openssl: Use 'CURLcode result'

   in the certificate and must exactly match the IP in the URI.

*/

static CURLcode verifyhost(struct connectdata *conn,

                           X509 *server_cert)

static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert)

{

  int matched = -1; /* -1 is no alternative match yet, 1 means match and 0

                       means mismatch */

#else

  struct in_addr addr;

#endif

  CURLcode res = CURLE_OK;

  CURLcode result = CURLE_OK;

#ifdef ENABLE_IPV6

  if(conn->bits.ipv6_ip &&

    infof(data, "\t subjectAltName does not match %s\n", conn->host.dispname);

    failf(data, "SSL: no alternative certificate subject name matches "

          "target host name '%s'", conn->host.dispname);

    res = CURLE_PEER_FAILED_VERIFICATION;

    result = CURLE_PEER_FAILED_VERIFICATION;

  }

  else {

    /* we have to look to the last occurrence of a commonName in the

          /* there was a terminating zero before the end of string, this

             cannot match and we return failure! */

          failf(data, "SSL: illegal cert name field");

          res = CURLE_PEER_FAILED_VERIFICATION;

          result = CURLE_PEER_FAILED_VERIFICATION;

        }

      }

    }

      }

    }

    if(res)

    if(result)

      /* error already detected, pass through */

      ;

    else if(!peer_CN) {

      failf(data,

            "SSL: unable to obtain common name from peer certificate");

      res = CURLE_PEER_FAILED_VERIFICATION;

      result = CURLE_PEER_FAILED_VERIFICATION;

    }

    else if(!Curl_cert_hostcheck((const char *)peer_CN, conn->host.name)) {

      failf(data, "SSL: certificate subject name '%s' does not match "

            "target host name '%s'", peer_CN, conn->host.dispname);

      res = CURLE_PEER_FAILED_VERIFICATION;

      result = CURLE_PEER_FAILED_VERIFICATION;

    }

    else {

      infof(data, "\t common name: %s (matched)\n", peer_CN);

    if(peer_CN)

      OPENSSL_free(peer_CN);

  }

  return res;

  return result;

}

#endif /* USE_SSLEAY */

  return "unknown";

}

static CURLcode

ossl_connect_step1(struct connectdata *conn,

                   int sockindex)

static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)

{

  CURLcode retcode = CURLE_OK;

  CURLcode result = CURLE_OK;

  char *ciphers;

  struct SessionHandle *data = conn->data;

  SSL_METHOD_QUAL SSL_METHOD *req_method = NULL;

  /* give application a chance to interfere with SSL set up. */

  if(data->set.ssl.fsslctx) {

    retcode = (*data->set.ssl.fsslctx)(data, connssl->ctx,

    result = (*data->set.ssl.fsslctx)(data, connssl->ctx,

                                      data->set.ssl.fsslctxp);

    if(retcode) {

    if(result) {

      failf(data,"error signaled by ssl ctx callback");

      return retcode;

      return result;

    }

  }

  }

  connssl->connecting_state = ssl_connect_2;

  return CURLE_OK;

}

  char buf[1024];

  char *ptr = buf;

  int i;

  for(i=0; i<sig->length; i++)

    ptr+=snprintf(ptr, sizeof(buf)-(ptr-buf), "%02x:", sig->data[i]);

                             "Cert", biomem->data, biomem->length);

  BIO_free(bio_out);

}

/*

  return retcode;

}

static CURLcode

ossl_connect_step3(struct connectdata *conn,

                   int sockindex)

static CURLcode ossl_connect_step3(struct connectdata *conn, int sockindex)

{

  CURLcode retcode = CURLE_OK;

  CURLcode result = CURLE_OK;

  void *old_ssl_sessionid = NULL;

  struct SessionHandle *data = conn->data;

  struct ssl_connect_data *connssl = &conn->ssl[sockindex];

      incache = FALSE;

    }

  }

  if(!incache) {

    retcode = Curl_ssl_addsessionid(conn, our_ssl_sessionid,

    result = Curl_ssl_addsessionid(conn, our_ssl_sessionid,

                                    0 /* unknown size */);

    if(retcode) {

    if(result) {

      failf(data, "failed to store ssl session");

      return retcode;

      return result;

    }

  }

#ifdef HAVE_SSL_GET1_SESSION

  if(!data->set.ssl.verifypeer && !data->set.ssl.verifyhost)

    (void)servercert(conn, connssl, FALSE);

  else

    retcode = servercert(conn, connssl, TRUE);

    result = servercert(conn, connssl, TRUE);

  if(CURLE_OK == retcode)

  if(!result)

    connssl->connecting_state = ssl_connect_done;

  return retcode;

  return result;

}

static Curl_recv ossl_recv;

  return CURLE_OK;

}

CURLcode

Curl_ossl_connect_nonblocking(struct connectdata *conn,

CURLcode Curl_ossl_connect_nonblocking(struct connectdata *conn,

                                       int sockindex,

                                       bool *done)

{

  return ossl_connect_common(conn, sockindex, TRUE, done);

}

CURLcode

Curl_ossl_connect(struct connectdata *conn,

                  int sockindex)

CURLcode Curl_ossl_connect(struct connectdata *conn, int sockindex)

{

  CURLcode retcode;

  CURLcode result;

  bool done = FALSE;

  retcode = ossl_connect_common(conn, sockindex, FALSE, &done);

  if(retcode)

    return retcode;

  result = ossl_connect_common(conn, sockindex, FALSE, &done);

  if(result)

    return result;

  DEBUGASSERT(done);

  return CURLE_OK;

}

bool Curl_ossl_data_pending(const struct connectdata *conn,

                            int connindex)

bool Curl_ossl_data_pending(const struct connectdata *conn, int connindex)

{

  if(conn->ssl[connindex].handle)

    /* SSL is in use */