Commit 222d1451 authored by Nick Andrew's avatar Nick Andrew Committed by David Woodhouse

Whitespace cleanups

Remove trailing blanks; put whitespace around operators as
appropriate.
Signed-off-by: default avatarNick Andrew <nick@nick-andrew.net>
Signed-off-by: default avatarDavid Woodhouse <David.Woodhouse@intel.com>
parent 7b9dfa8f
......@@ -146,7 +146,7 @@ such a program is covered only if its contents constitute a work based
on the Library (independent of the use of the Library in a tool for
writing it). Whether that is true depends on what the Library does
and what the program that uses the Library does.
1. You may copy and distribute verbatim copies of the Library's
complete source code as you receive it, in any medium, provided that
you conspicuously and appropriately publish on each copy an
......
......@@ -28,7 +28,7 @@ shouldn't be particularly hard. We already know how the 64-bit tokens
work: http://seclists.org/bugtraq/2000/Dec/0459.html
For the 128-bit tokens, they just use a standard AES algorithm instead
of their own 'speshul' hash. A basic description of it can be found at
of their own 'speshul' hash. A basic description of it can be found at
http://www.velocityreviews.com/forums/t367596-aes-securid-token.html
If we just work out how the input bits are fed into the hash, and work
......
......@@ -35,7 +35,7 @@
/*
* Data packets are encapsulated in the SSL stream as follows:
*
*
* 0000: Magic "STF\x1"
* 0004: Big-endian 16-bit length (not including 8-byte header)
* 0006: Byte packet type (see openconnect.h)
......@@ -109,7 +109,7 @@ static int start_cstp_connection(struct openconnect_info *vpninfo)
if (!retried) {
retried = 1;
openconnect_close_https(vpninfo);
if (openconnect_open_https(vpninfo)) {
vpninfo->progress(vpninfo, PRG_ERR,
"Failed to open HTTPS connection to %s\n",
......@@ -125,7 +125,7 @@ static int start_cstp_connection(struct openconnect_info *vpninfo)
if (!strncmp(buf, "HTTP/1.1 503 ", 13)) {
/* "Service Unavailable. Why? */
char *reason = "<unknown>";
while ((i=openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) {
while ((i = openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) {
if (!strncmp(buf, "X-Reason: ", 10)) {
reason = buf + 10;
break;
......@@ -135,7 +135,7 @@ static int start_cstp_connection(struct openconnect_info *vpninfo)
reason);
return -EINVAL;
}
vpninfo->progress(vpninfo, PRG_ERR,
vpninfo->progress(vpninfo, PRG_ERR,
"Got inappropriate HTTP CONNECT response: %s\n",
buf);
if (!strncmp(buf, "HTTP/1.1 401 ", 13))
......@@ -149,7 +149,7 @@ static int start_cstp_connection(struct openconnect_info *vpninfo)
/* We may have advertised it, but we only do it if the server agrees */
vpninfo->deflate = 0;
while ((i=openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) {
while ((i = openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) {
struct vpn_option *new_option;
char *colon = strchr(buf, ':');
if (!colon)
......@@ -198,7 +198,7 @@ static int start_cstp_connection(struct openconnect_info *vpninfo)
if (!strcmp(colon, "deflate"))
vpninfo->deflate = 1;
else {
vpninfo->progress(vpninfo, PRG_ERR,
vpninfo->progress(vpninfo, PRG_ERR,
"Unknown CSTP-Content-Encoding %s\n",
colon);
return -EINVAL;
......@@ -275,8 +275,8 @@ static int start_cstp_connection(struct openconnect_info *vpninfo)
