[openssl-commits] [openssl] OpenSSL_1_0_2-stable update

Andy Polyakov appro at openssl.org
Mon Nov 13 10:17:43 UTC 2017


The branch OpenSSL_1_0_2-stable has been updated
       via  b2921cf7f2468ecf9932527070cd30b3f5cbb467 (commit)
       via  1bc5c3cc9dd5e553c448d82c256d4af5f37ef1c7 (commit)
      from  45a58b161bca9966b2295e91c31869a45448baf1 (commit)


- Log -----------------------------------------------------------------
commit b2921cf7f2468ecf9932527070cd30b3f5cbb467
Author: Andy Polyakov <appro at openssl.org>
Date:   Sat Nov 11 16:27:48 2017 +0100

    Configure: add back /WX to VC-WIN32.
    
    We had /WX (treat warnings as errors) in VC-WIN32 for long time. At
    some point it was somehow omitted. It's argued that it allows to
    keep better focus on new code, which motivates the comeback...
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/4718)

commit 1bc5c3cc9dd5e553c448d82c256d4af5f37ef1c7
Author: Andy Polyakov <appro at openssl.org>
Date:   Sat Nov 11 16:35:46 2017 +0100

    Resolve warnings in VC-WIN32 build, which allows to add /WX.
    
    It's argued that /WX allows to keep better focus on new code, which
    motivates its comeback...
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/4718)

-----------------------------------------------------------------------

Summary of changes:
 Configure               |  4 ++--
 TABLE                   |  4 ++--
 apps/apps.c             |  8 ++++++--
 apps/s_client.c         |  9 +++++----
 apps/speed.c            |  4 ++--
 crypto/bio/b_print.c    |  4 ++--
 crypto/x509v3/v3_scts.c |  2 +-
 ssl/bad_dtls_test.c     | 20 ++++++++++----------
 ssl/ssltest.c           |  4 ++--
 ssl/t1_lib.c            |  2 +-
 10 files changed, 33 insertions(+), 28 deletions(-)

diff --git a/Configure b/Configure
index fd7988e..60386d3 100755
--- a/Configure
+++ b/Configure
@@ -592,9 +592,9 @@ my %table=(
 "debug-VC-WIN64A","cl:-W3 -Gs0 -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:".eval{my $asm=$x86_64_asm;$asm=~s/x86_64-gcc\.o/bn_asm.o/;$asm}.":auto:win32",
 # x86 Win32 target defaults to ANSI API, if you want UNICODE, complement
 # 'perl Configure VC-WIN32' with '-DUNICODE -D_UNICODE'
-"VC-WIN32","cl:-W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
+"VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
 # Unified CE target
-"debug-VC-WIN32","cl:-W3 -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
+"debug-VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32",
 "VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32",
 
 # Borland C++ 4.5
diff --git a/TABLE b/TABLE
index 0987c5f..6163530 100644
--- a/TABLE
+++ b/TABLE
@@ -784,7 +784,7 @@ $multilib     =
 
 *** VC-WIN32
 $cc           = cl
-$cflags       = -W3 -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE
+$cflags       = -W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS
 $unistd       = 
 $thread_cflag = 
 $sys_id       = WIN32
@@ -1634,7 +1634,7 @@ $multilib     =
 
 *** debug-VC-WIN32
 $cc           = cl
-$cflags       = -W3 -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE
+$cflags       = -W3 -WX -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_WINSOCK_DEPRECATED_NO_WARNINGS
 $unistd       = 
 $thread_cflag = 
 $sys_id       = WIN32
diff --git a/apps/apps.c b/apps/apps.c
index c487bd9..29de1b7 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -148,6 +148,10 @@
 #ifdef _WIN32
 static int WIN32_rename(const char *from, const char *to);
 # define rename(from,to) WIN32_rename((from),(to))
+# ifdef fileno
+#  undef fileno
+# endif
+# define fileno(a) (int)_fileno(a)
 #endif
 
 typedef struct {
@@ -2788,13 +2792,13 @@ unsigned char *next_protos_parse(unsigned short *outlen, const char *in)
                 OPENSSL_free(out);
                 return NULL;
             }
-            out[start] = i - start;
+            out[start] = (unsigned char)(i - start);
             start = i + 1;
         } else
             out[i + 1] = in[i];
     }
 
