From patchwork Sun Oct 8 10:42:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "flichtenheld (Code Review)" X-Patchwork-Id: 3383 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:b412:b0:f2:62eb:61c1 with SMTP id dj18csp1442583dyb; Sun, 8 Oct 2023 03:43:42 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFSNR+ZIqeDxCb2WHgURF857R34861VFIqJDTVHBHDzbp29H4OInvXg7RcaMeRbVGzc7xQP X-Received: by 2002:a05:6a20:7da2:b0:15d:6fd3:8e74 with SMTP id v34-20020a056a207da200b0015d6fd38e74mr16388043pzj.3.1696761822729; Sun, 08 Oct 2023 03:43:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1696761822; cv=none; d=google.com; s=arc-20160816; b=qcttkeIF9ynt4X36Vpa90oqkX9foOf7PvCavtWRPMB5BJwLnjrDvq66m/Fpge75Pso RqcE2DALMOirQ3XJhTSRooxCgxkWAIr0kpIOcV7oY+sWEOlPhBFnPrXtcWCJbGMR7jG3 zlPABAiY5VJUA5lgIHmtDtWGkjTQkpJJgH0BqPiPaWD5ncvWGjZVjspm/0B7gVPzvfIK a8+dLafD/pnysyjW+BsWmk0QrqRaNcHuA26kLvyNB+5h8Zir7R2dPbnETjZPjEzVdYqt rCvlt1/kvvhZeVHVBXm7dCsgA+nGTmSUOJus9rhGVHZnrbGpy2WQj7WGJEwZkJbRedSM WPwQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:cc:reply-to:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence:subject:user-agent :mime-version:message-id:references:auto-submitted:date:from :dkim-signature:dkim-signature:dkim-signature; bh=dF29CiUH1ST9YYBiqdHpSqlzPqLNnOVjeAVlFUnQKME=; fh=65XNDMZDtUAVPEs22K9ZMElrrCiP292uHQHDlBUdKcw=; b=U10aE2eqcTfj7KV9kfe6HK9ruKTNNvyFSfXA7+X8cYalWWz+FGgpCwHjgjDYyPQMTZ PR6LIHe0vPv3qefRbhCzJ5QZwjpp4uj8bwcMTCEpVtfEKfkqumvOYqTS3wkFfCFAOXKU Az3tegOZ5tBaDzSBdVdgTIR2NCWGajdpNcrRNFD+FCIKJF/aLxw1SABQlZdkMjbBYsFC JpUEO4+g5D02Z66vlKs+qG41bU/RotZT9JEfjxTCO2I9jPtfsiLEikPG6nNtBRu3rEa8 TS+9NOKfIsC/7/VsmMII8S00fUrTe31H2eUQfX8n4ibvesEanDg17ZU4DAAxbWXUKa0t IfaQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="S7fABi/3"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=RtFdvFZC; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=CivLRk07; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id by31-20020a056a02059f00b005859af516b9si8603632pgb.647.2023.10.08.03.43.42 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 08 Oct 2023 03:43:42 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b="S7fABi/3"; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=RtFdvFZC; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=CivLRk07; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1qpRFP-0002Js-IR; Sun, 08 Oct 2023 10:42:56 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1qpRFO-0002Jl-2v for openvpn-devel@lists.sourceforge.net; Sun, 08 Oct 2023 10:42:54 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Reply-To:References:Subject:List-Unsubscribe:List-Id:Cc:Date:From :Sender:To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help: List-Subscribe:List-Post:List-Owner:List-Archive; bh=bcO9zpxCvFgmkbDrS38VwFwaNriaV/El00Lb96ueHJg=; b=S7fABi/3h4vV5oxONpUNFg1QeB FljVEJY5xcn16IXOo67HR0QBZusBjCDQ5+MfFc3/eqbQ78HVFxsf9uI/BmFyqA8I4TRuS2SU4o6lF 1p7bcUgZYHEezh87W9M3d9T8sjS19EXjzInyZ6cak1Cxc4T55vtaFc0M69nO0k9ZA9AA=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Reply-To: References:Subject:List-Unsubscribe:List-Id:Cc:Date:From:Sender:To:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:List-Subscribe:List-Post: List-Owner:List-Archive; bh=bcO9zpxCvFgmkbDrS38VwFwaNriaV/El00Lb96ueHJg=; b=R tFdvFZCL6xSL98NfDMvUxs6+gOdcoydG1cx60aVohdqJXXi86SmBPOTpT9eDMhMknxJWvmuocm5Ct mccJ52cL0mzX91zNM/tJbQWi3uN7zHX7dyqtl3arVBcWQXpYP72Xu7Nfag5TSQfgByyDIyU3gA+Cb 44frM5ia69BdgFuc=; Received: from mail-wm1-f43.google.com ([209.85.128.43]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1qpRFH-00010A-D4 for openvpn-devel@lists.sourceforge.net; Sun, 08 Oct 2023 10:42:54 +0000 Received: by mail-wm1-f43.google.com with SMTP id 5b1f17b1804b1-4065f29e933so35100545e9.1 for ; Sun, 08 Oct 2023 03:42:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=openvpn.net; s=google; t=1696761761; x=1697366561; darn=lists.sourceforge.net; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:date:from:from:to:cc :subject:date:message-id:reply-to; bh=bcO9zpxCvFgmkbDrS38VwFwaNriaV/El00Lb96ueHJg=; b=CivLRk07dwWp/HCIpogTHHg65t9ZHlnFjgH4LHLYL8ub4K8FgT+KrjoK6X1hokp6mZ OaWDF3l4Gg4Wk5ls2zP1oqTeuuHuSNFouEmv1elinHhkh4TICrJ/SzxSsG4yyIBEjfQq uJdHDyy5hID2KcG2gUDGciHc0qp+j9XQEkPARwjBYu6X52I8eq7eZr8h6p6973k1TKPt nle+b05aDQskgJQk8wP0gI251rzz3Xc4OwObEtRe2UpXOj+s9JPaVxj/2WH8wlcC6amD hRtaghKX463tnp8MifB/Y1l8RI6sMXsjQV4vCQZJPPJLsfmAtshrXvfjM2cdvRzllE9l y++Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1696761761; x=1697366561; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:date:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=bcO9zpxCvFgmkbDrS38VwFwaNriaV/El00Lb96ueHJg=; b=rnHYNM7lzN2ie4jQ4ZmQvLskER8qmjDdaJ3Vhrw6fn3lgLpxzzlAbIiy+o1ke9MJlv g5Blk1yjX/yHwLXYNrof3WMtEzVBnuyhcYFoE7nbip2Kq5sFcbnoyWaZ4vMqWvmzUSJI xo4h31A3uybSPXiEvmDiVux8ZPVsRs7ThZK+OsHD1mbXs4MQUFsg9eaKU+efRvGDg4NJ 6q/tXV+wu0+lWl3Hfz83WEtFxRzQ8o0sklla+LYiOl2iNCS4Lnf0lxIoleU3EdlK1NRS 2C/qyxBpic7xQEoOzwp7pR4sfgd6tMitOrCRoMJIWb2Vjs7ddFYlWTPpL7ZRxCwmg65x 5uHA== X-Gm-Message-State: AOJu0YwrTAE6J8o4dtCOPpRfYMilOKh/7emdrxV65fS5KcIIZImVtNS0 yN/wbFo09wI9iOi263MkXFQSpMVYbNosvqhQS4w= X-Received: by 2002:a5d:4f85:0:b0:31f:ffe7:9a64 with SMTP id d5-20020a5d4f85000000b0031fffe79a64mr12725270wru.52.1696761761076; Sun, 08 Oct 2023 03:42:41 -0700 (PDT) Received: from gerrit.openvpn.in (ec2-18-159-0-78.eu-central-1.compute.amazonaws.com. [18.159.0.78]) by smtp.gmail.com with ESMTPSA id p11-20020a5d638b000000b00317a04131c5sm6428095wru.57.2023.10.08.03.42.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 08 Oct 2023 03:42:40 -0700 (PDT) From: "flichtenheld (Code Review)" X-Google-Original-From: "flichtenheld (Code Review)" X-Gerrit-PatchSet: 4 Date: Sun, 8 Oct 2023 10:42:40 +0000 Auto-Submitted: auto-generated X-Gerrit-MessageType: newchange X-Gerrit-Change-Id: Ic996eca227d9e68279a454db93fcbc86a7bd0380 X-Gerrit-Change-Number: 269 X-Gerrit-Project: openvpn X-Gerrit-ChangeURL: X-Gerrit-Commit: bc9ace01523a2d51077cf84c380ef0d343bc05e7 References: Message-ID: <46f4647830fd22086c7425af11cd22a4aa65d49b-HTML@gerrit.openvpn.net> MIME-Version: 1.0 User-Agent: Gerrit/3.8.2 X-Spam-Score: 1.0 (+) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: flichtenheld has uploaded this change for review. ( http://gerrit.openvpn.net/c/openvpn/+/269?usp=email ) Change subject: mss/mtu: make all size calculations use size_t Content analysis details: (1.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.128.43 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.128.43 listed in wl.mailspike.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 1.2 MISSING_HEADERS Missing To: header 0.0 WEIRD_PORT URI: Uses non-standard port number for HTTP 0.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted Colors in HTML X-Headers-End: 1qpRFH-00010A-D4 Subject: [Openvpn-devel] [S] Change in openvpn[master]: mss/mtu: make all size calculations use size_t X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: frank@lichtenheld.com, arne-openvpn@rfc2549.org, openvpn-devel@lists.sourceforge.net Cc: plaisthos , openvpn-devel Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1779183725009197510?= X-GMAIL-MSGID: =?utf-8?q?1779183725009197510?= X-getmail-filter-classifier: gerrit message type newchange flichtenheld has uploaded this change for review. ( http://gerrit.openvpn.net/c/openvpn/+/269?usp=email ) Change subject: mss/mtu: make all size calculations use size_t ...................................................................... mss/mtu: make all size calculations use size_t Half of them used unsigned int, the other half size_t. Standardize on one. Could've also standardized on the other, both are much too big for the expected numbers anyway. Add a new utility function clamp_size_to_int for cases we need to change from size_t to int (there are a lot of those all over our