wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Remove unnecessary trailing whitespace

Browse source 
Trim trailing whitespace. It doesn't match OpenSSL coding standards,
AFAICT, and it can cause problems with git tooling.

Trailing whitespace remains in test data and external source.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8092)
This commit is contained in:
Sam Roberts 2019-01-31 09:55:30 -08:00 committed by Richard Levitte
parent d6f4b0a8bf
commit df4439186f
63 changed files with 113 additions and 113 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
CHANGES
View file

@ -74,7 +74,7 @@
implementations. This includes a generic EVP_PKEY to EVP_MAC bridge, implementations. This includes a generic EVP_PKEY to EVP_MAC bridge,
to facilitate the continued use of MACs through raw private keys in to facilitate the continued use of MACs through raw private keys in
functionality such as EVP_DigestSign* and EVP_DigestVerify*. functionality such as EVP_DigestSign* and EVP_DigestVerify*.
[Richard Levitte] [Richard Levitte]
*) Deprecate ECDH_KDF_X9_62() and mark its replacement as internal. Users *) Deprecate ECDH_KDF_X9_62() and mark its replacement as internal. Users
should use the EVP interface instead (EVP_PKEY_CTX_set_ecdh_kdf_type). should use the EVP interface instead (EVP_PKEY_CTX_set_ecdh_kdf_type).

2
CONTRIBUTING
View file

@ -57,7 +57,7 @@ guidelines:
7. For user visible changes (API changes, behaviour changes, ...), 7. For user visible changes (API changes, behaviour changes, ...),
consider adding a note in CHANGES. This could be a summarising consider adding a note in CHANGES. This could be a summarising
description of the change, and could explain the grander details. description of the change, and could explain the grander details.
Have a look through existing entries for inspiration. Have a look through existing entries for inspiration.
Please note that this is NOT simply a copy of git-log oneliners. Please note that this is NOT simply a copy of git-log oneliners.
Also note that security fixes get an entry in CHANGES. Also note that security fixes get an entry in CHANGES.
This file helps users get more in depth information of what comes This file helps users get more in depth information of what comes

2
Configurations/00-base-templates.conf
View file

@ -305,7 +305,7 @@ my %targets=(
sha1_asm_src => "sha1-armv4-large.S sha256-armv4.S sha512-armv4.S", sha1_asm_src => "sha1-armv4-large.S sha256-armv4.S sha512-armv4.S",
modes_asm_src => "ghash-armv4.S ghashv8-armx.S", modes_asm_src => "ghash-armv4.S ghashv8-armx.S",
chacha_asm_src => "chacha-armv4.S", chacha_asm_src => "chacha-armv4.S",
poly1305_asm_src=> "poly1305-armv4.S", poly1305_asm_src=> "poly1305-armv4.S",
keccak1600_asm_src => "keccak1600-armv4.S", keccak1600_asm_src => "keccak1600-armv4.S",
perlasm_scheme => "void" perlasm_scheme => "void"
}, },

2
Configurations/50-win-onecore.conf
View file

@ -4,7 +4,7 @@
# Mobile[?] Windows editions. It's a set up "umbrella" libraries that # Mobile[?] Windows editions. It's a set up "umbrella" libraries that
# export subset of Win32 API that are common to all Windows 10 devices. # export subset of Win32 API that are common to all Windows 10 devices.
# #
# OneCore Configuration temporarly dedicated for console applications # OneCore Configuration temporarly dedicated for console applications
# due to disabled event logging, which is incompatible with one core. # due to disabled event logging, which is incompatible with one core.
# Error messages are provided via standard error only. # Error messages are provided via standard error only.
# TODO: extend error handling to use ETW based eventing # TODO: extend error handling to use ETW based eventing

2
Configurations/README
View file

@ -118,7 +118,7 @@ In each table entry, the following keys are significant:
'<unistd.h>'. This is very rarely needed. '<unistd.h>'. This is very rarely needed.
shared_extension => File name extension used for shared shared_extension => File name extension used for shared
libraries. libraries.
obj_extension => File name extension used for object files. obj_extension => File name extension used for object files.
On unix, this defaults to ".o" (NOTE: this On unix, this defaults to ".o" (NOTE: this
is here for future use, it's not is here for future use, it's not

8
Configurations/README.design
View file

@ -87,7 +87,7 @@ depends on the library 'libssl' to function properly.
LIBS=../libcrypto LIBS=../libcrypto
SOURCE[../libcrypto]=aes.c evp.c cversion.c SOURCE[../libcrypto]=aes.c evp.c cversion.c
DEPEND[cversion.o]=buildinf.h DEPEND[cversion.o]=buildinf.h
GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC) $(CFLAGS)" "$(PLATFORM)" GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC) $(CFLAGS)" "$(PLATFORM)"
DEPEND[buildinf.h]=../Makefile DEPEND[buildinf.h]=../Makefile
DEPEND[../util/mkbuildinf.pl]=../util/Foo.pm DEPEND[../util/mkbuildinf.pl]=../util/Foo.pm
@ -102,7 +102,7 @@ show that duplicate information isn't an issue.
This build.info file informs us that 'libcrypto' is built from a few This build.info file informs us that 'libcrypto' is built from a few
source files, 'crypto/aes.c', 'crypto/evp.c' and 'crypto/cversion.c'. source files, 'crypto/aes.c', 'crypto/evp.c' and 'crypto/cversion.c'.
It also shows us that building the object file inferred from It also shows us that building the object file inferred from
'crypto/cversion.c' depends on 'crypto/buildinf.h'. Finally, it 'crypto/cversion.c' depends on 'crypto/buildinf.h'. Finally, it
also shows the possibility to declare how some files are generated also shows the possibility to declare how some files are generated
using some script, in this case a perl script, and how such scripts using some script, in this case a perl script, and how such scripts
can be declared to depend on other files, in this case a perl module. can be declared to depend on other files, in this case a perl module.
@ -150,7 +150,7 @@ information comes down to this:
SOURCE[libssl]=ssl/tls.c SOURCE[libssl]=ssl/tls.c
INCLUDE[libssl]=include INCLUDE[libssl]=include
DEPEND[libssl]=libcrypto DEPEND[libssl]=libcrypto
PROGRAMS=apps/openssl PROGRAMS=apps/openssl
SOURCE[apps/openssl]=apps/openssl.c SOURCE[apps/openssl]=apps/openssl.c
INCLUDE[apps/openssl]=. include INCLUDE[apps/openssl]=. include
@ -165,7 +165,7 @@ information comes down to this:
SOURCE[engines/ossltest]=engines/e_ossltest.c SOURCE[engines/ossltest]=engines/e_ossltest.c
DEPEND[engines/ossltest]=libcrypto.a DEPEND[engines/ossltest]=libcrypto.a
INCLUDE[engines/ossltest]=include INCLUDE[engines/ossltest]=include
GENERATE[crypto/buildinf.h]=util/mkbuildinf.pl "$(CC) $(CFLAGS)" "$(PLATFORM)" GENERATE[crypto/buildinf.h]=util/mkbuildinf.pl "$(CC) $(CFLAGS)" "$(PLATFORM)"
DEPEND[crypto/buildinf.h]=Makefile DEPEND[crypto/buildinf.h]=Makefile
DEPEND[util/mkbuildinf.pl]=util/Foo.pm DEPEND[util/mkbuildinf.pl]=util/Foo.pm

