fix lots o warnings

This commit is contained in:
toddouska 2012-05-17 17:44:54 -07:00
parent 7c91372621
commit 5bc728b882
6 changed files with 172 additions and 103 deletions

View File

@ -1591,9 +1591,9 @@ static int GetDate(DecodedCert* cert, int dateType)
int length;
byte date[MAX_DATE_SIZE];
byte b;
word32 startIdx = 0;
#ifdef CYASSL_CERT_GEN
word32 startIdx = 0;
if (dateType == BEFORE)
cert->beforeDate = &cert->source[cert->srcIdx];
else
@ -2073,25 +2073,25 @@ static int ConfirmSignature(DecodedCert* cert, const byte* key, word32 keySz,
static void DecodeBasicCaConstraint(byte* input, int sz, DecodedCert* cert)
{
word32 index = 0;
word32 idx = 0;
int length = 0;
CYASSL_ENTER("DecodeBasicCaConstraint");
if (GetSequence(input, &index, &length, sz) < 0) return;
if (GetSequence(input, &idx, &length, sz) < 0) return;
if (input[index++] != ASN_BOOLEAN)
if (input[idx++] != ASN_BOOLEAN)
{
CYASSL_MSG("\tfail: constraint not BOOLEAN");
return;
}
if (GetLength(input, &index, &length, sz) < 0)
if (GetLength(input, &idx, &length, sz) < 0)
{
CYASSL_MSG("\tfail: length");
return;
}
if (input[index])
if (input[idx])
cert->isCA = 1;
}
@ -2103,69 +2103,68 @@ static void DecodeBasicCaConstraint(byte* input, int sz, DecodedCert* cert)
static void DecodeCrlDist(byte* input, int sz, DecodedCert* cert)
{
word32 index = 0;
word32 idx = 0;
int length = 0;
word32 oid;
CYASSL_ENTER("DecodeCrlDist");
/* Unwrap the list of Distribution Points*/
if (GetSequence(input, &index, &length, sz) < 0) return;
if (GetSequence(input, &idx, &length, sz) < 0) return;
/* Unwrap a single Distribution Point */
if (GetSequence(input, &index, &length, sz) < 0) return;
if (GetSequence(input, &idx, &length, sz) < 0) return;
/* The Distribution Point has three explicit optional members
* First check for a DistributionPointName
*/
if (input[index] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
if (input[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
{
index++;
if (GetLength(input, &index, &length, sz) < 0) return;
idx++;
if (GetLength(input, &idx, &length, sz) < 0) return;
if (input[index] ==
if (input[idx] ==
(ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | CRLDP_FULL_NAME))
{
index++;
if (GetLength(input, &index, &length, sz) < 0) return;
idx++;
if (GetLength(input, &idx, &length, sz) < 0) return;
if (input[index] == (ASN_CONTEXT_SPECIFIC | GENERALNAME_URI))
if (input[idx] == (ASN_CONTEXT_SPECIFIC | GENERALNAME_URI))
{
index++;
if (GetLength(input, &index, &length, sz) < 0) return;
idx++;
if (GetLength(input, &idx, &length, sz) < 0) return;
cert->extCrlInfoSz = length;
cert->extCrlInfo = input + index;
index += length;
cert->extCrlInfo = input + idx;
idx += length;
}
else
/* This isn't a URI, skip it. */
index += length;
idx += length;
}
else
/* This isn't a FULLNAME, skip it. */
index += length;
idx += length;
}
/* Check for reasonFlags */
if (index < (word32)sz &&
input[index] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1))
if (idx < (word32)sz &&
input[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1))
{
index++;
if (GetLength(input, &index, &length, sz) < 0) return;
index += length;
idx++;
if (GetLength(input, &idx, &length, sz) < 0) return;
idx += length;
}
/* Check for cRLIssuer */
if (index < (word32)sz &&
input[index] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 2))
if (idx < (word32)sz &&
input[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 2))
{
index++;
if (GetLength(input, &index, &length, sz) < 0) return;
index += length;
idx++;
if (GetLength(input, &idx, &length, sz) < 0) return;
idx += length;
}
if (index < (word32)sz)
if (idx < (word32)sz)
{
CYASSL_MSG("\tThere are more CRL Distribution Point records, "
