; idx++) { #ifndef OPENSSL_NO_ENGINE // in PROC_INIT skip loading HSM keys due to @@ -1343,7 +1343,7 @@ static int load_private_key(tls_domain_t* d) continue; } } - + if (!ret_pwd) { ERR("%s: Unable to load private key file '%s'\n", tls_domain_str(d), d->pkey_file.s); @@ -1362,7 +1362,7 @@ static int load_private_key(tls_domain_t* d) TLS_ERR("load_private_key:"); return -1; } - } + } DBG("%s: Key '%s' successfully loaded\n", tls_domain_str(d), d->pkey_file.s); @@ -1542,7 +1542,7 @@ int tls_fix_domains_cfg(tls_domains_cfg_t* cfg, tls_domain_t* srv_defaults, /** * @brief Create new configuration structure - * + * * Create new configuration structure in new allocated shared memory * @return configuration structure or zero on error */ diff --git a/src/modules/tls/tls_domain.h b/src/modules/tls/tls_domain.h index f07b8cf2acf..675654a3c0e 100644 --- a/src/modules/tls/tls_domain.h +++ b/src/modules/tls/tls_domain.h @@ -153,14 +153,14 @@ typedef struct tls_domains_cfg { /** * @brief Create a new TLS domain structure - * + * * Create a new domain structure in new allocated shared memory. * @param type domain Type * @param ip domain IP * @param port domain port * @return new domain */ -tls_domain_t *tls_new_domain(int type, struct ip_addr *ip, +tls_domain_t *tls_new_domain(int type, struct ip_addr *ip, unsigned short port); @@ -182,7 +182,7 @@ char* tls_domain_str(tls_domain_t* d); /** * @brief Create new TLS configuration structure - * + * * Create new configuration structure in new allocated shared memory. * @return configuration structure or zero on error */ @@ -200,7 +200,7 @@ int tls_add_domain(tls_domains_cfg_t* cfg, tls_domain_t* d); /** * @brief Initialize attributes of all domains from default domains if necessary - * + * * Initialize attributes of all domains from default domains if necessary, * fill in missing parameters. * @param cfg initialized domain diff --git a/src/modules/tls/tls_dump_vf.h b/src/modules/tls/tls_dump_vf.h index aa2a836d61e..fec2ba5c752 100644 --- a/src/modules/tls/tls_dump_vf.h +++ b/src/modules/tls/tls_dump_vf.h @@ -15,8 +15,8 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA * * Exception: permission to copy, modify, propagate, and distribute a work diff --git a/src/modules/tls/tls_locking.h b/src/modules/tls/tls_locking.h index ee94709a8f5..d69ebd89444 100644 --- a/src/modules/tls/tls_locking.h +++ b/src/modules/tls/tls_locking.h @@ -1,7 +1,7 @@ /* * TLS module * - * Copyright (C) 2007 iptelorg GmbH + * Copyright (C) 2007 iptelorg GmbH * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above diff --git a/src/modules/tls/tls_map.c b/src/modules/tls/tls_map.c index ad9846ab8a0..3c305179982 100644 --- a/src/modules/tls/tls_map.c +++ b/src/modules/tls/tls_map.c @@ -1,4 +1,4 @@ -/** +/** * Copyright (c) 2014 rxi * * This library is free software; you can redistribute it and/or modify it @@ -60,7 +60,7 @@ static void map_addnode(map_base_t *m, map_node_t *node) { static int map_resize(map_base_t *m, int nbuckets) { map_node_t *nodes, *node, *next; map_node_t **buckets; - int i; + int i; /* Chain all nodes together */ nodes = NULL; i = m->nbuckets; diff --git a/src/modules/tls/tls_map.h b/src/modules/tls/tls_map.h index 682ec08a2fb..faec9b86c0f 100644 --- a/src/modules/tls/tls_map.h +++ b/src/modules/tls/tls_map.h @@ -1,4 +1,4 @@ -/** +/** * Copyright (c) 2014 rxi * * This