diff options
Diffstat (limited to 'libs/libcurl/src/vtls/sectransp.c')
| -rw-r--r-- | libs/libcurl/src/vtls/sectransp.c | 64 |
1 files changed, 32 insertions, 32 deletions
diff --git a/libs/libcurl/src/vtls/sectransp.c b/libs/libcurl/src/vtls/sectransp.c index 8ca7d4e507..bf1d44dbdf 100644 --- a/libs/libcurl/src/vtls/sectransp.c +++ b/libs/libcurl/src/vtls/sectransp.c @@ -24,7 +24,7 @@ ***************************************************************************/
/*
- * Source file for all iOS and macOS SecureTransport-specific code for the
+ * Source file for all iOS and macOS Secure Transport-specific code for the
* TLS/SSL layer. No code but vtls.c should ever call or use these functions.
*/
@@ -197,7 +197,7 @@ static const uint16_t default_ciphers[] = { TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, /* 0xCCA8 */
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, /* 0xCCA9 */
- /* TLSv1.3 is not supported by sectransp, but there is also other
+ /* TLSv1.3 is not supported by Secure Transport, but there is also other
* code referencing TLSv1.3, like: kTLSProtocol13 ? */
TLS_AES_128_GCM_SHA256, /* 0x1301 */
TLS_AES_256_GCM_SHA384, /* 0x1302 */
@@ -278,7 +278,7 @@ static OSStatus sectransp_bio_cf_in_read(SSLConnectionRef connection, case CURLE_OK:
case CURLE_AGAIN:
rtn = errSSLWouldBlock;
- backend->ssl_direction = false;
+ backend->ssl_direction = FALSE;
break;
default:
rtn = ioErr;
@@ -317,7 +317,7 @@ static OSStatus sectransp_bio_cf_out_write(SSLConnectionRef connection, if(nwritten <= 0) {
if(result == CURLE_AGAIN) {
rtn = errSSLWouldBlock;
- backend->ssl_direction = true;
+ backend->ssl_direction = TRUE;
}
else {
rtn = ioErr;
@@ -512,7 +512,7 @@ static OSStatus CopyIdentityWithLabel(char *label, * label matching below worked correctly */
keys[2] = kSecMatchLimit;
/* identity searches need a SecPolicyRef in order to work */
- values[3] = SecPolicyCreateSSL(false, NULL);
+ values[3] = SecPolicyCreateSSL(FALSE, NULL);
keys[3] = kSecMatchPolicy;
/* match the name of the certificate (does not work in macOS 10.12.1) */
values[4] = label_cf;
@@ -532,7 +532,7 @@ static OSStatus CopyIdentityWithLabel(char *label, keys_list_count = CFArrayGetCount(keys_list);
*out_cert_and_key = NULL;
status = 1;
- for(i = 0; i<keys_list_count; i++) {
+ for(i = 0; i < keys_list_count; i++) {
OSStatus err = noErr;
SecCertificateRef cert = NULL;
SecIdentityRef identity =
@@ -609,7 +609,7 @@ static OSStatus CopyIdentityFromPKCS12File(const char *cPath, pkcs_url =
CFURLCreateFromFileSystemRepresentation(NULL,
(const UInt8 *)cPath,
- (CFIndex)strlen(cPath), false);
+ (CFIndex)strlen(cPath), FALSE);
resource_imported =
CFURLCreateDataAndPropertiesFromResource(NULL,
pkcs_url, &pkcs_data,
@@ -711,11 +711,11 @@ CF_INLINE bool is_file(const char *filename) struct_stat st;
if(!filename)
- return false;
