tls: clean up trailing whitespace

src/modules/tls/sbufq.h

@@ -1,4 +1,4 @@
-/* 
+/*
  * Kamailio TLS module
  *
  * Copyright (C) 2010 iptelorg GmbH
@@ -135,14 +135,14 @@ error:
  * @param min_buf_size - min size to allocate for new buffer elements
  * @return 0 on success, -1 on error (mem. allocation)
  */
-inline static int sbufq_insert(struct sbuffer_queue* q, const void* data, 
+inline static int sbufq_insert(struct sbuffer_queue* q, const void* data,
 							unsigned int size, unsigned int min_buf_size)
 {
 	struct sbuf_elem* b;
-	
+
 	if (likely(q->first==0)) /* if empty, use sbufq_add */
 		return sbufq_add(q, data, size, min_buf_size);
-	
+
 	if (unlikely(q->offset)){
 		LOG(L_CRIT, "BUG: non-null offset %d (bad call, should"
 				"never be called after sbufq_run())\n", q->offset);
@@ -164,7 +164,7 @@ inline static int sbufq_insert(struct sbuffer_queue* q, const void* data,
 		q->first=b;
 		memcpy(b->buf, data, size);
 	}
-	
+
 	q->queued+=size;
 	return 0;
 error:
@@ -185,7 +185,7 @@ inline static unsigned int sbufq_destroy(struct  sbuffer_queue* q)
 	struct sbuf_elem* b;
 	struct sbuf_elem* next_b;
 	int unqueued;
-	
+
 	unqueued=0;
 	if (likely(q->first)){
 		b=q->first;
@@ -205,7 +205,7 @@ inline static unsigned int sbufq_destroy(struct  sbuffer_queue* q)
 
 
 /** tries to flush the queue.
- * Tries to flush as much as possible from the given queue, using the 
+ * Tries to flush as much as possible from the given queue, using the
  * given callback.
  * WARNING: it does no attempt to synchronize access/lock. If needed it should
  * be called under lock.
@@ -238,7 +238,7 @@ inline static int sbufq_flush(struct sbuffer_queue* q, int* flags,
 	int ret;
 	int block_size;
 	char* buf;
-	
+
 	*flags=0;
 	ret=0;
 	while(q->first){
@@ -250,7 +250,7 @@ inline static int sbufq_flush(struct sbuffer_queue* q, int* flags,
 			ret+=n;
 			if (likely(n==block_size)){
 				b=q->first;
-				q->first=q->first->next; 
+				q->first=q->first->next;
 				shm_free(b);
 				q->offset=0;
 				q->queued-=block_size;

src/modules/tls/tls_bio.h

@@ -1,4 +1,4 @@
-/* 
+/*
  * Kamailio TLS module
  *
  * Copyright (C) 2010 iptelorg GmbH
@@ -15,12 +15,12 @@
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
- 
+
 /** openssl BIOs for reading/writing via a fixed memory buffer.
  * @file modules/tls/tls_bio.h
  * @ingroup tls
  */
- 
+
 #ifndef __tls_bio_h
 #define __tls_bio_h
 

src/modules/tls/tls_cfg.c

@@ -1,4 +1,4 @@
-/* 
+/*
  * Kamailio TLS module
  *
  * Copyright (C) 2010 iptelorg GmbH

src/modules/tls/tls_cfg.h

@@ -1,6 +1,6 @@
-/* 
+/*
  * TLS module
- * 
+ *
  * Copyright (C) 2010 iptelorg GmbH
  * Copyright (C) 2013 Motorola Solutions, Inc.
  *

src/modules/tls/tls_config.h

@@ -1,4 +1,4 @@
-/* 
+/*
  * TLS module
  *
  * Copyright (C) 2005,2006 iptelorg GmbH

src/modules/tls/tls_ct_q.h

@@ -1,4 +1,4 @@
-/* 
+/*
  * TLS module
  *
  * Copyright (C) 2010 iptelorg GmbH
@@ -52,7 +52,7 @@ inline static int tls_ct_q_add(tls_ct_q** ct_q, const void* data,
 								unsigned int size, unsigned int min_buf_size)
 {
 	tls_ct_q* q;
-	
+
 	q = *ct_q;
 	if (likely(q == 0)){
 		q=shm_malloc(sizeof(tls_ct_q));
@@ -70,7 +70,7 @@ error:
 