vpninfo->progress(vpninfo, PRG_INFO, "CSTP connected. DPD %d, Keepalive %d\n",
vpninfo->ssl_times.dpd, vpninfo->ssl_times.keepalive);
BIO_set_nbio(SSL_get_rbio(vpninfo->https_ssl),1);
BIO_set_nbio(SSL_get_wbio(vpninfo->https_ssl),1);
BIO_set_nbio(SSL_get_rbio(vpninfo->https_ssl), 1);
BIO_set_nbio(SSL_get_wbio(vpninfo->https_ssl), 1);
fcntl(vpninfo->ssl_fd, F_SETFL, fcntl(vpninfo->ssl_fd, F_GETFL) | O_NONBLOCK);
if (vpninfo->select_nfds <= vpninfo->ssl_fd)
......@@ -294,7 +294,7 @@ int make_cstp_connection(struct openconnect_info *vpninfo)
{
int ret;
if (!vpninfo->https_ssl && (ret=openconnect_open_https(vpninfo)))
if (!vpninfo->https_ssl && (ret = openconnect_open_https(vpninfo)))
return ret;
if (vpninfo->deflate) {
......@@ -328,7 +328,7 @@ static int cstp_reconnect(struct openconnect_info *vpninfo)
int ret;
int timeout;
int interval;
timeout = vpninfo->reconnect_timeout;
interval = vpninfo->reconnect_interval;
......@@ -377,7 +377,7 @@ static int inflate_and_queue_packet(struct openconnect_info *vpninfo, int type,
vpninfo->inflate_adler32 = adler32(vpninfo->inflate_adler32,
new->data, new->len);
if (vpninfo->inflate_adler32 != ntohl( *(uint32_t *)(buf + len - 4))) {
if (vpninfo->inflate_adler32 != ntohl( *(uint32_t *) (buf + len - 4) )) {
vpninfo->quit_reason = "Compression (inflate) adler32 failure";
}
......@@ -484,7 +484,7 @@ int cstp_mainloop(struct openconnect_info *vpninfo, int *timeout)
/* If SSL_write() fails we are expected to try again. With exactly
the same data, at exactly the same location. So we keep the
the same data, at exactly the same location. So we keep the
packet we had before.... */
if (vpninfo->current_ssl_pkt) {
handle_outgoing:
......@@ -548,7 +548,7 @@ int cstp_mainloop(struct openconnect_info *vpninfo, int *timeout)
vpninfo->progress(vpninfo, PRG_ERR, "CSTP Dead Peer Detection detected dead peer!\n");
openconnect_close_https(vpninfo);
/* It's already deflated in the old stream. Extremely
/* It's already deflated in the old stream. Extremely
non-trivial to reconstitute it; just throw it away */
if (vpninfo->current_ssl_pkt == vpninfo->deflate_pkt)
vpninfo->current_ssl_pkt = NULL;
......@@ -657,7 +657,7 @@ int cstp_bye(struct openconnect_info *vpninfo, char *reason)
bye_pkt = malloc(reason_len + 8);
if (!bye_pkt)
return -ENOMEM;
memcpy(bye_pkt, data_hdr, 8);
memcpy(bye_pkt + 8, reason, reason_len);
......
......@@ -51,7 +51,7 @@ int RAND_pseudo_bytes(char *buf, int len)
memset(buf, 0x5a, len);
printf("FAKE PSEUDO RANDOM!\n");
return 1;
}
int RAND_bytes(char *buf, int len)
{
......@@ -73,8 +73,8 @@ int RAND_bytes(char *buf, int len)
* was in OpenSSL 0.9.8e -- it includes backports of some later
* OpenSSL patches.
*
* The openssl/ directory of this source tree should contain both a
* small patch against OpenSSL 0.9.8e to make it support Cisco's
* The openssl/ directory of this source tree should contain both a
* small patch against OpenSSL 0.9.8e to make it support Cisco's
* snapshot of the protocol, and a larger patch against newer OpenSSL
* which gives us an option to use the old protocol again.
*
......@@ -86,7 +86,7 @@ int RAND_bytes(char *buf, int len)
* number when calculating the MAC, the server still seems to be ignoring
* my subsequent data packets. So we use the old protocol, which is what
* their clients use anyway.
