diff --git a/compat.c b/compat.c index d728c94c..2fbad2eb 100644 --- a/compat.c +++ b/compat.c @@ -58,7 +58,7 @@ static int oc_vasprintf(char **strp, const char *fmt, va_list ap) strings in openconnect. */ #ifdef HAVE_VA_COPY va_copy(ap2, ap); -#elif defined (HAVE___VA_COPY) +#elif defined(HAVE___VA_COPY) __va_copy(ap2, ap); #else #error No va_copy()! diff --git a/cstp.c b/cstp.c index 48962120..0c4cdcb3 100644 --- a/cstp.c +++ b/cstp.c @@ -621,7 +621,7 @@ static int inflate_and_queue_packet(struct openconnect_info *vpninfo, return 0; } -#if defined (OPENCONNECT_OPENSSL) +#if defined(OPENCONNECT_OPENSSL) static int cstp_read(struct openconnect_info *vpninfo, void *buf, int maxlen) { int len, ret; @@ -663,7 +663,7 @@ static int cstp_write(struct openconnect_info *vpninfo, void *buf, int buflen) return -1; } } -#elif defined (OPENCONNECT_GNUTLS) +#elif defined(OPENCONNECT_GNUTLS) static int cstp_read(struct openconnect_info *vpninfo, void *buf, int maxlen) { int ret; @@ -968,10 +968,10 @@ int cstp_bye(struct openconnect_info *vpninfo, const char *reason) int reason_len; /* already lost connection? */ -#if defined (OPENCONNECT_OPENSSL) +#if defined(OPENCONNECT_OPENSSL) if (!vpninfo->https_ssl) return 0; -#elif defined (OPENCONNECT_GNUTLS) +#elif defined(OPENCONNECT_GNUTLS) if (!vpninfo->https_sess) return 0; #endif diff --git a/dtls.c b/dtls.c index 8cea639a..adb01c6e 100644 --- a/dtls.c +++ b/dtls.c @@ -105,7 +105,7 @@ int RAND_bytes(char *buf, int len) * their clients use anyway. */ -#if defined (DTLS_OPENSSL) +#if defined(DTLS_OPENSSL) #define DTLS_SEND SSL_write #define DTLS_RECV SSL_read @@ -271,14 +271,14 @@ int dtls_try_handshake(struct openconnect_info *vpninfo) vpn_progress(vpninfo, PRG_ERR, _("Your OpenSSL is older than the one you built against, so DTLS may fail!")); } -#elif defined (HAVE_DTLS1_STOP_TIMER) +#elif defined(HAVE_DTLS1_STOP_TIMER) /* * This works for any normal OpenSSL that supports * Cisco DTLS compatibility (0.9.8m to 1.0.0d inclusive, * and even later versions although it isn't needed there. */ dtls1_stop_timer(vpninfo->dtls_ssl); -#elif defined (BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT) +#elif defined(BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT) /* * Debian restricts visibility of dtls1_stop_timer() * so do it manually. This version also works on all @@ -290,7 +290,7 @@ int dtls_try_handshake(struct openconnect_info *vpninfo) BIO_ctrl(SSL_get_rbio(vpninfo->dtls_ssl), BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT, 0, &(vpninfo->dtls_ssl->d1->next_timeout)); -#elif defined (BIO_CTRL_DGRAM_SET_TIMEOUT) +#elif defined(BIO_CTRL_DGRAM_SET_TIMEOUT) /* * OK, here it gets more fun... this shoul handle the case * of older OpenSSL which has the Cisco DTLS compatibility @@ -354,7 +354,7 @@ int dtls_try_handshake(struct openconnect_info *vpninfo) return -EINVAL; } -#elif defined (DTLS_GNUTLS) +#elif defined(DTLS_GNUTLS) #include struct { @@ -608,9 +608,9 @@ int connect_dtls_socket(struct openconnect_info *vpninfo) static int