Menu
▾
▴
[Openvpn-devel] [L] Change in openvpn[master]: Enable -Wconversion -Wno-sign-conversion by default
|
From: flichtenheld (C. Review) <ge...@op...> - 2025-09-03 16:19:19
|
Attention is currently required from: plaisthos.
Hello plaisthos,
I'd like you to reexamine a change. Please visit
http://gerrit.openvpn.net/c/openvpn/+/1168?usp=email
to look at the new patch set (#2).
Change subject: Enable -Wconversion -Wno-sign-conversion by default
......................................................................
Enable -Wconversion -Wno-sign-conversion by default
Grand-father all known locations of existing errors,
so that -Werror builds still pass and we do not spam
build logs.
Still, this should give us a much better roadmap to
work on these issues one by one while still enabling
the warnings for a lot of code-paths.
In general I did go for least amount of pragmas, so
usually there is only one override per file, covering
ALL of the failures in that file. While this protects
a lot of code that doesn't need it, it also cut down
the amount of pragmas by a lot.
This does cover gcc builds including mingw and clang
builds. Does not cover MSVC.
Once the amount of issues has been suitable reduced
more warnings could be enabled.
Change-Id: Iad5b00c35a1f1993b1fa99e8b945ab17b230ef59
Signed-off-by: Frank Lichtenheld <fr...@li...>
---
M CMakeLists.txt
M configure.ac
M src/openvpn/base64.c
M src/openvpn/buffer.h
M src/openvpn/comp-lz4.c
M src/openvpn/console_builtin.c
M src/openvpn/crypto.c
M src/openvpn/crypto_epoch.c
M src/openvpn/crypto_mbedtls.c
M src/openvpn/crypto_openssl.c
M src/openvpn/cryptoapi.c
M src/openvpn/dco.c
M src/openvpn/dco_freebsd.c
M src/openvpn/dco_linux.c
M src/openvpn/dco_win.c
M src/openvpn/dhcp.c
M src/openvpn/event.c
M src/openvpn/forward.c
M src/openvpn/gremlin.c
M src/openvpn/httpdigest.c
M src/openvpn/init.c
M src/openvpn/interval.c
M src/openvpn/lzo.c
M src/openvpn/manage.c
M src/openvpn/mbuf.c
M src/openvpn/misc.c
M src/openvpn/mroute.c
M src/openvpn/mtcp.c
M src/openvpn/mtu.c
M src/openvpn/mudp.c
M src/openvpn/multi.c
M src/openvpn/networking_sitnl.c
M src/openvpn/ntlm.c
M src/openvpn/occ.c
M src/openvpn/openssl_compat.h
M src/openvpn/options.c
M src/openvpn/options_util.c
M src/openvpn/otime.c
M src/openvpn/otime.h
M src/openvpn/packet_id.c
M src/openvpn/packet_id.h
M src/openvpn/pkcs11.c
M src/openvpn/pkcs11_openssl.c
M src/openvpn/proxy.c
M src/openvpn/ps.c
M src/openvpn/push.c
M src/openvpn/push_util.c
M src/openvpn/reliable.c
M src/openvpn/schedule.c
M src/openvpn/socket.c
M src/openvpn/socks.c
M src/openvpn/ssl.c
M src/openvpn/ssl_mbedtls.c
M src/openvpn/ssl_ncp.c
M src/openvpn/ssl_openssl.c
M src/openvpn/ssl_pkt.c
M src/openvpn/ssl_util.c
M src/openvpn/ssl_verify.c
M src/openvpn/ssl_verify_mbedtls.c
M src/openvpn/ssl_verify_openssl.c
M src/openvpn/status.c
M src/openvpn/tls_crypt.c
M src/openvpn/tun.c
M src/openvpn/win32.c
M src/openvpnserv/interactive.c
M tests/unit_tests/openvpn/test_crypto.c
M tests/unit_tests/openvpn/test_misc.c
67 files changed, 594 insertions(+), 4 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/68/1168/2
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 35513e9..8e93653 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -113,8 +113,7 @@
check_and_add_compiler_flag(-Wno-stringop-truncation NoStringOpTruncation)
check_and_add_compiler_flag(-Wstrict-prototypes StrictPrototypes)
check_and_add_compiler_flag(-Wold-style-definition OldStyleDefinition)
- # We are not ready for this
- #add_compile_options(-Wconversion -Wno-sign-conversion -Wsign-compare)
+ add_compile_options(-Wconversion -Wno-sign-conversion)
if (USE_WERROR)
add_compile_options(-Werror)
endif ()
diff --git a/configure.ac b/configure.ac
index 7059871..957205e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1396,6 +1396,7 @@
ACL_CHECK_ADD_COMPILE_FLAGS([-Wno-stringop-truncation])
ACL_CHECK_ADD_COMPILE_FLAGS([-Wstrict-prototypes])
ACL_CHECK_ADD_COMPILE_FLAGS([-Wold-style-definition])
+ACL_CHECK_ADD_COMPILE_FLAGS([-Wconversion -Wno-sign-conversion])
ACL_CHECK_ADD_COMPILE_FLAGS([-Wall])
if test "${enable_pedantic}" = "yes"; then
diff --git a/src/openvpn/base64.c b/src/openvpn/base64.c
index 54d5b79..2a5a46d 100644
--- a/src/openvpn/base64.c
+++ b/src/openvpn/base64.c
@@ -41,6 +41,11 @@
#include "memdbg.h"
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static char base64_chars[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
/*