-    *outlen = len + 1;
+    *outlen = (unsigned char)(len + 1);
     return out;
 }
 #endif                          /* ndef OPENSSL_NO_TLSEXT */
diff --git a/apps/s_client.c b/apps/s_client.c
index dc46799..2a0ead7 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -630,10 +630,11 @@ static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type,
     unsigned char ext_buf[4 + 65536];
 
     /* Reconstruct the type/len fields prior to extension data */
-    ext_buf[0] = ext_type >> 8;
-    ext_buf[1] = ext_type & 0xFF;
-    ext_buf[2] = inlen >> 8;
-    ext_buf[3] = inlen & 0xFF;
+    inlen &= 0xffff; /* for formal memcpy correctness */
+    ext_buf[0] = (unsigned char)(ext_type >> 8);
+    ext_buf[1] = (unsigned char)(ext_type);
+    ext_buf[2] = (unsigned char)(inlen >> 8);
+    ext_buf[3] = (unsigned char)(inlen);
     memcpy(ext_buf + 4, in, inlen);
 
     BIO_snprintf(pem_name, sizeof(pem_name), "SERVERINFO FOR EXTENSION %d",
diff --git a/apps/speed.c b/apps/speed.c
index 5259c16..5383678 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -2829,8 +2829,8 @@ static void multiblock_speed(const EVP_CIPHER *evp_cipher)
 
                 RAND_bytes(out, 16);
                 len += 16;
-                aad[11] = len >> 8;
-                aad[12] = len;
+                aad[11] = (unsigned char)(len >> 8);
+                aad[12] = (unsigned char)(len);
                 pad = EVP_CIPHER_CTX_ctrl(&ctx,
                                           EVP_CTRL_AEAD_TLS1_AAD,
                                           EVP_AEAD_TLS1_AAD_LEN, aad);
diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c
index eb3ab75..1c82f53 100644
--- a/crypto/bio/b_print.c
+++ b/crypto/bio/b_print.c
@@ -385,7 +385,7 @@ _dopr(char **sbuffer,
                 if (cflags == DP_C_SHORT) {
                     short int *num;
                     num = va_arg(args, short int *);
-                    *num = currlen;
+                    *num = (short int)currlen;
                 } else if (cflags == DP_C_LONG) { /* XXX */
                     long int *num;
                     num = va_arg(args, long int *);
@@ -502,7 +502,7 @@ fmtint(char **sbuffer,
     if (!(flags & DP_F_UNSIGNED)) {
         if (value < 0) {
             signvalue = '-';
-            uvalue = -(unsigned LLONG)value;
+            uvalue = 0 - (unsigned LLONG)value;
         } else if (flags & DP_F_PLUS)
             signvalue = '+';
         else if (flags & DP_F_SPACE)
diff --git a/crypto/x509v3/v3_scts.c b/crypto/x509v3/v3_scts.c
index 0b7c681..87a6ae1 100644
--- a/crypto/x509v3/v3_scts.c
+++ b/crypto/x509v3/v3_scts.c
@@ -156,7 +156,7 @@ static void timestamp_print(BIO *out, SCT_TIMESTAMP timestamp)
     gen = ASN1_GENERALIZEDTIME_new();
     ASN1_GENERALIZEDTIME_adj(gen, (time_t)0,
                              (int)(timestamp / 86400000),
-                             (timestamp % 86400000) / 1000);
+                             (int)(timestamp % 86400000) / 1000);
     /*
      * Note GeneralizedTime from ASN1_GENERALIZETIME_adj is always 15
      * characters long with a final Z. Update it with fractional seconds.
diff --git a/ssl/bad_dtls_test.c b/ssl/bad_dtls_test.c
index 70d8578..34af37d 100644
--- a/ssl/bad_dtls_test.c
+++ b/ssl/bad_dtls_test.c
@@ -590,13 +590,13 @@ static int send_record(BIO *rbio, unsigned char type, unsigned long seqnr,
     unsigned char *enc;
 