*/
*/
static unsigned char nybble(unsigned char n)
{
......@@ -114,7 +114,7 @@ int connect_dtls_socket(struct openconnect_info *vpninfo)
perror("Open UDP socket for DTLS:");
return -EINVAL;
}
if (connect(dtls_fd, vpninfo->peer_addr, vpninfo->peer_addrlen)) {
perror("UDP (DTLS) connect:\n");
close(dtls_fd);
......@@ -122,7 +122,7 @@ int connect_dtls_socket(struct openconnect_info *vpninfo)
}
fcntl(dtls_fd, F_SETFD, FD_CLOEXEC);
https_cipher = SSL_get_current_cipher(vpninfo->https_ssl);
if (!vpninfo->dtls_ctx) {
......@@ -144,7 +144,7 @@ int connect_dtls_socket(struct openconnect_info *vpninfo)
if (!vpninfo->dtls_session) {
vpninfo->progress(vpninfo, PRG_ERR, "Initialise DTLSv1 session failed\n");
return -EINVAL;
}
}
vpninfo->dtls_session->ssl_version = 0x0100; // DTLS1_BAD_VER
vpninfo->dtls_session->master_key_length = sizeof(vpninfo->dtls_secret);
......@@ -185,14 +185,14 @@ int connect_dtls_socket(struct openconnect_info *vpninfo)
SSL_set_options(dtls_ssl, SSL_OP_CISCO_ANYCONNECT);
/* Set non-blocking */
BIO_set_nbio(SSL_get_rbio(dtls_ssl),1);
BIO_set_nbio(SSL_get_wbio(dtls_ssl),1);
BIO_set_nbio(SSL_get_rbio(dtls_ssl), 1);
BIO_set_nbio(SSL_get_wbio(dtls_ssl), 1);
fcntl(dtls_fd, F_SETFL, fcntl(dtls_fd, F_GETFL) | O_NONBLOCK);
vpninfo->new_dtls_fd = dtls_fd;
vpninfo->new_dtls_ssl = dtls_ssl;
if (vpninfo->select_nfds <= dtls_fd)
vpninfo->select_nfds = dtls_fd + 1;
......@@ -311,7 +311,7 @@ int setup_dtls(struct openconnect_info *vpninfo)
} else if (!strcmp(dtls_opt->option + 7, "Rekey-Time")) {
vpninfo->dtls_times.rekey = atol(dtls_opt->value);
}
dtls_opt = dtls_opt->next;
}
if (!sessid_found || !dtls_port)
......@@ -329,7 +329,7 @@ int setup_dtls(struct openconnect_info *vpninfo)
return -EINVAL;
}
if (connect_dtls_socket(vpninfo))
return -EINVAL;
......@@ -383,7 +383,7 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
"Unknown DTLS packet type %02x, len %d\n", buf[0], len);
if (1) {
/* Some versions of OpenSSL have bugs with receiving out-of-order
* packets. Not only do they wrongly decide to drop packets if
* packets. Not only do they wrongly decide to drop packets if
* two packets get swapped in transit, but they also _fail_ to
* drop the packet in non-blocking mode; instead they return
* the appropriate length of garbage. So don't abort... for now. */
......@@ -452,7 +452,7 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
/* One byte of header */
this->hdr[7] = AC_PKT_DATA;
ret = SSL_write(vpninfo->dtls_ssl, &this->hdr[7], this->len + 1);
if (ret <= 0) {
ret = SSL_get_error(vpninfo->dtls_ssl, ret);
......@@ -460,7 +460,7 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout)
/* If it's a real error, kill the DTLS connection and
requeue the packet to be sent over SSL */
if (ret != SSL_ERROR_WANT_READ && ret != SSL_ERROR_WANT_WRITE) {
vpninfo->progress(vpninfo, PRG_ERR,
vpninfo->progress(vpninfo, PRG_ERR,
"DTLS got write error %d. Falling back to SSL\n", ret);
ERR_print_errors_fp(stderr);
dtls_restart(vpninfo);
......
