From patchwork Thu Aug 25 22:54:23 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Frank Lichtenheld X-Patchwork-Id: 2731 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director10.mail.ord1d.rsapps.net ([172.31.255.6]) by backend30.mail.ord1d.rsapps.net with LMTP id OB4oOJSKCGOxEQAAIUCqbw (envelope-from ) for ; Fri, 26 Aug 2022 04:55:48 -0400 Received: from proxy7.mail.iad3b.rsapps.net ([172.31.255.6]) by director10.mail.ord1d.rsapps.net with LMTP id ePVpN5SKCGOcZwAApN4f7A (envelope-from ) for ; Fri, 26 Aug 2022 04:55:48 -0400 Received: from smtp40.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy7.mail.iad3b.rsapps.net with LMTPS id kJpjMJSKCGNrfAAAQkQ5tQ (envelope-from ) for ; Fri, 26 Aug 2022 04:55:48 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp40.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=lichtenheld.com X-Suspicious-Flag: YES X-Classification-ID: df988d1a-251c-11ed-87a8-5254000cc6d4-1-1 Received: from [216.105.38.7] ([216.105.38.7:47266] helo=lists.sourceforge.net) by smtp40.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 43/2E-03528-29A88036; Fri, 26 Aug 2022 04:55:46 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1oRV79-0008AE-2X; Fri, 26 Aug 2022 08:54:55 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1oRV6v-00089s-6p for openvpn-devel@lists.sourceforge.net; Fri, 26 Aug 2022 08:54:41 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Oz7ooE1NGzwgGvybbM0Wn42DRfY4y4swVvUtC2gRK/M=; b=ER+RFaqQ6Hy5Q8j/1bkQtcns4h 4ouNRmjvCd14X2a9xEsnerPrD8xkjX0t4fYXDVWxd+h36J4MnvtfplGKIv8ZvKosKhXhln96or7wk +/dy5tezC3mobsHrHjtEIdG4ckasJVDgRZMF/8N+GPjtS7x8no9FAjnECsX6UPPg5X70=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=Oz7ooE1NGzwgGvybbM0Wn42DRfY4y4swVvUtC2gRK/M=; b=VLif5CwAyQhuMyJu1NVwF9dJCT GFwyzhfik3cXTbGOWcQCMNzT6I5FC3TfBsQL8Jb8noHKvE55qD192ddXwA8K7Vs+1JRhkc93wd0ng NGZ3f3Zk0B6qikKSuV7e6Er+iKVPpa7Cavf4onpAsVzcg6/Oj4wvRfCnbMmDn5ajGVv4=; Received: from mout-p-103.mailbox.org ([80.241.56.161]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1oRV6t-0007mR-7h for openvpn-devel@lists.sourceforge.net; Fri, 26 Aug 2022 08:54:41 +0000 Received: from smtp2.mailbox.org (smtp2.mailbox.org [IPv6:2001:67c:2050:b231:465::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-103.mailbox.org (Postfix) with ESMTPS id 4MDYYK2qpjz9sWG for ; Fri, 26 Aug 2022 10:54:29 +0200 (CEST) From: Frank Lichtenheld To: openvpn-devel@lists.sourceforge.net Date: Fri, 26 Aug 2022 10:54:23 +0200 Message-Id: <20220826085427.25302-3-frank@lichtenheld.com> In-Reply-To: <20220826085427.25302-1-frank@lichtenheld.com> References: <20220826085427.25302-1-frank@lichtenheld.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 4MDYYK2qpjz9sWG X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Frank Lichtenheld --- config-msvc.h | 2 +- .../client-connect/sample-client-connect.c | 2 +- src/openvpn/crypto.c | 4 ++-- src/openvpn/crypto_mbedtls.c | 2 +- sr [...] Content analysis details: (-0.7 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [80.241.56.161 listed in list.dnswl.org] 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 T_SCC_BODY_TEXT_LINE No description available. X-Headers-End: 1oRV6t-0007mR-7h Subject: [Openvpn-devel] [PATCH 2/6] reformat