 /**
  * @brief Destroy a buffer queue
- * 
+ *
  * Everything is destroyed from a buffer queue (shm_free()'d), included the queue head.
  * @warning it does no attempt to synchronize access/lock. If needed it should
  * be called under lock.
@@ -80,7 +80,7 @@ error:
 inline static unsigned int tls_ct_q_destroy(tls_ct_q** ct_q)
 {
 	unsigned int ret;
-	
+
 	ret = 0;
 	if (likely(ct_q && *ct_q)) {
 		ret = sbufq_destroy(*ct_q);
@@ -94,8 +94,8 @@ inline static unsigned int tls_ct_q_destroy(tls_ct_q** ct_q)
 
 /**
  * @brief Tries to flush the tls clear text queue
- * 
- * Tries to flush as much as possible from the given queue, using the 
+ *
+ * Tries to flush as much as possible from the given queue, using the
  * given callback.
  * @warning it does no attempt to synchronize access/lock. If needed it should
  * be called under lock.

src/modules/tls/tls_ct_wrq.c

@@ -1,4 +1,4 @@
-/* 
+/*
  * TLS module
  *
  * Copyright (C) 2010 iptelorg GmbH
@@ -96,7 +96,7 @@ static int ssl_flush(void* tcp_c, void* error, const void* buf, unsigned size)
 	int ssl_error;
 	struct tls_extra_data* tls_c;
 	SSL* ssl;
-	
+
 	tls_c = ((struct tcp_connection*)tcp_c)->extra_data;
 	ssl = tls_c->ssl;
 	ssl_error = SSL_ERROR_NONE;
@@ -119,7 +119,7 @@ static int ssl_flush(void* tcp_c, void* error, const void* buf, unsigned size)
 		if (unlikely(n <= 0))
 			ssl_error = SSL_get_error(ssl, n);
 	}
-	
+
 	*(long*)error = ssl_error;
 	return n;
 }
@@ -128,7 +128,7 @@ static int ssl_flush(void* tcp_c, void* error, const void* buf, unsigned size)
 
 /**
  * @brief Wrapper over tls_ct_q_flush()
- * 
+ *
  * Wrapper over tls_ct_q_flush(), besides doing a tls_ct_q_add it
  * also keeps track of queue size and total queued bytes.
  * @param c TCP connection
@@ -143,7 +143,7 @@ int tls_ct_wq_flush(struct tcp_connection* c, tls_ct_q** ct_q,
 {
 	int ret;
 	long error;
-	
+
 	error = SSL_ERROR_NONE;
 	ret = tls_ct_q_flush(ct_q,  flags, ssl_flush, c, &error);
 	*ssl_err = (int)error;
@@ -156,7 +156,7 @@ int tls_ct_wq_flush(struct tcp_connection* c, tls_ct_q** ct_q,
 
 /**
  * @brief Wrapper over tls_ct_q_add()
- * 
+ *
  * Wrapper over tls_ct_q_add(), besides doing a tls_ct_q_add it
  * also keeps track of queue size and total queued bytes.
  * If the maximum queue size is exceeded => error.
@@ -169,7 +169,7 @@ int tls_ct_wq_flush(struct tcp_connection* c, tls_ct_q** ct_q,
 int tls_ct_wq_add(tls_ct_q** ct_q, const void* data, unsigned int size)
 {
 	int ret;
-	
+
 	if (unlikely( (*ct_q && (((*ct_q)->queued + size) >
 						cfg_get(tls, tls_cfg, con_ct_wq_max))) ||
 				(atomic_get(tls_total_ct_wq) + size) >
@@ -195,7 +195,7 @@ int tls_ct_wq_add(tls_ct_q** ct_q, const void* data, unsigned int size)
 unsigned int tls_ct_wq_free(tls_ct_q** ct_q)
 {
 	unsigned int ret;
-	
+
 	if (likely((ret = tls_ct_q_destroy(ct_q)) > 0))
 		atomic_add(tls_total_ct_wq, -ret);
 	return ret;

src/modules/tls/tls_ct_wrq.h

@@ -1,4 +1,4 @@
-/* 
+/*
  * TLS module
  *
  * Copyright (C) 2010 iptelorg GmbH
@@ -57,7 +57,7 @@ unsigned int tls_ct_wq_total_bytes();
 
