tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cos...@apache.org
Subject svn commit: r1292337 - /tomcat/native/trunk/native/src/sslext.c
Date Wed, 22 Feb 2012 15:06:06 GMT
Author: costin
Date: Wed Feb 22 15:06:05 2012
New Revision: 1292337

URL: http://svn.apache.org/viewvc?rev=1292337&view=rev
Log:
Fix indentation, comments.

Modified:
    tomcat/native/trunk/native/src/sslext.c

Modified: tomcat/native/trunk/native/src/sslext.c
URL: http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/sslext.c?rev=1292337&r1=1292336&r2=1292337&view=diff
==============================================================================
--- tomcat/native/trunk/native/src/sslext.c (original)
+++ tomcat/native/trunk/native/src/sslext.c Wed Feb 22 15:06:05 2012
@@ -31,579 +31,576 @@
 
 TCN_IMPLEMENT_CALL(jint, SSLExt, setSessionData)(TCN_STDARGS, jlong tcsock, jbyteArray buf,
jint len)
 {
-	tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-	tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
-	jbyte bytes[TCN_BUFFER_SZ];
-	const jbyte *bytesp = &bytes[0];
-
-	if (len > TCN_BUFFER_SZ) {
-		return -1;
-	}
-	(*e)->GetByteArrayRegion(e, buf, 0, len, bytes);
-	SSL_SESSION* ssl_session = d2i_SSL_SESSION(NULL, (const unsigned char **)&bytesp, len);
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    jbyte bytes[TCN_BUFFER_SZ];
+    const jbyte *bytesp = &bytes[0];
+
+    if (len > TCN_BUFFER_SZ) {
+        return -1;
+    }
+    (*e)->GetByteArrayRegion(e, buf, 0, len, bytes);
+    SSL_SESSION* ssl_session = d2i_SSL_SESSION(NULL, (const unsigned char **)&bytesp,
len);
 
-	SSL_set_session(tcssl->ssl, ssl_session);
-	return 0;
+    SSL_set_session(tcssl->ssl, ssl_session);
+    return 0;
 }
 
 TCN_IMPLEMENT_CALL(jbyteArray, SSLExt, getSessionData)(TCN_STDARGS, jlong tcsock)
 {
-	tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-	tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
-	SSL_SESSION *sess = SSL_get_session(tcssl->ssl);
-
-	int size = i2d_SSL_SESSION(sess, NULL);
-	if (size == 0 || size > TCN_BUFFER_SZ) {
-		return NULL;
-	}
-
-	jbyteArray javaBytes = (*e)->NewByteArray(e, size);
-	if (javaBytes != NULL) {
-		jbyte bytes[TCN_BUFFER_SZ];
-		unsigned char *bytesp = (unsigned char *)&bytes[0];
-
-		i2d_SSL_SESSION(sess, &bytesp);
-		(*e)->SetByteArrayRegion(e, javaBytes, 0, size, bytes);
-	}
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    SSL_SESSION *sess = SSL_get_session(tcssl->ssl);
+
+    int size = i2d_SSL_SESSION(sess, NULL);
+    if (size == 0 || size > TCN_BUFFER_SZ) {
+        return NULL;
+    }
+
+    jbyteArray javaBytes = (*e)->NewByteArray(e, size);
+    if (javaBytes != NULL) {
+        jbyte bytes[TCN_BUFFER_SZ];
+        unsigned char *bytesp = (unsigned char *)&bytes[0];
+
+        i2d_SSL_SESSION(sess, &bytesp);
+        (*e)->SetByteArrayRegion(e, javaBytes, 0, size, bytes);
+    }
 
-	return javaBytes;
+    return javaBytes;
 }
 
 TCN_IMPLEMENT_CALL(jint, SSLExt, getTicket)(TCN_STDARGS, jlong tcsock, jbyteArray buf)
 {
-	tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-	tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
-	int bufLen = (*e)->GetArrayLength(e, buf);
-
-	SSL_SESSION *x = SSL_get_session(tcssl->ssl);
-
-	if (!x->tlsext_tick || x->tlsext_ticklen > bufLen) {
-		return 0;
-	}
-	(*e)->SetByteArrayRegion(e, buf, 0, x->tlsext_ticklen, (jbyte *) &x->tlsext_tick[0]);
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    int bufLen = (*e)->GetArrayLength(e, buf);
+
+    SSL_SESSION *x = SSL_get_session(tcssl->ssl);
+
+    if (!x->tlsext_tick || x->tlsext_ticklen > bufLen) {
+        return 0;
+    }
+    (*e)->SetByteArrayRegion(e, buf, 0, x->tlsext_ticklen, (jbyte *) &x->tlsext_tick[0]);
 
