From fc00a3c92c5bd34c1f3a1cd8680fd12571f2b674 Mon Sep 17 00:00:00 2001 From: Frank Lichtenheld Date: Thu, 30 Oct 2025 15:52:26 +0100 Subject: [PATCH] ssl: Clean up type handling in export_user_keying_material() For this we actually change the API of the format_hex{,_ex} functions by changing int to size_t for length parameters. While we call this function with int paramters in a lot of places (usually BLEN), this will not produce warnings under -Wno-sign-conversion. And we're sure those values are positive since format_hex already uses size_t internally. Change-Id: Id7bacec23edc6dcd94465c308ea2144c7329a0c1 Signed-off-by: Frank Lichtenheld Acked-by: Gert Doering Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1301 Message-Id: <20251030145231.2792-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg34036.html Signed-off-by: Gert Doering --- src/openvpn/buffer.c | 5 ++--- src/openvpn/buffer.h | 4 ++-- src/openvpn/ssl.c | 16 ++++++++-------- 3 files changed, 12 insertions(+), 13 deletions(-) diff --git a/src/openvpn/buffer.c b/src/openvpn/buffer.c index 28de00fdb..293622f98 100644 --- a/src/openvpn/buffer.c +++ b/src/openvpn/buffer.c @@ -480,18 +480,17 @@ gc_transfer(struct gc_arena *dest, struct gc_arena *src) */ char * -format_hex_ex(const uint8_t *data, int size, int maxoutput, unsigned int space_break_flags, +format_hex_ex(const uint8_t *data, size_t size, size_t maxoutput, unsigned int space_break_flags, const char *separator, struct gc_arena *gc) { const size_t bytes_per_hexblock = space_break_flags & FHE_SPACE_BREAK_MASK; const size_t separator_len = separator ? strlen(separator) : 0; - static_assert(INT_MAX <= SIZE_MAX, "Code assumes INT_MAX <= SIZE_MAX"); const size_t out_len = maxoutput > 0 ? maxoutput : ((size * 2) + ((size / bytes_per_hexblock) * separator_len) + 2); struct buffer out = alloc_buf_gc(out_len, gc); - for (int i = 0; i < size; ++i) + for (size_t i = 0; i < size; ++i) { if (separator && i && !(i % bytes_per_hexblock)) { diff --git a/src/openvpn/buffer.h b/src/openvpn/buffer.h index 148cee061..ab2a29dc9 100644 --- a/src/openvpn/buffer.h +++ b/src/openvpn/buffer.h @@ -496,11 +496,11 @@ bool buf_parse(struct buffer *buf, const int delim, char *line, const int size); */ #define FHE_SPACE_BREAK_MASK 0xFF /* space_break parameter in lower 8 bits */ #define FHE_CAPS 0x100 /* output hex in caps */ -char *format_hex_ex(const uint8_t *data, int size, int maxoutput, unsigned int space_break_flags, +char *format_hex_ex(const uint8_t *data, size_t size, size_t maxoutput, unsigned int space_break_flags, const char *separator, struct gc_arena *gc); static inline char * -format_hex(const uint8_t *data, int size, int maxoutput, struct gc_arena *gc) +format_hex(const uint8_t *data, size_t size, size_t maxoutput, struct gc_arena *gc) { return format_hex_ex(data, size, maxoutput, 4, " ", gc); } diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 22a1f5251..48418372a 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -1829,11 +1829,6 @@ read_string(struct buffer *buf, char *str, const unsigned int capacity) return len; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wconversion" -#endif - static char * read_string_alloc(struct buffer *buf) { @@ -2174,15 +2169,15 @@ export_user_keying_material(struct tls_session *session) { if (session->opt->ekm_size > 0) { - unsigned int size = session->opt->ekm_size; + const size_t size = session->opt->ekm_size; struct gc_arena gc = gc_new(); - unsigned char *ekm = gc_malloc(session->opt->ekm_size, true, &gc); + unsigned char *ekm = gc_malloc(size, true, &gc); if (key_state_export_keying_material(session, session->opt->ekm_label, session->opt->ekm_label_size, ekm, session->opt->ekm_size)) { - unsigned int len = (size * 2) + 2; + const size_t len = (size * 2) + 2; const char *key = format_hex_ex(ekm, size, len, 0, NULL, &gc); setenv_str(session->opt->es, "exported_keying_material", key); @@ -2199,6 +2194,11 @@ export_user_keying_material(struct tls_session *session) } } +#if defined(__GNUC__) || defined(__clang__) +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wconversion" +#endif + /** * Handle reading key data, peer-info, username/password, OCC * from the TLS control channel (cleartext). -- 2.47.3