2
Configurations/descrip.mms.tmpl
View file

@ -1105,7 +1105,7 @@ EOF
# object modules already. # object modules already.
my $main = $_->{attrs}->{has_main} my $main = $_->{attrs}->{has_main}
? '/INCLUDE=main' : ''; ? '/INCLUDE=main' : '';
push @lines, push @lines,
"\@ IF nomain THEN WRITE OPT_FILE \"$x/LIB$main\"", "\@ IF nomain THEN WRITE OPT_FILE \"$x/LIB$main\"",
"\@ IF .NOT. nomain THEN WRITE OPT_FILE \"$x/LIB\"" "\@ IF .NOT. nomain THEN WRITE OPT_FILE \"$x/LIB\""
} }

2
Configurations/unix-Makefile.tmpl
View file

@ -800,7 +800,7 @@ errors:
include/internal/o_str.h include/internal/o_str.h
include/internal/err.h include/internal/err.h
include/internal/sslconf.h ); include/internal/sslconf.h );
our @cryptoskipheaders = ( @sslheaders, our @cryptoskipheaders = ( @sslheaders,
qw( include/openssl/conf_api.h qw( include/openssl/conf_api.h
include/openssl/ebcdic.h include/openssl/ebcdic.h
include/openssl/opensslconf.h include/openssl/opensslconf.h

2
NOTES.ANDROID
View file

@ -26,7 +26,7 @@
you need to set ANDROID_NDK_HOME environment to point at NDK directory you need to set ANDROID_NDK_HOME environment to point at NDK directory
as /some/where/android-ndk-<ver>. Both variables are significant at both as /some/where/android-ndk-<ver>. Both variables are significant at both
configuration and compilation times. NDK customarily supports multiple configuration and compilation times. NDK customarily supports multiple
Android API levels, e.g. android-14, android-21, etc. By default latest Android API levels, e.g. android-14, android-21, etc. By default latest
one available is chosen. If you need to target older platform, pass one available is chosen. If you need to target older platform, pass
additional -D__ANDROID_API__=N to Configure. N is numeric value of the additional -D__ANDROID_API__=N to Configure. N is numeric value of the
target platform version. For example, to compile for ICS on ARM with target platform version. For example, to compile for ICS on ARM with

4
NOTES.DJGPP
View file

@ -1,5 +1,5 @@
INSTALLATION ON THE DOS PLATFORM WITH DJGPP INSTALLATION ON THE DOS PLATFORM WITH DJGPP
------------------------------------------- -------------------------------------------
@ -29,7 +29,7 @@
running "./Configure" with appropriate arguments: running "./Configure" with appropriate arguments:
./Configure no-threads --prefix=/dev/env/DJDIR DJGPP ./Configure no-threads --prefix=/dev/env/DJDIR DJGPP
And finally fire up "make". You may run out of DPMI selectors when And finally fire up "make". You may run out of DPMI selectors when
running in a DOS box under Windows. If so, just close the BASH running in a DOS box under Windows. If so, just close the BASH
shell, go back to Windows, and restart BASH. Then run "make" again. shell, go back to Windows, and restart BASH. Then run "make" again.

2
NOTES.VMS
View file

@ -42,7 +42,7 @@
for now is to rename the OpenSSL source directory, as follows (please for now is to rename the OpenSSL source directory, as follows (please
adjust for the actual source directory name you have): adjust for the actual source directory name you have):
$ rename openssl-1^.1^.0.DIR openssl-1_1_0.DIR $ rename openssl-1^.1^.0.DIR openssl-1_1_0.DIR
About MMS and DCL About MMS and DCL

4
apps/ct_log_list.cnf
View file

@ -2,8 +2,8 @@
# that are to be trusted. # that are to be trusted.
# Google's list of logs can be found here: # Google's list of logs can be found here:
# www.certificate-transparency.org/known-logs # www.certificate-transparency.org/known-logs
# A Python program to convert the log list to OpenSSL's format can be # A Python program to convert the log list to OpenSSL's format can be
# found here: # found here:
# https://github.com/google/certificate-transparency/blob/master/python/utilities/log_list/print_log_list.py # https://github.com/google/certificate-transparency/blob/master/python/utilities/log_list/print_log_list.py
# Use the "--openssl_output" flag. # Use the "--openssl_output" flag.

2
apps/demoSRP/srp_verifier.txt
View file

@ -3,4 +3,4 @@
# records starting with a I followed by the g and N values and the id. # records starting with a I followed by the g and N values and the id.
# The exact values ... you have to dig this out from the source of srp.c # The exact values ... you have to dig this out from the source of srp.c
# or srp_vfy.c # or srp_vfy.c
# The last value of an I is used as the default group for new users. # The last value of an I is used as the default group for new users.

2
apps/dh1024.pem
View file

@ -4,7 +4,7 @@ Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL
/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC /1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC
-----END DH PARAMETERS----- -----END DH PARAMETERS-----
These are the 1024-bit DH parameters from "Internet Key Exchange These are the 1024-bit DH parameters from "Internet Key Exchange
Protocol Version 2 (IKEv2)": https://tools.ietf.org/html/rfc5996 Protocol Version 2 (IKEv2)": https://tools.ietf.org/html/rfc5996
See https://tools.ietf.org/html/rfc2412 for how they were generated. See https://tools.ietf.org/html/rfc2412 for how they were generated.

4
apps/dh2048.pem
View file

@ -7,8 +7,8 @@ fDKQXkYuNs474553LBgOhgObJ4Oi7Aeij7XFXfBvTFLJ3ivL9pVYFxg5lUl86pVq
5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAg== 5RXSJhiY+gUQFXKOWoqsqmj//////////wIBAg==
-----END DH PARAMETERS----- -----END DH PARAMETERS-----
These are the 2048-bit DH parameters from "More Modular Exponential These are the 2048-bit DH parameters from "More Modular Exponential
(MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)": (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)":
https://tools.ietf.org/html/rfc3526 https://tools.ietf.org/html/rfc3526
See https://tools.ietf.org/html/rfc2412 for how they were generated. See https://tools.ietf.org/html/rfc2412 for how they were generated.

4
apps/dh4096.pem
View file

@ -12,8 +12,8 @@ ARpyPBKnh+bXiHGaEL26WyaZwycYavTiPBqUaDS2FQvaJYPpyirUTOjbu8LbBN6O
HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQI= HNAGkSfVsFqpk7TqmI2P3cGG/7fckKbAj030Nck0BjGZ//////////8CAQI=
-----END DH PARAMETERS----- -----END DH PARAMETERS-----
These are the 4096-bit DH parameters from "More Modular Exponential These are the 4096-bit DH parameters from "More Modular Exponential
(MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)": (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)":
https://tools.ietf.org/html/rfc3526 https://tools.ietf.org/html/rfc3526
See https://tools.ietf.org/html/rfc2412 for how they were generated. See https://tools.ietf.org/html/rfc2412 for how they were generated.

