[openssl-commits] [openssl] master update
Andy Polyakov
appro at openssl.org
Mon Nov 13 09:59:52 UTC 2017
The branch master has been updated
via 0d2394a8c035c9d1b5a55f1569c1ea9c880b128c (commit)
via 3a63c0edab842af3e84ef1cad2b4eb701eece3e1 (commit)
via 802127e8fc07cbef499b645e7e1ae48ce3ed981c (commit)
via b4c0e4dff6c84a3cdf464587923eaa0f789168b8 (commit)
via 372463103917fcc2b68bd2ba3db55b29ce325705 (commit)
from b741fcd2ddc4e94faee75a47c241fa136854c81f (commit)
- Log -----------------------------------------------------------------
commit 0d2394a8c035c9d1b5a55f1569c1ea9c880b128c
Author: Andy Polyakov <appro at openssl.org>
Date: Sat Nov 11 22:24:12 2017 +0100
Configurations/10-main.conf: add back /WX to VC-WIN32.
We had /WX (treat warnings as errors) in VC-WIN32 for long time. At
some point it was somehow omitted. It's argued that it allows to
keep better focus on new code, which motivates the comeback...
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4721)
commit 3a63c0edab842af3e84ef1cad2b4eb701eece3e1
Author: Andy Polyakov <appro at openssl.org>
Date: Sat Nov 11 22:23:12 2017 +0100
Resolve warnings in VC-WIN32 build, which allows to add /WX.
It's argued that /WX allows to keep better focus on new code, which
motivates its comeback...
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4721)
commit 802127e8fc07cbef499b645e7e1ae48ce3ed981c
Author: Andy Polyakov <appro at openssl.org>
Date: Sat Nov 11 22:21:10 2017 +0100
ssl/ssl_asn1.c: resolve warnings in VC-WIN32 build, which allows to add /WX.
It's argued that /WX allows to keep better focus on new code, which
motivates its comeback...
[Keep this commit separate as reminder for time overhaul.]
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4721)
commit b4c0e4dff6c84a3cdf464587923eaa0f789168b8
Author: Andy Polyakov <appro at openssl.org>
Date: Sat Nov 11 22:15:33 2017 +0100
evp/pbe_scrypt.c: add boundary condition for implicit cast.
Even though |Blen| is declared uint64_t it was casted implicitly to int.
[Caught by VC warning subsytem.]
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4721)
commit 372463103917fcc2b68bd2ba3db55b29ce325705
Author: Andy Polyakov <appro at openssl.org>
Date: Sat Nov 11 22:14:43 2017 +0100
asn1/a_strex.c: fix flags truncation in do_esc_char.
|flags| argument to do_esc_char was apparently truncated by implicit
cast. [Caught by VC warning subsytem.]
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4721)
-----------------------------------------------------------------------
Summary of changes:
Configurations/10-main.conf | 3 +-
apps/apps.c | 2 +-
apps/s_client.c | 9 +-
apps/speed.c | 4 +-
crypto/asn1/a_strex.c | 15 ++-
crypto/bio/b_addr.c | 2 +-
crypto/bio/b_print.c | 2 +-
crypto/bio/b_sock2.c | 23 +++--
crypto/conf/conf_sap.c | 4 +
crypto/ec/curve25519.c | 228 +++++++++++++++++++++----------------------
crypto/evp/pbe_scrypt.c | 16 ++-
crypto/rand/randfile.c | 3 +
ssl/record/rec_layer_s3.c | 2 +-
ssl/ssl_asn1.c | 10 +-
ssl/statem/extensions_clnt.c | 2 +-
ssl/statem/statem_lib.c | 2 +-
ssl/t1_lib.c | 2 +-
test/asn1_encode_test.c | 10 +-
test/asn1_time_test.c | 15 +--
test/bad_dtls_test.c | 8 +-
test/clienthellotest.c | 2 +-
test/crltest.c | 2 +-
test/ct_test.c | 5 +-
test/handshake_helper.c | 4 +-
test/packettest.c | 4 +-
test/sanitytest.c | 3 +-
test/ssltest_old.c | 2 +-
test/testutil/driver.c | 4 +
28 files changed, 208 insertions(+), 180 deletions(-)
diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
index ac85e50..f8f4bd1 100644
--- a/Configurations/10-main.conf
+++ b/Configurations/10-main.conf
@@ -1281,7 +1281,7 @@ sub vms_info {
inherit_from => [ "BASE_Windows" ],
template => 1,
cc => "cl",
- cflags => "-W3 -wd4090 -Gs0 -GF -Gy -nologo -DOPENSSL_SYS_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE",
+ cflags => "-W3 -wd4090 -Gs0 -GF -Gy -nologo -DOPENSSL_SYS_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS",
