Fossil SCM
Fix overlength lines and commenting irregularities in http_ssl.c. No code changes.
Commit
483ac3db837246c956ac009ed816d2d067780df8234a5d99257ffd5277a1cd9a
Parent
67147dd6be1acdb…
1 file changed
+18
-9
+18
-9
| --- src/http_ssl.c | ||
| +++ src/http_ssl.c | ||
| @@ -185,11 +185,12 @@ | ||
| 185 | 185 | Blob snd, reply; |
| 186 | 186 | int done=0,end=0; |
| 187 | 187 | blob_zero(&snd); |
| 188 | 188 | blob_appendf(&snd, "CONNECT %s:%d HTTP/1.1\r\n", pUrlData->hostname, |
| 189 | 189 | pUrlData->proxyOrigPort); |
| 190 | - blob_appendf(&snd, "Host: %s:%d\r\n", pUrlData->hostname, pUrlData->proxyOrigPort); | |
| 190 | + blob_appendf(&snd, "Host: %s:%d\r\n", | |
| 191 | + pUrlData->hostname, pUrlData->proxyOrigPort); | |
| 191 | 192 | if( pUrlData->proxyAuth ){ |
| 192 | 193 | blob_appendf(&snd, "Proxy-Authorization: %s\r\n", pUrlData->proxyAuth); |
| 193 | 194 | } |
| 194 | 195 | blob_append(&snd, "Proxy-Connection: keep-alive\r\n", -1); |
| 195 | 196 | blob_appendf(&snd, "User-Agent: %s\r\n", get_user_agent()); |
| @@ -258,11 +259,12 @@ | ||
| 258 | 259 | char *connStr = mprintf("%s:%d", g.url.name, pUrlData->port); |
| 259 | 260 | BIO *sBio = BIO_new_connect(connStr); |
| 260 | 261 | free(connStr); |
| 261 | 262 | if( BIO_do_connect(sBio)<=0 ){ |
| 262 | 263 | ssl_set_errmsg("SSL: cannot connect to proxy %s:%d (%s)", |
| 263 | - pUrlData->name, pUrlData->port, ERR_reason_error_string(ERR_get_error())); | |
| 264 | + pUrlData->name, pUrlData->port, | |
| 265 | + ERR_reason_error_string(ERR_get_error())); | |
| 264 | 266 | ssl_close(); |
| 265 | 267 | return 1; |
| 266 | 268 | } |
| 267 | 269 | rc = establish_proxy_tunnel(pUrlData, sBio); |
| 268 | 270 | if( rc<200||rc>299 ){ |
| @@ -283,11 +285,13 @@ | ||
| 283 | 285 | return 1; |
| 284 | 286 | } |
| 285 | 287 | BIO_get_ssl(iBio, &ssl); |
| 286 | 288 | |
| 287 | 289 | #if (SSLEAY_VERSION_NUMBER >= 0x00908070) && !defined(OPENSSL_NO_TLSEXT) |
| 288 | - if( !SSL_set_tlsext_host_name(ssl, (pUrlData->useProxy?pUrlData->hostname:pUrlData->name)) ){ | |
| 290 | + if( !SSL_set_tlsext_host_name(ssl, | |
| 291 | + (pUrlData->useProxy?pUrlData->hostname:pUrlData->name)) | |
| 292 | + ){ | |
| 289 | 293 | fossil_warning("WARNING: failed to set server name indication (SNI), " |
| 290 | 294 | "continuing without it.\n"); |
| 291 | 295 | } |
| 292 | 296 | #endif |
| 293 | 297 | |
| @@ -297,11 +301,12 @@ | ||
| 297 | 301 | char *connStr = mprintf("%s:%d", pUrlData->name, pUrlData->port); |
| 298 | 302 | BIO_set_conn_hostname(iBio, connStr); |
| 299 | 303 | free(connStr); |
| 300 | 304 | if( BIO_do_connect(iBio)<=0 ){ |
| 301 | 305 | ssl_set_errmsg("SSL: cannot connect to host %s:%d (%s)", |
| 302 | - pUrlData->name, pUrlData->port, ERR_reason_error_string(ERR_get_error())); | |
| 306 | + pUrlData->name, pUrlData->port, | |
| 307 | + ERR_reason_error_string(ERR_get_error())); | |
| 303 | 308 | ssl_close(); |
| 304 | 309 | return 1; |
| 305 | 310 | } |