4
apps/openssl-vms.cnf
View file

@ -18,7 +18,7 @@ oid_section = new_oids
# To use this configuration file with the "-extfile" option of the # To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the # "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use: # X.509v3 extensions to use:
# extensions = # extensions =
# (Alternatively, use a configuration file that has only # (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.) # X.509v3 extensions in its main [= default] section.)
@ -115,7 +115,7 @@ x509_extensions = v3_ca # The extensions to add to the self signed cert
# input_password = secret # input_password = secret
# output_password = secret # output_password = secret
# This sets a mask for permitted string types. There are several options. # This sets a mask for permitted string types. There are several options.
# default: PrintableString, T61String, BMPString. # default: PrintableString, T61String, BMPString.
# pkix : PrintableString, BMPString (PKIX recommendation before 2004) # pkix : PrintableString, BMPString (PKIX recommendation before 2004)
# utf8only: only UTF8Strings (PKIX recommendation after 2004). # utf8only: only UTF8Strings (PKIX recommendation after 2004).

4
apps/openssl.cnf
View file

@ -18,7 +18,7 @@ oid_section = new_oids
# To use this configuration file with the "-extfile" option of the # To use this configuration file with the "-extfile" option of the
# "openssl x509" utility, name here the section containing the # "openssl x509" utility, name here the section containing the
# X.509v3 extensions to use: # X.509v3 extensions to use:
# extensions = # extensions =
# (Alternatively, use a configuration file that has only # (Alternatively, use a configuration file that has only
# X.509v3 extensions in its main [= default] section.) # X.509v3 extensions in its main [= default] section.)
@ -115,7 +115,7 @@ x509_extensions = v3_ca # The extensions to add to the self signed cert
# input_password = secret # input_password = secret
# output_password = secret # output_password = secret
# This sets a mask for permitted string types. There are several options. # This sets a mask for permitted string types. There are several options.
# default: PrintableString, T61String, BMPString. # default: PrintableString, T61String, BMPString.
# pkix : PrintableString, BMPString (PKIX recommendation before 2004) # pkix : PrintableString, BMPString (PKIX recommendation before 2004)
# utf8only: only UTF8Strings (PKIX recommendation after 2004). # utf8only: only UTF8Strings (PKIX recommendation after 2004).

4
apps/s_client.c
View file

@ -2360,7 +2360,7 @@ int s_client_main(int argc, char **argv)
BIO_push(fbio, sbio); BIO_push(fbio, sbio);
BIO_printf(fbio, "CONNECT %s HTTP/1.0\r\n", connectstr); BIO_printf(fbio, "CONNECT %s HTTP/1.0\r\n", connectstr);
/* /*
* Workaround for broken proxies which would otherwise close * Workaround for broken proxies which would otherwise close
* the connection when entering tunnel mode (eg Squid 2.6) * the connection when entering tunnel mode (eg Squid 2.6)
*/ */
@ -3549,7 +3549,7 @@ static char *base64encode (const void *buf, size_t len)
i = EVP_EncodeBlock((unsigned char *)out, buf, len); i = EVP_EncodeBlock((unsigned char *)out, buf, len);
assert(i <= (int)outl); assert(i <= (int)outl);
if (i < 0) if (i < 0)
*out = '\0'; *out = '\0';
return out; return out;
} }

16
config
View file

@ -19,7 +19,7 @@ THERE=`dirname $0`
# pick up any command line args to config # pick up any command line args to config
for i for i
do do
case "$i" in case "$i" in
-d*) options=$options" --debug";; -d*) options=$options" --debug";;
-t*) DRYRUN="true" VERBOSE="true";; -t*) DRYRUN="true" VERBOSE="true";;
-v*) VERBOSE="true";; -v*) VERBOSE="true";;
@ -59,7 +59,7 @@ __CNF_LDLIBS=
# Now test for ISC and SCO, since it is has a braindamaged uname. # Now test for ISC and SCO, since it is has a braindamaged uname.
# #
# We need to work around FreeBSD 1.1.5.1 # We need to work around FreeBSD 1.1.5.1
( (
XREL=`uname -X 2>/dev/null | grep "^Release" | awk '{print $3}'` XREL=`uname -X 2>/dev/null | grep "^Release" | awk '{print $3}'`
if [ "x$XREL" != "x" ]; then if [ "x$XREL" != "x" ]; then
@ -363,7 +363,7 @@ esac
# At this point we gone through all the one's # At this point we gone through all the one's
# we know of: Punt # we know of: Punt
echo "${MACHINE}-whatever-${SYSTEM}" echo "${MACHINE}-whatever-${SYSTEM}"
exit 0 exit 0
) 2>/dev/null | ( ) 2>/dev/null | (
@ -433,7 +433,7 @@ fi
CCVER=${CCVER:-0} CCVER=${CCVER:-0}
# read the output of the embedded GuessOS # read the output of the embedded GuessOS
read GUESSOS read GUESSOS
echo Operating system: $GUESSOS echo Operating system: $GUESSOS
@ -732,7 +732,7 @@ case "$GUESSOS" in
*-*-[Uu]nix[Ww]are7) *-*-[Uu]nix[Ww]are7)
if [ "$CC" = "gcc" ]; then if [ "$CC" = "gcc" ]; then
OUT="unixware-7-gcc" ; options="$options no-sse2" OUT="unixware-7-gcc" ; options="$options no-sse2"
else else
OUT="unixware-7" ; options="$options no-sse2" OUT="unixware-7" ; options="$options no-sse2"
__CNF_CPPFLAGS="$__CNF_CPPFLAGS -D__i386__" __CNF_CPPFLAGS="$__CNF_CPPFLAGS -D__i386__"
fi fi
@ -793,7 +793,7 @@ case "$GUESSOS" in
OUT="aix64-gcc" OUT="aix64-gcc"
fi fi
elif [ $OBJECT_MODE -eq 64 ]; then elif [ $OBJECT_MODE -eq 64 ]; then
echo 'Your $OBJECT_MODE was found to be set to 64' echo 'Your $OBJECT_MODE was found to be set to 64'
OUT="aix64-cc" OUT="aix64-cc"
else else
OUT="aix-cc" OUT="aix-cc"
@ -897,7 +897,7 @@ if [ ".$PERL" = . ] ; then
exit 1 exit 1
fi fi
# run Configure to check to see if we need to specify the # run Configure to check to see if we need to specify the
# compiler for the platform ... in which case we add it on # compiler for the platform ... in which case we add it on
# the end ... otherwise we leave it off # the end ... otherwise we leave it off
@ -920,7 +920,7 @@ if [ $? = "0" ]; then
__CNF_LDFLAGS="'$__CNF_LDFLAGS'" \ __CNF_LDFLAGS="'$__CNF_LDFLAGS'" \
__CNF_LDLIBS="'$__CNF_LDLIBS'" \ __CNF_LDLIBS="'$__CNF_LDLIBS'" \
$PERL $THERE/Configure $OUT $options $PERL $THERE/Configure $OUT $options
fi fi
if [ "$DRYRUN" = "false" ]; then if [ "$DRYRUN" = "false" ]; then
# eval to make sure quoted options, possibly with spaces inside, # eval to make sure quoted options, possibly with spaces inside,
# are treated right # are treated right