defines => add(sub { my @defs = ();
unless ($disabled{"zlib-dynamic"}) {
my $zlib =
@@ -1380,6 +1380,7 @@ sub vms_info {
# configure with 'perl Configure VC-WIN32 -DUNICODE -D_UNICODE'
inherit_from => [ "VC-noCE-common", asm("x86_asm"),
sub { $disabled{shared} ? () : "uplink_common" } ],
+ cflags => add("-WX"),
as => sub { vc_win32_info()->{as} },
asflags => sub { vc_win32_info()->{asflags} },
asoutflag => sub { vc_win32_info()->{asoutflag} },
diff --git a/apps/apps.c b/apps/apps.c
index e25739e..fd81567 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1926,7 +1926,7 @@ unsigned char *next_protos_parse(size_t *outlen, const char *in)
OPENSSL_free(out);
return NULL;
}
- out[start] = i - start;
+ out[start] = (unsigned char)(i - start);
start = i + 1;
} else {
out[i + 1] = in[i];
diff --git a/apps/s_client.c b/apps/s_client.c
index 58ed1a5..7c0639f 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -417,10 +417,11 @@ static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
unsigned char ext_buf[4 + 65536];
/* Reconstruct the type/len fields prior to extension data */
- ext_buf[0] = ext_type >> 8;
- ext_buf[1] = ext_type & 0xFF;
- ext_buf[2] = inlen >> 8;
- ext_buf[3] = inlen & 0xFF;
+ inlen &= 0xffff; /* for formal memcmpy correctness */
+ ext_buf[0] = (unsigned char)(ext_type >> 8);
+ ext_buf[1] = (unsigned char)(ext_type);
+ ext_buf[2] = (unsigned char)(inlen >> 8);
+ ext_buf[3] = (unsigned char)(inlen);
memcpy(ext_buf + 4, in, inlen);
BIO_snprintf(pem_name, sizeof(pem_name), "SERVERINFO FOR EXTENSION %d",
diff --git a/apps/speed.c b/apps/speed.c
index 5f293ec..063bc1c 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -3198,8 +3198,8 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher)
RAND_bytes(out, 16);
len += 16;
- aad[11] = len >> 8;
- aad[12] = len;
+ aad[11] = (unsigned char)(len >> 8);
+ aad[12] = (unsigned char)(len);
pad = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_TLS1_AAD,
EVP_AEAD_TLS1_AAD_LEN, aad);
EVP_Cipher(ctx, out, inp, len + pad);
diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
index 1bc0679..933dda9 100644
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -63,7 +63,7 @@ typedef int char_io (void *arg, const void *buf, int len);
* even 4 byte forms.
*/
-static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
+static int do_esc_char(unsigned long c, unsigned short flags, char *do_quotes,
char_io *io_ch, void *arg)
{
unsigned short chflgs;
@@ -116,7 +116,7 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
* If we get this far and do any escaping at all must escape the escape
* character itself: backslash.
*/
- if (chtmp == '\\' && flags & ESC_FLAGS) {
+ if (chtmp == '\\' && (flags & ESC_FLAGS)) {
if (!io_ch(arg, "\\\\", 2))
return -1;
return 2;
@@ -143,6 +143,7 @@ static int do_buf(unsigned char *buf, int buflen,
unsigned short orflags;
unsigned char *p, *q;
unsigned long c;
+
p = buf;
q = buf + buflen;
outlen = 0;
@@ -190,17 +191,15 @@ static int do_buf(unsigned char *buf, int buflen,
* otherwise each character will be > 0x7f and so the
* character will never be escaped on first and last.
*/
- len =
- do_esc_char(utfbuf[i], (unsigned short)(flags | orflags),
- quotes, io_ch, arg);
+ len = do_esc_char(utfbuf[i], flags | orflags, quotes,
+ io_ch, arg);
if (len < 0)
return -1;
outlen += len;
}
} else {
- len =
- do_esc_char(c, (unsigned short)(flags | orflags), quotes,
- io_ch, arg);
+ len = do_esc_char(c, flags | orflags, quotes,
+ io_ch, arg);
if (len < 0)
return -1;
outlen += len;
diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c
index 47e4fc2..d6d70a1 100644
--- a/crypto/bio/b_addr.c
+++ b/crypto/bio/b_addr.c
@@ -821,7 +821,7 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
if (endp != service && *endp == '\0'
&& portnum > 0 && portnum < 65536) {
- se_fallback.s_port = htons(portnum);
+ se_fallback.s_port = htons((unsigned short)portnum);