for sp_compare=add X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Signed-off-by: Frank Lichtenheld --- config-msvc.h | 2 +- .../client-connect/sample-client-connect.c | 2 +- src/openvpn/crypto.c | 4 ++-- src/openvpn/crypto_mbedtls.c | 2 +- src/openvpn/init.c | 2 +- src/openvpn/integer.h | 4 ++-- src/openvpn/manage.c | 8 ++++---- src/openvpn/ntlm.c | 4 ++-- src/openvpn/options.c | 14 +++++++------- src/openvpn/pkcs11.c | 16 ++++++++-------- src/openvpn/pkcs11_openssl.c | 2 +- src/openvpn/ps.c | 2 +- src/openvpn/route.c | 2 +- src/openvpn/socket.c | 10 +++++----- src/openvpn/socks.c | 4 ++-- src/openvpn/ssl_ncp.c | 4 ++-- src/openvpn/ssl_verify.c | 2 +- src/openvpn/ssl_verify_mbedtls.c | 2 +- src/openvpn/ssl_verify_openssl.c | 2 +- src/openvpn/tun.c | 16 ++++++++-------- src/openvpn/xkey_provider.c | 2 +- tests/unit_tests/openvpn/test_pkt.c | 2 +- 22 files changed, 54 insertions(+), 54 deletions(-) diff --git a/config-msvc.h b/config-msvc.h index b621f3fb..e777fe07 100644 --- a/config-msvc.h +++ b/config-msvc.h @@ -56,7 +56,7 @@ #define strncasecmp strnicmp #define strcasecmp _stricmp -#if _MSC_VER<1900 +#if _MSC_VER < 1900 #define snprintf _snprintf #endif diff --git a/sample/sample-plugins/client-connect/sample-client-connect.c b/sample/sample-plugins/client-connect/sample-client-connect.c index bd691a94..27d676ef 100644 --- a/sample/sample-plugins/client-connect/sample-client-connect.c +++ b/sample/sample-plugins/client-connect/sample-client-connect.c @@ -350,7 +350,7 @@ openvpn_plugin_client_connect(struct plugin_context *context, /* log environment variables handed to us by OpenVPN, but * only if "setenv verb" is 3 or higher (arbitrary number) */ - if (context->verb>=3) + if (context->verb >= 3) { for (int i = 0; argv[i]; i++) { diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c index 9e10f64e..397f4cdb 100644 --- a/src/openvpn/crypto.c +++ b/src/openvpn/crypto.c @@ -1411,7 +1411,7 @@ write_key_file(const int nkeys, const char *filename) buf_printf(&out, "%s\n", static_key_foot); /* write key file to stdout if no filename given */ - if (!filename || strcmp(filename, "")==0) + if (!filename || strcmp(filename, "") == 0) { printf("%.*s\n", BLEN(&out), BPTR(&out)); } @@ -1738,7 +1738,7 @@ write_pem_key_file(const char *filename, const char *pem_name) goto cleanup; } - if (!filename || strcmp(filename, "")==0) + if (!filename || strcmp(filename, "") == 0) { printf("%.*s", BLEN(&server_key_pem), BPTR(&server_key_pem)); } diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index da4ed980..2c748f7c 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -1105,7 +1105,7 @@ ssl_tls1_PRF(const uint8_t *label, int label_len, const uint8_t *sec, tls1_P_hash(md5, S1, len, label, label_len, out1, olen); tls1_P_hash(sha1, S2, len, label, label_len, out2, olen); - for (int i = 0; ioptions.pkcs11_pin_cache_period); - for (i = 0; ioptions.pkcs11_providers[i] != NULL; i++) + for (i = 0; i < MAX_PARMS && c->options.pkcs11_providers[i] != NULL; i++) { pkcs11_addProvider(c->options.pkcs11_providers[i], c->options.pkcs11_protected_authentication[i], c->options.pkcs11_private_mode[i], c->options.pkcs11_cert_private[i]); diff --git a/src/openvpn/integer.h b/src/openvpn/integer.h