- Fixes for patch (includes, declarations, warnings).

git-svn-id: file:///svn/unbound/trunk@5060 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/doc/Changelog b/doc/Changelog
index 856c657816ad7297d7f6a6cb8f4738906faa41a6..a5b9bb886f89451c86af57ef995e0fbb9b4479d5 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -6,6 +6,7 @@
          library compatibility when compiling.
        - Patch for TLS session resumption from Manabu Sonoda,
          enable with tls-session-ticket-keys in unbound.conf.
+       - Fixes for patch (includes, declarations, warnings).
 
 22 January 2018: Wouter
        - Fix space calculation for tcp req buffer size.

diff --git a/util/config_file.h b/util/config_file.h
index 32fb7d30b8fb2506980f368ca510310d418f2a2e..e87461aaba01f6a7491065a0aa6159fbee023445 100644 (file)
--- a/util/config_file.h
+++ b/util/config_file.h
@@ -120,7 +120,7 @@ struct config_file {
        int tls_win_cert;
        /** additional tls ports */
        struct config_strlist* tls_additional_port;
-       /** secret key used to encrypt and decrypt TLS session ticket -**/
+       /** secret key used to encrypt and decrypt TLS session ticket */
        struct config_strlist* tls_session_ticket_keys;
        /** TLS ciphers */
        char* tls_ciphers;

diff --git a/util/net_help.c b/util/net_help.c
index 861ee57489a705dfac48e792d3cecd601b586e0c..01c82cc0afa6d00d4774abe3309589c1ed415e57 100644 (file)
--- a/util/net_help.c
+++ b/util/net_help.c
@@ -43,12 +43,14 @@
 #include "util/data/dname.h"
 #include "util/module.h"
 #include "util/regional.h"
+#include "util/config_file.h"
 #include "sldns/parseutil.h"
 #include "sldns/wire2str.h"
 #include <fcntl.h>
 #ifdef HAVE_OPENSSL_SSL_H
 #include <openssl/ssl.h>
 #include <openssl/evp.h>
+#include <openssl/rand.h>
 #endif
 #ifdef HAVE_OPENSSL_ERR_H
 #include <openssl/err.h>
@@ -1106,17 +1108,18 @@ int listen_sslctx_setup_ticket_keys(void* sslctx, struct config_strlist* tls_ses
                s++;
        }
        keys = calloc(s, sizeof(struct tls_session_ticket_key));
-       memset(keys, 0, sizeof(keys));
+       memset(keys, 0, sizeof(*keys));
        ticket_keys = keys;
 
        for(p = tls_session_ticket_keys; p; p = p->next) {
+               int n;
                unsigned char *data = (unsigned char *)malloc(80);
                FILE *f = fopen(p->str, "r");
                if(!f) {
                        log_err("could not read tls-session-ticket-key  %s: %s", p->str, strerror(errno));
                        return 0;
                }
-               int n = fread(data, 1, 80, f);
+               n = fread(data, 1, 80, f);
                fclose(f);
 
                if(n != 80) {
@@ -1132,7 +1135,7 @@ int listen_sslctx_setup_ticket_keys(void* sslctx, struct config_strlist* tls_ses
        }
        keys->key_name = NULL;
     if(SSL_CTX_set_tlsext_ticket_key_cb(sslctx, tls_session_ticket_key_cb) == 0) {
-               log_err("not support TLS session ticket");
+               log_err("no support for TLS session ticket");
                return 0;
     }
     return 1;
@@ -1142,7 +1145,7 @@ int listen_sslctx_setup_ticket_keys(void* sslctx, struct config_strlist* tls_ses
 
 }
 
-int tls_session_ticket_key_cb(void *sslctx, unsigned char* key_name,unsigned char* iv, void *evp_sctx, void *hmac_ctx, int enc)
+int tls_session_ticket_key_cb(void *ATTR_UNUSED(sslctx), unsigned char* key_name,unsigned char* iv, void *evp_sctx, void *hmac_ctx, int enc)
 {
 #ifdef HAVE_SSL
     const EVP_MD                  *digest;
@@ -1152,7 +1155,7 @@ int tls_session_ticket_key_cb(void *sslctx, unsigned char* key_name,unsigned cha
        cipher = EVP_aes_256_cbc();
        evp_chiper_length = EVP_CIPHER_iv_length(cipher);
        if( enc == 1 ) {
-               // encrypt
+               /* encrypt */
                verbose(VERB_CLIENT, "start session encrypt");
                memcpy(key_name, ticket_keys->key_name, 16);
                if (RAND_bytes(iv, evp_chiper_length) != 1) {
@@ -1169,9 +1172,9 @@ int tls_session_ticket_key_cb(void *sslctx, unsigned char* key_name,unsigned cha
         }
         return 1;
     } else if (enc == 0) {
-               //decrypt
-               verbose(VERB_CLIENT, "start session decrypt");
+               /* decrypt */
                struct tls_session_ticket_key *key;
+               verbose(VERB_CLIENT, "start session decrypt");
                for(key = ticket_keys; key->key_name != NULL; key++) {
                if (!memcmp(key_name, key->key_name, 16)) {
                                verbose(VERB_CLIENT, "Found session_key");
@@ -1199,4 +1202,4 @@ int tls_session_ticket_key_cb(void *sslctx, unsigned char* key_name,unsigned cha
        return 0;
 #endif
 
-}
\ No newline at end of file
+}

diff --git a/util/net_help.h b/util/net_help.h
index d3dc04e5280bb14f92e508cb4ee2dfa603872548..6c6707677c61087c16fd896161c0f59293609e13 100644 (file)
--- a/util/net_help.h
+++ b/util/net_help.h
@@ -42,9 +42,9 @@
 #ifndef NET_HELP_H
 #define NET_HELP_H
 #include "util/log.h"
-#include "util/config_file.h"
 struct sock_list;
 struct regional;
+struct config_strlist;
 
 /** DNS constants for uint16_t style flag manipulation. host byteorder. 
  *                                1  1  1  1  1  1