se_fallback.s_proto = proto;
se = &se_fallback;
} else if (endp == service) {
diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c
index 2180fd5..de017b6 100644
--- a/crypto/bio/b_print.c
+++ b/crypto/bio/b_print.c
@@ -9,9 +9,9 @@
#include <stdio.h>
#include <string.h>
+#include "internal/cryptlib.h"
#include "internal/ctype.h"
#include "internal/numbers.h"
-#include "internal/cryptlib.h"
#include <openssl/bio.h>
/*
diff --git a/crypto/bio/b_sock2.c b/crypto/bio/b_sock2.c
index 7f4d89e..a28e1b4 100644
--- a/crypto/bio/b_sock2.c
+++ b/crypto/bio/b_sock2.c
@@ -76,7 +76,7 @@ int BIO_socket(int domain, int socktype, int protocol, int options)
*/
int BIO_connect(int sock, const BIO_ADDR *addr, int options)
{
- int on = 1;
+ const int on = 1;
if (sock == -1) {
BIOerr(BIO_F_BIO_CONNECT, BIO_R_INVALID_SOCKET);
@@ -87,7 +87,8 @@ int BIO_connect(int sock, const BIO_ADDR *addr, int options)
return 0;
if (options & BIO_SOCK_KEEPALIVE) {
- if (setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) != 0) {
+ if (setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE,
+ (const void *)&on, sizeof(on)) != 0) {
SYSerr(SYS_F_SETSOCKOPT, get_last_socket_error());
BIOerr(BIO_F_BIO_CONNECT, BIO_R_UNABLE_TO_KEEPALIVE);
return 0;
@@ -95,7 +96,8 @@ int BIO_connect(int sock, const BIO_ADDR *addr, int options)
}
if (options & BIO_SOCK_NODELAY) {
- if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on)) != 0) {
+ if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY,
+ (const void *)&on, sizeof(on)) != 0) {
SYSerr(SYS_F_SETSOCKOPT, get_last_socket_error());
BIOerr(BIO_F_BIO_CONNECT, BIO_R_UNABLE_TO_NODELAY);
return 0;
@@ -161,7 +163,8 @@ int BIO_listen(int sock, const BIO_ADDR *addr, int options)
return 0;
}
- if (getsockopt(sock, SOL_SOCKET, SO_TYPE, &socktype, &socktype_len) != 0
+ if (getsockopt(sock, SOL_SOCKET, SO_TYPE,
+ (void *)&socktype, &socktype_len) != 0
|| socktype_len != sizeof(socktype)) {
SYSerr(SYS_F_GETSOCKOPT, get_last_socket_error());
BIOerr(BIO_F_BIO_LISTEN, BIO_R_GETTING_SOCKTYPE);
@@ -175,7 +178,8 @@ int BIO_listen(int sock, const BIO_ADDR *addr, int options)
/* SO_REUSEADDR has different behavior on Windows than on
* other operating systems, don't set it there. */
if (options & BIO_SOCK_REUSEADDR) {
- if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) != 0) {
+ if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR,
+ (const void *)&on, sizeof(on)) != 0) {
SYSerr(SYS_F_SETSOCKOPT, get_last_socket_error());
BIOerr(BIO_F_BIO_LISTEN, BIO_R_UNABLE_TO_REUSEADDR);
return 0;
@@ -184,7 +188,8 @@ int BIO_listen(int sock, const BIO_ADDR *addr, int options)
# endif
if (options & BIO_SOCK_KEEPALIVE) {
- if (setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, &on, sizeof(on)) != 0) {
+ if (setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE,
+ (const void *)&on, sizeof(on)) != 0) {
SYSerr(SYS_F_SETSOCKOPT, get_last_socket_error());
BIOerr(BIO_F_BIO_LISTEN, BIO_R_UNABLE_TO_KEEPALIVE);
return 0;
@@ -192,7 +197,8 @@ int BIO_listen(int sock, const BIO_ADDR *addr, int options)
}
if (options & BIO_SOCK_NODELAY) {
- if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on)) != 0) {
+ if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY,
+ (const void *)&on, sizeof(on)) != 0) {
SYSerr(SYS_F_SETSOCKOPT, get_last_socket_error());
BIOerr(BIO_F_BIO_LISTEN, BIO_R_UNABLE_TO_NODELAY);
return 0;
@@ -201,7 +207,8 @@ int BIO_listen(int sock, const BIO_ADDR *addr, int options)
# ifdef IPV6_V6ONLY
if ((options & BIO_SOCK_V6_ONLY) && BIO_ADDR_family(addr) == AF_INET6) {
- if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, sizeof(on)) != 0) {
+ if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
+ (const void *)&on, sizeof(on)) != 0) {
SYSerr(SYS_F_SETSOCKOPT, get_last_socket_error());
BIOerr(BIO_F_BIO_LISTEN, BIO_R_LISTEN_V6_ONLY);
return 0;
diff --git a/crypto/conf/conf_sap.c b/crypto/conf/conf_sap.c