index b1612045..5b2ee631 100644 --- a/src/openvpn/integer.h +++ b/src/openvpn/integer.h @@ -27,12 +27,12 @@ #include "error.h" #ifndef htonll -#define htonll(x) ((1==htonl(1)) ? (x) : \ +#define htonll(x) ((1 == htonl(1)) ? (x) : \ ((uint64_t)htonl((x) & 0xFFFFFFFF) << 32) | htonl((x) >> 32)) #endif #ifndef ntohll -#define ntohll(x) ((1==ntohl(1)) ? (x) : \ +#define ntohll(x) ((1 == ntohl(1)) ? (x) : \ ((uint64_t)ntohl((x) & 0xFFFFFFFF) << 32) | ntohl((x) >> 32)) #endif diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c index 5670e594..43048eb9 100644 --- a/src/openvpn/manage.c +++ b/src/openvpn/manage.c @@ -2111,7 +2111,7 @@ management_android_control(struct management *man, const char *command, const ch strncpy(up.username, msg, sizeof(up.username)-1); management_query_user_pass(management, &up, command, GET_USER_PASS_NEED_OK, (void *) 0); - return strcmp("ok", up.password)==0; + return strcmp("ok", up.password) == 0; } /* @@ -2435,7 +2435,7 @@ man_settings_init(struct man_settings *ms, status = openvpn_getaddrinfo(resolve_flags, addr, port, 0, NULL, AF_UNSPEC, &ms->local); - ASSERT(status==0); + ASSERT(status == 0); } } @@ -2848,7 +2848,7 @@ management_notify_client_needing_auth(struct management *management, } msg(M_CLIENT, ">CLIENT:%s,%lu,%u", mode, mdac->cid, mda_key_id); man_output_extra_env(management, "CLIENT"); - if (management->connection.env_filter_level>0) + if (management->connection.env_filter_level > 0) { man_output_peer_info_env(management, mdac); } @@ -2969,7 +2969,7 @@ management_post_tunnel_open(struct management *man, const in_addr_t tun_local_ip ia.s_addr = htonl(tun_local_ip); ret = openvpn_getaddrinfo(GETADDR_PASSIVE, inet_ntoa(ia), NULL, 0, NULL, AF_INET, &man->settings.local); - ASSERT(ret==0); + ASSERT(ret == 0); man_connection_init(man); } diff --git a/src/openvpn/ntlm.c b/src/openvpn/ntlm.c index 72c13130..ddd725bd 100644 --- a/src/openvpn/ntlm.c +++ b/src/openvpn/ntlm.c @@ -122,7 +122,7 @@ gen_nonce(unsigned char *nonce) /* Generates 8 random bytes to be used as client nonce */ int i; - for (i = 0; i<8; i++) + for (i = 0; i < 8; i++) { nonce[i] = (unsigned char)get_random(); } @@ -263,7 +263,7 @@ ntlm_phase_3(const struct http_proxy_info *p, const char *phase_2, * therefore buf2 needs to be (3/4 * 128) */ /* extract the challenge from bytes 24-31 */ - for (i = 0; i<8; i++) + for (i = 0; i < 8; i++) { challenge[i] = buf2[i+24]; } diff --git a/src/openvpn/options.c b/src/openvpn/options.c index a296086d..e866c57d 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -1976,7 +1976,7 @@ show_settings(const struct options *o) SHOW_INT(ns_cert_type); { int i; - for (i = 0; ipkcs11_providers[i] != NULL; i++) + for (i = 0; i < MAX_PARMS && o->pkcs11_providers[i] != NULL; i++) { SHOW_PARM(pkcs11_providers, o->pkcs11_providers[i], "%s"); } } { int i; - for (i = 0; ipkcs11_protected_authentication[i] ? "ENABLED" : "DISABLED", "%s"); } } { int i; - for (i = 0; ipkcs11_private_mode[i], "%08x"); } } { int i; - for (i = 0; ipkcs11_cert_private[i] ? "ENABLED" : "DISABLED", "%s"); } @@ -2556,7 +2556,7 @@ options_postprocess_verify_ce(const struct options *options, /* blocks force to have a remote embedded, so we check * for the --remote and bail