From patchwork Wed Oct 8 14:28:41 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4486 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:7d42:b0:72f:f16c:e055 with SMTP id fr2csp979397mab; Wed, 8 Oct 2025 07:29:01 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCVbBYjkeLyXT9Is2AlBA4vInsyuFNPzQ7VjxzAW2TXo5TUNXuTUbEiVApjwfokJsSzVmtPuVT62ztQ=@openvpn.net X-Google-Smtp-Source: AGHT+IHlPQYFViWEe/Ce8RvaynTSEYP04idGnp249i3q02aQi6HhgLj5kebZGFmmOpWzsx826OV6 X-Received: by 2002:a05:6830:6106:b0:7ae:39a2:2656 with SMTP id 46e09a7af769-7c0df7b6143mr2163322a34.25.1759933741539; Wed, 08 Oct 2025 07:29:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1759933741; cv=none; d=google.com; s=arc-20240605; b=JRN2bAYr2Mpy3EhOxnB2xVUu9nmWBTt6sG3nWu0owiKv42mJXpDLQagVtz6mPQGSlu bETdJrzy+5ElTs2nekqK1stX+Ad5AOn6ei9CHd6f1JllRoZqx/Kx9hotA89i7umsmKHC e/yyJM7k0hsKpJQ+l8gGBqv6mgUxA1mEuPnyQFoHVTfJ2XqbnMK8/bjhsp2FNmodsWWf tdDkEaIh0eKsSfapz+ionzl+N4nJ5WG5jBP/MntwZc6Jb92hXmuYTsrJ6sxqYfGkwGzq z3NnfUmeY3d2QrydGctfqIJ++KLWBToiWxtEeZFtsveSzuKx0dh2XuSrE9aRMhg5mo6u 4fmw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=H9SJ98mcT0UoJHS5iZMzJ4oW185ffaEzp6Qu4l3DJho=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=MvbcLCoflN+TMxeUF1uJakmpuvM/ek8ITq0DCVt/sjz+USrt7hBjf8bT28WbwjW0n1 MhSWj3hUCNSuFIPJWWF8roFeNURh70eTbVePLEmzGl7xgxr8BJUcmvg6EYTH/7L10t2G YgcTjyXQhvP503HVg+pPSww5UntS8rpU7OxIYQ/HGtofNiyRwNN8bhR5CwgBoD4KAt9k xQs+pBtnGTKljN98kC9L7CqVQucA1xmECtA4gPYesXstfUuhwp7gGzevFoXoLsgH0P5a aaNPc/s+HxvMA8TGOtxYv1afHLbjcbzZDo/42iyJykT6X7HRXzd8YhPmyERK86/sQZdE NJkA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=nGQebuHM; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=DPMXewUh; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=kE+tlGQ7; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 46e09a7af769-7c06be35ec7si1334877a34.300.2025.10.08.07.29.00 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 08 Oct 2025 07:29:01 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=nGQebuHM; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=DPMXewUh; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=kE+tlGQ7; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=H9SJ98mcT0UoJHS5iZMzJ4oW185ffaEzp6Qu4l3DJho=; b=nGQebuHMUpxGLcN/2FD1PPB8M8 o2w5hF7r9m9hB+bkqKq6h+VFY4r2N8pXwPTJISshqdPMjB6G//ufPBLLBolCi5rA2P7bSFoWq6ppi cM5iCIT/Y9w7rDuyBN+PBZi8Gam4UrrlvSeCoFLJNbKFN7KrCQQP5E15c7vFI2ZBfouM=; Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1v6VA1-0004Il-6z; Wed, 08 Oct 2025 14:28:57 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1v6V9z-0004Id-Vf for openvpn-devel@lists.sourceforge.net; Wed, 08 Oct 2025 14:28:55 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=Z4TsBvzvWtLuKI+GkkNvo5o6Puin8mERo93tGc6nv5A=; b=DPMXewUhmEZt77Npq7/rVTi3bV rGkXphccObKPfT23sXlxwjUia13YwAsOlExJ/WD6W/Ex1lUwKUPv2w3nhh+N/WJqb4c+5dvX4r4g1 