index 0815109..3d2e065 100644
--- a/crypto/conf/conf_sap.c
+++ b/crypto/conf/conf_sap.c
@@ -15,6 +15,10 @@
#include <openssl/asn1.h>
#include <openssl/engine.h>
+#ifdef _WIN32
+# define strdup _strdup
+#endif
+
/*
* This is the automatic configuration loader: it is called automatically by
* OpenSSL when any of a number of standard initialisation functions are
diff --git a/crypto/ec/curve25519.c b/crypto/ec/curve25519.c
index 8002b3e..ee0634f 100644
--- a/crypto/ec/curve25519.c
+++ b/crypto/ec/curve25519.c
@@ -80,16 +80,16 @@ static void fe_frombytes(fe h, const uint8_t *s) {
carry6 = h6 + (1 << 25); h7 += carry6 >> 26; h6 -= carry6 & kTop38Bits;
carry8 = h8 + (1 << 25); h9 += carry8 >> 26; h8 -= carry8 & kTop38Bits;
- h[0] = h0;
- h[1] = h1;
- h[2] = h2;
- h[3] = h3;
- h[4] = h4;
- h[5] = h5;
- h[6] = h6;
- h[7] = h7;
- h[8] = h8;
- h[9] = h9;
+ h[0] = (int32_t)h0;
+ h[1] = (int32_t)h1;
+ h[2] = (int32_t)h2;
+ h[3] = (int32_t)h3;
+ h[4] = (int32_t)h4;
+ h[5] = (int32_t)h5;
+ h[6] = (int32_t)h6;
+ h[7] = (int32_t)h7;
+ h[8] = (int32_t)h8;
+ h[9] = (int32_t)h9;
}
/* Preconditions:
@@ -471,16 +471,16 @@ static void fe_mul(fe h, const fe f, const fe g) {
/* |h0| <= 2^25; from now on fits into int32 unchanged */
/* |h1| <= 1.01*2^24 */
- h[0] = h0;
- h[1] = h1;
- h[2] = h2;
- h[3] = h3;
- h[4] = h4;
- h[5] = h5;
- h[6] = h6;
- h[7] = h7;
- h[8] = h8;
- h[9] = h9;
+ h[0] = (int32_t)h0;
+ h[1] = (int32_t)h1;
+ h[2] = (int32_t)h2;
+ h[3] = (int32_t)h3;
+ h[4] = (int32_t)h4;
+ h[5] = (int32_t)h5;
+ h[6] = (int32_t)h6;
+ h[7] = (int32_t)h7;
+ h[8] = (int32_t)h8;
+ h[9] = (int32_t)h9;
}
/* h = f * f
@@ -612,16 +612,16 @@ static void fe_sq(fe h, const fe f) {
carry0 = h0 + (1 << 25); h1 += carry0 >> 26; h0 -= carry0 & kTop38Bits;
- h[0] = h0;
- h[1] = h1;
- h[2] = h2;
- h[3] = h3;
- h[4] = h4;
- h[5] = h5;
- h[6] = h6;
- h[7] = h7;
- h[8] = h8;
- h[9] = h9;
+ h[0] = (int32_t)h0;
+ h[1] = (int32_t)h1;
+ h[2] = (int32_t)h2;
+ h[3] = (int32_t)h3;
+ h[4] = (int32_t)h4;
+ h[5] = (int32_t)h5;
+ h[6] = (int32_t)h6;
+ h[7] = (int32_t)h7;
+ h[8] = (int32_t)h8;
+ h[9] = (int32_t)h9;
}
static void fe_invert(fe out, const fe z) {
@@ -911,16 +911,16 @@ static void fe_sq2(fe h, const fe f) {
carry0 = h0 + (1 << 25); h1 += carry0 >> 26; h0 -= carry0 & kTop38Bits;
- h[0] = h0;
- h[1] = h1;
- h[2] = h2;
- h[3] = h3;
- h[4] = h4;
- h[5] = h5;
- h[6] = h6;
- h[7] = h7;
- h[8] = h8;
- h[9] = h9;
+ h[0] = (int32_t)h0;
+ h[1] = (int32_t)h1;
+ h[2] = (int32_t)h2;
+ h[3] = (int32_t)h3;
+ h[4] = (int32_t)h4;
+ h[5] = (int32_t)h5;
+ h[6] = (int32_t)h6;
+ h[7] = (int32_t)h7;
+ h[8] = (int32_t)h8;
+ h[9] = (int32_t)h9;
}
static void fe_pow22523(fe out, const fe z) {
@@ -3519,16 +3519,16 @@ static void fe_mul121666(fe h, fe f) {
carry6 = h6 + (1 << 25); h7 += carry6 >> 26; h6 -= carry6 & kTop38Bits;
carry8 = h8 + (1 << 25); h9 += carry8 >> 26; h8 -= carry8 & kTop38Bits;
- h[0] = h0;
- h[1] = h1;
- h[2] = h2;
- h[3] = h3;
- h[4] = h4;
- h[5] = h5;
- h[6] = h6;
- h[7] = h7;
- h[8] = h8;
- h[9] = h9;
+ h[0] = (int32_t)h0;
+ h[1] = (int32_t)h1;
+ h[2] = (int32_t)h2;
+ h[3] = (int32_t)h3;
+ h[4] = (int32_t)h4;
+ h[5] = (int32_t)h5;
+ h[6] = (int32_t)h6;
+ h[7] = (int32_t)h7;
+ h[8] = (int32_t)h8;
+ h[9] = (int32_t)h9;
}
static void x25519_scalar_mult_generic(uint8_t out[32],
@@ -4072,38 +4072,38 @@ static void x25519_sc_reduce(uint8_t *s) {
s11 += carry10;
s10 -= carry10 * (1 << 21);
- s[0] = s0 >> 0;
- s[1] = s0 >> 8;
- s[2] = (s0 >> 16) | (s1 << 5);
- s[3] = s1 >> 3;
- s[4] = s1 >> 11;
- s[5] = (s1 >> 19) | (s2 << 2);
- s[6] = s2 >> 6;
- s[7] = (s2 >> 14) | (s3 << 7);
- s[8] = s3 >> 1;
- s[9] = s3 >> 9;
- s[10] = (s3 >> 17) | (s4 << 4);
- s[11] = s4 >> 4;
- s[12] = s4 >> 12;
- s[13] = (s4 >> 20) | (s5 << 1);
- s[14] = s5 >> 7;
- s[15] = (s5 >> 15) | (s6 << 6);
- s[16] = s6 >> 2;
- s[17] = s6 >> 10;
- s[18] = (s6 >> 18) | (s7 << 3);
- s[19] = s7 >> 5;
