From patchwork Tue Nov 11 15:52:31 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gert Doering <gert@greenie.muc.de>
X-Patchwork-Id: 4580
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Received: by 2002:a05:7000:33c4:b0:7b1:439f:bdf with SMTP id u4csp1974258maf;
        Tue, 11 Nov 2025 07:52:50 -0800 (PST)
X-Forwarded-Encrypted: i=2;
 AJvYcCXu28/uxy+eFo5hS8i9nW689N9gxTSXylHIc73OkrRf0OF9Ag2WjxqfoW/z1GyhZrsMETYyypxx4bs=@openvpn.net
X-Google-Smtp-Source: 
 AGHT+IHLXReE/y7A0OBIqZn8L5nopdoHivRLq6S4jCsu18TRY9VrQ1wO/PtrFXY+X6OZuPv4uhmN
X-Received: by 2002:a05:6808:18a8:b0:44f:e931:38ab with SMTP id
 5614622812f47-4502a35d2bfmr5320990b6e.43.1762876369975;
        Tue, 11 Nov 2025 07:52:49 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1762876369; cv=none;
        d=google.com; s=arc-20240605;
        b=anjLiYzgRAQ6VFi8BX4S+TjnDImkgONM8ORYROg936tVB63QxdLOZK8f9U4biWANU5
         kp7KwgMUSNEHmj3L1WypmgUJ4G+WAaNrX6KSpkayd/QgaEUGGssjWk7a8tQKRc5CPjfd
         Obr3R3pgjioAgp9dpCdVA+/xyYLGeTA+0Ny3uhYgsQ14/2IV8x8WWu7gFaV5oYOvDIoF
         iMl8yOVKRzEAbrvhm8IT2zip8mlt+sw+LBdp5GkY0UCAKLsaDI6jvJdq7ogm7P0XPygN
         jxf7Qvu2CK/ImHUeJ7yRewemq/McPJEvvBhrFKeUfw6u97aEBIXjHVIuWZy1uDX3f9vk
         3YRQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20240605;
        h=errors-to:content-transfer-encoding:list-subscribe:list-help
         :list-post:list-archive:list-unsubscribe:list-id:precedence:subject
         :mime-version:references:in-reply-to:message-id:date:to:from
         :dkim-signature:dkim-signature:dkim-signature;
        bh=FocdDjwMf5MMdt8z9dT+yvXi/hNsrV4M2uo+tRZNuBY=;
        fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=;
        b=kg/VspbZKP1YSWBgJ7krng2zrY+QutK/9H31RcRPDg2RcXwOF8EYfcmhD0b9A4ffmu
         ec5aN9zT7XFxBzqa7F9Jr/FBNmsbRX4nRPMvB3Dnj3IZp896YEIrGgW3m18lXX9hJ+qR
         Mt07VHrgbKBjsMdAuHXEy3OW4jO4jO1XCRLv0eCIMFAq81w/kQVYjSG3mUeNaDhLkNmx
         q0aeYxgpzWBKv9TQu8YNKrHxRnOnphmfCoXop/VvHVQcJBnDmySxaj2W9tCH2knKIjhX
         rlZcLBg9FGlMKr6sr+BX7bKxGqfOKdNeO/lzFLs+ygwPObeXFiqslnHy6Q1e9SdoWm+D
         lpng==;
        dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@lists.sourceforge.net header.s=beta
 header.b=Q73C8KoQ;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=ghTcl4Dr;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=YtDsgbKZ;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de
Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7])
        by mx.google.com with ESMTPS id
 5614622812f47-45002749840si5010067b6e.29.2025.11.11.07.52.49
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Tue, 11 Nov 2025 07:52:49 -0800 (PST)
Received-SPF: pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) client-ip=216.105.38.7;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@lists.sourceforge.net header.s=beta
 header.b=Q73C8KoQ;
       dkim=neutral (body hash did not verify) header.i=@sourceforge.net
 header.s=x header.b=ghTcl4Dr;
       dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x
 header.b=YtDsgbKZ;
       spf=pass (google.com: domain of
 openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as
 permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type:
	List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:
	Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender:
	Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From:
	Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner;
	bh=FocdDjwMf5MMdt8z9dT+yvXi/hNsrV4M2uo+tRZNuBY=; b=Q73C8KoQhJygnKGCq/J75Pd2Ep
	EN336LOlgsAKfdEEQIyKxShmrWf+14hj8vupj2ME7Rs/zdGuG4aPGyjF/oHwu/30dCddQxkL7wVzY
	9BImYvkPqugZNPMGVSoMSpY5lssQrTN3aLCp+8YdM/5Vo7rN7ft+cfXtxAJwGC1AsDQk=;
Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com)
	by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1vIqfo-0004F2-4s;
	Tue, 11 Nov 2025 15:52:48 +0000
Received: from [172.30.29.66] (helo=mx.sourceforge.net)
 by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95)
 (envelope-from <gert@blue4.greenie.muc.de>) id 1vIqfn-0004Ev-5W
 for openvpn-devel@lists.sourceforge.net;
 Tue, 11 Nov 2025 15:52:47 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References:
 In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=WIDcdquSlSdUgqNRahMFeCqDiNp5t9pxG/iZl+pChEU=; b=ghTcl4Dr6rkcqblnhk91ynjoil
 SnG/JIsi3d8oR7htBi0lI8umF9BmVo9j0+JFLdpEt8oCaCZ5OzZAea+Mkn89n2WDgSNSq2EA0+8fC
 Sl2i8PD8H1ls+4eVdokRdHYxWMn8aZy6d9a+K7VmVr1/FT9OF5IH+Hw75cHMZmJw6hH4=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:
 Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=WIDcdquSlSdUgqNRahMFeCqDiNp5t9pxG/iZl+pChEU=; b=YtDsgbKZpjCXJGfMBq4DWenl/6
 V3d4CkIZpo+qsG5o/BIwOfh58w/FhS2ppqHq5O9qRYZa0KAhcRmbfKFCFat8e6/hXd6PnxnmYjtpj
 BZHisRMDmDOgC5K9gyIaKf/W8atTFfnOTBcrAJDTvK1YrZ1tU2sljUelYHzMtpQT8fZE=;
Received: from [193.149.48.134] (helo=blue.greenie.muc.de)
 by sfi-mx-2.v28.lw.sourceforge.com with esmtps
 (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95)
 id 1vIqfm-0006IW-97 for openvpn-devel@lists.sourceforge.net;
 Tue, 11 Nov 2025 15:52:47 +0000
Received: from blue.greenie.muc.de (localhost [127.0.0.1])
 by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 5ABFqdkK031766
 for <openvpn-devel@lists.sourceforge.net>; Tue, 11 Nov 2025 16:52:39 +0100
Received: (from gert@localhost)
 by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 5ABFqdZj031765
 for openvpn-devel@lists.sourceforge.net; Tue, 11 Nov 2025 16:52:39 +0100
From: Gert Doering <gert@greenie.muc.de>
To: openvpn-devel@lists.sourceforge.net
Date: Tue, 11 Nov 2025 16:52:31 +0100
Message-ID: <20251111155239.31747-1-gert@greenie.muc.de>
X-Mailer: git-send-email 2.49.1
In-Reply-To: 
 <gerrit.1762517501000.Ic90c5a0e48bda4a02d5e11c4c161f388cc8805af@gerrit.openvpn.net>
References: 
 <gerrit.1762517501000.Ic90c5a0e48bda4a02d5e11c4c161f388cc8805af@gerrit.openvpn.net>
MIME-Version: 1.0
X-Spam-Score: 1.3 (+)
X-Spam-Report: Spam detection software,
 running on the system "sfi-spamd-2.hosts.colo.sdot.me",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview: From: Frank Lichtenheld <frank@lichtenheld.com> There is
 only
 one caller of this function and it wants it to be size_t. So move the size_t
 to int conversion one step down in the call chain. Do not switch
 key_state_write_plaintext_const, yet, since [...]
 Content analysis details:   (1.3 points, 5.0 required)
 pts rule name              description
 ---- ----------------------
 --------------------------------------------------
 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
X-Headers-End: 1vIqfm-0006IW-97
Subject: [Openvpn-devel] [PATCH v1] ssl: Change tls_send_payload size
 argument to size_t
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox
X-GMAIL-THRID: =?utf-8?q?1848509852978735650?=
X-GMAIL-MSGID: =?utf-8?q?1848509852978735650?=

