return OPENVPN_PLUGIN_FUNC_SUCCESS;
}
- FILE *fp = fopen(name,"w");
+ FILE *fp = fopen(name, "w");
if (!fp)
{
plugin_log(PLOG_ERR, MODULE, "fopen('%s') failed", name);
plugin->mask = OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_FINAL);
plugin->mask |= OPENVPN_PLUGIN_MASK(OPENVPN_PLUGIN_TLS_VERIFY);
- ovpn_note("vpn endpoint type=%s",plugin->type == CLIENT ? "client" : "server");
+ ovpn_note("vpn endpoint type=%s", plugin->type == CLIENT ? "client" : "server");
rv->type_mask = plugin->mask;
rv->handle = (void *)plugin;
VERSIONHELPERAPI
IsWindowsVersionOrGreater(WORD major, WORD minor, WORD servpack)
{
- OSVERSIONINFOEXW vi = {sizeof(vi),major,minor,0,0,{0},servpack};
+ OSVERSIONINFOEXW vi = {sizeof(vi), major, minor, 0, 0, {0}, servpack};
return VerifyVersionInfoW(&vi, VER_MAJORVERSION|VER_MINORVERSION|VER_SERVICEPACKMAJOR,
VerSetConditionMask(VerSetConditionMask(VerSetConditionMask(0,
- VER_MAJORVERSION,VER_GREATER_EQUAL),
- VER_MINORVERSION,VER_GREATER_EQUAL),
+ VER_MAJORVERSION, VER_GREATER_EQUAL),
+ VER_MINORVERSION, VER_GREATER_EQUAL),
VER_SERVICEPACKMAJOR, VER_GREATER_EQUAL));
}
VERSIONHELPERAPI
IsWindowsServer(void)
{
- OSVERSIONINFOEXW vi = {sizeof(vi),0,0,0,0,{0},0,0,0,VER_NT_WORKSTATION};
+ OSVERSIONINFOEXW vi = {sizeof(vi), 0, 0, 0, 0, {0}, 0, 0, 0, VER_NT_WORKSTATION};
return !VerifyVersionInfoW(&vi, VER_PRODUCT_TYPE, VerSetConditionMask(0, VER_PRODUCT_TYPE, VER_EQUAL));
}
int cap = buf_forward_capacity(buf);
if (cap > 0)
{
- strncpynt((char *)ptr,str, cap);
+ strncpynt((char *)ptr, str, cap);
*(buf->data + buf->capacity - 1) = 0; /* windows vsnprintf needs this */
buf->len += (int) strlen((char *)ptr);
ret = true;
c = head[1];
if (c == COMP_ALGV2_LZ4_BYTE) /* packet was compressed */
{
- buf_advance(buf,2);
+ buf_advance(buf, 2);
do_lz4_decompress(zlen_max, &work, buf, compctx);
}
else if (c == COMP_ALGV2_UNCOMPRESSED_BYTE)
{
- buf_advance(buf,2);
+ buf_advance(buf, 2);
}
else
{
ASSERT(0 == mbedtls_md_setup(ctx_tmp, md_kt, 1));
ASSERT(0 == mbedtls_md_hmac_starts(ctx_tmp, sec, sec_len));
- hmac_ctx_update(ctx,seed,seed_len);
+ hmac_ctx_update(ctx, seed, seed_len);
hmac_ctx_final(ctx, A1);
for (;; )
if (len > ECDSA_size(ec))
{
ECDSA_SIG_free(s);
- msg(M_NONFATAL,"Error in cryptoapicert: DER encoded ECDSA signature is too long (%d bytes)", len);
+ msg(M_NONFATAL, "Error in cryptoapicert: DER encoded ECDSA signature is too long (%d bytes)", len);
return 0;
}
*siglen = i2d_ECDSA_SIG(s, &sig);
* --------------------------------------------------------------------
*/
-#define mix(a,b,c) \
+#define mix(a, b, c) \
{ \
a -= b; a -= c; a ^= (c>>13); \
b -= c; b -= a; b ^= (a<<8); \
CLEAR(up);
strncpy(up.username, msg, sizeof(up.username)-1);
- management_query_user_pass(management, &up, command, GET_USER_PASS_NEED_OK,(void *) 0);
+ management_query_user_pass(management, &up, command, GET_USER_PASS_NEED_OK, (void *) 0);
return strcmp("ok", up.password)==0;
}
{
struct user_pass up;
CLEAR(up);
- strcpy(up.username,"tunmethod");
+ strcpy(up.username, "tunmethod");
