Fix multiple quality issues in the source
This PR fixes multiple issues in the source code to address issues raised by
tests/scripts/check-files.py. Specifically:
* incorrect file permissions
* missing newline at the end of files
* trailing whitespace
* Tabs present
* TODOs in the souce code
diff --git a/library/asn1write.c b/library/asn1write.c
index 00ed73c..12e88b8 100644
--- a/library/asn1write.c
+++ b/library/asn1write.c
@@ -205,7 +205,6 @@
int ret;
size_t len = 0;
- // TODO negative values and values larger than 128
// DER format assumes 2s complement for numbers, so the leftmost bit
// should be 0 for positive numbers and 1 for negative numbers.
//
diff --git a/library/net.c b/library/net.c
index e8123cc..2898128 100644
--- a/library/net.c
+++ b/library/net.c
@@ -261,7 +261,7 @@
static int net_would_block( const mbedtls_net_context *ctx )
{
int err = errno;
-
+
/*
* Never return 'WOULD BLOCK' on a non-blocking socket
*/
diff --git a/library/ssl_cli.c b/library/ssl_cli.c
index a57d866..d3a8ecf 100644
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@@ -1890,8 +1890,6 @@
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
- // TODO: Retrieve PSK identity hint and callback to app
- //
*p += len;
ret = 0;
@@ -2464,9 +2462,6 @@
goto exit;
}
- // TODO: handshake_failure alert for an anonymous server to request
- // client authentication
-
/*
* struct {
* ClientCertificateType certificate_types<1..2^8-1>;
@@ -2538,7 +2533,6 @@
if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 )
{
/* Ignored, see comments about hash in write_certificate_verify */
- // TODO: should check the signature part against our pk_key though
size_t sig_alg_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 )
| ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) );
#if defined(MBEDTLS_DEBUG_C)
@@ -2580,7 +2574,6 @@
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
/* Ignore certificate_authorities, we only have one cert anyway */
- // TODO: should not send cert if no CA matches
dn_len = ( ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 1 + n] << 8 )
| ( buf[mbedtls_ssl_hs_hdr_len( ssl ) + 2 + n] ) );
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 9a884f0..3ebf9d9 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -247,7 +247,7 @@
" unknown hash alg encoding %d", p[0] ) );
continue;
}
-
+
if( mbedtls_ssl_check_sig_hash( ssl, md_cur ) == 0 )
{
mbedtls_ssl_sig_hash_set_add( &ssl->handshake->hash_algs, sig_cur, md_cur );
@@ -721,7 +721,7 @@
const mbedtls_ssl_ciphersuite_t *suite_info;
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
- defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
+ defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
mbedtls_pk_type_t sig_type;
#endif
@@ -1743,7 +1743,7 @@
#if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
-
+
/*
* Try to fall back to default hash SHA1 if the client
* hasn't provided any preferred signature-hash combinations.
@@ -1751,13 +1751,13 @@
if( sig_hash_alg_ext_present == 0 )
{
mbedtls_md_type_t md_default = MBEDTLS_MD_SHA1;
-
+
if( mbedtls_ssl_check_sig_hash( ssl, md_default ) != 0 )
md_default = MBEDTLS_MD_NONE;
mbedtls_ssl_sig_hash_set_const_hash( &ssl->handshake->hash_algs, md_default );
}
-
+
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 &&
MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED */
@@ -2776,7 +2776,7 @@
return( ret );
}
-#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
dig_signed = p;
dig_signed_len = len;
#endif
@@ -2837,7 +2837,7 @@
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_make_params", ret );
return( ret );
}
-
+
#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED)
dig_signed = p;
dig_signed_len = len;
@@ -2865,7 +2865,7 @@
/*
* 3.1: Choose hash algorithm:
- * A: For TLS 1.2, obey signature-hash-algorithm extension
+ * A: For TLS 1.2, obey signature-hash-algorithm extension
* to choose appropriate hash.
* B: For SSL3, TLS1.0, TLS1.1 and ECDHE_ECDSA, use SHA1
* (RFC 4492, Sec. 5.4)
@@ -2873,7 +2873,7 @@
*/
mbedtls_md_type_t md_alg;
-
+
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
mbedtls_pk_type_t sig_alg =
mbedtls_ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
@@ -2886,7 +2886,7 @@
sig_alg ) ) == MBEDTLS_MD_NONE )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
- /* (... because we choose a cipher suite
+ /* (... because we choose a cipher suite
* only if there is a matching hash.) */
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
@@ -2908,8 +2908,8 @@
md_alg = MBEDTLS_MD_NONE;
}
- MBEDTLS_SSL_DEBUG_MSG( 3, ( "pick hash algorithm %d for signing", md_alg ) );
-
+ MBEDTLS_SSL_DEBUG_MSG( 3, ( "pick hash algorithm %d for signing", md_alg ) );
+
/*
* 3.2: Compute the hash to be signed
*/
@@ -2936,7 +2936,7 @@
* SHA(ClientHello.random + ServerHello.random
* + ServerParams);
*/
-
+
mbedtls_md5_starts( &mbedtls_md5 );
mbedtls_md5_update( &mbedtls_md5, ssl->handshake->randbytes, 64 );
mbedtls_md5_update( &mbedtls_md5, dig_signed, dig_signed_len );
@@ -3024,7 +3024,7 @@
* } DigitallySigned;
*
*/
-
+
*(p++) = mbedtls_ssl_hash_from_md_alg( md_alg );
*(p++) = mbedtls_ssl_sig_from_pk_alg( sig_alg );
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 5fc5be3..2cb6542 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -3744,7 +3744,6 @@
return( ret );
}
- // TODO: what's the purpose of these lines? is in_len used?
ssl->in_len[0] = (unsigned char)( ssl->in_msglen >> 8 );
ssl->in_len[1] = (unsigned char)( ssl->in_msglen );
}
@@ -5170,7 +5169,6 @@
ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->conf->endpoint );
- // TODO TLS/1.2 Hash length is determined by cipher suite (Page 63)
hash_len = ( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_0 ) ? 36 : 12;
#if defined(MBEDTLS_SSL_RENEGOTIATION)
diff --git a/library/x509_crt.c b/library/x509_crt.c
index f567afc..3d0765a 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -522,9 +522,6 @@
/*
* X.509 v3 extensions
*
- * TODO: Perform all of the basic constraints tests required by the RFC
- * TODO: Set values for undetected extensions to a sane default?
- *
*/
static int x509_get_crt_ext( unsigned char **p,
const unsigned char *end,
@@ -1638,12 +1635,6 @@
if( ca == NULL )
return( flags );
- /*
- * TODO: What happens if no CRL is present?
- * Suggestion: Revocation state should be unknown if no CRL is present.
- * For backwards compatibility this is not yet implemented.
- */
-
while( crl_list != NULL )
{
if( crl_list->version == 0 ||
diff --git a/library/x509_csr.c b/library/x509_csr.c
index c706dbd..fc171cb 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -214,7 +214,6 @@
mbedtls_x509_csr_free( csr );
return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
}
- // TODO Parse Attributes / extension requests
p += len;