"but we only use the first one.");
@ -2181,38 +2180,38 @@ static void DecodeAuthInfo(byte* input, int sz, DecodedCert* cert)
* any issues, return without saving the record.
*/
{
word32 index = 0;
word32 idx = 0;
int length = 0;
word32 oid;
/* Unwrap the list of AIAs */
if (GetSequence(input, &index, &length, sz) < 0) return;
if (GetSequence(input, &idx, &length, sz) < 0) return;
/* Unwrap a single AIA */
if (GetSequence(input, &index, &length, sz) < 0) return;
if (GetSequence(input, &idx, &length, sz) < 0) return;
oid = 0;
if (GetObjectId(input, &index, &oid, sz) < 0) return;
if (GetObjectId(input, &idx, &oid, sz) < 0) return;
/* Only supporting URIs right now. */
if (input[index] == (ASN_CONTEXT_SPECIFIC | GENERALNAME_URI))
if (input[idx] == (ASN_CONTEXT_SPECIFIC | GENERALNAME_URI))
{
index++;
if (GetLength(input, &index, &length, sz) < 0) return;
idx++;
if (GetLength(input, &idx, &length, sz) < 0) return;
cert->extAuthInfoSz = length;
cert->extAuthInfo = input + index;
index += length;
cert->extAuthInfo = input + idx;
idx += length;
}
else
{
/* Skip anything else. */
index++;
if (GetLength(input, &index, &length, sz) < 0) return;
index += length;
idx++;
if (GetLength(input, &idx, &length, sz) < 0) return;
idx += length;
}
if (index < (word32)sz)
if (idx < (word32)sz)
{
CYASSL_MSG("\tThere are more Authority Information Access records, "
"but we only use first one.");
@ -2228,7 +2227,7 @@ static void DecodeCertExtensions(DecodedCert* cert)
* index. It is works starting with the recorded extensions pointer.
*/
{
word32 index = 0;
word32 idx = 0;
int sz = cert->extensionsSz;
byte* input = cert->extensions;
int length;
@ -2238,59 +2237,59 @@ static void DecodeCertExtensions(DecodedCert* cert)
if (input == NULL || sz == 0) return;
if (input[index++] != ASN_EXTENSIONS)return;
if (input[idx++] != ASN_EXTENSIONS)return;
if (GetLength(input, &index, &length, sz) < 0) return;
if (GetLength(input, &idx, &length, sz) < 0) return;
if (GetSequence(input, &index, &length, sz) < 0) return;
if (GetSequence(input, &idx, &length, sz) < 0) return;
while (index < (word32)sz) {
if (GetSequence(input, &index, &length, sz) < 0) {
while (idx < (word32)sz) {
if (GetSequence(input, &idx, &length, sz) < 0) {
CYASSL_MSG("\tfail: should be a SEQUENCE");
return;
}
oid = 0;
if (GetObjectId(input, &index, &oid, sz) < 0) {
if (GetObjectId(input, &idx, &oid, sz) < 0) {
CYASSL_MSG("\tfail: OBJECT ID");
return;
}
/* check for critical flag */
if (input[index] == ASN_BOOLEAN) {
if (input[idx] == ASN_BOOLEAN) {
CYASSL_MSG("\tfound optional critical flag, moving past");
index += (ASN_BOOL_SIZE + 1);
idx += (ASN_BOOL_SIZE + 1);
}
/* process the extension based on the OID */
if (input[index++] != ASN_OCTET_STRING) {
if (input[idx++] != ASN_OCTET_STRING) {
CYASSL_MSG("\tfail: should be an OCTET STRING");
return;
}
if (GetLength(input, &index, &length, sz) < 0) {
if (GetLength(input, &idx, &length, sz) < 0) {
CYASSL_MSG("\tfail: extension data length");
return;
}
switch (oid) {
case BASIC_CA_OID:
DecodeBasicCaConstraint(&input[index], length, cert);
DecodeBasicCaConstraint(&input[idx], length, cert);
break;
case CRL_DIST_OID:
DecodeCrlDist(&input[index], length, cert);
DecodeCrlDist(&input[idx], length, cert);
break;
case AUTH_INFO_OID:
DecodeAuthInfo(&input[index], length, cert);
DecodeAuthInfo(&input[idx], length, cert);
break;
default:
CYASSL_MSG("\tExtension type not handled, skipping");
break;
}
index += length;
idx += length;
}
return;
@ -4668,7 +4667,7 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, long sz)
len += idx;
while (idx < len) {
while (idx < (word32)len) {
if (GetRevoked(buff, &idx, dcrl, sz) < 0)
return ASN_PARSE_E;
}