......@@ -40,7 +40,7 @@
#include "openconnect.h"
/*
* We didn't really want to have to do this for ourselves -- one might have
* We didn't really want to have to do this for ourselves -- one might have
* thought that it would be available in a library somewhere. But neither
* cURL nor Neon have reliable cross-platform ways of either using a cert
* from the TPM, or just reading from / writing to a transport which is
......@@ -76,7 +76,7 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result,
vpninfo->progress(vpninfo, PRG_TRACE, "Got HTTP response: %s\n", buf);
/* Eat headers... */
while ((i=openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) {
while ((i = openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) {
char *colon;
vpninfo->progress(vpninfo, PRG_TRACE, "%s\n", buf);
......@@ -200,7 +200,7 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result,
}
/* ... else, chunked */
while ((i=openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) {
while ((i = openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) {
int chunklen, lastchunk = 0;
if (i < 0) {
......@@ -227,7 +227,7 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result,
done += i;
}
skip:
if ((i=openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) {
if ((i = openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) {
if (i < 0) {
vpninfo->progress(vpninfo, PRG_ERR, "Error fetching HTTP response body\n");
} else {
......@@ -237,7 +237,7 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result,
return -EINVAL;
}
if (lastchunk)
if (lastchunk)
break;
}
fin:
......@@ -314,7 +314,7 @@ static int parse_auth_choice(struct openconnect_info *vpninfo,
vpninfo->progress(vpninfo, PRG_ERR, "Form choice has no name\n");
return -EINVAL;
}
for (xml_node = xml_node->children; xml_node; xml_node = xml_node->next) {
char *authtype, *form_id, *override_name, *override_label, *auth_content;
if (xml_node->type != XML_ELEMENT_NODE)
......@@ -398,7 +398,7 @@ static int parse_form(struct openconnect_info *vpninfo, char *auth_id,
for (xml_node = xml_node->children; xml_node; xml_node = xml_node->next) {
char *input_type, *input_name, *input_label;
if (xml_node->type != XML_ELEMENT_NODE)
continue;
......@@ -428,7 +428,7 @@ static int parse_form(struct openconnect_info *vpninfo, char *auth_id,
if (!strcmp(input_type, "hidden")) {
char *value = (char *)xmlGetProp(xml_node, (unsigned char *)"value");
if (!value) {
vpninfo->progress(vpninfo, PRG_INFO,
vpninfo->progress(vpninfo, PRG_INFO,
"No value for hidden input %s\n",
input_name);
continue;
......@@ -445,14 +445,14 @@ static int parse_form(struct openconnect_info *vpninfo, char *auth_id,
input_label = (char *)xmlGetProp(xml_node, (unsigned char *)"label");
if (!strcmp(input_type, "text")) {
user_form_prompt = input_label?:"Username:";
user_form_prompt = input_label ?: "Username:";
user_form_id = input_name;
} else if (!strcmp(input_type, "password")) {
pass_form_prompt = input_label?:"Password:";
pass_form_prompt = input_label ?: "Password:";
pass_form_id = input_name;
}
}
vpninfo->progress(vpninfo, PRG_TRACE, "Fixed options give %s\n", body);
if (user_form_id && !vpninfo->username)
......@@ -501,7 +501,7 @@ static int parse_form(struct openconnect_info *vpninfo, char *auth_id,
if (user_form_id)
append_opt(body, bodylen, user_form_id,
vpninfo->username?:username);
vpninfo->username ?: username);
if (is_securid == 1 && vpninfo->sid_tokencode[0]) {
/* First token request; mangle pin into _both_ first and next
......@@ -533,7 +533,7 @@ static int parse_form(struct openconnect_info *vpninfo, char *auth_id,
/* Return value:
* < 0, on error
* = 0,
* = 0,
* = 1, when response was parsed
* = 2, when response was cancelled
*/
......@@ -639,7 +639,7 @@ static int fetch_config(struct openconnect_info *vpninfo, char *fu, char *bu,
sprintf(buf + strlen(buf), "Cookie: ");
for (opt = vpninfo->cookies; opt; opt = opt->next)
sprintf(buf + strlen(buf), "%s=%s%s", opt->option,
opt->value, opt->next?"; ":"\r\n");
opt->value, opt->next ? "; " : "\r\n");
}
sprintf(buf + strlen(buf), "X-Transcend-Version: 1\r\n\r\n");
......@@ -654,7 +654,7 @@ static int fetch_config(struct openconnect_info *vpninfo, char *fu, char *bu,
if (result != 200)
return -EINVAL;
EVP_MD_CTX_init(&c);
EVP_Digest(buf, buflen, local_sha1_bin, NULL, EVP_sha1(), NULL);
EVP_MD_CTX_cleanup(&c);
......@@ -692,15 +692,15 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo)
}
/*
* It would be nice to use cURL for this, but we really need to guarantee
* that we'll be using OpenSSL (for the TPM stuff), and it doesn't seem
* It would be nice to use cURL for this, but we really need to guarantee
* that we'll be using OpenSSL (for the TPM stuff), and it doesn't seem
* to have any way to let us provide our own socket read/write functions.
* We can only provide a socket _open_ function. Which would require having
* a socketpair() and servicing the "other" end of it.