 /**
  * @brief Wrapper over tls_ct_q_flush()
- * 
+ *
  * Wrapper over tls_ct_q_flush(), besides doing a tls_ct_q_add it
  * also keeps track of queue size and total queued bytes.
  * @param c TCP connection
@@ -72,7 +72,7 @@ int tls_ct_wq_flush(struct tcp_connection* c, tls_ct_q** tc_q,
 
 /**
  * @brief Wrapper over tls_ct_q_add()
- * 
+ *
  * Wrapper over tls_ct_q_add(), besides doing a tls_ct_q_add it
  * also keeps track of queue size and total queued bytes.
  * If the maximum queue size is exceeded => error.

src/modules/tls/tls_domain.c

@@ -173,7 +173,7 @@ static void setup_dh(SSL_CTX *ctx)
 
 /**
  * @brief Create a new TLS domain structure
- * 
+ *
  * Create a new domain structure in new allocated shared memory.
  * @param type domain Type
  * @param ip domain IP
@@ -274,7 +274,7 @@ void tls_destroy_cfg(void)
 			*tls_domains_cfg = (*tls_domains_cfg)->next;
 			tls_free_cfg(ptr);
 		}
-		
+
 		shm_free(tls_domains_cfg);
 		tls_domains_cfg = 0;
 	}
@@ -315,7 +315,7 @@ char* tls_domain_str(tls_domain_t* d)
 
 /**
  * @brief Initialize TLS domain parameters that have not been configured yet
- * 
+ *
  * Initialize TLS domain parameters that have not been configured from
  * parent domain (usually one of default domains)
  * @param d initialized domain
@@ -326,19 +326,19 @@ static int ksr_tls_fill_missing(tls_domain_t* d, tls_domain_t* parent)
 {
 	if (d->method == TLS_METHOD_UNSPEC) d->method = parent->method;
 	LOG(L_INFO, "%s: tls_method=%d\n", tls_domain_str(d), d->method);
-	
+
 	if (d->method < 1 || d->method >= TLS_METHOD_MAX) {
 		ERR("%s: Invalid TLS method value\n", tls_domain_str(d));
 		return -1;
 	}
-	
+
 	if (!d->cert_file.s) {
 		if (shm_asciiz_dup(&d->cert_file.s, parent->cert_file.s) < 0)
 			return -1;
 		d->cert_file.len = parent->cert_file.len;
 	}
 	LOG(L_INFO, "%s: certificate='%s'\n", tls_domain_str(d), d->cert_file.s);
-	
+
 	if (!d->ca_file.s){
 		if (shm_asciiz_dup(&d->ca_file.s, parent->ca_file.s) < 0)
 			return -1;
@@ -359,29 +359,29 @@ static int ksr_tls_fill_missing(tls_domain_t* d, tls_domain_t* parent)
 		d->crl_file.len = parent->crl_file.len;
 	}
 	LOG(L_INFO, "%s: crl='%s'\n", tls_domain_str(d), d->crl_file.s);
-	
+
 	if (d->require_cert == -1) d->require_cert = parent->require_cert;
 	LOG(L_INFO, "%s: require_certificate=%d\n", tls_domain_str(d),
 			d->require_cert);
-	
+
 	if (!d->cipher_list.s) {
 		if ( shm_asciiz_dup(&d->cipher_list.s, parent->cipher_list.s) < 0)
 			return -1;
 		d->cipher_list.len = parent->cipher_list.len;
 	}
 	LOG(L_INFO, "%s: cipher_list='%s'\n", tls_domain_str(d), d->cipher_list.s);
-	
+
 	if (!d->pkey_file.s) {
 		if (shm_asciiz_dup(&d->pkey_file.s, parent->pkey_file.s) < 0)
 			return -1;
 		d->pkey_file.len = parent->pkey_file.len;
 	}
 	LOG(L_INFO, "%s: private_key='%s'\n", tls_domain_str(d), d->pkey_file.s);
-	
+
 	if (d->verify_cert == -1) d->verify_cert = parent->verify_cert;
 	LOG(L_INFO, "%s: verify_certificate=%d\n", tls_domain_str(d),
 			d->verify_cert);
-	
+
 	if (d->verify_depth == -1) d->verify_depth = parent->verify_depth;
 	LOG(L_INFO, "%s: verify_depth=%d\n", tls_domain_str(d), d->verify_depth);
 