View File

@ -415,7 +415,7 @@ int fp_cmp_d(fp_int *a, fp_digit b);
void fp_add_d(fp_int *a, fp_digit b, fp_int *c);
/* c = a - b */
/*void fp_sub_d(fp_int *a, fp_digit b, fp_int *c);*/
void fp_sub_d(fp_int *a, fp_digit b, fp_int *c);
/* c = a * b */
void fp_mul_d(fp_int *a, fp_digit b, fp_int *c);

View File

@ -384,7 +384,6 @@ CYASSL_API char* CyaSSL_alert_type_string_long(int);
CYASSL_API char* CyaSSL_alert_desc_string_long(int);
CYASSL_API char* CyaSSL_state_string_long(CYASSL*);
CYASSL_API void CyaSSL_RSA_free(CYASSL_RSA*);
CYASSL_API CYASSL_RSA* CyaSSL_RSA_generate_key(int, unsigned long,
void(*)(int, int, void*), void*);
CYASSL_API void CyaSSL_CTX_set_tmp_rsa_callback(CYASSL_CTX*,

View File

@ -149,12 +149,13 @@ int CheckCertCRL(CYASSL_CRL* crl, DecodedCert* cert)
CYASSL_MSG("Issuing missing CRL callback");
url[0] = '\0';
if (cert->extCrlInfoSz < sizeof(url) -1 ) {
if (cert->extCrlInfoSz < (int)sizeof(url) -1 ) {
XMEMCPY(url, cert->extCrlInfo, cert->extCrlInfoSz);
url[cert->extCrlInfoSz] = '\0';
}
else
else {
CYASSL_MSG("CRL url too long");
}
crl->cm->cbMissingCRL(url);
}
}
@ -233,8 +234,9 @@ int BufferLoadCRL(CYASSL_CRL* crl, const byte* buff, long sz, int type)
}
else {
ret = AddCRL(crl, &dcrl);
if (ret != 0)
if (ret != 0) {
CYASSL_MSG("AddCRL error");
}
}
FreeDecodedCRL(&dcrl);

View File

@ -460,6 +460,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK,
(void)haveDH;
(void)havePSK;
(void)haveNTRU;
(void)haveStaticECC;
if (suites->setSuites)
return; /* trust user settings, don't override */