+ return FALSE;
if(stat(filename, &st) == 0)
return S_ISREG(st.st_mode);
- return false;
+ return FALSE;
}
static CURLcode
@@ -796,8 +796,8 @@ legacy: }
/* only TLS 1.0 is supported, disable SSL 3.0 and SSL 2.0 */
- SSLSetProtocolVersionEnabled(backend->ssl_ctx, kSSLProtocolAll, false);
- SSLSetProtocolVersionEnabled(backend->ssl_ctx, kTLSProtocol1, true);
+ SSLSetProtocolVersionEnabled(backend->ssl_ctx, kSSLProtocolAll, FALSE);
+ SSLSetProtocolVersionEnabled(backend->ssl_ctx, kTLSProtocol1, TRUE);
return CURLE_OK;
#endif
@@ -1069,7 +1069,7 @@ static CURLcode sectransp_connect_step1(struct Curl_cfilter *cf, #if CURL_SUPPORT_MAC_10_8
if(backend->ssl_ctx)
(void)SSLDisposeContext(backend->ssl_ctx);
- err = SSLNewContext(false, &(backend->ssl_ctx));
+ err = SSLNewContext(FALSE, &(backend->ssl_ctx));
if(err != noErr) {
failf(data, "SSL: could not create a context: OSStatus %d", err);
return CURLE_OUT_OF_MEMORY;
@@ -1079,7 +1079,7 @@ static CURLcode sectransp_connect_step1(struct Curl_cfilter *cf, #else
if(backend->ssl_ctx)
(void)SSLDisposeContext(backend->ssl_ctx);
- err = SSLNewContext(false, &(backend->ssl_ctx));
+ err = SSLNewContext(FALSE, &(backend->ssl_ctx));
if(err != noErr) {
failf(data, "SSL: could not create a context: OSStatus %d", err);
return CURLE_OUT_OF_MEMORY;
@@ -1227,8 +1227,7 @@ static CURLcode sectransp_connect_step1(struct Curl_cfilter *cf, Mountain Lion.
So we need to call SSLSetEnableCertVerify() on those older cats in order
to disable certificate validation if the user turned that off.
- (SecureTransport will always validate the certificate chain by
- default.)
+ (Secure Transport always validates the certificate chain by default.)
Note:
Darwin 11.x.x is Lion (10.7)
Darwin 12.x.x is Mountain Lion (10.8)
@@ -1254,7 +1253,7 @@ static CURLcode sectransp_connect_step1(struct Curl_cfilter *cf, else {
#if CURL_SUPPORT_MAC_10_8
err = SSLSetEnableCertVerify(backend->ssl_ctx,
- conn_config->verifypeer?true:false);
+ conn_config->verifypeer ? true : FALSE);
if(err != noErr) {
failf(data, "SSL: SSLSetEnableCertVerify() failed: OSStatus %d", err);
return CURLE_SSL_CONNECT_ERROR;
@@ -1263,7 +1262,7 @@ static CURLcode sectransp_connect_step1(struct Curl_cfilter *cf, }
#else
err = SSLSetEnableCertVerify(backend->ssl_ctx,
- conn_config->verifypeer?true:false);
+ conn_config->verifypeer ? true : FALSE);
if(err != noErr) {
failf(data, "SSL: SSLSetEnableCertVerify() failed: OSStatus %d", err);
return CURLE_SSL_CONNECT_ERROR;
@@ -1285,8 +1284,8 @@ static CURLcode sectransp_connect_step1(struct Curl_cfilter *cf, * Both hostname check and SNI require SSLSetPeerDomainName().
* Also: the verifyhost setting influences SNI usage */
if(conn_config->verifyhost) {
- char *server = connssl->peer.sni?
- connssl->peer.sni : connssl->peer.hostname;
+ char *server = connssl->peer.sni ?