| 306 | 311 | } |
| 307 | 312 | |
| @@ -388,13 +393,15 @@ | ||
| 388 | 393 | /* Set the Global.zIpAddr variable to the server we are talking to. |
| 389 | 394 | ** This is used to populate the ipaddr column of the rcvfrom table, |
| 390 | 395 | ** if any files are received from the server. |
| 391 | 396 | */ |
| 392 | 397 | { |
| 393 | - /* As soon as libressl implements BIO_ADDR_hostname_string/BIO_get_conn_address. | |
| 394 | - * check here for the correct LIBRESSL_VERSION_NUMBER too. For now: disable */ | |
| 395 | - #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L \ | |
| 398 | + /* As soon as libressl implements | |
| 399 | + ** BIO_ADDR_hostname_string/BIO_get_conn_address. | |
| 400 | + ** check here for the correct LIBRESSL_VERSION_NUMBER too. For now: disable | |
| 401 | + */ | |
| 402 | +#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L \ | |
| 396 | 403 | && !defined(LIBRESSL_VERSION_NUMBER) |
| 397 | 404 | char *ip = BIO_ADDR_hostname_string(BIO_get_conn_address(iBio),1); |
| 398 | 405 | g.zIpAddr = mprintf("%s", ip); |
| 399 | 406 | OPENSSL_free(ip); |
| 400 | 407 | #else |
| @@ -418,14 +425,16 @@ | ||
| 418 | 425 | |
| 419 | 426 | mem = BIO_new(BIO_s_mem()); |
| 420 | 427 | PEM_write_bio_X509(mem, cert); |
| 421 | 428 | BIO_write(mem, "", 1); /* nul-terminate mem buffer */ |
| 422 | 429 | BIO_get_mem_data(mem, &zCert); |
| 423 | - zHost = mprintf("cert:%s", pUrlData->useProxy?pUrlData->hostname:pUrlData->name); | |
| 430 | + zHost = mprintf("cert:%s", | |
| 431 | + pUrlData->useProxy ? pUrlData->hostname : pUrlData->name); | |
| 424 | 432 | db_set(zHost, zCert, 1); |
| 425 | 433 | free(zHost); |
| 426 | - zHost = mprintf("trusted:%s", pUrlData->useProxy?pUrlData->hostname:pUrlData->name); | |
| 434 | + zHost = mprintf("trusted:%s", | |
| 435 | + pUrlData->useProxy ? pUrlData->hostname : pUrlData->name); | |
| 427 | 436 | db_set_int(zHost, trusted, 1); |
| 428 | 437 | free(zHost); |
| 429 | 438 | BIO_free(mem); |
| 430 | 439 | } |
| 431 | 440 | |
| 432 | 441 |
| --- src/http_ssl.c | |
| +++ src/http_ssl.c | |
| @@ -185,11 +185,12 @@ | |
| 185 | Blob snd, reply; |
| 186 | int done=0,end=0; |
| 187 | blob_zero(&snd); |
| 188 | blob_appendf(&snd, "CONNECT %s:%d HTTP/1.1\r\n", pUrlData->hostname, |
| 189 | pUrlData->proxyOrigPort); |
| 190 | blob_appendf(&snd, "Host: %s:%d\r\n", pUrlData->hostname, pUrlData->proxyOrigPort); |
| 191 | if( pUrlData->proxyAuth ){ |
| 192 | blob_appendf(&snd, "Proxy-Authorization: %s\r\n", pUrlData->proxyAuth); |
| 193 | } |
| 194 | blob_append(&snd, "Proxy-Connection: keep-alive\r\n", -1); |
| 195 | blob_appendf(&snd, "User-Agent: %s\r\n", get_user_agent()); |
| @@ -258,11 +259,12 @@ | |
| 258 | char *connStr = mprintf("%s:%d", g.url.name, pUrlData->port); |
| 259 | BIO *sBio = BIO_new_connect(connStr); |
| 260 | free(connStr); |
| 261 | if( BIO_do_connect(sBio)<=0 ){ |
| 262 | ssl_set_errmsg("SSL: cannot connect to proxy %s:%d (%s)", |