138
src/ssl.c
View File

@ -1089,6 +1089,9 @@ int AddCA(CYASSL_CERT_MANAGER* cm, buffer der, int type, int verify)
if (ssl)
ssl->options.haveECDSA = 1;
break;
default:
CYASSL_MSG("Not ECDSA cert signature");
break;
}
FreeDecodedCert(&cert);
@ -1166,6 +1169,8 @@ int ProcessFile(CYASSL_CTX* ctx, const char* fname, int format, int type,
long sz = 0;
XFILE* file = XFOPEN(fname, "rb");
(void)crl;
if (!file) return SSL_BAD_FILE;
XFSEEK(file, 0, XSEEK_END);
sz = XFTELL(file);
@ -1377,6 +1382,8 @@ int CyaSSL_CertManagerLoadCA(CYASSL_CERT_MANAGER* cm, const char* file,
/* turn on CRL if off and compiled in, set options */
int CyaSSL_CertManagerEnableCRL(CYASSL_CERT_MANAGER* cm, int options)
{
(void)options;
CYASSL_ENTER("CyaSSL_CertManagerEnableCRL");
if (cm == NULL)
return BAD_FUNC_ARG;
@ -4136,26 +4143,6 @@ int CyaSSL_set_compression(CYASSL* ssl)
return 0; /* failure */
}
if (key)
CYASSL_MSG("have key");
if (iv)
CYASSL_MSG("have iv");
if (enc == 1) {
CYASSL_MSG("encrypt side");
}
else if (enc == 0) {
CYASSL_MSG("decrypt side");
}
else {
CYASSL_MSG("no side");
if (ctx->enc)
CYASSL_MSG("no side enc");
else
CYASSL_MSG("no side dec");
}
if (ctx->cipherType == AES_128_CBC_TYPE || (type &&
XSTRNCMP(type, "AES128-CBC", 10) == 0)) {
CYASSL_MSG("AES-128-CBC");
@ -4323,13 +4310,6 @@ int CyaSSL_set_compression(CYASSL* ssl)
return 0; /* failure */
}
if (ctx->enc)
CYASSL_MSG("encrypting");
else
CYASSL_MSG("decrypting");
switch (ctx->cipherType) {
case AES_128_CBC_TYPE :
@ -5851,6 +5831,9 @@ static int initGlobalRNG = 0;
CYASSL_MSG("CyaSSL_RAND_seed");
(void)seed;
(void)len;
if (initGlobalRNG == 0) {
if (InitRng(&globalRNG) < 0) {
CYASSL_MSG("CyaSSL Init Global RNG failed");
@ -5893,12 +5876,14 @@ static int initGlobalRNG = 0;
void CyaSSL_BN_CTX_init(CYASSL_BN_CTX* ctx)
{
(void)ctx;
CYASSL_MSG("CyaSSL_BN_CTX_init");
}
void CyaSSL_BN_CTX_free(CYASSL_BN_CTX* ctx)
{
(void)ctx;
CYASSL_MSG("CyaSSL_BN_CTX_free");
/* do free since static ctx that does nothing */
@ -5986,6 +5971,7 @@ static int initGlobalRNG = 0;
int CyaSSL_BN_mod(CYASSL_BIGNUM* r, const CYASSL_BIGNUM* a,
const CYASSL_BIGNUM* b, const CYASSL_BN_CTX* c)
{
(void)c;
CYASSL_MSG("CyaSSL_BN_mod");
if (r == NULL || a == NULL || b == NULL)
@ -6117,8 +6103,9 @@ static int initGlobalRNG = 0;
return NULL;
}
}
else
else {
CYASSL_MSG("CyaSSL_BN_bin2bn wants return bignum");
}
return ret;
}
@ -6126,6 +6113,8 @@ static int initGlobalRNG = 0;
int CyaSSL_mask_bits(CYASSL_BIGNUM* bn, int n)
{
(void)bn;
(void)n;
CYASSL_MSG("CyaSSL_BN_mask_bits");
return -1;
@ -6134,12 +6123,14 @@ static int initGlobalRNG = 0;
int CyaSSL_BN_rand(CYASSL_BIGNUM* bn, int bits, int top, int bottom)
{
byte buffer[1024];