* base64 encode input data of length size to malloced
@@ -197,3 +202,7 @@
}
return q - (unsigned char *)data;
}
+
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
diff --git a/src/openvpn/buffer.h b/src/openvpn/buffer.h
index 1405667..11a91be 100644
--- a/src/openvpn/buffer.h
+++ b/src/openvpn/buffer.h
@@ -119,7 +119,6 @@
struct gc_entry_special *list_special;
};
-
#define BPTR(buf) (buf_bptr(buf))
#define BEND(buf) (buf_bend(buf))
#define BLAST(buf) (buf_blast(buf))
diff --git a/src/openvpn/comp-lz4.c b/src/openvpn/comp-lz4.c
index 6736469..a78c664 100644
--- a/src/openvpn/comp-lz4.c
+++ b/src/openvpn/comp-lz4.c
@@ -88,6 +88,11 @@
compv2_escape_data_ifneeded(buf);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static void
do_lz4_decompress(size_t zlen_max, struct buffer *work, struct buffer *buf,
struct compress_context *compctx)
@@ -113,6 +118,10 @@
*buf = *work;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
static void
lz4_decompress(struct buffer *buf, struct buffer work, struct compress_context *compctx,
const struct frame *frame)
diff --git a/src/openvpn/console_builtin.c b/src/openvpn/console_builtin.c
index b0228dd..71c0025 100644
--- a/src/openvpn/console_builtin.c
+++ b/src/openvpn/console_builtin.c
@@ -45,6 +45,11 @@
#include "win32.h"
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/**
* Get input from a Windows console.
*
@@ -134,6 +139,10 @@
return false;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
#endif /* _WIN32 */
@@ -264,6 +273,10 @@
return ret;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
/**
* @copydoc query_user_exec()
@@ -296,3 +309,7 @@
return ret;
}
+
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c
index a63e543..804d2ad 100644
--- a/src/openvpn/crypto.c
+++ b/src/openvpn/crypto.c
@@ -186,6 +186,11 @@
return;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static void
openvpn_encrypt_v1(struct buffer *buf, struct buffer work, struct crypto_options *opt)
{
@@ -1532,6 +1537,10 @@
gc_free(&gc);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
int
write_key_file(const int nkeys, const char *filename)
{
diff --git a/src/openvpn/crypto_epoch.c b/src/openvpn/crypto_epoch.c
index b5cbc8d..7026ff8 100644
--- a/src/openvpn/crypto_epoch.c
+++ b/src/openvpn/crypto_epoch.c
@@ -72,6 +72,11 @@
hmac_ctx_free(hmac_ctx);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
bool
ovpn_expand_label(const uint8_t *secret, size_t secret_len, const uint8_t *label, size_t label_len,
const uint8_t *context, size_t context_len, uint8_t *out, uint16_t out_len)
@@ -163,6 +168,10 @@
key->epoch = epoch_key->epoch;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
static void
epoch_init_send_key_ctx(struct crypto_options *co)
{
diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c
index 86317dd..40978d9 100644
--- a/src/openvpn/crypto_mbedtls.c
+++ b/src/openvpn/crypto_mbedtls.c
@@ -230,6 +230,11 @@
"available\n");
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
bool
crypto_pem_encode(const char *name, struct buffer *dst, const struct buffer *src,
struct gc_arena *gc)
@@ -760,6 +765,9 @@
return 1;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
/*
*
diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
index 4fb6393..d82269c 100644
--- a/src/openvpn/crypto_openssl.c
+++ b/src/openvpn/crypto_openssl.c
@@ -895,6 +895,10 @@
return EVP_CIPHER_CTX_mode(ctx);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
bool
cipher_ctx_mode_cbc(const cipher_ctx_t *ctx)
@@ -999,6 +1003,9 @@
return cipher_ctx_final(ctx, dst, dst_len);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
/*
*
diff --git a/src/openvpn/cryptoapi.c b/src/openvpn/cryptoapi.c
index d91d9a1..bba6ed2 100644
--- a/src/openvpn/cryptoapi.c
+++ b/src/openvpn/cryptoapi.c
@@ -62,7 +62,7 @@
return 0;
}
-#else /* HAVE_XKEY_PROVIDER */
+#else /* HAVE_XKEY_PROVIDER */
static XKEY_EXTERNAL_SIGN_fn xkey_cng_sign;
@@ -342,6 +342,11 @@
return rv;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/** Sign hash in tbs using EC key in cd and NCryptSignHash */
static int
xkey_cng_ec_sign(CAPI_DATA *cd, unsigned char *sig, size_t *siglen, const unsigned char *tbs,
@@ -438,6 +443,10 @@
return (*siglen > 0);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
/** Dispatch sign op to xkey_cng_<rsa/ec>_sign */
static int
xkey_cng_sign(void *handle, unsigned char *sig, size_t *siglen, const unsigned char *tbs,
diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c