| 263 | pUrlData->name, pUrlData->port, ERR_reason_error_string(ERR_get_error())); |
| 264 | ssl_close(); |
| 265 | return 1; |
| 266 | } |
| 267 | rc = establish_proxy_tunnel(pUrlData, sBio); |
| 268 | if( rc<200||rc>299 ){ |
| @@ -283,11 +285,13 @@ | |
| 283 | return 1; |
| 284 | } |
| 285 | BIO_get_ssl(iBio, &ssl); |
| 286 | |
| 287 | #if (SSLEAY_VERSION_NUMBER >= 0x00908070) && !defined(OPENSSL_NO_TLSEXT) |
| 288 | if( !SSL_set_tlsext_host_name(ssl, (pUrlData->useProxy?pUrlData->hostname:pUrlData->name)) ){ |
| 289 | fossil_warning("WARNING: failed to set server name indication (SNI), " |
| 290 | "continuing without it.\n"); |
| 291 | } |
| 292 | #endif |
| 293 | |
| @@ -297,11 +301,12 @@ | |
| 297 | char *connStr = mprintf("%s:%d", pUrlData->name, pUrlData->port); |
| 298 | BIO_set_conn_hostname(iBio, connStr); |
| 299 | free(connStr); |
| 300 | if( BIO_do_connect(iBio)<=0 ){ |
| 301 | ssl_set_errmsg("SSL: cannot connect to host %s:%d (%s)", |
| 302 | pUrlData->name, pUrlData->port, ERR_reason_error_string(ERR_get_error())); |
| 303 | ssl_close(); |
| 304 | return 1; |
| 305 | } |
| 306 | } |
| 307 | |
| @@ -388,13 +393,15 @@ | |
| 388 | /* Set the Global.zIpAddr variable to the server we are talking to. |
| 389 | ** This is used to populate the ipaddr column of the rcvfrom table, |
| 390 | ** if any files are received from the server. |
| 391 | */ |
| 392 | { |
| 393 | /* As soon as libressl implements BIO_ADDR_hostname_string/BIO_get_conn_address. |
| 394 | * check here for the correct LIBRESSL_VERSION_NUMBER too. For now: disable */ |
| 395 | #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L \ |
| 396 | && !defined(LIBRESSL_VERSION_NUMBER) |
| 397 | char *ip = BIO_ADDR_hostname_string(BIO_get_conn_address(iBio),1); |
| 398 | g.zIpAddr = mprintf("%s", ip); |
| 399 | OPENSSL_free(ip); |
| 400 | #else |
| @@ -418,14 +425,16 @@ | |
| 418 | |
| 419 | mem = BIO_new(BIO_s_mem()); |
| 420 | PEM_write_bio_X509(mem, cert); |
| 421 | BIO_write(mem, "", 1); /* nul-terminate mem buffer */ |
| 422 | BIO_get_mem_data(mem, &zCert); |
| 423 | zHost = mprintf("cert:%s", pUrlData->useProxy?pUrlData->hostname:pUrlData->name); |
| 424 | db_set(zHost, zCert, 1); |
| 425 | free(zHost); |
| 426 | zHost = mprintf("trusted:%s", pUrlData->useProxy?pUrlData->hostname:pUrlData->name); |
| 427 | db_set_int(zHost, trusted, 1); |
| 428 | free(zHost); |
| 429 | BIO_free(mem); |
| 430 | } |
| 431 | |
| 432 |
| --- src/http_ssl.c | |
| +++ src/http_ssl.c | |
| @@ -185,11 +185,12 @@ | |
| 185 | Blob snd, reply; |
| 186 | int done=0,end=0; |
| 187 | blob_zero(&snd); |
| 188 | blob_appendf(&snd, "CONNECT %s:%d HTTP/1.1\r\n", pUrlData->hostname, |
| 189 | pUrlData->proxyOrigPort); |
| 190 | blob_appendf(&snd, "Host: %s:%d\r\n", |
| 191 | pUrlData->hostname, pUrlData->proxyOrigPort); |
| 192 | if( pUrlData->proxyAuth ){ |
| 193 | blob_appendf(&snd, "Proxy-Authorization: %s\r\n", pUrlData->proxyAuth); |
| 194 | } |