4
crypto/bn/asm/ia64.S
View file

@ -47,7 +47,7 @@
// on Itanium2! What to do? Reschedule loops for Itanium2? But then // on Itanium2! What to do? Reschedule loops for Itanium2? But then
// Itanium would exhibit anti-scalability. So I've chosen to reschedule // Itanium would exhibit anti-scalability. So I've chosen to reschedule
// for worst latency for every instruction aiming for best *all-round* // for worst latency for every instruction aiming for best *all-round*
// performance. // performance.
// Q. How much faster does it get? // Q. How much faster does it get?
// A. Here is the output from 'openssl speed rsa dsa' for vanilla // A. Here is the output from 'openssl speed rsa dsa' for vanilla
@ -471,7 +471,7 @@ bn_mul_add_words:
.global bn_sqr_words# .global bn_sqr_words#
.proc bn_sqr_words# .proc bn_sqr_words#
.align 64 .align 64
.skip 32 // makes the loop body aligned at 64-byte boundary .skip 32 // makes the loop body aligned at 64-byte boundary
bn_sqr_words: bn_sqr_words:
.prologue .prologue
.save ar.pfs,r2 .save ar.pfs,r2

4
crypto/bn/asm/sparcv8plus.S
View file

@ -154,9 +154,9 @@
.register %g2,#scratch .register %g2,#scratch
.register %g3,#scratch .register %g3,#scratch
# define FRAME_SIZE -192 # define FRAME_SIZE -192
#else #else
# define FRAME_SIZE -96 # define FRAME_SIZE -96
#endif #endif
/* /*
* GNU assembler can't stand stuw:-( * GNU assembler can't stand stuw:-(
*/ */

4
crypto/bn/bn_ctx.c
View file

@ -256,7 +256,7 @@ static int BN_STACK_push(BN_STACK *st, unsigned int idx)
unsigned int newsize = unsigned int newsize =
st->size ? (st->size * 3 / 2) : BN_CTX_START_FRAMES; st->size ? (st->size * 3 / 2) : BN_CTX_START_FRAMES;
unsigned int *newitems; unsigned int *newitems;
if ((newitems = OPENSSL_malloc(sizeof(*newitems) * newsize)) == NULL) { if ((newitems = OPENSSL_malloc(sizeof(*newitems) * newsize)) == NULL) {
BNerr(BN_F_BN_STACK_PUSH, ERR_R_MALLOC_FAILURE); BNerr(BN_F_BN_STACK_PUSH, ERR_R_MALLOC_FAILURE);
return 0; return 0;
@ -310,7 +310,7 @@ static BIGNUM *BN_POOL_get(BN_POOL *p, int flag)
/* Full; allocate a new pool item and link it in. */ /* Full; allocate a new pool item and link it in. */
if (p->used == p->size) { if (p->used == p->size) {
BN_POOL_ITEM *item; BN_POOL_ITEM *item;
if ((item = OPENSSL_malloc(sizeof(*item))) == NULL) { if ((item = OPENSSL_malloc(sizeof(*item))) == NULL) {
BNerr(BN_F_BN_POOL_GET, ERR_R_MALLOC_FAILURE); BNerr(BN_F_BN_POOL_GET, ERR_R_MALLOC_FAILURE);
return NULL; return NULL;

6
crypto/cryptlib.c
View file

@ -352,9 +352,9 @@ void OPENSSL_showfatal(const char *fmta, ...)
/* /*
* TODO: (For non GUI and no std error cases) * TODO: (For non GUI and no std error cases)
* Add event logging feature here. * Add event logging feature here.
*/ */
# if !defined(NDEBUG) # if !defined(NDEBUG)
/* /*
* We are in a situation where we tried to report a critical * We are in a situation where we tried to report a critical
@ -393,7 +393,7 @@ void OPENSSL_showfatal(const char *fmta, ...)
# endif # endif
# else # else
MessageBox(NULL, buf, _T("OpenSSL: FATAL"), MB_OK | MB_ICONERROR); MessageBox(NULL, buf, _T("OpenSSL: FATAL"), MB_OK | MB_ICONERROR);
# endif # endif
} }
#else #else
void OPENSSL_showfatal(const char *fmta, ...) void OPENSSL_showfatal(const char *fmta, ...)

4
crypto/des/asm/des_enc.m4
View file

@ -311,7 +311,7 @@ $4:
sll out1, 28, out1 ! rotate sll out1, 28, out1 ! rotate
xor $1, local1, $1 ! 1 finished, local1 now sbox 7 xor $1, local1, $1 ! 1 finished, local1 now sbox 7
ld [global2+local2], local2 ! 2 ld [global2+local2], local2 ! 2
srl out0, 24, local1 ! 7 srl out0, 24, local1 ! 7
or out1, local0, out1 ! rotate or out1, local0, out1 ! rotate
@ -1390,7 +1390,7 @@ DES_ncbc_encrypt:
add %o7,global1,global1 add %o7,global1,global1
sub global1,.PIC.DES_SPtrans-.des_and,out2 sub global1,.PIC.DES_SPtrans-.des_and,out2
cmp in5, 0 ! enc cmp in5, 0 ! enc
be .ncbc.dec be .ncbc.dec
STPTR in4, IVEC STPTR in4, IVEC

14
crypto/ec/curve448/point_448.h
View file

@ -116,7 +116,7 @@ void curve448_scalar_encode(unsigned char ser[C448_SCALAR_BYTES],
/* /*
* Add two scalars. |a|, |b| and |out| may alias each other. * Add two scalars. |a|, |b| and |out| may alias each other.
* *
* a (in): One scalar. * a (in): One scalar.
* b (in): Another scalar. * b (in): Another scalar.
* out (out): a+b. * out (out): a+b.
@ -135,7 +135,7 @@ void curve448_scalar_sub(curve448_scalar_t out,
/* /*
* Multiply two scalars. |a|, |b| and |out| may alias each other. * Multiply two scalars. |a|, |b| and |out| may alias each other.
* *
* a (in): One scalar. * a (in): One scalar.
* b (in): Another scalar. * b (in): Another scalar.
* out (out): a*b. * out (out): a*b.
@ -145,7 +145,7 @@ void curve448_scalar_mul(curve448_scalar_t out,
/* /*
* Halve a scalar. |a| and |out| may alias each other. * Halve a scalar. |a| and |out| may alias each other.
* *
* a (in): A scalar. * a (in): A scalar.
* out (out): a/2. * out (out): a/2.
*/ */
@ -154,7 +154,7 @@ void curve448_scalar_halve(curve448_scalar_t out, const curve448_scalar_t a);
/* /*
* Copy a scalar. The scalars may alias each other, in which case this * Copy a scalar. The scalars may alias each other, in which case this
* function does nothing. * function does nothing.
* *
* a (in): A scalar. * a (in): A scalar.
* out (out): Will become a copy of a. * out (out): Will become a copy of a.
*/ */
@ -183,7 +183,7 @@ static ossl_inline void curve448_point_copy(curve448_point_t a,
* *
* a (in): A point. * a (in): A point.
* b (in): Another point. * b (in): Another point.
* *
* Returns: * Returns:
* C448_TRUE: The points are equal. * C448_TRUE: The points are equal.
* C448_FALSE: The points are not equal. * C448_FALSE: The points are not equal.
@ -243,7 +243,7 @@ void curve448_point_mul_by_ratio_and_encode_like_x448(
/* /*
* RFC 7748 Diffie-Hellman base point scalarmul. This function uses a different * RFC 7748 Diffie-Hellman base point scalarmul. This function uses a different
* (non-Decaf) encoding. * (non-Decaf) encoding.
* *
* out (out): The scaled point base*scalar * out (out): The scaled point base*scalar
* scalar (in): The scalar to multiply by. * scalar (in): The scalar to multiply by.
*/ */
@ -273,7 +273,7 @@ void curve448_precomputed_scalarmul(curve448_point_t scaled,
* base2 (in): A second point to be scaled. * base2 (in): A second point to be scaled.
* scalar2 (in) A second scalar to multiply by. * scalar2 (in) A second scalar to multiply by.
* *
* Warning: This function takes variable time, and may leak the scalars used. * Warning: This function takes variable time, and may leak the scalars used.
* It is designed for signature verification. * It is designed for signature verification.
*/ */
void curve448_base_double_scalarmul_non_secret(curve448_point_t combo, void curve448_base_double_scalarmul_non_secret(curve448_point_t combo,

