Attention is currently required from: plaisthos.
Hello plaisthos,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/1133?usp=email
to review the following change.
Change subject: Handle return type of EVP_MD_size
......................................................................
Handle return type of EVP_MD_size
Return type is int, but we often use it in contexts
where we expect size_t. So just cast it. Nothing else
to do really.
Change-Id: I22b93c807f1be99fab450708f686fce4aa6d5cef
Signed-off-by: Frank Lichtenheld <fr...@li...>
---
M src/openvpn/crypto_openssl.c
M src/openvpn/ssl_verify_openssl.c
M src/openvpn/xkey_helper.c
3 files changed, 5 insertions(+), 5 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/33/1133/1
diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c
index 4fb6393..2351bfd 100644
--- a/src/openvpn/crypto_openssl.c
+++ b/src/openvpn/crypto_openssl.c
@@ -1273,7 +1273,7 @@
/* We need to make a copy of the key since the OSSL parameters
* only reference it */
- memcpy(ctx->key, key, EVP_MD_size(kt));
+ memcpy(ctx->key, key, (size_t)EVP_MD_size(kt));
/* Lookup/setting of parameters in OpenSSL 3.0 are string based
*
@@ -1282,7 +1282,7 @@
* the constness away here.
*/
ctx->params[0] = OSSL_PARAM_construct_utf8_string("digest", (char *)EVP_MD_get0_name(kt), 0);
- ctx->params[1] = OSSL_PARAM_construct_octet_string("key", ctx->key, EVP_MD_size(kt));
+ ctx->params[1] = OSSL_PARAM_construct_octet_string("key", ctx->key, (size_t)EVP_MD_size(kt));
ctx->params[2] = OSSL_PARAM_construct_end();
if (!EVP_MAC_init(ctx->ctx, NULL, 0, ctx->params))
diff --git a/src/openvpn/ssl_verify_openssl.c b/src/openvpn/ssl_verify_openssl.c
index 1d83dfe..22659aa 100644
--- a/src/openvpn/ssl_verify_openssl.c
+++ b/src/openvpn/ssl_verify_openssl.c
@@ -341,7 +341,7 @@
x509_get_sha1_fingerprint(X509 *cert, struct gc_arena *gc)
{
const EVP_MD *sha1 = EVP_sha1();
- struct buffer hash = alloc_buf_gc(EVP_MD_size(sha1), gc);
+ struct buffer hash = alloc_buf_gc((size_t)EVP_MD_size(sha1), gc);
X509_digest(cert, EVP_sha1(), BPTR(&hash), NULL);
ASSERT(buf_inc_len(&hash, EVP_MD_size(sha1)));
return hash;
@@ -351,7 +351,7 @@
x509_get_sha256_fingerprint(X509 *cert, struct gc_arena *gc)
{
const EVP_MD *sha256 = EVP_sha256();
- struct buffer hash = alloc_buf_gc(EVP_MD_size(sha256), gc);
+ struct buffer hash = alloc_buf_gc((size_t)EVP_MD_size(sha256), gc);
X509_digest(cert, EVP_sha256(), BPTR(&hash), NULL);
ASSERT(buf_inc_len(&hash, EVP_MD_size(sha256)));
return hash;
diff --git a/src/openvpn/xkey_helper.c b/src/openvpn/xkey_helper.c
index 3820808..9541a7c 100644
--- a/src/openvpn/xkey_helper.c
+++ b/src/openvpn/xkey_helper.c
@@ -351,7 +351,7 @@
}
}
- if (tbslen != EVP_MD_size(EVP_get_digestbyname(mdname)))
+ if (tbslen != (size_t)EVP_MD_size(EVP_get_digestbyname(mdname)))
{
msg(M_WARN, "Error: encode_pkcs11: invalid input length <%zu>", tbslen);
goto done;
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1133?usp=email
To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I22b93c807f1be99fab450708f686fce4aa6d5cef
Gerrit-Change-Number: 1133
Gerrit-PatchSet: 1
Gerrit-Owner: flichtenheld <fr...@li...>
Gerrit-Reviewer: plaisthos <arn...@rf...>
Gerrit-CC: openvpn-devel <ope...@li...>
Gerrit-Attention: plaisthos <arn...@rf...>
Gerrit-MessageType: newchange
|