library is free software; you can redistribute it and/or modify it diff --git a/src/modules/tls/tls_mod.h b/src/modules/tls/tls_mod.h index ad68009694e..ec9ac88b456 100644 --- a/src/modules/tls/tls_mod.h +++ b/src/modules/tls/tls_mod.h @@ -1,4 +1,4 @@ -/* +/* * TLS module - module interface * * Copyright (C) 2005 iptelorg GmbH diff --git a/src/modules/tls/tls_rpc.c b/src/modules/tls/tls_rpc.c index a7ad254a1b5..b0e590dede3 100644 --- a/src/modules/tls/tls_rpc.c +++ b/src/modules/tls/tls_rpc.c @@ -92,7 +92,7 @@ static void tls_reload(rpc_t* rpc, void* ctx) error: tls_free_cfg(cfg); - + } diff --git a/src/modules/tls/tls_select.c b/src/modules/tls/tls_select.c index ea8badc013a..af262445539 100644 --- a/src/modules/tls/tls_select.c +++ b/src/modules/tls/tls_select.c @@ -175,16 +175,16 @@ static int get_cert(X509** cert, struct tcp_connection** c, struct sip_msg* msg, } goto err; } - + return 0; - + err: tcpconn_put(*c); return -1; } -static int get_cipher(str* res, sip_msg_t* msg) +static int get_cipher(str* res, sip_msg_t* msg) { str cipher; static char buf[1024]; @@ -237,7 +237,7 @@ static int pv_cipher(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) } -static int get_bits(str* res, long* i, sip_msg_t* msg) +static int get_bits(str* res, long* i, sip_msg_t* msg) { str bits; int b; @@ -273,7 +273,7 @@ static int get_bits(str* res, long* i, sip_msg_t* msg) } -static int sel_bits(str* res, select_t* s, sip_msg_t* msg) +static int sel_bits(str* res, select_t* s, sip_msg_t* msg) { return get_bits(res, NULL, msg); } @@ -367,7 +367,7 @@ static int get_desc(str* res, sip_msg_t* msg) err: if (c) tcpconn_put(c); - return -1; + return -1; } @@ -406,7 +406,7 @@ static int get_cert_version(str* res, int local, sip_msg_t* msg) static int sel_cert_version(str* res, select_t* s, sip_msg_t* msg) { int local; - + switch(s->params[s->n - 2].v.i) { case CERT_PEER: local = 0; break; case CERT_LOCAL: local = 1; break; @@ -421,7 +421,7 @@ static int sel_cert_version(str* res, select_t* s, sip_msg_t* msg) static int pv_cert_version(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) { int local; - + if (param->pvn.u.isname.name.n & PV_CERT_PEER) { local = 0; } else if (param->pvn.u.isname.name.n & PV_CERT_LOCAL) { @@ -485,7 +485,7 @@ static int check_cert(str* res, long* ires, int local, int err, sip_msg_t* msg) static int sel_check_cert(str* res, select_t* s, sip_msg_t* msg) { int local, err; - + switch(s->params[s->n - 2].v.i) { case CERT_PEER: local = 0; break; case CERT_LOCAL: local = 1; break; @@ -502,7 +502,7 @@ static int sel_check_cert(str* res, select_t* s, sip_msg_t* msg) default: BUG("Unexpected parameter value \"%d\"\n", s->params[s->n - 1].v.i); return -1; - } + } return check_cert(res, NULL, local, err, msg); } @@ -510,7 +510,7 @@ static int sel_check_cert(str* res, select_t* s, sip_msg_t* msg) static int pv_check_cert(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) { int err; - + switch (param->pvn.u.isname.name.n) { case PV_CERT_VERIFIED: err = X509_V_OK; break; case PV_CERT_REVOKED: err = X509_V_ERR_CERT_REVOKED; break; @@ -520,7 +520,7 @@ static int pv_check_cert(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) BUG("unexpected parameter value \"%ld\"\n", param->pvn.u.isname.name.n); return pv_get_null(msg, param, res); } - + if (check_cert(&res->rs, &res->ri, 0, err, msg) < 0) { return