diff options
| author | thegeorg <thegeorg@yandex-team.ru> | 2022-02-10 16:45:08 +0300 |
|---|---|---|
| committer | Daniil Cherednik <dcherednik@yandex-team.ru> | 2022-02-10 16:45:08 +0300 |
| commit | 4e839db24a3bbc9f1c610c43d6faaaa99824dcca (patch) | |
| tree | 506dac10f5df94fab310584ee51b24fc5a081c22 /contrib/libs/curl/lib/vtls/vtls.c | |
| parent | 2d37894b1b037cf24231090eda8589bbb44fb6fc (diff) | |
| download | ydb-4e839db24a3bbc9f1c610c43d6faaaa99824dcca.tar.gz | |
Restoring authorship annotation for <thegeorg@yandex-team.ru>. Commit 1 of 2.
Diffstat (limited to 'contrib/libs/curl/lib/vtls/vtls.c')
| -rw-r--r-- | contrib/libs/curl/lib/vtls/vtls.c | 254 |
1 files changed, 127 insertions, 127 deletions
diff --git a/contrib/libs/curl/lib/vtls/vtls.c b/contrib/libs/curl/lib/vtls/vtls.c index 3bd51fdaf2..5da28209a9 100644 --- a/contrib/libs/curl/lib/vtls/vtls.c +++ b/contrib/libs/curl/lib/vtls/vtls.c @@ -5,11 +5,11 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms - * are also available at https://curl.se/docs/copyright.html. + * are also available at https://curl.se/docs/copyright.html. * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is @@ -63,7 +63,7 @@ #include "warnless.h" #include "curl_base64.h" #include "curl_printf.h" -#include "strdup.h" +#include "strdup.h" /* The last #include files should be: */ #include "curl_memory.h" @@ -83,63 +83,63 @@ else \ dest->var = NULL; -#define CLONE_BLOB(var) \ - if(blobdup(&dest->var, source->var)) \ - return FALSE; - -static CURLcode blobdup(struct curl_blob **dest, - struct curl_blob *src) -{ - DEBUGASSERT(dest); - DEBUGASSERT(!*dest); - if(src) { - /* only if there's data to dupe! */ - struct curl_blob *d; - d = malloc(sizeof(struct curl_blob) + src->len); - if(!d) - return CURLE_OUT_OF_MEMORY; - d->len = src->len; - /* Always duplicate because the connection may survive longer than the - handle that passed in the blob. */ - d->flags = CURL_BLOB_COPY; - d->data = (void *)((char *)d + sizeof(struct curl_blob)); - memcpy(d->data, src->data, src->len); - *dest = d; - } - return CURLE_OK; -} - -/* returns TRUE if the blobs are identical */ -static bool blobcmp(struct curl_blob *first, struct curl_blob *second) -{ - if(!first && !second) /* both are NULL */ - return TRUE; - if(!first || !second) /* one is NULL */ - return FALSE; - if(first->len != second->len) /* different sizes */ - return FALSE; - return !memcmp(first->data, second->data, first->len); /* same data */ -} - +#define CLONE_BLOB(var) \ + if(blobdup(&dest->var, source->var)) \ + return FALSE; + +static CURLcode blobdup(struct curl_blob **dest, + struct curl_blob *src) +{ + DEBUGASSERT(dest); + DEBUGASSERT(!*dest); + if(src) { + /* only if there's data to dupe! */ + struct curl_blob *d; + d = malloc(sizeof(struct curl_blob) + src->len); + if(!d) + return CURLE_OUT_OF_MEMORY; + d->len = src->len; + /* Always duplicate because the connection may survive longer than the + handle that passed in the blob. */ + d->flags = CURL_BLOB_COPY; + d->data = (void *)((char *)d + sizeof(struct curl_blob)); + memcpy(d->data, src->data, src->len); + *dest = d; + } + return CURLE_OK; +} + +/* returns TRUE if the blobs are identical */ +static bool blobcmp(struct curl_blob *first, struct curl_blob *second) +{ + if(!first && !second) /* both are NULL */ + return TRUE; + if(!first || !second) /* one is NULL */ + return FALSE; + if(first->len != second->len) /* different sizes */ + return FALSE; + return !memcmp(first->data, second->data, first->len); /* same data */ +} + bool -Curl_ssl_config_matches(struct ssl_primary_config *data, - struct ssl_primary_config *needle) +Curl_ssl_config_matches(struct ssl_primary_config *data, + struct ssl_primary_config *needle) { if((data->version == needle->version) && (data->version_max == needle->version_max) && (data->verifypeer == needle->verifypeer) && (data->verifyhost == needle->verifyhost) && (data->verifystatus == needle->verifystatus) && - blobcmp(data->cert_blob, needle->cert_blob) && + blobcmp(data->cert_blob, needle->cert_blob) && Curl_safe_strcasecompare(data->CApath, needle->CApath) && Curl_safe_strcasecompare(data->CAfile, needle->CAfile) && Curl_safe_strcasecompare(data->clientcert, needle->clientcert) && Curl_safe_strcasecompare(data->random_file, needle->random_file) && Curl_safe_strcasecompare(data->egdsocket, needle->egdsocket) && Curl_safe_strcasecompare(data->cipher_list, needle->cipher_list) && - Curl_safe_strcasecompare(data->cipher_list13, needle->cipher_list13) && - Curl_safe_strcasecompare(data->curves, needle->curves) && - Curl_safe_strcasecompare(data->pinned_key, needle->pinned_key)) + Curl_safe_strcasecompare(data->cipher_list13, needle->cipher_list13) && + Curl_safe_strcasecompare(data->curves, needle->curves) && + Curl_safe_strcasecompare(data->pinned_key, needle->pinned_key)) return TRUE; return FALSE; @@ -156,7 +156,7 @@ Curl_clone_primary_ssl_config(struct ssl_primary_config *source, dest->verifystatus = source->verifystatus; dest->sessionid = source->sessionid; - CLONE_BLOB(cert_blob); + CLONE_BLOB(cert_blob); CLONE_STRING(CApath); CLONE_STRING(CAfile); CLONE_STRING(clientcert); @@ -164,13 +164,13 @@ Curl_clone_primary_ssl_config(struct ssl_primary_config *source, CLONE_STRING(egdsocket); CLONE_STRING(cipher_list); CLONE_STRING(cipher_list13); - CLONE_STRING(pinned_key); - CLONE_STRING(curves); + CLONE_STRING(pinned_key); + CLONE_STRING(curves); return TRUE; } -void Curl_free_primary_ssl_config(struct ssl_primary_config *sslc) +void Curl_free_primary_ssl_config(struct ssl_primary_config *sslc) { Curl_safefree(sslc->CApath); Curl_safefree(sslc->CAfile); @@ -179,9 +179,9 @@ void Curl_free_primary_ssl_config(struct ssl_primary_config *sslc) Curl_safefree(sslc->egdsocket); Curl_safefree(sslc->cipher_list); Curl_safefree(sslc->cipher_list13); - Curl_safefree(sslc->pinned_key); - Curl_safefree(sslc->cert_blob); - Curl_safefree(sslc->curves); + Curl_safefree(sslc->pinned_key); + Curl_safefree(sslc->cert_blob); + Curl_safefree(sslc->curves); } #ifdef USE_SSL @@ -219,9 +219,9 @@ int Curl_ssl_init(void) return Curl_ssl->init(); } -#if defined(CURL_WITH_MULTI_SSL) -static const struct Curl_ssl Curl_ssl_multi; -#endif +#if defined(CURL_WITH_MULTI_SSL) +static const struct Curl_ssl Curl_ssl_multi; +#endif /* Global cleanup */ void Curl_ssl_cleanup(void) @@ -229,9 +229,9 @@ void Curl_ssl_cleanup(void) if(init_ssl) { /* only cleanup if we did a previous init */ Curl_ssl->cleanup(); -#if defined(CURL_WITH_MULTI_SSL) - Curl_ssl = &Curl_ssl_multi; -#endif +#if defined(CURL_WITH_MULTI_SSL) + Curl_ssl = &Curl_ssl_multi; +#endif init_ssl = FALSE; } } @@ -260,7 +260,7 @@ static bool ssl_prefs_check(struct Curl_easy *data) return TRUE; } -#ifndef CURL_DISABLE_PROXY +#ifndef CURL_DISABLE_PROXY static CURLcode ssl_connect_init_proxy(struct connectdata *conn, int sockindex) { @@ -284,20 +284,20 @@ ssl_connect_init_proxy(struct connectdata *conn, int sockindex) } return CURLE_OK; } -#endif +#endif CURLcode Curl_ssl_connect(struct connectdata *conn, int sockindex) { CURLcode result; -#ifndef CURL_DISABLE_PROXY +#ifndef CURL_DISABLE_PROXY if(conn->bits.proxy_ssl_connected[sockindex]) { result = ssl_connect_init_proxy(conn, sockindex); if(result) return result; } -#endif +#endif if(!ssl_prefs_check(conn->data)) return CURLE_SSL_CONNECT_ERROR; @@ -319,13 +319,13 @@ Curl_ssl_connect_nonblocking(struct connectdata *conn, int sockindex, bool *done) { CURLcode result; -#ifndef CURL_DISABLE_PROXY +#ifndef CURL_DISABLE_PROXY if(conn->bits.proxy_ssl_connected[sockindex]) { result = ssl_connect_init_proxy(conn, sockindex); if(result) return result; } -#endif +#endif if(!ssl_prefs_check(conn->data)) return CURLE_SSL_CONNECT_ERROR; @@ -365,27 +365,27 @@ bool Curl_ssl_getsessionid(struct connectdata *conn, size_t *idsize, /* set 0 if unknown */ int sockindex) { - struct Curl_ssl_session *check; + struct