@@ -392,7 +392,7 @@ static int ksr_tls_fill_missing(tls_domain_t* d, tls_domain_t* parent)
 }
 
 
-/** 
+/**
  * @brief Called for ctx, with 2 args
  * @param ctx SSL context
  * @param larg ?
@@ -415,7 +415,7 @@ static int tls_domain_foreach_CTX(tls_domain_t* d, per_ctx_cbk_f ctx_cbk,
 {
 	int i,ret;
 	int procs_no;
-	
+
 	procs_no=get_max_procs();
 	for(i = 0; i < procs_no; i++) {
 		if ((ret=ctx_cbk(d->ctx[i], l1, p2))<0)
@@ -515,12 +515,12 @@ static int tls_foreach_CTX_in_cfg(tls_domains_cfg_t* cfg,
 
 /**
  * @brief Fix pathnames when loading domain keys or other list
- * 
+ *
  * Fix pathnames, to be used when loading the domain key, cert, ca list a.s.o.
  * It will replace path with a fixed shm allocated version. Assumes path->s
  * was shm allocated.
  * @param path path to be fixed. If it starts with '.' or '/' is left alone
- * (forced "relative" or "absolute" path). Otherwise the path is considered 
+ * (forced "relative" or "absolute" path). Otherwise the path is considered
  * to be relative to the main config file directory
  * (e.g. for /etc/ser/ser.cfg => /etc/ser/\<path\>).
  * @return  0 on success, -1 on error
@@ -578,7 +578,7 @@ static int load_cert(tls_domain_t* d)
 			TLS_ERR("load_cert:");
 			return -1;
 		}
-		
+
 	}
 	return 0;
 }
@@ -732,7 +732,7 @@ static int set_verification(tls_domain_t* d)
 
 	if (d->require_cert || d->verify_client == TLS_VERIFY_CLIENT_ON) {
 		verify_mode = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
-		LOG(L_INFO, "%s: %s MUST present valid certificate\n", 
+		LOG(L_INFO, "%s: %s MUST present valid certificate\n",
 			tls_domain_str(d), d->type & TLS_DOMAIN_SRV ? "Client" : "Server");
 	} else {
 		if (d->verify_cert || d->verify_client >= TLS_VERIFY_CLIENT_OPTIONAL) {
@@ -808,7 +808,7 @@ static void sr_ssl_ctx_info_callback(const SSL *ssl, int event, int ret)
 }
 
 /**
- * @brief Configure generic SSL parameters 
+ * @brief Configure generic SSL parameters
  * @param d domain
  * @return 0
  */
@@ -821,7 +821,7 @@ static int set_ssl_options(tls_domain_t* d)
 	long ssl_version;
 	STACK_OF(SSL_COMP)* comp_methods;
 #endif
-	
+
 	procs_no=get_max_procs();
 	options=SSL_OP_ALL; /* all the bug workarrounds by default */
 #if OPENSSL_VERSION_NUMBER >= 0x00907000L
@@ -834,7 +834,7 @@ static int set_ssl_options(tls_domain_t* d)
 		 * enabled disable SSL_OP_TLS_BLOCK_PADDING_BUG (set by SSL_OP_ALL),
 		 * see openssl #1204 http://rt.openssl.org/Ticket/Display.html?id=1204
 		 */
-		
+
 		comp_methods=SSL_COMP_get_compression_methods();
 		if (comp_methods && (sk_SSL_COMP_num(comp_methods) > 0)){
 			options &= ~SSL_OP_TLS_BLOCK_PADDING_BUG;
@@ -859,7 +859,7 @@ static int set_ssl_options(tls_domain_t* d)
 