out if it is present */ - if (options->connection_list->len >1 + if (options->connection_list->len > 1 || options->connection_list->array[0]->remote) { msg(M_USAGE, " cannot be used with --mode server"); @@ -6063,7 +6063,7 @@ add_option(struct options *options, for (j = 1; p[j]; j++) { /* Allow the user to specify ignore-unknown-option --opt too */ - if (p[j][0]=='-' && p[j][1]=='-') + if (p[j][0] == '-' && p[j][1] == '-') { options->ignore_unknown_option[i] = (p[j]+2); } diff --git a/src/openvpn/pkcs11.c b/src/openvpn/pkcs11.c index 507af17c..7cf04335 100644 --- a/src/openvpn/pkcs11.c +++ b/src/openvpn/pkcs11.c @@ -198,7 +198,7 @@ _pkcs11_openvpn_token_prompt( (void)user_data; (void)retry; - ASSERT(token!=NULL); + ASSERT(token != NULL); CLEAR(token_resp); token_resp.defined = false; @@ -245,7 +245,7 @@ _pkcs11_openvpn_pin_prompt( (void)user_data; (void)retry; - ASSERT(token!=NULL); + ASSERT(token != NULL); openvpn_snprintf(prompt, sizeof(prompt), "%s token", token->label); @@ -381,7 +381,7 @@ pkcs11_addProvider( { CK_RV rv = CKR_OK; - ASSERT(provider!=NULL); + ASSERT(provider != NULL); dmsg( D_PKCS11_DEBUG, @@ -495,8 +495,8 @@ pkcs11_management_id_get( int count = 0; bool success = false; - ASSERT(id!=NULL); - ASSERT(base64!=NULL); + ASSERT(id != NULL); + ASSERT(base64 != NULL); dmsg( D_PKCS11_DEBUG, @@ -662,8 +662,8 @@ tls_ctx_use_pkcs11( bool ok = false; - ASSERT(ssl_ctx!=NULL); - ASSERT(pkcs11_id_management || pkcs11_id!=NULL); + ASSERT(ssl_ctx != NULL); + ASSERT(pkcs11_id_management || pkcs11_id != NULL); dmsg( D_PKCS11_DEBUG, @@ -795,7 +795,7 @@ _pkcs11_openvpn_show_pkcs11_ids_pin_prompt( (void)user_data; (void)retry; - ASSERT(token!=NULL); + ASSERT(token != NULL); buf_printf(&pass_prompt, "Please enter '%s' token PIN or 'cancel': ", token->display); if (!query_user_SINGLE(BSTR(&pass_prompt), BLEN(&pass_prompt), diff --git a/src/openvpn/pkcs11_openssl.c b/src/openvpn/pkcs11_openssl.c index 60bc1c47..8b594346 100644 --- a/src/openvpn/pkcs11_openssl.c +++ b/src/openvpn/pkcs11_openssl.c @@ -433,7 +433,7 @@ pkcs11_certificate_serial(pkcs11h_certificate_t certificate, char *serial, i2a_ASN1_INTEGER(bio, X509_get_serialNumber(x509)); n = BIO_read(bio, serial, serial_len-1); - if (n<0) + if (n < 0) { serial[0] = '\x0'; } diff --git a/src/openvpn/ps.c b/src/openvpn/ps.c index a69da2f9..20a62681 100644 --- a/src/openvpn/ps.c +++ b/src/openvpn/ps.c @@ -839,7 +839,7 @@ port_share_open(const char *host, status = openvpn_getaddrinfo(GETADDR_RESOLVE|GETADDR_FATAL, host, port, 0, NULL, AF_INET, &ai); - ASSERT(status==0); + ASSERT(status == 0); hostaddr = *((struct sockaddr_in *) ai->ai_addr); freeaddrinfo(ai); diff --git a/src/openvpn/route.c b/src/openvpn/route.c index 7eaf1121..5d9bd7ca 100644 --- a/src/openvpn/route.c +++ b/src/openvpn/route.c @@ -739,7 +739,7 @@ route_ipv6_match_host( const struct route_ipv6 *r6, int i; unsigned int mask; - if (bits>128) + if (bits > 128) { return false; } diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c index 4e29327b..b0f84647 100644 --- a/src/openvpn/socket.c +++ b/src/openvpn/socket.c @@ -191,7 +191,7 @@ getaddr(unsigned int flags, status = get_addr_generic(AF_INET, flags, hostname, &addr, NULL, resolve_retry_seconds, signal_received, M_WARN); - if (status==0) + if (status == 0) { if (succeeded) { @@ -1679,7 +1679,7 @@ resolve_bind_local(struct link_socket *sock, const sa_family_t af) NULL, af, &sock->info.lsa->bind_local); } - if (status !