hczNsciirB+LQY946JMjhS3Ne64nkB2DJBEtudxYQ4pE052xNNVHa4NMk1/gUkVN8QTY=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=Z4TsBvzvWtLuKI+GkkNvo5o6Puin8mERo93tGc6nv5A=; b=kE+tlGQ7UEDg0KbL2OcbgwEpqv uOnTYNwz3jwLdjHm4qIlqghpt2wLw9MYY041yxduCVQqvdNV6djM5WQUtpp3Pc2gF3biU1YZmfjQT gdV6WFfqxxsHQ8L9nh5LgpNDnrXhdIWCm4OEhQ1GuW254pu+t3mMeMbRQP4qbbEVeMR0=; Received: from [193.149.48.134] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1v6V9y-00069q-Jj for openvpn-devel@lists.sourceforge.net; Wed, 08 Oct 2025 14:28:55 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 598ESlEt028505 for ; Wed, 8 Oct 2025 16:28:47 +0200 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 598ESlJq028504 for openvpn-devel@lists.sourceforge.net; Wed, 8 Oct 2025 16:28:47 +0200 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Wed, 8 Oct 2025 16:28:41 +0200 Message-ID: <20251008142846.28486-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.49.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-1.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Frank Lichtenheld These should not change any behavior, they mostly clarify the used types and silence warnings, since these casts are deliberate. Change-Id: Ica721a51b00d5314125bcaf5a586e718c5982aef Signed-off-by: Frank Lichtenheld Acked-by: MaxF Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/ [...] Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1v6V9y-00069q-Jj Subject: [Openvpn-devel] [PATCH v4] proto: Clean up conversion warnings related to checksum macros X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1844325096368880769?= X-GMAIL-MSGID: =?utf-8?q?1845424282504862622?= From: Frank Lichtenheld These should not change any behavior, they mostly clarify the used types and silence warnings, since these casts are deliberate. Change-Id: Ica721a51b00d5314125bcaf5a586e718c5982aef Signed-off-by: Frank Lichtenheld Acked-by: MaxF Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1164 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1164 This mail reflects revision 4 of this Change. Acked-by according to Gerrit (reflected above): MaxF diff --git a/src/openvpn/clinat.c b/src/openvpn/clinat.c index b49d4bb..7751a47 100644 --- a/src/openvpn/clinat.c +++ b/src/openvpn/clinat.c @@ -185,11 +185,7 @@ const int direction) { struct ip_tcp_udp_hdr *h = (struct ip_tcp_udp_hdr *)BPTR(ipbuf); - int i; - uint32_t addr, *addr_ptr; - const uint32_t *from, *to; - int accumulate = 0; - unsigned int amask; + int32_t accumulate = 0; unsigned int alog = 0; if (check_debug_level(D_CLIENT_NAT)) @@ -197,8 +193,11 @@ print_pkt(&h->ip, "BEFORE", direction, D_CLIENT_NAT); } - for (i = 0; i < list->n; ++i) + for (int i = 0; i < list->n; ++i) { + uint32_t addr, *addr_ptr; + const uint32_t *from, *to; + unsigned int amask; const struct client_nat_entry *e = &list->entries[i]; /* current NAT rule */ if (e->type ^ direction) { diff --git a/src/openvpn/mss.c b/src/openvpn/mss.c index e7111a8..10d61d1 100644 --- a/src/openvpn/mss.c +++ b/src/openvpn/mss.c @@ -130,11 +130,6 @@ } } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - /* * change TCP MSS option in SYN/SYN-ACK packets, if present * this is generic for IPv4 and IPv6, as the TCP header is the same @@ -143,11 +138,8 @@ void mss_fixup_dowork(struct buffer *buf, uint16_t maxmss) { - int hlen, olen, optlen; + int olen, optlen; uint8_t *opt; - uint16_t mssval; - int accumulate; - struct openvpn_tcphdr *tc; if (BLEN(buf) < (int)sizeof(struct openvpn_tcphdr)) { @@ -155,8 +147,8 @@ } verify_align_4(buf); - tc = (struct openvpn_tcphdr *)BPTR(buf); - hlen = OPENVPN_TCPH_GET_DOFF(tc->doff_res); + struct openvpn_tcphdr *tc = (struct openvpn_tcphdr *)BPTR(buf); + int hlen = OPENVPN_TCPH_GET_DOFF(tc->doff_res); /* Invalid header length or header without options. */ if (hlen <= (int)sizeof(struct openvpn_tcphdr) || hlen > BLEN(buf)) @@ -171,43 +163,37 @@ { break; } - else if (*opt == OPENVPN_TCPOPT_NOP) + if (*opt == OPENVPN_TCPOPT_NOP) { optlen = 1; + continue; } - else + + optlen = *(opt + 1); + if (optlen <= 0 || optlen > olen) { - optlen = *(opt + 1); - if (optlen <= 0 || optlen > olen) + break; + } + if (*opt == OPENVPN_TCPOPT_MAXSEG) + { + if (optlen != OPENVPN_TCPOLEN_MAXSEG) { - break; + continue; } - if (*opt == OPENVPN_TCPOPT_MAXSEG) + uint16_t mssval = (uint16_t)(opt[2] << 8) + opt[3]; + if (mssval > maxmss) { - if (optlen != OPENVPN_TCPOLEN_MAXSEG) - { - continue; - } - mssval = opt[2] << 8; - mssval += opt[3]; - if (mssval > maxmss) - { - dmsg(D_MSS, "MSS: %" PRIu16 " -> %" PRIu16, mssval, maxmss); - accumulate = htons(mssval); - opt[2] = (uint8_t)((maxmss >> 8) & 0xff); - opt[3] = (uint8_t)(maxmss & 0xff); - accumulate -= htons(maxmss); - ADJUST_CHECKSUM(accumulate, tc->check); - } + dmsg(D_MSS, "MSS: %" PRIu16 " -> %" PRIu16, mssval, maxmss); + opt[2] = (uint8_t)((maxmss >> 8) & 0xff); + opt[3] = (uint8_t)(maxmss & 0xff); + int32_t accumulate = htons(mssval); + accumulate -= htons(maxmss); + ADJUST_CHECKSUM(accumulate, tc->check); } } } } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - static inline size_t adjust_payload_max_cbc(const struct key_type *kt, size_t target) { diff --git a/src/openvpn/proto.h b/src/openvpn/proto.h index 62157fa..94952bd 100644 --- a/src/openvpn/proto.h +++ b/src/openvpn/proto.h @@ -214,7 +214,7 @@ */ #define ADJUST_CHECKSUM(acc, cksum) \ { \ - int _acc = acc; \ + int32_t _acc = acc; \ _acc += (cksum); \ if (_acc < 0) \ { \ @@ -231,16 +231,16 @@ } \ } -#define ADD_CHECKSUM_32(acc, u32) \ - { \ - acc += (u32) & 0xffff; \ - acc += (u32) >> 16; \ +#define ADD_CHECKSUM_32(acc, u32) \ + { \ + acc += (int32_t)((u32) & 0xffff); \ + acc += (int32_t)((u32) >> 16); \ } -#define SUB_CHECKSUM_32(acc, u32) \ - { \ - acc -= (u32) & 0xffff; \ - acc -= (u32) >> 16; \ +#define SUB_CHECKSUM_32(acc, u32) \ + { \ + acc -= (int32_t)((u32) & 0xffff); \ + acc -= (int32_t)((u32) >> 16); \ } /*