Upgrade to ocamlformat 0.29.0; fix csvt/sexpt streaming; reformat

+1 -1

.ocamlformat

··· 1 - version = 0.28.1 1 + version = 0.29.0

+3 -3

eio/tests/fuzz/fuzz_tls.ml

··· 169 169 try 170 170 let drain = ref false in 171 171 while true do 172 - if !drain = false then begin 173 - match Eio.Stream.take t.recv_commands with 172 + if !drain = false then 173 + begin match Eio.Stream.take t.recv_commands with 174 174 | `Recv -> () 175 175 | `Drain -> drain := true 176 - end; 176 + end; 177 177 let buf = Cstruct.create 4096 in 178 178 let got = Eio.Flow.single_read recv buf in 179 179 let received = Cstruct.to_string buf ~len:got in

+3 -3

fuzz/fuzz_tls.ml

··· 250 250 content_type ^ version ^ String.make 1 len_hi ^ String.make 1 len_lo ^ buf 251 251 in 252 252 (* If claimed > actual, this should not crash or read OOB *) 253 - if claimed > actual_len then begin 254 - match Tls.Reader.parse_record record with 253 + if claimed > actual_len then 254 + begin match Tls.Reader.parse_record record with 255 255 | Ok (`Fragment _) -> () 256 256 | Ok (`Record _) -> () 257 257 | Error _ -> () 258 - end; 258 + end; 259 259 () 260 260 261 261 let suite =

+3 -3

lib/config.ml

··· 369 369 | Some c, None -> 370 370 let* sig_algs = default_sa_from_ciphers c in 371 371 Ok (c, sig_algs) 372 - | None, Some sa -> begin 373 - match List.partition rsa_sigalg sa with 372 + | None, Some sa -> 373 + begin match List.partition rsa_sigalg sa with 374 374 | [], [] -> Error (`Msg "empty signature algorithms provided") 375 375 | _ :: _, [] -> 376 376 Log.warn (fun m -> ··· 391 391 default_ciphers, 392 392 sa ) 393 393 | _ :: _, _ :: _ -> Ok (default_ciphers, sa) 394 - end 394 + end 395 395 | Some c, Some sa -> 396 396 if 397 397 List.exists rsa_sigalg sa

+6 -6

lib/handshake_common.ml

··· 74 74 | None, c :: cs -> match_host ~default:c h (c :: cs) 75 75 | None, [] -> Error (`Error `CouldntSelectCertificate) 76 76 end 77 - | `Multiple cs, None -> begin 78 - match List.filter (fun c -> filter c && filter_sigalg c) cs with 77 + | `Multiple cs, None -> 78 + begin match List.filter (fun c -> filter c && filter_sigalg c) cs with 79 79 | cert :: _ -> Ok cert 80 80 | _ -> Error (`Error `CouldntSelectCertificate) 81 - end 81 + end 82 82 | `Multiple cs, Some h -> ( 83 83 match List.filter (fun c -> filter c && filter_sigalg c) cs with 84 84 | [ cert ] -> Ok cert ··· 389 389 | `TLS_1_0 | `TLS_1_1 -> 390 390 let* signed = 391 391 match private_key with 392 - | `RSA key -> begin 393 - try 392 + | `RSA key -> 393 + begin try 394 394 let data = 395 395 Digestif.( 396 396 MD5.(to_raw_string (digest_string data)) ··· 399 399 Ok (Crypto_pk.Rsa.PKCS1.sig_encode ~key data) 400 400 with Crypto_pk.Rsa.Insufficient_key -> 401 401 Error (`Fatal (`Bad_certificate "RSA key too small")) 402 - end 402 + end 403 403 | k -> 404 404 (* not passing ~scheme: only non-RSA keys sig scheme is trivial *) 405 405 Result.map_error

+18 -14

lib/handshake_server.ml

··· 309 309 (fun c -> Ciphersuite.ciphersuite_keytype c = `RSA) 310 310 cciphers 311 311 with 312 - | _ :: _, [] -> begin 313 - fun s -> 314 - match X509.Certificate.public_key s with 315 - | `RSA _ -> true 316 - | _ -> false 317 - end 318 - | [], _ :: _ -> begin 319 - fun s -> 320 - match X509.Certificate.public_key s with 321 - | `ED25519 _ | `P256 _ | `P384 _ | `P521 _ -> true 322 - | _ -> false 323 - end 324 - | _, _ -> begin fun _s -> true end 312 + | _ :: _, [] -> 313 + begin fun s -> 314 + match X509.Certificate.public_key s with 315 + | `RSA _ -> true 316 + | _ -> false 317 + end 318 + | [], _ :: _ -> 319 + begin fun s -> 320 + match X509.Certificate.public_key s with 321 + | `ED25519 _ | `P256 _ | `P384 _ | `P521 _ -> true 322 + | _ -> false 323 + end 324 + | _, _ -> 325 + begin fun _s -> true 326 + end 325 327 in 326 328 let ku_filter = 327 329 match ··· 331 333 with 332 334 | _ :: _, [] -> supports_key_usage ~not_present:true `Key_encipherment 333 335 | [], _ :: _ -> supports_key_usage ~not_present:true `Digital_signature 334 - | _ -> begin fun _ -> true end 336 + | _ -> 337 + begin fun _ -> true 338 + end 335 339 in 336 340 let kt_matches_group s = 337 341 match X509.Certificate.public_key s with

+6 -6

lib/reader.ml

··· 483 483 | None, _ -> raise_unknown "compression method" 484 484 in 485 485 (* depending on the content of the server_random we have to diverge in behaviour *) 486 - if String.equal server_random helloretryrequest then begin 486 + if String.equal server_random helloretryrequest then 487 487 (* hello retry request, TODO: verify compression=empty *) 488 - match Ciphersuite.ciphersuite_to_ciphersuite13 ciphersuite with 488 + begin match Ciphersuite.ciphersuite_to_ciphersuite13 ciphersuite with 489 489 | None -> raise_unknown "unsupported ciphersuite in hello retry request" 490 490 | Some ciphersuite -> 491 491 let extensions = ··· 512 512 in 513 513 HelloRetryRequest 514 514 { retry_version; sessionid; ciphersuite; selected_group; extensions } 515 - end 515 + end 516 516 else begin 517 517 let extensions = 518 518 if String.length rt' = 0 then [] ··· 664 664 raise_unknown "EC curve type" 665 665 else 666 666 match int_to_named_group (String.get_uint16_be raw 1) with 667 - | Some g -> begin 668 - match named_group_to_group g with 667 + | Some g -> 668 + begin match named_group_to_group g with 669 669 | Some ((`X25519 | `P256 | `P384 | `P521) as g) -> 670 670 let data_len = String.get_uint8 raw 3 in 671 671 let d, rest = split_str ~start:4 raw data_len in 672 672 (g, d, String.sub raw 0 (data_len + 4), rest) 673 673 | _ -> raise_unknown "EC group" 674 - end 674 + end 675 675 | None -> raise_unknown "EC named group" 676 676 677 677 let parse_digitally_signed_exn buf =

Configure Feed

Configure Feed