projects / privoxy.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
free_certificate_chain(): Fix memset() target
[privoxy.git] / ssl.c
diff --git a/ssl.c b/ssl.c
index a76c37a..a7f92eb 100644 (file)
--- a/ssl.c
+++ b/ssl.c
@@ -42,11 +42,11 @@
 #include "mbedtls/base64.h"
 #include "mbedtls/error.h"
 
+#include "config.h"
 #include "project.h"
 #include "miscutil.h"
 #include "errlog.h"
 #include "jcc.h"
-#include "config.h"
 #include "ssl.h"
 
 
@@ -107,7 +107,7 @@ typedef struct {
    char *key_file_path;      /* filename of the key file */
 } key_options;
 
-extern int generate_webpage_certificate(struct client_state *csp);
+static int generate_webpage_certificate(struct client_state *csp);
 static char *make_certs_path(const char *conf_dir, const char *file_name, const char *suffix);
 static int file_exists(const char *path);
 static int host_to_hash(struct client_state *csp);
@@ -687,7 +687,7 @@ extern int create_server_ssl_connection(struct client_state *csp)
    mbedtls_net_init(&(csp->mbedtls_server_attr.socket_fd));
    mbedtls_ssl_init(&(csp->mbedtls_server_attr.ssl));
    mbedtls_ssl_config_init(&(csp->mbedtls_server_attr.conf));
-   mbedtls_x509_crt_init( &(csp->mbedtls_server_attr.ca_cert));
+   mbedtls_x509_crt_init(&(csp->mbedtls_server_attr.ca_cert));
 
    /*
    * Setting socket fd in mbedtls_net_context structure. This structure
@@ -1199,11 +1199,11 @@ exit:
  *          1  :  csp = Current client state (buffers, headers, etc...)
  *
  * Returns     :  -1 => Error while creating certificate.
- *                 0 => Certificate alreaday exist.
+ *                 0 => Certificate already exists.
  *                >0 => Length of created certificate.
  *
  *********************************************************************/
-extern int generate_webpage_certificate(struct client_state *csp)
+static int generate_webpage_certificate(struct client_state *csp)
 {
    mbedtls_x509_crt issuer_cert;
    mbedtls_pk_context loaded_issuer_key, loaded_subject_key;
@@ -1238,7 +1238,7 @@ extern int generate_webpage_certificate(struct client_state *csp)
     * Initializing structures for certificate generating
     */
    mbedtls_x509write_crt_init(&cert);
-   mbedtls_x509write_crt_set_md_alg( &cert, CERT_SIGNATURE_ALGORITHM);
+   mbedtls_x509write_crt_set_md_alg(&cert, CERT_SIGNATURE_ALGORITHM);
    mbedtls_pk_init(&loaded_issuer_key);
    mbedtls_pk_init(&loaded_subject_key);
    mbedtls_mpi_init(&serial);
@@ -1407,8 +1407,8 @@ extern int generate_webpage_certificate(struct client_state *csp)
    if (!mbedtls_pk_can_do(&issuer_cert.pk, MBEDTLS_PK_RSA) ||
       mbedtls_mpi_cmp_mpi(&mbedtls_pk_rsa(issuer_cert.pk)->N,
          &mbedtls_pk_rsa(*issuer_key)->N) != 0 ||
-      mbedtls_mpi_cmp_mpi( &mbedtls_pk_rsa(issuer_cert.pk)->E,
-         &mbedtls_pk_rsa(*issuer_key )->E) != 0)
+      mbedtls_mpi_cmp_mpi(&mbedtls_pk_rsa(issuer_cert.pk)->E,
+         &mbedtls_pk_rsa(*issuer_key)->E) != 0)
    {
       log_error(LOG_LEVEL_ERROR,
          "Issuer key doesn't match issuer certificate");
@@ -1864,7 +1864,7 @@ static void free_certificate_chain(struct client_state *csp)
    /* Cleaning buffers */
    memset(csp->server_certs_chain.text_buf, 0,
       sizeof(csp->server_certs_chain.text_buf));
-   memset(csp->server_certs_chain.text_buf, 0,
+   memset(csp->server_certs_chain.file_buf, 0,
       sizeof(csp->server_certs_chain.file_buf));
    csp->server_certs_chain.next = NULL;
 
The official Privoxy git repository