index 1abebbb..fc45e67 100644
--- a/src/openvpn/dco.c
+++ b/src/openvpn/dco.c
@@ -491,6 +491,11 @@
return true;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
int
dco_p2p_add_new_peer(struct context *c)
{
@@ -645,6 +650,10 @@
return 0;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
void
dco_install_iroute(struct multi_context *m, struct multi_instance *mi, struct mroute_addr *addr)
{
diff --git a/src/openvpn/dco_freebsd.c b/src/openvpn/dco_freebsd.c
index 931f9f6..0bdad14 100644
--- a/src/openvpn/dco_freebsd.c
+++ b/src/openvpn/dco_freebsd.c
@@ -72,6 +72,11 @@
return (nvl);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static bool
nvlist_to_sockaddr(const nvlist_t *nvl, struct sockaddr_storage *ss)
{
@@ -854,6 +859,10 @@
return 0;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
int
dco_get_peer_stats(struct context *c, const bool raise_sigusr1_on_err)
{
diff --git a/src/openvpn/dco_linux.c b/src/openvpn/dco_linux.c
index 40674e7..3b08f33 100644
--- a/src/openvpn/dco_linux.c
+++ b/src/openvpn/dco_linux.c
@@ -62,6 +62,11 @@
typedef int (*ovpn_nl_cb)(struct nl_msg *msg, void *arg);
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/**
* @brief resolves the netlink ID for ovpn-dco
*
@@ -1298,4 +1303,8 @@
return "AES-128-GCM:AES-256-GCM:AES-192-GCM:CHACHA20-POLY1305";
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
#endif /* defined(ENABLE_DCO) && defined(TARGET_LINUX) */
diff --git a/src/openvpn/dco_win.c b/src/openvpn/dco_win.c
index 01ba017..1dc5cf8 100644
--- a/src/openvpn/dco_win.c
+++ b/src/openvpn/dco_win.c
@@ -525,6 +525,11 @@
return 0;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
int
dco_new_key(dco_context_t *dco, unsigned int peerid, int keyid, dco_key_slot_t slot,
const uint8_t *encrypt_key, const uint8_t *encrypt_iv, const uint8_t *decrypt_key,
@@ -564,6 +569,11 @@
}
return 0;
}
+
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
int
dco_del_key(dco_context_t *dco, unsigned int peerid, dco_key_slot_t slot)
{
diff --git a/src/openvpn/dhcp.c b/src/openvpn/dhcp.c
index 7abade5..38e8d40 100644
--- a/src/openvpn/dhcp.c
+++ b/src/openvpn/dhcp.c
@@ -72,6 +72,11 @@
return -1;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static in_addr_t
do_extract(struct dhcp *dhcp, int optlen)
{
@@ -185,3 +190,7 @@
}
return 0;
}
+
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
diff --git a/src/openvpn/event.c b/src/openvpn/event.c
index 581bdbb..2f60b78 100644
--- a/src/openvpn/event.c
+++ b/src/openvpn/event.c
@@ -65,6 +65,11 @@
#define SELECT_MAX_FDS 256
#endif
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static inline int
tv_to_ms_timeout(const struct timeval *tv)
{
@@ -78,6 +83,10 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
#ifdef _WIN32
struct we_set
diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c
index 03b6a0c..5dc244a 100644
--- a/src/openvpn/forward.c
+++ b/src/openvpn/forward.c
@@ -367,6 +367,11 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
bool
send_control_channel_string_dowork(struct tls_session *session, const char *str, int msglevel)
{
@@ -1965,6 +1970,10 @@
perf_pop();
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
void
pre_select(struct context *c)
{
diff --git a/src/openvpn/gremlin.c b/src/openvpn/gremlin.c
index e6ebbef..0e5e93f 100644
--- a/src/openvpn/gremlin.c
+++ b/src/openvpn/gremlin.c
@@ -98,6 +98,11 @@
return (get_random() % n) == 0;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/*
* Return uniformly distributed random number between
* low and high.
@@ -229,4 +234,9 @@
}
}
}
+
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
#endif /* ifdef ENABLE_DEBUG */
diff --git a/src/openvpn/httpdigest.c b/src/openvpn/httpdigest.c
index be20638..f665b17 100644
--- a/src/openvpn/httpdigest.c
+++ b/src/openvpn/httpdigest.c
@@ -61,6 +61,11 @@
Hex[HASHHEXLEN] = '\0';
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/* calculate H(A1) as per spec */
void
DigestCalcHA1(IN char *pszAlg, IN char *pszUserName, IN char *pszRealm, IN char *pszPassword,
@@ -145,4 +150,8 @@
CvtHex(RespHash, Response);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
#endif /* if PROXY_DIGEST_AUTH */
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index 39ea8e4..fcb3365 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -455,6 +455,11 @@
}
#endif /* ENABLE_MANAGEMENT */
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/*
* Initialize and possibly randomize the connection list.