- s[20] = s7 >> 13;
- s[21] = s8 >> 0;
- s[22] = s8 >> 8;
- s[23] = (s8 >> 16) | (s9 << 5);
- s[24] = s9 >> 3;
- s[25] = s9 >> 11;
- s[26] = (s9 >> 19) | (s10 << 2);
- s[27] = s10 >> 6;
- s[28] = (s10 >> 14) | (s11 << 7);
- s[29] = s11 >> 1;
- s[30] = s11 >> 9;
- s[31] = s11 >> 17;
+ s[0] = (uint8_t)(s0 >> 0);
+ s[1] = (uint8_t)(s0 >> 8);
+ s[2] = (uint8_t)((s0 >> 16) | (s1 << 5));
+ s[3] = (uint8_t)(s1 >> 3);
+ s[4] = (uint8_t)(s1 >> 11);
+ s[5] = (uint8_t)((s1 >> 19) | (s2 << 2));
+ s[6] = (uint8_t)(s2 >> 6);
+ s[7] = (uint8_t)((s2 >> 14) | (s3 << 7));
+ s[8] = (uint8_t)(s3 >> 1);
+ s[9] = (uint8_t)(s3 >> 9);
+ s[10] = (uint8_t)((s3 >> 17) | (s4 << 4));
+ s[11] = (uint8_t)(s4 >> 4);
+ s[12] = (uint8_t)(s4 >> 12);
+ s[13] = (uint8_t)((s4 >> 20) | (s5 << 1));
+ s[14] = (uint8_t)(s5 >> 7);
+ s[15] = (uint8_t)((s5 >> 15) | (s6 << 6));
+ s[16] = (uint8_t)(s6 >> 2);
+ s[17] = (uint8_t)(s6 >> 10);
+ s[18] = (uint8_t)((s6 >> 18) | (s7 << 3));
+ s[19] = (uint8_t)(s7 >> 5);
+ s[20] = (uint8_t)(s7 >> 13);
+ s[21] = (uint8_t)(s8 >> 0);
+ s[22] = (uint8_t)(s8 >> 8);
+ s[23] = (uint8_t)((s8 >> 16) | (s9 << 5));
+ s[24] = (uint8_t)(s9 >> 3);
+ s[25] = (uint8_t)(s9 >> 11);
+ s[26] = (uint8_t)((s9 >> 19) | (s10 << 2));
+ s[27] = (uint8_t)(s10 >> 6);
+ s[28] = (uint8_t)((s10 >> 14) | (s11 << 7));
+ s[29] = (uint8_t)(s11 >> 1);
+ s[30] = (uint8_t)(s11 >> 9);
+ s[31] = (uint8_t)(s11 >> 17);
}
/* Input:
@@ -4561,38 +4561,38 @@ static void sc_muladd(uint8_t *s, const uint8_t *a, const uint8_t *b,
s11 += carry10;
s10 -= carry10 * (1 << 21);
- s[0] = s0 >> 0;
- s[1] = s0 >> 8;
- s[2] = (s0 >> 16) | (s1 << 5);
- s[3] = s1 >> 3;
- s[4] = s1 >> 11;
- s[5] = (s1 >> 19) | (s2 << 2);
- s[6] = s2 >> 6;
- s[7] = (s2 >> 14) | (s3 << 7);
- s[8] = s3 >> 1;
- s[9] = s3 >> 9;
- s[10] = (s3 >> 17) | (s4 << 4);
- s[11] = s4 >> 4;
- s[12] = s4 >> 12;
- s[13] = (s4 >> 20) | (s5 << 1);
- s[14] = s5 >> 7;
- s[15] = (s5 >> 15) | (s6 << 6);
- s[16] = s6 >> 2;
- s[17] = s6 >> 10;
- s[18] = (s6 >> 18) | (s7 << 3);
- s[19] = s7 >> 5;
- s[20] = s7 >> 13;
- s[21] = s8 >> 0;
- s[22] = s8 >> 8;
- s[23] = (s8 >> 16) | (s9 << 5);
- s[24] = s9 >> 3;
- s[25] = s9 >> 11;
- s[26] = (s9 >> 19) | (s10 << 2);
- s[27] = s10 >> 6;
- s[28] = (s10 >> 14) | (s11 << 7);
- s[29] = s11 >> 1;
- s[30] = s11 >> 9;
- s[31] = s11 >> 17;
+ s[0] = (uint8_t)(s0 >> 0);
+ s[1] = (uint8_t)(s0 >> 8);
+ s[2] = (uint8_t)((s0 >> 16) | (s1 << 5));
+ s[3] = (uint8_t)(s1 >> 3);
+ s[4] = (uint8_t)(s1 >> 11);
+ s[5] = (uint8_t)((s1 >> 19) | (s2 << 2));
+ s[6] = (uint8_t)(s2 >> 6);
+ s[7] = (uint8_t)((s2 >> 14) | (s3 << 7));
+ s[8] = (uint8_t)(s3 >> 1);
+ s[9] = (uint8_t)(s3 >> 9);
+ s[10] = (uint8_t)((s3 >> 17) | (s4 << 4));
+ s[11] = (uint8_t)(s4 >> 4);
+ s[12] = (uint8_t)(s4 >> 12);
+ s[13] = (uint8_t)((s4 >> 20) | (s5 << 1));
+ s[14] = (uint8_t)(s5 >> 7);
+ s[15] = (uint8_t)((s5 >> 15) | (s6 << 6));
+ s[16] = (uint8_t)(s6 >> 2);
+ s[17] = (uint8_t)(s6 >> 10);
+ s[18] = (uint8_t)((s6 >> 18) | (s7 << 3));
+ s[19] = (uint8_t)(s7 >> 5);
+ s[20] = (uint8_t)(s7 >> 13);
+ s[21] = (uint8_t)(s8 >> 0);
+ s[22] = (uint8_t)(s8 >> 8);
+ s[23] = (uint8_t)((s8 >> 16) | (s9 << 5));
+ s[24] = (uint8_t)(s9 >> 3);
+ s[25] = (uint8_t)(s9 >> 11);
+ s[26] = (uint8_t)((s9 >> 19) | (s10 << 2));
+ s[27] = (uint8_t)(s10 >> 6);
+ s[28] = (uint8_t)((s10 >> 14) | (s11 << 7));
+ s[29] = (uint8_t)(s11 >> 1);
+ s[30] = (uint8_t)(s11 >> 9);
+ s[31] = (uint8_t)(s11 >> 17);
}
int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len,
diff --git a/crypto/evp/pbe_scrypt.c b/crypto/evp/pbe_scrypt.c
index b30e6d5..fddabc9 100644
--- a/crypto/evp/pbe_scrypt.c
+++ b/crypto/evp/pbe_scrypt.c
@@ -191,6 +191,14 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
* p * r < SCRYPT_PR_MAX
*/
Blen = p * 128 * r;
+ /*
+ * Yet we pass it as integer to PKCS5_PBKDF2_HMAC... [This would
+ * have to be revised when/if PKCS5_PBKDF2_HMAC accepts size_t.]
