From patchwork Thu Oct 11 00:51:42 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Lev Stipakov <lstipakov@gmail.com>
X-Patchwork-Id: 544
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Delivered-To: patchwork@openvpn.net
Received: from director11.mail.ord1d.rsapps.net ([172.31.255.6])
	by backend30.mail.ord1d.rsapps.net with LMTP id KOGqD5k6v1unXgAAIUCqbw
	for <patchwork@openvpn.net>; Thu, 11 Oct 2018 07:57:13 -0400
Received: from proxy4.mail.iad3b.rsapps.net ([172.31.255.6])
	by director11.mail.ord1d.rsapps.net with LMTP id CDseDZk6v1sSEAAAvGGmqA
	; Thu, 11 Oct 2018 07:57:13 -0400
Received: from smtp25.gate.iad3b ([172.31.255.6])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by proxy4.mail.iad3b.rsapps.net with LMTP id eKEmBpk6v1uARAAA9crAow
	; Thu, 11 Oct 2018 07:57:13 -0400
X-Spam-Threshold: 95
X-Spam-Score: 0
X-Spam-Flag: NO
X-Virus-Scanned: OK
X-Orig-To: openvpnslackdevel@openvpn.net
X-Originating-Ip: [216.105.38.7]
Authentication-Results: smtp25.gate.iad3b.rsapps.net;
 iprev=pass policy.iprev="216.105.38.7";
 spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net"
 smtp.helo="lists.sourceforge.net";
 dkim=fail (signature verification failed) header.d=sourceforge.net;
 dkim=fail (signature verification failed) header.d=sf.net;
 dkim=fail (signature verification failed) header.d=gmail.com;
 dmarc=fail (p=none; dis=none) header.from=gmail.com
X-Suspicious-Flag: YES
X-Classification-ID: c9c0c524-cd4c-11e8-b56e-52540030a522-1-1
Received: from [216.105.38.7] ([216.105.38.7:56479]
 helo=lists.sourceforge.net)
	by smtp25.gate.iad3b.rsapps.net (envelope-from
 <openvpn-devel-bounces@lists.sourceforge.net>)
	(ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384)
	id 7B/90-12864-89A3FBB5; Thu, 11 Oct 2018 07:57:12 -0400
Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com)
	by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1gAZZg-0000qE-4F; Thu, 11 Oct 2018 11:56:16 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-1.v29.lw.sourceforge.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1)
 (envelope-from <lstipakov@gmail.com>) id 1gAZZe-0000q7-Uz
 for openvpn-devel@lists.sourceforge.net; Thu, 11 Oct 2018 11:56:14 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To:
 From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=MmDmTIp5n/GtHb3LC4EgJt5Y3kUr/aovHfQqutnJG4k=; b=k+7zZhv087eLfUbsGdTKxWUf01
 KPIYyASXDSv5tz0xVLdwEE5xPKyT3D+kPn/4DNjaPVWIsEsa5x8HstFRS4GTGvty6uEAx1PAuZpiy
 eZfO8QXnYQpNkOyFaaqfXSsImEdSfYqSR4Ea3/k/Dw5ZH8iN6TvjipBDqtAj+ffAADUM=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc
 :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=MmDmTIp5n/GtHb3LC4EgJt5Y3kUr/aovHfQqutnJG4k=; b=RJV/jnFv8ECvXn1y4V9NWRxdKz
 tYg91D+jlOgAMnvIE3cPNvZ6q+hm617gPmiuVre/mQ+P3dAHzqiMVZV26JhAniZIlX6VOmyecrv0m
 Z+6yPJLo8hixLeko3iQ9JxqhfScq0Noxq24BHqB+PJ/nkpvZdV9TNqdGQ2MHOh0i0ytI=;
Received: from mail-ed1-f54.google.com ([209.85.208.54])
 by sfi-mx-4.v28.lw.sourceforge.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.90_1)