pv_get_null(msg, param, res); @@ -564,7 +564,7 @@ static int get_validity(str* res, int local, int bound, sip_msg_t* msg) ERR("Error while printing certificate date/time\n"); goto err; } - + BIO_get_mem_ptr(mem, &p); if (p->length >= 1024) { ERR("Date/time too long\n"); @@ -588,7 +588,7 @@ static int get_validity(str* res, int local, int bound, sip_msg_t* msg) static int sel_validity(str* res, select_t* s, sip_msg_t* msg) { int local, bound; - + switch(s->params[s->n - 2].v.i) { case CERT_PEER: local = 0; break; case CERT_LOCAL: local = 1; break; @@ -612,7 +612,7 @@ static int sel_validity(str* res, select_t* s, sip_msg_t* msg) static int pv_validity(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) { int bound; - + switch (param->pvn.u.isname.name.n) { case PV_CERT_NOTBEFORE: bound = NOT_BEFORE; break; case PV_CERT_NOTAFTER: bound = NOT_AFTER; break; @@ -624,7 +624,7 @@ static int pv_validity(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) if (get_validity(&res->rs, 0, bound, msg) < 0) { return pv_get_null(msg, param, res); } - + res->flags = PV_VAL_STR; return 0; } @@ -680,7 +680,7 @@ static int sel_sn(str* res, select_t* s, sip_msg_t* msg) static int pv_sn(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) { int local; - + if (param->pvn.u.isname.name.n & PV_CERT_PEER) { local = 0; } else if (param->pvn.u.isname.name.n & PV_CERT_LOCAL) { @@ -689,11 +689,11 @@ static int pv_sn(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) BUG("could not determine certificate\n"); return pv_get_null(msg, param, res); } - + if (get_sn(&res->rs, local, msg) < 0) { return pv_get_null(msg, param, res); } - + res->flags = PV_VAL_STR; return 0; } @@ -913,7 +913,7 @@ static int get_comp(str* res, int local, int issuer, int nid, sip_msg_t* msg) int index, text_len; char* elem; unsigned char* text_s; - + text_s = 0; if (get_cert(&cert, &c, msg, local) < 0) return -1; @@ -997,7 +997,7 @@ static int pv_comp(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) int ind_local, local = 0, issuer = 0, nid = NID_commonName; /* copy callback value as we modify it */ - ind_local = param->pvn.u.isname.name.n; + ind_local = param->pvn.u.isname.name.n; DBG("ind_local = %x", ind_local); if (ind_local & PV_CERT_PEER) { @@ -1125,7 +1125,7 @@ static int sel_alt(str* res, select_t* s, sip_msg_t* msg) return -1; } } - + return get_alt(res, local, type, msg); } @@ -1133,7 +1133,7 @@ static int sel_alt(str* res, select_t* s, sip_msg_t* msg) static int pv_alt(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) { int ind_local, local = 0, type = GEN_URI; - + ind_local = param->pvn.u.isname.name.n; if (ind_local & PV_CERT_PEER) { @@ -1160,7 +1160,7 @@ static int pv_alt(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) if (get_alt(&res->rs, local, type, msg) < 0) { return pv_get_null(msg, param, res); } - + res->flags = PV_VAL_STR; return 0; } @@ -1197,7 +1197,7 @@ static int get_tlsext_sn(str* res, sip_msg_t* msg) { static char buf[1024]; struct tcp_connection* c; - str server_name; + str server_name; SSL* ssl; c = get_cur_connection(msg); @@ -1213,20 +1213,20 @@ static int get_tlsext_sn(str* res, sip_msg_t* msg) server_name.s = (char*)SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name); if (server_name.s) { server_name.len = strlen(server_name.s); - DBG("received server_name (TLS extension): '%.