+ */
+ if (Blen > INT_MAX) {
+ EVPerr(EVP_F_EVP_PBE_SCRYPT, EVP_R_MEMORY_LIMIT_EXCEEDED);
+ return 0;
+ }
/*
* Check 32 * r * (N + 2) * sizeof(uint32_t) fits in uint64_t
@@ -221,25 +229,25 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen,
if (key == NULL)
return 1;
- B = OPENSSL_malloc(Blen + Vlen);
+ B = OPENSSL_malloc((size_t)(Blen + Vlen));
if (B == NULL)
return 0;
X = (uint32_t *)(B + Blen);
T = X + 32 * r;
V = T + 32 * r;
if (PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, 1, EVP_sha256(),
- Blen, B) == 0)
+ (int)Blen, B) == 0)
goto err;
for (i = 0; i < p; i++)
scryptROMix(B + 128 * r * i, r, N, X, T, V);
- if (PKCS5_PBKDF2_HMAC(pass, passlen, B, Blen, 1, EVP_sha256(),
+ if (PKCS5_PBKDF2_HMAC(pass, passlen, B, (int)Blen, 1, EVP_sha256(),
keylen, key) == 0)
goto err;
rv = 1;
err:
- OPENSSL_clear_free(B, Blen + Vlen);
+ OPENSSL_clear_free(B, (size_t)(Blen + Vlen));
return rv;
}
#endif
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
index d024f69..d4edc50 100644
--- a/crypto/rand/randfile.c
+++ b/crypto/rand/randfile.c
@@ -25,6 +25,9 @@
#ifndef OPENSSL_NO_POSIX_IO
# include <sys/stat.h>
# include <fcntl.h>
+# ifdef _WIN32
+# include <io.h>
+# endif
#endif
/*
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index c1101a6..317719b 100644
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -1417,7 +1417,7 @@ int ssl3_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf,
memcpy(dest + *dest_len,
SSL3_RECORD_get_data(rr) + SSL3_RECORD_get_off(rr), n);
SSL3_RECORD_add_off(rr, n);
- SSL3_RECORD_add_length(rr, -n);
+ SSL3_RECORD_sub_length(rr, n);
*dest_len += n;
if (SSL3_RECORD_get_length(rr) == 0)
SSL3_RECORD_set_read(rr);
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 7258618..9327b33 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -296,12 +296,12 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
ret->master_key_length = tmpl;
if (as->time != 0)
- ret->time = as->time;
+ ret->time = (long)as->time;
else
- ret->time = (unsigned long)time(NULL);
+ ret->time = (long)time(NULL);
if (as->timeout != 0)
- ret->timeout = as->timeout;
+ ret->timeout = (long)as->timeout;
else
ret->timeout = 3;
@@ -326,7 +326,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
goto err;
#endif
- ret->ext.tick_lifetime_hint = as->tlsext_tick_lifetime_hint;
+ ret->ext.tick_lifetime_hint = (unsigned long)as->tlsext_tick_lifetime_hint;
ret->ext.tick_age_add = as->tlsext_tick_age_add;
if (as->tlsext_tick) {
ret->ext.tick = as->tlsext_tick->data;
@@ -352,7 +352,7 @@ SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
goto err;
#endif /* OPENSSL_NO_SRP */
/* Flags defaults to zero which is fine */
- ret->flags = as->flags;
+ ret->flags = (int32_t)as->flags;
ret->ext.max_early_data = as->max_early_data;
if (as->alpn_selected != NULL) {
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index ff2e0cf..a690751 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1316,7 +1316,7 @@ int tls_parse_stoc_sct(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
OPENSSL_free(s->ext.scts);
s->ext.scts = NULL;
- s->ext.scts_len = size;
+ s->ext.scts_len = (uint16_t)size;
if (size > 0) {
s->ext.scts = OPENSSL_malloc(size);
if (s->ext.scts == NULL
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index 6db8816..cb1fb7d 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -2020,7 +2020,7 @@ int create_synthetic_message_hash(SSL *s)
/* Inject the synthetic message_hash message */
msghdr[0] = SSL3_MT_MESSAGE_HASH;
- msghdr[SSL3_HM_HEADER_LENGTH - 1] = hashlen;
+ msghdr[SSL3_HM_HEADER_LENGTH - 1] = (unsigned char)hashlen;
if (!ssl3_finish_mac(s, msghdr, SSL3_HM_HEADER_LENGTH)
|| !ssl3_finish_mac(s, hashval, hashlen)) {
SSLerr(SSL_F_CREATE_SYNTHETIC_MESSAGE_HASH, ERR_R_INTERNAL_ERROR);
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 48f01ff..c1db7df 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -199,7 +199,7 @@ static uint16_t tls1_nid2group_id(int nid)
size_t i;
for (i = 0; i < OSSL_NELEM(nid_list); i++) {
if (nid_list[i].nid == nid)
- return i + 1;
+ return (uint16_t)(i + 1);
}
