[PATCH 4 of 6] SSL: fix indentation of ngx_ssl_certificate_t array loops.

Filipe DA SILVA fdasilva at ingima.com
Thu Apr 9 09:58:39 UTC 2015


# HG changeset patch
# User Filipe da Silva <fdasilva at ingima.com>
# Date 1428509613 -7200
#      Wed Apr 08 18:13:33 2015 +0200
# Node ID d79d5e0c7f3dd0151b83a6d37ae2fc4b0ecaf83f
# Parent  911ce5a0980b9f82e6540de17304b31aa46de625
SSL: fix indentation of ngx_ssl_certificate_t array loops.
Preparation for Multiple SSL certificate support.

diff -r 911ce5a0980b -r d79d5e0c7f3d src/event/ngx_event_openssl_stapling.c
--- a/src/event/ngx_event_openssl_stapling.c	Wed Apr 08 18:13:33 2015 +0200
+++ b/src/event/ngx_event_openssl_stapling.c	Wed Apr 08 18:13:33 2015 +0200
@@ -687,38 +687,36 @@ ngx_ssl_stapling_ocsp_handler(ngx_ssl_oc
 
     for (i = 0; i < nelts; i++, cert++, issuer++) {
 
-    id = OCSP_cert_to_id(NULL, cert->x509, issuer->x509);
-    if (id == NULL) {
-        ngx_ssl_error(NGX_LOG_CRIT, ctx->log, 0,
-                      "OCSP_cert_to_id() failed");
-        goto error;
-    }
+        id = OCSP_cert_to_id(NULL, cert->x509, issuer->x509);
+        if (id == NULL) {
+            ngx_ssl_error(NGX_LOG_CRIT, ctx->log, 0,
+                          "OCSP_cert_to_id() failed");
+            goto error;
+        }
 
-    if (OCSP_resp_find_status(basic, id, &n, NULL, NULL,
-                              &thisupdate, &nextupdate)
-        != 1)
-    {
-        ngx_log_error(NGX_LOG_ERR, ctx->log, 0,
-                      "certificate status not found in the OCSP response");
-        goto error;
-    }
+        if (OCSP_resp_find_status(basic, id, &n, NULL, NULL,
+                                  &thisupdate, &nextupdate)
+            != 1)
+        {
+            ngx_log_error(NGX_LOG_ERR, ctx->log, 0,
+                          "certificate status not found in the OCSP response");
+            goto error;
+        }
 
-    if (n != V_OCSP_CERTSTATUS_GOOD) {
-        ngx_log_error(NGX_LOG_ERR, ctx->log, 0,
-                      "certificate status \"%s\" in the OCSP response",
-                      OCSP_cert_status_str(n));
-        goto error;
-    }
+        if (n != V_OCSP_CERTSTATUS_GOOD) {
+            ngx_log_error(NGX_LOG_ERR, ctx->log, 0,
+                          "certificate status \"%s\" in the OCSP response",
+                          OCSP_cert_status_str(n));
+            goto error;
+        }
 
-    if (OCSP_check_validity(thisupdate, nextupdate, 300, -1) != 1) {
-        ngx_ssl_error(NGX_LOG_ERR, ctx->log, 0,
-                      "OCSP_check_validity() failed");
-        goto error;
-    }
+        if (OCSP_check_validity(thisupdate, nextupdate, 300, -1) != 1) {
+            ngx_ssl_error(NGX_LOG_ERR, ctx->log, 0,
+                          "OCSP_check_validity() failed");
+            goto error;
+        }
 
-    OCSP_CERTID_free(id);
-
-    /* END OF 'for (i = 0;...' LOOP */
+        OCSP_CERTID_free(id);
     }
 
     OCSP_BASICRESP_free(basic);
@@ -1191,15 +1189,14 @@ ngx_ssl_ocsp_dummy_handler(ngx_event_t *
 static ngx_int_t
 ngx_ssl_ocsp_create_request(ngx_ssl_ocsp_ctx_t *ctx)
 {
-    int            len;
-    u_char        *p;
-    uintptr_t      escape;
-    ngx_str_t      binary, base64;
-    ngx_buf_t     *b;
-    OCSP_CERTID   *id;
-    OCSP_REQUEST  *ocsp;
-
+    int                     len;
+    u_char                 *p;
+    uintptr_t               escape;
     ngx_uint_t              i, nelts;
+    ngx_str_t               binary, base64;
+    ngx_buf_t              *b;
+    OCSP_CERTID            *id;
+    OCSP_REQUEST           *ocsp;
     ngx_ssl_certificate_t  *cert;
     ngx_ssl_certificate_t  *issuer;
 
@@ -1216,21 +1213,20 @@ ngx_ssl_ocsp_create_request(ngx_ssl_ocsp
 
     for (i = 0; i < nelts; i++, cert++, issuer++) {
 
-    id = OCSP_cert_to_id(NULL, cert->x509, issuer->x509);
-    if (id == NULL) {
-        ngx_ssl_error(NGX_LOG_CRIT, ctx->log, 0,
-                      "OCSP_cert_to_id() failed");
-        goto failed;
-    }
+        id = OCSP_cert_to_id(NULL, cert->x509, issuer->x509);
+        if (id == NULL) {
+            ngx_ssl_error(NGX_LOG_CRIT, ctx->log, 0,
+                          "OCSP_cert_to_id() failed");
+            goto failed;
+        }
 
-    if (OCSP_request_add0_id(ocsp, id) == NULL) {
-        ngx_ssl_error(NGX_LOG_CRIT, ctx->log, 0,
-                      "OCSP_request_add0_id() failed");
-        OCSP_CERTID_free(id);
-        goto failed;
-    }
+        if (OCSP_request_add0_id(ocsp, id) == NULL) {
+            ngx_ssl_error(NGX_LOG_CRIT, ctx->log, 0,
+                          "OCSP_request_add0_id() failed");
+            OCSP_CERTID_free(id);
+            goto failed;
+        }
 
-    /* END OF for ... LOOP */
     }
 
     len = i2d_OCSP_REQUEST(ocsp, NULL);







-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginx_MultiCert_099.patch
Type: application/octet-stream
Size: 4633 bytes
Desc: nginx_MultiCert_099.patch
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20150409/2eb94d3d/attachment-0001.obj>


More information about the nginx-devel mailing list