[Openvpn-devel] Fix compilation on pre-EKM mbedTLS libraries.

Message ID 20201009203331.11779-1-gert@greenie.muc.de
State Rejected
Headers show
Series
  • [Openvpn-devel] Fix compilation on pre-EKM mbedTLS libraries.
Related show

Commit Message

Gert Doering Oct. 9, 2020, 8:33 p.m.
commit f0734e49956217 simplified key_state_export_keying_material(),
changing the function prototype.  For older mbedTLS versions, there
is "always fail" dummy function which was overlooked in that change.

Fix prototype.

Signed-off-by: Gert Doering <gert@greenie.muc.de>
---
 src/openvpn/ssl_mbedtls.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

Comments

Arne Schwabe Oct. 9, 2020, 9:58 p.m. | #1
Am 09.10.20 um 22:33 schrieb Gert Doering:
> commit f0734e49956217 simplified key_state_export_keying_material(),
> changing the function prototype.  For older mbedTLS versions, there
> is "always fail" dummy function which was overlooked in that change.
> 
> Fix prototype.
> 
> Signed-off-by: Gert Doering <gert@greenie.muc.de>
> ---
>  src/openvpn/ssl_mbedtls.c | 5 ++---
>  1 file changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c
> index bb5633b7..b100d03e 100644
> --- a/src/openvpn/ssl_mbedtls.c
> +++ b/src/openvpn/ssl_mbedtls.c
> @@ -252,11 +252,10 @@ key_state_export_keying_material(struct tls_session *session,
>      }
>  }
>  #else
> -unsigned char*
> +bool
>  key_state_export_keying_material(struct tls_session *session,
>                                   const char* label, size_t label_size,
> -                                 size_t ekm_size,
> -                                 struct gc_arena *gc)
> +                                 void *ekm, size_t ekm_size)
>  {
>      /* Dummy function to avoid ifdefs in the common code */
>      return NULL;
> 

Well, if we fix, it we should fix all the way and not return NULL which
gets coerced to false.

Arne

Patch

diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c
index bb5633b7..b100d03e 100644
--- a/src/openvpn/ssl_mbedtls.c
+++ b/src/openvpn/ssl_mbedtls.c
@@ -252,11 +252,10 @@  key_state_export_keying_material(struct tls_session *session,
     }
 }
 #else
-unsigned char*
+bool
 key_state_export_keying_material(struct tls_session *session,
                                  const char* label, size_t label_size,
-                                 size_t ekm_size,
-                                 struct gc_arena *gc)
+                                 void *ekm, size_t ekm_size)
 {
     /* Dummy function to avoid ifdefs in the common code */
     return NULL;