summaryrefslogtreecommitdiff
path: root/src/core/network-openssl.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/core/network-openssl.c')
-rw-r--r--src/core/network-openssl.c38
1 files changed, 19 insertions, 19 deletions
diff --git a/src/core/network-openssl.c b/src/core/network-openssl.c
index 7ec902fb..c7ce4b43 100644
--- a/src/core/network-openssl.c
+++ b/src/core/network-openssl.c
@@ -583,9 +583,6 @@ static void set_cipher_info(TLS_REC *tls, SSL *ssl)
static void set_pubkey_info(TLS_REC *tls, X509 *cert, unsigned char *cert_fingerprint, size_t cert_fingerprint_size, unsigned char *public_key_fingerprint, size_t public_key_fingerprint_size)
{
- g_return_if_fail(tls != NULL);
- g_return_if_fail(cert != NULL);
-
EVP_PKEY *pubkey = NULL;
char *cert_fingerprint_hex = NULL;
char *public_key_fingerprint_hex = NULL;
@@ -594,13 +591,16 @@ static void set_pubkey_info(TLS_REC *tls, X509 *cert, unsigned char *cert_finger
char buffer[128];
size_t length;
+ g_return_if_fail(tls != NULL);
+ g_return_if_fail(cert != NULL);
+
pubkey = X509_get_pubkey(cert);
cert_fingerprint_hex = binary_to_hex(cert_fingerprint, cert_fingerprint_size);
tls_rec_set_certificate_fingerprint(tls, cert_fingerprint_hex);
tls_rec_set_certificate_fingerprint_algorithm(tls, "SHA256");
- // Show algorithm.
+ /* Show algorithm. */
switch (EVP_PKEY_id(pubkey)) {
case EVP_PKEY_RSA:
tls_rec_set_public_key_algorithm(tls, "RSA");
@@ -624,7 +624,7 @@ static void set_pubkey_info(TLS_REC *tls, X509 *cert, unsigned char *cert_finger
tls_rec_set_public_key_size(tls, EVP_PKEY_bits(pubkey));
tls_rec_set_public_key_fingerprint_algorithm(tls, "SHA256");
- // Read the NotBefore timestamp.
+ /* Read the NotBefore timestamp. */
bio = BIO_new(BIO_s_mem());
ASN1_TIME_print(bio, X509_get_notBefore(cert));
length = BIO_read(bio, buffer, sizeof(buffer));
@@ -632,7 +632,7 @@ static void set_pubkey_info(TLS_REC *tls, X509 *cert, unsigned char *cert_finger
BIO_free(bio);
tls_rec_set_not_before(tls, buffer);
- // Read the NotAfter timestamp.
+ /* Read the NotAfter timestamp. */
bio = BIO_new(BIO_s_mem());
ASN1_TIME_print(bio, X509_get_notAfter(cert));
length = BIO_read(bio, buffer, sizeof(buffer));
@@ -647,9 +647,6 @@ static void set_pubkey_info(TLS_REC *tls, X509 *cert, unsigned char *cert_finger
static void set_peer_cert_chain_info(TLS_REC *tls, SSL *ssl)
{
- g_return_if_fail(tls != NULL);
- g_return_if_fail(ssl != NULL);
-
int nid;
char *key = NULL;
char *value = NULL;
@@ -662,6 +659,9 @@ static void set_peer_cert_chain_info(TLS_REC *tls, SSL *ssl)
TLS_CERT_ENTRY_REC *tls_cert_entry_rec = NULL;
ASN1_STRING *data = NULL;
+ g_return_if_fail(tls != NULL);
+ g_return_if_fail(ssl != NULL);
+
chain = SSL_get_peer_cert_chain(ssl);
if (chain == NULL)
@@ -670,7 +670,7 @@ static void set_peer_cert_chain_info(TLS_REC *tls, SSL *ssl)
for (i = 0; i < sk_X509_num(chain); i++) {
cert_rec = tls_cert_create_rec();
- // Subject.
+ /* Subject. */
name = X509_get_subject_name(sk_X509_value(chain, i));
for (j = 0; j < X509_NAME_entry_count(name); j++) {
@@ -689,7 +689,7 @@ static void set_peer_cert_chain_info(TLS_REC *tls, SSL *ssl)
tls_cert_rec_append_subject_entry(cert_rec, tls_cert_entry_rec);
}
- // Issuer.
+ /* Issuer. */
name = X509_get_issuer_name(sk_X509_value(chain, i));
for (j = 0; j < X509_NAME_entry_count(name); j++) {
@@ -714,14 +714,11 @@ static void set_peer_cert_chain_info(TLS_REC *tls, SSL *ssl)
static void set_server_temporary_key_info(TLS_REC *tls, SSL *ssl)
{
- g_return_if_fail(tls != NULL);
- g_return_if_fail(ssl != NULL);
-
#ifdef SSL_get_server_tmp_key
- // Show ephemeral key information.
+ /* Show ephemeral key information. */
EVP_PKEY *ephemeral_key = NULL;
- // OPENSSL_NO_EC is for solaris 11.3 (2016), github ticket #598
+ /* OPENSSL_NO_EC is for solaris 11.3 (2016), github ticket #598 */
#ifndef OPENSSL_NO_EC
EC_KEY *ec_key = NULL;
#endif
@@ -729,6 +726,9 @@ static void set_server_temporary_key_info(TLS_REC *tls, SSL *ssl)
char *cname = NULL;
int nid;
+ g_return_if_fail(tls != NULL);
+ g_return_if_fail(ssl != NULL);
+
if (SSL_get_server_tmp_key(ssl, &ephemeral_key)) {
switch (EVP_PKEY_id(ephemeral_key)) {
case EVP_PKEY_DH:
@@ -759,7 +759,7 @@ static void set_server_temporary_key_info(TLS_REC *tls, SSL *ssl)
EVP_PKEY_free(ephemeral_key);
}
-#endif // SSL_get_server_tmp_key.
+#endif /* SSL_get_server_tmp_key. */
}
GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, IPADDR *my_ip, SERVER_REC *server)
@@ -866,7 +866,7 @@ int irssi_ssl_handshake(GIOChannel *handle)
set_peer_cert_chain_info(tls, chan->ssl);
set_server_temporary_key_info(tls, chan->ssl);
- // Emit the TLS rec.
+ /* Emit the TLS rec. */
signal_emit("tls handshake finished", 2, chan->server, tls);
ret = 1;
@@ -893,7 +893,7 @@ int irssi_ssl_handshake(GIOChannel *handle)
ret = irssi_ssl_verify(chan->ssl, chan->ctx, chan->server->connrec->address, chan->port, cert, chan->server, tls);
if (! ret) {
- // irssi_ssl_verify emits a warning itself.
+ /* irssi_ssl_verify emits a warning itself. */
goto done;
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-28 14:30:13 +0000