management_query_user_pass(management, &up, "PERSIST_TUN_ACTION",
- GET_USER_PASS_NEED_OK,(void *) 0);
+ GET_USER_PASS_NEED_OK, (void *) 0);
if (!strcmp("NOACTION", up.password))
{
return ANDROID_KEEP_OLD_TUN;
#ifdef TARGET_ANDROID
if (man->connection.fdtosend > 0)
{
- sent = man_send_with_fd(man->connection.sd_cli, BPTR(buf), len, MSG_NOSIGNAL,man->connection.fdtosend);
+ sent = man_send_with_fd(man->connection.sd_cli, BPTR(buf), len, MSG_NOSIGNAL, man->connection.fdtosend);
man->connection.fdtosend = -1;
}
else
}
else
{
- buf_printf(&out,"CMSG=%d|", cmsg->cmsg_type);
+ buf_printf(&out, "CMSG=%d|", cmsg->cmsg_type);
}
}
else if (cmsg->cmsg_level == IPPROTO_IPV6)
}
else
{
- buf_printf(&out,"CMSG=%d|", cmsg->cmsg_type);
+ buf_printf(&out, "CMSG=%d|", cmsg->cmsg_type);
}
}
}
addr_v4.ipv4 = htonl(*addr);
msg(M_INFO, "%s: %s/%d dev %s", __func__,
- inet_ntop(AF_INET, &addr_v4.ipv4, buf, sizeof(buf)), prefixlen,iface);
+ inet_ntop(AF_INET, &addr_v4.ipv4, buf, sizeof(buf)), prefixlen, iface);
return sitnl_addr_add(AF_INET, iface, &addr_v4, prefixlen);
}
#ifdef ENABLE_MANAGEMENT
if ((o->management_flags & MF_EXTERNAL_CERT))
{
- SHOW_PARM("cert_file","EXTERNAL_CERT","%s");
+ SHOW_PARM("cert_file", "EXTERNAL_CERT", "%s");
}
else
#endif
#ifdef ENABLE_MANAGEMENT
if ((o->management_flags & MF_EXTERNAL_KEY))
{
- SHOW_PARM("priv_key_file","EXTERNAL_PRIVATE_KEY","%s");
+ SHOW_PARM("priv_key_file", "EXTERNAL_PRIVATE_KEY", "%s");
}
else
#endif
}
char *
-options_string_extract_option(const char *options_string,const char *opt_name,
+options_string_extract_option(const char *options_string, const char *opt_name,
struct gc_arena *gc)
{
char *ret = NULL;
{
VERIFY_PERMISSION(OPT_P_INSTANCE);
msg(D_PUSH, "PUSH_REMOVE '%s'", p[1]);
- push_remove_option(options,p[1]);
+ push_remove_option(options, p[1]);
}
else if (streq(p[0], "ifconfig-pool") && p[1] && p[2] && !p[4])
{
{
msg(D_XKEY, "xkey_pkcs11h_sign: signing with RSA key: padmode = %s",
sigalg.padmode);
- if (!strcmp(sigalg.padmode,"none"))
+ if (!strcmp(sigalg.padmode, "none"))
{
mech.mechanism = CKM_RSA_X_509;
}
*/
if (h >= 0)
{
- msg(M_INFO, "succeeded -> ifconfig_pool_set(hand=%d)",h);
+ msg(M_INFO, "succeeded -> ifconfig_pool_set(hand=%d)", h);
ifconfig_pool_set(pool, cn_buf, h, persist->fixed);
}
}
msg(M_WARN|M_ERRNO, "PORT SHARE PROXY: cannot create socket");
return false;
}
- status = openvpn_connect(sd_server,(const struct sockaddr *) &server_addr, 5, NULL);
+ status = openvpn_connect(sd_server, (const struct sockaddr *) &server_addr, 5, NULL);
if (status)
{
msg(M_WARN, "PORT SHARE PROXY: connect to port-share server failed");
#define ADVANCE(x, n) (x += ROUNDUP((n)->sa_len))
#endif
-#define max(a,b) ((a) > (b) ? (a) : (b))
+#define max(a, b) ((a) > (b) ? (a) : (b))
void
get_default_gateway(struct route_gateway_info *rgi, openvpn_net_ctx_t *ctx)
if (pid == (pid_t)0) /* child side */
{
close(pipe_stdout[0]); /* Close read end */
- dup2(pipe_stdout[1],1);
+ dup2(pipe_stdout[1], 1);
execve(cmd, argv, envp);
exit(OPENVPN_EXECVE_FAILURE);
}
if (!(flags & GETADDR_RESOLVE) || status == EAI_FAIL)