*
@@ -3490,6 +3495,10 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
/*
* No encryption or authentication.
*/
diff --git a/src/openvpn/interval.c b/src/openvpn/interval.c
index 2b35314..fbefcd9 100644
--- a/src/openvpn/interval.c
+++ b/src/openvpn/interval.c
@@ -38,6 +38,11 @@
top->horizon = horizon;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
bool
event_timeout_trigger(struct event_timeout *et, struct timeval *tv, const int et_const_retry)
{
@@ -77,3 +82,7 @@
}
return ret;
}
+
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
diff --git a/src/openvpn/lzo.c b/src/openvpn/lzo.c
index 3a73d5f..8daaec0 100644
--- a/src/openvpn/lzo.c
+++ b/src/openvpn/lzo.c
@@ -72,6 +72,11 @@
*header = NO_COMPRESS_BYTE;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static void
lzo_decompress(struct buffer *buf, struct buffer work, struct compress_context *compctx,
const struct frame *frame)
@@ -121,6 +126,10 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
const struct compress_alg lzo_alg = { "lzo", lzo_compress_init, lzo_compress_uninit, lzo_compress,
lzo_decompress };
#endif /* ENABLE_LZO */
diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c
index 5b2a7de..207247e 100644
--- a/src/openvpn/manage.c
+++ b/src/openvpn/manage.c
@@ -203,6 +203,11 @@
return man->settings.up.defined && !man->connection.password_verified;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static void
man_check_password(struct management *man, const char *line)
{
@@ -4172,6 +4177,10 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
#else /* ifdef ENABLE_MANAGEMENT */
#include "win32.h"
diff --git a/src/openvpn/mbuf.c b/src/openvpn/mbuf.c
index 0750fec..448124c 100644
--- a/src/openvpn/mbuf.c
+++ b/src/openvpn/mbuf.c
@@ -34,6 +34,11 @@
#include "memdbg.h"
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
struct mbuf_set *
mbuf_init(unsigned int size)
{
@@ -44,6 +49,10 @@
return ret;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
void
mbuf_free(struct mbuf_set *ms)
{
diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c
index 59bf52b..e0fddac 100644
--- a/src/openvpn/misc.c
+++ b/src/openvpn/misc.c
@@ -105,6 +105,11 @@
return true;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/**
* Parses an authentication challenge string and returns an auth_challenge_info structure.
* The authentication challenge string should follow the dynamic challenge/response protocol.
@@ -461,6 +466,10 @@
return true;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
void
purge_user_pass(struct user_pass *up, const bool force)
{
diff --git a/src/openvpn/mroute.c b/src/openvpn/mroute.c
index ab01874..88ea647 100644
--- a/src/openvpn/mroute.c
+++ b/src/openvpn/mroute.c
@@ -103,6 +103,11 @@
return true;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static inline void
mroute_get_in_addr_t(struct mroute_addr *ma, const in_addr_t src, unsigned int mask)
{
@@ -547,6 +552,10 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
void
mroute_helper_free(struct mroute_helper *mh)
{
diff --git a/src/openvpn/mtcp.c b/src/openvpn/mtcp.c
index 81310a2..83edec6 100644
--- a/src/openvpn/mtcp.c
+++ b/src/openvpn/mtcp.c
@@ -45,6 +45,11 @@
unsigned int sock;
};
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
struct multi_instance *
multi_create_instance_tcp(struct multi_context *m, struct link_socket *sock)
{
@@ -120,6 +125,10 @@
return true;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
void
multi_tcp_instance_specific_free(struct multi_instance *mi)
{
diff --git a/src/openvpn/mtu.c b/src/openvpn/mtu.c
index a419e32..1e021e3 100644
--- a/src/openvpn/mtu.c
+++ b/src/openvpn/mtu.c
@@ -280,6 +280,11 @@
struct timeval tv;
};
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
const char *
format_extended_socket_error(int fd, int *mtu, struct gc_arena *gc)
{
@@ -389,6 +394,10 @@
return BSTR(&out);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
void
set_sock_extended_error_passing(int sd, sa_family_t proto_af)
{
diff --git a/src/openvpn/mudp.c b/src/openvpn/mudp.c
index 31134be..a373a6a 100644
--- a/src/openvpn/mudp.c
+++ b/src/openvpn/mudp.c
@@ -180,6 +180,11 @@
return false;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/*
* Get a client instance based on real address. If
* the instance doesn't exist, create it while
@@ -310,6 +315,10 @@
return mi;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
/*
* Send a packet to UDP socket.
*/
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index f1abdbe..053e779 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -279,6 +279,11 @@
}
#endif
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/*
* Main initialization function, init multi_context object.
