diff options
author | Daiki Ueno <ueno@gnu.org> | 2022-07-22 08:52:42 +0000 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2022-07-22 08:52:42 +0000 |
commit | e80b334563d648d86d654346ad49b1010974e7ad (patch) | |
tree | 160504ab52f16da8e404f644c0a19a152ae24ac9 | |
parent | 6709f8d11445a3a375e19fedc8a9edfb5b73ae30 (diff) | |
parent | 801283dccbd21e4a22c407dc578d1c4014716d68 (diff) | |
download | gnutls-e80b334563d648d86d654346ad49b1010974e7ad.tar.gz |
Merge branch 'wip/dueno/minor-f36' into 'master'
Suppress compile time warnings on Fedora 36
Closes #1386
See merge request gnutls/gnutls!1606
-rw-r--r-- | lib/crypto-selftests.c | 4 | ||||
-rw-r--r-- | lib/pubkey.c | 2 | ||||
-rw-r--r-- | lib/tpm2.c | 6 | ||||
-rw-r--r-- | lib/x509/privkey_pkcs8.c | 2 | ||||
-rw-r--r-- | src/certtool-common.h | 2 | ||||
-rw-r--r-- | src/tests.c | 8 | ||||
-rw-r--r-- | tests/resume-with-previous-stek.c | 2 | ||||
-rwxr-xr-x | tests/suite/testdane.sh | 10 | ||||
-rw-r--r-- | tests/utils.h | 6 |
9 files changed, 28 insertions, 14 deletions
diff --git a/lib/crypto-selftests.c b/lib/crypto-selftests.c index 57b50ac514..e51e0826f7 100644 --- a/lib/crypto-selftests.c +++ b/lib/crypto-selftests.c @@ -2064,7 +2064,9 @@ static int test_cipher_aead(gnutls_cipher_algorithm_t cipher, gnutls_assert_val (GNUTLS_E_SELF_TEST_ERROR); - if (s2 != vectors[i].plaintext_size && memcmp(tmp, vectors[i].plaintext, vectors[i].plaintext_size) != 0) { + if (s2 != vectors[i].plaintext_size || + (vectors[i].plaintext_size > 0 && + memcmp(tmp2, vectors[i].plaintext, vectors[i].plaintext_size) != 0)) { _gnutls_debug_log("%s test vector %d failed (decryption)!\n", gnutls_cipher_get_name(cipher), i); return gnutls_assert_val(GNUTLS_E_SELF_TEST_ERROR); diff --git a/lib/pubkey.c b/lib/pubkey.c index eba1f5b7b3..a0e5bc9456 100644 --- a/lib/pubkey.c +++ b/lib/pubkey.c @@ -505,7 +505,7 @@ gnutls_pubkey_parse_ecc_ecdh_params(const gnutls_datum_t *parameters, gnutls_ecc_curve_t *outcurve) { gnutls_ecc_curve_t curve = GNUTLS_ECC_CURVE_INVALID; - ASN1_TYPE asn1 = ASN1_TYPE_EMPTY; + asn1_node asn1 = NULL; unsigned int etype = ASN1_ETYPE_INVALID; char str[MAX_OID_SIZE]; int str_size; diff --git a/lib/tpm2.c b/lib/tpm2.c index 750eadc777..1c1b710893 100644 --- a/lib/tpm2.c +++ b/lib/tpm2.c @@ -118,9 +118,9 @@ static int ec_key_info(gnutls_privkey_t key, unsigned int flags, void *_info) return -1; } -static int decode_data(ASN1_TYPE n, gnutls_datum_t *r) +static int decode_data(asn1_node n, gnutls_datum_t *r) { - ASN1_DATA_NODE d; + asn1_data_node_st d; int lenlen; int result; @@ -147,7 +147,7 @@ static int decode_data(ASN1_TYPE n, gnutls_datum_t *r) int _gnutls_load_tpm2_key(gnutls_privkey_t pkey, const gnutls_datum_t *fdata) { gnutls_datum_t asn1, pubdata, privdata; - ASN1_TYPE tpmkey = ASN1_TYPE_EMPTY; + asn1_node tpmkey = NULL; char value_buf[16]; int value_buflen; bool emptyauth = false; diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c index 78c152a605..c22ece9456 100644 --- a/lib/x509/privkey_pkcs8.c +++ b/lib/x509/privkey_pkcs8.c @@ -1139,7 +1139,7 @@ _decode_pkcs8_eddsa_key(asn1_node pkcs8_asn, gnutls_x509_privkey_t pkey, const c } static int -_decode_pkcs8_modern_ecdh_key(ASN1_TYPE pkcs8_asn, gnutls_x509_privkey_t pkey, const char *oid) +_decode_pkcs8_modern_ecdh_key(asn1_node pkcs8_asn, gnutls_x509_privkey_t pkey, const char *oid) { int ret; gnutls_datum_t tmp; diff --git a/src/certtool-common.h b/src/certtool-common.h index db7b1bde3a..0c8c69540f 