+ connssl->peer.sni : connssl->peer.hostname;
err = SSLSetPeerDomainName(backend->ssl_ctx, server, strlen(server));
if(err != noErr) {
@@ -1335,7 +1334,8 @@ static CURLcode sectransp_connect_step1(struct Curl_cfilter *cf, Curl_ssl_sessionid_lock(data);
if(!Curl_ssl_getsessionid(cf, data, &connssl->peer,
- (void **)&ssl_sessionid, &ssl_sessionid_len)) {
+ (void **)&ssl_sessionid, &ssl_sessionid_len,
+ NULL)) {
/* we got a session id, use it! */
err = SSLSetPeerID(backend->ssl_ctx, ssl_sessionid, ssl_sessionid_len);
Curl_ssl_sessionid_unlock(data);
@@ -1363,8 +1363,8 @@ static CURLcode sectransp_connect_step1(struct Curl_cfilter *cf, return CURLE_SSL_CONNECT_ERROR;
}
- result = Curl_ssl_set_sessionid(cf, data, &connssl->peer, ssl_sessionid,
- ssl_sessionid_len,
+ result = Curl_ssl_set_sessionid(cf, data, &connssl->peer, NULL,
+ ssl_sessionid, ssl_sessionid_len,
sectransp_session_free);
Curl_ssl_sessionid_unlock(data);
if(result)
@@ -1605,7 +1605,7 @@ static CURLcode verify_cert_buf(struct Curl_cfilter *cf, failf(data, "SecTrustSetAnchorCertificates() returned error %d", ret);
goto out;
}
- ret = SecTrustSetAnchorCertificatesOnly(trust, true);
+ ret = SecTrustSetAnchorCertificatesOnly(trust, TRUE);
if(ret != noErr) {
failf(data, "SecTrustSetAnchorCertificatesOnly() returned error %d", ret);
goto out;
@@ -2054,7 +2054,7 @@ check_handshake: (void)SSLGetNegotiatedProtocolVersion(backend->ssl_ctx, &protocol);
sectransp_cipher_suite_get_str((uint16_t) cipher, cipher_str,
- sizeof(cipher_str), true);
+ sizeof(cipher_str), TRUE);
switch(protocol) {
case kSSLProtocol2:
infof(data, "SSL 2.0 connection using %s", cipher_str);
@@ -2169,7 +2169,7 @@ static CURLcode collect_server_cert(struct Curl_cfilter *cf, #ifndef CURL_DISABLE_VERBOSE_STRINGS
const bool show_verbose_server_cert = data->set.verbose;
#else
- const bool show_verbose_server_cert = false;
+ const bool show_verbose_server_cert = FALSE;
#endif
struct ssl_config_data *ssl_config = Curl_ssl_cf_get_config(cf, data);
CURLcode result = ssl_config->certinfo ?
@@ -2328,10 +2328,10 @@ sectransp_connect_common(struct Curl_cfilter *cf, struct Curl_easy *data, /* if ssl is expecting something, check if it is available. */
if(connssl->io_need) {
- curl_socket_t writefd = (connssl->io_need & CURL_SSL_IO_NEED_SEND)?
- sockfd:CURL_SOCKET_BAD;
- curl_socket_t readfd = (connssl->io_need & CURL_SSL_IO_NEED_RECV)?
- sockfd:CURL_SOCKET_BAD;
+ curl_socket_t writefd = (connssl->io_need & CURL_SSL_IO_NEED_SEND) ?
+ sockfd : CURL_SOCKET_BAD;
+ curl_socket_t readfd = (connssl->io_need & CURL_SSL_IO_NEED_RECV) ?
+ sockfd : CURL_SOCKET_BAD;
what = Curl_socket_check(readfd, CURL_SOCKET_BAD, writefd,
nonblocking ? 0 : timeout_ms);
@@ -2463,7 +2463,7 @@ static CURLcode sectransp_shutdown(struct Curl_cfilter *cf, }
else {
/* We would like to read the close notify from the server using
- * secure transport, however SSLRead() no longer works after we
+ * Secure Transport, however SSLRead() no longer works after we
* sent the notify from our side. So, we just read from the
* underlying filter and hope it will end. */
nread = Curl_conn_cf_recv(cf->next, data, buf, sizeof(buf), &result);
@@ -2544,10 +2544,10 @@ static bool sectransp_data_pending(struct Curl_cfilter *cf, err = SSLGetBufferedReadSize(backend->ssl_ctx, &buffer);
if(err == noErr)
return buffer > 0UL;
- return false;
+ return FALSE;
}
else
- return false;
+ return FALSE;
}
static CURLcode sectransp_random(struct Curl_easy *data UNUSED_PARAM,
|