*/
@@ -3986,6 +3991,10 @@
return count;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
static void
management_delete_event(void *arg, event_t event)
{
diff --git a/src/openvpn/networking_sitnl.c b/src/openvpn/networking_sitnl.c
index 4210e92..168401f 100644
--- a/src/openvpn/networking_sitnl.c
+++ b/src/openvpn/networking_sitnl.c
@@ -130,6 +130,11 @@
inet_address_t gw;
};
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/**
* Helper function used to easily add attributes to a rtnl message
*/
@@ -1461,6 +1466,10 @@
return sitnl_send(&req.n, 0, 0, NULL, NULL);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
#endif /* !ENABLE_SITNL */
#endif /* TARGET_LINUX */
diff --git a/src/openvpn/ntlm.c b/src/openvpn/ntlm.c
index c2a93e8..521677b 100644
--- a/src/openvpn/ntlm.c
+++ b/src/openvpn/ntlm.c
@@ -74,6 +74,11 @@
hmac_ctx_free(hmac_ctx);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static void
gen_timestamp(uint8_t *timestamp)
{
@@ -383,4 +388,8 @@
return ((const char *)make_base64_string2((unsigned char *)phase3, phase3_bufpos, gc));
}
+
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
#endif /* if NTLM */
diff --git a/src/openvpn/occ.c b/src/openvpn/occ.c
index 8821a06..78013ae 100644
--- a/src/openvpn/occ.c
+++ b/src/openvpn/occ.c
@@ -174,6 +174,11 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
void
check_send_occ_load_test_dowork(struct context *c)
{
@@ -347,6 +352,10 @@
c->c2.occ_op = -1;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
void
process_received_occ_msg(struct context *c)
{
diff --git a/src/openvpn/openssl_compat.h b/src/openvpn/openssl_compat.h
index 143a3cf..6607f2d 100644
--- a/src/openvpn/openssl_compat.h
+++ b/src/openvpn/openssl_compat.h
@@ -194,12 +194,21 @@
LIBRESSL_VERSION_NUMBER > 0x3050400fL) */
#if OPENSSL_VERSION_NUMBER < 0x30200000L && OPENSSL_VERSION_NUMBER >= 0x30000000L
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static inline const char *
SSL_get0_group_name(SSL *s)
{
int nid = SSL_get_negotiated_group(s);
return SSL_group_to_name(s, nid);
}
+
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
#endif
#endif /* OPENSSL_COMPAT_H_ */
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index a268b92..1ed5966 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -1158,6 +1158,11 @@
return get_ipv6_addr(ipv6_prefix_spec, &t_addr, &t_bits, M_WARN);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static char *
string_substitute(const char *src, int from, int to, struct gc_arena *gc)
{
@@ -9908,6 +9913,10 @@
gc_free(&gc);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
bool
has_udp_in_local_list(const struct options *options)
{
diff --git a/src/openvpn/options_util.c b/src/openvpn/options_util.c
index be1eefc..15a1c0c 100644
--- a/src/openvpn/options_util.c
+++ b/src/openvpn/options_util.c
@@ -146,6 +146,11 @@
return (int)i;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
bool
atoi_constrained(const char *str, int *value, const char *name, int min, int max, int msglevel)
{
@@ -177,6 +182,10 @@
return true;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
static const char *updatable_options[] = { "block-ipv6", "block-outside-dns",
"dhcp-option", "dns",
"ifconfig", "ifconfig-ipv6",
diff --git a/src/openvpn/otime.c b/src/openvpn/otime.c
index 717f749..d9bf157 100644
--- a/src/openvpn/otime.c
+++ b/src/openvpn/otime.c
@@ -100,6 +100,11 @@
/* format a time_t as ascii, or use current time if 0 */
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
const char *
time_string(time_t t, long usec, bool show_usec, struct gc_arena *gc)
{
@@ -130,6 +135,10 @@
return BSTR(&out);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
/*
* Limit the frequency of an event stream.
*
diff --git a/src/openvpn/otime.h b/src/openvpn/otime.h
index 5c700bb..108d0f2 100644
--- a/src/openvpn/otime.h
+++ b/src/openvpn/otime.h
@@ -59,6 +59,11 @@
extern time_t now_usec;
void update_now_usec(struct timeval *tv);
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static inline int
openvpn_gettimeofday(struct timeval *tv, void *tz)
{
@@ -236,6 +241,10 @@
dest->tv_usec = usec;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
#define TV_WITHIN_SIGMA_MAX_SEC 600
#define TV_WITHIN_SIGMA_MAX_USEC (TV_WITHIN_SIGMA_MAX_SEC * 1000000)
diff --git a/src/openvpn/packet_id.c b/src/openvpn/packet_id.c
index 09696db..0b33c9c 100644
--- a/src/openvpn/packet_id.c
+++ b/src/openvpn/packet_id.c
@@ -71,6 +71,11 @@
#endif
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static void
packet_id_init_recv(struct packet_id_rec *rec, int seq_backtrack, int time_backtrack,
const char *name, int unit)
@@ -662,6 +667,10 @@
return epoch;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
bool
packet_id_write_epoch(struct packet_id_send *p, uint16_t epoch, struct buffer *buf)
{
diff --git a/src/openvpn/packet_id.h b/src/openvpn/packet_id.h
index a7eb256..e9d3647 100644
--- a/src/openvpn/packet_id.h
+++ b/src/openvpn/packet_id.h
@@ -280,6 +280,11 @@
return p->fd >= 0;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/* transfer packet_id -> packet_id_persist */
static inline void
packet_id_persist_save_obj(struct packet_id_persist *p, const struct packet_id *pid)
@@ -291,6 +296,10 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
/**
* Reset the current send packet id to its initial state.
