generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

removed space after if and while before the parenthesis for better source code

Browse Source 
consistency
This commit is contained in:
Daniel Stenberg
2007-11-05 09:45:09 +00:00
parent af29dcbafb
commit ad6e28073c
24 changed files with 1070 additions and 1068 deletions
Download Patch File Download Diff File Expand all files Collapse all files

68
lib/nss.c
View File

@@ -283,7 +283,7 @@ nss_load_cert(const char *filename, PRBool cacert)
}
else {
/* A nickname from the NSS internal database */
if (cacert)
if(cacert)
return 0; /* You can't specify an NSS CA nickname this way */
nickname = strdup(filename);
goto done;
@@ -296,7 +296,7 @@ nss_load_cert(const char *filename, PRBool cacert)
* for storing certificates. With each new user certificate we increment
* the slot count. We only support 1 user certificate right now.
*/
if (cacert)
if(cacert)
slotID = 0;
else
slotID = 1;
@@ -308,7 +308,7 @@ nss_load_cert(const char *filename, PRBool cacert)
slot = PK11_FindSlotByName(slotname);
if (!slot) {
if(!slot) {
free(slotname);
free(nickname);
return 0;
@@ -318,7 +318,7 @@ nss_load_cert(const char *filename, PRBool cacert)
PK11_SETATTRS(attrs, CKA_TOKEN, &cktrue, sizeof(CK_BBOOL) ); attrs++;
PK11_SETATTRS(attrs, CKA_LABEL, (unsigned char *)filename,
strlen(filename)+1); attrs++;
if (cacert) {
if(cacert) {
PK11_SETATTRS(attrs, CKA_TRUST, &cktrue, sizeof(CK_BBOOL) ); attrs++;
}
else {
@@ -348,11 +348,11 @@ done:
/* Double-check that the certificate or nickname requested exists in
* either the token or the NSS certificate database.
*/
if (!cacert) {
if(!cacert) {
cert = PK11_FindCertFromNickname((char *)nickname, NULL);
/* An invalid nickname was passed in */
if (cert == NULL) {
if(cert == NULL) {
free(nickname);
PR_SetError(SEC_ERROR_UNKNOWN_CERT, 0);
return 0;
@@ -533,7 +533,7 @@ static SECStatus nss_Init_Tokens(struct connectdata * conn)
ret = PK11_Authenticate(slot, PR_TRUE, parg);
if(SECSuccess != ret) {
if (PR_GetError() == SEC_ERROR_BAD_PASSWORD)
if(PR_GetError() == SEC_ERROR_BAD_PASSWORD)
infof(conn->data, "The password for token '%s' is incorrect\n",
PK11_GetTokenName(slot));
status = SECFailure;
@@ -556,7 +556,7 @@ static SECStatus BadCertHandler(void *arg, PRFileDesc *sock)
CERTCertificate *cert = NULL;
char *subject, *issuer;
if (conn->data->set.ssl.certverifyresult!=0)
if(conn->data->set.ssl.certverifyresult!=0)
return success;
conn->data->set.ssl.certverifyresult=err;
@@ -568,34 +568,34 @@ static SECStatus BadCertHandler(void *arg, PRFileDesc *sock)
switch(err) {
case SEC_ERROR_CA_CERT_INVALID:
infof(conn->data, "Issuer certificate is invalid: '%s'\n", issuer);
if (conn->data->set.ssl.verifypeer)
if(conn->data->set.ssl.verifypeer)
success = SECFailure;
break;
case SEC_ERROR_UNTRUSTED_ISSUER:
if (conn->data->set.ssl.verifypeer)
if(conn->data->set.ssl.verifypeer)
success = SECFailure;
infof(conn->data, "Certificate is signed by an untrusted issuer: '%s'\n",
issuer);
break;
case SSL_ERROR_BAD_CERT_DOMAIN:
if (conn->data->set.ssl.verifypeer)
if(conn->data->set.ssl.verifypeer)
success = SECFailure;
infof(conn->data, "common name: %s (does not match '%s')\n",
subject, conn->host.dispname);
break;
case SEC_ERROR_EXPIRED_CERTIFICATE:
if (conn->data->set.ssl.verifypeer)
if(conn->data->set.ssl.verifypeer)
success = SECFailure;
infof(conn->data, "Remote Certificate has expired.\n");
break;
default:
if (conn->data->set.ssl.verifypeer)
if(conn->data->set.ssl.verifypeer)
success = SECFailure;
infof(conn->data, "Bad certificate received. Subject = '%s', "
"Issuer = '%s'\n", subject, issuer);
break;
}
if (success == SECSuccess)
if(success == SECSuccess)
infof(conn->data, "SSL certificate verify ok.\n");
PR_Free(subject);
PR_Free(issuer);