* a socketpair() and servicing the "other" end of it.
*
* So we process the HTTP for ourselves...
*/
sprintf(buf, "%s /%s HTTP/1.1\r\n", method, vpninfo->urlpath?:"");
sprintf(buf, "%s /%s HTTP/1.1\r\n", method, vpninfo->urlpath ?: "");
sprintf(buf + strlen(buf), "Host: %s\r\n", vpninfo->hostname);
sprintf(buf + strlen(buf), "User-Agent: %s\r\n", vpninfo->useragent);
sprintf(buf + strlen(buf), "Accept: */*\r\n");
......@@ -710,7 +710,7 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo)
sprintf(buf + strlen(buf), "Cookie: ");
for (opt = vpninfo->cookies; opt; opt = opt->next)
sprintf(buf + strlen(buf), "%s=%s%s", opt->option,
opt->value, opt->next?"; ":"\r\n");
opt->value, opt->next ? "; " : "\r\n");
}
if (request_body_type) {
sprintf(buf + strlen(buf), "Content-Type: %s\r\n",
......@@ -722,7 +722,8 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo)
if (request_body_type)
sprintf(buf + strlen(buf), "%s", request_body);
vpninfo->progress(vpninfo, PRG_INFO, "%s %s/%s\n", method, vpninfo->hostname, vpninfo->urlpath?:"");
vpninfo->progress(vpninfo, PRG_INFO, "%s %s/%s\n", method,
vpninfo->hostname, vpninfo->urlpath ?: "");
SSL_write(vpninfo->https_ssl, buf, strlen(buf));
......
......@@ -333,7 +333,7 @@ int main(int argc, char **argv)
fprintf(stderr, "Creating SSL connection failed\n");
exit(1);
}
if (setup_tun(vpninfo)) {
fprintf(stderr, "Set up tun device failed\n");
exit(1);
......@@ -345,14 +345,16 @@ int main(int argc, char **argv)
exit(1);
}
}
if (vpninfo->dtls_attempt_period && setup_dtls(vpninfo))
fprintf(stderr, "Set up DTLS failed; using SSL instead\n");
vpninfo->progress(vpninfo, PRG_INFO,
"Connected %s as %s, using %s\n", vpninfo->ifname,
vpninfo->vpn_addr,
(vpninfo->dtls_fd==-1)?(vpninfo->deflate?"SSL + deflate":"SSL"):"DTLS");
(vpninfo->dtls_fd == -1) ?
(vpninfo->deflate ? "SSL + deflate" : "SSL")
: "DTLS");
vpn_mainloop(vpninfo);
exit(1);
......@@ -364,19 +366,19 @@ static int write_new_config(struct openconnect_info *vpninfo, char *buf, int buf
config_fd = open(vpninfo->xmlconfig, O_WRONLY|O_TRUNC|O_CREAT, 0644);
if (!config_fd) {
fprintf(stderr, "Failed to open %s for write: %s\n",
fprintf(stderr, "Failed to open %s for write: %s\n",
vpninfo->xmlconfig, strerror(errno));
return -errno;
}
/* FIXME: We should actually write to a new tempfile, then rename */
write(config_fd, buf, buflen);
write(config_fd, buf, buflen);
return 0;
}
void write_progress(struct openconnect_info *info, int level, const char *fmt, ...)
{
FILE *outf = level?stdout:stderr;
FILE *outf = level ? stdout : stderr;
va_list args;
if (verbose >= level) {
......@@ -389,7 +391,7 @@ void write_progress(struct openconnect_info *info, int level, const char *fmt, .
void syslog_progress(struct openconnect_info *info, int level,
const char *fmt, ...)
{
int priority = level?LOG_INFO:LOG_NOTICE;
int priority = level ? LOG_INFO : LOG_NOTICE;
va_list args;
if (verbose >= level) {
......
......@@ -67,7 +67,7 @@ int vpn_mainloop(struct openconnect_info *vpninfo)
struct sigaction sa;
memset(&sa, 0, sizeof(sa));
sa.sa_handler = handle_sigint;
sigaction(SIGINT, &sa, NULL);
sigaction(SIGHUP, &sa, NULL);
......@@ -114,7 +114,7 @@ int vpn_mainloop(struct openconnect_info *vpninfo)
if (did_work)
continue;
vpninfo->progress(vpninfo, PRG_TRACE,
vpninfo->progress(vpninfo, PRG_TRACE,
"Did no work; sleeping for %d ms...\n", timeout);
memcpy(&rfds, &vpninfo->select_rfds, sizeof(rfds));
memcpy(&wfds, &vpninfo->select_wfds, sizeof(wfds));
......
