From 222d1451221c96a2f683abe92aab72b2589f89ae Mon Sep 17 00:00:00 2001 From: Nick Andrew Date: Fri, 10 Apr 2009 01:23:27 +1000 Subject: [PATCH] Whitespace cleanups Remove trailing blanks; put whitespace around operators as appropriate. Signed-off-by: Nick Andrew Signed-off-by: David Woodhouse --- COPYING.LGPL | 2 +- README.SecurID | 2 +- cstp.c | 28 +++++++++++++------------- dtls.c | 30 ++++++++++++++-------------- http.c | 43 ++++++++++++++++++++------------------- main.c | 16 ++++++++------- mainloop.c | 4 ++-- nm-auth-dialog.c | 52 ++++++++++++++++++++++++------------------------ openconnect.h | 2 +- ssl.c | 22 ++++++++++---------- tun.c | 18 ++++++++--------- version.sh | 2 +- xml.c | 6 +++--- 13 files changed, 115 insertions(+), 112 deletions(-) diff --git a/COPYING.LGPL b/COPYING.LGPL index 5ab7695a..602bfc94 100644 --- a/COPYING.LGPL +++ b/COPYING.LGPL @@ -146,7 +146,7 @@ such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. - + 1. You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an diff --git a/README.SecurID b/README.SecurID index a608ad35..3f5d1152 100644 --- a/README.SecurID +++ b/README.SecurID @@ -28,7 +28,7 @@ shouldn't be particularly hard. We already know how the 64-bit tokens work: http://seclists.org/bugtraq/2000/Dec/0459.html For the 128-bit tokens, they just use a standard AES algorithm instead -of their own 'speshul' hash. A basic description of it can be found at +of their own 'speshul' hash. A basic description of it can be found at http://www.velocityreviews.com/forums/t367596-aes-securid-token.html If we just work out how the input bits are fed into the hash, and work diff --git a/cstp.c b/cstp.c index a8c7e270..dc0eb2d3 100644 --- a/cstp.c +++ b/cstp.c @@ -35,7 +35,7 @@ /* * Data packets are encapsulated in the SSL stream as follows: - * + * * 0000: Magic "STF\x1" * 0004: Big-endian 16-bit length (not including 8-byte header) * 0006: Byte packet type (see openconnect.h) @@ -109,7 +109,7 @@ static int start_cstp_connection(struct openconnect_info *vpninfo) if (!retried) { retried = 1; openconnect_close_https(vpninfo); - + if (openconnect_open_https(vpninfo)) { vpninfo->progress(vpninfo, PRG_ERR, "Failed to open HTTPS connection to %s\n", @@ -125,7 +125,7 @@ static int start_cstp_connection(struct openconnect_info *vpninfo) if (!strncmp(buf, "HTTP/1.1 503 ", 13)) { /* "Service Unavailable. Why? */ char *reason = ""; - while ((i=openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) { + while ((i = openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) { if (!strncmp(buf, "X-Reason: ", 10)) { reason = buf + 10; break; @@ -135,7 +135,7 @@ static int start_cstp_connection(struct openconnect_info *vpninfo) reason); return -EINVAL; } - vpninfo->progress(vpninfo, PRG_ERR, + vpninfo->progress(vpninfo, PRG_ERR, "Got inappropriate HTTP CONNECT response: %s\n", buf); if (!strncmp(buf, "HTTP/1.1 401 ", 13)) @@ -149,7 +149,7 @@ static int start_cstp_connection(struct openconnect_info *vpninfo) /* We may have advertised it, but we only do it if the server agrees */ vpninfo->deflate = 0; - while ((i=openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) { + while ((i = openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) { struct vpn_option *new_option; char *colon = strchr(buf, ':'); if (!colon) @@ -198,7 +198,7 @@ static int start_cstp_connection(struct openconnect_info *vpninfo) if (!strcmp(colon, "deflate")) vpninfo->deflate = 1; else { - vpninfo->progress(vpninfo, PRG_ERR, + vpninfo->progress(vpninfo, PRG_ERR, "Unknown CSTP-Content-Encoding %s\n", colon); return -EINVAL; @@ -275,8 +275,8 @@ static int start_cstp_connection(struct openconnect_info *vpninfo) vpninfo->progress(vpninfo, PRG_INFO, "CSTP connected. DPD %d, Keepalive %d\n", vpninfo->ssl_times.dpd, vpninfo->ssl_times.keepalive); - BIO_set_nbio(SSL_get_rbio(vpninfo->https_ssl),1); - BIO_set_nbio(SSL_get_wbio(vpninfo->https_ssl),1); + BIO_set_nbio(SSL_get_rbio(vpninfo->https_ssl), 