-	return x->tlsext_ticklen;
+    return x->tlsext_ticklen;
 }
 
 TCN_IMPLEMENT_CALL(jint, SSLExt, setTicket)(TCN_STDARGS, jlong tcsock, jbyteArray buf,
-		jint len)
+        jint len)
 {
-	tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-	tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
 
-	char * requestedTicket = apr_pcalloc(tcssl->pool, len);
-	(*e)->GetByteArrayRegion(e, buf, 0, len, (jbyte *) requestedTicket);
-	SSL_set_session_ticket_ext(tcssl->ssl, requestedTicket, len);
-	return 0;
+    jbyte * requestedTicket = apr_pcalloc(tcssl->pool, len);
+    (*e)->GetByteArrayRegion(e, buf, 0, len, (jbyte *) requestedTicket);
+    SSL_set_session_ticket_ext(tcssl->ssl, requestedTicket, len);
+    return 0;
 }
 
 TCN_IMPLEMENT_CALL(jint, SSLExt, setTicketKeys)(TCN_STDARGS, jlong tc_ssl_ctx, jbyteArray
buf, jint len)
 {
-	tcn_ssl_ctxt_t *sslctx = J2P(tc_ssl_ctx, tcn_ssl_ctxt_t *);
-	unsigned char keys[48];
+    tcn_ssl_ctxt_t *sslctx = J2P(tc_ssl_ctx, tcn_ssl_ctxt_t *);
+    unsigned char keys[48];
 
-	(*e)->GetByteArrayRegion(e, buf, 0, 48, (jbyte *) keys);
+    (*e)->GetByteArrayRegion(e, buf, 0, 48, (jbyte *) keys);
 
-	SSL_CTX_set_tlsext_ticket_keys(sslctx->ctx, keys, sizeof(keys));
-	return 0;
+    SSL_CTX_set_tlsext_ticket_keys(sslctx->ctx, keys, sizeof(keys));
+    return 0;
 }
 
-// Debug code - copied from openssl app
+/* Debug code - copied from openssl app */
 
 long bio_dump_callback(BIO *bio, int cmd, const char *argp,
-		int argi, long argl, long ret)
+        int argi, long argl, long ret)
 {
-	BIO *out;
+    BIO *out;
 
-	out=(BIO *)BIO_get_callback_arg(bio);
-	if (out == NULL) return(ret);
+    out=(BIO *)BIO_get_callback_arg(bio);
+    if (out == NULL) return(ret);
 
-	if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
-	{
-		BIO_printf(out,"SSL read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
-				(void *)bio,argp,(unsigned long)argi,ret,ret);
-		BIO_dump(out,argp,(int)ret);
-		return(ret);
-	}
-	else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
-	{
-		BIO_printf(out,"SSL write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
-				(void *)bio,argp,(unsigned long)argi,ret,ret);
-		BIO_dump(out,argp,(int)ret);
-	}
-	return(ret);
+    if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
+    {
+        BIO_printf(out,"SSL read from %p [%p] (%lu bytes => %ld (0x%lX))\n",
+                (void *)bio,argp,(unsigned long)argi,ret,ret);
+        BIO_dump(out,argp,(int)ret);
+        return(ret);
+    }
+    else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
+    {
+        BIO_printf(out,"SSL write to %p [%p] (%lu bytes => %ld (0x%lX))\n",
+                (void *)bio,argp,(unsigned long)argi,ret,ret);
+        BIO_dump(out,argp,(int)ret);
+    }
+    return(ret);
 }
 
 void msg_cb(int write_p, int version, int content_type,
-		const void *buf, size_t len, SSL *ssl, void *arg)
+        const void *buf, size_t len, SSL *ssl, void *arg)
 {
-	BIO *bio = arg;
-	const char *str_write_p, *str_version, *str_content_type = "", *str_details1 = "", *str_details2=
"";
+    BIO *bio = arg;
+    const char *str_write_p, *str_version, *str_content_type = "", *str_details1 = "", *str_details2=
"";
 
-	str_write_p = write_p ? ">>>" : "<<<";
+    str_write_p = write_p ? ">>>" : "<<<";
 