* Use very carefully (e.g. in the standalone reset packet context) to
diff --git a/src/openvpn/pkcs11.c b/src/openvpn/pkcs11.c
index dfc87f6..25071e2 100644
--- a/src/openvpn/pkcs11.c
+++ b/src/openvpn/pkcs11.c
@@ -426,6 +426,11 @@
return count;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
bool
pkcs11_management_id_get(const int index, char **id, char **base64)
{
@@ -558,6 +563,10 @@
return success;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
int
tls_ctx_use_pkcs11(struct tls_root_ctx *const ssl_ctx, bool pkcs11_id_management,
const char *const pkcs11_id)
diff --git a/src/openvpn/pkcs11_openssl.c b/src/openvpn/pkcs11_openssl.c
index a912747..70349aa 100644
--- a/src/openvpn/pkcs11_openssl.c
+++ b/src/openvpn/pkcs11_openssl.c
@@ -428,6 +428,11 @@
return dn;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
int
pkcs11_certificate_serial(pkcs11h_certificate_t certificate, char *serial, size_t serial_len)
{
@@ -468,4 +473,9 @@
return ret;
}
+
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
#endif /* defined(ENABLE_PKCS11) && defined(ENABLE_OPENSSL) */
diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c
index 054cc79..f19dc44 100644
--- a/src/openvpn/proxy.c
+++ b/src/openvpn/proxy.c
@@ -54,6 +54,11 @@
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/* cached proxy username/password */
static struct user_pass static_proxy_user_pass;
@@ -1063,3 +1068,7 @@
gc_free(&gc);
return ret;
}
+
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
diff --git a/src/openvpn/ps.c b/src/openvpn/ps.c
index eae03e3..4286482 100644
--- a/src/openvpn/ps.c
+++ b/src/openvpn/ps.c
@@ -327,6 +327,11 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/*
* Record IP/port of client in filesystem, so that server receiving
* the proxy can determine true client origin.
@@ -795,6 +800,10 @@
msg(M_INFO, "PORT SHARE PROXY: proxy exiting");
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
/*
* Called from the main OpenVPN process to enable the port
* share proxy.
diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index 4f6adfc..2748682 100644
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -429,6 +429,10 @@
gc_free(&gc);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
bool
send_auth_pending_messages(struct tls_multi *tls_multi, struct tls_session *session,
@@ -1082,6 +1086,10 @@
return ret;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
int
process_incoming_push_msg(struct context *c, const struct buffer *buffer,
bool honor_received_options, unsigned int permission_mask,
diff --git a/src/openvpn/push_util.c b/src/openvpn/push_util.c
index 0862a74..98558d2 100644
--- a/src/openvpn/push_util.c
+++ b/src/openvpn/push_util.c
@@ -4,6 +4,11 @@
#include "push.h"
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
int
process_incoming_push_update(struct context *c, unsigned int permission_mask,
unsigned int *option_types_found, struct buffer *buf)
@@ -35,3 +40,7 @@
return ret;
}
+
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
diff --git a/src/openvpn/reliable.c b/src/openvpn/reliable.c
index b4a747f..0c8b552 100644
--- a/src/openvpn/reliable.c
+++ b/src/openvpn/reliable.c
@@ -687,6 +687,11 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/* in how many seconds should we wake up to check for timeout */
/* if we return BIG_TIMEOUT, nothing to wait for */
interval_t
@@ -719,6 +724,10 @@
return ret;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
/*
* Enable an incoming buffer previously returned by a get function as active.
*/
diff --git a/src/openvpn/schedule.c b/src/openvpn/schedule.c
index c9fef24..1389889 100644
--- a/src/openvpn/schedule.c
+++ b/src/openvpn/schedule.c
@@ -65,6 +65,11 @@
}
#endif
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static inline void
schedule_set_pri(struct schedule_entry *e)
{
@@ -75,6 +80,10 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
/* This is the master key comparison routine. A key is
* simply a struct timeval containing the absolute time for
* an event. The unique treap priority (pri) is used to ensure
diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c
index 306170c..248c690 100644
--- a/src/openvpn/socket.c
+++ b/src/openvpn/socket.c
@@ -72,6 +72,11 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/*
* Functions related to the translation of DNS names to IP addresses.