2
crypto/engine/README
View file

@ -26,7 +26,7 @@ algorithm/mode pair are;
EVP_EncryptInit(&ctx, cipher, key, iv); EVP_EncryptInit(&ctx, cipher, key, iv);
[ ... use EVP_EncryptUpdate() and EVP_EncryptFinal() ...] [ ... use EVP_EncryptUpdate() and EVP_EncryptFinal() ...]
(ii) indirectly; (ii) indirectly;
OpenSSL_add_all_ciphers(); OpenSSL_add_all_ciphers();
cipher = EVP_get_cipherbyname("des_cbc"); cipher = EVP_get_cipherbyname("des_cbc");
EVP_EncryptInit(&ctx, cipher, key, iv); EVP_EncryptInit(&ctx, cipher, key, iv);

2
crypto/engine/eng_lib.c
View file

@ -124,7 +124,7 @@ static int int_cleanup_check(int create)
static ENGINE_CLEANUP_ITEM *int_cleanup_item(ENGINE_CLEANUP_CB *cb) static ENGINE_CLEANUP_ITEM *int_cleanup_item(ENGINE_CLEANUP_CB *cb)
{ {
ENGINE_CLEANUP_ITEM *item; ENGINE_CLEANUP_ITEM *item;
if ((item = OPENSSL_malloc(sizeof(*item))) == NULL) { if ((item = OPENSSL_malloc(sizeof(*item))) == NULL) {
ENGINEerr(ENGINE_F_INT_CLEANUP_ITEM, ERR_R_MALLOC_FAILURE); ENGINEerr(ENGINE_F_INT_CLEANUP_ITEM, ERR_R_MALLOC_FAILURE);
return NULL; return NULL;

2
crypto/evp/e_aes.c
View file

@ -3081,7 +3081,7 @@ static int aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
if (out != in if (out != in
|| len < (EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN)) || len < (EVP_GCM_TLS_EXPLICIT_IV_LEN + EVP_GCM_TLS_TAG_LEN))
return -1; return -1;
/* /*
* Check for too many keys as per FIPS 140-2 IG A.5 "Key/IV Pair Uniqueness * Check for too many keys as per FIPS 140-2 IG A.5 "Key/IV Pair Uniqueness
* Requirements from SP 800-38D". The requirements is for one party to the * Requirements from SP 800-38D". The requirements is for one party to the

2
crypto/objects/objects.txt
View file

@ -17,7 +17,7 @@ iso 0 9797 3 4 : GMAC : gmac
# There are no OIDs for these yet... # There are no OIDs for these yet...
: KMAC128 : kmac128 : KMAC128 : kmac128
: KMAC256 : kmac256 : KMAC256 : kmac256
# HMAC OIDs # HMAC OIDs
identified-organization 6 1 5 5 8 1 1 : HMAC-MD5 : hmac-md5 identified-organization 6 1 5 5 8 1 1 : HMAC-MD5 : hmac-md5
identified-organization 6 1 5 5 8 1 2 : HMAC-SHA1 : hmac-sha1 identified-organization 6 1 5 5 8 1 2 : HMAC-SHA1 : hmac-sha1

2
crypto/pem/pem_info.c
View file

@ -297,7 +297,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
goto err; goto err;
} }
/* Create the right magic header stuff */ /* Create the right magic header stuff */
buf[0] = '\0'; buf[0] = '\0';
PEM_proc_type(buf, PEM_TYPE_ENCRYPTED); PEM_proc_type(buf, PEM_TYPE_ENCRYPTED);
PEM_dek_info(buf, objstr, EVP_CIPHER_iv_length(enc), PEM_dek_info(buf, objstr, EVP_CIPHER_iv_length(enc),

2
crypto/srp/srp_vfy.c
View file

@ -187,7 +187,7 @@ void SRP_user_pwd_free(SRP_user_pwd *user_pwd)
SRP_user_pwd *SRP_user_pwd_new(void) SRP_user_pwd *SRP_user_pwd_new(void)
{ {
SRP_user_pwd *ret; SRP_user_pwd *ret;
if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) { if ((ret = OPENSSL_malloc(sizeof(*ret))) == NULL) {
/* SRPerr(SRP_F_SRP_USER_PWD_NEW, ERR_R_MALLOC_FAILURE); */ /*ckerr_ignore*/ /* SRPerr(SRP_F_SRP_USER_PWD_NEW, ERR_R_MALLOC_FAILURE); */ /*ckerr_ignore*/
return NULL; return NULL;

2
demos/bio/accept.cnf
View file

@ -6,7 +6,7 @@ Port = 4433
# Only support 3 curves # Only support 3 curves
Curves = P-521:P-384:P-256 Curves = P-521:P-384:P-256
# Restricted signature algorithms # Restricted signature algorithms
SignatureAlgorithms = RSA+SHA512:ECDSA+SHA512 SignatureAlgorithms = RSA+SHA512:ECDSA+SHA512
Certificate=server.pem Certificate=server.pem
PrivateKey=server.pem PrivateKey=server.pem
ChainCAFile=root.pem ChainCAFile=root.pem

2
demos/bio/connect.cnf
View file

@ -6,4 +6,4 @@ Connect = localhost:4433
# Only support 3 curves # Only support 3 curves
Curves = P-521:P-384:P-256 Curves = P-521:P-384:P-256
# Restricted signature algorithms # Restricted signature algorithms
SignatureAlgorithms = RSA+SHA512:ECDSA+SHA512 SignatureAlgorithms = RSA+SHA512:ECDSA+SHA512

2
demos/bio/descrip.mms
View file

@ -23,7 +23,7 @@ SHARED = TRUE
@ ! @ !
# Because we use an option file, we need to redefine this # Because we use an option file, we need to redefine this
.obj.exe : .obj.exe :
$(LINK) $(LINKFLAGS) $<,OPT:/OPT $(LINK) $(LINKFLAGS) $<,OPT:/OPT
all : client-arg.exe client-conf.exe saccept.exe sconnect.exe - all : client-arg.exe client-conf.exe saccept.exe sconnect.exe -