-	switch (version)
-	{
-		case SSL2_VERSION:
-		str_version = "SSL 2.0";
-		break;
-		case SSL3_VERSION:
-		str_version = "SSL 3.0 ";
-		break;
-		case TLS1_VERSION:
-		str_version = "TLS 1.0 ";
-		break;
-		case DTLS1_VERSION:
-		str_version = "DTLS 1.0 ";
-		break;
-		case DTLS1_BAD_VER:
-		str_version = "DTLS 1.0 (bad) ";
-		break;
-		default:
-		str_version = "???";
-	}
-
-	if (version == SSL2_VERSION)
-	{
-		str_details1 = "???";
-
-		if (len > 0)
-		{
-			switch (((const unsigned char*)buf)[0])
-			{
-				case 0:
-				str_details1 = ", ERROR:";
-				str_details2 = " ???";
-				if (len >= 3)
-				{
-					unsigned err = (((const unsigned char*)buf)[1]<<8) + ((const unsigned char*)buf)[2];
-
-					switch (err)
-					{
-						case 0x0001:
-						str_details2 = " NO-CIPHER-ERROR";
-						break;
-						case 0x0002:
-						str_details2 = " NO-CERTIFICATE-ERROR";
-						break;
-						case 0x0004:
-						str_details2 = " BAD-CERTIFICATE-ERROR";
-						break;
-						case 0x0006:
-						str_details2 = " UNSUPPORTED-CERTIFICATE-TYPE-ERROR";
-						break;
-					}
-				}
-
-				break;
-				case 1:
-				str_details1 = ", CLIENT-HELLO";
-				break;
-				case 2:
-				str_details1 = ", CLIENT-MASTER-KEY";
-				break;
-				case 3:
-				str_details1 = ", CLIENT-FINISHED";
-				break;
-				case 4:
-				str_details1 = ", SERVER-HELLO";
-				break;
-				case 5:
-				str_details1 = ", SERVER-VERIFY";
-				break;
-				case 6:
-				str_details1 = ", SERVER-FINISHED";
-				break;
-				case 7:
-				str_details1 = ", REQUEST-CERTIFICATE";
-				break;
-				case 8:
-				str_details1 = ", CLIENT-CERTIFICATE";
-				break;
-			}
-		}
-	}
-
-	if (version == SSL3_VERSION ||
-			version == TLS1_VERSION ||
-			version == DTLS1_VERSION ||
-			version == DTLS1_BAD_VER)
-	{
-		switch (content_type)
-		{
-			case 20:
-			str_content_type = "ChangeCipherSpec";
-			break;
-			case 21:
-			str_content_type = "Alert";
-			break;
-			case 22:
-			str_content_type = "Handshake";
-			break;
-		}
-
-		if (content_type == 21) /* Alert */
-		{
-			str_details1 = ", ???";
-
-			if (len == 2)
-			{
-				switch (((const unsigned char*)buf)[0])
-				{
-					case 1:
-					str_details1 = ", warning";
-					break;
-					case 2:
-					str_details1 = ", fatal";
-					break;
-				}
-
-				str_details2 = " ???";
-				switch (((const unsigned char*)buf)[1])
-				{
-					case 0:
-					str_details2 = " close_notify";
-					break;
-					case 10:
-					str_details2 = " unexpected_message";
-					break;
-					case 20:
-					str_details2 = " bad_record_mac";
-					break;
-					case 21:
-					str_details2 = " decryption_failed";
-					break;
-					case 22:
-					str_details2 = " record_overflow";
-					break;
-					case 30:
-					str_details2 = " decompression_failure";
-					break;
-					case 40:
-					str_details2 = " handshake_failure";
-					break;
-					case 42:
-					str_details2 = " bad_certificate";
-					break;
-					case 43:
-					str_details2 = " unsupported_certificate";
-					break;
-					case 44:
-					str_details2 = " certificate_revoked";
-					break;
-					case 45:
-					str_details2 = " certificate_expired";
-					break;
-					case 46:
-					str_details2 = " certificate_unknown";
-					break;
-					case 47:
-					str_details2 = " illegal_parameter";
-					break;
-					case 48:
-					str_details2 = " unknown_ca";
-					break;
-					case 49:
-					str_details2 = " access_denied";
-					break;
-					case 50:
-					str_details2 = " decode_error";
-					break;
-					case 51:
-					str_details2 = " decrypt_error";
-					break;
-					case 60:
-					str_details2 = " export_restriction";
-					break;
-					case 70:
-					str_details2 = " protocol_version";
-					break;
-					case 71:
-					str_details2 = " insufficient_security";
-					break;
-					case 80:
-					str_details2 = " internal_error";
-					break;
-					case 90:
-					str_details2 = " user_canceled";
-					break;
-					case 100:
-					str_details2 = " no_renegotiation";
-					break;
-					case 110:
-					str_details2 = " unsupported_extension";
-					break;
-					case 111:
-					str_details2 = " certificate_unobtainable";
-					break;
-					case 112:
-					str_details2 = " unrecognized_name";
-					break;
-					case 113:
-					str_details2 = " bad_certificate_status_response";
-					break;
-					case 114:
-					str_details2 = " bad_certificate_hash_value";
-					break;
-				}
-			}
-		}
-
-		if (content_type == 22) /* Handshake */
-		{
-			str_details1 = "???";
-
-			if (len > 0)
-			{
-				switch (((const unsigned char*)buf)[0])
-				{
-					case 0:
-					str_details1 = ", HelloRequest";
-					break;
-					case 1:
-					str_details1 = ", ClientHello";
-					break;
-					case 2:
-					str_details1 = ", ServerHello";
-					break;
-					case 3:
-					str_details1 = ", HelloVerifyRequest";
-					break;
-					case 11:
-					str_details1 = ", Certificate";
-					break;
-					case 12:
-					str_details1 = ", ServerKeyExchange";
-					break;
-					case 13:
-					str_details1 = ", CertificateRequest";
-					break;
-					case 14:
-					str_details1 = ", ServerHelloDone";
-					break;
-					case 15:
-					str_details1 = ", CertificateVerify";
-					break;
-					case 16:
-					str_details1 = ", ClientKeyExchange";
-					break;
-					case 20:
-					str_details1 = ", Finished";
-					break;
-				}
-			}
-		}
-	}
-
-	BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version, str_content_type,
(unsigned long)len, str_details1, str_details2);
-
-	if (len > 0)
-	{
-		size_t num, i;
+    switch (version)
+    {
+        case SSL2_VERSION:
+        str_version = "SSL 2.0";
+        break;
+        case SSL3_VERSION:
+        str_version = "SSL 3.0 ";
+        break;
+        case TLS1_VERSION:
+        str_version = "TLS 1.0 ";
+        break;
+        case DTLS1_VERSION:
+        str_version = "DTLS 1.0 ";
+        break;
+        case DTLS1_BAD_VER:
+        str_version = "DTLS 1.0 (bad) ";
+        break;
+        default:
+        str_version = "???";
+    }
+
+    if (version == SSL2_VERSION)
+    {
+        str_details1 = "???";
+
+        if (len > 0)
+        {
+            switch (((const unsigned char*)buf)[0])
+            {
+                case 0:
+                str_details1 = ", ERROR:";
+                str_details2 = " ???";
+                if (len >= 3)
+                {
+                    unsigned err = (((const unsigned char*)buf)[1]<<8) + ((const unsigned
char*)buf)[2];
+
+                    switch (err)
+                    {
+                        case 0x0001:
+                        str_details2 = " NO-CIPHER-ERROR";
+                        break;
+                        case 0x0002:
+                        str_details2 = " NO-CERTIFICATE-ERROR";
+                        break;
+                        case 0x0004:
+                        str_details2 = " BAD-CERTIFICATE-ERROR";
+                        break;
+                        case 0x0006:
+                        str_details2 = " UNSUPPORTED-CERTIFICATE-TYPE-ERROR";
+                        break;
+                    }
+                }
+
+                break;
+                case 1:
+                str_details1 = ", CLIENT-HELLO";
+                break;
+                case 2:
+                str_details1 = ", CLIENT-MASTER-KEY";
+                break;
+                case 3:
+                str_details1 = ", CLIENT-FINISHED";
+                break;
+                case 4:
+                str_details1 = ", SERVER-HELLO";
+                break;
+                case 5:
+                str_details1 = ", SERVER-VERIFY";
+                break;
+                case 6:
+                str_details1 = ", SERVER-FINISHED";
+                break;
+                case 7:
+                str_details1 = ", REQUEST-CERTIFICATE";
+                break;
+                case 8:
+                str_details1 = ", CLIENT-CERTIFICATE";
+                break;
+            }
+        }
+    }
+
+    if (version == SSL3_VERSION ||
+            version == TLS1_VERSION ||
+            version == DTLS1_VERSION ||
+            version == DTLS1_BAD_VER)
+    {
+        switch (content_type)
+        {
+            case 20:
+            str_content_type = "ChangeCipherSpec";
+            break;
+            case 21:
+            str_content_type = "Alert";
+            break;
+            case 22:
+            str_content_type = "Handshake";
+            break;
+        }
+
+        if (content_type == 21) /* Alert */
+        {
+            str_details1 = ", ???";
+
+            if (len == 2)
+            {
+                switch (((const unsigned char*)buf)[0])
+                {
+                    case 1:
+                    str_details1 = ", warning";
+                    break;
+                    case 2:
+                    str_details1 = ", fatal";
+                    break;
+                }
+
+                str_details2 = " ???";
+                switch (((const unsigned char*)buf)[1])
+                {
+                    case 0:
+                    str_details2 = " close_notify";
+                    break;
+                    case 10:
+                    str_details2 = " unexpected_message";
+                    break;
+                    case 20:
+                    str_details2 = " bad_record_mac";
+                    break;
+                    case 21:
+                    str_details2 = " decryption_failed";
+                    break;
+                    case 22:
+                    str_details2 = " record_overflow";
+                    break;
+                    case 30:
+                    str_details2 = " decompression_failure";
+                    break;
+                    case 40:
+                    str_details2 = " handshake_failure";
+                    break;
+                    case 42:
+                    str_details2 = " bad_certificate";
+                    break;
+                    case 43:
+                    str_details2 = " unsupported_certificate";
+                    break;
+                    case 44:
+                    str_details2 = " certificate_revoked";
+                    break;
+                    case 45:
+                    str_details2 = " certificate_expired";
+                    break;
+                    case 46:
+                    str_details2 = " certificate_unknown";
+                    break;
+                    case 47:
+                    str_details2 = " illegal_parameter";
+                    break;
+                    case 48:
+                    str_details2 = " unknown_ca";
+                    break;
+                    case 49:
+                    str_details2 = " access_denied";
+                    break;
+                    case 50:
+                    str_details2 = " decode_error";
+                    break;
+                    case 51:
+                    str_details2 = " decrypt_error";
+                    break;
+                    case 60:
+                    str_details2 = " export_restriction";
+                    break;
+                    case 70:
+                    str_details2 = " protocol_version";
+                    break;
+                    case 71:
+                    str_details2 = " insufficient_security";
+                    break;
+                    case 80:
+                    str_details2 = " internal_error";
+                    break;
+                    case 90:
+                    str_details2 = " user_canceled";
+                    break;
+                    case 100:
+                    str_details2 = " no_renegotiation";
+                    break;
+                    case 110:
+                    str_details2 = " unsupported_extension";
+                    break;
+                    case 111:
+                    str_details2 = " certificate_unobtainable";
+                    break;
+                    case 112:
+                    str_details2 = " unrecognized_name";
+                    break;
+                    case 113:
+                    str_details2 = " bad_certificate_status_response";
+                    break;
+                    case 114:
+                    str_details2 = " bad_certificate_hash_value";
+                    break;
+                }
+            }
+        }
+
+        if (content_type == 22) /* Handshake */
+        {
+            str_details1 = "???";
+
+            if (len > 0)
+            {
+                switch (((const unsigned char*)buf)[0])
+                {
+                    case 0:
+                    str_details1 = ", HelloRequest";
+                    break;
+                    case 1:
+                    str_details1 = ", ClientHello";
+                    break;
+                    case 2:
+                    str_details1 = ", ServerHello";
+                    break;
+                    case 3:
+                    str_details1 = ", HelloVerifyRequest";
+                    break;
+                    case 11:
+                    str_details1 = ", Certificate";
+                    break;
+                    case 12:
+                    str_details1 = ", ServerKeyExchange";
+                    break;
+                    case 13:
+                    str_details1 = ", CertificateRequest";
+                    break;
+                    case 14:
+                    str_details1 = ", ServerHelloDone";
+                    break;
+                    case 15:
+                    str_details1 = ", CertificateVerify";
+                    break;
+                    case 16:
+                    str_details1 = ", ClientKeyExchange";
+                    break;
+                    case 20:
+                    str_details1 = ", Finished";
+                    break;
+                }
+            }
+        }
+    }
+
+    BIO_printf(bio, "%s %s%s [length %04lx]%s%s\n", str_write_p, str_version, str_content_type,
(unsigned long)len, str_details1, str_details2);
+
+    if (len > 0)
+    {
+        size_t num, i;
 
