xfnw/plan9fox
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

fix spaces

Browse source
This commit is contained in:
cinap_lenrek 2012-11-15 19:41:13 +01:00
parent b28f60cdd3
commit ffa6f9c6ea
1 changed files with 35 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

70
sys/src/libsec/port/tlshand.c
View file

@ -112,9 +112,9 @@ typedef struct Msg{
struct { struct {
Bytes *key; Bytes *key;
} clientKeyExchange; } clientKeyExchange;
struct { struct {
Bytes *signature; Bytes *signature;
} certificateVerify; } certificateVerify;
Finished finished; Finished finished;
} u; } u;
} Msg; } Msg;
@ -726,9 +726,9 @@ tlsClient2(int ctl, int hand, uchar *csid, int ncsid, uchar *cert, int certlen,
} }
if(creq) { if(creq) {
m.u.certificate.ncert = 1; m.u.certificate.ncert = 1;
m.u.certificate.certs = emalloc(m.u.certificate.ncert * sizeof(Bytes)); m.u.certificate.certs = emalloc(m.u.certificate.ncert * sizeof(Bytes));
m.u.certificate.certs[0] = makebytes(cert, certlen); m.u.certificate.certs[0] = makebytes(cert, certlen);
m.tag = HCertificate; m.tag = HCertificate;
if(!msgSend(c, &m, AFlush)) if(!msgSend(c, &m, AFlush))
goto Err; goto Err;
@ -749,13 +749,13 @@ tlsClient2(int ctl, int hand, uchar *csid, int ncsid, uchar *cert, int certlen,
goto Err; goto Err;
msgClear(&m); msgClear(&m);
/* CertificateVerify */ /* CertificateVerify */
/*XXX I should only send this when it is not DH right? /*XXX I should only send this when it is not DH right?
Also we need to know which TLS key Also we need to know which TLS key
we have to use in case there are more than one*/ we have to use in case there are more than one*/
if(cert) { if(cert){
m.tag = HCertificateVerify; m.tag = HCertificateVerify;
uchar hshashes[MD5dlen+SHA1dlen]; /* content of signature */ uchar hshashes[MD5dlen+SHA1dlen]; /* content of signature */
MD5state hsmd5_save; MD5state hsmd5_save;
SHAstate hssha1_save; SHAstate hssha1_save;
@ -763,22 +763,22 @@ tlsClient2(int ctl, int hand, uchar *csid, int ncsid, uchar *cert, int certlen,
hsmd5_save = c->hsmd5; hsmd5_save = c->hsmd5;
hssha1_save = c->hssha1; hssha1_save = c->hssha1;
md5(nil, 0, hshashes, &c->hsmd5); md5(nil, 0, hshashes, &c->hsmd5);
sha1(nil, 0, hshashes+MD5dlen, &c->hssha1); sha1(nil, 0, hshashes+MD5dlen, &c->hssha1);
c->hsmd5 = hsmd5_save; c->hsmd5 = hsmd5_save;
c->hssha1 = hssha1_save; c->hssha1 = hssha1_save;
c->sec->rpc = factotum_rsa_open(cert, certlen); c->sec->rpc = factotum_rsa_open(cert, certlen);
if(c->sec->rpc == nil){ if(c->sec->rpc == nil){
tlsError(c, EHandshakeFailure, "factotum_rsa_open: %r"); tlsError(c, EHandshakeFailure, "factotum_rsa_open: %r");
goto Err; goto Err;
} }
c->sec->rsapub = X509toRSApub(cert, certlen, nil, 0); c->sec->rsapub = X509toRSApub(cert, certlen, nil, 0);
paddedHashes = pkcs1padbuf(hshashes, 36, c->sec->rsapub->n); paddedHashes = pkcs1padbuf(hshashes, 36, c->sec->rsapub->n);
signedMP = factotum_rsa_decrypt(c->sec->rpc, paddedHashes); signedMP = factotum_rsa_decrypt(c->sec->rpc, paddedHashes);
m.u.certificateVerify.signature = mptobytes(signedMP); m.u.certificateVerify.signature = mptobytes(signedMP);
free(signedMP); free(signedMP);
if(m.u.certificateVerify.signature == nil){ if(m.u.certificateVerify.signature == nil){
@ -787,11 +787,11 @@ tlsClient2(int ctl, int hand, uchar *csid, int ncsid, uchar *cert, int certlen,
} }
if(!msgSend(c, &m, AFlush)){ if(!msgSend(c, &m, AFlush)){
msgClear(&m); msgClear(&m);
goto Err; goto Err;
} }
msgClear(&m); msgClear(&m);
} }
/* change cipher spec */ /* change cipher spec */
if(fprint(c->ctl, "changecipher") < 0){ if(fprint(c->ctl, "changecipher") < 0){
@ -946,12 +946,12 @@ msgSend(TlsConnection *c, Msg *m, int act)
p += m->u.certificate.certs[i]->len; p += m->u.certificate.certs[i]->len;
} }
break; break;
case HCertificateVerify: case HCertificateVerify:
put16(p, m->u.certificateVerify.signature->len); put16(p, m->u.certificateVerify.signature->len);
p += 2; p += 2;
memmove(p, m->u.certificateVerify.signature->data, m->u.certificateVerify.signature->len); memmove(p, m->u.certificateVerify.signature->data, m->u.certificateVerify.signature->len);
p += m->u.certificateVerify.signature->len; p += m->u.certificateVerify.signature->len;
break; break;
case HClientKeyExchange: case HClientKeyExchange:
n = m->u.clientKeyExchange.key->len; n = m->u.clientKeyExchange.key->len;
if(c->version != SSL3Version){ if(c->version != SSL3Version){
@ -1310,9 +1310,9 @@ msgClear(Msg *m)
freebytes(m->u.certificateRequest.cas[i]); freebytes(m->u.certificateRequest.cas[i]);
free(m->u.certificateRequest.cas); free(m->u.certificateRequest.cas);
break; break;
case HCertificateVerify: case HCertificateVerify:
freebytes(m->u.certificateVerify.signature); freebytes(m->u.certificateVerify.signature);
break; break;
case HServerHelloDone: case HServerHelloDone:
break; break;
case HClientKeyExchange: case HClientKeyExchange:
@ -1406,10 +1406,10 @@ msgPrint(char *buf, int n, Msg *m)
for(i=0; i<m->u.certificateRequest.nca; i++) for(i=0; i<m->u.certificateRequest.nca; i++)
bs = bytesPrint(bs, be, "\t\t", m->u.certificateRequest.cas[i], "\n"); bs = bytesPrint(bs, be, "\t\t", m->u.certificateRequest.cas[i], "\n");
break; break;
case HCertificateVerify: case HCertificateVerify:
bs = seprint(bs, be, "HCertificateVerify\n"); bs = seprint(bs, be, "HCertificateVerify\n");
bs = bytesPrint(bs, be, "\tsignature: ", m->u.certificateVerify.signature,"\n"); bs = bytesPrint(bs, be, "\tsignature: ", m->u.certificateVerify.signature,"\n");
break; break;
case HServerHelloDone: case HServerHelloDone:
bs = seprint(bs, be, "ServerHelloDone\n"); bs = seprint(bs, be, "ServerHelloDone\n");
break; break;