dtls_restart(struct openconnect_info *vpninfo) { if (vpninfo->dtls_ssl) { -#if defined (DTLS_OPENSSL) +#if defined(DTLS_OPENSSL) SSL_free(vpninfo->dtls_ssl); -#elif defined (DTLS_GNUTLS) +#elif defined(DTLS_GNUTLS) gnutls_deinit(vpninfo->dtls_ssl); #endif close(vpninfo->dtls_fd); @@ -630,7 +630,7 @@ int setup_dtls(struct openconnect_info *vpninfo) struct vpn_option *dtls_opt = vpninfo->dtls_options; int dtls_port = 0; -#if defined (OPENCONNECT_GNUTLS) && defined (DTLS_OPENSSL) +#if defined(OPENCONNECT_GNUTLS) && defined(DTLS_OPENSSL) /* If we're using GnuTLS for authentication but OpenSSL for DTLS, we'll need to initialise OpenSSL now... */ SSL_library_init (); @@ -859,7 +859,7 @@ int dtls_mainloop(struct openconnect_info *vpninfo, int *timeout) } return 1; } -#elif defined (DTLS_GNUTLS) +#elif defined(DTLS_GNUTLS) ret = gnutls_record_send(vpninfo->dtls_ssl, &this->hdr[7], this->len + 1); if (ret <= 0) { if (ret != GNUTLS_E_AGAIN) { diff --git a/gnutls.c b/gnutls.c index 3ab15965..38355f86 100644 --- a/gnutls.c +++ b/gnutls.c @@ -451,7 +451,7 @@ static int get_cert_name(gnutls_x509_crt_t cert, char *name, size_t namelen) return 0; } -#if defined (HAVE_P11KIT) || defined (HAVE_TROUSERS) +#if defined(HAVE_P11KIT) || defined(HAVE_TROUSERS) #ifndef HAVE_GNUTLS_CERTIFICATE_SET_KEY /* For GnuTLS 2.12 even if we *have* a privkey (as we do for PKCS#11), we can't register it. So we have to use the cert_callback function. This @@ -884,7 +884,7 @@ static int load_certificate(struct openconnect_info *vpninfo) { gnutls_datum_t fdata; gnutls_x509_privkey_t key = NULL; -#if defined (HAVE_P11KIT) || defined (HAVE_TROUSERS) +#if defined(HAVE_P11KIT) || defined(HAVE_TROUSERS) gnutls_privkey_t pkey = NULL; gnutls_datum_t pkey_sig = {NULL, 0}; void *dummy_hash_data = &load_certificate; @@ -1056,7 +1056,7 @@ static int load_certificate(struct openconnect_info *vpninfo) got_certs: /* Now we have either a single certificate in 'cert', or an array of them in extra_certs[]. Next we look for the private key ... */ -#if defined (HAVE_P11KIT) +#if defined(HAVE_P11KIT) if (key_is_p11) { vpn_progress(vpninfo, PRG_TRACE, _("Using PKCS#11 key %s\n"), key_url); @@ -1342,7 +1342,7 @@ static int load_certificate(struct openconnect_info *vpninfo) enabled we'll fall straight through the bit at match_cert: below, and go directly to the bit where it prints the 'no match found' error and exits. */ -#if defined (HAVE_P11KIT) || defined (HAVE_TROUSERS) +#if defined(HAVE_P11KIT) || defined(HAVE_TROUSERS) match_cert: /* If we have a privkey from PKCS#11 or TPM, we can't do the simple comparison of key ID that we do for software keys to find which certificate is a @@ -1522,7 +1522,7 @@ static int load_certificate(struct openconnect_info *vpninfo) key and certs. GnuTLS makes us do this differently for X509 privkeys vs. TPM/PKCS#11 "generic" privkeys, and the latter is particularly 'fun' for GnuTLS 2.12... */ -#if defined (HAVE_P11KIT) || defined (HAVE_TROUSERS) +#if defined(HAVE_P11KIT) || defined(HAVE_TROUSERS) if (pkey) { err = assign_privkey(vpninfo, pkey, supporting_certs ? supporting_certs : &cert, @@ -1567,7 +1567,7 @@ static int load_certificate(struct openconnect_info *vpninfo) } gnutls_free(extra_certs); -#if defined (HAVE_P11KIT) || defined (HAVE_TROUSERS) +#if defined(HAVE_P11KIT) || defined(HAVE_TROUSERS) if (pkey && pkey != OPENCONNECT_TPM_PKEY) gnutls_privkey_deinit(pkey); /* If we support arbitrary privkeys, we might have abused fdata.data diff --git a/gnutls.h b/gnutls.h index 68d59d2e..f09fee2f 100644 --- a/gnutls.h +++ b/gnutls.h @@ -66,7 +66,7 @@ static inline int sign_dummy_data(struct openconnect_info *vpninfo, const gnutls_datum_t *data, gnutls_datum_t *sig) { -#if defined (HAVE_TROUSERS) && !defined(HAVE_GNUTLS_CERTIFICATE_SET_KEY) +#if defined(HAVE_TROUSERS) && !defined(HAVE_GNUTLS_CERTIFICATE_SET_KEY) if (pkey == OPENCONNECT_TPM_PKEY) return gtls2_tpm_sign_dummy_data(vpninfo, data, sig); #endif diff --git a/library.c b/library.c index be4b119d..59a5939e 100644 --- a/library.c +++ b/library.c @@ -131,9 +131,9 @@ void openconnect_vpninfo_free (struct openconnect_info *vpninfo) free((void *)vpninfo->sslkey); free((void *)vpninfo->cert); if (vpninfo->peer_cert) { -#if defined (OPENCONNECT_OPENSSL) +#if defined(OPENCONNECT_OPENSSL) X509_free(vpninfo->peer_cert); -#elif defined (OPENCONNECT_GNUTLS) +#elif defined(OPENCONNECT_GNUTLS) gnutls_x509_crt_deinit(vpninfo->peer_cert); #endif vpninfo->peer_cert = NULL; @@ -284,19 +284,19 @@ const char *openconnect_get_version (void) int openconnect_has_pkcs11_support(void) { -#if defined (OPENCONNECT_GNUTLS) && defined (HAVE_P11KIT) +#if defined(OPENCONNECT_GNUTLS) && defined(HAVE_P11KIT) return 1; #else return 0; #endif } -#if defined (OPENCONNECT_OPENSSL) && defined (HAVE_ENGINE) +#if defined(OPENCONNECT_OPENSSL) && defined(HAVE_ENGINE) #include #endif int openconnect_has_tss_blob_support(void) { -#if defined (OPENCONNECT_OPENSSL) && defined (HAVE_ENGINE) +#if defined(OPENCONNECT_OPENSSL) && defined(HAVE_ENGINE) ENGINE *e; ENGINE_load_builtin_engines(); @@ -306,7 +306,7 @@ int openconnect_has_tss_blob_support(void) ENGINE_free(e); return 1; } -#elif defined (OPENCONNECT_GNUTLS) && defined (HAVE_TROUSERS) +#elif defined(OPENCONNECT_GNUTLS) && defined(HAVE_TROUSERS) return 1; #endif return 0; diff --git a/main.c b/main.c index 933c4fac..37595f59 100644 --- a/main.c +++ b/main.c @@ -190,9 +190,9 @@ static void print_build_opts(void) { const char *comma = ", ", *sep = comma + 1; -#if defined (OPENCONNECT_OPENSSL) +#if defined(OPENCONNECT_OPENSSL) printf(_("Using OpenSSL. Features present:")); -#elif defined (OPENCONNECT_GNUTLS) +#elif defined(OPENCONNECT_GNUTLS) printf(_("Using GnuTLS. Features present:")); #endif @@ -200,7 +200,7 @@ static void print_build_opts(void) printf("%sTPM", sep); sep = comma; } -#if defined (OPENCONNECT_OPENSSL) && defined (HAVE_ENGINE) +#if defined(OPENCONNECT_OPENSSL) && defined(HAVE_ENGINE) else { printf("%sTPM (%s)", sep, _("OpenSSL ENGINE not present")); sep = comma; @@ -217,7 +217,7 @@ static void