-		BIO_printf(bio, "   ");
-		num = len;
+        BIO_printf(bio, "   ");
+        num = len;
 #if 0
-		if (num > 16)
-		num = 16;
+        if (num > 16)
+        num = 16;
 #endif
-		for (i = 0; i < num; i++)
-		{
-			if (i % 16 == 0 && i > 0)
-			BIO_printf(bio, "\n   ");
-			BIO_printf(bio, " %02x", ((const unsigned char*)buf)[i]);
-		}
-		if (i < len)
-		BIO_printf(bio, " ...");
-		BIO_printf(bio, "\n");
-	}
-	(void)BIO_flush(bio);
+        for (i = 0; i < num; i++)
+        {
+            if (i % 16 == 0 && i > 0)
+            BIO_printf(bio, "\n   ");
+            BIO_printf(bio, " %02x", ((const unsigned char*)buf)[i]);
+        }
+        if (i < len)
+        BIO_printf(bio, " ...");
+        BIO_printf(bio, "\n");
+    }
+    (void)BIO_flush(bio);
 }
 
 TCN_IMPLEMENT_CALL(jint, SSLExt, debug)(TCN_STDARGS, jlong tcsock)
 {
-	tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-	tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
 
-	BIO_set_callback(SSL_get_rbio(tcssl->ssl), bio_dump_callback);
-	BIO_set_callback(SSL_get_wbio(tcssl->ssl), bio_dump_callback);
+    BIO_set_callback(SSL_get_rbio(tcssl->ssl), bio_dump_callback);
+    BIO_set_callback(SSL_get_wbio(tcssl->ssl), bio_dump_callback);
 
-	BIO_set_callback_arg(SSL_get_rbio(tcssl->ssl), (char *) tcssl->ctx->bio_os);
-	BIO_set_callback_arg(SSL_get_wbio(tcssl->ssl), (char *) tcssl->ctx->bio_os);
+    BIO_set_callback_arg(SSL_get_rbio(tcssl->ssl), (char *) tcssl->ctx->bio_os);
+    BIO_set_callback_arg(SSL_get_wbio(tcssl->ssl), (char *) tcssl->ctx->bio_os);
 
-	SSL_set_msg_callback(tcssl->ssl, msg_cb);
-	SSL_set_msg_callback_arg(tcssl->ssl, (char *) tcssl->ctx->bio_os);
-	return 0;
+    SSL_set_msg_callback(tcssl->ssl, msg_cb);
+    SSL_set_msg_callback_arg(tcssl->ssl, (char *) tcssl->ctx->bio_os);
+    return 0;
 }
 
 TCN_IMPLEMENT_CALL( jint, SSLExt, sslSetMode)(TCN_STDARGS, jlong tcsock, jint jmode)
 {
-	tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-	tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
-	int mode = SSL_get_mode(tcssl->ssl);
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    int mode = SSL_get_mode(tcssl->ssl);
 
-	mode |= jmode;
-	SSL_set_mode(tcssl->ssl, mode);
+    mode |= jmode;
+    SSL_set_mode(tcssl->ssl, mode);
 
-	return mode;
+    return mode;
 }
 
-
 #else
 
 /* OpenSSL is not supported.
  * Create empty stubs.
  */
-TCN_IMPLEMENT_CALL( jint, SSLExt, debug)(TCN_STDARGS, jlong tcsock)
-{
-	return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL( jint, SSLExt, debug)(TCN_STDARGS, jlong tcsock) {
+    return (jint) -APR_ENOTIMPL;
 }
 
-TCN_IMPLEMENT_CALL( jint, SSLExt, setSessionData)(TCN_STDARGS, jlong tcsock, jbyteArray buf,
jint len)
-{
-	return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL( jint, SSLExt, setSessionData)(TCN_STDARGS, jlong tcsock,
+        jbyteArray buf, jint len) {
+    return (jint) -APR_ENOTIMPL;
 }
 
-TCN_IMPLEMENT_CALL( jbyteArray, SSLExt, getSessionData)(TCN_STDARGS, jlong tcsock)
-{
-	return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL( jbyteArray, SSLExt, getSessionData)(TCN_STDARGS,
+        jlong tcsock) {
+    return (jint) -APR_ENOTIMPL;
 }
 
-TCN_IMPLEMENT_CALL( jint, SSLExt, getTicket)(TCN_STDARGS, jlong tcsock, jbyteArray buf)
-{
-	return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL( jint, SSLExt, getTicket)(TCN_STDARGS, jlong tcsock,
+        jbyteArray buf) {
+    return (jint) -APR_ENOTIMPL;
 }
 
-TCN_IMPLEMENT_CALL( jint, SSLExt, setTicket)(TCN_STDARGS, jlong tcsock, jbyteArray buf, jint
len)
-{
-	return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL( jint, SSLExt, setTicket)(TCN_STDARGS, jlong tcsock,
+        jbyteArray buf, jint len) {
+    return (jint) -APR_ENOTIMPL;
 }
 