 
 /**
- * @brief Configure TLS session cache parameters 
+ * @brief Configure TLS session cache parameters
  * @param d domain
  * @return 0
  */
@@ -868,7 +868,7 @@ static int set_session_cache(tls_domain_t* d)
 	int i;
 	int procs_no;
 	str tls_session_id;
-	
+
 	procs_no=get_max_procs();
 	tls_session_id=cfg_get(tls, tls_cfg, session_id);
 	for(i = 0; i < procs_no; i++) {
@@ -1299,7 +1299,7 @@ static int load_engine_private_key(tls_domain_t* d)
 }
 #endif
 /**
- * @brief Load a private key from a file 
+ * @brief Load a private key from a file
  * @param d TLS domain
  * @return 0 on success, -1 on error
  */
@@ -1307,7 +1307,7 @@ static int load_private_key(tls_domain_t* d)
 {
 	int idx, ret_pwd, i;
 	int procs_no;
-	
+
 	if (!d->pkey_file.s || !d->pkey_file.len) {
 		DBG("%s: No private key specified\n", tls_domain_str(d));
 		return 0;
@@ -1319,7 +1319,7 @@ static int load_private_key(tls_domain_t* d)
 	for(i = 0; i < procs_no; i++) {
 		SSL_CTX_set_default_passwd_cb(d->ctx[i], passwd_cb);
 		SSL_CTX_set_default_passwd_cb_userdata(d->ctx[i], d->pkey_file.s);
-		
+
 		for(idx = 0, ret_pwd = 0; idx < 3; idx++) {
 #ifndef OPENSSL_NO_ENGINE
 			// in PROC_INIT skip loading HSM keys due to
@@ -1343,7 +1343,7 @@ static int load_private_key(tls_domain_t* d)
 				continue;
 			}
 		}
-		
+
 		if (!ret_pwd) {
 			ERR("%s: Unable to load private key file '%s'\n",
 			    tls_domain_str(d), d->pkey_file.s);
@@ -1362,7 +1362,7 @@ static int load_private_key(tls_domain_t* d)
 			TLS_ERR("load_private_key:");
 			return -1;
 		}
-	}		
+	}
 
 	DBG("%s: Key '%s' successfully loaded\n",
 	    tls_domain_str(d), d->pkey_file.s);
@@ -1542,7 +1542,7 @@ int tls_fix_domains_cfg(tls_domains_cfg_t* cfg, tls_domain_t* srv_defaults,
 
 /**
  * @brief Create new configuration structure
- * 
+ *
  * Create new configuration structure in new allocated shared memory
  * @return configuration structure or zero on error
  */

src/modules/tls/tls_domain.h

@@ -153,14 +153,14 @@ typedef struct tls_domains_cfg {
 
 /**
  * @brief Create a new TLS domain structure
- * 
+ *
  * Create a new domain structure in new allocated shared memory.
  * @param type domain Type
  * @param ip domain IP
  * @param port domain port
  * @return new domain
  */
-tls_domain_t *tls_new_domain(int type, struct ip_addr *ip, 
+tls_domain_t *tls_new_domain(int type, struct ip_addr *ip,
 			     unsigned short port);
 
 
@@ -182,7 +182,7 @@ char* tls_domain_str(tls_domain_t* d);
 
 /**
  * @brief Create new TLS configuration structure
- * 
+ *
  * Create new configuration structure in new allocated shared memory.
  * @return configuration structure or zero on error
  */
@@ -200,7 +200,7 @@ int tls_add_domain(tls_domains_cfg_t* cfg, tls_domain_t* d);
 
 /**
  * @brief Initialize attributes of all domains from default domains if necessary
- * 
+ *
  * Initialize attributes of all domains from default domains if necessary,
  * fill in missing parameters.
  * @param cfg initialized domain

src/modules/tls/tls_dump_vf.h

@@ -15,8 +15,8 @@
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
  *
- * You should have received a copy of the GNU General Public License 
- * along with this program; if not, write to the Free Software 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
  *
  * Exception: permission to copy, modify, propagate, and distribute a work

src/modules/tls/tls_locking.h

@@ -1,7 +1,7 @@
 /*
  * TLS module
  *
- * Copyright (C) 2007 iptelorg GmbH 
+ * Copyright (C) 2007 iptelorg GmbH
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above

src/modules/tls/tls_map.c

@@ -1,4 +1,4 @@
-/** 
+/**
  * Copyright (c) 2014 rxi
  *
  * This library is free software; you can redistribute it and/or modify it
@@ -60,7 +60,7 @@ static void map_addnode(map_base_t *m, map_node_t *node) {
 static int map_resize(map_base_t *m, int nbuckets) {
   map_node_t *nodes, *node, *next;
   map_node_t **buckets;
-  int i; 
+  int i;
   /* Chain all nodes together */
   nodes = NULL;
   i = m->nbuckets;

src/modules/tls/tls_map.h

@@ -1,4 +1,4 @@
-/** 
+/**
  * Copyright (c) 2014 rxi
  *
  * This library is free software; you can redistribute it and/or modify it