print_build_opts(void) #ifdef HAVE_DTLS printf("%sDTLS", sep); -#if defined (OPENCONNECT_GNUTLS) && defined (DTLS_OPENSSL) +#if defined(OPENCONNECT_GNUTLS) && defined(DTLS_OPENSSL) printf(" (%s)", _("using OpenSSL")); #endif printf("\n"); diff --git a/openconnect-internal.h b/openconnect-internal.h index ab3926e7..9d9fa6b2 100644 --- a/openconnect-internal.h +++ b/openconnect-internal.h @@ -28,7 +28,7 @@ #include "openconnect.h" -#if defined (OPENCONNECT_OPENSSL) || defined(DTLS_OPENSSL) +#if defined(OPENCONNECT_OPENSSL) || defined(DTLS_OPENSSL) #include #include /* Ick */ @@ -39,7 +39,7 @@ #endif #endif /* OPENSSL */ -#if defined (OPENCONNECT_GNUTLS) +#if defined(OPENCONNECT_GNUTLS) #include #include #include @@ -312,8 +312,8 @@ struct openconnect_info { openconnect_progress_vfn progress; }; -#if (defined (DTLS_OPENSSL) && defined (SSL_OP_CISCO_ANYCONNECT)) || \ - (defined (DTLS_GNUTLS) && defined (HAVE_GNUTLS_SESSION_SET_PREMASTER)) +#if (defined(DTLS_OPENSSL) && defined(SSL_OP_CISCO_ANYCONNECT)) || \ + (defined(DTLS_GNUTLS) && defined(HAVE_GNUTLS_SESSION_SET_PREMASTER)) #define HAVE_DTLS 1 #endif @@ -385,7 +385,7 @@ int __attribute__ ((format (printf, 2, 3))) openconnect_SSL_printf(struct openconnect_info *vpninfo, const char *fmt, ...); int openconnect_print_err_cb(const char *str, size_t len, void *ptr); #define openconnect_report_ssl_errors(v) ERR_print_errors_cb(openconnect_print_err_cb, (v)) -#if defined (FAKE_ANDROID_KEYSTORE) || defined (ANDROID) +#if defined(FAKE_ANDROID_KEYSTORE) || defined(ANDROID) #define ANDROID_KEYSTORE #endif #ifdef ANDROID_KEYSTORE diff --git a/ssl.c b/ssl.c index fa5db5bf..9afc9a50 100644 --- a/ssl.c +++ b/ssl.c @@ -40,9 +40,9 @@ #elif defined(__FreeBSD__) || defined(__FreeBSD_kernel__) || defined(__OpenBSD__) || defined(__APPLE__) #include #include -#elif defined (__sun__) || defined(__NetBSD__) || defined(__DragonFly__) +#elif defined(__sun__) || defined(__NetBSD__) || defined(__DragonFly__) #include -#elif defined (__GNU__) +#elif defined(__GNU__) #include #endif @@ -381,7 +381,7 @@ int openconnect_passphrase_from_fsid(struct openconnect_info *vpninfo) } #endif -#if defined(OPENCONNECT_OPENSSL) || defined (DTLS_OPENSSL) +#if defined(OPENCONNECT_OPENSSL) || defined(DTLS_OPENSSL) /* We put this here rather than in openssl.c because it might be needed for OpenSSL DTLS support even when GnuTLS is being used for HTTPS */ int openconnect_print_err_cb(const char *str, size_t len, void *ptr) @@ -434,7 +434,7 @@ int keystore_fetch(const char *key, unsigned char **result) close(fd); return ret; } -#elif defined (ANDROID_KEYSTORE) +#elif defined(ANDROID_KEYSTORE) /* keystore.h isn't in the NDK so we need to define these */ #define NO_ERROR 1 #define LOCKED 2 diff --git a/tun.c b/tun.c index 5c041776..4685dfbc 100644 --- a/tun.c +++ b/tun.c @@ -523,7 +523,7 @@ static int os_setup_tun(struct openconnect_info *vpninfo) } if (!vpninfo->ifname) vpninfo->ifname = strdup(ifr.ifr_name); -#elif defined (__sun__) +#elif defined(__sun__) static char tun_name[80]; int unit_nr;