......@@ -5,7 +5,7 @@
*
* Authors: Jussi Kukkonen <jku@linux.intel.com>
* David Woodhouse <dwmw2@infradead.org>
*
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License
* version 2.1, as published by the Free Software Foundation.
......@@ -79,10 +79,10 @@ typedef struct auth_ui_data {
int retval;
int cookie_retval;
gboolean cancelled; /* fully cancel the whole challenge-response series */
gboolean getting_cookie;
GQueue *form_entries; /* modified from worker thread */
GMutex *form_mutex;
......@@ -99,7 +99,7 @@ typedef struct auth_ui_data {
enum {
AUTH_DIALOG_RESPONSE_LOGIN = 1,
AUTH_DIALOG_RESPONSE_CANCEL,
}auth_dialog_response;
} auth_dialog_response;
......@@ -139,7 +139,7 @@ static void ssl_box_clear(auth_ui_data *ui_data)
{
gtk_widget_hide(ui_data->no_form_label);
gtk_widget_hide(ui_data->getting_form_label);
gtk_container_foreach(GTK_CONTAINER(ui_data->ssl_box),
gtk_container_foreach(GTK_CONTAINER(ui_data->ssl_box),
container_child_remove, ui_data->ssl_box);
gtk_widget_set_sensitive (ui_data->login_button, FALSE);
gtk_widget_set_sensitive (ui_data->cancel_button, FALSE);
......@@ -296,19 +296,19 @@ static int ui_flush(UI* ui)
ui_data->form_shown = FALSE;
if (!ui_data->cancelled) {
/* wait for form submission or cancel */
/* wait for form submission or cancel */
while (!ui_data->form_retval) {
g_cond_wait(ui_data->form_retval_changed, ui_data->form_mutex);
}
response = GPOINTER_TO_INT (ui_data->form_retval);
ui_data->form_retval = NULL;
} else
} else
response = AUTH_DIALOG_RESPONSE_CANCEL;
/* set entry results and free temporary data structures */
while (!g_queue_is_empty (ui_data->form_entries)) {
ui_fragment_data *data;
data = g_queue_pop_tail (ui_data->form_entries);
data = g_queue_pop_tail (ui_data->form_entries);
if (data->entry_text) {
UI_set_result(ui, data->uis, data->entry_text);
}
......@@ -411,7 +411,7 @@ static gboolean user_validate_cert(cert_data *data)
g_mutex_lock (ui_data->form_mutex);
if (result == GTK_RESPONSE_OK)
data->ui_data->cert_response = CERT_ACCEPTED;
else
else
data->ui_data->cert_response = CERT_DENIED;
g_cond_signal (ui_data->cert_response_changed);
g_mutex_unlock (ui_data->form_mutex);
......@@ -458,10 +458,10 @@ static int validate_peer_cert(struct openconnect_info *vpninfo,
g_mutex_lock(ui_data->form_mutex);
ui_data->cert_response = CERT_USER_NOT_READY;
ui_data->cert_response = CERT_USER_NOT_READY;
g_idle_add((GSourceFunc)user_validate_cert, data);
/* wait for user to accept or cancel */
/* wait for user to accept or cancel */
while (ui_data->cert_response == CERT_USER_NOT_READY) {
g_cond_wait(ui_data->cert_response_changed, ui_data->form_mutex);
}
......@@ -607,7 +607,7 @@ static int parse_xmlconfig(char *xmlconfig)
list_end = &newhost->next;
if (!strcasecmp(newhost->hostaddress, vpnhosts->hostaddress) &&
!strcasecmp(newhost->usergroup?:"", vpnhosts->usergroup?:"")) {
!strcasecmp(newhost->usergroup ?: "", vpnhosts->usergroup ?: "")) {
/* Remove originally configured host if it's in the list */
struct vpnhost *tmp = vpnhosts->next;
free(vpnhosts);
......@@ -659,9 +659,9 @@ static int get_config(char *vpn_uuid, struct openconnect_info *vpninfo)
vpnhosts->hostaddress = hostname;
vpnhosts->next = NULL;
if (0){
if (0) {
/* DEBUG add another copy of gateway to host list */
vpnhost *tmphost;
vpnhost *tmphost;
tmphost = malloc(sizeof(tmphost));
if (!tmphost)
return -ENOMEM;
......@@ -724,7 +724,7 @@ if (0){
return 0;
}
static void populate_vpnhost_combo(auth_ui_data *ui_data)
static void populate_vpnhost_combo(auth_ui_data *ui_data)
{
struct vpnhost *host;
int i = 0;
......@@ -754,7 +754,7 @@ static void autocon_toggled(GtkWidget *widget)
int enabled = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget));
char *key = g_strdup_printf("%s/vpn/autoconnect", config_path);
gconf_client_set_string(gcl, key, enabled?"yes":"no", NULL);
gconf_client_set_string(gcl, key, enabled ? "yes" : "no", NULL);
}
static void scroll_log(GtkTextBuffer *log, GtkTextView *view)
......@@ -801,10 +801,10 @@ void write_progress(struct openconnect_info *info, int level, const char *fmt, .