src/modules/tls/tls_mod.h

@@ -1,4 +1,4 @@
-/* 
+/*
  * TLS module - module interface
  *
  * Copyright (C) 2005 iptelorg GmbH

src/modules/tls/tls_rpc.c

@@ -92,7 +92,7 @@ static void tls_reload(rpc_t* rpc, void* ctx)
 
  error:
 	tls_free_cfg(cfg);
-	
+
 }
 
 

src/modules/tls/tls_select.c

@@ -175,16 +175,16 @@ static int get_cert(X509** cert, struct tcp_connection** c, struct sip_msg* msg,
 		}
 		goto err;
 	}
-	
+
 	return 0;
-	
+
  err:
 	tcpconn_put(*c);
 	return -1;
 }
 
 
-static int get_cipher(str* res, sip_msg_t* msg) 
+static int get_cipher(str* res, sip_msg_t* msg)
 {
 	str cipher;
 	static char buf[1024];
@@ -237,7 +237,7 @@ static int pv_cipher(sip_msg_t* msg, pv_param_t* param, pv_value_t* res)
 }
 
 
-static int get_bits(str* res, long* i, sip_msg_t* msg) 
+static int get_bits(str* res, long* i, sip_msg_t* msg)
 {
 	str bits;
 	int b;
@@ -273,7 +273,7 @@ static int get_bits(str* res, long* i, sip_msg_t* msg)
 }
 
 
-static int sel_bits(str* res, select_t* s, sip_msg_t* msg) 
+static int sel_bits(str* res, select_t* s, sip_msg_t* msg)
 {
 	return get_bits(res, NULL, msg);
 }
@@ -367,7 +367,7 @@ static int get_desc(str* res, sip_msg_t* msg)
 
  err:
 	if (c) tcpconn_put(c);
-	return -1;	
+	return -1;
 }
 
 
@@ -406,7 +406,7 @@ static int get_cert_version(str* res, int local, sip_msg_t* msg)
 static int sel_cert_version(str* res, select_t* s, sip_msg_t* msg)
 {
 	int local;
-	
+
 	switch(s->params[s->n - 2].v.i) {
 	case CERT_PEER: local = 0; break;
 	case CERT_LOCAL: local = 1; break;
@@ -421,7 +421,7 @@ static int sel_cert_version(str* res, select_t* s, sip_msg_t* msg)
 static int pv_cert_version(sip_msg_t* msg, pv_param_t* param, pv_value_t* res)
 {
 	int local;
-	
+
 	if (param->pvn.u.isname.name.n & PV_CERT_PEER) {
 		local = 0;
 	} else if (param->pvn.u.isname.name.n & PV_CERT_LOCAL) {
@@ -485,7 +485,7 @@ static int check_cert(str* res, long* ires, int local, int err, sip_msg_t* msg)
 static int sel_check_cert(str* res, select_t* s, sip_msg_t* msg)
 {
 	int local, err;
-	
+
 	switch(s->params[s->n - 2].v.i) {
 	case CERT_PEER: local = 0; break;
 	case CERT_LOCAL: local = 1; break;
@@ -502,7 +502,7 @@ static int sel_check_cert(str* res, select_t* s, sip_msg_t* msg)
 	default:
 		BUG("Unexpected parameter value \"%d\"\n", s->params[s->n - 1].v.i);
 		return -1;
-	}   
+	}
 
 	return check_cert(res, NULL, local, err, msg);
 }
@@ -510,7 +510,7 @@ static int sel_check_cert(str* res, select_t* s, sip_msg_t* msg)
 static int pv_check_cert(sip_msg_t* msg, pv_param_t* param, pv_value_t* res)
 {
 	int err;
-	
+
 	switch (param->pvn.u.isname.name.n) {
 	case PV_CERT_VERIFIED:   err = X509_V_OK;                              break;
 	case PV_CERT_REVOKED:    err = X509_V_ERR_CERT_REVOKED;                break;
@@ -520,7 +520,7 @@ static int pv_check_cert(sip_msg_t* msg, pv_param_t* param, pv_value_t* res)
 		BUG("unexpected parameter value \"%ld\"\n", param->pvn.u.isname.name.n);
 		return pv_get_null(msg, param, res);
 	}
-	
+
 
