diff --git a/src/modules/tls_wolfssl/sbufq.h b/src/modules/tls_wolfssl/sbufq.h index 4f6bafa430e..e9fc4c2b8dc 100644 --- a/src/modules/tls_wolfssl/sbufq.h +++ b/src/modules/tls_wolfssl/sbufq.h @@ -1,4 +1,4 @@ -/* +/* * Kamailio TLS module * * Copyright (C) 2010 iptelorg GmbH @@ -135,14 +135,14 @@ inline static int sbufq_add(struct sbuffer_queue* q, const void* data, * @param min_buf_size - min size to allocate for new buffer elements * @return 0 on success, -1 on error (mem. allocation) */ -inline static int sbufq_insert(struct sbuffer_queue* q, const void* data, +inline static int sbufq_insert(struct sbuffer_queue* q, const void* data, unsigned int size, unsigned int min_buf_size) { struct sbuf_elem* b; - + if (likely(q->first==0)) /* if empty, use sbufq_add */ return sbufq_add(q, data, size, min_buf_size); - + if (unlikely(q->offset)){ LOG(L_CRIT, "BUG: non-null offset %d (bad call, should" "never be called after sbufq_run())\n", q->offset); @@ -164,7 +164,7 @@ inline static int sbufq_insert(struct sbuffer_queue* q, const void* data, q->first=b; memcpy(b->buf, data, size); } - + q->queued+=size; return 0; error: @@ -185,7 +185,7 @@ inline static unsigned int sbufq_destroy(struct sbuffer_queue* q) struct sbuf_elem* b; struct sbuf_elem* next_b; int unqueued; - + unqueued=0; if (likely(q->first)){ b=q->first; @@ -205,7 +205,7 @@ inline static unsigned int sbufq_destroy(struct sbuffer_queue* q) /** tries to flush the queue. - * Tries to flush as much as possible from the given queue, using the + * Tries to flush as much as possible from the given queue, using the * given callback. * WARNING: it does no attempt to synchronize access/lock. If needed it should * be called under lock. @@ -238,7 +238,7 @@ inline static int sbufq_flush(struct sbuffer_queue* q, int* flags, int ret; int block_size; char* buf; - + *flags=0; ret=0; while(q->first){ @@ -250,7 +250,7 @@ inline static int sbufq_flush(struct sbuffer_queue* q, int* flags, ret+=n; if (likely(n==block_size)){ b=q->first; - q->first=q->first->next; + q->first=q->first->next; shm_free(b); q->offset=0; q->queued-=block_size; diff --git a/src/modules/tls_wolfssl/tls_bio.h b/src/modules/tls_wolfssl/tls_bio.h index 946babbba0d..d5975a2d67d 100644 --- a/src/modules/tls_wolfssl/tls_bio.h +++ b/src/modules/tls_wolfssl/tls_bio.h @@ -1,4 +1,4 @@ -/* +/* * Kamailio TLS module * * Copyright (C) 2010 iptelorg GmbH @@ -15,12 +15,12 @@ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - + /** openssl BIOs for reading/writing via a fixed memory buffer. * @file modules/tls/tls_bio.h * @ingroup tls */ - + #ifndef __tls_bio_h #define __tls_bio_h diff --git a/src/modules/tls_wolfssl/tls_cfg.c b/src/modules/tls_wolfssl/tls_cfg.c index f13ca3275d8..314e42223f1 100644 --- a/src/modules/tls_wolfssl/tls_cfg.c +++ b/src/modules/tls_wolfssl/tls_cfg.c @@ -1,4 +1,4 @@ -/* +/* * Kamailio TLS module * * Copyright (C) 2010 iptelorg GmbH diff --git a/src/modules/tls_wolfssl/tls_cfg.h b/src/modules/tls_wolfssl/tls_cfg.h index b2f6919b25a..be3ccdaa888 100644 --- a/src/modules/tls_wolfssl/tls_cfg.h +++ b/src/modules/tls_wolfssl/tls_cfg.h @@ -1,6 +1,6 @@ -/* +/* * TLS module - * + * * Copyright (C) 2010 iptelorg GmbH * Copyright (C) 2013 Motorola Solutions, Inc. * diff --git a/src/modules/tls_wolfssl/tls_config.h b/src/modules/tls_wolfssl/tls_config.h index ac235d5af4b..a75212d96ee 100644 --- a/src/modules/tls_wolfssl/tls_config.h +++ b/src/modules/tls_wolfssl/tls_config.h @@ -1,4 +1,4 @@ -/* +/* * TLS module * * Copyright (C) 2005,2006 iptelorg GmbH diff --git a/src/modules/tls_wolfssl/tls_ct_q.h b/src/modules/tls_wolfssl/tls_ct_q.h index 7e7703ec7ac..ab0c64e5e15 100644 --- a/src/modules/tls_wolfssl/tls_ct_q.h +++ b/src/modules/tls_wolfssl/tls_ct_q.h @@ -1,4 +1,4 @@ -/* +/* * TLS module * * Copyright (C) 2010 iptelorg GmbH @@ -52,7 +52,7 @@ inline static int tls_ct_q_add(tls_ct_q** ct_q, const void* data, unsigned int size, unsigned int min_buf_size) { tls_ct_q* q; - + q = *ct_q; if (likely(q == 0)){ q=shm_malloc(sizeof(tls_ct_q)); @@ -70,7 +70,7 @@ inline static int tls_ct_q_add(tls_ct_q** ct_q, const void* data, /** * @brief Destroy a buffer queue - * + * * Everything is destroyed from a buffer queue (shm_free()'d), included the queue head. * @warning it does no attempt to synchronize access/lock. If needed it should * be called under lock. @@ -80,7 +80,7 @@ inline static int tls_ct_q_add(tls_ct_q** ct_q, const void* data, inline static unsigned int tls_ct_q_destroy(tls_ct_q** ct_q) { unsigned int ret; - + ret = 0; if (likely(ct_q && *ct_q)) { ret = sbufq_destroy(*ct_q); @@ -94,8 +94,8 @@ inline static unsigned int tls_ct_q_destroy(tls_ct_q** ct_q) /** * @brief Tries to flush the tls clear text queue - * - * Tries to flush as much as possible from the given queue, using the + * + * Tries to flush as much as possible from the given queue, using the * given callback. * @warning it does no attempt to synchronize access/lock. If needed it should * be called under lock. diff --git a/src/modules/tls_wolfssl/tls_ct_wrq.c b/src/modules/tls_wolfssl/tls_ct_wrq.c index e07c8787bb7..9b68c2c0841 100644 --- a/src/modules/tls_wolfssl/tls_ct_wrq.c +++ b/src/modules/tls_wolfssl/tls_ct_wrq.c @@ -1,4 +1,4 @@ -/* +/* * TLS module * * Copyright (C) 2010 iptelorg GmbH @@ -94,7 +94,7 @@ static int ssl_flush(void* tcp_c, void* error, const void* buf, unsigned size) int ssl_error; struct tls_extra_data* tls_c; SSL* ssl; - + tls_c = ((struct tcp_connection*)tcp_c)->extra_data; ssl = tls_c->ssl; ssl_error = SSL_ERROR_NONE; @@ -117,7 +117,7 @@ static int ssl_flush(void* tcp_c, void* error, const void* buf, unsigned size) if (unlikely(n <= 0)) ssl_error = wolfSSL_get_error(ssl, n); } - + *(long*)error = ssl_error; return n; } @@ -126,7 +126,7 @@ static int ssl_flush(void* tcp_c, void* error, const void* buf, unsigned size) /** * @brief Wrapper over tls_ct_q_flush() - * + * * Wrapper over tls_ct_q_flush(), besides doing a tls_ct_q_add it * also keeps track of queue size and total queued bytes. * @param c TCP connection @@ -141,7 +141,7 @@ int tls_ct_wq_flush(struct tcp_connection* c, tls_ct_q** ct_q, { int ret; long error; - + error = SSL_ERROR_NONE; ret = tls_ct_q_flush(ct_q, flags, ssl_flush, c, &error); *ssl_err = (int)error; @@ -154,7 +154,7 @@ int tls_ct_wq_flush(struct tcp_connection* c, tls_ct_q** ct_q, /** * @brief Wrapper over tls_ct_q_add() - * + * * Wrapper over tls_ct_q_add(), besides doing a tls_ct_q_add it * also keeps track of queue size and total queued bytes. * If the maximum queue size is exceeded => error. @@ -167,7 +167,7 @@ int tls_ct_wq_flush(struct tcp_connection* c, tls_ct_q** ct_q, int tls_ct_wq_add(tls_ct_q** ct_q, const void* data, unsigned int size) { int ret; - + if (unlikely( (*ct_q && (((*ct_q)->queued + size) > cfg_get(tls, tls_cfg, con_ct_wq_max))) || (atomic_get(tls_total_ct_wq) + size) > @@ -193,7 +193,7 @@ int tls_ct_wq_add(tls_ct_q** ct_q, const void* data, unsigned int size) unsigned int