From patchwork Tue Oct 28 18:57:01 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4538 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:2995:b0:72f:f16c:e055 with SMTP id f21csp2255636max; Tue, 28 Oct 2025 11:57:19 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCVHykNdxYx8q2muL5mRdm2ghTYHLp2CNW35SWswnKNGPx86xpPcuGz72wvbINmYIlr4KaYH4ssprmk=@openvpn.net X-Google-Smtp-Source: AGHT+IEIL82/4QnzaOf0WM08iMLwcfpTDoBm+F6OBqcRUEH6hMl4HoUdK041loQbClc/HFwZqO0S X-Received: by 2002:a6b:780c:0:b0:917:664e:c00b with SMTP id ca18e2360f4ac-945bb5060d9mr498745139f.9.1761677839240; Tue, 28 Oct 2025 11:57:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1761677839; cv=none; d=google.com; s=arc-20240605; b=cFIRWJ4fEgTg2wGnp0AtnKH8/tZ1NnXPw+oERLWPucZSFnTvnolrd2v/UlfrhyjqZF jRrPlGEXl+DOacTEE60F3KjIxg1a9Jp3LG5PuaNB3j5hazTAVWXUgxY2eMVBF1VKPV6r Vuhh4t4i38S3lOwwvjWUtu0/r6983zZIjN52Oq7e4dOz9eOC2y++pdD6O7UcoU5Xuxb8 TFqk/tAEVBWYYWT5T/zynlWISTbOQnJLGdLGjMVse2Pn35QG3u4svdRVpdRiZ/EevcKA 98zzffQwapFHYzM+ZanSPhbTMC+ckIkDuMocqrHW9i44fUTYaqw3Yekeb6jCmSfhFCWt 1DzA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=KvsLMkBzJwHFXM8o1l8TX+P/koVBfjSIk2TsuLYBsxs=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=PZblGFro/ox9lANM96GJnlMs7OZnaq6NahJzGNnGM7tzRolkCDEf7Opny0og/qWc/q Tus9jP4DvCsfAjl4gt+g+7hdiIIHCNeYEceZ056oPPnISQOSNHobD1R2g/KAmnyi+St7 sKPzpxsIjLiHPWm8mBWwk+Wv+ZcfHAf31dKd+Ay93RERTlZ/T0ce3U2jMJzXhxXBQGwX +98HKkEYBM69mRdRJjWMP1XE7cv0gI2yo0Xp1nwXhehveFu8bGwETSQxQFJDP8PdqNQC SI8GAte7vZVP/5UHKw5WCFnv6COK6zZ8xWQcU6E4cZ1jk4WpzxHtamnoToNr8fNQ3JIn QqQg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=IznmSeCM; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=W98q3ckZ; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=c3pWy1Li; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id ca18e2360f4ac-9435c7ed649si725741639f.302.2025.10.28.11.57.19 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 28 Oct 2025 11:57:19 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=IznmSeCM; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=W98q3ckZ; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=c3pWy1Li; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=KvsLMkBzJwHFXM8o1l8TX+P/koVBfjSIk2TsuLYBsxs=; b=IznmSeCMs5S3emApRSSnoAQt75 humddEVe61+OrPmg1WagDt42ZaX5hY2wDcMd/Zs9A++dXynBtZdCtfaG9KJRe8NAe9Kvku9SetK1G v0Yx16+h1MIP7ataUFeQAkoK5POTRcRXrleIE/BMX0YT1N/89OTSlXRdh9ZMuyIeVgns=; Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1vDosf-0006kT-7C; Tue, 28 Oct 2025 18:57:17 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1vDosd-0006kK-B8 for openvpn-devel@lists.sourceforge.net; Tue, 28 Oct 2025 18:57:15 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=onmZUu1QXkSUokwUlKIOmWEuGoWit6TAJUtwyHfPurM=; b=W98q3ckZbCXWNsNDmpvWJ+emgK q3Og7d1BhR/WV6GXbOXe5P+0yh1+WqEOzWtkJDwMLU4fp0cCRy6jJZciUTXQo4dZIR6BjheG+0WAc 1QLnoPVLUHVwuV4UeiF8OkWJ8X2Q9OHhQqGby6kqlDEJADU14bo2c3Yb8VCW2yQg4mSY=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=onmZUu1QXkSUokwUlKIOmWEuGoWit6TAJUtwyHfPurM=; b=c3pWy1LiXdbjzb89wZhtAW2e4k yO0rgHUU4oSanL91HQT+Afb7Qkj3bW+qnfvMxrh0FQS2TPD0P+R7i8MIvItYL0EoCJegv7Z8wGXEg OqtEoh/LCdUHW2nFpLl0Nx5ABB8LUANK9K5X053XqioPSNtW9rTeH54UTPRDfoaEM0oQ=; Received: from [193.149.48.134] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1vDosc-0000pP-1Q for openvpn-devel@lists.sourceforge.net; Tue, 28 Oct 2025 18:57:15 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 59SIv7sK001268 for ; Tue, 28 Oct 2025 19:57:07 +0100 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 59SIv7QC001267 for openvpn-devel@lists.sourceforge.net; Tue, 28 Oct 2025 19:57:07 +0100 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Tue, 28 Oct 2025 19:57:01 +0100 Message-ID: <20251028185706.1247-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.49.1 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-2.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Frank Lichtenheld The underlying APIs already use size_t and all the users (only httpdigest and push) already put size_t into it. So avoid conversion warnings. Also fix one trivial conversion warning in push.c to able to easily remove the -Wconversion override from the affected code paths. Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1vDosc-0000pP-1Q Subject: [Openvpn-devel] [PATCH v2] crypto_backend: Change len argument of md_ctx_update to size_t X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1847253101633056438?= X-GMAIL-MSGID: =?utf-8?q?1847253101633056438?= From: Frank Lichtenheld The underlying APIs already use size_t and all the users (only httpdigest and push) already put size_t into it. So avoid conversion warnings. Also fix one trivial conversion warning in push.c to able to easily remove the -Wconversion override from the affected code paths. Change-Id: I27f2fcd903d26ccbfbd0cdc45f99cc3cd8b0e49a Signed-off-by: Frank Lichtenheld Acked-by: Gert Doering Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1287 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1287 This mail reflects revision 2 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h index 4d6a96c..e95752a 100644 --- a/src/openvpn/crypto_backend.h +++ b/src/openvpn/crypto_backend.h @@ -599,7 +599,7 @@ * @param src Buffer to digest. May not be NULL. * @param src_len The length of the incoming buffer. */ -void md_ctx_update(md_ctx_t *ctx, const uint8_t *src, int src_len); +void md_ctx_update(md_ctx_t *ctx, const uint8_t *src, size_t src_len); /* * Output the message digest to the given buffer. diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index 076d4ee..2e328c3 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -765,6 +765,10 @@ return 1; } +#if defined(__GNUC__) || defined(__clang__) +#pragma GCC diagnostic pop +#endif + /* * * Generic message digest information functions @@ -877,7 +881,7 @@ } void -md_ctx_update(mbedtls_md_context_t *ctx, const uint8_t *src, int src_len) +md_ctx_update(mbedtls_md_context_t *ctx, const uint8_t *src, size_t src_len) { ASSERT(0 == mbedtls_md_update(ctx, src, src_len)); } @@ -994,6 +998,11 @@ seed_len, output, output_len)); } #else /* defined(HAVE_MBEDTLS_SSL_TLS_PRF) && defined(MBEDTLS_SSL_TLS_PRF_TLS1) */ +#if defined(__GNUC__) || defined(__clang__) +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wconversion" +#endif + /* * Generate the hash required by for the \c tls1_PRF function. * @@ -1122,10 +1131,10 @@ gc_free(&gc); return true; } -#endif /* HAVE_MBEDTLS_SSL_TLS_PRF && defined(MBEDTLS_SSL_TLS_PRF_TLS1) */ #if defined(__GNUC__) || defined(__clang__) #pragma GCC diagnostic pop #endif +#endif /* HAVE_MBEDTLS_SSL_TLS_PRF && defined(MBEDTLS_SSL_TLS_PRF_TLS1) */ #endif /* ENABLE_CRYPTO_MBEDTLS */ diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index f596b8c..ec0269c 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -1165,7 +1165,7 @@ } void -md_ctx_update(EVP_MD_CTX *ctx, const uint8_t *src, int src_len) +md_ctx_update(EVP_MD_CTX *ctx, const uint8_t *src, size_t src_len) { EVP_DigestUpdate(ctx, src, src_len); } diff --git a/src/openvpn/httpdigest.c b/src/openvpn/httpdigest.c index f665b17..be20638 100644 --- a/src/openvpn/httpdigest.c +++ b/src/openvpn/httpdigest.c @@ -61,11 +61,6 @@ Hex[HASHHEXLEN] = '\0'; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - /* calculate H(A1) as per spec */ void DigestCalcHA1(IN char *pszAlg, IN char *pszUserName, IN char *pszRealm, IN char *pszPassword, @@ -150,8 +145,4 @@ CvtHex(RespHash, Response); } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - #endif /* if PROXY_DIGEST_AUTH */ diff --git a/src/openvpn/push.c b/src/openvpn/push.c index 2c717c7..6f146fc 100644 --- a/src/openvpn/push.c +++ b/src/openvpn/push.c @@ -772,6 +772,10 @@ return true; } +#if defined(__GNUC__) || defined(__clang__) +#pragma GCC diagnostic pop +#endif + void send_push_reply_auth_token(struct tls_multi *multi) { @@ -1046,7 +1050,7 @@ unsigned int *option_types_found, struct buffer *buf) { int ret = PUSH_MSG_ERROR; - const uint8_t ch = buf_read_u8(buf); + const int ch = buf_read_u8(buf); if (ch == ',') { struct buffer buf_orig = (*buf); @@ -1090,10 +1094,6 @@ return ret; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - int process_incoming_push_msg(struct context *c, const struct buffer *buffer, bool honor_received_options, unsigned int permission_mask,