{
msg(msglevel, "RESOLVE: Cannot parse IP address: %s:%s (%s)",
- print_hostname,print_servname, gai_strerror(status));
+ print_hostname, print_servname, gai_strerror(status));
goto done;
}
ASSERT(cur);
msg(msglevel, "%s link local (bound): %s",
proto2ascii(sock->info.proto, sock->info.af, true),
- print_sockaddr(cur->ai_addr,&gc));
+ print_sockaddr(cur->ai_addr, &gc));
}
else
{
"TCP/UDP: Incoming packet rejected from %s[%d], expected peer address: %s (allow this incoming source address/port by removing --remote or adding --float)",
print_link_socket_actual(from_addr, &gc),
(int)from_addr->dest.addr.sa.sa_family,
- print_sockaddr_ex(info->lsa->remote_list->ai_addr,":",PS_SHOW_PORT, &gc));
+ print_sockaddr_ex(info->lsa->remote_list->ai_addr, ":", PS_SHOW_PORT, &gc));
/* print additional remote addresses */
for (ai = info->lsa->remote_list->ai_next; ai; ai = ai->ai_next)
{
- msg(D_LINK_ERRORS,"or from peer address: %s",
- print_sockaddr_ex(ai->ai_addr,":",PS_SHOW_PORT, &gc));
+ msg(D_LINK_ERRORS, "or from peer address: %s",
+ print_sockaddr_ex(ai->ai_addr, ":", PS_SHOW_PORT, &gc));
}
break;
}
if (status!=0)
{
- buf_printf(&out,"[nameinfo() err: %s]",gai_strerror(status));
+ buf_printf(&out, "[nameinfo() err: %s]", gai_strerror(status));
return BSTR(&out);
}
return addr->sa_family == AF_INET || addr->sa_family == AF_INET6;
}
-int addr_guess_family(sa_family_t af,const char *name);
+int addr_guess_family(sa_family_t af, const char *name);
static inline int
af_addr_size(sa_family_t af)
tls_peer_ncp_list(const char *peer_info, struct gc_arena *gc)
{
/* Check if the peer sends the IV_CIPHERS list */
- const char *iv_ciphers = extract_var_peer_info(peer_info,"IV_CIPHERS=", gc);
+ const char *iv_ciphers = extract_var_peer_info(peer_info, "IV_CIPHERS=", gc);
if (iv_ciphers)
{
return iv_ciphers;
}
void
-convert_tls_list_to_openssl(char *openssl_ciphers, size_t len,const char *ciphers)
+convert_tls_list_to_openssl(char *openssl_ciphers, size_t len, const char *ciphers)
{
/* Parse supplied cipher list and pass on to OpenSSL */
size_t begin_of_cipher, end_of_cipher;
for (i = 0; i < sk_X509_num(ca); i++)
{
X509_STORE *cert_store = SSL_CTX_get_cert_store(ctx->ctx);
- if (!X509_STORE_add_cert(cert_store,sk_X509_value(ca, i)))
+ if (!X509_STORE_add_cert(cert_store, sk_X509_value(ca, i)))
{
- crypto_msg(M_FATAL,"Cannot add certificate to certificate chain (X509_STORE_add_cert)");
+ crypto_msg(M_FATAL, "Cannot add certificate to certificate chain (X509_STORE_add_cert)");
}
if (!SSL_CTX_add_client_CA(ctx->ctx, sk_X509_value(ca, i)))
{
- crypto_msg(M_FATAL,"Cannot add certificate to client CA list (SSL_CTX_add_client_CA)");
+ crypto_msg(M_FATAL, "Cannot add certificate to client CA list (SSL_CTX_add_client_CA)");
}
}
}
{
for (i = 0; i < sk_X509_num(ca); i++)
{
- if (!SSL_CTX_add_extra_chain_cert(ctx->ctx,sk_X509_value(ca, i)))
+ if (!SSL_CTX_add_extra_chain_cert(ctx->ctx, sk_X509_value(ca, i)))
{
crypto_msg(M_FATAL, "Cannot add extra certificate to chain (SSL_CTX_add_extra_chain_cert)");