 	if (check_cert(&res->rs, &res->ri, 0, err, msg) < 0) {
 		return pv_get_null(msg, param, res);
@@ -564,7 +564,7 @@ static int get_validity(str* res, int local, int bound, sip_msg_t* msg)
 		ERR("Error while printing certificate date/time\n");
 		goto err;
 	}
-	
+
 	BIO_get_mem_ptr(mem, &p);
 	if (p->length >= 1024) {
 		ERR("Date/time too long\n");
@@ -588,7 +588,7 @@ static int get_validity(str* res, int local, int bound, sip_msg_t* msg)
 static int sel_validity(str* res, select_t* s, sip_msg_t* msg)
 {
 	int local, bound;
-	
+
 	switch(s->params[s->n - 2].v.i) {
 	case CERT_PEER:  local = 0; break;
 	case CERT_LOCAL: local = 1; break;
@@ -612,7 +612,7 @@ static int sel_validity(str* res, select_t* s, sip_msg_t* msg)
 static int pv_validity(sip_msg_t* msg, pv_param_t* param, pv_value_t* res)
 {
 	int bound;
-	
+
 	switch (param->pvn.u.isname.name.n) {
 	case PV_CERT_NOTBEFORE: bound = NOT_BEFORE; break;
 	case PV_CERT_NOTAFTER:  bound = NOT_AFTER;  break;
@@ -624,7 +624,7 @@ static int pv_validity(sip_msg_t* msg, pv_param_t* param, pv_value_t* res)
 	if (get_validity(&res->rs, 0, bound, msg) < 0) {
 		return pv_get_null(msg, param, res);
 	}
-	
+
 	res->flags = PV_VAL_STR;
 	return 0;
 }
@@ -680,7 +680,7 @@ static int sel_sn(str* res, select_t* s, sip_msg_t* msg)
 static int pv_sn(sip_msg_t* msg, pv_param_t* param, pv_value_t* res)
 {
 	int local;
-	
+
 	if (param->pvn.u.isname.name.n & PV_CERT_PEER) {
 		local = 0;
 	} else if (param->pvn.u.isname.name.n & PV_CERT_LOCAL) {
@@ -689,11 +689,11 @@ static int pv_sn(sip_msg_t* msg, pv_param_t* param, pv_value_t* res)
 		BUG("could not determine certificate\n");
 		return pv_get_null(msg, param, res);
 	}
-	
+
 	if (get_sn(&res->rs, local, msg) < 0) {
 		return pv_get_null(msg, param, res);
 	}
-	
+
 	res->flags = PV_VAL_STR;
 	return 0;
 }
@@ -913,7 +913,7 @@ static int get_comp(str* res, int local, int issuer, int nid, sip_msg_t* msg)
 	int index, text_len;
 	char* elem;
 	unsigned char* text_s;
-	       
+
 	text_s = 0;
 
 	if (get_cert(&cert, &c, msg, local) < 0) return -1;
@@ -997,7 +997,7 @@ static int pv_comp(sip_msg_t* msg, pv_param_t* param, pv_value_t* res)
 	int ind_local, local = 0, issuer = 0, nid = NID_commonName;
 
 	/* copy callback value as we modify it */
-	ind_local = param->pvn.u.isname.name.n;	
+	ind_local = param->pvn.u.isname.name.n;
 	DBG("ind_local = %x", ind_local);
 
 	if (ind_local & PV_CERT_PEER) {
@@ -1125,7 +1125,7 @@ static int sel_alt(str* res, select_t* s, sip_msg_t* msg)
 			return -1;
 		}
 	}
-	
+
 	return get_alt(res, local, type, msg);
 }
 
@@ -1133,7 +1133,7 @@ static int sel_alt(str* res, select_t* s, sip_msg_t* msg)
 static int pv_alt(sip_msg_t* msg, pv_param_t* param, pv_value_t* res)
 {
 	int ind_local, local = 0, type = GEN_URI;
-	
+
 	ind_local = param->pvn.u.isname.name.n;
 
 	if (ind_local & PV_CERT_PEER) {
@@ -1160,7 +1160,7 @@ static int pv_alt(sip_msg_t* msg, pv_param_t* param, pv_value_t* res)
 	if (get_alt(&res->rs, local, type, msg) < 0) {
 		return pv_get_null(msg, param, res);
 	}
-	
+
 	res->flags = PV_VAL_STR;
 	return 0;
 }
@@ -1197,7 +1197,7 @@ static int get_tlsext_sn(str* res, sip_msg_t* msg)
 {
 	static char buf[1024];
 	struct tcp_connection* c;
-	str server_name;	
+	str server_name;
 	SSL* ssl;
 