1); + BIO_set_nbio(SSL_get_wbio(vpninfo->https_ssl), 1); fcntl(vpninfo->ssl_fd, F_SETFL, fcntl(vpninfo->ssl_fd, F_GETFL) | O_NONBLOCK); if (vpninfo->select_nfds <= vpninfo->ssl_fd) @@ -294,7 +294,7 @@ int make_cstp_connection(struct openconnect_info *vpninfo) { int ret; - if (!vpninfo->https_ssl && (ret=openconnect_open_https(vpninfo))) + if (!vpninfo->https_ssl && (ret = openconnect_open_https(vpninfo))) return ret; if (vpninfo->deflate) { @@ -328,7 +328,7 @@ static int cstp_reconnect(struct openconnect_info *vpninfo) int ret; int timeout; int interval; - + timeout = vpninfo->reconnect_timeout; interval = vpninfo->reconnect_interval; @@ -377,7 +377,7 @@ static int inflate_and_queue_packet(struct openconnect_info *vpninfo, int type, vpninfo->inflate_adler32 = adler32(vpninfo->inflate_adler32, new->data, new->len); - if (vpninfo->inflate_adler32 != ntohl( *(uint32_t *)(buf + len - 4))) { + if (vpninfo->inflate_adler32 != ntohl( *(uint32_t *) (buf + len - 4) )) { vpninfo->quit_reason = "Compression (inflate) adler32 failure"; } @@ -484,7 +484,7 @@ int cstp_mainloop(struct openconnect_info *vpninfo, int *timeout) /* If SSL_write() fails we are expected to try again. With exactly - the same data, at exactly the same location. So we keep the + the same data, at exactly the same location. So we keep the packet we had before.... */ if (vpninfo->current_ssl_pkt) { handle_outgoing: @@ -548,7 +548,7 @@ int cstp_mainloop(struct openconnect_info *vpninfo, int *timeout) vpninfo->progress(vpninfo, PRG_ERR, "CSTP Dead Peer Detection detected dead peer!\n"); openconnect_close_https(vpninfo); - /* It's already deflated in the old stream. Extremely + /* It's already deflated in the old stream. Extremely non-trivial to reconstitute it; just throw it away */ if (vpninfo->current_ssl_pkt == vpninfo->deflate_pkt) vpninfo->current_ssl_pkt = NULL; @@ -657,7 +657,7 @@ int cstp_bye(struct openconnect_info *vpninfo, char *reason) bye_pkt = malloc(reason_len + 8); if (!bye_pkt) return -ENOMEM; - + memcpy(bye_pkt, data_hdr, 8); memcpy(bye_pkt + 8, reason, reason_len); diff --git a/dtls.c b/dtls.c index 898b30e8..63de22f0 100644 --- a/dtls.c +++ b/dtls.c @@ -51,7 +51,7 @@ int RAND_pseudo_bytes(char *buf, int len) memset(buf, 0x5a, len); printf("FAKE PSEUDO RANDOM!\n"); return 1; - + } int RAND_bytes(char *buf, int len) { @@ -73,8 +73,8 @@ int RAND_bytes(char *buf, int len) * was in OpenSSL 0.9.8e -- it includes backports of some later * OpenSSL patches. * - * The openssl/ directory of this source tree should contain both a - * small patch against OpenSSL 0.9.8e to make it support Cisco's + * The openssl/ directory of this source tree should contain both a + * small patch against OpenSSL 0.9.8e to make it support Cisco's * snapshot of the protocol, and a larger patch against newer OpenSSL * which gives us an option to use the old protocol again. * @@ -86,7 +86,7 @@ int RAND_bytes(char *buf, int len) * number when calculating the MAC, the server still seems to be ignoring * my subsequent data packets. So we use the old protocol, which is what * their clients use anyway. - */ + */ static unsigned char nybble(unsigned char n) { @@ -114,7 +114,7 @@ int connect_dtls_socket(struct openconnect_info *vpninfo) perror("Open UDP socket for DTLS:"); return -EINVAL; } - + if (connect(dtls_fd, vpninfo->peer_addr, vpninfo->peer_addrlen)) { perror("UDP (DTLS) connect:\n"); close(dtls_fd); @@ -122,7 +122,7 @@ int connect_dtls_socket(struct openconnect_info *vpninfo) } fcntl(dtls_fd, F_SETFD, FD_CLOEXEC); - + https_cipher = SSL_get_current_cipher(vpninfo->https_ssl); if (!vpninfo->dtls_ctx) { @@ -144,7 +144,7 @@ int connect_dtls_socket(struct openconnect_info *vpninfo) if (!vpninfo->dtls_session) { vpninfo->progress(vpninfo, PRG_ERR, "Initialise DTLSv1 session failed\n"); return -EINVAL; - } + } vpninfo->dtls_session->ssl_version = 0x0100; // DTLS1_BAD_VER vpninfo->dtls_session->master_key_length = sizeof(vpninfo->dtls_secret); @@ -185,14 +185,14 @@ int connect_dtls_socket(struct openconnect_info *vpninfo) SSL_set_options(dtls_ssl, SSL_OP_CISCO_ANYCONNECT); /* Set non-blocking */ - BIO_set_nbio(SSL_get_rbio(dtls_ssl),1); - BIO_set_nbio(SSL_get_wbio(dtls_ssl),1); + BIO_set_nbio(SSL_get_rbio(dtls_ssl), 1); + BIO_set_nbio(SSL_get_wbio(dtls_ssl), 1); fcntl(dtls_fd, F_SETFL, fcntl(dtls_fd, F_GETFL) | O_NONBLOCK); vpninfo->new_dtls_fd = dtls_fd; vpninfo->new_dtls_ssl = dtls_ssl; - + if (vpninfo->select_nfds <= dtls_fd) vpninfo->select_nfds = dtls_fd + 1; @@ -311,7 +311,7 @@ int setup_dtls(struct openconnect_info *vpninfo) } else if (!strcmp(dtls_opt->option + 7, "Rekey-Time")) { vpninfo->dtls_times.rekey = atol(dtls_opt->value); } - + dtls_opt = dtls_opt->next; } if (!sessid_found || !dtls_port) @@ -329,7 +329,7 @@ int setup_dtls(struct openconnect_info *vpninfo) return -EINVAL; } - + if (connect_dtls_socket(vpninfo)) return -EINVAL; @@ -383,7 +383,7 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout) "Unknown DTLS packet type %02x, len %d\n", buf[0], len); if (1) { /* Some versions of OpenSSL have bugs with receiving out-of-order - * packets. Not only do they wrongly decide to drop packets if + * packets. Not only do they wrongly decide to drop packets if * two packets get swapped in transit, but they also _fail_ to * drop the packet in non-blocking mode; instead they return * the appropriate length of garbage. So don't abort... for now. */ @@ -452,7 +452,7 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout) /* One byte of header */ this->hdr[7] = AC_PKT_DATA; - + ret = SSL_write(vpninfo->dtls_ssl, &this->hdr[7], this->len + 1); if (ret <= 0) { ret = SSL_get_error(vpninfo->dtls_ssl, ret); @@ -460,7 +460,7 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout) /* If it's a real error, kill the DTLS connection and requeue the packet to be sent over SSL */ if (ret != SSL_ERROR_WANT_READ && ret != SSL_ERROR_WANT_WRITE) { - vpninfo->progress(vpninfo, PRG_ERR, + vpninfo->progress(vpninfo, PRG_ERR, "DTLS got write error %d. Falling back to SSL\n", ret); ERR_print_errors_fp(stderr); dtls_restart(vpninfo); diff --git a/http.c b/http.c index a6418cf9..ae78c57d 100644 --- a/http.c +++ b/http.c @@ -40,7 +40,7 @@ #include "openconnect.h" /* - * We didn't really want to have to do this for ourselves -- one might have + * We didn't really want to have to do this for ourselves -- one might have * thought that it would be available in a library somewhere. But neither * cURL nor Neon have reliable cross-platform ways of either using a cert * from the TPM, or just reading from / writing to a transport which is @@ -76,7 +76,7 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result, vpninfo->progress(vpninfo, PRG_TRACE, "Got HTTP response: %s\n", buf); /* Eat headers... */ - while ((i=openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) { + while ((i = openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) { char *colon; vpninfo->progress(vpninfo, PRG_TRACE, "%s\n", buf); @@ -200,7 +200,7 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result, } /* ... else, chunked */ - while ((i=openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) { + while ((i = openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) { int chunklen, lastchunk = 0; if (i < 0) { @@ -227,7 +227,7 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result, done += i; } skip: - if ((i=openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) { + if ((i = openconnect_SSL_gets(vpninfo->https_ssl, buf, sizeof(buf)))) { if (i < 0) { vpninfo->progress(vpninfo, PRG_ERR, "Error fetching HTTP response body\n"); } else { @@ -237,7 +237,7 @@ static int process_http_response(struct openconnect_info *vpninfo, int *result, return -EINVAL; } - if (lastchunk) + if (lastchunk) break; } fin: @@ -314,7 +314,7 @@ static int parse_auth_choice(struct openconnect_info *vpninfo, vpninfo->progress(vpninfo, PRG_ERR, "Form