}
char *x509_username_field, X509 *peer_cert)
{
#ifdef ENABLE_X509ALTUSERNAME
- if (strncmp("ext:",x509_username_field,4) == 0)
+ if (strncmp("ext:", x509_username_field, 4) == 0)
{
if (!extract_x509_extension(peer_cert, x509_username_field+4, common_name, cn_len))
{
/* branch prediction hints */
#if defined(__GNUC__)
-#define likely(x) __builtin_expect((x),1)
-#define unlikely(x) __builtin_expect((x),0)
+#define likely(x) __builtin_expect((x), 1)
+#define unlikely(x) __builtin_expect((x), 0)
#else
#define likely(x) (x)
#define unlikely(x) (x)
/* MSVC headers do not define this macro, so do it here */
#ifndef IN6_ARE_ADDR_EQUAL
-#define IN6_ARE_ADDR_EQUAL(a,b) \
+#define IN6_ARE_ADDR_EQUAL(a, b) \
(memcmp((const void *)(a), (const void *)(b), sizeof(struct in6_addr)) == 0)
#endif
else if (!strcmp(alg.padmode, "pss") && (flags & MF_EXTERNAL_KEY_PSSPAD))
{
openvpn_snprintf(alg_str, sizeof(alg_str), "%s,hashalg=%s,saltlen=%s",
- "RSA_PKCS1_PSS_PADDING", alg.mdname,alg.saltlen);
+ "RSA_PKCS1_PSS_PADDING", alg.mdname, alg.saltlen);
}
else
{
DIG_INFO dinfo[] = {MAKE_DI(sha1), MAKE_DI(sha256), MAKE_DI(sha384),
MAKE_DI(sha512), MAKE_DI(sha224), MAKE_DI(sha512_224),
- MAKE_DI(sha512_256), {0,NULL,0}};
+ MAKE_DI(sha512_256), {0, NULL, 0}};
int out_len = 0;
int ret = 0;
int nid;
const char *name;
} digest_names[] = {{NID_md5_sha1, "MD5-SHA1"}, {NID_sha1, "SHA1"},
- {NID_sha224, "SHA224",}, {NID_sha256, "SHA256"}, {NID_sha384, "SHA384"},
+ {NID_sha224, "SHA224", }, {NID_sha256, "SHA256"}, {NID_sha384, "SHA384"},
{NID_sha512, "SHA512"}, {0, NULL}};
/* Use of NIDs as opposed to EVP_MD_fetch is okay here
* as these are only used for converting names passed in
static const OSSL_PARAM *
signature_gettable_ctx_params(void *ctx, void *provctx)
{
- xkey_dmsg(D_XKEY,"entry");
+ xkey_dmsg(D_XKEY, "entry");
static OSSL_PARAM gettable[] = { OSSL_PARAM_END }; /* Empty list */
char temp[templen+1];
temp[0] = 0;
- scratch = strstr(searching,searchfor);
+ scratch = strstr(searching, searchfor);
if (!scratch)
{
return strdup(tosearch);
while (scratch)
{
- strncat(temp,searching,scratch-searching);
- strcat(temp,replacewith);
+ strncat(temp, searching, scratch-searching);
+ strcat(temp, replacewith);
searching = scratch+strlen(searchfor);
- scratch = strstr(searching,searchfor);
+ scratch = strstr(searching, searchfor);
}
return strdup(temp);
}
client_peer_info = "foo=bar\nIV_foo=y\nIV_NCP=2";
peer_list = tls_peer_ncp_list(client_peer_info, &gc);
- assert_string_equal(aes_ciphers,peer_list);
+ assert_string_equal(aes_ciphers, peer_list);
assert_true(tls_peer_supports_ncp(client_peer_info));
client_peer_info = "foo=bar\nIV_foo=y\nIV_NCP=2\nIV_CIPHERS=BF-CBC";
"none", &gc);
assert_string_equal(best_cipher, "none");
- best_cipher = ncp_get_best_cipher(serverlist, NULL,NULL, &gc);
+ best_cipher = ncp_get_best_cipher(serverlist, NULL, NULL, &gc);
assert_ptr_equal(best_cipher, NULL);
gc_free(&gc);
const uint8_t client_control_with_ack[] = {
0x20, 0x78, 0x19, 0xbf, 0x2e, 0xbc, 0xd1, 0x9a,
0x45, 0x01, 0x00, 0x00, 0x00, 0x00, 0xea,