2
demos/certs/README
View file

@ -8,7 +8,7 @@ automatically using scripts. Example creates a root CA, an intermediate CA
signed by the root and several certificates signed by the intermediate CA. signed by the root and several certificates signed by the intermediate CA.
The script then creates an empty index.txt file and adds entries for the The script then creates an empty index.txt file and adds entries for the
certificates and generates a CRL. Then one certificate is revoked and a certificates and generates a CRL. Then one certificate is revoked and a
second CRL generated. second CRL generated.
The script ocsprun.sh runs the test responder on port 8888 covering the The script ocsprun.sh runs the test responder on port 8888 covering the

2
demos/certs/apps/mkxcerts.sh
View file

@ -13,7 +13,7 @@ CN="OpenSSL Test RSA SHA-512 cert" $OPENSSL req \
-config apps.cnf -extensions usr_cert -x509 -nodes \ -config apps.cnf -extensions usr_cert -x509 -nodes \
-keyout tsha512.pem -out tsha512.pem -new -days 3650 -sha512 -keyout tsha512.pem -out tsha512.pem -new -days 3650 -sha512
# Create EC parameters # Create EC parameters
$OPENSSL ecparam -name P-256 -out ecp256.pem $OPENSSL ecparam -name P-256 -out ecp256.pem
$OPENSSL ecparam -name P-384 -out ecp384.pem $OPENSSL ecparam -name P-384 -out ecp384.pem

2
demos/certs/mkcerts.sh
View file

@ -42,7 +42,7 @@ CN="Test OCSP Responder Cert" $OPENSSL req -config ca.cnf -nodes \
$OPENSSL x509 -req -in respreq.pem -CA intca.pem -CAkey intkey.pem -days 3600 \ $OPENSSL x509 -req -in respreq.pem -CA intca.pem -CAkey intkey.pem -days 3600 \
-extfile ca.cnf -extensions ocsp_cert -CAcreateserial -out resp.pem -extfile ca.cnf -extensions ocsp_cert -CAcreateserial -out resp.pem
# Example creating a PKCS#3 DH certificate. # Example creating a PKCS#3 DH certificate.
# First DH parameters # First DH parameters

2
doc/HOWTO/certificates.txt
View file

@ -106,5 +106,5 @@ some applications, you don't even have to do that.
By now, you have your certificate and your private key and can start By now, you have your certificate and your private key and can start
using applications that depend on it. using applications that depend on it.
-- --
Richard Levitte Richard Levitte

2
doc/HOWTO/proxy_certificates.txt
View file

@ -315,5 +315,5 @@ certificates checked properly, using the code above:
SSL_CTX_set_cert_verify_callback(s_ctx, my_X509_verify_cert, &needed_rights); SSL_CTX_set_cert_verify_callback(s_ctx, my_X509_verify_cert, &needed_rights);
-- --
Richard Levitte Richard Levitte

2
doc/fingerprints.txt
View file

@ -18,7 +18,7 @@ uid Richard Levitte <richard@opensslfoundation.com>
uid Richard Levitte <levitte@openssl.org> uid Richard Levitte <levitte@openssl.org>
uid Richard Levitte <richard@openssl.com> uid Richard Levitte <richard@openssl.com>
pub 2048R/0E604491 2013-04-30 pub 2048R/0E604491 2013-04-30
Key fingerprint = 8657 ABB2 60F0 56B1 E519 0839 D9C4 D26D 0E60 4491 Key fingerprint = 8657 ABB2 60F0 56B1 E519 0839 D9C4 D26D 0E60 4491
uid Matt Caswell <matt@openssl.org> uid Matt Caswell <matt@openssl.org>
uid Matt Caswell <frodo@baggins.org> uid Matt Caswell <frodo@baggins.org>

2
doc/man1/ca.pod
View file

@ -475,7 +475,7 @@ the B<-selfsign> command line option.
Note that it is valid in some circumstances for certificates to be created Note that it is valid in some circumstances for certificates to be created
without any subject. In the case where there are multiple certificates without without any subject. In the case where there are multiple certificates without
subjects this does not count as a duplicate. subjects this does not count as a duplicate.
=item B<serial> =item B<serial>

2
doc/man1/s_server.pod
View file

@ -834,7 +834,7 @@ unknown cipher suites a client says it supports.
L<SSL_CONF_cmd(3)>, L<sess_id(1)>, L<s_client(1)>, L<ciphers(1)> L<SSL_CONF_cmd(3)>, L<sess_id(1)>, L<s_client(1)>, L<ciphers(1)>
L<SSL_CTX_set_max_send_fragment(3)>, L<SSL_CTX_set_max_send_fragment(3)>,
L<SSL_CTX_set_split_send_fragment(3)>, L<SSL_CTX_set_split_send_fragment(3)>,
L<SSL_CTX_set_max_pipelines(3)> L<SSL_CTX_set_max_pipelines(3)>
=head1 HISTORY =head1 HISTORY

2
doc/man3/EVP_PKEY_asn1_get_count.pod
View file

@ -48,7 +48,7 @@ engine that implements it.
EVP_PKEY_asn1_get0_info() returns the public key ID, base public key EVP_PKEY_asn1_get0_info() returns the public key ID, base public key
ID (both NIDs), any flags, the method description and PEM type string ID (both NIDs), any flags, the method description and PEM type string
associated with the public key ASN.1 method B<*ameth>. associated with the public key ASN.1 method B<*ameth>.
EVP_PKEY_asn1_count(), EVP_PKEY_asn1_get0(), EVP_PKEY_asn1_find() and EVP_PKEY_asn1_count(), EVP_PKEY_asn1_get0(), EVP_PKEY_asn1_find() and
EVP_PKEY_asn1_find_str() are not thread safe, but as long as all EVP_PKEY_asn1_find_str() are not thread safe, but as long as all

2
doc/man3/HMAC.pod
View file

@ -91,7 +91,7 @@ because reuse of an existing key with a different digest is not supported.
HMAC_Init() initializes a B<HMAC_CTX> structure to use the hash HMAC_Init() initializes a B<HMAC_CTX> structure to use the hash
function B<evp_md> and the key B<key> which is B<key_len> bytes function B<evp_md> and the key B<key> which is B<key_len> bytes
long. long.
HMAC_Update() can be called repeatedly with chunks of the message to HMAC_Update() can be called repeatedly with chunks of the message to
be authenticated (B<len> bytes at B<data>). be authenticated (B<len> bytes at B<data>).

2
doc/man3/SSL_CTX_set0_CA_list.pod
View file

@ -101,7 +101,7 @@ set CA names using the "client CA list" functions and then get them using the
used on the server side then the "client CA list" functions take precedence. used on the server side then the "client CA list" functions take precedence.
Typically, on the server side, the "client CA list " functions should be used in Typically, on the server side, the "client CA list " functions should be used in
preference. As noted above in most cases it is not necessary to set CA names on preference. As noted above in most cases it is not necessary to set CA names on
the client side. the client side.
SSL_CTX_set0_CA_list() sets the list of CAs to be sent to the peer to SSL_CTX_set0_CA_list() sets the list of CAs to be sent to the peer to
B<name_list>. Ownership of B<name_list> is transferred to B<ctx> and B<name_list>. Ownership of B<name_list> is transferred to B<ctx> and

2
doc/man3/SSL_CTX_set_ctlog_list_file.pod
View file

@ -24,7 +24,7 @@ See L<CTLOG_STORE_new(3)> for the file format.
=head1 NOTES =head1 NOTES
These functions will not clear the existing CT log list - it will be appended These functions will not clear the existing CT log list - it will be appended
to. To replace the existing list, use L<SSL_CTX_set0_ctlog_store> first. to. To replace the existing list, use L<SSL_CTX_set0_ctlog_store> first.
If an error occurs whilst parsing a particular log entry in the file, that log If an error occurs whilst parsing a particular log entry in the file, that log
entry will be skipped. entry will be skipped.