return 0;
}
diff --git a/test/asn1_encode_test.c b/test/asn1_encode_test.c
index 3b8d418..e9f459a 100644
--- a/test/asn1_encode_test.c
+++ b/test/asn1_encode_test.c
@@ -577,14 +577,14 @@ static size_t der_encode_length(size_t len, unsigned char **pp)
if (pp != NULL) {
if (lenbytes == 1) {
- *(*pp)++ = len;
+ *(*pp)++ = (unsigned char)len;
} else {
- *(*pp)++ = lenbytes - 1;
+ *(*pp)++ = (unsigned char)(lenbytes - 1);
if (lenbytes == 2) {
- *(*pp)++ = 0x80 | len;
+ *(*pp)++ = (unsigned char)(0x80 | len);
} else {
- *(*pp)++ = 0x80 | (len >> 8);
- *(*pp)++ = len & 0xff;
+ *(*pp)++ = (unsigned char)(0x80 | (len >> 8));
+ *(*pp)++ = (unsigned char)(len);
}
}
}
diff --git a/test/asn1_time_test.c b/test/asn1_time_test.c
index 874260e..113b6fb 100644
--- a/test/asn1_time_test.c
+++ b/test/asn1_time_test.c
@@ -79,22 +79,23 @@ static struct testdata tbl_testdata_pos[] = {
/* ASSUMES SIGNED TIME_T */
static struct testdata tbl_testdata_neg[] = {
- { "19011213204552Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 1, -2147483648, -1, 0, },
+ { "19011213204552Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 1, INT_MIN, -1, 0, },
{ "691006121456Z", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 1, -7472704, -1, 1, },
{ "19691006121456Z", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, -7472704, -1, 1, },
};
+/* explicit casts to time_t short warnings on systems with 32-bit time_t */
static struct testdata tbl_testdata_pos_64bit[] = {
- { "20380119031408Z", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, 0x80000000, 1, 1, },
- { "20380119031409Z", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, 0x80000001, 1, 1, },
- { "380119031408Z", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 1, 0x80000000, 1, 1, },
- { "20500101120000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 1, 2524651200, 1, 0, },
+ { "20380119031408Z", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, (time_t)0x80000000, 1, 1, },
+ { "20380119031409Z", V_ASN1_GENERALIZEDTIME, V_ASN1_UTCTIME, 1, (time_t)0x80000001, 1, 1, },
+ { "380119031408Z", V_ASN1_UTCTIME, V_ASN1_UTCTIME, 1, (time_t)0x80000000, 1, 1, },
+ { "20500101120000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 1, (time_t)2524651200, 1, 0, },
};
/* ASSUMES SIGNED TIME_T */
static struct testdata tbl_testdata_neg_64bit[] = {
- { "19011213204551Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 1, -2147483649, -1, 0, },
- { "19000101120000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 1, -2208945600, -1, 0, },
+ { "19011213204551Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 1, (time_t)-2147483649LL, -1, 0, },
+ { "19000101120000Z", V_ASN1_GENERALIZEDTIME, V_ASN1_GENERALIZEDTIME, 1, (time_t)-2208945600LL, -1, 0, },
};
/* A baseline time to compare to */
diff --git a/test/bad_dtls_test.c b/test/bad_dtls_test.c
index 102de24..5bd4e22 100644
--- a/test/bad_dtls_test.c
+++ b/test/bad_dtls_test.c
@@ -306,8 +306,8 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr,
HMAC_Update(ctx, seq, 6);
HMAC_Update(ctx, &type, 1);
HMAC_Update(ctx, ver, 2); /* Version */
- lenbytes[0] = len >> 8;
- lenbytes[1] = len & 0xff;
+ lenbytes[0] = (unsigned char)(len >> 8);
+ lenbytes[1] = (unsigned char)(len);
HMAC_Update(ctx, lenbytes, 2); /* Length */
HMAC_Update(ctx, enc, len); /* Finally the data itself */
HMAC_Final(ctx, enc + len, NULL);
@@ -331,8 +331,8 @@ static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr,
BIO_write(rbio, ver, 2);
BIO_write(rbio, epoch, 2);
BIO_write(rbio, seq, 6);
- lenbytes[0] = (len + sizeof(iv)) >> 8;
- lenbytes[1] = (len + sizeof(iv)) & 0xff;
+ lenbytes[0] = (unsigned char)((len + sizeof(iv)) >> 8);
+ lenbytes[1] = (unsigned char)(len + sizeof(iv));
BIO_write(rbio, lenbytes, 2);
BIO_write(rbio, iv, sizeof(iv));
diff --git a/test/clienthellotest.c b/test/clienthellotest.c
index acd27d4..8ba65ce 100644
--- a/test/clienthellotest.c
+++ b/test/clienthellotest.c
@@ -126,7 +126,7 @@ static int test_client_hello(int currtest)
* We reset the creation time so that we don't discard the session as
* too old.
