mirror of https://github.com/wolfSSL/wolfssl
cyassl_int warning changes, submitted by Kevin Baca
This commit is contained in:
parent
b16d620919
commit
0a03838470
|
@ -470,11 +470,11 @@ struct BIO {
|
|||
/* OpenSSL method type */
|
||||
struct SSL_METHOD {
|
||||
ProtocolVersion version;
|
||||
int side; /* connection side, server or client */
|
||||
int verifyPeer; /* request or send certificate */
|
||||
int verifyNone; /* whether to verify certificate */
|
||||
int failNoCert; /* fail if no certificate */
|
||||
int downgrade; /* whether to downgrade version, default no */
|
||||
byte side; /* connection side, server or client */
|
||||
byte verifyPeer; /* request or send certificate */
|
||||
byte verifyNone; /* whether to verify certificate */
|
||||
byte failNoCert; /* fail if no certificate */
|
||||
byte downgrade; /* whether to downgrade version, default no */
|
||||
};
|
||||
|
||||
|
||||
|
|
|
@ -156,6 +156,8 @@ void c32to24(word32 in, word24 out)
|
|||
}
|
||||
|
||||
|
||||
#ifdef CYASLS_DTLS
|
||||
|
||||
static INLINE void c32to48(word32 in, byte out[6])
|
||||
{
|
||||
out[0] = 0;
|
||||
|
@ -166,6 +168,8 @@ static INLINE void c32to48(word32 in, byte out[6])
|
|||
out[5] = in & 0xff;
|
||||
}
|
||||
|
||||
#endif /* CYASSL_DTLS */
|
||||
|
||||
|
||||
/* convert 16 bit integer to opaque */
|
||||
static INLINE void c16toa(word16 u16, byte* c)
|
||||
|
@ -201,6 +205,8 @@ static INLINE void ato16(const byte* c, word16* u16)
|
|||
}
|
||||
|
||||
|
||||
#ifdef CYASSL_DTLS
|
||||
|
||||
/* convert opaque to 32 bit integer */
|
||||
static INLINE void ato32(const byte* c, word32* u32)
|
||||
{
|
||||
|
@ -208,6 +214,8 @@ static INLINE void ato32(const byte* c, word32* u32)
|
|||
*u32 = (c[0] << 24) | (c[1] << 16) | (c[2] << 8) | c[3];
|
||||
}
|
||||
|
||||
#endif /* CYASSL_DTLS */
|
||||
|
||||
|
||||
#ifdef HAVE_LIBZ
|
||||
|
||||
|
@ -397,7 +405,7 @@ void FreeSSL_Ctx(SSL_CTX* ctx)
|
|||
void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK,
|
||||
byte haveNTRU, byte haveECDSA, int side)
|
||||
{
|
||||
word32 idx = 0;
|
||||
word16 idx = 0;
|
||||
int tls = pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_MINOR;
|
||||
int tls1_2 = pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_2_MINOR;
|
||||
int haveRSA = 1;
|
||||
|
@ -653,7 +661,7 @@ int InitSSL(SSL* ssl, SSL_CTX* ctx)
|
|||
ssl->buffers.prevSent = 0;
|
||||
ssl->buffers.plainSz = 0;
|
||||
|
||||
if ( (ret = InitRng(&ssl->rng)) )
|
||||
if ( (ret = InitRng(&ssl->rng)) != 0)
|
||||
return ret;
|
||||
|
||||
InitMd5(&ssl->hashMd5);
|
||||
|
@ -1401,9 +1409,10 @@ static void BuildFinished(SSL* ssl, Hashes* hashes, const byte* sender)
|
|||
/* store current states, building requires get_digest which resets state */
|
||||
Md5 md5 = ssl->hashMd5;
|
||||
Sha sha = ssl->hashSha;
|
||||
const int isTls1_2 = IsAtLeastTLSv1_2(ssl);
|
||||
#ifndef NO_SHA256
|
||||
Sha256 sha256;
|
||||
if (IsAtLeastTLSv1_2(ssl))
|
||||
if (isTls1_2)
|
||||
sha256 = ssl->hashSha256;
|
||||
#endif
|
||||
|
||||
|
@ -1418,7 +1427,7 @@ static void BuildFinished(SSL* ssl, Hashes* hashes, const byte* sender)
|
|||
ssl->hashMd5 = md5;
|
||||
ssl->hashSha = sha;
|
||||
#ifndef NO_SHA256
|
||||