 #ifdef SIXTY_FOUR_BIT_LONG
-    seq[0] = (seqnr >> 40) & 0xff;
-    seq[1] = (seqnr >> 32) & 0xff;
+    seq[0] = (unsigned char)(seqnr >> 40);
+    seq[1] = (unsigned char)(seqnr >> 32);
 #endif
-    seq[2] = (seqnr >> 24) & 0xff;
-    seq[3] = (seqnr >> 16) & 0xff;
-    seq[4] = (seqnr >> 8) & 0xff;
-    seq[5] = seqnr & 0xff;
+    seq[2] = (unsigned char)(seqnr >> 24);
+    seq[3] = (unsigned char)(seqnr >> 16);
+    seq[4] = (unsigned char)(seqnr >> 8);
+    seq[5] = (unsigned char)(seqnr);
 
     pad = 15 - ((len + SHA_DIGEST_LENGTH) % 16);
     enc = OPENSSL_malloc(len + SHA_DIGEST_LENGTH + 1 + pad);
@@ -612,8 +612,8 @@ static int send_record(BIO *rbio, unsigned char type, unsigned long seqnr,
     HMAC_Update(&ctx, seq, 6);
     HMAC_Update(&ctx, &type, 1);
     HMAC_Update(&ctx, ver, 2); /* Version */
-    lenbytes[0] = len >> 8;
-    lenbytes[1] = len & 0xff;
+    lenbytes[0] = (unsigned char)(len >> 8);
+    lenbytes[1] = (unsigned char)(len);
     HMAC_Update(&ctx, lenbytes, 2); /* Length */
     HMAC_Update(&ctx, enc, len); /* Finally the data itself */
     HMAC_Final(&ctx, enc + len, NULL);
@@ -637,8 +637,8 @@ static int send_record(BIO *rbio, unsigned char type, unsigned long seqnr,
     BIO_write(rbio, ver, 2);
     BIO_write(rbio, epoch, 2);
     BIO_write(rbio, seq, 6);
-    lenbytes[0] = (len + sizeof(iv)) >> 8;
-    lenbytes[1] = (len + sizeof(iv)) & 0xff;
+    lenbytes[0] = (unsigned char)((len + sizeof(iv)) >> 8);
+    lenbytes[1] = (unsigned char)(len + sizeof(iv));
     BIO_write(rbio, lenbytes, 2);
 
     BIO_write(rbio, iv, sizeof(iv));
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
index 6171ebc..f6a8f19 100644
--- a/ssl/ssltest.c
+++ b/ssl/ssltest.c
@@ -423,13 +423,13 @@ static unsigned char *next_protos_parse(unsigned short *outlen,
                 OPENSSL_free(out);
                 return NULL;
             }
-            out[start] = i - start;
+            out[start] = (unsigned char)(i - start);
             start = i + 1;
         } else
             out[i + 1] = in[i];
     }
 
-    *outlen = len + 1;
+    *outlen = (unsigned char)(len + 1);
     return out;
 }
 
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 6587e8b..1a4387b 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -1916,7 +1916,7 @@ unsigned char *ssl_add_serverhello_tlsext(SSL *s, unsigned char *buf,
         s2n(TLSEXT_TYPE_application_layer_protocol_negotiation, ret);
         s2n(3 + len, ret);
         s2n(1 + len, ret);
-        *ret++ = len;
+        *ret++ = (unsigned char)len;
         memcpy(ret, selected, len);
         ret += len;
     }


More information about the openssl-commits mailing list