tls_ct_wq_free(tls_ct_q** ct_q) { unsigned int ret; - + if (likely((ret = tls_ct_q_destroy(ct_q)) > 0)) atomic_add(tls_total_ct_wq, -ret); return ret; diff --git a/src/modules/tls_wolfssl/tls_ct_wrq.h b/src/modules/tls_wolfssl/tls_ct_wrq.h index e27ec492947..15df8ce51b0 100644 --- a/src/modules/tls_wolfssl/tls_ct_wrq.h +++ b/src/modules/tls_wolfssl/tls_ct_wrq.h @@ -1,4 +1,4 @@ -/* +/* * TLS module * * Copyright (C) 2010 iptelorg GmbH @@ -57,7 +57,7 @@ unsigned int tls_ct_wq_total_bytes(); /** * @brief Wrapper over tls_ct_q_flush() - * + * * Wrapper over tls_ct_q_flush(), besides doing a tls_ct_q_add it * also keeps track of queue size and total queued bytes. * @param c TCP connection @@ -72,7 +72,7 @@ int tls_ct_wq_flush(struct tcp_connection* c, tls_ct_q** tc_q, /** * @brief Wrapper over tls_ct_q_add() - * + * * Wrapper over tls_ct_q_add(), besides doing a tls_ct_q_add it * also keeps track of queue size and total queued bytes. * If the maximum queue size is exceeded => error. diff --git a/src/modules/tls_wolfssl/tls_domain.c b/src/modules/tls_wolfssl/tls_domain.c index a79ae93b19b..173a1e7f72c 100644 --- a/src/modules/tls_wolfssl/tls_domain.c +++ b/src/modules/tls_wolfssl/tls_domain.c @@ -121,7 +121,7 @@ static void setup_dh(WOLFSSL_CTX *ctx) /** * @brief Create a new TLS domain structure - * + * * Create a new domain structure in new allocated shared memory. * @param type domain Type * @param ip domain IP @@ -222,7 +222,7 @@ void tls_destroy_cfg(void) *tls_domains_cfg = (*tls_domains_cfg)->next; tls_free_cfg(ptr); } - + shm_free(tls_domains_cfg); tls_domains_cfg = 0; } @@ -263,7 +263,7 @@ char* tls_domain_str(tls_domain_t* d) /** * @brief Initialize TLS domain parameters that have not been configured yet - * + * * Initialize TLS domain parameters that have not been configured from * parent domain (usually one of default domains) * @param d initialized domain @@ -274,19 +274,19 @@ static int ksr_tls_fill_missing(tls_domain_t* d, tls_domain_t* parent) { if (d->method == TLS_METHOD_UNSPEC) d->method = parent->method; LOG(L_INFO, "%s: tls_method=%d\n", tls_domain_str(d), d->method); - + if (d->method < 1 || d->method >= TLS_METHOD_MAX) { ERR("%s: Invalid TLS method value\n", tls_domain_str(d)); return -1; } - + if (!d->cert_file.s) { if (shm_asciiz_dup(&d->cert_file.s, parent->cert_file.s) < 0) return -1; d->cert_file.len = parent->cert_file.len; } LOG(L_INFO, "%s: certificate='%s'\n", tls_domain_str(d), d->cert_file.s); - + if (!d->ca_file.s){ if (shm_asciiz_dup(&d->ca_file.s, parent->ca_file.s) < 0) return -1; @@ -307,29 +307,29 @@ static int ksr_tls_fill_missing(tls_domain_t* d, tls_domain_t* parent) d->crl_file.len = parent->crl_file.len; } LOG(L_INFO, "%s: crl='%s'\n", tls_domain_str(d), d->crl_file.s); - + if (d->require_cert == -1) d->require_cert = parent->require_cert; LOG(L_INFO, "%s: require_certificate=%d\n", tls_domain_str(d), d->require_cert); - + if (!d->cipher_list.s) { if ( shm_asciiz_dup(&d->cipher_list.s, parent->cipher_list.s) < 0) return -1; d->cipher_list.len = parent->cipher_list.len; } LOG(L_INFO, "%s: cipher_list='%s'\n", tls_domain_str(d), d->cipher_list.s); - + if (!d->pkey_file.s) { if (shm_asciiz_dup(&d->pkey_file.s, parent->pkey_file.s) < 0) return -1; d->pkey_file.len = parent->pkey_file.len; } LOG(L_INFO, "%s: private_key='%s'\n", tls_domain_str(d), d->pkey_file.s); - + if (d->verify_cert == -1) d->verify_cert = parent->verify_cert; LOG(L_INFO, "%s: verify_certificate=%d\n", tls_domain_str(d), d->verify_cert); - + if (d->verify_depth == -1) d->verify_depth = parent->verify_depth; LOG(L_INFO, "%s: verify_depth=%d\n", tls_domain_str(d), d->verify_depth); @@ -340,7 +340,7 @@ static int ksr_tls_fill_missing(tls_domain_t* d, tls_domain_t* parent) } -/** +/** * @brief Called for ctx, with 2 args * @param ctx SSL context * @param larg ? @@ -363,7 +363,7 @@ static int tls_domain_foreach_CTX(tls_domain_t* d, per_ctx_cbk_f ctx_cbk, { int i,ret; int procs_no; - + procs_no=get_max_procs(); for(i = 0; i < procs_no; i++) { if ((ret=ctx_cbk(d->ctx[i], l1, p2))<0) @@ -463,12 +463,12 @@ static int tls_foreach_CTX_in_cfg(tls_domains_cfg_t* cfg, /** * @brief Fix pathnames when loading domain keys or other list - * + * * Fix pathnames, to be used when loading the domain key, cert, ca list a.s.o. * It will replace path with a fixed shm allocated version. Assumes path->s * was shm allocated. * @param path path to be fixed. If it starts with '.' or '/' is left alone - * (forced "relative" or "absolute" path). Otherwise the path is considered + * (forced "relative" or "absolute" path). Otherwise the path is considered * to be relative to the main config file directory * (e.g. for /etc/ser/ser.cfg => /etc/ser/\). * @return 0 on success, -1 on error @@ -526,7 +526,7 @@ static int load_cert(tls_domain_t* d) TLS_ERR("load_cert:"); return -1; } - + } return 0; } @@ -676,7 +676,7 @@ static int set_verification(tls_domain_t* d) if (d->require_cert || d->verify_client == TLS_VERIFY_CLIENT_ON) { verify_mode = WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT; - LOG(L_INFO, "%s: %s MUST present valid certificate\n", + LOG(L_INFO, "%s: %s MUST present valid certificate\n", tls_domain_str(d), d->type & TLS_DOMAIN_SRV ? "Client" : "Server"); } else { if (d->verify_cert || d->verify_client >= TLS_VERIFY_CLIENT_OPTIONAL) { @@ -745,7 +745,7 @@ static void sr_ssl_ctx_info_callback(const SSL *ssl, int event, int ret) } /** - * @brief Configure generic SSL parameters + * @brief Configure generic SSL parameters * @param d domain * @return 0 */ @@ -755,7 +755,7 @@ static int set_ssl_options(tls_domain_t* d) int procs_no; long options; - + procs_no=get_max_procs(); options=SSL_OP_ALL; /* all the bug workarrounds by default */ options|=SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION | @@ -771,7 +771,7 @@ static int set_ssl_options(tls_domain_t* d) /** - * @brief Configure TLS session cache parameters + * @brief Configure TLS session cache parameters * @param d domain * @return 0 */ @@ -780,7 +780,7 @@ static int set_session_cache(tls_domain_t* d) int i; int procs_no; str tls_session_id; - + procs_no=get_max_procs(); tls_session_id=cfg_get(tls, tls_cfg, session_id); for(i = 0; i < procs_no; i++) { @@ -973,7 +973,7 @@ static int ksr_tls_fix_domain(tls_domain_t* d, tls_domain_t* def) return -1; } wolfSSL_CTX_set_min_proto_version(d->ctx[i], TLS1_2_VERSION); -#if 0 +#if 0 if(d->method>TLS_USE_TLSvRANGE) { if(sr_tls_methods[d->method - 1].TLSMethodMin) { SSL_CTX_set_min_proto_version(d->ctx[i], @@ -989,7 +989,7 @@ static int ksr_tls_fix_domain(tls_domain_t* d, tls_domain_t* def) sr_tls_methods[d->method - 1].TLSMethodMax); } } -#endif +#endif /* * check server domains for server_name extension and register @@ -1032,7 +1032,7 @@ static int ksr_tls_fix_domain(tls_domain_t* d, tls_domain_t* def) } /** - * @brief Load a private key from a file + * @brief Load a private key from a file * @param d TLS domain * @return 0 