choice has no name\n"); return -EINVAL; } - + for (xml_node = xml_node->children; xml_node; xml_node = xml_node->next) { char *authtype, *form_id, *override_name, *override_label, *auth_content; if (xml_node->type != XML_ELEMENT_NODE) @@ -398,7 +398,7 @@ static int parse_form(struct openconnect_info *vpninfo, char *auth_id, for (xml_node = xml_node->children; xml_node; xml_node = xml_node->next) { char *input_type, *input_name, *input_label; - + if (xml_node->type != XML_ELEMENT_NODE) continue; @@ -428,7 +428,7 @@ static int parse_form(struct openconnect_info *vpninfo, char *auth_id, if (!strcmp(input_type, "hidden")) { char *value = (char *)xmlGetProp(xml_node, (unsigned char *)"value"); if (!value) { - vpninfo->progress(vpninfo, PRG_INFO, + vpninfo->progress(vpninfo, PRG_INFO, "No value for hidden input %s\n", input_name); continue; @@ -445,14 +445,14 @@ static int parse_form(struct openconnect_info *vpninfo, char *auth_id, input_label = (char *)xmlGetProp(xml_node, (unsigned char *)"label"); if (!strcmp(input_type, "text")) { - user_form_prompt = input_label?:"Username:"; + user_form_prompt = input_label ?: "Username:"; user_form_id = input_name; } else if (!strcmp(input_type, "password")) { - pass_form_prompt = input_label?:"Password:"; + pass_form_prompt = input_label ?: "Password:"; pass_form_id = input_name; } } - + vpninfo->progress(vpninfo, PRG_TRACE, "Fixed options give %s\n", body); if (user_form_id && !vpninfo->username) @@ -501,7 +501,7 @@ static int parse_form(struct openconnect_info *vpninfo, char *auth_id, if (user_form_id) append_opt(body, bodylen, user_form_id, - vpninfo->username?:username); + vpninfo->username ?: username); if (is_securid == 1 && vpninfo->sid_tokencode[0]) { /* First token request; mangle pin into _both_ first and next @@ -533,7 +533,7 @@ static int parse_form(struct openconnect_info *vpninfo, char *auth_id, /* Return value: * < 0, on error - * = 0, + * = 0, * = 1, when response was parsed * = 2, when response was cancelled */ @@ -639,7 +639,7 @@ static int fetch_config(struct openconnect_info *vpninfo, char *fu, char *bu, sprintf(buf + strlen(buf), "Cookie: "); for (opt = vpninfo->cookies; opt; opt = opt->next) sprintf(buf + strlen(buf), "%s=%s%s", opt->option, - opt->value, opt->next?"; ":"\r\n"); + opt->value, opt->next ? "; " : "\r\n"); } sprintf(buf + strlen(buf), "X-Transcend-Version: 1\r\n\r\n"); @@ -654,7 +654,7 @@ static int fetch_config(struct openconnect_info *vpninfo, char *fu, char *bu, if (result != 200) return -EINVAL; - + EVP_MD_CTX_init(&c); EVP_Digest(buf, buflen, local_sha1_bin, NULL, EVP_sha1(), NULL); EVP_MD_CTX_cleanup(&c); @@ -692,15 +692,15 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo) } /* - * It would be nice to use cURL for this, but we really need to guarantee - * that we'll be using OpenSSL (for the TPM stuff), and it doesn't seem + * It would be nice to use cURL for this, but we really need to guarantee + * that we'll be using OpenSSL (for the TPM stuff), and it doesn't seem * to have any way to let us provide our own socket read/write functions. * We can only provide a socket _open_ function. Which would require having - * a socketpair() and servicing the "other" end of it. + * a socketpair() and servicing the "other" end of it. * * So we process the HTTP for ourselves... */ - sprintf(buf, "%s /%s HTTP/1.1\r\n", method, vpninfo->urlpath?:""); + sprintf(buf, "%s /%s HTTP/1.1\r\n", method, vpninfo->urlpath ?: ""); sprintf(buf + strlen(buf), "Host: %s\r\n", vpninfo->hostname); sprintf(buf + strlen(buf), "User-Agent: %s\r\n", vpninfo->useragent); sprintf(buf + strlen(buf), "Accept: */*\r\n"); @@ -710,7 +710,7 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo) sprintf(buf + strlen(buf), "Cookie: "); for (opt = vpninfo->cookies; opt; opt = opt->next) sprintf(buf + strlen(buf), "%s=%s%s", opt->option, - opt->value, opt->next?"; ":"\r\n"); + opt->value, opt->next ? "; " : "\r\n"); } if (request_body_type) { sprintf(buf + strlen(buf), "Content-Type: %s\r\n", @@ -722,7 +722,8 @@ int openconnect_obtain_cookie(struct openconnect_info *vpninfo) if (request_body_type) sprintf(buf + strlen(buf), "%s", request_body); - vpninfo->progress(vpninfo, PRG_INFO, "%s %s/%s\n", method, vpninfo->hostname, vpninfo->urlpath?:""); + vpninfo->progress(vpninfo, PRG_INFO, "%s %s/%s\n", method, + vpninfo->hostname, vpninfo->urlpath ?: ""); SSL_write(vpninfo->https_ssl, buf, strlen(buf)); diff --git a/main.c b/main.c index 0c37fb1a..af529a5c 100644 --- a/main.c +++ b/main.c @@ -333,7 +333,7 @@ int main(int argc, char **argv) fprintf(stderr, "Creating SSL connection failed\n"); exit(1); } - + if (setup_tun(vpninfo)) { fprintf(stderr, "Set up tun device failed\n"); exit(1); @@ -345,14 +345,16 @@ int main(int argc, char **argv) exit(1); } } - + if (vpninfo->dtls_attempt_period && setup_dtls(vpninfo)) fprintf(stderr, "Set up DTLS failed; using SSL instead\n"); vpninfo->progress(vpninfo, PRG_INFO, "Connected %s as %s, using %s\n", vpninfo->ifname, vpninfo->vpn_addr, - (vpninfo->dtls_fd==-1)?(vpninfo->deflate?"SSL + deflate":"SSL"):"DTLS"); + (vpninfo->dtls_fd == -1) ? + (vpninfo->deflate ? "SSL + deflate" : "SSL") + : "DTLS"); vpn_mainloop(vpninfo); exit(1); @@ -364,19 +366,19 @@ static int write_new_config(struct openconnect_info *vpninfo, char *buf, int buf config_fd = open(vpninfo->xmlconfig, O_WRONLY|O_TRUNC|O_CREAT, 0644); if (!config_fd) { - fprintf(stderr, "Failed to open %s for write: %s\n", + fprintf(stderr, "Failed to open %s for write: %s\n", vpninfo->xmlconfig, strerror(errno)); return -errno; } /* FIXME: We should actually write to a new tempfile, then rename */ - write(config_fd, buf, buflen); + write(config_fd, buf, buflen); return 0; } void write_progress(struct openconnect_info *info, int level, const char *fmt, ...) { - FILE *outf = level?stdout:stderr; + FILE *outf = level ? stdout : stderr; va_list args; if (verbose >= level) { @@ -389,7 +391,7 @@ void write_progress(struct openconnect_info *info, int level, const char *fmt, . void syslog_progress(struct openconnect_info *info, int level, const char *fmt, ...) { - int priority = level?LOG_INFO:LOG_NOTICE; + int priority = level ? LOG_INFO : LOG_NOTICE; va_list args; if (verbose >= level) { diff --git a/mainloop.c b/mainloop.c index c98c7c32..bdc9951f 100644 --- a/mainloop.c +++ b/mainloop.c @@ -67,7 +67,7 @@ int vpn_mainloop(struct openconnect_info *vpninfo) struct sigaction sa; memset(&sa, 0, sizeof(sa)); sa.sa_handler = handle_sigint; - + sigaction(SIGINT, &sa, NULL); sigaction(SIGHUP, &sa, NULL); @@ -114,7 +114,7 @@ int vpn_mainloop(struct openconnect_info *vpninfo) if (did_work) continue; - vpninfo->progress(vpninfo, PRG_TRACE, + vpninfo->progress(vpninfo, PRG_TRACE, "Did no work; sleeping for %d ms...\n", timeout); memcpy(&rfds, &vpninfo->select_rfds, sizeof(rfds)); memcpy(&wfds, &vpninfo->select_wfds, sizeof(wfds)); diff --git a/nm-auth-dialog.c b/nm-auth-dialog.c index b5c7525e..a25e352a 100644 --- a/nm-auth-dialog.c +++ b/nm-auth-dialog.c @@ -5,7 +5,7 @@ * * Authors: Jussi Kukkonen * David Woodhouse - * + * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public License * version 2.1, as published by the Free Software Foundation. @@ -79,10 +79,10 @@ typedef struct auth_ui_data { int retval; int cookie_retval; - + gboolean cancelled; /* fully cancel the whole challenge-response series */ gboolean getting_cookie; - + GQueue *form_entries; /* modified from worker thread */ GMutex *form_mutex; @@ -99,7 +99,7 @@ typedef struct auth_ui_data { enum { AUTH_DIALOG_RESPONSE_LOGIN = 1, AUTH_DIALOG_RESPONSE_CANCEL, -}auth_dialog_response; +} auth_dialog_response; @@ -139,7 +139,7 @@ static void ssl_box_clear(auth_ui_data *ui_data) { gtk_widget_hide(ui_data->no_form_label); gtk_widget_hide(ui_data->getting_form_label); - gtk_container_foreach(GTK_CONTAINER(ui_data->ssl_box), + gtk_container_foreach(GTK_CONTAINER(ui_data->ssl_box), container_child_remove, ui_data->ssl_box); gtk_widget_set_sensitive (ui_data->login_button, FALSE); gtk_widget_set_sensitive (ui_data->cancel_button, FALSE); @@ -296,19 +296,19 @@ static int ui_flush(UI* ui) ui_data->form_shown = FALSE; if (!ui_data->cancelled) { - /* wait for form submission or cancel */ + /* wait for form submission or cancel */ while (!ui_data->form_retval) { g_cond_wait(ui_data->form_retval_changed, ui_data->form_mutex); } response = GPOINTER_TO_INT (ui_data->form_retval); ui_data->form_retval = NULL; - } else + } else response = AUTH_DIALOG_RESPONSE_CANCEL; /* set entry results and free temporary data structures */ while (!g_queue_is_empty (ui_data->form_entries)) { ui_fragment_data *data; - data = g_queue_pop_tail (ui_data->form_entries); + data = g_queue_pop_tail (ui_data->form_entries); if (data->entry_text) { UI_set_result(ui, data->uis, data->entry_text); } @@ -411,7 +411,7 @@ static gboolean user_validate_cert(cert_data *data) g_mutex_lock (ui_data->form_mutex); if (result == GTK_RESPONSE_OK) data->ui_data->cert_response = CERT_ACCEPTED; - else + else data->ui_data->cert_response = CERT_DENIED; g_cond_signal (ui_data->cert_response_changed); g_mutex_unlock (ui_data->form_mutex); @@ -458,10 +458,10 @@ static int validate_peer_cert(struct openconnect_info *vpninfo, g_mutex_lock(ui_data->form_mutex); - ui_data->cert_response = CERT_USER_NOT_READY; + ui_data->cert_response = CERT_USER_NOT_READY; g_idle_add((GSourceFunc)user_validate_cert, data); - /* wait for user to accept or cancel */ + /* wait for user to accept or cancel */ while (ui_data->cert_response == CERT_USER_NOT_READY) { g_cond_wait(ui_data->cert_response_changed, ui_data->form_mutex); } @@ -607,7 +607,7 @@ static int parse_xmlconfig(char *xmlconfig) list_end = &newhost->next; if (!strcasecmp(newhost->hostaddress, vpnhosts->hostaddress) && - !strcasecmp(newhost->usergroup?:"", vpnhosts->usergroup?:"")) { + !strcasecmp(newhost->usergroup ?: "", vpnhosts->usergroup ?: "")) { /* Remove originally configured host if it's in the list */ struct vpnhost *tmp = vpnhosts->next; free(vpnhosts); @@ -659,9 +659,9 @@ static int get_config(char *vpn_uuid, struct openconnect_info *vpninfo) vpnhosts->hostaddress = hostname; vpnhosts->next = NULL; -if (0){ +if (0) { /* DEBUG add another copy of gateway to host list */ - vpnhost *tmphost; + vpnhost *tmphost; tmphost = malloc(sizeof(tmphost)); if (!tmphost) return -ENOMEM; @@ -724,7 +724,7 @@ if (0){ return 0; } -static void populate_vpnhost_combo(auth_ui_data *ui_data) +static void populate_vpnhost_combo(auth_ui_data *ui_data) { struct vpnhost *host; int i = 0; @@ -754,7 +754,7 @@ static void autocon_toggled(GtkWidget *widget) int enabled = gtk_toggle_button_get_active(GTK_TOGGLE_BUTTON(widget)); char *key = g_strdup_printf("%s/vpn/autoconnect", config_path); - gconf_client_set_string(gcl, key, enabled?"yes":"no", NULL); + gconf_client_set_string(gcl, key, enabled ? "yes" : "no", NULL); } static void scroll_log(GtkTextBuffer *log, GtkTextView *view) @@ -801,10 +801,10 @@ void write_progress(struct openconnect_info *info, int level, const char *fmt, . g_idle_add((GSourceFunc)write_progress_real, g_strdup(msg)); } - if (level <= PRG_ERR){ + if (level <= PRG_ERR) { last_message = msg; return; - } + } g_free(msg); } @@ -833,7 +833,7 @@ static gboolean cookie_obtained(auth_ui_data *ui_data) /* We don't use vpninfo->hostname because it might have been redirected */ gconf_client_set_string(gcl, key, ui_data->firsthost, NULL); g_free(key); - + printf("%s\n%s\n", NM_OPENCONNECT_KEY_GATEWAY, ui_data->vpninfo->hostname); printf("%s\n%s\n", NM_OPENCONNECT_KEY_COOKIE, ui_data->vpninfo->cookie); memset((void *)ui_data->vpninfo->cookie, 0, strlen(ui_data->vpninfo->cookie)); @@ -880,12 +880,12 @@ static void connect_host(auth_ui_data *ui_data) ssl_box_clear(ui_data); gtk_widget_show(ui_data->getting_form_label); - /* reset ssl context. + /* reset ssl context. * TODO: this is