Fix minor code style issues

This commit is contained in:
Darryl Green 2018-03-13 15:22:58 +00:00
parent cdd97fd632
commit 11999bb72e
32 changed files with 73 additions and 101 deletions

View File

@ -1730,7 +1730,7 @@ Features
issuer_key_identifier, etc)
* Optional blinding for RSA, DHM and EC
* Support for multiple active certificate / key pairs in SSL servers for
the same host (Not to be confused with SNI!)
the same host (Not to be confused with SNI!)
Changes
* Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2
@ -1961,7 +1961,7 @@ Changes
PKCS#8 private key formats
* Added mechanism to provide alternative implementations for all
symmetric cipher and hash algorithms (e.g. POLARSSL_AES_ALT in
config.h)
config.h)
* PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated
old PBKDF2 module
@ -1973,7 +1973,7 @@ Bugfix
* x509parse_crt() now better handles PEM error situations
* ssl_parse_certificate() now calls x509parse_crt_der() directly
instead of the x509parse_crt() wrapper that can also parse PEM
certificates
certificates
* x509parse_crtpath() is now reentrant and uses more portable stat()
* Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler
* Fixed values for 2-key Triple DES in cipher layer
@ -2131,7 +2131,7 @@ Bugfix
* mpi_exp_mod() now correctly handles negative base numbers (Closes ticket
#52)
* Handle encryption with private key and decryption with public key as per
RFC 2313
RFC 2313
* Handle empty certificate subject names
* Prevent reading over buffer boundaries on X509 certificate parsing
* mpi_add_abs() now correctly handles adding short numbers to long numbers
@ -2162,7 +2162,7 @@ Bugfix
* x509parse_crt() now better handles PEM error situations
* ssl_parse_certificate() now calls x509parse_crt_der() directly
instead of the x509parse_crt() wrapper that can also parse PEM
certificates
certificates
* Fixed values for 2-key Triple DES in cipher layer
* ssl_write_certificate_request() can handle empty ca_chain
@ -2243,16 +2243,16 @@ Bugfix
Features
* Added ssl_session_reset() to allow better multi-connection pools of
SSL contexts without needing to set all non-connection-specific
data and pointers again. Adapted ssl_server to use this functionality.
data and pointers again. Adapted ssl_server to use this functionality.
* Added ssl_set_max_version() to allow clients to offer a lower maximum
supported version to a server to help buggy server implementations.
(Closes ticket #36)
(Closes ticket #36)
* Added cipher_get_cipher_mode() and cipher_get_cipher_operation()
introspection functions (Closes ticket #40)
* Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator
* Added a generic entropy accumulator that provides support for adding
custom entropy sources and added some generic and platform dependent
entropy sources
entropy sources
Changes
* Documentation for AES and Camellia in modes CTR and CFB128 clarified.
@ -2385,7 +2385,7 @@ Bugfixes
* Corrected parsing of UTCTime dates before 1990 and
after 1950
* Support more exotic OID's when parsing certificates
(found by Mads Kiilerich)
(found by Mads Kiilerich)
* Support more exotic name representations when parsing
certificates (found by Mads Kiilerich)
* Replaced the expired test certificates
@ -2415,7 +2415,7 @@ Note: Most of these features have been donated by Fox-IT
status, objects and configuration
+ Added verification callback on certificate chain
verification to allow external blacklisting
+ Additional example programs to show usage
+ Additional example programs to show usage
* Added support for PKCS#11 through the use of the
libpkcs11-helper library

View File

@ -166,7 +166,7 @@ void mbedtls_entropy_free( mbedtls_entropy_context *ctx );
* \param threshold Minimum required from source before entropy is released
* ( with mbedtls_entropy_func() ) (in bytes)
* \param strong MBEDTLS_ENTROPY_SOURCE_STRONG or
* MBEDTSL_ENTROPY_SOURCE_WEAK.
* MBEDTLS_ENTROPY_SOURCE_WEAK.
* At least one strong source needs to be added.
* Weaker sources (such as the cycle counter) can be used as
* a complement.

View File

@ -232,10 +232,6 @@ int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val )
int ret;
size_t len = 0;
// TODO negative values and values larger than 128
// DER format assumes 2s complement for numbers, so the leftmost bit
// should be 0 for positive numbers and 1 for negative numbers.
//
if( *p - start < 1 )
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );

View File

@ -6950,30 +6950,6 @@ int mbedtls_ssl_read( mbedtls_ssl_context *ssl, unsigned char *buf, size_t len )
}
}
/*
* The logic could be streamlined here. Instead of
* - Manually checking whether ssl->in_offt is NULL
* - Fetching a new record if yes
* - Setting ssl->in_offt if one finds an application record
* - Resetting keep_current_message after handling the application data
* one should
* - Adapt read_record to set ssl->in_offt automatically
* when a new application data record is processed.
* - Always call mbedtls_ssl_read_record here.
* This way, the logic of ssl_read would be much clearer:
* (1) Always call record layer and see what kind of record is on
* and have it ready for consumption (in particular, in_offt
* properly set for application data records).
* (2) If it's application data (either freshly fetched
* or something already being partially processed),
* serve the read request from it.
* (3) If it's something different from application data,
* handle it accordingly, e.g. potentially start a
* renegotiation.
* This will also remove the need to manually reset
* ssl->keep_current_message = 0 below.
*/
/* Loop as long as no application data record is available */
while( ssl->in_offt == NULL )
{

View File

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings:
Use the following settings:
* 115200 baud (not 9600).
* 8N1.
* No flow control.
* 115200 baud (not 9600).
* 8N1.
* No flow control.
7. Press the Reset button on the board.

View File

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings:
Use the following settings:
* 115200 baud (not 9600).
* 8N1.
* No flow control.
* 115200 baud (not 9600).
* 8N1.
* No flow control.
7. Press the Reset button on the board.

View File

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings:
Use the following settings:
* 115200 baud (not 9600).
* 8N1.
* No flow control.
* 115200 baud (not 9600).
* 8N1.
* No flow control.
7. Press the Reset button on the board.

View File

@ -38,11 +38,11 @@ To build and run this example you must have:
6. Start the serial terminal emulator and connect to the virtual serial port presented by FRDM-K64F.
Use the following settings:
Use the following settings:
* 115200 baud (not 9600).
* 8N1.
* No flow control.
* 115200 baud (not 9600).
* 8N1.
* No flow control.
7. Press the Reset button on the board.