g_idle_add((GSourceFunc)write_progress_real, g_strdup(msg));
}
if (level <= PRG_ERR){
if (level <= PRG_ERR) {
last_message = msg;
return;
}
}
g_free(msg);
}
......@@ -833,7 +833,7 @@ static gboolean cookie_obtained(auth_ui_data *ui_data)
/* We don't use vpninfo->hostname because it might have been redirected */
gconf_client_set_string(gcl, key, ui_data->firsthost, NULL);
g_free(key);
printf("%s\n%s\n", NM_OPENCONNECT_KEY_GATEWAY, ui_data->vpninfo->hostname);
printf("%s\n%s\n", NM_OPENCONNECT_KEY_COOKIE, ui_data->vpninfo->cookie);
memset((void *)ui_data->vpninfo->cookie, 0, strlen(ui_data->vpninfo->cookie));
......@@ -880,12 +880,12 @@ static void connect_host(auth_ui_data *ui_data)
ssl_box_clear(ui_data);
gtk_widget_show(ui_data->getting_form_label);
/* reset ssl context.
/* reset ssl context.
* TODO: this is probably not the way to go... */
if (ui_data->vpninfo->https_ssl) {
openconnect_close_https(ui_data->vpninfo);
}
if (ui_data->vpninfo->https_ctx){
if (ui_data->vpninfo->https_ctx) {
SSL_CTX_free(ui_data->vpninfo->https_ctx);
ui_data->vpninfo->https_ctx = NULL;
}
......@@ -915,7 +915,7 @@ static void queue_connect_host(auth_ui_data *ui_data)
connect_host(ui_data);
} else if (!ui_data->cancelled) {
/* set state to cancelled. Current challenge-response-
* conversation will not be shown to user, and cookie_obtained()
* conversation will not be shown to user, and cookie_obtained()
* will start a new one conversation */
ui_data->cancelled = TRUE;
gtk_dialog_response(GTK_DIALOG(ui_data->dialog), AUTH_DIALOG_RESPONSE_CANCEL);
......@@ -928,7 +928,7 @@ static void dialog_response (GtkDialog *dialog, int response, auth_ui_data *ui_d
case AUTH_DIALOG_RESPONSE_CANCEL:
case AUTH_DIALOG_RESPONSE_LOGIN:
ssl_box_clear(ui_data);
if(ui_data->getting_cookie)
if (ui_data->getting_cookie)
gtk_widget_show (ui_data->getting_form_label);
g_mutex_lock (ui_data->form_mutex);
ui_data->form_retval = GINT_TO_POINTER(response);
......@@ -962,7 +962,7 @@ static void build_main_dialog(auth_ui_data *ui_data)
gtk_window_set_default_icon_name(GTK_STOCK_DIALOG_AUTHENTICATION);
title = get_title(ui_data->vpninfo->vpn_name);
ui_data->dialog = gtk_dialog_new_with_buttons(title, NULL, GTK_DIALOG_MODAL,
ui_data->dialog = gtk_dialog_new_with_buttons(title, NULL, GTK_DIALOG_MODAL,
GTK_STOCK_CLOSE, GTK_RESPONSE_CLOSE,
NULL);
g_signal_connect (ui_data->dialog, "response", G_CALLBACK(dialog_response), ui_data);
......@@ -987,7 +987,7 @@ static void build_main_dialog(auth_ui_data *ui_data)
ui_data->combo = gtk_combo_box_new_text();
populate_vpnhost_combo(ui_data);
gtk_box_pack_start(GTK_BOX(hbox), ui_data->combo, TRUE, TRUE, 0);
g_signal_connect_swapped(ui_data->combo, "changed",
g_signal_connect_swapped(ui_data->combo, "changed",
G_CALLBACK(queue_connect_host), ui_data);
gtk_widget_show(ui_data->combo);
......@@ -1077,7 +1077,7 @@ static auth_ui_data *init_ui_data (char *vpn_name)
{
auth_ui_data *ui_data;
ui_data = g_slice_new0(auth_ui_data);
ui_data = g_slice_new0(auth_ui_data);
ui_data->retval = 1;
ui_data->form_entries = g_queue_new();
......