@@ -623,10 +623,10 @@ static void display_conn_info(struct connectdata *conn, PRFileDesc *sock)
char timeString[256];
PRTime notBefore, notAfter;
if (SSL_GetChannelInfo(sock, &channel, sizeof channel) ==
if(SSL_GetChannelInfo(sock, &channel, sizeof channel) ==
SECSuccess && channel.length == sizeof channel &&
channel.cipherSuite) {
if (SSL_GetCipherSuiteInfo(channel.cipherSuite,
if(SSL_GetCipherSuiteInfo(channel.cipherSuite,
&suite, sizeof suite) == SECSuccess) {
infof(conn->data, "SSL connection using %s\n", suite.cipherSuiteName);
}
@@ -678,7 +678,7 @@ static SECStatus SelectClientCert(void *arg, PRFileDesc *sock,
proto_win = SSL_RevealPinArg(sock);
if (!nickname)
if(!nickname)
return secStatus;
cert = PK11_FindCertFromNickname(nickname, proto_win);
@@ -708,7 +708,7 @@ static SECStatus SelectClientCert(void *arg, PRFileDesc *sock,
*pRetKey = privKey;
}
else {
if (cert)
if(cert)
CERT_DestroyCertificate(cert);
}
@@ -814,11 +814,11 @@ CURLcode Curl_nss_connect(struct connectdata * conn, int sockindex)
certDir = getenv("SSL_DIR"); /* Look in $SSL_DIR */
if (!certDir) {
if(!certDir) {
struct stat st;
if (stat(SSL_DIR, &st) == 0)
if (S_ISDIR(st.st_mode)) {
if(stat(SSL_DIR, &st) == 0)
if(S_ISDIR(st.st_mode)) {
certDir = (char *)SSL_DIR;
}
}
@@ -845,8 +845,8 @@ CURLcode Curl_nss_connect(struct connectdata * conn, int sockindex)
mod = SECMOD_LoadUserModule(configstring, NULL, PR_FALSE);
free(configstring);
if (!mod || !mod->loaded) {
if (mod) {
if(!mod || !mod->loaded) {
if(mod) {
SECMOD_DestroyModule(mod);
mod = NULL;
}
@@ -912,31 +912,31 @@ CURLcode Curl_nss_connect(struct connectdata * conn, int sockindex)
if(!data->set.ssl.verifypeer)
/* skip the verifying of the peer */
;
else if (data->set.ssl.CAfile) {
else if(data->set.ssl.CAfile) {
int rc = nss_load_cert(data->set.ssl.CAfile, PR_TRUE);
if (!rc) {
if(!rc) {
curlerr = CURLE_SSL_CACERT_BADFILE;
goto error;
}
}
else if (data->set.ssl.CApath) {
else if(data->set.ssl.CApath) {
struct stat st;
PRDir *dir;
PRDirEntry *entry;
if (stat(data->set.ssl.CApath, &st) == -1) {
if(stat(data->set.ssl.CApath, &st) == -1) {
curlerr = CURLE_SSL_CACERT_BADFILE;
goto error;
}
if (S_ISDIR(st.st_mode)) {
if(S_ISDIR(st.st_mode)) {
int rc;
dir = PR_OpenDir(data->set.ssl.CApath);
do {
entry = PR_ReadDir(dir, PR_SKIP_BOTH | PR_SKIP_HIDDEN);
if (entry) {
if(entry) {
char fullpath[PATH_MAX];
snprintf(fullpath, sizeof(fullpath), "%s/%s", data->set.ssl.CApath,
@@ -946,7 +946,7 @@ CURLcode Curl_nss_connect(struct connectdata * conn, int sockindex)
}
/* This is purposefully tolerant of errors so non-PEM files
* can be in the same directory */
} while (entry != NULL);
} while(entry != NULL);
PR_CloseDir(dir);
}
}
@@ -963,7 +963,7 @@ CURLcode Curl_nss_connect(struct connectdata * conn, int sockindex)
nickname = (char *)malloc(PATH_MAX);
if(is_file(data->set.str[STRING_CERT])) {
n = strrchr(data->set.str[STRING_CERT], '/');
if (n) {
if(n) {
n++; /* skip last slash */
snprintf(nickname, PATH_MAX, "PEM Token #%ld:%s", 1, n);
}
@@ -975,7 +975,7 @@ CURLcode Curl_nss_connect(struct connectdata * conn, int sockindex)
free(nickname);
goto error;
}
if (!cert_stuff(conn, data->set.str[STRING_CERT],
if(!cert_stuff(conn, data->set.str[STRING_CERT],
data->set.str[STRING_KEY])) {
/* failf() is already done in cert_stuff() */
free(nickname);
@@ -1011,10 +1011,10 @@ CURLcode Curl_nss_connect(struct connectdata * conn, int sockindex)
SSL_SetURL(connssl->handle, conn->host.name);
/* Force the handshake now */
if (SSL_ForceHandshakeWithTimeout(connssl->handle,
if(SSL_ForceHandshakeWithTimeout(connssl->handle,
PR_SecondsToInterval(HANDSHAKE_TIMEOUT))
!= SECSuccess) {
if (conn->data->set.ssl.certverifyresult!=0)
if(conn->data->set.ssl.certverifyresult!=0)
curlerr = CURLE_SSL_CACERT;
goto error;
}