From: Frank Lichtenheld <frank@lichtenheld.com>

There is only one caller of this function and it
wants it to be size_t. So move the size_t to int
conversion one step down in the call chain. Do not
switch key_state_write_plaintext_const, yet, since
that is a backend function and so needs way more
work.

Change-Id: Ic90c5a0e48bda4a02d5e11c4c161f388cc8805af
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Arne Schwabe <arne-openvpn@rfc2549.org>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1355
---

This change was reviewed on Gerrit and approved by at least one
developer. I request to merge it to master.

Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1355
This mail reflects revision 1 of this Change.

Acked-by according to Gerrit (reflected above):
Arne Schwabe <arne-openvpn@rfc2549.org>

diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c
index 5bbac13..cffb310 100644
--- a/src/openvpn/forward.c
+++ b/src/openvpn/forward.c
@@ -365,11 +365,6 @@
     }
 }
 
-#if defined(__GNUC__) || defined(__clang__)
-#pragma GCC diagnostic push
-#pragma GCC diagnostic ignored "-Wconversion"
-#endif
-
 bool
 send_control_channel_string_dowork(struct tls_session *session, const char *str,
                                    msglvl_t msglevel)
@@ -827,6 +822,11 @@
 #endif /* ENABLE_MANAGEMENT */
 }
 
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
 static void
 check_coarse_timers(struct context *c)
 {
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 908854a..398c9ae 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -4032,7 +4032,7 @@
  */
 
 bool
-tls_send_payload(struct key_state *ks, const uint8_t *data, int size)
+tls_send_payload(struct key_state *ks, const uint8_t *data, size_t size)
 {
     bool ret = false;
 
@@ -4042,7 +4042,8 @@
 
     if (ks->state >= S_ACTIVE)
     {
-        if (key_state_write_plaintext_const(&ks->ks_ssl, data, size) == 1)
+        ASSERT(size <= INT_MAX);
+        if (key_state_write_plaintext_const(&ks->ks_ssl, data, (int)size) == 1)
         {
             ret = true;
         }
@@ -4053,7 +4054,7 @@
         {
             ks->paybuf = buffer_list_new();
         }
-        buffer_list_push_data(ks->paybuf, data, (size_t)size);
+        buffer_list_push_data(ks->paybuf, data, size);
         ret = true;
     }
 
diff --git a/src/openvpn/ssl.h b/src/openvpn/ssl.h
index ffcc7c4..db8a798 100644
--- a/src/openvpn/ssl.h
+++ b/src/openvpn/ssl.h
@@ -426,7 +426,7 @@
 /*
  * Send a payload over the TLS control channel
  */
-bool tls_send_payload(struct key_state *ks, const uint8_t *data, int size);
+bool tls_send_payload(struct key_state *ks, const uint8_t *data, size_t size);
 
 /*
  * Receive a payload through the TLS control channel