100644 --- a/src/certtool-common.h +++ b/src/certtool-common.h @@ -25,6 +25,7 @@ #include <gnutls/x509.h> #include <stdio.h> #include <stdbool.h> +#include "attribute.h" #define TYPE_CRT 1 #define TYPE_CRQ 2 @@ -176,6 +177,7 @@ void print_dsa_pkey(FILE * outfile, gnutls_datum_t * x, gnutls_datum_t * y, gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * g, int cprint); +ATTRIBUTE_MALLOC FILE *safe_open_rw(const char *file, int privkey_op); const char *get_password(common_info_st * cinfo, unsigned int *flags, diff --git a/src/tests.c b/src/tests.c index 7d1530b14c..85c4b66995 100644 --- a/src/tests.c +++ b/src/tests.c @@ -1591,6 +1591,7 @@ test_code_t test_chain_order(gnutls_session_t session) p_size = 0; pos = NULL; for (i=0;i<cert_list_size;i++) { + char *new_p; t.data = NULL; ret = gnutls_pem_base64_encode_alloc("CERTIFICATE", &cert_list[i], &t); if (ret < 0) { @@ -1598,7 +1599,12 @@ test_code_t test_chain_order(gnutls_session_t session) return TEST_FAILED; } - p = realloc(p, p_size+t.size+1); + new_p = realloc(p, p_size+t.size+1); + if (!new_p) { + free(p); + return TEST_FAILED; + } + p = new_p; pos = p + p_size; memcpy(pos, t.data, t.size); diff --git a/tests/resume-with-previous-stek.c b/tests/resume-with-previous-stek.c index 7e47389459..94f165627f 100644 --- a/tests/resume-with-previous-stek.c +++ b/tests/resume-with-previous-stek.c @@ -100,7 +100,7 @@ static int client_handshake(gnutls_session_t session, gnutls_datum_t *session_da static void client(int fd, int *resume, unsigned rounds, const char *prio) { gnutls_session_t session; - gnutls_datum_t session_data; + gnutls_datum_t session_data = { NULL, 0 }; gnutls_certificate_credentials_t clientx509cred = NULL; for (unsigned i = 0; i < rounds; i++) { diff --git a/tests/suite/testdane.sh b/tests/suite/testdane.sh index fac0427f49..a4c7634c92 100755 --- a/tests/suite/testdane.sh +++ b/tests/suite/testdane.sh @@ -39,7 +39,9 @@ fi echo "" echo "*** Testing good HTTPS hosts ***" # www.vulcano.cl dane.nox.su www.kumari.net -HOSTS="good.dane.verisignlabs.com www.freebsd.org torproject.org fedoraproject.org" +# used to work: good.dane.verisignlabs.com +# used to work: fedoraproject.org +HOSTS="www.freebsd.org torproject.org" #HOSTS="${HOSTS} nohats.ca" for host in ${HOSTS}; do @@ -84,8 +86,10 @@ echo "" echo "*** Testing bad HTTPS hosts ***" # Not ok # used to work: dane-broken.rd.nic.fr -HOSTS="bad-hash.dane.verisignlabs.com bad-params.dane.verisignlabs.com" -HOSTS="${HOSTS} bad-sig.dane.verisignlabs.com" +# used to work: bad-hash.dane.verisignlabs.com +# used to work: bad-params.dane.verisignlabs.com +# used to work: bad-sig.dane.verisignlabs.com +HOSTS="" for host in ${HOSTS}; do nc -w 5 "${host}" 443 >/dev/null <<_EOF diff --git a/tests/utils.h b/tests/utils.h index 8efe9d299f..d3a2ba8d16 100644 --- a/tests/utils.h +++ b/tests/utils.h @@ -75,11 +75,11 @@ extern const char *pkcs3_3072; _fail("%s:%d: "format, __func__, __LINE__, ##__VA_ARGS__) extern void _fail(const char *format, ...) - __attribute__ ((format(printf, 1, 2))); + __attribute__ ((format(printf, 1, 2))) __attribute__((__noreturn__)); extern void fail_ignore(const char *format, ...) - __attribute__ ((format(printf, 1, 2))); + __attribute__ ((format(printf, 1, 2))) __attribute__((__noreturn__)); extern void success(const char *format, ...) - __attribute__ ((format(printf, 1, 2))); + __attribute__ ((format(printf, 1, 2))); /* assumes test_name is defined */ #define test_fail(fmt, ...) \ |