From patchwork Sun Nov 10 13:35:23 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: [Openvpn-devel,1/3] auth_token_kt: ensure key_type object is initialized X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 905 Message-Id: <20191110133525.6069-1-a@unstable.cc> To: openvpn-devel@lists.sourceforge.net Cc: Antonio Quartulli Date: Sun, 10 Nov 2019 14:35:23 +0100 From: Antonio Quartulli List-Id: Fixes the following warning: auth_token.c: In function 'auth_token_init_secret': auth_token.c:47: warning: 'kt.cipher_length' is used uninitialized in this function auth_token.c:34: note: 'kt.cipher_length' was declared here Signed-off-by: Arne Schwabe Signed-off-by: Antonio Quartulli Acked-by: Arne Schwabe --- src/openvpn/auth_token.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/openvpn/auth_token.c b/src/openvpn/auth_token.c index 1edc8069..6275299d 100644 --- a/src/openvpn/auth_token.c +++ b/src/openvpn/auth_token.c @@ -31,7 +31,7 @@ const char *auth_token_pem_name = "OpenVPN auth-token server key"; static struct key_type auth_token_kt(void) { - struct key_type kt; + struct key_type kt = { 0 }; /* We do not encrypt our session tokens */ kt.cipher = NULL; kt.digest = md_kt_get("SHA256"); From patchwork Sun Nov 10 13:35:24 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: [Openvpn-devel,2/3] auth.c: make cast explicit in the crypto API X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 904 Message-Id: <20191110133525.6069-2-a@unstable.cc> To: openvpn-devel@lists.sourceforge.net Cc: Antonio Quartulli Date: Sun, 10 Nov 2019 14:35:24 +0100 From: Antonio Quartulli List-Id: mbedtls_md_get_size() returns unsigned char, while EVP_MD_size() returns int. Results coming from both functions are normally in a uint8_t member of the key_type struct, because it is known that 8bits are enough (also for EVP_MD_size()). This unexpected cast can, however, trigger unsolicited warnings. Make the cast explicit by changing the return value of our crypto API. Reported-by: Arne Schwabe Signed-off-by: Antonio Quartulli Acked-By: Arne Schwabe --- src/openvpn/crypto_backend.h | 2 +- src/openvpn/crypto_mbedtls.c | 2 +- src/openvpn/crypto_openssl.c | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h index d119442f..1d206a8c 100644 --- a/src/openvpn/crypto_backend.h +++ b/src/openvpn/crypto_backend.h @@ -526,7 +526,7 @@ const char *md_kt_name(const md_kt_t *kt); * * @return Message digest size, in bytes, or 0 if ctx was NULL. */ -int md_kt_size(const md_kt_t *kt); +unsigned char md_kt_size(const md_kt_t *kt); /* diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index 648a988e..3e77fa9e 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -823,7 +823,7 @@ md_kt_name(const mbedtls_md_info_t *kt) return mbedtls_md_get_name(kt); } -int +unsigned char md_kt_size(const mbedtls_md_info_t *kt) { if (NULL == kt) diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index 520e40ee..a81dcfd8 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -930,10 +930,10 @@ md_kt_name(const EVP_MD *kt) return EVP_MD_name(kt); } -int +unsigned char md_kt_size(const EVP_MD *kt) { - return EVP_MD_size(kt); + return (unsigned char)EVP_MD_size(kt); } From patchwork Sun Nov 10 13:35:25 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: [Openvpn-devel,3/3] travis: compile with -Werror on Linux X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 906 Message-Id: <20191110133525.6069-3-a@unstable.cc> To: openvpn-devel@lists.sourceforge.net Cc: Antonio Quartulli Date: Sun, 10 Nov 2019 14:35:25 +0100 From: Antonio Quartulli List-Id: Signed-off-by: Antonio Quartulli Acked-By: Arne Schwabe --- .travis/build-check.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis/build-check.sh b/.travis/build-check.sh index 039a7dcf..250bb454 100755 --- a/.travis/build-check.sh +++ b/.travis/build-check.sh @@ -8,6 +8,7 @@ fi if [ "${TRAVIS_OS_NAME}" = "linux" ]; then export LD_LIBRARY_PATH="${PREFIX}/lib:${LD_LIBRARY_PATH:-}" + export CFLAGS="${CFLAGS} -Werror" fi if [ "${TRAVIS_OS_NAME}" = "osx" ]; then