Curl_ssl_session *check; struct Curl_easy *data = conn->data; size_t i; long *general_age; bool no_match = TRUE; -#ifndef CURL_DISABLE_PROXY +#ifndef CURL_DISABLE_PROXY const bool isProxy = CONNECT_PROXY_SSL(); struct ssl_primary_config * const ssl_config = isProxy ? &conn->proxy_ssl_config : &conn->ssl_config; - const char * const name = isProxy ? - conn->http_proxy.host.name : conn->host.name; + const char * const name = isProxy ? + conn->http_proxy.host.name : conn->host.name; int port = isProxy ? (int)conn->port : conn->remote_port; -#else - /* no proxy support */ - struct ssl_primary_config * const ssl_config = &conn->ssl_config; - const char * const name = conn->host.name; - int port = conn->remote_port; - (void)sockindex; -#endif +#else + /* no proxy support */ + struct ssl_primary_config * const ssl_config = &conn->ssl_config; + const char * const name = conn->host.name; + int port = conn->remote_port; + (void)sockindex; +#endif *ssl_sessionid = NULL; DEBUGASSERT(SSL_SET_OPTION(primary.sessionid)); @@ -432,7 +432,7 @@ bool Curl_ssl_getsessionid(struct connectdata *conn, /* * Kill a single session ID entry in the cache. */ -void Curl_ssl_kill_session(struct Curl_ssl_session *session) +void Curl_ssl_kill_session(struct Curl_ssl_session *session) { if(session->sessionid) { /* defensive check */ @@ -459,7 +459,7 @@ void Curl_ssl_delsessionid(struct connectdata *conn, void *ssl_sessionid) struct Curl_easy *data = conn->data; for(i = 0; i < data->set.general_ssl.max_ssl_sessions; i++) { - struct Curl_ssl_session *check = &data->state.session[i]; + struct Curl_ssl_session *check = &data->state.session[i]; if(check->sessionid == ssl_sessionid) { Curl_ssl_kill_session(check); @@ -481,29 +481,29 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, { size_t i; struct Curl_easy *data = conn->data; /* the mother of all structs */ - struct Curl_ssl_session *store = &data->state.session[0]; + struct Curl_ssl_session *store = &data->state.session[0]; long oldest_age = data->state.session[0].age; /* zero if unused */ char *clone_host; char *clone_conn_to_host; int conn_to_port; long *general_age; -#ifndef CURL_DISABLE_PROXY +#ifndef CURL_DISABLE_PROXY const bool isProxy = CONNECT_PROXY_SSL(); struct ssl_primary_config * const ssl_config = isProxy ? &conn->proxy_ssl_config : &conn->ssl_config; - const char *hostname = isProxy ? conn->http_proxy.host.name : - conn->host.name; -#else - /* proxy support disabled */ - const bool isProxy = FALSE; - struct ssl_primary_config * const ssl_config = &conn->ssl_config; - const char *hostname = conn->host.name; - (void)sockindex; -#endif + const char *hostname = isProxy ? conn->http_proxy.host.name : + conn->host.name; +#else + /* proxy support disabled */ + const bool isProxy = FALSE; + struct ssl_primary_config * const ssl_config = &conn->ssl_config; + const char *hostname = conn->host.name; + (void)sockindex; +#endif DEBUGASSERT(SSL_SET_OPTION(primary.sessionid)); - clone_host = strdup(hostname); + clone_host = strdup(hostname); if(!clone_host) return CURLE_OUT_OF_MEMORY; /* bail out */ @@ -562,7 +562,7 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn, store->scheme = conn->handler->scheme; if(!Curl_clone_primary_ssl_config(ssl_config, &store->ssl_config)) { - Curl_free_primary_ssl_config(&store->ssl_config); + Curl_free_primary_ssl_config(&store->ssl_config); store->sessionid = NULL; /* let caller free sessionid */ free(clone_host); free(clone_conn_to_host); @@ -590,8 +590,8 @@ void Curl_ssl_close_all(struct Curl_easy *data) } #if defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_SCHANNEL) || \ - defined(USE_SECTRANSP) || defined(USE_NSS) || \ - defined(USE_MBEDTLS) || defined(USE_WOLFSSL) || defined(USE_BEARSSL) + defined(USE_SECTRANSP) || defined(USE_NSS) || \ + defined(USE_MBEDTLS) || defined(USE_WOLFSSL) || defined(USE_BEARSSL) int Curl_ssl_getsock(struct connectdata *conn, curl_socket_t *socks) { struct ssl_connect_data *connssl = &conn->ssl[FIRSTSOCKET]; @@ -624,7 +624,7 @@ void Curl_ssl_close(struct connectdata *conn, int sockindex) { DEBUGASSERT((sockindex <= 1) && (sockindex >= -1)); Curl_ssl->close_one(conn, sockindex); - conn->ssl[sockindex].state = ssl_connection_none; + conn->ssl[sockindex].state = ssl_connection_none; } CURLcode Curl_ssl_shutdown(struct connectdata *conn, int sockindex) @@ -667,13 +667,13 @@ struct curl_slist *Curl_ssl_engines_list(struct Curl_easy *data) */ CURLcode Curl_ssl_initsessions(struct Curl_easy *data, size_t amount) { - struct Curl_ssl_session *session; + struct Curl_ssl_session *session; if(data->state.session) /* this is just a precaution to prevent multiple inits */ return CURLE_OK; - session = calloc(amount, sizeof(struct Curl_ssl_session)); + session = calloc(amount, sizeof(struct Curl_ssl_session)); if(!session) return CURLE_OUT_OF_MEMORY; @@ -752,7 +752,7 @@ CURLcode Curl_ssl_init_certinfo(struct Curl_easy *data, int num) } /* - * 'value' is NOT a null-terminated string + * 'value' is NOT a null-terminated string */ CURLcode Curl_ssl_push_certinfo_len(struct Curl_easy *data, int certnum, @@ -774,10 +774,10 @@ CURLcode Curl_ssl_push_certinfo_len(struct Curl_easy *data, /* sprintf the label and colon */ msnprintf(output, outlen, "%s:", label); - /* memcpy the value (it might not be null-terminated) */ + /* memcpy the value (it might not be null-terminated) */ memcpy(&output[labellen + 1], value, valuelen); - /* null-terminate the output */ + /* null-terminate the output */ output[labellen + 1 + valuelen] = 0; nl = Curl_slist_append_nodup(ci->certinfo[certnum], output); @@ -1152,7 +1152,7 @@ bool Curl_none_false_start(void) CURLcode Curl_none_md5sum(unsigned char *input, size_t inputlen, unsigned char *md5sum, size_t md5len UNUSED_PARAM) { - struct MD5_context *MD5pw; + struct MD5_context *MD5pw; (void)md5len; @@ -1262,8 +1262,8 @@ const struct Curl_ssl *Curl_ssl = &Curl_ssl_schannel; #elif defined(USE_MESALINK) &Curl_ssl_mesalink; -#elif defined(USE_BEARSSL) - &Curl_ssl_bearssl; +#elif defined(USE_BEARSSL) + &Curl_ssl_bearssl; #else #error "Missing struct Curl_ssl for selected SSL backend" #endif @@ -1296,9 +1296,9 @@ static const struct Curl_ssl *available_backends[] = { #if defined(USE_MESALINK) &Curl_ssl_mesalink, #endif -#if defined(USE_BEARSSL) - &Curl_ssl_bearssl, -#endif +#if defined(USE_BEARSSL) + &Curl_ssl_bearssl, +#endif NULL }; @@ -1306,7 +1306,7 @@ static size_t Curl_multissl_version(char *buffer, size_t size) { static const struct Curl_ssl *selected; static char backends[200]; - static size_t backends_len; + static size_t backends_len; const struct Curl_ssl *current; current = Curl_ssl == &Curl_ssl_multi ? available_backends[0] : Curl_ssl; @@ -1318,32 +1318,32 @@ static size_t Curl_multissl_version(char *buffer, size_t size) selected = current; - backends[0] = '\0'; - - for(i = 0; available_backends[i]; ++i) { - char vb[200]; - bool paren = (selected != available_backends[i]); - - if(available_backends[i]->version(vb, sizeof(vb))) { - p += msnprintf(p, end - p, "%s%s%s%s", (p != backends ? " " : ""), - (paren ? "(" : ""), vb, (paren ? ")" : "")); - } + backends[0] = '\0'; + + for(i = 0; available_backends[i]; ++i) { + char vb[200]; + bool paren = (selected != available_backends[i]); + + if(available_backends[i]->version(vb, sizeof(vb))) { + p += msnprintf(p, end - p, "%s%s%s%s", (p != backends ? " " : ""), + (paren ? "(" : ""), vb, (paren ? ")" : "")); + } } - - backends_len = p - backends; + + backends_len = p - backends; } - if(!size) - return 0; - - if(size <= backends_len) { - strncpy(buffer, backends, size - 1); + if(!size) + return 0; + + if(size <= backends_len) { + strncpy(buffer, backends, size - 1); buffer[size - 1] = '\0'; - return size - 1; + return size - 1; } - strcpy(buffer, backends); - return backends_len; + strcpy(buffer, backends); + return backends_len; } static int multissl_init(const struct Curl_ssl *backend) |