*/
- if (!TEST_true(SSL_SESSION_set_time(sess, time(NULL)))
+ if (!TEST_true(SSL_SESSION_set_time(sess, (long)time(NULL)))
|| !TEST_true(SSL_set_session(con, sess)))
goto end;
}
diff --git a/test/crltest.c b/test/crltest.c
index 738ca23..b964637 100644
--- a/test/crltest.c
+++ b/test/crltest.c
@@ -261,7 +261,7 @@ static int verify(X509 *leaf, X509 *root, STACK_OF(X509_CRL) *crls,
X509_STORE_CTX_set0_trusted_stack(ctx, roots);
X509_STORE_CTX_set0_crls(ctx, crls);
X509_VERIFY_PARAM_set_time(param, PARAM_TIME);
- if (!TEST_long_eq(X509_VERIFY_PARAM_get_time(param), PARAM_TIME))
+ if (!TEST_long_eq((long)X509_VERIFY_PARAM_get_time(param), PARAM_TIME))
goto err;
X509_VERIFY_PARAM_set_depth(param, 16);
if (flags)
diff --git a/test/ct_test.c b/test/ct_test.c
index 45dd2e9..21f1868 100644
--- a/test/ct_test.c
+++ b/test/ct_test.c
@@ -501,10 +501,11 @@ static int test_default_ct_policy_eval_ctx_time_is_now(void)
int success = 0;
CT_POLICY_EVAL_CTX *ct_policy_ctx = CT_POLICY_EVAL_CTX_new();
const time_t default_time = CT_POLICY_EVAL_CTX_get_time(ct_policy_ctx) /
- 1000;
+ 1000;
const time_t time_tolerance = 600; /* 10 minutes */
- if (!TEST_uint_le(fabs(difftime(time(NULL), default_time)), time_tolerance))
+ if (!TEST_uint_le((unsigned int)fabs(difftime(time(NULL), default_time)),
+ (unsigned int)time_tolerance))
goto end;
success = 1;
diff --git a/test/handshake_helper.c b/test/handshake_helper.c
index ad1b709..188ec9e 100644
--- a/test/handshake_helper.c
+++ b/test/handshake_helper.c
@@ -350,14 +350,14 @@ static int parse_protos(const char *protos, unsigned char **out, size_t *outlen)
if ((*out)[i] == ',') {
if (!TEST_int_gt(i - 1, prefix))
goto err;
- (*out)[prefix] = i - 1 - prefix;
+ (*out)[prefix] = (unsigned char)(i - 1 - prefix);
prefix = i;
}
i++;
}
if (!TEST_int_gt(len, prefix))
goto err;
- (*out)[prefix] = len - prefix;
+ (*out)[prefix] = (unsigned char)(len - prefix);
return 1;
err:
diff --git a/test/packettest.c b/test/packettest.c
index 98b9ec4..716dec3 100644
--- a/test/packettest.c
+++ b/test/packettest.c
@@ -352,7 +352,7 @@ static int test_PACKET_get_length_prefixed_1(void)
unsigned int i;
PACKET pkt, short_pkt, subpkt = {0};
- buf1[0] = len;
+ buf1[0] = (unsigned char)len;
for (i = 1; i < BUF_LEN; i++)
buf1[i] = (i * 2) & 0xff;
@@ -422,7 +422,7 @@ static int test_PACKET_as_length_prefixed_1(void)
unsigned int i;
PACKET pkt, exact_pkt, subpkt = {0};
- buf1[0] = len;
+ buf1[0] = (unsigned char)len;
for (i = 1; i < BUF_LEN; i++)
buf1[i] = (i * 2) & 0xff;
diff --git a/test/sanitytest.c b/test/sanitytest.c
index e9afb44..5954f7e 100644
--- a/test/sanitytest.c
+++ b/test/sanitytest.c
@@ -8,9 +8,8 @@
*/
#include <string.h>
-#include "internal/numbers.h"
-
#include "testutil.h"
+#include "internal/numbers.h"
static int test_sanity_null_zero(void)
{
diff --git a/test/ssltest_old.c b/test/ssltest_old.c
index ebe052f..a4e596a 100644
--- a/test/ssltest_old.c
+++ b/test/ssltest_old.c
@@ -281,7 +281,7 @@ static unsigned char *next_protos_parse(size_t *outlen,
OPENSSL_free(out);
return NULL;
}
- out[start] = i - start;
+ out[start] = (unsigned char)(i - start);
start = i + 1;
} else
out[i + 1] = in[i];
diff --git a/test/testutil/driver.c b/test/testutil/driver.c
index 2c28a73..48593f9 100644
--- a/test/testutil/driver.c
+++ b/test/testutil/driver.c
@@ -17,6 +17,10 @@
#include "internal/nelem.h"
#include <openssl/bio.h>
+#ifdef _WIN32
+# define strdup _strdup
+#endif
+
/*
* Declares the structures needed to register each test case function.
*/
More information about the openssl-commits
mailing list