- 0xfe,0xbf, 0xa4, 0x41, 0x8a, 0xe3, 0x1b,
+ 0xfe, 0xbf, 0xa4, 0x41, 0x8a, 0xe3, 0x1b,
0x00, 0x00, 0x00, 0x01, 0x16, 0x03, 0x01
};
now = 1005;
struct session_id server_id = calculate_session_id_hmac(client_id, &addr, hmac, handwindow, 0);
- struct session_id expected_server_id = { {0xba, 0x83, 0xa9, 0x00, 0x72, 0xbd,0x93, 0xba }};
+ struct session_id expected_server_id = { {0xba, 0x83, 0xa9, 0x00, 0x72, 0xbd, 0x93, 0xba }};
assert_memory_equal(expected_server_id.id, server_id.id, SID_SIZE);
struct session_id server_id_m1 = calculate_session_id_hmac(client_id, &addr, hmac, handwindow, -1);
/* Assure repeated generation of reset is deterministic/stateless*/
reset_packet_id_send(&tas_client.tls_wrap.opt.packet_id.send);
- struct buffer buf2 = tls_reset_standalone(&tas_client.tls_wrap, &tas_client, &client_id, &server_id, header,false);
+ struct buffer buf2 = tls_reset_standalone(&tas_client.tls_wrap, &tas_client, &client_id, &server_id, header, false);
assert_int_equal(BLEN(&buf), BLEN(&buf2));
assert_memory_equal(BPTR(&buf), BPTR(&buf2), BLEN(&buf));
static void
init_test()
{
- prov[0] = OSSL_PROVIDER_load(NULL,"default");
+ prov[0] = OSSL_PROVIDER_load(NULL, "default");
OSSL_PROVIDER_add_builtin(NULL, prov_name, xkey_provider_init);
prov[1] = OSSL_PROVIDER_load(NULL, prov_name);
char DUMMY[] = "DUMMY";
- assert_null(searchandreplace(NULL,DUMMY,DUMMY));
- assert_null(searchandreplace(DUMMY,NULL,DUMMY));
- assert_null(searchandreplace(DUMMY,DUMMY,NULL));
+ assert_null(searchandreplace(NULL, DUMMY, DUMMY));
+ assert_null(searchandreplace(DUMMY, NULL, DUMMY));
+ assert_null(searchandreplace(DUMMY, DUMMY, NULL));
}
static void
char DUMMY[] = "DUMMY";
char EMPTY[] = "";
- assert_null(searchandreplace(EMPTY,DUMMY,DUMMY));
- assert_null(searchandreplace(DUMMY,EMPTY,DUMMY));
- assert_null(searchandreplace(DUMMY,DUMMY,EMPTY));
+ assert_null(searchandreplace(EMPTY, DUMMY, DUMMY));
+ assert_null(searchandreplace(DUMMY, EMPTY, DUMMY));
+ assert_null(searchandreplace(DUMMY, DUMMY, EMPTY));
}
static void
replace_single_char__one_time__match_is_replaced()
{
- char *replaced = searchandreplace("X","X","Y");
+ char *replaced = searchandreplace("X", "X", "Y");
assert_non_null(replaced);
assert_string_equal("Y", replaced);
static void
replace_single_char__multiple_times__match_all_matches_are_replaced()
{
- char *replaced = searchandreplace("XaX","X","Y");
+ char *replaced = searchandreplace("XaX", "X", "Y");
assert_non_null(replaced);
assert_string_equal("YaY", replaced);
static void
replace_longer_text__multiple_times__match_all_matches_are_replaced()
{
- char *replaced = searchandreplace("XXaXX","XX","YY");
+ char *replaced = searchandreplace("XXaXX", "XX", "YY");
assert_non_null(replaced);
assert_string_equal("YYaYY", replaced);
static void
pattern_not_found__returns_original()
{
- char *replaced = searchandreplace("abc","X","Y");
+ char *replaced = searchandreplace("abc", "X", "Y");
assert_non_null(replaced);
assert_string_equal("abc", replaced);
projects / thirdparty / openvpn.git / commitdiff
