From patchwork Wed Mar 27 16:26:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Frank Lichtenheld X-Patchwork-Id: 3674 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:5a41:b0:55c:c090:46f0 with SMTP id w1csp644098may; Wed, 27 Mar 2024 09:27:00 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXg1k7bpf8+F78yaRSkBjvC+gqeyVDu2FFnPgaFcdL3hJxUpc4kcKUiJUI9WT4s80QO94wwTM7+TlIuaIB+MhGwDkle9XY= X-Google-Smtp-Source: AGHT+IEiRAfHvIhJkbbGuCif7tFTnjJL5qnkR9HN6MFsC1Vy0RhfceUV9IJSYiv8Ty5aVc8z5Azb X-Received: by 2002:a05:6a20:6a0a:b0:1a1:481b:475d with SMTP id p10-20020a056a206a0a00b001a1481b475dmr463244pzk.6.1711556820664; Wed, 27 Mar 2024 09:27:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1711556820; cv=none; d=google.com; s=arc-20160816; b=00SR9koK2P7TJePzjqHYaPJ2/uKRtRP0VI3Kcy3v1GffV1GkUJBN0ZpN63Quw49x5f KTeetOFo+bzCuqiAalXUjDlqBe2l/cU5t3U1EnjRfue8ZLai2vWvY4d/SohFJYn1Dh4S YmvoqKfsmrUyNpEaVAFC1LyZfZZOxcn0NmZ9XUcH0a4QRFCM6mQmLQTKcvmyJVOjtJcR HOn7LHipbPG95WspxyLWcygXNv6LBlW5UwiNYbBuh8Lwh5tZd4R4IMI8kBmKOi4teLre BsLk7u3WLnTMVJwhZde74PlXGa3ikfWX2cVdWgGP1x4KI00Y4Ec9mwxACcm7fiVKfQVB AUXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:cc:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=SszYTi9ojKzWDFEhN13tyRkPHYZbMFEnXVtyCXBupkw=; fh=CfxSpwd5kfiMJoL3kcov7PTxVKT7pGe/79idnx9XlBs=; b=XDf4TF6e4eQa4Bjea9UTxA3LzS+rTXvJYRvoShtgHrHSikjurffzl/9YS6QJaLwik7 +QwbcnWYtINDUckcCsdB+HzHv6eXcui3pLJ8WftmL3jsHCdHq45yxFhf4ffcE12DVXtC 70szdDo6wI7ktLg06/tEz9NjqoND+wQ3vglKtqCBFyj6xw3/7Par2XS8hZIjkySVmpkf kQ7sB7bATTURRBBVBAQv0XN8Al3an1hKeLjofO2bFm2sTKo06ppOVthQfPFfJWPP6v/R EhsqxYl1xduDDKDssNqs+TVcZ+v/9+ZO6OyHFiVzswDO+Z2rzS+aA8sBowsb8ZUWNEbQ mOLQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=ezQvuWNP; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=RwuNZJSq; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b=HU0aEVtm; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id h15-20020a170902f7cf00b001e02875942csi9007480plw.185.2024.03.27.09.27.00 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 27 Mar 2024 09:27:00 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=ezQvuWNP; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=RwuNZJSq; dkim=neutral (body hash did not verify) header.i=@lichtenheld.com header.s=MBO0001 header.b=HU0aEVtm; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-3.v29.lw.sourceforge.com) by sfs-ml-3.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1rpW6r-0007qX-0g; Wed, 27 Mar 2024 16:26:41 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-3.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1rpW6q-0007qP-67 for openvpn-devel@lists.sourceforge.net; Wed, 27 Mar 2024 16:26:40 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:Content-Type:MIME-Version :References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=OdsZdn6+XDbcYywAzRpeEIas5loytRuuUopVOPDVBS0=; b=ezQvuWNPMOeQnvJ0/9dqLbP/Ty UW3sVqFXqHoEQeCEzGjU+iRnUWAuyGyDyW+KQ9Tl1E23OrWefsgh/qS7sAA9Ito7BszfTTMMkqS/J 1calEu/Mhffq/Otu8MX8TAQU8gjY+HH/Gq5binE9DnGSK+WqbwMLXXJT2kndgbvDPPpw=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:Content-Type:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=OdsZdn6+XDbcYywAzRpeEIas5loytRuuUopVOPDVBS0=; b=RwuNZJSqMZcaQHcDxfixQWcRUS AkXl2dYlLoiaAxQmc1AS/oH+nel4oVCnUwRV0VN01KZTNINjf/oJjF5S9P7wtSSsJacyn7K1VInEX cPOHnQL0EphlsJwn23azebwdbXiwSKk/CZ/PVt3gn6z06PuiHzQozTq3aRTkRS4R+mY8=; Received: from mout-p-103.mailbox.org ([80.241.56.161]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1rpW6n-0005ML-Eh for openvpn-devel@lists.sourceforge.net; Wed, 27 Mar 2024 16:26:40 +0000 Received: from smtp102.mailbox.org (smtp102.mailbox.org [IPv6:2001:67c:2050:b231:465::102]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-103.mailbox.org (Postfix) with ESMTPS id 4V4X9X1M2cz9sdF; Wed, 27 Mar 2024 17:26:24 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lichtenheld.com; s=MBO0001; t=1711556784; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=OdsZdn6+XDbcYywAzRpeEIas5loytRuuUopVOPDVBS0=; b=HU0aEVtmflF+slLfOsIwlCkKMZjCJuVuRh68YmrEaHc8yhGE5bgotj7u51iuuTsUzaEeQf YdLiHkujPAFBOuOGvDV5O0KVfLu3lZ/DsOtjgewPritwFdFEOzH/WbF1UTrwDSB+XJvVaV eI6GR7DSM3AM8M5ewDH+Npu7+/GfzlhUZXge4ddi83skLR6UOrXzxp/q4wrlIr57IBfCIr x3eJOdkr5vcHqGz+LWBCkUmdfQ0SXTXXRAGpFA7nJLEcU14I+p2+81SD5PoF+pH8fOVvWN ONUYcTMUS6gQIW/q3CSDfHuvWHbJRCUosiWeMYWQOa7bnjEGWQf3vNg99k0hqQ== From: Frank Lichtenheld To: openvpn-devel@lists.sourceforge.net Date: Wed, 27 Mar 2024 17:26:21 +0100 Message-Id: <20240327162621.1792414-1-frank@lichtenheld.com> In-Reply-To: References: MIME-Version: 1.0 X-Rspamd-Queue-Id: 4V4X9X1M2cz9sdF X-Spam-Score: -0.9 (/) X-Spam-Report: =?unknown-8bit?q?Spam_detection_software=2C_running_on_the_sy?= =?unknown-8bit?q?stem_=22util-spamd-2=2Ev13=2Elw=2Esourceforge=2Ecom=22=2C?= =?unknown-8bit?q?_has_NOT_identified_this_incoming_email_as_spam=2E__The_ori?= =?unknown-8bit?q?ginal?= =?unknown-8bit?q?_message_has_been_attached_to_this_so_you_can_view_it_or_la?= =?unknown-8bit?q?bel?= =?unknown-8bit?q?_similar_future_email=2E__If_you_have_any_questions=2C_see?= =?unknown-8bit?q?_the_administrator_of_that_system_for_details=2E?= =?unknown-8bit?q?_?= =?unknown-8bit?q?_Content_preview=3A__We_had_parts_of_a_abstraction=2C_but_i?= =?unknown-8bit?q?t_wasn=27t_consistent=2E_GCC?= =?unknown-8bit?q?_13_now_complains_about_the_type_mismatch_with_mbedtls_now?= =?unknown-8bit?q?=3A_crypto=5Fmbedtls=2Ec=3A568=3A1=3A?= =?unknown-8bit?q?_error=3A_conflicting_types_for_=E2=80=98cipher=5Fctx=5Fini?= =?unknown-8bit?q?t=E2=80=99_due_to_enum/integer_mismatch=3B?= =?unknown-8bit?q?_have_=E2=80=98void=28mbedtls=5Fcipher=5Fcontext=5Ft_*=2C_c?= =?unknown-8bit?q?onst_uint8=5Ft_*=2C_const_char_*=2C_const?= =?unknown-8bit?b?IG1iZWR0bHNfb3BlcmF0aW9uIFsuLi5dIA==?= =?unknown-8bit?q?_?= =?unknown-8bit?q?_Content_analysis_details=3A___=28-0=2E9_points=2C_6=2E0_re?= =?unknown-8bit?q?quired=29?= =?unknown-8bit?q?_?= =?unknown-8bit?q?_pts_rule_name______________description?= =?unknown-8bit?q?_----_----------------------_------------------------------?= =?unknown-8bit?q?--------------------?= =?unknown-8bit?q?_-0=2E7_RCVD=5FIN=5FDNSWL=5FLOW______RBL=3A_Sender_listed_a?= =?unknown-8bit?q?t_https=3A//www=2Ednswl=2Eorg/=2C?= =?unknown-8bit?q?_low_trust?= =?unknown-8bit?q?_=5B80=2E241=2E56=2E161_listed_in_list=2Ednswl=2Eorg=5D?= =?unknown-8bit?q?_-0=2E0_RCVD=5FIN=5FMSPIKE=5FH2______RBL=3A_Average_reputat?= =?unknown-8bit?q?ion_=28+2=29?= =?unknown-8bit?q?_=5B80=2E241=2E56=2E161_listed_in_wl=2Emailspike=2Enet=5D?= =?unknown-8bit?q?_0=2E0_SPF=5FHELO=5FNONE__________SPF=3A_HELO_does_not_publ?= =?unknown-8bit?q?ish_an_SPF_Record?= =?unknown-8bit?q?_-0=2E0_SPF=5FPASS_______________SPF=3A_sender_matches_SPF_?= =?unknown-8bit?q?record?= =?unknown-8bit?q?_0=2E1_DKIM=5FSIGNED____________Message_has_a_DKIM_or_DK_si?= =?unknown-8bit?q?gnature=2C_not_necessarily?= =?unknown-8bit?q?_valid?= =?unknown-8bit?q?_-0=2E1_DKIM=5FVALID_____________Message_has_at_least_one_v?= =?unknown-8bit?q?alid_DKIM_or_DK_signature?= =?unknown-8bit?q?_-0=2E1_DKIM=5FVALID=5FAU__________Message_has_a_valid_DKIM?= =?unknown-8bit?q?_or_DK_signature_from?= =?unknown-8bit?q?_author=27s_domain?= =?unknown-8bit?q?_-0=2E1_DKIM=5FVALID=5FEF__________Message_has_a_valid_DKIM?= =?unknown-8bit?q?_or_DK_signature_from?= =?unknown-8bit?q?_envelope-from_domain?