codebase). Resolves some -Wconversion warnings. Change-Id: Ic996eca227d9e68279a454db93fcbc86a7bd0380 Signed-off-by: Frank Lichtenheld --- M src/openvpn/integer.h M src/openvpn/mss.c M src/openvpn/mtu.c 3 files changed, 21 insertions(+), 14 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/69/269/4 diff --git a/src/openvpn/integer.h b/src/openvpn/integer.h index 30b9ecf..a0e421d 100644 --- a/src/openvpn/integer.h +++ b/src/openvpn/integer.h @@ -36,6 +36,13 @@ ((uint64_t)ntohl((uint32_t)((x) & 0xFFFFFFFF)) << 32) | ntohl((uint32_t)((x) >> 32))) #endif +static inline int +clamp_size_to_int(size_t size) +{ + ASSERT(size <= INT_MAX); + return (int)size; +} + /* * min/max functions */ @@ -201,8 +208,8 @@ /** * Rounds down num to the nearest multiple of multiple */ -static inline unsigned int -round_down_uint(unsigned int num, unsigned int multiple) +static inline size_t +round_down_size(size_t num, size_t multiple) { return (num / multiple) * multiple; } diff --git a/src/openvpn/mss.c b/src/openvpn/mss.c index d7ee4c2..108b370 100644 --- a/src/openvpn/mss.c +++ b/src/openvpn/mss.c @@ -207,8 +207,8 @@ } } -static inline unsigned int -adjust_payload_max_cbc(const struct key_type *kt, unsigned int target) +static inline size_t +adjust_payload_max_cbc(const struct key_type *kt, size_t target) { if (!cipher_kt_mode_cbc(kt->cipher)) { @@ -221,13 +221,13 @@ /* With CBC we need at least one extra byte for padding and then need * to ensure that the resulting CBC ciphertext length, which is always * a multiple of the block size, is not larger than the target value */ - unsigned int block_size = cipher_kt_block_size(kt->cipher); - target = round_down_uint(target, block_size); + size_t block_size = cipher_kt_block_size(kt->cipher); + target = round_down_size(target, block_size); return target - 1; } } -static unsigned int +static size_t get_ip_encap_overhead(const struct options *options, const struct link_socket_info *lsi) { @@ -258,7 +258,7 @@ struct link_socket_info *lsi) { #if defined(ENABLE_FRAGMENT) - unsigned int overhead; + size_t overhead; overhead = frame_calculate_protocol_header_size(kt, options, false); @@ -267,12 +267,12 @@ overhead += get_ip_encap_overhead(options, lsi); } - unsigned int target = options->ce.fragment - overhead; + size_t target = options->ce.fragment - overhead; /* The 4 bytes of header that fragment adds itself. The other extra payload * bytes (Ethernet header/compression) are handled by the fragment code * just as part of the payload and therefore automatically taken into * account if the packet needs to fragmented */ - frame->max_fragment_size = adjust_payload_max_cbc(kt, target) - 4; + frame->max_fragment_size = clamp_size_to_int(adjust_payload_max_cbc(kt, target)) - 4; if (cipher_kt_mode_cbc(kt->cipher)) { @@ -296,7 +296,7 @@ return; } - unsigned int overhead, payload_overhead; + size_t overhead, payload_overhead; overhead = frame_calculate_protocol_header_size(kt, options, false); @@ -325,7 +325,7 @@ * by ce.mssfix */ /* This is the target value our payload needs to be smaller */ - unsigned int target = options->ce.mssfix - overhead; + size_t target = options->ce.mssfix - overhead; frame->mss_fix = (uint16_t)(adjust_payload_max_cbc(kt, target) - payload_overhead); diff --git a/src/openvpn/mtu.c b/src/openvpn/mtu.c index 81851d3..e1e8e02 100644 --- a/src/openvpn/mtu.c +++ b/src/openvpn/mtu.c @@ -167,7 +167,7 @@ */ const char *ciphername = o->ciphername; - unsigned int overhead = 0; + size_t overhead = 0; if (strcmp(o->ciphername, "BF-CBC") == 0) { @@ -185,7 +185,7 @@ * the ciphers are actually valid for non tls in occ calucation */ init_key_type(&occ_kt, ciphername, o->authname, true, false); - unsigned int payload = frame_calculate_payload_size(frame, o, &occ_kt); + size_t payload = frame_calculate_payload_size(frame, o, &occ_kt); overhead += frame_calculate_protocol_header_size(&occ_kt, o, true); return payload + overhead;