-TCN_IMPLEMENT_CALL( jint, SSLExt, setTicketKeys)(TCN_STDARGS, jlong tc_ssl_ctx, jbyteArray
buf, jint len)
-{
-	return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL( jint, SSLExt, setTicketKeys)(TCN_STDARGS, jlong tc_ssl_ctx,
+        jbyteArray buf, jint len) {
+    return (jint) -APR_ENOTIMPL;
 }
 
-TCN_IMPLEMENT_CALL( jint, SSLExt, sslSetMode)(TCN_STDARGS, jlong tc_ssl_ctx, jint mode)
-{
-	return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL( jint, SSLExt, sslSetMode)(TCN_STDARGS, jlong tc_ssl_ctx,
+        jint mode) {
+    return (jint) -APR_ENOTIMPL;
 }
 
 #endif
 
-// if ssl is not available - this will not be defined
+/* if ssl is not available - this will not be defined */
 #ifdef SSL_set_tlsext_host_name
 TCN_IMPLEMENT_CALL(jint, SSLExt, setSNI)(TCN_STDARGS, jlong tcsock, jbyteArray buf, jint
len)
 {
-	tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-	tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
-	unsigned char bytes[TCN_BUFFER_SZ];
-	const unsigned char *bytesp = &bytes[0];
-
-	if (len > TCN_BUFFER_SZ) {
-		return -1;
-	}
-	(*e)->GetByteArrayRegion(e, buf, 0, len, bytes);
-	SSL_set_tlsext_host_name(tcssl->ssl, &bytesp);
-	return 0;
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    unsigned char bytes[TCN_BUFFER_SZ];
+    const unsigned char *bytesp = &bytes[0];
+
+    if (len > TCN_BUFFER_SZ) {
+        return -1;
+    }
+    (*e)->GetByteArrayRegion(e, buf, 0, len, bytes);
+    SSL_set_tlsext_host_name(tcssl->ssl, &bytesp);
+    return 0;
 }
 #else
-TCN_IMPLEMENT_CALL(jint, SSLExt, setSNI)(TCN_STDARGS, jlong tcsock, jbyteArray buf, jint
len)
-{
-	return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL(jint, SSLExt, setSNI)(TCN_STDARGS, jlong tcsock,
+        jbyteArray buf, jint len) {
+    return (jint) -APR_ENOTIMPL;
 }
 #endif
 
 #ifdef  OPENSSL_NPN_NEGOTIATED 
-// See ssl_client_socket_openssl.cc
-//     tools/flip_server/spdy_ssl.cc
-
+/* See ssl_client_socket_openssl.cc
+ tools/flip_server/spdy_ssl.cc
+ */
 /** Callback in client mode.
  */
 static int cb_request_npn(SSL *ssl, unsigned char **out, unsigned char *outlen,
-		const unsigned char *in, unsigned int inlen, void *arg)
+        const unsigned char *in, unsigned int inlen, void *arg)
 {
-	tcn_ssl_ctxt_t *tcsslctx = (tcn_ssl_ctxt_t *)arg;
-	/* TODO: verify in contains the protocol... */
+    tcn_ssl_ctxt_t *tcsslctx = (tcn_ssl_ctxt_t *)arg;
+    /* TODO: verify in contains the protocol... */
 
-	/* This callback only returns the protocol string, rather than a length
-	 prefixed set. We assume that NEXT_PROTO_STRING is a one element list and
-	 remove the first byte to chop off the length prefix. */
-	if (tcsslctx->npn != 0) {
-		int status = SSL_select_next_proto(out, outlen, in, inlen,
-				tcsslctx->npn,
-				strlen(tcsslctx->npn));
-		switch (status) {
-			case OPENSSL_NPN_UNSUPPORTED:
-			break;
-			case OPENSSL_NPN_NEGOTIATED://1
-			break;
-			case OPENSSL_NPN_NO_OVERLAP://2
-			break;
-		}
-	}
-	return SSL_TLSEXT_ERR_OK;
+    /* This callback only returns the protocol string, rather than a length
+     prefixed set. We assume that NEXT_PROTO_STRING is a one element list and
+     remove the first byte to chop off the length prefix. */
+    if (tcsslctx->npn != 0) {
+        int status = SSL_select_next_proto(out, outlen, in, inlen,
+                tcsslctx->npn,
+                strlen(tcsslctx->npn));
+        switch (status) {
+            case OPENSSL_NPN_UNSUPPORTED:
+            break;
+            case OPENSSL_NPN_NEGOTIATED:
+            break;
+            case OPENSSL_NPN_NO_OVERLAP:
+            break;
+        }
+    }
+    return SSL_TLSEXT_ERR_OK;
 }
 
