crypto_backend: Change len argument of md_ctx_update to size_t

The underlying APIs already use size_t and all the
users (only httpdigest and push) already put size_t
into it. So avoid conversion warnings.

Also fix one trivial conversion warning in push.c
to able to easily remove the -Wconversion override
from the affected code paths.

Change-Id: I27f2fcd903d26ccbfbd0cdc45f99cc3cd8b0e49a
Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com>
Acked-by: Gert Doering <gert@greenie.muc.de>
Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1287
Message-Id: <20251028185706.1247-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg33973.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h
index 4d6a96c53f67305ecbbd89c678588e25faa60fcc..e95752aa77f8d96e7ba37dff175ca0e6a48c9a9f 100644 (file)
--- a/src/openvpn/crypto_backend.h
+++ b/src/openvpn/crypto_backend.h
@@ -599,7 +599,7 @@ int md_ctx_size(const md_ctx_t *ctx);
  * @param src           Buffer to digest. May not be NULL.
  * @param src_len       The length of the incoming buffer.
  */
-void md_ctx_update(md_ctx_t *ctx, const uint8_t *src, int src_len);
+void md_ctx_update(md_ctx_t *ctx, const uint8_t *src, size_t src_len);
 
 /*
  * Output the message digest to the given buffer.

diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c
index 076d4ee031326e1e86f9034538ee945c2aaec584..2e328c3fc4c88a3ba059f169ef22de29f5445951 100644 (file)
--- a/src/openvpn/crypto_mbedtls.c
+++ b/src/openvpn/crypto_mbedtls.c
@@ -765,6 +765,10 @@ cipher_ctx_final_check_tag(mbedtls_cipher_context_t *ctx, uint8_t *dst, int *dst
     return 1;
 }
 
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
 /*
  *
  * Generic message digest information functions
@@ -877,7 +881,7 @@ md_ctx_size(const mbedtls_md_context_t *ctx)
 }
 
 void
-md_ctx_update(mbedtls_md_context_t *ctx, const uint8_t *src, int src_len)
+md_ctx_update(mbedtls_md_context_t *ctx, const uint8_t *src, size_t src_len)
 {
     ASSERT(0 == mbedtls_md_update(ctx, src, src_len));
 }
@@ -994,6 +998,11 @@ ssl_tls1_PRF(const uint8_t *seed, size_t seed_len, const uint8_t *secret, size_t
                                        seed_len, output, output_len));
 }
 #else /* defined(HAVE_MBEDTLS_SSL_TLS_PRF) && defined(MBEDTLS_SSL_TLS_PRF_TLS1) */
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
 /*
  * Generate the hash required by for the \c tls1_PRF function.
  *
@@ -1122,10 +1131,10 @@ ssl_tls1_PRF(const uint8_t *label, size_t label_len, const uint8_t *sec, size_t
     gc_free(&gc);
     return true;
 }
-#endif /* HAVE_MBEDTLS_SSL_TLS_PRF && defined(MBEDTLS_SSL_TLS_PRF_TLS1) */
 
 #if defined(__GNUC__) || defined(__clang__)
 #pragma GCC diagnostic pop
 #endif
+#endif /* HAVE_MBEDTLS_SSL_TLS_PRF && defined(MBEDTLS_SSL_TLS_PRF_TLS1) */
 
 #endif /* ENABLE_CRYPTO_MBEDTLS */

diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
index f596b8c8a3954e29be0ae848cfbd88d549fcdeb8..ec0269c950e43ac4795dc8e0fb71e5404de2820c 100644 (file)
--- a/src/openvpn/crypto_openssl.c
+++ b/src/openvpn/crypto_openssl.c
@@ -1165,7 +1165,7 @@ md_ctx_size(const EVP_MD_CTX *ctx)
 }
 
 void
-md_ctx_update(EVP_MD_CTX *ctx, const uint8_t *src, int src_len)
+md_ctx_update(EVP_MD_CTX *ctx, const uint8_t *src, size_t src_len)
 {
     EVP_DigestUpdate(ctx, src, src_len);
 }

diff --git a/src/openvpn/httpdigest.c b/src/openvpn/httpdigest.c
index f665b17b5a18d23bcf83de6d9ab490ea22b4dd4a..be2063853a5a2cf1d0ddd610539effc825826b2e 100644 (file)
--- a/src/openvpn/httpdigest.c
+++ b/src/openvpn/httpdigest.c
@@ -61,11 +61,6 @@ CvtHex(IN HASH Bin, OUT HASHHEX Hex)
     Hex[HASHHEXLEN] = '\0';
 }
 
-#if defined(__GNUC__) || defined(__clang__)
-#pragma GCC diagnostic push
-#pragma GCC diagnostic ignored "-Wconversion"
-#endif
-
 /* calculate H(A1) as per spec */
 void
 DigestCalcHA1(IN char *pszAlg, IN char *pszUserName, IN char *pszRealm, IN char *pszPassword,
@@ -150,8 +145,4 @@ DigestCalcResponse(IN HASHHEX HA1,         /* H(A1) */
     CvtHex(RespHash, Response);
 }
 
-#if defined(__GNUC__) || defined(__clang__)
-#pragma GCC diagnostic pop
-#endif
-
 #endif /* if PROXY_DIGEST_AUTH */

diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index 2c717c7b28ceca8a8edb488736ae332af8b4639e..6f146fcead6527221aedc40ce11669d9eaa922a1 100644 (file)
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -772,6 +772,10 @@ send_push_options(struct context *c, struct buffer *buf, struct push_list *push_
     return true;
 }
 
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
 void
 send_push_reply_auth_token(struct tls_multi *multi)
 {
@@ -1046,7 +1050,7 @@ process_incoming_push_reply(struct context *c, unsigned int permission_mask,
                             unsigned int *option_types_found, struct buffer *buf)
 {
     int ret = PUSH_MSG_ERROR;
-    const uint8_t ch = buf_read_u8(buf);
+    const int ch = buf_read_u8(buf);
     if (ch == ',')
     {
         struct buffer buf_orig = (*buf);
@@ -1090,10 +1094,6 @@ process_incoming_push_reply(struct context *c, unsigned int permission_mask,
     return ret;
 }
 
-#if defined(__GNUC__) || defined(__clang__)
-#pragma GCC diagnostic pop
-#endif
-
 int
 process_incoming_push_msg(struct context *c, const struct buffer *buffer,
                           bool honor_received_options, unsigned int permission_mask,