2
doc/man3/SSL_read_early_data.pod
View file

@ -93,7 +93,7 @@ the server.
A client uses the function SSL_write_early_data() to send early data. This A client uses the function SSL_write_early_data() to send early data. This
function is similar to the L<SSL_write_ex(3)> function, but with the following function is similar to the L<SSL_write_ex(3)> function, but with the following
differences. See L<SSL_write_ex(3)> for information on how to write bytes to differences. See L<SSL_write_ex(3)> for information on how to write bytes to
the underlying connection, and how to handle any errors that may arise. This the underlying connection, and how to handle any errors that may arise. This
page describes the differences between SSL_write_early_data() and page describes the differences between SSL_write_early_data() and
L<SSL_write_ex(3)>. L<SSL_write_ex(3)>.

12
include/internal/thread_once.h
View file

@ -13,7 +13,7 @@
* DEFINE_RUN_ONCE: Define an initialiser function that should be run exactly * DEFINE_RUN_ONCE: Define an initialiser function that should be run exactly
* once. It takes no arguments and returns and int result (1 for success or * once. It takes no arguments and returns and int result (1 for success or
* 0 for failure). Typical usage might be: * 0 for failure). Typical usage might be:
* *
* DEFINE_RUN_ONCE(myinitfunc) * DEFINE_RUN_ONCE(myinitfunc)
* { * {
* do_some_initialisation(); * do_some_initialisation();
@ -45,7 +45,7 @@
* exactly once. This function will be declared as static within the file. It * exactly once. This function will be declared as static within the file. It
* takes no arguments and returns and int result (1 for success or 0 for * takes no arguments and returns and int result (1 for success or 0 for
* failure). Typical usage might be: * failure). Typical usage might be:
* *
* DEFINE_RUN_ONCE_STATIC(myinitfunc) * DEFINE_RUN_ONCE_STATIC(myinitfunc)
* { * {
* do_some_initialisation(); * do_some_initialisation();
@ -74,10 +74,10 @@
* is used only one of the primary or the alternative initialiser function will * is used only one of the primary or the alternative initialiser function will
* ever be called - and that function will be called exactly once. Definitition * ever be called - and that function will be called exactly once. Definitition
* of an alternative initialiser function MUST occur AFTER the definition of the * of an alternative initialiser function MUST occur AFTER the definition of the
* primiary initialiser function. * primiary initialiser function.
* *
* Typical usage might be: * Typical usage might be:
* *
* DEFINE_RUN_ONCE_STATIC(myinitfunc) * DEFINE_RUN_ONCE_STATIC(myinitfunc)
* { * {
* do_some_initialisation(); * do_some_initialisation();
@ -86,7 +86,7 @@
* *
* return 0; * return 0;
* } * }
* *
* DEFINE_RUN_ONCE_STATIC_ALT(myaltinitfunc, myinitfunc) * DEFINE_RUN_ONCE_STATIC_ALT(myaltinitfunc, myinitfunc)
* { * {
* do_some_alternative_initialisation(); * do_some_alternative_initialisation();

2
include/internal/tsan_assist.h
View file

@ -6,7 +6,7 @@
* in the file LICENSE in the source distribution or at * in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html * https://www.openssl.org/source/license.html
*/ */
/* /*
* Contemporary compilers implement lock-free atomic memory access * Contemporary compilers implement lock-free atomic memory access
* primitives that facilitate writing "thread-opportunistic" or even real * primitives that facilitate writing "thread-opportunistic" or even real

2
test/README.external
View file

@ -145,7 +145,7 @@ To update the commit for any of the above test suites:
- Enter subdirectory and pull from the repository (use a specific branch/tag if required): - Enter subdirectory and pull from the repository (use a specific branch/tag if required):
$ cd <submodule-dir> $ cd <submodule-dir>
$ git pull origin master $ git pull origin master
- Go to root directory, there should be a new git status: - Go to root directory, there should be a new git status:

2
test/build.info
View file

@ -343,7 +343,7 @@ IF[{- !$disabled{tests} -}]
SOURCE[drbg_cavs_test]=drbg_cavs_test.c drbg_cavs_data_ctr.c \ SOURCE[drbg_cavs_test]=drbg_cavs_test.c drbg_cavs_data_ctr.c \
drbg_cavs_data_hash.c drbg_cavs_data_hmac.c drbg_cavs_data_hash.c drbg_cavs_data_hmac.c
INCLUDE[drbg_cavs_test]=../include . .. INCLUDE[drbg_cavs_test]=../include . ..
DEPEND[drbg_cavs_test]=../libcrypto libtestutil.a DEPEND[drbg_cavs_test]=../libcrypto libtestutil.a

4
test/rdrand_sanitytest.c
View file

@ -1,6 +1,6 @@
/* /*
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
* *
* Licensed under the Apache License 2.0 (the "License"). You may not use * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy * this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at * in the file LICENSE in the source distribution or at
@ -24,7 +24,7 @@ void OPENSSL_cpuid_setup(void);
extern unsigned int OPENSSL_ia32cap_P[4]; extern unsigned int OPENSSL_ia32cap_P[4];
static int sanity_check_bytes(size_t (*rng)(unsigned char *, size_t), static int sanity_check_bytes(size_t (*rng)(unsigned char *, size_t),
int rounds, int min_failures, int max_retries, int max_zero_words) int rounds, int min_failures, int max_retries, int max_zero_words)
{ {
int testresult = 0; int testresult = 0;

2
test/servername_test.c
View file

@ -203,7 +203,7 @@ static int server_setup_sni(void)
/* SNI should have been cleared during handshake */ /* SNI should have been cleared during handshake */
goto end; goto end;
} }
testresult = 1; testresult = 1;
end: end:
SSL_free(serverssl); SSL_free(serverssl);

2
test/testutil/main.c
View file

@ -54,7 +54,7 @@ int main(int argc, char *argv[])
ret = pulldown_test_framework(ret); ret = pulldown_test_framework(ret);
test_close_streams(); test_close_streams();
return ret; return ret;
} }
const char *test_get_program_name(void) const char *test_get_program_name(void)

2
test/tls13secretstest.c
View file

@ -18,7 +18,7 @@
/* /*
* Based on the test vectors availble in: * Based on the test vectors availble in:
* https://tools.ietf.org/html/draft-ietf-tls-tls13-vectors-06 * https://tools.ietf.org/html/draft-ietf-tls-tls13-vectors-06
*/ */
static unsigned char hs_start_hash[] = { static unsigned char hs_start_hash[] = {