 static int cb_server_npn(SSL *ssl, const unsigned char **out, unsigned int *outlen,
-		void *arg)
+        void *arg)
 {
-	tcn_ssl_ctxt_t *tcsslctx = (tcn_ssl_ctxt_t *)arg;
-	if (tcsslctx->npn != 0) {
-		*out = (unsigned char*) tcsslctx->npn;
-		*outlen = strlen(tcsslctx->npn);
-	}
-	return SSL_TLSEXT_ERR_OK;
+    tcn_ssl_ctxt_t *tcsslctx = (tcn_ssl_ctxt_t *)arg;
+    if (tcsslctx->npn != 0) {
+        *out = (unsigned char*) tcsslctx->npn;
+        *outlen = strlen(tcsslctx->npn);
+    }
+    return SSL_TLSEXT_ERR_OK;
 }
 
 TCN_IMPLEMENT_CALL(jint, SSLExt, setNPN)(TCN_STDARGS, jlong tc_ssl_ctx,
-		jbyteArray buf, jint len)
+        jbyteArray buf, jint len)
 {
-	tcn_ssl_ctxt_t *sslctx = J2P(tc_ssl_ctx, tcn_ssl_ctxt_t *);
+    tcn_ssl_ctxt_t *sslctx = J2P(tc_ssl_ctx, tcn_ssl_ctxt_t *);
 
-	sslctx->npn = apr_pcalloc(sslctx->pool, len);
-	(*e)->GetByteArrayRegion(e, buf, 0, len, &sslctx->npn[0]);
+    sslctx->npn = apr_pcalloc(sslctx->pool, len);
+    (*e)->GetByteArrayRegion(e, buf, 0, len, &sslctx->npn[0]);
 
-	if (sslctx->mode == SSL_MODE_SERVER) {
-		SSL_CTX_set_next_protos_advertised_cb(sslctx->ctx, cb_server_npn, sslctx);
-	} else {
-		SSL_CTX_set_next_proto_select_cb(sslctx->ctx, cb_request_npn, sslctx);
-	}
-	return 0;
+    if (sslctx->mode == SSL_MODE_SERVER) {
+        SSL_CTX_set_next_protos_advertised_cb(sslctx->ctx, cb_server_npn, sslctx);
+    } else {
+        SSL_CTX_set_next_proto_select_cb(sslctx->ctx, cb_request_npn, sslctx);
+    }
+    return 0;
 }
 
 /** Only valid after handshake 
  */
 TCN_IMPLEMENT_CALL(jint, SSLExt, getNPN)(TCN_STDARGS, jlong tcsock, jbyteArray buf)
 {
-	const unsigned char *npn;
-	unsigned npn_len;
-	tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
-	tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
-	int bufLen = (*e)->GetArrayLength(e, buf);
-
-	SSL_get0_next_proto_negotiated(tcssl->ssl, &npn, &npn_len);
-
-	if (npn_len == 0 || bufLen < npn_len) {
-		return 0;
-	}
-	int len = npn_len;
-	(*e)->SetByteArrayRegion(e, buf, 0, len, npn);
+    const unsigned char *npn;
+    unsigned npn_len;
+    tcn_socket_t *s = J2P(tcsock, tcn_socket_t *);
+    tcn_ssl_conn_t *tcssl = (tcn_ssl_conn_t *)s->opaque;
+    int bufLen = (*e)->GetArrayLength(e, buf);
+
+    SSL_get0_next_proto_negotiated(tcssl->ssl, &npn, &npn_len);
+
+    if (npn_len == 0 || bufLen < npn_len) {
+        return 0;
+    }
+    int len = npn_len;
+    (*e)->SetByteArrayRegion(e, buf, 0, len, npn);
 
-	return len;
+    return len;
 }
 
 #else
 
 TCN_IMPLEMENT_CALL(jint, SSLExt, setNPN)(TCN_STDARGS, jlong tc_ssl_ctx,
-		jbyteArray buf, jint len)
-{
-	return (jint)-APR_ENOTIMPL;
+        jbyteArray buf, jint len) {
+    return (jint) -APR_ENOTIMPL;
 }
 
-TCN_IMPLEMENT_CALL(jint, SSLExt, getNPN)(TCN_STDARGS, jlong tcsock, jbyteArray buf)
-{
-	return (jint)-APR_ENOTIMPL;
+TCN_IMPLEMENT_CALL(jint, SSLExt, getNPN)(TCN_STDARGS, jlong tcsock,
+        jbyteArray buf) {
+    return (jint) -APR_ENOTIMPL;
 }
 
 #endif



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message