*/
@@ -2448,6 +2453,10 @@
#endif
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
#if ENABLE_IP_PKTINFO
ssize_t
diff --git a/src/openvpn/socks.c b/src/openvpn/socks.c
index 481d3fb..11771d5 100644
--- a/src/openvpn/socks.c
+++ b/src/openvpn/socks.c
@@ -80,6 +80,11 @@
free(sp);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static bool
socks_username_password_auth(struct socks_proxy_info *p, socket_descriptor_t sd,
struct event_timeout *server_poll_timeout,
@@ -508,6 +513,10 @@
return;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
void
establish_socks_proxy_udpassoc(struct socks_proxy_info *p,
socket_descriptor_t ctrl_sd, /* already open to proxy */
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index b7db1e7..56829c9 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -180,6 +180,11 @@
frame->tun_mtu = max_int(frame->tun_mtu, TLS_CHANNEL_MTU_MIN);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/**
* calculate the maximum overhead that control channel frames have
* This includes header, op code and everything apart from the
@@ -3979,6 +3984,10 @@
ASSERT(buf_write_prepend(buf, &op, 1));
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
void
tls_prepend_opcode_v2(const struct tls_multi *multi, struct buffer *buf)
{
diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c
index 635b53c..f19db4c 100644
--- a/src/openvpn/ssl_mbedtls.c
+++ b/src/openvpn/ssl_mbedtls.c
@@ -585,6 +585,11 @@
return 0;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/**
* external_pkcs1_sign implements a mbed TLS rsa_sign_func callback, that uses
* the management interface to request an RSA signature for the supplied hash.
@@ -1004,6 +1009,10 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
int
tls_version_max(void)
{
diff --git a/src/openvpn/ssl_ncp.c b/src/openvpn/ssl_ncp.c
index 51f7f92..a4c1733 100644
--- a/src/openvpn/ssl_ncp.c
+++ b/src/openvpn/ssl_ncp.c
@@ -534,6 +534,11 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/**
* Replaces the string DEFAULT with the string \c replace.
*
@@ -566,6 +571,10 @@
o->ncp_ciphers = (char *)ncp_ciphers;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
/**
* Checks for availibility of Chacha20-Poly1305 and sets
* the ncp_cipher to either AES-256-GCM:AES-128-GCM or
diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
index aa1ac11..9e8a60c 100644
--- a/src/openvpn/ssl_openssl.c
+++ b/src/openvpn/ssl_openssl.c
@@ -272,6 +272,11 @@
return 0;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static bool
tls_ctx_set_tls_versions(struct tls_root_ctx *ctx, unsigned int ssl_flags)
{
@@ -424,6 +429,10 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
void
tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers)
{
diff --git a/src/openvpn/ssl_pkt.c b/src/openvpn/ssl_pkt.c
index 6ec05a7..825719c 100644
--- a/src/openvpn/ssl_pkt.c
+++ b/src/openvpn/ssl_pkt.c
@@ -160,6 +160,11 @@
}
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
void
write_control_auth(struct tls_session *session, struct key_state *ks, struct buffer *buf,
struct link_socket_actual **to_link_addr, int opcode, int max_ack,
@@ -495,6 +500,10 @@
return result.sid;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
bool
check_session_hmac_and_pkt_id(struct tls_pre_decrypt_state *state,
const struct openvpn_sockaddr *from,
diff --git a/src/openvpn/ssl_util.c b/src/openvpn/ssl_util.c
index 918a1f1..50e8c03 100644
--- a/src/openvpn/ssl_util.c
+++ b/src/openvpn/ssl_util.c
@@ -290,6 +290,11 @@
return NULL;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
int
get_num_elements(const char *string, char delimiter)
{
@@ -309,3 +314,7 @@
return element_count;
}
+
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c
index 6f85dca..10c343a 100644
--- a/src/openvpn/ssl_verify.c
+++ b/src/openvpn/ssl_verify.c
@@ -874,6 +874,11 @@
return supported;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/**
* Checks if the deferred state should also send auth pending
* request to the client. Also removes the auth_pending control file
@@ -945,6 +950,9 @@
return ret;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
/**
* Removes auth_pending and auth_control files from file system
diff --git a/src/openvpn/ssl_verify_mbedtls.c b/src/openvpn/ssl_verify_mbedtls.c
index cfcfb25..a2c702d 100644
--- a/src/openvpn/ssl_verify_mbedtls.c
+++ b/src/openvpn/ssl_verify_mbedtls.c
@@ -250,6 +250,11 @@
return FAILURE;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static struct buffer
x509_get_fingerprint(const mbedtls_md_info_t *md_info, mbedtls_x509_crt *cert, struct gc_arena *gc)
{
@@ -260,6 +265,10 @@
return fingerprint;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
struct buffer
x509_get_sha1_fingerprint(mbedtls_x509_crt *cert, struct gc_arena *gc)
{