probably not the way to go... */ if (ui_data->vpninfo->https_ssl) { openconnect_close_https(ui_data->vpninfo); } - if (ui_data->vpninfo->https_ctx){ + if (ui_data->vpninfo->https_ctx) { SSL_CTX_free(ui_data->vpninfo->https_ctx); ui_data->vpninfo->https_ctx = NULL; } @@ -915,7 +915,7 @@ static void queue_connect_host(auth_ui_data *ui_data) connect_host(ui_data); } else if (!ui_data->cancelled) { /* set state to cancelled. Current challenge-response- - * conversation will not be shown to user, and cookie_obtained() + * conversation will not be shown to user, and cookie_obtained() * will start a new one conversation */ ui_data->cancelled = TRUE; gtk_dialog_response(GTK_DIALOG(ui_data->dialog), AUTH_DIALOG_RESPONSE_CANCEL); @@ -928,7 +928,7 @@ static void dialog_response (GtkDialog *dialog, int response, auth_ui_data *ui_d case AUTH_DIALOG_RESPONSE_CANCEL: case AUTH_DIALOG_RESPONSE_LOGIN: ssl_box_clear(ui_data); - if(ui_data->getting_cookie) + if (ui_data->getting_cookie) gtk_widget_show (ui_data->getting_form_label); g_mutex_lock (ui_data->form_mutex); ui_data->form_retval = GINT_TO_POINTER(response); @@ -962,7 +962,7 @@ static void build_main_dialog(auth_ui_data *ui_data) gtk_window_set_default_icon_name(GTK_STOCK_DIALOG_AUTHENTICATION); title = get_title(ui_data->vpninfo->vpn_name); - ui_data->dialog = gtk_dialog_new_with_buttons(title, NULL, GTK_DIALOG_MODAL, + ui_data->dialog = gtk_dialog_new_with_buttons(title, NULL, GTK_DIALOG_MODAL, GTK_STOCK_CLOSE, GTK_RESPONSE_CLOSE, NULL); g_signal_connect (ui_data->dialog, "response", G_CALLBACK(dialog_response), ui_data); @@ -987,7 +987,7 @@ static void build_main_dialog(auth_ui_data *ui_data) ui_data->combo = gtk_combo_box_new_text(); populate_vpnhost_combo(ui_data); gtk_box_pack_start(GTK_BOX(hbox), ui_data->combo, TRUE, TRUE, 0); - g_signal_connect_swapped(ui_data->combo, "changed", + g_signal_connect_swapped(ui_data->combo, "changed", G_CALLBACK(queue_connect_host), ui_data); gtk_widget_show(ui_data->combo); @@ -1077,7 +1077,7 @@ static auth_ui_data *init_ui_data (char *vpn_name) { auth_ui_data *ui_data; - ui_data = g_slice_new0(auth_ui_data); + ui_data = g_slice_new0(auth_ui_data); ui_data->retval = 1; ui_data->form_entries = g_queue_new(); diff --git a/openconnect.h b/openconnect.h index c9fbb9a7..260c6469 100644 --- a/openconnect.h +++ b/openconnect.h @@ -42,7 +42,7 @@ struct pkt { unsigned char hdr[8]; unsigned char data[]; }; - + struct vpn_option { char *option; char *value; diff --git a/ssl.c b/ssl.c index 95b016b8..0480869b 100644 --- a/ssl.c +++ b/ssl.c @@ -37,11 +37,11 @@ We could use cURL for the HTTP stuff, but it's overkill */ int __attribute__ ((format (printf, 2, 3))) - openconnect_SSL_printf(SSL *ssl, const char *fmt, ...) + openconnect_SSL_printf(SSL *ssl, const char *fmt, ...) { char buf[1024]; va_list args; - + buf[1023] = 0; va_start(args, fmt); @@ -79,13 +79,13 @@ int openconnect_SSL_gets(SSL *ssl, char *buf, size_t len) ret = -SSL_get_error(ssl, ret); } buf[i] = 0; - return i?:ret; + return i ?: ret; } static int load_certificate(struct openconnect_info *vpninfo) { - vpninfo->progress(vpninfo, PRG_TRACE, + vpninfo->progress(vpninfo, PRG_TRACE, "Using certificate file %s\n", vpninfo->cert); if (!SSL_CTX_use_certificate_file(vpninfo->https_ctx, vpninfo->cert, @@ -95,7 +95,7 @@ static int load_certificate(struct openconnect_info *vpninfo) ERR_print_errors_fp(stderr); return -EINVAL; } - + if (vpninfo->tpm) { ENGINE *e; EVP_PKEY *key; @@ -113,7 +113,7 @@ static int load_certificate(struct openconnect_info *vpninfo) ERR_print_errors_fp(stderr); ENGINE_free(e); return -EINVAL; - } + } if (vpninfo->tpmpass) { if (!ENGINE_ctrl_cmd(e, "PIN", strlen(vpninfo->tpmpass), @@ -124,7 +124,7 @@ static int load_certificate(struct openconnect_info *vpninfo) } key = ENGINE_load_private_key(e, vpninfo->sslkey, NULL, NULL); if (!key) { - vpninfo->progress(vpninfo, PRG_ERR, + vpninfo->progress(vpninfo, PRG_ERR, "Failed to load TPM