sectransp: fix compiler warning c89 mixed code/declaration

Since cbf57176 the Cirrus CI 'macOS arm64 SecureTransport http2' has been failing due to c89 warnings mixed code/declaration. That commit is not the cause so I assume something has changed in the CI outside of our configuration. Anyway, we don't mix code/declaration so this is the fix for that. Closes https://github.com/curl/curl/pull/10574
author: Jay Satiro <raysatiro@yahoo.com> 2023-02-20 23:28:14 -0500
committer: Jay Satiro <raysatiro@yahoo.com> 2023-02-23 03:47:31 -0500
commit: 47129b2b4be50d829ffcfed8de18a9249a56a7d0 (patch)
tree: 15246c505f19ae31442af74ac9738f2b4b062fc7
parent: c52f7a894685edfffa07139ff2d48475aaca4e7b (diff)
download: curl-47129b2b4be50d829ffcfed8de18a9249a56a7d0.tar.gz
1 files changed, 15 insertions, 8 deletions
diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c
index 2e98169e2..b84d88860 100644
--- a/lib/vtls/sectransp.c
+++ b/lib/vtls/sectransp.c
@@ -2202,16 +2202,18 @@ static int append_cert_to_array(struct Curl_easy *data,
                                 const unsigned char *buf, size_t buflen,
                                 CFMutableArrayRef array)
 {
-    CFDataRef certdata = CFDataCreate(kCFAllocatorDefault, buf, buflen);
     char *certp;
     CURLcode result;
+    SecCertificateRef cacert;
+    CFDataRef certdata;
+
+    certdata = CFDataCreate(kCFAllocatorDefault, buf, buflen);
     if(!certdata) {
       failf(data, "SSL: failed to allocate array for CA certificate");
       return CURLE_OUT_OF_MEMORY;
     }
 
-    SecCertificateRef cacert =
-      SecCertificateCreateWithData(kCFAllocatorDefault, certdata);
+    cacert = SecCertificateCreateWithData(kCFAllocatorDefault, certdata);
     CFRelease(certdata);
     if(!cacert) {
       failf(data, "SSL: failed to create SecCertificate from CA certificate");
@@ -2425,11 +2427,15 @@ static CURLcode pkp_pin_peer_pubkey(struct Curl_easy *data,
 
   do {
     SecTrustRef trust;
-    OSStatus ret = SSLCopyPeerTrust(ctx, &trust);
+    OSStatus ret;
+    SecKeyRef keyRef;
+    OSStatus success;
+
+    ret = SSLCopyPeerTrust(ctx, &trust);
     if(ret != noErr || !trust)
       break;
 
-    SecKeyRef keyRef = SecTrustCopyPublicKey(trust);
+    keyRef = SecTrustCopyPublicKey(trust);
     CFRelease(trust);
     if(!keyRef)
       break;
@@ -2443,8 +2449,8 @@ static CURLcode pkp_pin_peer_pubkey(struct Curl_easy *data,
 
 #elif SECTRANSP_PINNEDPUBKEY_V2
 
-    OSStatus success = SecItemExport(keyRef, kSecFormatOpenSSL, 0, NULL,
-                                     &publicKeyBits);
+    success = SecItemExport(keyRef, kSecFormatOpenSSL, 0, NULL,
+                            &publicKeyBits);
     CFRelease(keyRef);
     if(success != errSecSuccess || !publicKeyBits)
       break;
@@ -2987,12 +2993,13 @@ static CURLcode sectransp_connect_step3(struct Curl_cfilter *cf,
                                         struct Curl_easy *data)
 {
   struct ssl_connect_data *connssl = cf->ctx;
+  CURLcode result;
 
   DEBUGF(LOG_CF(data, cf, "connect_step3"));
   /* There is no step 3!
    * Well, okay, let's collect server certificates, and if verbose mode is on,
    * let's print the details of the server certificates. */
-  const CURLcode result = collect_server_cert(cf, data);
+  result = collect_server_cert(cf, data);
   if(result)
     return result;
author	Jay Satiro <raysatiro@yahoo.com>	2023-02-20 23:28:14 -0500
committer	Jay Satiro <raysatiro@yahoo.com>	2023-02-23 03:47:31 -0500
commit	47129b2b4be50d829ffcfed8de18a9249a56a7d0 (patch)
tree	15246c505f19ae31442af74ac9738f2b4b062fc7
parent	c52f7a894685edfffa07139ff2d48475aaca4e7b (diff)
download	curl-47129b2b4be50d829ffcfed8de18a9249a56a7d0.tar.gz