byte buff[1024];
RNG tmpRNG;
RNG* rng = &tmpRNG;
int ret;
int len = bits/8;
(void)top;
(void)bottom;
CYASSL_MSG("CyaSSL_BN_rand");
if (bn == NULL || bn->internal == NULL) {
@ -6159,11 +6150,11 @@ static int initGlobalRNG = 0;
rng = &globalRNG;
}
RNG_GenerateBlock(rng, buffer, len);
buffer[0] |= 0x80 | 0x40;
buffer[len-1] |= 0x01;
RNG_GenerateBlock(rng, buff, len);
buff[0] |= 0x80 | 0x40;
buff[len-1] |= 0x01;
if (mp_read_unsigned_bin((mp_int*)bn->internal,buffer,len) != MP_OKAY) {
if (mp_read_unsigned_bin((mp_int*)bn->internal,buff,len) != MP_OKAY) {
CYASSL_MSG("mp read bin failed");
return 0;
}
@ -6174,6 +6165,9 @@ static int initGlobalRNG = 0;
int CyaSSL_BN_is_bit_set(const CYASSL_BIGNUM* bn, int n)
{
(void)bn;
(void)n;
CYASSL_MSG("CyaSSL_BN_is_bit_set");
return 0;
@ -6246,6 +6240,9 @@ static int initGlobalRNG = 0;
CYASSL_BIGNUM* CyaSSL_BN_copy(CYASSL_BIGNUM* r, const CYASSL_BIGNUM* bn)
{
(void)r;
(void)bn;
CYASSL_MSG("CyaSSL_BN_copy");
return NULL;
@ -6254,6 +6251,9 @@ static int initGlobalRNG = 0;
int CyaSSL_BN_set_word(CYASSL_BIGNUM* bn, unsigned long w)
{
(void)bn;
(void)w;
CYASSL_MSG("CyaSSL_BN_set_word");
return -1;
@ -6262,6 +6262,9 @@ static int initGlobalRNG = 0;
int CyaSSL_BN_dec2bn(CYASSL_BIGNUM** bn, const char* str)
{
(void)bn;
(void)str;
CYASSL_MSG("CyaSSL_BN_dec2bn");
return -1;
@ -6270,6 +6273,8 @@ static int initGlobalRNG = 0;
char* CyaSSL_BN_bn2dec(const CYASSL_BIGNUM* bn)
{
(void)bn;
CYASSL_MSG("CyaSSL_BN_bn2dec");
return NULL;
@ -6585,6 +6590,8 @@ static int initGlobalRNG = 0;
int CyaSSL_DSA_generate_key(CYASSL_DSA* dsa)
{
(void)dsa;
CYASSL_MSG("CyaSSL_DSA_generate_key");
return 0; /* key gen not needed by server */
@ -6595,6 +6602,14 @@ static int initGlobalRNG = 0;
unsigned char* seed, int seedLen, int* counterRet,
unsigned long* hRet, void* cb)
{
(void)dsa;
(void)bits;
(void)seed;
(void)seedLen;
(void)counterRet;
(void)hRet;
(void)cb;
CYASSL_MSG("CyaSSL_DSA_generate_parameters_ex");
return 0; /* key gen not needed by server */
@ -6838,6 +6853,9 @@ static int initGlobalRNG = 0;
int CyaSSL_RSA_blinding_on(CYASSL_RSA* rsa, CYASSL_BN_CTX* bn)
{
(void)rsa;
(void)bn;
CYASSL_MSG("CyaSSL_RSA_blinding_on");
return 1; /* on by default */
@ -6847,6 +6865,12 @@ static int initGlobalRNG = 0;
int CyaSSL_RSA_public_encrypt(int len, unsigned char* fr,
unsigned char* to, CYASSL_RSA* rsa, int padding)
{
(void)len;
(void)fr;
(void)to;
(void)rsa;
(void)padding;
CYASSL_MSG("CyaSSL_RSA_public_encrypt");
return -1;
@ -6856,6 +6880,12 @@ static int initGlobalRNG = 0;
int CyaSSL_RSA_private_decrypt(int len, unsigned char* fr,
unsigned char* to, CYASSL_RSA* rsa, int padding)
{
(void)len;
(void)fr;
(void)to;