*s'\n", + DBG("received server_name (TLS extension): '%.*s'\n", STR_FMT(&server_name)); } else { DBG("SSL_get_servername returned NULL\n"); goto error; } - + /* copy server_name into the buffer. If the buffer is too small copy only * the last bytes as these are the more important ones and prefix with * '+' */ if (server_name.len > sizeof(buf)) { ERR("server_name to big for buffer\n"); buf[0] = '+'; - memcpy(buf + 1, server_name.s + 1 + server_name.len - sizeof(buf), + memcpy(buf + 1, server_name.s + 1 + server_name.len - sizeof(buf), sizeof(buf) - 1); res->len = sizeof(buf); } else { @@ -1234,10 +1234,10 @@ static int get_tlsext_sn(str* res, sip_msg_t* msg) res->len = server_name.len; } res->s = buf; - + tcpconn_put(c); return 0; - + error: if (c) tcpconn_put(c); return -1; @@ -1258,11 +1258,11 @@ static int pv_tlsext_sn(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) param->pvn.u.isname.name.n); return pv_get_null(msg, param, res); } - + if (get_tlsext_sn(&res->rs, msg) < 0) { return pv_get_null(msg, param, res); } - + res->flags = PV_VAL_STR; return 0; } @@ -1370,7 +1370,7 @@ int pv_get_tls(struct sip_msg *msg, pv_param_t *param, select_row_t tls_sel[] = { /* Current cipher parameters */ { NULL, SEL_PARAM_STR, STR_STATIC_INIT("tls"), sel_tls, 0}, - + { sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("version"), sel_version, 0}, { sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("desc"), sel_desc, 0}, { sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("description"), sel_desc, 0}, @@ -1383,9 +1383,9 @@ select_row_t tls_sel[] = { { sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("my"), sel_cert, DIVERSION | CERT_LOCAL}, { sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("me"), sel_cert, DIVERSION | CERT_LOCAL}, { sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("myself"), sel_cert, DIVERSION | CERT_LOCAL}, - + { sel_cipher, SEL_PARAM_STR, STR_STATIC_INIT("bits"), sel_bits, 0}, - + { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("subject"), sel_name, DIVERSION | CERT_SUBJECT}, { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("subj"), sel_name, DIVERSION | CERT_SUBJECT}, { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("issuer"), sel_name, DIVERSION | CERT_ISSUER}, diff --git a/src/modules/tls/tls_util.c b/src/modules/tls/tls_util.c index b129900f05b..4c976f39097 100644 --- a/src/modules/tls/tls_util.c +++ b/src/modules/tls/tls_util.c @@ -1,4 +1,4 @@ -/* +/* * TLS module * * Copyright (C) 2005 iptelorg GmbH diff --git a/src/modules/tls/tls_util.h b/src/modules/tls/tls_util.h index 86e036cce9b..b1f488e4a3f 100644 --- a/src/modules/tls/tls_util.h +++ b/src/modules/tls/tls_util.h @@ -1,4 +1,4 @@ -/* +/* * TLS module * * Copyright (C) 2010 iptelorg GmbH diff --git a/src/modules/tls/tls_verify.h b/src/modules/tls/tls_verify.h index b4ac9800459..351fd1d5e02 100644 --- a/src/modules/tls/tls_verify.h +++ b/src/modules/tls/tls_verify.h @@ -1,4 +1,4 @@ -/* +/* * TLS module - certificate verification function * * Copyright (C) 2005 iptelorg GmbH @@ -28,7 +28,7 @@ #include -/* This callback is called during each verification process, +/* This callback is called during each verification process, at each step during the chain of certificates (this function is not the certificate_verification one!). */ int verify_callback(int pre_verify_ok, X509_STORE_CTX *ctx);