on success, -1 on error */ @@ -1040,7 +1040,7 @@ static int load_private_key(tls_domain_t* d) { int idx, ret_pwd, i; int procs_no; - + if (!d->pkey_file.s || !d->pkey_file.len) { DBG("%s: No private key specified\n", tls_domain_str(d)); return 0; @@ -1050,7 +1050,7 @@ static int load_private_key(tls_domain_t* d) procs_no=get_max_procs(); for(i = 0; i < procs_no; i++) { - + for(idx = 0, ret_pwd = 0; idx < 3; idx++) { ret_pwd = wolfSSL_CTX_use_PrivateKey_file(d->ctx[i], d->pkey_file.s, SSL_FILETYPE_PEM); @@ -1063,7 +1063,7 @@ static int load_private_key(tls_domain_t* d) continue; } } - + if (!ret_pwd) { ERR("%s: Unable to load private key file '%s'\n", tls_domain_str(d), d->pkey_file.s); @@ -1076,7 +1076,7 @@ static int load_private_key(tls_domain_t* d) TLS_ERR("load_private_key:"); return -1; } - } + } DBG("%s: Key '%s' successfully loaded\n", tls_domain_str(d), d->pkey_file.s); @@ -1206,7 +1206,7 @@ int tls_fix_domains_cfg(tls_domains_cfg_t* cfg, tls_domain_t* srv_defaults, /** * @brief Create new configuration structure - * + * * Create new configuration structure in new allocated shared memory * @return configuration structure or zero on error */ diff --git a/src/modules/tls_wolfssl/tls_domain.h b/src/modules/tls_wolfssl/tls_domain.h index d7aed00f331..70b91379250 100644 --- a/src/modules/tls_wolfssl/tls_domain.h +++ b/src/modules/tls_wolfssl/tls_domain.h @@ -154,14 +154,14 @@ typedef struct tls_domains_cfg { /** * @brief Create a new TLS domain structure - * + * * Create a new domain structure in new allocated shared memory. * @param type domain Type * @param ip domain IP * @param port domain port * @return new domain */ -tls_domain_t *tls_new_domain(int type, struct ip_addr *ip, +tls_domain_t *tls_new_domain(int type, struct ip_addr *ip, unsigned short port); @@ -183,7 +183,7 @@ char* tls_domain_str(tls_domain_t* d); /** * @brief Create new TLS configuration structure - * + * * Create new configuration structure in new allocated shared memory. * @return configuration structure or zero on error */ @@ -201,7 +201,7 @@ int tls_add_domain(tls_domains_cfg_t* cfg, tls_domain_t* d); /** * @brief Initialize attributes of all domains from default domains if necessary - * + * * Initialize attributes of all domains from default domains if necessary, * fill in missing parameters. * @param cfg initialized domain diff --git a/src/modules/tls_wolfssl/tls_dump_vf.h b/src/modules/tls_wolfssl/tls_dump_vf.h index aa2a836d61e..fec2ba5c752 100644 --- a/src/modules/tls_wolfssl/tls_dump_vf.h +++ b/src/modules/tls_wolfssl/tls_dump_vf.h @@ -15,8 +15,8 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA * * Exception: permission to copy, modify, propagate, and distribute a work diff --git a/src/modules/tls_wolfssl/tls_map.c b/src/modules/tls_wolfssl/tls_map.c index ad9846ab8a0..3c305179982 100644 --- a/src/modules/tls_wolfssl/tls_map.c +++ b/src/modules/tls_wolfssl/tls_map.c @@ -1,4 +1,4 @@ -/** +/** * Copyright (c) 2014 rxi * * This library is free software; you can redistribute it and/or modify it @@ -60,7 +60,7 @@ static void map_addnode(map_base_t *m, map_node_t *node) { static int map_resize(map_base_t *m, int nbuckets) { map_node_t *nodes, *node, *next; map_node_t **buckets; - int i; + int i; /* Chain all nodes together */ nodes = NULL; i = m->nbuckets; diff --git a/src/modules/tls_wolfssl/tls_map.h b/src/modules/tls_wolfssl/tls_map.h index 682ec08a2fb..faec9b86c0f 100644 --- a/src/modules/tls_wolfssl/tls_map.h +++ b/src/modules/tls_wolfssl/tls_map.h @@ -1,4 +1,4 @@ -/** +/** * Copyright (c) 2014 rxi * * This library is free software; you can redistribute it and/or modify it diff --git a/src/modules/tls_wolfssl/tls_rpc.c b/src/modules/tls_wolfssl/tls_rpc.c index 887ac451aa4..35f398646cc 100644 --- a/src/modules/tls_wolfssl/tls_rpc.c +++ b/src/modules/tls_wolfssl/tls_rpc.c @@ -92,7 +92,7 @@ static void tls_reload(rpc_t* rpc, void* ctx) error: tls_free_cfg(cfg); - + } diff --git a/src/modules/tls_wolfssl/tls_select.c b/src/modules/tls_wolfssl/tls_select.c index 160f2085352..7f7e0f2379b 100644 --- a/src/modules/tls_wolfssl/tls_select.c +++ b/src/modules/tls_wolfssl/tls_select.c @@ -177,16 +177,16 @@ static int get_cert(X509** cert, struct tcp_connection** c, struct sip_msg* msg, } goto err; } - + return 0; - + err: tcpconn_put(*c); return -1; } -static int get_cipher(str* res, sip_msg_t* msg) +static int get_cipher(str* res, sip_msg_t* msg) { str cipher; static char buf[1024]; @@ -239,7 +239,7 @@ static int pv_cipher(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) } -static int get_bits(str* res, long* i, sip_msg_t* msg) +static int get_bits(str* res, long* i, sip_msg_t* msg) { str bits; int b; @@ -275,7 +275,7 @@ static int get_bits(str* res, long* i, sip_msg_t* msg) } -static int sel_bits(str* res, select_t* s, sip_msg_t* msg) +static int sel_bits(str* res, select_t* s, sip_msg_t* msg) { return get_bits(res, NULL, msg); } @@ -369,7 +369,7 @@ static int get_desc(str* res, sip_msg_t* msg) err: if (c) tcpconn_put(c); - return -1; + return -1; } @@ -408,7 +408,7 @@ static int get_cert_version(str* res, int local, sip_msg_t* msg) static int sel_cert_version(str* res, select_t* s, sip_msg_t* msg) { int local; - + switch(s->params[s->n - 2].v.i) { case CERT_PEER: local = 0; break; case CERT_LOCAL: local = 1; break; @@ -423,7 +423,7 @@ static int sel_cert_version(str* res, select_t* s, sip_msg_t* msg) static int pv_cert_version(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) { int local; - + if (param->pvn.u.isname.name.n & PV_CERT_PEER) { local = 0; } else if (param->pvn.u.isname.name.n & PV_CERT_LOCAL) { @@ -487,7 +487,7 @@ static int check_cert(str* res, long* ires, int local, int err, sip_msg_t* msg) static int sel_check_cert(str* res, select_t* s, sip_msg_t* msg) { int local, err; - + switch(s->params[s->n - 2].v.i) { case CERT_PEER: local = 0; break; case CERT_LOCAL: local = 1; break; @@ -504,7 +504,7 @@ static int sel_check_cert(str* res, select_t* s, sip_msg_t* msg) default: BUG("Unexpected parameter value \"%d\"\n", s->params[s->n - 1].v.i); return -1; - } + } return check_cert(res, NULL, local, err, msg); } @@ -512,7 +512,7 @@ static int sel_check_cert(str* res, select_t* s, sip_msg_t* msg) static int pv_check_cert(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) { int err; - + switch (param->pvn.u.isname.name.n) { case PV_CERT_VERIFIED: err = X509_V_OK; break; case PV_CERT_REVOKED: err = X509_V_ERR_CERT_REVOKED; break; @@ -522,7 +522,7 @@ static int pv_check_cert(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) BUG("unexpected parameter value \"%ld\"\n", param->pvn.u.isname.name.n); return pv_get_null(msg, param, res); } - + if (check_cert(&res->rs, &res->ri, 0, err, msg) < 0) { return pv_get_null(msg, param, res); @@ -566,7 +566,7 @@ static int get_validity(str* res, int local, int bound, sip_msg_t* msg) ERR("Error while printing certificate date/time\n"); goto err; } - + BIO_get_mem_ptr(mem, &p); if (p->length >= 1024) { ERR("Date/time too long\n"); @@ -590,7 +590,7 @@ static int get_validity(str* res, int local, int bound, sip_msg_t* msg) static int sel_validity(str* res, select_t* s, sip_msg_t* msg) { int local, bound; - + switch(s->params[s->n - 2].v.i) { case CERT_PEER: local = 0; break; case CERT_LOCAL: local = 1; break; @@ -614,7 +614,7 @@ static int sel_validity(str* res, select_t* s, sip_msg_t* msg) static int pv_validity(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) { int bound; - + switch (param->pvn.u.isname.name.n) { case PV_CERT_NOTBEFORE: bound = NOT_BEFORE; break; case PV_CERT_NOTAFTER: bound = NOT_AFTER; break; @@ -626,7 +626,7 @@ static int pv_validity(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) if (get_validity(&res->rs, 0, bound, msg) < 0) { return pv_get_null(msg, param, res); } - + res->flags = PV_VAL_STR; return 0; } @@ -679,7 +679,7 @@ static int sel_sn(str* res, select_t* s, sip_msg_t* msg) static int pv_sn(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) { int local; - + if (param->pvn.u.isname.name.n & PV_CERT_PEER) { local = 0; } else if (param->pvn.u.isname.name.n & PV_CERT_LOCAL) { @@ -688,11 +688,11 @@ static int pv_sn(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) BUG("could not determine certificate\n"); return pv_get_null(msg, param, res); } - + if (get_sn(&res->rs, local, msg) < 0) { return pv_get_null(msg, param, res); } - + res->flags = PV_VAL_STR; return 0; } @@ -910,7 +910,7 @@ static int get_comp(str* res, int local, int issuer, int nid, sip_msg_t* msg) int index, text_len; char* elem; unsigned char* text_s; - + text_s = 0; if (get_cert(&cert, &c, msg, local) < 0) return -1; @@ -994,7 +994,7 @@ static int pv_comp(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) int ind_local, local = 0, issuer = 0, nid = NID_commonName; /* copy callback value as we modify it */ - ind_local = param->pvn.u.isname.name.n; + ind_local = param->pvn.u.isname.name.n; DBG("ind_local = %x", ind_local); if (ind_local & PV_CERT_PEER) { @@ -1122,7 +1122,7 @@ static int sel_alt(str* res, select_t* s, sip_msg_t* msg) return -1; } } - + return get_alt(res, local, type, msg); } @@ -1130,7 +1130,7 @@ static int sel_alt(str* res, select_t* s, sip_msg_t* msg) static int pv_alt(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) { int ind_local, local = 0, type = GEN_URI; - + ind_local = param->pvn.u.isname.name.n; if (ind_local & PV_CERT_PEER) { @@ -1157,7 +1157,7 @@ static int pv_alt(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) if (get_alt(&res->rs, local, type, msg) < 0) { return pv_get_null(msg, param, res); } - + res->flags = PV_VAL_STR; return 0; } @@ -1185,7 +1185,7 @@ static int get_tlsext_sn(str* res, sip_msg_t* msg) { static char buf[1024]; struct tcp_connection* c; - str server_name; + str server_name; SSL* ssl; c = get_cur_connection(msg); @@ -1201,20 +1201,20 @@ static int get_tlsext_sn(str* res, sip_msg_t* msg) server_name.s = (char*)wolfSSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name); if (server_name.s) { server_name.len = strlen(server_name.s); - DBG("received server_name (TLS extension): '%.*s'\n", + DBG("received server_name (TLS extension): '%.