diff --git a/src/openvpn/ssl_verify_openssl.c b/src/openvpn/ssl_verify_openssl.c
index 6de7e2a..122101c 100644
--- a/src/openvpn/ssl_verify_openssl.c
+++ b/src/openvpn/ssl_verify_openssl.c
@@ -667,6 +667,11 @@
return FAILURE;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
result_t
x509_verify_cert_ku(X509 *x509, const unsigned *const expected_ku, int expected_len)
{
@@ -726,6 +731,10 @@
return fFound;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
result_t
x509_verify_cert_eku(X509 *x509, const char *const expected_oid)
{
diff --git a/src/openvpn/status.c b/src/openvpn/status.c
index 34e5a2f..fbd2168 100644
--- a/src/openvpn/status.c
+++ b/src/openvpn/status.c
@@ -207,6 +207,11 @@
return ret;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
#define STATUS_PRINTF_MAXLEN 512
void
@@ -304,3 +309,7 @@
return ret;
}
+
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
diff --git a/src/openvpn/tls_crypt.c b/src/openvpn/tls_crypt.c
index 2892199..88689da 100644
--- a/src/openvpn/tls_crypt.c
+++ b/src/openvpn/tls_crypt.c
@@ -205,6 +205,11 @@
return false;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
bool
tls_crypt_unwrap(const struct buffer *src, struct buffer *dst, struct crypto_options *opt)
{
@@ -413,6 +418,10 @@
return buf_copy(wkc, &work);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
static bool
tls_crypt_v2_unwrap_client_key(struct key2 *client_key, struct buffer *metadata,
struct buffer wrapped_client_key, struct key_ctx *server_key)
diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c
index 6c3096b..b44aa81 100644
--- a/src/openvpn/tun.c
+++ b/src/openvpn/tun.c
@@ -2241,6 +2241,11 @@
free(tt);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
int
write_tun(struct tuntap *tt, uint8_t *buf, int len)
{
@@ -2253,6 +2258,10 @@
return read(tt->fd, buf, len);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
#elif defined(TARGET_SOLARIS)
#ifndef TUNNEWPPA
@@ -5514,6 +5523,11 @@
return ret;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/*
* Convert DHCP options from the command line / config file
* into a raw DHCP-format options string.
@@ -5653,6 +5667,10 @@
buf_write(buf, tmp_buf, len);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
static bool
build_dhcp_options_string(struct buffer *buf, const struct tuntap_options *o)
{
diff --git a/src/openvpn/win32.c b/src/openvpn/win32.c
index 15bcf37..eac2352 100644
--- a/src/openvpn/win32.c
+++ b/src/openvpn/win32.c
@@ -1418,6 +1418,11 @@
return (const char *)out.data;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
bool
send_msg_iservice(HANDLE pipe, const void *data, size_t size, ack_message_t *ack,
const char *context)
@@ -1632,4 +1637,8 @@
return ret;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
#endif /* ifdef _WIN32 */
diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c
index 0983e59..ce0d4dd 100644
--- a/src/openvpnserv/interactive.c
+++ b/src/openvpnserv/interactive.c
@@ -1383,6 +1383,11 @@
return TRUE;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
/**
* Prepare DNS domain "SearchList" registry value, so additional
* VPN domains can be added and its original state can be restored
@@ -2614,6 +2619,10 @@
return err;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
/**
* Return the registry key where NRPT rules are stored
*
diff --git a/tests/unit_tests/openvpn/test_crypto.c b/tests/unit_tests/openvpn/test_crypto.c
index 12ddaba..1e6ccc0 100644
--- a/tests/unit_tests/openvpn/test_crypto.c
+++ b/tests/unit_tests/openvpn/test_crypto.c
@@ -674,6 +674,11 @@
struct crypto_options co;
};
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static int
crypto_test_epoch_setup(void **state)
{
@@ -694,6 +699,10 @@
return 0;
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
static int
crypto_test_epoch_teardown(void **state)
{
diff --git a/tests/unit_tests/openvpn/test_misc.c b/tests/unit_tests/openvpn/test_misc.c
index c3f80dc..8a86d71 100644
--- a/tests/unit_tests/openvpn/test_misc.c
+++ b/tests/unit_tests/openvpn/test_misc.c
@@ -124,6 +124,11 @@
};
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wconversion"
+#endif
+
static uint32_t
word_hash_function(const void *key, uint32_t iv)
{
@@ -316,6 +321,10 @@
gc_free(&gc);
}
+#if defined(__GNUC__) || defined(__clang__)
+#pragma GCC diagnostic pop
+#endif
+
static void
test_atoi_variants(void **state)
{
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1168?usp=email
To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Iad5b00c35a1f1993b1fa99e8b945ab17b230ef59
Gerrit-Change-Number: 1168
Gerrit-PatchSet: 2
Gerrit-Owner: flichtenheld <fr...@li...>
Gerrit-Reviewer: plaisthos <arn...@rf...>
Gerrit-CC: openvpn-devel <ope...@li...>
Gerrit-Attention: plaisthos <arn...@rf...>
Gerrit-MessageType: newpatchset
|
