* src/mh.c
[claws.git] / src / ssl.c
index 075f7b6beb7529e5bb391cb530caf46e4260f90c..6ec7051359b9deb796cf9d6030a2975139df7756 100644 (file)
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -36,110 +36,109 @@ static SSL_CTX *ssl_ctx_TLSv1;
 
 void ssl_init(void)
 {
-    SSL_library_init();
-    SSL_load_error_strings();
-
-    ssl_ctx_SSLv23 = SSL_CTX_new(SSLv23_client_method());
-    if (ssl_ctx_SSLv23 == NULL) {
-       debug_print(_("SSLv23 not available\n"));
-    } else {
-       debug_print(_("SSLv23 available\n"));
-    }
-
-    ssl_ctx_TLSv1 = SSL_CTX_new(TLSv1_client_method());
-    if (ssl_ctx_TLSv1 == NULL) {
-       debug_print(_("TLSv1 not available\n"));
-    } else {
-       debug_print(_("TLSv1 available\n"));
-    }
+       SSL_library_init();
+       SSL_load_error_strings();
+
+       ssl_ctx_SSLv23 = SSL_CTX_new(SSLv23_client_method());
+       if (ssl_ctx_SSLv23 == NULL) {
+               debug_print(_("SSLv23 not available\n"));
+       } else {
+               debug_print(_("SSLv23 available\n"));
+       }
+
+       ssl_ctx_TLSv1 = SSL_CTX_new(TLSv1_client_method());
+        if (ssl_ctx_TLSv1 == NULL) {
+               debug_print(_("TLSv1 not available\n"));
+       } else {
+               debug_print(_("TLSv1 available\n"));
+       }
 }
 
 void ssl_done(void)
 {
-    if (ssl_ctx_SSLv23) {
-       SSL_CTX_free(ssl_ctx_SSLv23);
-    }
+       if (ssl_ctx_SSLv23) {
+               SSL_CTX_free(ssl_ctx_SSLv23);
+       }
 
-    if (ssl_ctx_TLSv1) {
-       SSL_CTX_free(ssl_ctx_TLSv1);
-    }
+       if (ssl_ctx_TLSv1) {
+               SSL_CTX_free(ssl_ctx_TLSv1);
+       }
 }
 
 gboolean ssl_init_socket(SockInfo *sockinfo)
 {
-    return ssl_init_socket_with_method(sockinfo, SSL_METHOD_SSLv23);
+       return ssl_init_socket_with_method(sockinfo, SSL_METHOD_SSLv23);
 }
 
 gboolean ssl_init_socket_with_method(SockInfo *sockinfo, SSLMethod method)
 {
-    X509 *server_cert;
-    gint ret;
+       X509 *server_cert;
+       gint ret;
+
+       switch (method) {
+               case SSL_METHOD_SSLv23:
+                       if (!ssl_ctx_SSLv23) {
+                               log_warning(_("SSL method not available\n"));
+                               return FALSE;
+                       }
+                       sockinfo->ssl = SSL_new(ssl_ctx_SSLv23);
+                       break;
+               case SSL_METHOD_TLSv1:
+                       if (!ssl_ctx_TLSv1) {
+                               log_warning(_("SSL method not available\n"));
+                               return FALSE;
+                       }
+                       sockinfo->ssl = SSL_new(ssl_ctx_TLSv1);
+                       break;
+               default:
+                       log_warning(_("Unknown SSL method *PROGRAM BUG*\n"));
+                       return FALSE;
+                       break;
+       }
 
-    switch (method) {
-       case SSL_METHOD_SSLv23:
-           if (!ssl_ctx_SSLv23) {
-               log_warning(_("SSL method not available\n"));
-               return FALSE;
-           }
-           sockinfo->ssl = SSL_new(ssl_ctx_SSLv23);
-           break;
-       case SSL_METHOD_TLSv1:
-           if (!ssl_ctx_TLSv1) {
-               log_warning(_("SSL method not available\n"));
+       if (sockinfo->ssl == NULL) {
+               log_warning(_("Error creating ssl context\n"));
                return FALSE;
-           }
-           sockinfo->ssl = SSL_new(ssl_ctx_TLSv1);
-           break;
-       default:
-           log_warning(_("Unknown SSL method *PROGRAM BUG*\n"));
-           return FALSE;
-           break;
-    }
+       }
 
-    if (sockinfo->ssl == NULL) {
-       log_warning(_("Error creating ssl context\n"));
-       return FALSE;
-    }
+       SSL_set_fd(sockinfo->ssl, sockinfo->sock);
+       if ((ret = SSL_connect(sockinfo->ssl)) == -1) {
+               log_warning(_("SSL connect failed (%s)\n"),
+                           ERR_error_string(ERR_get_error(), NULL));
+               return FALSE;
+       }
 
-    SSL_set_fd(sockinfo->ssl, sockinfo->sock);
-    if ((ret = SSL_connect(sockinfo->ssl)) == -1) {
-       log_warning(_("SSL connect failed (%s)\n"),
-                   ERR_error_string(ERR_get_error(), NULL));
-       return FALSE;
-    }
+       /* Get the cipher */
+       log_print(_("SSL connection using %s\n"), SSL_get_cipher(sockinfo->ssl));
 
-    /* Get the cipher */
+       /* Get server's certificate (note: beware of dynamic allocation) */
 
-    log_print(_("SSL connection using %s\n"), SSL_get_cipher(sockinfo->ssl));
+       if ((server_cert = SSL_get_peer_certificate(sockinfo->ssl)) != NULL) {
+               gchar *str;
 
-    /* Get server's certificate (note: beware of dynamic allocation) */
+               log_print(_("Server certificate:\n"));
 
-    if ((server_cert = SSL_get_peer_certificate(sockinfo->ssl)) != NULL) {
-       gchar *str;
+               if ((str = X509_NAME_oneline(X509_get_subject_name(server_cert), 0, 0)) != NULL) {
+                       log_print(_("  Subject: %s\n"), str);
+                       free(str);
+               }
 
-       log_print(_("Server certificate:\n"));
+               if ((str = X509_NAME_oneline(X509_get_issuer_name(server_cert), 0, 0)) != NULL) {
+                       log_print(_("  Issuer: %s\n"), str);
+                       free(str);
+               }
 
-       if ((str = X509_NAME_oneline(X509_get_subject_name(server_cert), 0, 0)) != NULL) {
-               log_print(_("  Subject: %s\n"), str);
-               free(str);
+               X509_free(server_cert);
        }
 
-       if ((str = X509_NAME_oneline(X509_get_issuer_name(server_cert), 0, 0)) != NULL) {
-               log_print(_("  Issuer: %s\n"), str);
-               free(str);
-       }
-
-       X509_free(server_cert);
-    }
-
-    return TRUE;
+       return TRUE;
 }
 
 void ssl_done_socket(SockInfo *sockinfo)
 {
-    if (sockinfo->ssl) {
-       SSL_free(sockinfo->ssl);
-    }
+       if (sockinfo->ssl) {
+               SSL_free(sockinfo->ssl);
+       }
 }
 
 #endif /* USE_SSL */