= X-Headers-End: 1rpW6n-0005ML-Eh Subject: [Openvpn-devel] [PATCH v3] crypto_backend: fix type of enc parameter X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Arne Schwabe Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1794697404854370116?= X-GMAIL-MSGID: =?utf-8?q?1794697404854370116?= We had parts of a abstraction, but it wasn't consistent. GCC 13 now complains about the type mismatch with mbedtls now: crypto_mbedtls.c:568:1: error: conflicting types for ‘cipher_ctx_init’ due to enum/integer mismatch; have ‘void(mbedtls_cipher_context_t *, const uint8_t *, const char *, const mbedtls_operation_t)’ [...] [-Werror=enum-int-mismatch] crypto_backend.h:341:6: note: previous declaration of ‘cipher_ctx_init’ with type ‘void(cipher_ctx_t *, const uint8_t *, const char *, int)’ [...] Previous compiler versions did not complain. v2: - clean solution instead of quick solution. Fix the actual API definition Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Signed-off-by: Frank Lichtenheld Acked-by: Arne Schwabe --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/548 This mail reflects revision 3 of this Change. Acked-by according to Gerrit (reflected above): Arne Schwabe diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h index 8d37e64..c454c64 100644 --- a/src/openvpn/crypto_backend.h +++ b/src/openvpn/crypto_backend.h @@ -336,10 +336,10 @@ * @param key Buffer containing the key to use * @param ciphername Ciphername of the cipher to use * @param enc Whether to encrypt or decrypt (either - * \c MBEDTLS_OP_ENCRYPT or \c MBEDTLS_OP_DECRYPT). + * \c OPENVPN_OP_ENCRYPT or \c OPENVPN_OP_DECRYPT). */ void cipher_ctx_init(cipher_ctx_t *ctx, const uint8_t *key, - const char *cipername, int enc); + const char *cipername, crypto_operation_t enc); /** * Returns the size of the IV used by the cipher, in bytes, or 0 if no IV is diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index 1a39752..c230292 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -566,7 +566,7 @@ void cipher_ctx_init(mbedtls_cipher_context_t *ctx, const uint8_t *key, - const char *ciphername, const mbedtls_operation_t operation) + const char *ciphername, crypto_operation_t enc) { ASSERT(NULL != ciphername && NULL != ctx); CLEAR(*ctx); @@ -580,7 +580,7 @@ msg(M_FATAL, "mbed TLS cipher context init #1"); } - if (!mbed_ok(mbedtls_cipher_setkey(ctx, key, (int)key_bitlen, operation))) + if (!mbed_ok(mbedtls_cipher_setkey(ctx, key, (int)key_bitlen, enc))) { msg(M_FATAL, "mbed TLS cipher set key"); } diff --git a/src/openvpn/crypto_mbedtls.h b/src/openvpn/crypto_mbedtls.h index 46f76e2..48d1e20 100644 --- a/src/openvpn/crypto_mbedtls.h +++ b/src/openvpn/crypto_mbedtls.h @@ -63,6 +63,8 @@ /** Cipher is in GCM mode */ #define OPENVPN_MODE_GCM MBEDTLS_MODE_GCM +typedef mbedtls_operation_t crypto_operation_t; + /** Cipher should encrypt */ #define OPENVPN_OP_ENCRYPT MBEDTLS_ENCRYPT diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index 50683b6..bfc5e37 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -840,7 +840,7 @@ void cipher_ctx_init(EVP_CIPHER_CTX *ctx, const uint8_t *key, - const char *ciphername, int enc) + const char *ciphername, crypto_operation_t enc) { ASSERT(NULL != ciphername && NULL != ctx); evp_cipher_type *kt = cipher_get(ciphername); diff --git a/src/openvpn/crypto_openssl.h b/src/openvpn/crypto_openssl.h index c0e95b4..4cd988a 100644 --- a/src/openvpn/crypto_openssl.h +++ b/src/openvpn/crypto_openssl.h @@ -85,6 +85,8 @@ /** Cipher is in GCM mode */ #define OPENVPN_MODE_GCM EVP_CIPH_GCM_MODE +typedef int crypto_operation_t; + /** Cipher should encrypt */ #define OPENVPN_OP_ENCRYPT 1