private key\n"); ERR_print_errors_fp(stderr); ENGINE_free(e); @@ -155,7 +155,7 @@ static int verify_callback(X509_STORE_CTX *ctx, void *arg) /* We've seen certificates in the wild which don't have the purpose fields filled in correctly */ ctx->param->purpose = 0; - + /* If it succeeds, all well and good... */ return X509_verify_cert(ctx); } @@ -166,7 +166,7 @@ static int verify_peer(struct openconnect_info *vpninfo, SSL *https_ssl) if (vpninfo->cafile) { int vfy = SSL_get_verify_result(https_ssl); - + if (vfy != X509_V_OK) { vpninfo->progress(vpninfo, PRG_ERR, "Server certificate verify failed: %s\n", X509_verify_cert_error_string(vfy)); @@ -217,7 +217,7 @@ int openconnect_open_https(struct openconnect_info *vpninfo) if (ssl_sock < 0) continue; if (connect(ssl_sock, rp->ai_addr, rp->ai_addrlen) >= 0) { - /* Store the peer address we actually used, so that DTLS can + /* Store the peer address we actually used, so that DTLS can use it again later */ vpninfo->peer_addr = malloc(rp->ai_addrlen); if (!vpninfo->peer_addr) { @@ -284,7 +284,7 @@ int openconnect_open_https(struct openconnect_info *vpninfo) vpninfo->ssl_fd = ssl_sock; vpninfo->https_ssl = https_ssl; - vpninfo->progress(vpninfo, PRG_INFO, + vpninfo->progress(vpninfo, PRG_INFO, "Connected to HTTPS on %s\n", vpninfo->hostname); return 0; diff --git a/tun.c b/tun.c index 84f6ac61..2a2ef02a 100644 --- a/tun.c +++ b/tun.c @@ -58,7 +58,7 @@ static int local_config_tun(struct openconnect_info *vpninfo, int mtu_only) if (ioctl(net_fd, SIOCGIFFLAGS, &ifr) < 0) perror("SIOCGIFFLAGS"); - ifr.ifr_flags |= IFF_UP | IFF_POINTOPOINT; + ifr.ifr_flags |= IFF_UP | IFF_POINTOPOINT; if (ioctl(net_fd, SIOCSIFFLAGS, &ifr) < 0) perror("SIOCSIFFLAGS"); @@ -125,7 +125,7 @@ static int process_split_include(struct openconnect_info *vpninfo, break; } masklen = 32 - masklen; - + snprintf(envname, 79, "CISCO_SPLIT_INC_%d_MASKLEN", *nr_incs); setenv_int(envname, masklen); @@ -161,7 +161,7 @@ static void set_script_env(struct openconnect_info *vpninfo) setenv("INTERNAL_IP4_ADDRESS", vpninfo->vpn_addr, 1); setenv("INTERNAL_IP4_NETMASK", vpninfo->vpn_netmask, 1); - + if (vpninfo->vpn_dns[0]) setenv("INTERNAL_IP4_DNS", vpninfo->vpn_dns[0], 1); else @@ -194,9 +194,9 @@ static void set_script_env(struct openconnect_info *vpninfo) this = this->next; } setenv_int("CISCO_SPLIT_INC", nr_split_includes); - } - - + } + + } static int script_config_tun(struct openconnect_info *vpninfo) @@ -268,7 +268,7 @@ int setup_tun(struct openconnect_info *vpninfo) #else /* BSD et al have /dev/tun$x devices */ static char tun_name[80]; int i; - for (i=0; i < 255; i++) { + for (i = 0; i < 255; i++) { sprintf(tun_name, "/dev/tun%d", i); tun_fd = open(tun_name, O_RDWR); if (tun_fd >= 0) @@ -284,14 +284,14 @@ int setup_tun(struct openconnect_info *vpninfo) script_config_tun(vpninfo); /* We have to set the MTU for ourselves, because the script doesn't */ local_config_tun(vpninfo, 1); - } else + } else local_config_tun(vpninfo, 0); } fcntl(tun_fd, F_SETFD, FD_CLOEXEC); vpninfo->tun_fd = tun_fd; - + if (vpninfo->select_nfds <= tun_fd) vpninfo->select_nfds = tun_fd + 1; diff --git a/version.sh b/version.sh index 5dd1bb2a..143178d4 100755 --- a/version.sh +++ b/version.sh @@ -5,7 +5,7 @@ # Copyright 2008, Aron Griffis # Copyright 2008, Oracle # Released under the GNU GPLv2 - + v="v1.10" which git &> /dev/null diff --git a/xml.c b/xml.c index c523672f..1710e589 100644 --- a/xml.c +++ b/xml.c @@ -25,7 +25,7 @@ #include #include -#include +#include #include #include #include @@ -45,7 +45,7 @@ int config_lookup_host(struct openconnect_info *vpninfo, const char *host) unsigned char sha1[SHA_DIGEST_LENGTH]; xmlDocPtr xml_doc; xmlNode *xml_node, *xml_node2; - + if (!vpninfo->xmlconfig) return 0; @@ -146,6 +146,6 @@ int config_lookup_host(struct openconnect_info *vpninfo, const char *host) fprintf(stderr, "Host \"%s\" not listed in config; treating as raw hostname\n", host); } - + return 0; }