=0) + if (status != 0) { msg(M_FATAL, "getaddrinfo() failed for local \"%s:%s\": %s", sock->local_host, sock->local_port, @@ -1781,7 +1781,7 @@ resolve_remote(struct link_socket *sock, goto done; } } - if (status!=0) + if (status != 0) { if (signal_received) { @@ -2780,7 +2780,7 @@ print_sockaddr_ex(const struct sockaddr *sa, status = getnameinfo(sa, salen, hostaddr, sizeof(hostaddr), servname, sizeof(servname), NI_NUMERICHOST | NI_NUMERICSERV); - if (status!=0) + if (status != 0) { buf_printf(&out, "[nameinfo() err: %s]", gai_strerror(status)); return BSTR(&out); @@ -2950,7 +2950,7 @@ add_in6_addr( struct in6_addr base, uint32_t add ) { int i; - for (i = 15; i>=0 && add > 0; i--) + for (i = 15; i >= 0 && add > 0; i--) { register int carry; register uint32_t h; diff --git a/src/openvpn/socks.c b/src/openvpn/socks.c index ef178a35..d857f632 100644 --- a/src/openvpn/socks.c +++ b/src/openvpn/socks.c @@ -428,7 +428,7 @@ port_from_servname(const char *servname) { int port = 0; port = atoi(servname); - if (port >0 && port < 65536) + if (port > 0 && port < 65536) { return port; } @@ -471,7 +471,7 @@ establish_socks_proxy_passthru(struct socks_proxy_info *p, memcpy(buf + 5, host, len); int port = port_from_servname(servname); - if (port ==0) + if (port == 0) { msg(D_LINK_ERRORS, "establish_socks_proxy_passthrough: Cannot convert %s to port number", servname); goto error; diff --git a/src/openvpn/ssl_ncp.c b/src/openvpn/ssl_ncp.c index a58ced53..08e1a670 100644 --- a/src/openvpn/ssl_ncp.c +++ b/src/openvpn/ssl_ncp.c @@ -146,7 +146,7 @@ mutate_ncp_cipher_list(const char *list, struct gc_arena *gc) ovpn_cipher_name = "none"; } - if (buf_len(&new_list)> 0) + if (buf_len(&new_list) > 0) { /* The next if condition ensure there is always space for * a : @@ -226,7 +226,7 @@ tls_peer_ncp_list(const char *peer_info, struct gc_arena *gc) { return iv_ciphers; } - else if (tls_peer_info_ncp_ver(peer_info)>=2) + else if (tls_peer_info_ncp_ver(peer_info) >= 2) { /* If the peer announces IV_NCP=2 then it supports the AES GCM * ciphers */ diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c index 45eaf8ed..147ff67b 100644 --- a/src/openvpn/ssl_verify.c +++ b/src/openvpn/ssl_verify.c @@ -1569,7 +1569,7 @@ verify_user_pass(struct user_pass *up, struct tls_multi *multi, /* check sizing of username if it will become our common name */ if ((session->opt->ssl_flags & SSLF_USERNAME_AS_COMMON_NAME) - && strlen(up->username)>TLS_USERNAME_LEN) + && strlen(up->username) > TLS_USERNAME_LEN) { msg(D_TLS_ERRORS, "TLS Auth Error: --username-as-common name specified and username is longer than the maximum permitted Common Name length of %d characters", diff --git a/src/openvpn/ssl_verify_mbedtls.c b/src/openvpn/ssl_verify_mbedtls.c index 5463c8da..b2af70c2 100644 --- a/src/openvpn/ssl_verify_mbedtls.c +++ b/src/openvpn/ssl_verify_mbedtls.c @@ -477,7 +477,7 @@ x509_verify_cert_ku(mbedtls_x509_crt *cert, const unsigned *const expected_ku, } result_t fFound = FAILURE; - for (size_t i = 0; SUCCESS != fFound && i=0 && android_method == ANDROID_KEEP_OLD_TUN) + if (oldtunfd >= 0 && android_method == ANDROID_KEEP_OLD_TUN) { /* keep the old fd */ opentun = true; @@ -2486,7 +2486,7 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun { msg(M_ERR, "Can't set PPA %d", ppa); } - if (ioctl(if_fd, SIOCGLIFFLAGS, &ifr) <0) + if (ioctl(if_fd, SIOCGLIFFLAGS, &ifr) < 0) { msg(M_ERR, "Can't get flags\n"); } @@ -3257,7 +3257,7 @@ open_darwin_utun(const char *dev, const char *dev_type, const char *dev_node, st fd = utun_open_helper(ctlInfo, utunnum); /* Break if the fd is valid, * or if early initialization failed (-2) */ - if (fd !=-1) + if (fd != -1) { break; } @@ -3296,13 +3296,13 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun { #ifdef HAVE_NET_IF_UTUN_H /* If dev_node does not start start with utun assume regular tun/tap */ - if ((!dev_node && tt->type==DEV_TYPE_TUN) + if ((!dev_node && tt->type == DEV_TYPE_TUN) || (dev_node && !strncmp(dev_node, "utun", 4))) { /* Check if user has specific dev_type tap and forced utun with * dev-node utun */ - if (tt->type!=DEV_TYPE_TUN) + if (tt->type != DEV_TYPE_TUN) { msg(M_FATAL, "Cannot use utun devices with --dev-type %s", dev_type_string(dev, dev_type)); @@ -3336,7 +3336,7 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun * Unset dev_node variable prior to passing to open_tun_generic to * let open_tun_generic pick the first available tun device */ - if (dev_node && strcmp(dev_node, "tun")==0) + if (dev_node && strcmp(dev_node, "tun") == 0) { dev_node = NULL; } @@ -3425,7 +3425,7 @@ open_tun(const char *dev, const char *dev_type, const char *dev_node, struct tun if (strcmp( dev, "tap" ) == 0) /* find first free tap dev */ { /* (= no /dev/tapN node) */ int i; - for (i = 0; i<99; i++) + for (i = 0; i < 99; i++) { openvpn_snprintf(tunname, sizeof(tunname), "/dev/tap%d", i); if (access( tunname, F_OK ) < 0 && errno == ENOENT) @@ -5423,7 +5423,7 @@ netsh_set_dns6_servers(const struct in6_addr *addr_list, } /* Treat errors while adding as non-fatal as we do not check for duplicates */ - netsh_command(&argv, 1, (i==0) ? M_FATAL : M_NONFATAL); + netsh_command(&argv, 1, (i == 0) ? M_FATAL : M_NONFATAL); } argv_free(&argv); diff --git a/src/openvpn/xkey_provider.c b/src/openvpn/xkey_provider.c index c6965718..5f442213 100644 --- a/src/openvpn/xkey_provider.c +++ b/src/openvpn/xkey_provider.c @@ -278,7 +278,7 @@ keymgmt_import(void *keydata, int selection, const OSSL_PARAM params[], const ch EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new_from_name(key->prov->libctx, name, NULL); if (!ctx || (EVP_PKEY_fromdata_init(ctx) != 1) - || (EVP_PKEY_fromdata(ctx, &pkey, selection_pub, (OSSL_PARAM *) params) !=1)) + || (EVP_PKEY_fromdata(ctx, &pkey, selection_pub, (OSSL_PARAM *) params) != 1)) { msg(M_WARN, "Error: keymgmt_import failed for key type <%s>", name); if (pkey) diff --git a/tests/unit_tests/openvpn/test_pkt.c b/tests/unit_tests/openvpn/test_pkt.c index 2d771e30..5dce6b62 100644 --- a/tests/unit_tests/openvpn/test_pkt.c +++ b/tests/unit_tests/openvpn/test_pkt.c @@ -231,7 +231,7 @@ test_tls_decrypt_lite_crypt(void **ut_state) free_tls_pre_decrypt_state(&state); /* flip a byte in various places */ - for (int i = 0; i