Re-align some comments after running the reformat script.
This should be a one off operation (subsequent invokation of the script should not move them) Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
Matt Caswell
106
ssl/s3_srvr.c
106
ssl/s3_srvr.c
@@ -1412,17 +1412,17 @@ int ssl3_get_client_hello(SSL *s)
|
||||
goto f_err;
|
||||
}
|
||||
|
||||
/*-
|
||||
* we now have the following setup.
|
||||
* client_random
|
||||
* cipher_list - our prefered list of ciphers
|
||||
* ciphers - the clients prefered list of ciphers
|
||||
* compression - basically ignored right now
|
||||
* ssl version is set - sslv3
|
||||
* s->session - The ssl session has been setup.
|
||||
* s->hit - session reuse flag
|
||||
* s->s3->tmp.new_cipher- the new cipher to use.
|
||||
*/
|
||||
/*-
|
||||
* we now have the following setup.
|
||||
* client_random
|
||||
* cipher_list - our prefered list of ciphers
|
||||
* ciphers - the clients prefered list of ciphers
|
||||
* compression - basically ignored right now
|
||||
* ssl version is set - sslv3
|
||||
* s->session - The ssl session has been setup.
|
||||
* s->hit - session reuse flag
|
||||
* s->s3->tmp.new_cipher- the new cipher to use.
|
||||
*/
|
||||
|
||||
/* Handles TLS extensions that we couldn't check earlier */
|
||||
if (s->version >= SSL3_VERSION) {
|
||||
@@ -1469,22 +1469,22 @@ int ssl3_send_server_hello(SSL *s)
|
||||
memcpy(p, s->s3->server_random, SSL3_RANDOM_SIZE);
|
||||
p += SSL3_RANDOM_SIZE;
|
||||
|
||||
/*-
|
||||
* There are several cases for the session ID to send
|
||||
* back in the server hello:
|
||||
* - For session reuse from the session cache,
|
||||
* we send back the old session ID.
|
||||
* - If stateless session reuse (using a session ticket)
|
||||
* is successful, we send back the client's "session ID"
|
||||
* (which doesn't actually identify the session).
|
||||
* - If it is a new session, we send back the new
|
||||
* session ID.
|
||||
* - However, if we want the new session to be single-use,
|
||||
* we send back a 0-length session ID.
|
||||
* s->hit is non-zero in either case of session reuse,
|
||||
* so the following won't overwrite an ID that we're supposed
|
||||
* to send back.
|
||||
*/
|
||||
/*-
|
||||
* There are several cases for the session ID to send
|
||||
* back in the server hello:
|
||||
* - For session reuse from the session cache,
|
||||
* we send back the old session ID.
|
||||
* - If stateless session reuse (using a session ticket)
|
||||
* is successful, we send back the client's "session ID"
|
||||
* (which doesn't actually identify the session).
|
||||
* - If it is a new session, we send back the new
|
||||
* session ID.
|
||||
* - However, if we want the new session to be single-use,
|
||||
* we send back a 0-length session ID.
|
||||
* s->hit is non-zero in either case of session reuse,
|
||||
* so the following won't overwrite an ID that we're supposed
|
||||
* to send back.
|
||||
*/
|
||||
if (s->session->not_resumable ||
|
||||
(!(s->ctx->session_cache_mode & SSL_SESS_CACHE_SERVER)
|
||||
&& !s->hit))
|
||||
@@ -2540,11 +2540,11 @@ int ssl3_get_client_key_exchange(SSL *s)
|
||||
}
|
||||
}
|
||||
|
||||
/*- Was doing kssl_ctx_free() here,
|
||||
* but it caused problems for apache.
|
||||
* kssl_ctx = kssl_ctx_free(kssl_ctx);
|
||||
* if (s->kssl_ctx) s->kssl_ctx = NULL;
|
||||
*/
|
||||
/*- Was doing kssl_ctx_free() here,
|
||||
* but it caused problems for apache.
|
||||
* kssl_ctx = kssl_ctx_free(kssl_ctx);
|
||||
* if (s->kssl_ctx) s->kssl_ctx = NULL;
|
||||
*/
|
||||
} else
|
||||
#endif /* OPENSSL_NO_KRB5 */
|
||||
|
||||
@@ -3355,14 +3355,14 @@ int ssl3_send_newsession_ticket(SSL *s)
|
||||
i2d_SSL_SESSION(sess, &p);
|
||||
SSL_SESSION_free(sess);
|
||||
|
||||
/*-
|
||||
* Grow buffer if need be: the length calculation is as
|
||||
* follows handshake_header_length +
|
||||
* 4 (ticket lifetime hint) + 2 (ticket length) +
|
||||
* 16 (key name) + max_iv_len (iv length) +
|
||||
* session_length + max_enc_block_size (max encrypted session
|
||||
* length) + max_md_size (HMAC).
|
||||
*/
|
||||
/*-
|
||||
* Grow buffer if need be: the length calculation is as
|
||||
* follows handshake_header_length +
|
||||
* 4 (ticket lifetime hint) + 2 (ticket length) +
|
||||
* 16 (key name) + max_iv_len (iv length) +
|
||||
* session_length + max_enc_block_size (max encrypted session
|
||||
* length) + max_md_size (HMAC).
|
||||
*/
|
||||
if (!BUF_MEM_grow(s->init_buf,
|
||||
SSL_HM_HEADER_LENGTH(s) + 22 + EVP_MAX_IV_LENGTH +
|
||||
EVP_MAX_BLOCK_LENGTH + EVP_MAX_MD_SIZE + slen))
|
||||
@@ -3436,12 +3436,12 @@ int ssl3_send_cert_status(SSL *s)
|
||||
{
|
||||
if (s->state == SSL3_ST_SW_CERT_STATUS_A) {
|
||||
unsigned char *p;
|
||||
/*-
|
||||
* Grow buffer if need be: the length calculation is as
|
||||
* follows 1 (message type) + 3 (message length) +
|
||||
* 1 (ocsp response type) + 3 (ocsp response length)
|
||||
* + (ocsp response)
|
||||
*/
|
||||
/*-
|
||||
* Grow buffer if need be: the length calculation is as
|
||||
* follows 1 (message type) + 3 (message length) +
|
||||
* 1 (ocsp response type) + 3 (ocsp response length)
|
||||
* + (ocsp response)
|
||||
*/
|
||||
if (!BUF_MEM_grow(s->init_buf, 8 + s->tlsext_ocsp_resplen))
|
||||
return -1;
|
||||
|
||||
@@ -3513,13 +3513,13 @@ int ssl3_get_next_proto(SSL *s)
|
||||
|
||||
p = (unsigned char *)s->init_msg;
|
||||
|
||||
/*-
|
||||
* The payload looks like:
|
||||
* uint8 proto_len;
|
||||
* uint8 proto[proto_len];
|
||||
* uint8 padding_len;
|
||||
* uint8 padding[padding_len];
|
||||
*/
|
||||
/*-
|
||||
* The payload looks like:
|
||||
* uint8 proto_len;
|
||||
* uint8 proto[proto_len];
|
||||
* uint8 padding_len;
|
||||
* uint8 padding[padding_len];
|
||||
*/
|
||||
proto_len = p[0];
|
||||
if (proto_len + 2 > s->init_num)
|
||||
return 0;
|
||||
|
||||
Reference in New Issue
Block a user