......@@ -42,7 +42,7 @@ struct pkt {
unsigned char hdr[8];
unsigned char data[];
};
struct vpn_option {
char *option;
char *value;
......
......@@ -37,11 +37,11 @@
We could use cURL for the HTTP stuff, but it's overkill */
int __attribute__ ((format (printf, 2, 3)))
openconnect_SSL_printf(SSL *ssl, const char *fmt, ...)
openconnect_SSL_printf(SSL *ssl, const char *fmt, ...)
{
char buf[1024];
va_list args;
buf[1023] = 0;
va_start(args, fmt);
......@@ -79,13 +79,13 @@ int openconnect_SSL_gets(SSL *ssl, char *buf, size_t len)
ret = -SSL_get_error(ssl, ret);
}
buf[i] = 0;
return i?:ret;
return i ?: ret;
}
static int load_certificate(struct openconnect_info *vpninfo)
{
vpninfo->progress(vpninfo, PRG_TRACE,
vpninfo->progress(vpninfo, PRG_TRACE,
"Using certificate file %s\n", vpninfo->cert);
if (!SSL_CTX_use_certificate_file(vpninfo->https_ctx, vpninfo->cert,
......@@ -95,7 +95,7 @@ static int load_certificate(struct openconnect_info *vpninfo)
ERR_print_errors_fp(stderr);
return -EINVAL;
}
if (vpninfo->tpm) {
ENGINE *e;
EVP_PKEY *key;
......@@ -113,7 +113,7 @@ static int load_certificate(struct openconnect_info *vpninfo)
ERR_print_errors_fp(stderr);
ENGINE_free(e);
return -EINVAL;
}
}
if (vpninfo->tpmpass) {
if (!ENGINE_ctrl_cmd(e, "PIN", strlen(vpninfo->tpmpass),
......@@ -124,7 +124,7 @@ static int load_certificate(struct openconnect_info *vpninfo)
}
key = ENGINE_load_private_key(e, vpninfo->sslkey, NULL, NULL);
if (!key) {
vpninfo->progress(vpninfo, PRG_ERR,
vpninfo->progress(vpninfo, PRG_ERR,
"Failed to load TPM private key\n");
ERR_print_errors_fp(stderr);
ENGINE_free(e);
......@@ -155,7 +155,7 @@ static int verify_callback(X509_STORE_CTX *ctx, void *arg)
/* We've seen certificates in the wild which don't have the
purpose fields filled in correctly */
ctx->param->purpose = 0;
/* If it succeeds, all well and good... */
return X509_verify_cert(ctx);
}
......@@ -166,7 +166,7 @@ static int verify_peer(struct openconnect_info *vpninfo, SSL *https_ssl)
if (vpninfo->cafile) {
int vfy = SSL_get_verify_result(https_ssl);
if (vfy != X509_V_OK) {
vpninfo->progress(vpninfo, PRG_ERR, "Server certificate verify failed: %s\n",
X509_verify_cert_error_string(vfy));
......@@ -217,7 +217,7 @@ int openconnect_open_https(struct openconnect_info *vpninfo)
if (ssl_sock < 0)
continue;