 	c = get_cur_connection(msg);
@@ -1213,20 +1213,20 @@ static int get_tlsext_sn(str* res, sip_msg_t* msg)
 	server_name.s = (char*)SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
 	if (server_name.s) {
 		server_name.len = strlen(server_name.s);
-		DBG("received server_name (TLS extension): '%.*s'\n", 
+		DBG("received server_name (TLS extension): '%.*s'\n",
 			STR_FMT(&server_name));
 	} else {
 		DBG("SSL_get_servername returned NULL\n");
 		goto error;
 	}
-	
+
 	/* copy server_name into the buffer. If the buffer is too small copy only
 	 * the last bytes as these are the more important ones and prefix with
 	 * '+' */
 	if (server_name.len > sizeof(buf)) {
 		ERR("server_name to big for buffer\n");
 		buf[0] = '+';
-		memcpy(buf + 1, server_name.s + 1 + server_name.len - sizeof(buf), 
+		memcpy(buf + 1, server_name.s + 1 + server_name.len - sizeof(buf),
 			   sizeof(buf) - 1);
 		res->len = sizeof(buf);
 	} else {
@@ -1234,10 +1234,10 @@ static int get_tlsext_sn(str* res, sip_msg_t* msg)
 		res->len = server_name.len;
 	}
 	res->s = buf;
-	
+
 	tcpconn_put(c);
 	return 0;
-	
+
 error:
 	if (c) tcpconn_put(c);
 	return -1;
@@ -1258,11 +1258,11 @@ static int pv_tlsext_sn(sip_msg_t* msg, pv_param_t* param, pv_value_t* res)
 			param->pvn.u.isname.name.n);
 		return pv_get_null(msg, param, res);
 	}
-	
+
 	if (get_tlsext_sn(&res->rs, msg) < 0) {
 		return pv_get_null(msg, param, res);
 	}
-	
+
 	res->flags = PV_VAL_STR;
 	return 0;
 }
@@ -1370,7 +1370,7 @@ error:
 select_row_t tls_sel[] = {
 	/* Current cipher parameters */
 	{ NULL, SEL_PARAM_STR, STR_STATIC_INIT("tls"), sel_tls, 0},
-	
+
 	{ sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("version"),     sel_version, 0},
 	{ sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("desc"),        sel_desc,    0},
 	{ sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("description"), sel_desc,    0},
@@ -1383,9 +1383,9 @@ select_row_t tls_sel[] = {
 	{ sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("my"),          sel_cert,    DIVERSION | CERT_LOCAL},
 	{ sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("me"),          sel_cert,    DIVERSION | CERT_LOCAL},
 	{ sel_tls, SEL_PARAM_STR, STR_STATIC_INIT("myself"),      sel_cert,    DIVERSION | CERT_LOCAL},
-	
+
 	{ sel_cipher, SEL_PARAM_STR, STR_STATIC_INIT("bits"), sel_bits, 0},
-	
+
 	{ sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("subject"), sel_name, DIVERSION | CERT_SUBJECT},
 	{ sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("subj"),    sel_name, DIVERSION | CERT_SUBJECT},
 	{ sel_cert, SEL_PARAM_STR, STR_STATIC_INIT("issuer"),  sel_name, DIVERSION | CERT_ISSUER},

src/modules/tls/tls_util.c

@@ -1,4 +1,4 @@
-/* 
+/*
  * TLS module
  *
  * Copyright (C) 2005 iptelorg GmbH

src/modules/tls/tls_util.h

@@ -1,4 +1,4 @@
-/* 
+/*
  * TLS module
  *
  * Copyright (C) 2010 iptelorg GmbH

src/modules/tls/tls_verify.h

@@ -1,4 +1,4 @@
-/* 
+/*
  * TLS module - certificate verification function
  *
  * Copyright (C) 2005 iptelorg GmbH
@@ -28,7 +28,7 @@
 
 #include <openssl/ssl.h>
 
-/* This callback is called during each verification process, 
+/* This callback is called during each verification process,
 at each step during the chain of certificates (this function
 is not the certificate_verification one!). */
 int verify_callback(int pre_verify_ok, X509_STORE_CTX *ctx);