2
util/indent.pro
View file

@ -26,7 +26,7 @@
-nprs -nprs
-npsl -npsl
-nsc -nsc
-ppi1 -ppi1
-saf -saf
-sai -sai
-saw -saw

28
util/openssl-format-source
View file

@ -8,18 +8,18 @@
# https://www.openssl.org/source/license.html # https://www.openssl.org/source/license.html
# #
# openssl-format-source # openssl-format-source
# - format source tree according to OpenSSL coding style using indent # - format source tree according to OpenSSL coding style using indent
# #
# usage: # usage:
# openssl-format-source [-v] [-n] [file|directory] ... # openssl-format-source [-v] [-n] [file|directory] ...
# #
# note: the indent options assume GNU indent v2.2.10 which was released # note: the indent options assume GNU indent v2.2.10 which was released
# Feb-2009 so if you have an older indent the options may not # Feb-2009 so if you have an older indent the options may not
# match what is expected # match what is expected
# #
# any marked block comment blocks have to be moved to align manually after # any marked block comment blocks have to be moved to align manually after
# the reformatting has been completed as marking a block causes indent to # the reformatting has been completed as marking a block causes indent to
# not move it at all ... # not move it at all ...
# #
@ -55,17 +55,17 @@ fi
# Extra arguments; for adding the comment-formatting # Extra arguments; for adding the comment-formatting
INDENT_ARGS="" INDENT_ARGS=""
for i for i
do do
if [ "$STOPARGS" != "true" ]; then if [ "$STOPARGS" != "true" ]; then
case $i in case $i in
--) STOPARGS="true"; continue;; --) STOPARGS="true"; continue;;
-n) DONT="true"; continue;; -n) DONT="true"; continue;;
-v) VERBOSE="true"; -v) VERBOSE="true";
echo "INDENT_PROFILE=$INDENT_PROFILE"; echo "INDENT_PROFILE=$INDENT_PROFILE";
continue;; continue;;
-c) COMMENTS="true"; -c) COMMENTS="true";
INDENT_ARGS="-fc1 -fca -cdb -sc"; INDENT_ARGS="-fc1 -fca -cdb -sc";
continue;; continue;;
-nc) COMMENTS="true"; -nc) COMMENTS="true";
continue;; continue;;
@ -76,14 +76,14 @@ do
if [ -d "$i" ]; then if [ -d "$i" ]; then
LIST=`find "$i" -name '*.[ch]' -print` LIST=`find "$i" -name '*.[ch]' -print`
else else
if [ ! -f "$i" ]; then if [ ! -f "$i" ]; then
echo "$0: source file not found: $i" >&2 echo "$0: source file not found: $i" >&2
exit 1 exit 1
fi fi
LIST="$i" LIST="$i"
fi fi
for j in $LIST for j in $LIST
do do
# ignore symlinks - we only ever process the base file - so if we # ignore symlinks - we only ever process the base file - so if we
@ -98,7 +98,7 @@ do
tmp=$(mktemp /tmp/indent.XXXXXX) tmp=$(mktemp /tmp/indent.XXXXXX)
trap 'rm -f "$tmp"' HUP INT TERM EXIT trap 'rm -f "$tmp"' HUP INT TERM EXIT
case `basename $j` in case `basename $j` in
# the list of files that indent is unable to handle correctly # the list of files that indent is unable to handle correctly
# that we simply leave alone for manual formatting now # that we simply leave alone for manual formatting now
obj_dat.h|aes_core.c|aes_x86core.c|ecp_nistz256.c) obj_dat.h|aes_core.c|aes_x86core.c|ecp_nistz256.c)
@ -108,11 +108,11 @@ do
if [ "$COMMENTS" = "true" ]; then if [ "$COMMENTS" = "true" ]; then
# we have to mark single line comments as /*- ...*/ to stop indent # we have to mark single line comments as /*- ...*/ to stop indent
# messing with them, run expand then indent as usual but with the # messing with them, run expand then indent as usual but with the
# the process-comments options and then undo that marking, and then # the process-comments options and then undo that marking, and then
# finally re-run indent without process-comments so the marked-to- # finally re-run indent without process-comments so the marked-to-
# be-ignored comments we did automatically end up getting moved # be-ignored comments we did automatically end up getting moved
# into the right position within the code as indent leaves marked # into the right position within the code as indent leaves marked
# comments entirely untouched - we appear to have no way to avoid # comments entirely untouched - we appear to have no way to avoid
# the double processing and get the desired output # the double processing and get the desired output
cat "$j" | \ cat "$j" | \
expand | \ expand | \

2
util/perl/TLSProxy/Alert.pm
View file

@ -16,7 +16,7 @@ sub new
$encrypted, $encrypted,
$level, $level,
$description) = @_; $description) = @_;
my $self = { my $self = {
server => $server, server => $server,
encrypted => $encrypted, encrypted => $encrypted,

4
util/perl/TLSProxy/Message.pm
View file

@ -238,7 +238,7 @@ sub get_messages
$startoffset = $recoffset; $startoffset = $recoffset;
$recoffset += 4; $recoffset += 4;
$payload = ""; $payload = "";
if ($recoffset <= $record->decrypt_len) { if ($recoffset <= $record->decrypt_len) {
#Some payload data is present in this record #Some payload data is present in this record
if ($record->decrypt_len - $recoffset >= $messlen) { if ($record->decrypt_len - $recoffset >= $messlen) {
@ -410,7 +410,7 @@ sub new
$records, $records,
$startoffset, $startoffset,
$message_frag_lens) = @_; $message_frag_lens) = @_;
my $self = { my $self = {
server => $server, server => $server,
data => $data, data => $data,

2
util/perl/TLSProxy/Record.pm
View file

@ -173,7 +173,7 @@ sub new
$decrypt_len, $decrypt_len,
$data, $data,
$decrypt_data) = @_; $decrypt_data) = @_;
my $self = { my $self = {
flight => $flight, flight => $flight,
content_type => $content_type, content_type => $content_type,

4
util/perl/TLSProxy/ServerHello.pm
View file

@ -25,7 +25,7 @@ sub new
$records, $records,
$startoffset, $startoffset,
$message_frag_lens) = @_; $message_frag_lens) = @_;
my $self = $class->SUPER::new( my $self = $class->SUPER::new(
$server, $server,
TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::MT_SERVER_HELLO,
@ -78,7 +78,7 @@ sub parse
my $extension_data; my $extension_data;
if ($extensions_len != 0) { if ($extensions_len != 0) {
$extension_data = substr($self->data, $ptr); $extension_data = substr($self->data, $ptr);
if (length($extension_data) != $extensions_len) { if (length($extension_data) != $extensions_len) {
die "Invalid extension length\n"; die "Invalid extension length\n";
} }

2
util/perl/TLSProxy/ServerKeyExchange.pm
View file

@ -20,7 +20,7 @@ sub new
$records, $records,
$startoffset, $startoffset,
$message_frag_lens) = @_; $message_frag_lens) = @_;
my $self = $class->SUPER::new( my $self = $class->SUPER::new(
$server, $server,
TLSProxy::Message::MT_SERVER_KEY_EXCHANGE, TLSProxy::Message::MT_SERVER_KEY_EXCHANGE,