| 195 | blob_append(&snd, "Proxy-Connection: keep-alive\r\n", -1); |
| 196 | blob_appendf(&snd, "User-Agent: %s\r\n", get_user_agent()); |
| @@ -258,11 +259,12 @@ | |
| 259 | char *connStr = mprintf("%s:%d", g.url.name, pUrlData->port); |
| 260 | BIO *sBio = BIO_new_connect(connStr); |
| 261 | free(connStr); |
| 262 | if( BIO_do_connect(sBio)<=0 ){ |
| 263 | ssl_set_errmsg("SSL: cannot connect to proxy %s:%d (%s)", |
| 264 | pUrlData->name, pUrlData->port, |
| 265 | ERR_reason_error_string(ERR_get_error())); |
| 266 | ssl_close(); |
| 267 | return 1; |
| 268 | } |
| 269 | rc = establish_proxy_tunnel(pUrlData, sBio); |
| 270 | if( rc<200||rc>299 ){ |
| @@ -283,11 +285,13 @@ | |
| 285 | return 1; |
| 286 | } |
| 287 | BIO_get_ssl(iBio, &ssl); |
| 288 | |
| 289 | #if (SSLEAY_VERSION_NUMBER >= 0x00908070) && !defined(OPENSSL_NO_TLSEXT) |
| 290 | if( !SSL_set_tlsext_host_name(ssl, |
| 291 | (pUrlData->useProxy?pUrlData->hostname:pUrlData->name)) |
| 292 | ){ |
| 293 | fossil_warning("WARNING: failed to set server name indication (SNI), " |
| 294 | "continuing without it.\n"); |
| 295 | } |
| 296 | #endif |
| 297 | |
| @@ -297,11 +301,12 @@ | |
| 301 | char *connStr = mprintf("%s:%d", pUrlData->name, pUrlData->port); |
| 302 | BIO_set_conn_hostname(iBio, connStr); |
| 303 | free(connStr); |
| 304 | if( BIO_do_connect(iBio)<=0 ){ |
| 305 | ssl_set_errmsg("SSL: cannot connect to host %s:%d (%s)", |
| 306 | pUrlData->name, pUrlData->port, |
| 307 | ERR_reason_error_string(ERR_get_error())); |
| 308 | ssl_close(); |
| 309 | return 1; |
| 310 | } |
| 311 | } |
| 312 | |
| @@ -388,13 +393,15 @@ | |
| 393 | /* Set the Global.zIpAddr variable to the server we are talking to. |
| 394 | ** This is used to populate the ipaddr column of the rcvfrom table, |
| 395 | ** if any files are received from the server. |
| 396 | */ |
| 397 | { |
| 398 | /* As soon as libressl implements |
| 399 | ** BIO_ADDR_hostname_string/BIO_get_conn_address. |
| 400 | ** check here for the correct LIBRESSL_VERSION_NUMBER too. For now: disable |
| 401 | */ |
| 402 | #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L \ |
| 403 | && !defined(LIBRESSL_VERSION_NUMBER) |
| 404 | char *ip = BIO_ADDR_hostname_string(BIO_get_conn_address(iBio),1); |
| 405 | g.zIpAddr = mprintf("%s", ip); |
| 406 | OPENSSL_free(ip); |
| 407 | #else |
| @@ -418,14 +425,16 @@ | |
| 425 | |
| 426 | mem = BIO_new(BIO_s_mem()); |
| 427 | PEM_write_bio_X509(mem, cert); |
| 428 | BIO_write(mem, "", 1); /* nul-terminate mem buffer */ |
| 429 | BIO_get_mem_data(mem, &zCert); |
| 430 | zHost = mprintf("cert:%s", |
| 431 | pUrlData->useProxy ? pUrlData->hostname : pUrlData->name); |
| 432 | db_set(zHost, zCert, 1); |
| 433 | free(zHost); |
| 434 | zHost = mprintf("trusted:%s", |
| 435 | pUrlData->useProxy ? pUrlData->hostname : pUrlData->name); |
| 436 | db_set_int(zHost, trusted, 1); |
| 437 | free(zHost); |
| 438 | BIO_free(mem); |
| 439 | } |
| 440 | |
| 441 |