if (IsAtLeastTLSv1_2(ssl))
|
||||
if (isTls1_2)
|
||||
ssl->hashSha256 = sha256;
|
||||
#endif
|
||||
}
|
||||
|
@ -2392,7 +2401,7 @@ static void Hmac(SSL* ssl, byte* digest, const byte* in, word32 sz,
|
|||
byte conLen[ENUM_LEN + LENGTH_SZ]; /* content & length */
|
||||
const byte* macSecret = GetMacSecret(ssl, verify);
|
||||
|
||||
conLen[0] = content;
|
||||
conLen[0] = (byte)content;
|
||||
c16toa((word16)sz, &conLen[ENUM_LEN]);
|
||||
c32toa(GetSEQIncrement(ssl, verify), &seq[sizeof(word32)]);
|
||||
|
||||
|
@ -2472,9 +2481,10 @@ static void BuildCertHashes(SSL* ssl, Hashes* hashes)
|
|||
/* store current states, building requires get_digest which resets state */
|
||||
Md5 md5 = ssl->hashMd5;
|
||||
Sha sha = ssl->hashSha;
|
||||
const int isTls1_2 = IsAtLeastTLSv1_2(ssl);
|
||||
#ifndef NO_SHA256 /* for possible future changes */
|
||||
Sha256 sha256;
|
||||
if (IsAtLeastTLSv1_2(ssl))
|
||||
if (isTls1_2)
|
||||
sha256 = ssl->hashSha256;
|
||||
#endif
|
||||
|
||||
|
@ -2491,7 +2501,7 @@ static void BuildCertHashes(SSL* ssl, Hashes* hashes)
|
|||
ssl->hashMd5 = md5;
|
||||
ssl->hashSha = sha;
|
||||
#ifndef NO_SHA256
|
||||
if (IsAtLeastTLSv1_2(ssl))
|
||||
if (isTls1_2)
|
||||
ssl->hashSha256 = sha256;
|
||||
#endif
|
||||
}
|
||||
|
@ -2531,8 +2541,8 @@ static int BuildMessage(SSL* ssl, byte* output, const byte* input, int inSz,
|
|||
sz += pad;
|
||||
}
|
||||
|
||||
size = sz - headerSz; /* include mac and digest */
|
||||
AddRecordHeader(output, size, type, ssl);
|
||||
size = (word16)(sz - headerSz); /* include mac and digest */
|
||||
AddRecordHeader(output, size, (byte)type, ssl);
|
||||
|
||||
/* write to output */
|
||||
if (ivSz) {
|
||||
|
@ -2548,8 +2558,9 @@ static int BuildMessage(SSL* ssl, byte* output, const byte* input, int inSz,
|
|||
idx += digestSz;
|
||||
|
||||
if (ssl->specs.cipher_type == block)
|
||||
for (i = 0; i <= pad; i++) output[idx++] = pad; /* pad byte gets */
|
||||
/* pad value too */
|
||||
for (i = 0; i <= pad; i++)
|
||||
output[idx++] = (byte)pad; /* pad byte gets pad value too */
|
||||
|
||||
Encrypt(ssl, output + headerSz, output + headerSz, size);
|
||||
|
||||
return sz;
|
||||
|
@ -2734,7 +2745,7 @@ int SendCertificateRequest(SSL* ssl)
|
|||
AddHeaders(output, reqSz, certificate_request, ssl);
|
||||
|
||||
/* write to output */
|
||||
output[i++] = typeTotal; /* # of types */
|
||||
output[i++] = (byte)typeTotal; /* # of types */
|
||||
output[i++] = rsa_sign;
|
||||
|
||||
/* supported hash/sig */
|
||||
|
@ -2935,8 +2946,8 @@ int SendAlert(SSL* ssl, int severity, int type)
|
|||
output = ssl->buffers.outputBuffer.buffer +
|
||||
ssl->buffers.outputBuffer.idx;
|
||||
|
||||
input[0] = severity;
|
||||
input[1] = type;
|
||||
input[0] = (byte)severity;
|
||||
input[1] = (byte)type;
|
||||
|
||||
if (ssl->keys.encryptionOn)
|
||||
sendSz = BuildMessage(ssl, output, input, ALERT_SIZE, alert);
|
||||
|
@ -3500,7 +3511,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
|
|||
ctx->suites.suites[idx++] = ECC_BYTE; /* ECC suite */
|
||||
else
|
||||
ctx->suites.suites[idx++] = 0x00; /* normal */
|
||||
ctx->suites.suites[idx++] = cipher_name_idx[i];
|
||||
ctx->suites.suites[idx++] = (byte)cipher_name_idx[i];
|