*s'\n", STR_FMT(&server_name)); } else { DBG("SSL_get_servername returned NULL\n"); goto error; } - + /* copy server_name into the buffer. If the buffer is too small copy only * the last bytes as these are the more important ones and prefix with * '+' */ if (server_name.len > sizeof(buf)) { ERR("server_name to big for buffer\n"); buf[0] = '+'; - memcpy(buf + 1, server_name.s + 1 + server_name.len - sizeof(buf), + memcpy(buf + 1, server_name.s + 1 + server_name.len - sizeof(buf), sizeof(buf) - 1); res->len = sizeof(buf); } else { @@ -1222,10 +1222,10 @@ static int get_tlsext_sn(str* res, sip_msg_t* msg) res->len = server_name.len; } res->s = buf; - + tcpconn_put(c); return 0; - + error: if (c) tcpconn_put(c); return -1; @@ -1245,11 +1245,11 @@ static int pv_tlsext_sn(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) param->pvn.u.isname.name.n); return pv_get_null(msg, param, res); } - + if (get_tlsext_sn(&res->rs, msg) < 0) { return pv_get_null(msg, param, res); } - + res->flags = PV_VAL_STR; return 0; } @@ -1357,7 +1357,7 @@ int pv_get_tls(struct sip_msg *msg, pv_param_t *param, select_row_t tls_sel[] = { /* Current cipher parameters */ { NULL, SEL_PARAM_STR, STR_STATIC_INIT("tls"), sel_tls, 0}, - + { sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("version"), sel_version, 0}, { sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("desc"), sel_desc, 0}, { sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("description"), sel_desc, 0}, @@ -1370,9 +1370,9 @@ select_row_t tls_sel[] = { { sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("my"), sel_cert, DIVERSION | CERT_LOCAL}, { sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("me"), sel_cert, DIVERSION | CERT_LOCAL}, { sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("myself"), sel_cert, DIVERSION | CERT_LOCAL}, - + { sel_cipher, SEL_PARAM_STR, STR_STATIC_INIT("bits"), sel_bits, 0}, - + { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("subject"), sel_name, DIVERSION | CERT_SUBJECT}, { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("subj"), sel_name, DIVERSION | CERT_SUBJECT}, { sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("issuer"), sel_name, DIVERSION | CERT_ISSUER}, diff --git a/src/modules/tls_wolfssl/tls_util.c b/src/modules/tls_wolfssl/tls_util.c index a91a7635946..c1ff21960cd 100644 --- a/src/modules/tls_wolfssl/tls_util.c +++ b/src/modules/tls_wolfssl/tls_util.c @@ -1,4 +1,4 @@ -/* +/* * TLS module * * Copyright (C) 2005 iptelorg GmbH diff --git a/src/modules/tls_wolfssl/tls_util.h b/src/modules/tls_wolfssl/tls_util.h index 86a09e1f79b..1a851a053c5 100644 --- a/src/modules/tls_wolfssl/tls_util.h +++ b/src/modules/tls_wolfssl/tls_util.h @@ -1,4 +1,4 @@ -/* +/* * TLS module * * Copyright (C) 2010 iptelorg GmbH diff --git a/src/modules/tls_wolfssl/tls_verify.h b/src/modules/tls_wolfssl/tls_verify.h index 8ff646d9f13..dc392c11db5 100644 --- a/src/modules/tls_wolfssl/tls_verify.h +++ b/src/modules/tls_wolfssl/tls_verify.h @@ -1,4 +1,4 @@ -/* +/* * TLS module - certificate verification function * * Copyright (C) 2005 iptelorg GmbH @@ -29,7 +29,7 @@ #include #include -/* This callback is called during each verification process, +/* This callback is called during each verification process, at each step during the chain of certificates (this function is not the certificate_verification one!). */ int verify_callback(int pre_verify_ok, X509_STORE_CTX *ctx); diff --git a/src/modules/tls_wolfssl/tls_wolfssl_mod.h b/src/modules/tls_wolfssl/tls_wolfssl_mod.h index 7d2a3c16e6c..195ed7ed74f 100644 --- a/src/modules/tls_wolfssl/tls_wolfssl_mod.h +++ b/src/modules/tls_wolfssl/tls_wolfssl_mod.h @@ -1,4 +1,4 @@ -/* +/* * TLS module - module interface * * Copyright (C) 2005 iptelorg GmbH