(void)rsa;
(void)padding;
CYASSL_MSG("CyaSSL_RSA_private_decrypt");
return -1;
@ -6970,7 +7000,7 @@ static int initGlobalRNG = 0;
*sigLen = RsaSSL_Sign(encodedSig, signSz, sigRet, outLen,
(RsaKey*)rsa->internal, rng);
if (sigLen < 0) {
if (*sigLen <= 0) {
CYASSL_MSG("Bad Rsa Sign");
return 0;
}
@ -6983,6 +7013,12 @@ static int initGlobalRNG = 0;
int CyaSSL_RSA_public_decrypt(int flen, unsigned char* from,
unsigned char* to, CYASSL_RSA* rsa, int padding)
{
(void)flen;
(void)from;
(void)to;
(void)rsa;
(void)padding;
CYASSL_MSG("CyaSSL_RSA_public_decrypt");
return -1;
@ -7061,8 +7097,9 @@ static int initGlobalRNG = 0;
CYASSL_MSG("sha hmac");
ctx->type = SHA;
}
else
else {
CYASSL_MSG("bad init type");
}
}
if (key && keylen) {
@ -7118,6 +7155,8 @@ static int initGlobalRNG = 0;
void CyaSSL_HMAC_cleanup(CYASSL_HMAC_CTX* ctx)
{
(void)ctx;
CYASSL_MSG("CyaSSL_HMAC_cleanup");
}
@ -7146,6 +7185,7 @@ static int initGlobalRNG = 0;
CYASSL_RSA* CyaSSL_EVP_PKEY_get1_RSA(CYASSL_EVP_PKEY* key)
{
(void)key;
CYASSL_MSG("CyaSSL_EVP_PKEY_get1_RSA");
return NULL;
@ -7154,6 +7194,7 @@ static int initGlobalRNG = 0;
CYASSL_DSA* CyaSSL_EVP_PKEY_get1_DSA(CYASSL_EVP_PKEY* key)
{
(void)key;
CYASSL_MSG("CyaSSL_EVP_PKEY_get1_DSA");
return NULL;
@ -7205,6 +7246,8 @@ static int initGlobalRNG = 0;
void CyaSSL_3des_iv(CYASSL_EVP_CIPHER_CTX* ctx, int doset,
unsigned char* iv, int len)
{
(void)len;
CYASSL_MSG("CyaSSL_3des_iv");
if (ctx == NULL || iv == NULL) {
@ -7222,6 +7265,8 @@ static int initGlobalRNG = 0;
void CyaSSL_aes_ctr_iv(CYASSL_EVP_CIPHER_CTX* ctx, int doset,
unsigned char* iv, int len)
{
(void)len;
CYASSL_MSG("CyaSSL_aes_ctr_iv");
if (ctx == NULL || iv == NULL) {
@ -7342,6 +7387,14 @@ static int initGlobalRNG = 0;
unsigned char* passwd, int len,
pem_password_cb cb, void* arg)
{
(void)bio;
(void)rsa;
(void)cipher;
(void)passwd;
(void)len;
(void)cb;
(void)arg;
CYASSL_MSG("CyaSSL_PEM_write_bio_RSAPrivateKey");
return -1;
@ -7354,6 +7407,14 @@ static int initGlobalRNG = 0;
unsigned char* passwd, int len,
pem_password_cb cb, void* arg)
{
(void)bio;
(void)rsa;
(void)cipher;
(void)passwd;
(void)len;
(void)cb;
(void)arg;
CYASSL_MSG("CyaSSL_PEM_write_bio_DSAPrivateKey");
return -1;
@ -7364,6 +7425,11 @@ static int initGlobalRNG = 0;
CYASSL_EVP_PKEY* CyaSSL_PEM_read_bio_PrivateKey(CYASSL_BIO* bio,
CYASSL_EVP_PKEY** key, pem_password_cb cb, void* arg)
{
(void)bio;
(void)key;
(void)cb;
(void)arg;
CYASSL_MSG("CyaSSL_PEM_read_bio_PrivateKey");
return NULL;
@ -7380,6 +7446,8 @@ int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff,
int ret;
buffer der;
(void)pass;
CYASSL_ENTER("CyaSSL_KeyPemToDer");
if (pem == NULL || buff == NULL || buffSz <= 0) {