[openssl-commits] [openssl] master update

Ben Laurie ben at openssl.org
Sun Aug 2 06:08:11 UTC 2015 

The branch master has been updated
       via  480405e4a9a8f791324850c4f6b3d36d4e4de4f9 (commit)
       via  d237a2739c91eb97a7be57989de0a18051f98963 (commit)
      from  9e83e6cda97ae9cb3167e5d8548a7ca0b54cc4e6 (commit)


- Log -----------------------------------------------------------------
commit 480405e4a9a8f791324850c4f6b3d36d4e4de4f9
Author: Ben Laurie <ben at links.org>
Date:   Sun Aug 2 02:45:44 2015 +0100

    Add -Wconditional-uninitialized to clang strict warnings.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

commit d237a2739c91eb97a7be57989de0a18051f98963
Author: Ben Laurie <ben at links.org>
Date:   Sun Aug 2 02:21:46 2015 +0100

    Build with --strict-warnings on FreeBSD.
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>

-----------------------------------------------------------------------

Summary of changes:
 Configurations/10-main.conf |  2 +-
 Configure                   |  4 ++--
 apps/s_client.c             |  2 +-
 apps/verify.c               | 46 ++++++++++++++++++++++-----------------------
 4 files changed, 26 insertions(+), 28 deletions(-)

diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
index b5d32b6..15af87e 100644
--- a/Configurations/10-main.conf
+++ b/Configurations/10-main.conf
@@ -830,7 +830,7 @@
         # expands it as -lc_r, which has to be accompanied by explicit
         # -D_THREAD_SAFE and sometimes -D_REENTRANT. FreeBSD 5.x
         # expands it as -lc_r, which seems to be sufficient?
-        cc               => "gcc",
+        cc               => "cc",
         cflags           => "-Wall",
         debug_cflags     => "-O0 -g",
         release_cflags   => "-O3",
diff --git a/Configure b/Configure
index 6cc05bd..fb20e85 100755
--- a/Configure
+++ b/Configure
@@ -101,13 +101,13 @@ my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare
 
 # These are used in addition to $gcc_devteam_warn when the compiler is clang.
 # TODO(openssl-team): fix problems and investigate if (at least) the
-# following warnings can also be enabled: -Wconditional-uninitialized,
+# following warnings can also be enabled:
 # -Wswitch-enum, -Wunused-macros, -Wmissing-field-initializers,
 # -Wmissing-variable-declarations,
 # -Wincompatible-pointer-types-discards-qualifiers, -Wcast-align,
 # -Wunreachable-code -Wunused-parameter -Wlanguage-extension-token
 # -Wextended-offsetof
-my $clang_devteam_warn = "-Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof";
+my $clang_devteam_warn = "-Wno-unused-parameter -Wno-missing-field-initializers -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Qunused-arguments";
 
 my $strict_warnings = 0;
 
diff --git a/apps/s_client.c b/apps/s_client.c
index f4132c8..5971f8a 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -656,7 +656,7 @@ int s_client_main(int argc, char **argv)
     int prexit = 0;
     int enable_timeouts = 0, sdebug = 0, peerlen = sizeof peer;
     int reconnect = 0, verify = SSL_VERIFY_NONE, vpmtouched = 0;
-    int ret = 1, in_init = 1, i, nbio_test = 0, s, k, width, state = 0;
+    int ret = 1, in_init = 1, i, nbio_test = 0, s = -1, k, width, state = 0;
     int sbuf_len, sbuf_off, socket_type = SOCK_STREAM, cmdletters = 1;
     int starttls_proto = PROTO_OFF, crl_format = FORMAT_PEM, crl_download = 0;
     int write_tty, read_tty, write_ssl, read_ssl, tty_on, ssl_pending;
diff --git a/apps/verify.c b/apps/verify.c
index 7fcd32a..8abc708 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -272,37 +272,35 @@ static int check(X509_STORE *ctx, char *file,
     if (crls)
         X509_STORE_CTX_set0_crls(csc, crls);
     i = X509_verify_cert(csc);
-    if (i > 0 && show_chain) {
-        chain = X509_STORE_CTX_get1_chain(csc);
-        num_untrusted = X509_STORE_CTX_get_num_untrusted(csc);
+    if (i > 0) {
+        printf("OK\n");
+        ret = 1;
+	if (show_chain) {
+	    chain = X509_STORE_CTX_get1_chain(csc);
+	    num_untrusted = X509_STORE_CTX_get_num_untrusted(csc);
+	    printf("Chain:\n");
+	    for (i = 0; i < sk_X509_num(chain); i++) {
+		X509 *cert = sk_X509_value(chain, i);
+		printf("depth=%d: ", i);
+		X509_NAME_print_ex_fp(stdout,
+				      X509_get_subject_name(cert),
+				      0, XN_FLAG_ONELINE);
+		if (i < num_untrusted)
+		    printf(" (untrusted)");
+		printf("\n");
+	    }
+	    sk_X509_pop_free(chain, X509_free);
+	}
     }
     X509_STORE_CTX_free(csc);
 
     ret = 0;
  end:
-    if (i > 0) {
-        printf("OK\n");
-        ret = 1;
-    } else
-        ERR_print_errors(bio_err);
-    if (chain) {
-        printf("Chain:\n");
-        for (i = 0; i < sk_X509_num(chain); i++) {
-            X509 *cert = sk_X509_value(chain, i);
-            printf("depth=%d: ", i);
-            X509_NAME_print_ex_fp(stdout,
-                                  X509_get_subject_name(cert),
-                                  0, XN_FLAG_ONELINE);
-            if (i < num_untrusted) {
-                printf(" (untrusted)");
-            }
-            printf("\n");
-        }
-        sk_X509_pop_free(chain, X509_free);
-    }
+    if (i <= 0)
+	ERR_print_errors(bio_err);
     X509_free(x);
 
-    return (ret);
+    return ret;
 }
 
 static int cb(int ok, X509_STORE_CTX *ctx)

More information about the openssl-commits mailing list