||||
|
||||
if (!ret) ret = 1; /* found at least one */
|
||||
break;
|
||||
|
@ -3511,7 +3522,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
|
|||
|
||||
if (ret) {
|
||||
ctx->suites.setSuites = 1;
|
||||
ctx->suites.suiteSz = idx;
|
||||
ctx->suites.suiteSz = (word16)idx;
|
||||
}
|
||||
|
||||
return ret;
|
||||
|
@ -3718,7 +3729,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
|
|||
idx += RAN_LEN;
|
||||
|
||||
/* then session id */
|
||||
output[idx++] = idSz;
|
||||
output[idx++] = (byte)idSz;
|
||||
if (idSz) {
|
||||
XMEMCPY(output + idx, ssl->session.sessionID, ID_LEN);
|
||||
idx += ID_LEN;
|
||||
|
@ -3918,12 +3929,12 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
|
|||
}
|
||||
|
||||
|
||||
static int DoServerKeyExchange(SSL* ssl, const byte* input, word32*
|
||||
inOutIdx)
|
||||
static int DoServerKeyExchange(SSL* ssl, const byte* input,
|
||||
word32* inOutIdx)
|
||||
{
|
||||
word16 sigLen;
|
||||
word16 verifySz;
|
||||
word16 length;
|
||||
word16 length = 0;
|
||||
byte* signature;
|
||||
|
||||
(void)length;
|
||||
|
@ -3933,7 +3944,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
|
|||
signature = 0;
|
||||
|
||||
/* keep start idx */
|
||||
verifySz = *inOutIdx;
|
||||
verifySz = (word16)*inOutIdx;
|
||||
|
||||
#ifdef CYASSL_CALLBACKS
|
||||
if (ssl->hsInfoOn)
|
||||
|
@ -4037,7 +4048,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
|
|||
byte messageVerify[MAX_DH_SZ];
|
||||
|
||||
/* adjust from start idx */
|
||||
verifySz = *inOutIdx - verifySz;
|
||||
verifySz = (word16)(*inOutIdx - verifySz);
|
||||
|
||||
/* save message for hash verify */
|
||||
if (verifySz > sizeof(messageVerify))
|
||||
|
@ -4128,8 +4139,9 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
|
|||
return 0;
|
||||
|
||||
}
|
||||
#endif /* HAVE_OPENSSL or HAVE_ECC */
|
||||
#else /* HAVE_OPENSSL or HAVE_ECC */
|
||||
return NOT_COMPILED_IN; /* not supported by build */
|
||||
#endif /* HAVE_OPENSSL or HAVE_ECC */
|
||||
}
|
||||
|
||||
|
||||
|
@ -4163,7 +4175,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
|
|||
buffer serverG = ssl->buffers.serverDH_G;
|
||||
buffer serverPub = ssl->buffers.serverDH_Pub;
|
||||
byte priv[ENCRYPT_LEN];
|
||||
word32 privSz;
|
||||
word32 privSz = 0;
|
||||
DhKey key;
|
||||
|
||||
if (serverP.buffer == 0 || serverG.buffer == 0 ||
|
||||
|
@ -4780,10 +4792,10 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
|
|||
#ifdef OPENSSL_EXTRA
|
||||
if (ssl->specs.kea == diffie_hellman_kea) {
|
||||
byte *output;
|
||||
word32 length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
|
||||
word32 length = 0, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
|
||||
int sendSz;
|
||||
word32 sigSz, i = 0;
|
||||
word32 preSigSz, preSigIdx;
|
||||
word32 sigSz = 0, i = 0;
|
||||
word32 preSigSz = 0, preSigIdx = 0;
|
||||
RsaKey rsaKey;
|
||||
DhKey dhKey;
|
||||
|
||||
|
@ -4899,7 +4911,7 @@ int SetCipherList(SSL_CTX* ctx, const char* list)
|
|||
output[idx++] = ssl->specs.sig_algo;
|
||||
}
|
||||
/* size */
|
||||
c16toa(sigSz, output + idx);
|
||||
c16toa((word16)sigSz, output + idx);
|
||||
idx += LENGTH_SZ;
|
||||
|
||||
/* do signature */
|
||||
|
|
Loading…
Reference in New Issue