 id 1gAZZd-00GhmU-CC
 for openvpn-devel@lists.sourceforge.net; Thu, 11 Oct 2018 11:56:14 +0000
Received: by mail-ed1-f54.google.com with SMTP id g32-v6so7962882edg.13
 for <openvpn-devel@lists.sourceforge.net>;
 Thu, 11 Oct 2018 04:56:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:subject:date:message-id:in-reply-to:references;
 bh=MmDmTIp5n/GtHb3LC4EgJt5Y3kUr/aovHfQqutnJG4k=;
 b=d3Uh4Wky5AjMKjCVOMZxY5hR/td1X08aNqXIUCo1uWyglLhyC2aAcEmo0T2OmQYkb4
 o8FRBiBXc9D/aN2KKZrF6txIZZm5L2tfld/jMdpDWcwN22/cvzpGNehmqwEAU2dnr8vq
 YmcvDoYguG5pbjv3INdjfpb7nRd1p6pJ0aH04qnVzg/LhjOlNADuf67qBzXT1d+n6NGQ
 ZUJHwWflCsz9J5wUIf1eqmKrHRU+3iMzMZsP6FZMXhDoQZV5toLuNhykxR9mKiseiQSr
 uhgZvhuEu68nxjrANEXrwW8Hf+Q72UR/sOSEcE5yZMtJoCFn/iSK3IRqi+XhMsEEpdOF
 LtNQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
 :references;
 bh=MmDmTIp5n/GtHb3LC4EgJt5Y3kUr/aovHfQqutnJG4k=;
 b=llotKayppMGGYJQXIA3ogpxGk1AI27FaWej74ufVkG7Ef5LatRj/P8rWUD4eqaSnr4
 8zSgjLEVYaxrLXQBfhO5t8+/E15v1j7BJc2Faj6QoKgzI7UJqdiF42ojVTGzXJjJhevL
 QxHuRZhW3qi4Ghm0c9PYQzuYFyhCN+JRrIISUizG9skCxnvXZHvNXNbW2ZfRpbUGoYNq
 Viq8GSujcJ//S93Me46y9KvmJVmtCRVT7W9bGV2dcZPz1yPFZYuKDRkRGJYKxAGneTxK
 zCdeWBC45R33vU0af/igXh42EivyijWzx6qV/kecszvcxG3R4zlzuU8hXJyhnPLgRmne
 HIxw==
X-Gm-Message-State: ABuFfogaErYiay4DCh9AmqaYymQMQ1+WPPTEDPl6AowwH5EJxDgnYmNA
 dV+PdthuiuNUvrexy9xKJdOsa1H3foY=
X-Google-Smtp-Source: 
 ACcGV62TkMRy5Axxxw/k9dG+RhVql4EIYMZWLsQWGqbyhIoAXEk2QNb3szVdlikMFkdTqK+UCTJECg==
X-Received: by 2002:a50:b2e1:: with SMTP id
 p88-v6mr2292219edd.155.1539258966343;
 Thu, 11 Oct 2018 04:56:06 -0700 (PDT)
Received: from stipakov.fi (stipakov.fi. [128.199.52.117])
 by smtp.gmail.com with ESMTPSA id p23-v6sm4757704ejj.16.2018.10.11.04.56.05
 for <openvpn-devel@lists.sourceforge.net>
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
 Thu, 11 Oct 2018 04:56:05 -0700 (PDT)
From: Lev Stipakov <lstipakov@gmail.com>
To: openvpn-devel@lists.sourceforge.net
Date: Thu, 11 Oct 2018 14:51:42 +0300
Message-Id: <1539258702-15427-1-git-send-email-lstipakov@gmail.com>
X-Mailer: git-send-email 2.7.4
In-Reply-To: <20181011112317.GF962@greenie.muc.de>
References: <20181011112317.GF962@greenie.muc.de>
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
 See http://spamassassin.org/tag/ for more details.
 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
 (lstipakov[at]gmail.com)
 -0.0 RCVD_IN_MSPIKE_H2      RBL: Average reputation (+2)
 [209.85.208.54 listed in wl.mailspike.net]
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at http://www.dnswl.org/, no
 trust [209.85.208.54 listed in list.dnswl.org]
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
 domain
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily valid
X-Headers-End: 1gAZZd-00GhmU-CC
Subject: [Openvpn-devel] [PATCH v3] options.c: fix broken unary minus usage
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
MIME-Version: 1.0
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox

From: Lev Stipakov <lev@openvpn.net>

In Visual Studio when unary minus is applied to unsigned,
result is still unsigned. This means that when we use result
as function formal parameter, we pass incorrect value.

Fix by introducing frame_remove_from_extra_frame(),
which makes code semantically more clear and eliminates
the need in negative value and cast.

Since GCC didn't complain (and users too :), it probably performed
cast to signed automatically.

Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
---
v3:
 - change crypto_overhead and crypto_max_overhead() type to unsigned int
 to avoid additional cast or warning in Visual Studio
 - rename "increment" formal paremeter to "decrement"

v2:
  - use new frame_remove_from_extra_frame() instead of
 passing negative value

 src/openvpn/crypto.c  | 6 +++---
 src/openvpn/crypto.h  | 2 +-
 src/openvpn/mtu.h     | 8 +++++++-
 src/openvpn/options.c | 2 +-
 src/openvpn/ssl.c     | 2 +-
 5 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c
index 6d34acd..8416b89 100644
--- a/src/openvpn/crypto.c
+++ b/src/openvpn/crypto.c
@@ -700,7 +700,7 @@ crypto_adjust_frame_parameters(struct frame *frame,
                                bool packet_id,
                                bool packet_id_long_form)
 {
-    size_t crypto_overhead = 0;
+    unsigned int crypto_overhead = 0;
 
     if (packet_id)
     {
@@ -725,10 +725,10 @@ crypto_adjust_frame_parameters(struct frame *frame,
     frame_add_to_extra_frame(frame, crypto_overhead);
 
     msg(D_MTU_DEBUG, "%s: Adjusting frame parameters for crypto by %u bytes",
-        __func__, (unsigned int) crypto_overhead);
+        __func__, crypto_overhead);
 }
 
-size_t
+unsigned int
 crypto_max_overhead(void)
 {
     return packet_id_size(true) + OPENVPN_MAX_IV_LENGTH
diff --git a/src/openvpn/crypto.h b/src/openvpn/crypto.h
index 263725d..1d7f4c5 100644
--- a/src/openvpn/crypto.h
+++ b/src/openvpn/crypto.h
@@ -418,7 +418,7 @@ void crypto_adjust_frame_parameters(struct frame *frame,
                                     bool packet_id_long_form);
 
 /** Return the worst-case OpenVPN crypto overhead (in bytes) */
-size_t crypto_max_overhead(void);
+unsigned int crypto_max_overhead(void);
 
 /* Minimum length of the nonce used by the PRNG */
 #define NONCE_SECRET_LEN_MIN 16
diff --git a/src/openvpn/mtu.h b/src/openvpn/mtu.h
index a82154a..cfa8d2f 100644
--- a/src/openvpn/mtu.h
+++ b/src/openvpn/mtu.h
@@ -271,12 +271,18 @@ frame_add_to_link_mtu(struct frame *frame, const int increment)
 }
 
 static inline void
-frame_add_to_extra_frame(struct frame *frame, const int increment)
+frame_add_to_extra_frame(struct frame *frame, const unsigned int increment)
 {
     frame->extra_frame += increment;
 }
 
 static inline void
+frame_remove_from_extra_frame(struct frame *frame, const unsigned int decrement)
+{
+    frame->extra_frame -= decrement;
+}
+
+static inline void
 frame_add_to_extra_tun(struct frame *frame, const int increment)
 {
     frame->extra_tun += increment;
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index e42029c..3ce620a 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -3509,7 +3509,7 @@ calc_options_string_link_mtu(const struct options *o, const struct frame *frame)
         struct key_type fake_kt;
         init_key_type(&fake_kt, o->ciphername, o->authname, o->keysize, true,
                       false);
-        frame_add_to_extra_frame(&fake_frame, -(crypto_max_overhead()));
+        frame_remove_from_extra_frame(&fake_frame, crypto_max_overhead());
         crypto_adjust_frame_parameters(&fake_frame, &fake_kt, o->replay,
                                        cipher_kt_mode_ofb_cfb(fake_kt.cipher));
         frame_finalize(&fake_frame, o->ce.link_mtu_defined, o->ce.link_mtu,
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index 315303b..9e2fd94 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -1987,7 +1987,7 @@ tls_session_update_crypto_params(struct tls_session *session,
     }
 
     /* Update frame parameters: undo worst-case overhead, add actual overhead */
-    frame_add_to_extra_frame(frame, -(crypto_max_overhead()));
+    frame_remove_from_extra_frame(frame, crypto_max_overhead());
     crypto_adjust_frame_parameters(frame, &session->opt->key_type,
                                    options->replay, packet_id_long_form);
     frame_finalize(frame, options->ce.link_mtu_defined, options->ce.link_mtu,