From 125aab3c0ac4b7e6eadfd6974fb877fd874a358d Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Tue, 7 Aug 2018 09:52:55 +0200 Subject: use a consistent method to mark fall-through in switch cases Also document that method in contribution guide. Resolves #306 Signed-off-by: Nikos Mavrogiannopoulos --- CONTRIBUTING.md | 41 +++++++++++++++++++- lib/accelerated/x86/sha-padlock.c | 4 +- lib/ext/heartbeat.c | 4 +- lib/handshake-tls13.c | 60 +++++++++++++++--------------- lib/handshake.c | 78 +++++++++++++++++++-------------------- lib/nettle/pk.c | 4 +- lib/pkcs11.c | 3 +- lib/pubkey.c | 2 +- lib/record.c | 9 ++--- lib/tls13/post_handshake.c | 18 ++++----- lib/x509/pkcs12.c | 2 +- lib/x509/x509.c | 4 +- tests/tls13/key_update.c | 6 +-- tests/utils.h | 8 ++++ 14 files changed, 144 insertions(+), 99 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index e95f849b11..c5a02c61a6 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -140,8 +140,14 @@ The gnutls functions accept parameters in the order: 1. Input parameters 2. Output parameters -When data and size is expected, a gnutls_datum structure should be -used (or more precisely a pointer to the structure). +When data and size are expected as input, a const gnutls_datum_t structure +should be used (or more precisely a pointer to the structure). + +When data pointer and size are to be returned as output, a gnutls_datum_t +structure should be used. + +When output is to be copied to caller an array of fixed data should be +provided. # Callback function parameters: @@ -227,6 +233,37 @@ from entering the library (gnulib networking re-implements the windows network stack and causes issues to gnutls applications running on windows). +# Compiler warnings + +The compiler prints warnings for several reasons; these warnings are +also not constant in time, different versions of the same compiler may +warn about different issues. + +In GnuTLS we enable as many as possible warnings available in the compiler +via configure.ac. On certain cases however we silence or disable warnings +and the following subsections go case by case. + +## Switch unintended fall-through warnings + +These we silence by using the macro FALLTHROUGH under a switch +statement which intentionally falls through. Example: +``` +switch (session->internals.recv_state) { + case RECV_STATE_DTLS_RETRANSMIT: + ret = _dtls_retransmit(session); + if (ret < 0) + return gnutls_assert_val(ret); + + session->internals.recv_state = RECV_STATE_0; + FALLTHROUGH; + case RECV_STATE_0: + + _dtls_async_timer_check(session); + return 1; +} +``` + + # Symbol and library versioning The library uses the libtool versioning system, which in turn diff --git a/lib/accelerated/x86/sha-padlock.c b/lib/accelerated/x86/sha-padlock.c index 41602832a0..48e21125a4 100644 --- a/lib/accelerated/x86/sha-padlock.c +++ b/lib/accelerated/x86/sha-padlock.c @@ -120,10 +120,10 @@ _nettle_write_be32(unsigned length, uint8_t * dst, uint32_t * src) abort(); case 3: dst[--j] = (word >> 8) & 0xff; - /* Fall through */ + FALLTHROUGH; case 2: dst[--j] = (word >> 16) & 0xff; - /* Fall through */ + FALLTHROUGH; case 1: dst[--j] = (word >> 24) & 0xff; } diff --git a/lib/ext/heartbeat.c b/lib/ext/heartbeat.c index 13b7cf2e84..1b970fbc46 100644 --- a/lib/ext/heartbeat.c +++ b/lib/ext/heartbeat.c @@ -206,7 +206,7 @@ gnutls_heartbeat_ping(gnutls_session_t session, size_t data_size, session->internals.hb_local_data.length = data_size; session->internals.hb_state = SHB_SEND2; - /* fallthrough */ + FALLTHROUGH; case SHB_SEND2: session->internals.hb_actual_retrans_timeout_ms = session->internals.hb_retrans_timeout_ms; @@ -228,7 +228,7 @@ gnutls_heartbeat_ping(gnutls_session_t session, size_t data_size, } session->internals.hb_state = SHB_RECV; - /* fallthrough */ + FALLTHROUGH; case SHB_RECV: ret = diff --git a/lib/handshake-tls13.c b/lib/handshake-tls13.c index a8666186c7..06c7c01d29 100644 --- a/lib/handshake-tls13.c +++ b/lib/handshake-tls13.c @@ -88,33 +88,33 @@ int _gnutls13_handshake_client(gnutls_session_t session) STATE = STATE100; IMED_RET("send change cipher spec", ret, 0); #endif - /* fall through */ + FALLTHROUGH; case STATE101: ret = generate_and_set_hs_traffic_keys(session); STATE = STATE101; IMED_RET_FATAL("generate session keys", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE102: ret = _gnutls13_recv_encrypted_extensions(session); STATE = STATE102; IMED_RET("recv encrypted extensions", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE103: ret = _gnutls13_recv_certificate_request(session); STATE = STATE103; IMED_RET("recv certificate request", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE104: ret = _gnutls13_recv_certificate(session); STATE = STATE104; IMED_RET("recv certificate", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE105: ret = _gnutls13_recv_certificate_verify(session); STATE = STATE105; IMED_RET("recv server certificate verify", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE106: ret = _gnutls_run_verify_callback(session, GNUTLS_CLIENT); STATE = STATE106; @@ -125,22 +125,22 @@ int _gnutls13_handshake_client(gnutls_session_t session) ret = _gnutls13_recv_finished(session); STATE = STATE107; IMED_RET("recv finished", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE108: ret = _gnutls13_send_certificate(session, AGAIN(STATE108)); STATE = STATE108; IMED_RET("send certificate", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE109: ret = _gnutls13_send_certificate_verify(session, AGAIN(STATE109)); STATE = STATE109; IMED_RET("send certificate verify", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE110: ret = _gnutls13_send_finished(session, AGAIN(STATE110)); STATE = STATE110; IMED_RET("send finished", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE111: STATE = STATE111; @@ -333,19 +333,19 @@ int _gnutls13_handshake_server(gnutls_session_t session) ret = _gnutls13_handshake_hash_buffers_synth(session, session->security_parameters.prf, 0); STATE = STATE90; IMED_RET_FATAL("reset handshake buffers", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE91: ret = _gnutls13_send_hello_retry_request(session, AGAIN(STATE91)); STATE = STATE91; IMED_RET("send hello retry request", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE92: #ifdef TLS13_APPENDIX_D4 ret = _gnutls_send_change_cipher_spec(session, AGAIN(STATE92)); STATE = STATE92; IMED_RET("send change cipher spec", ret, 0); #endif - /* fall through */ + FALLTHROUGH; case STATE93: ret = _gnutls_recv_handshake(session, @@ -361,12 +361,12 @@ int _gnutls13_handshake_server(gnutls_session_t session) } IMED_RET("recv client hello", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE94: ret = _gnutls_send_server_hello(session, AGAIN(STATE94)); STATE = STATE94; IMED_RET("send hello", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE99: case STATE100: #ifdef TLS13_APPENDIX_D4 @@ -378,38 +378,38 @@ int _gnutls13_handshake_server(gnutls_session_t session) IMED_RET("send change cipher spec", ret, 0); } #endif - /* fall through */ + FALLTHROUGH; case STATE101: ret = generate_and_set_hs_traffic_keys(session); STATE = STATE101; IMED_RET_FATAL("generate session keys", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE102: ret = _gnutls13_send_encrypted_extensions(session, AGAIN(STATE102)); STATE = STATE102; IMED_RET("send encrypted extensions", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE103: ret = _gnutls13_send_certificate_request(session, AGAIN(STATE103)); STATE = STATE103; IMED_RET("send certificate request", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE104: ret = _gnutls13_send_certificate(session, AGAIN(STATE104)); STATE = STATE104; IMED_RET("send certificate", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE105: ret = _gnutls13_send_certificate_verify(session, AGAIN(STATE105)); STATE = STATE105; IMED_RET("send certificate verify", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE106: ret = _gnutls13_send_finished(session, AGAIN(STATE106)); STATE = STATE106; IMED_RET("send finished", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE107: /* At this point our sending keys should be the app keys * see 4.4.4 at draft-ietf-tls-tls13-28 */ @@ -434,7 +434,7 @@ int _gnutls13_handshake_server(gnutls_session_t session) _gnutls_handshake_log("HSK[%p]: switching early to application traffic keys\n", session); - /* fall through */ + FALLTHROUGH; case STATE108: if (session->internals.resumed != RESUME_FALSE) _gnutls_set_resumed_parameters(session); @@ -458,28 +458,28 @@ int _gnutls13_handshake_server(gnutls_session_t session) return 0; } } - /* fall through */ + FALLTHROUGH; case STATE109: ret = _gnutls13_recv_certificate(session); STATE = STATE109; IMED_RET("recv certificate", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE110: ret = _gnutls13_recv_certificate_verify(session); STATE = STATE110; IMED_RET("recv certificate verify", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE111: ret = _gnutls_run_verify_callback(session, GNUTLS_CLIENT); STATE = STATE111; if (ret < 0) return gnutls_assert_val(ret); - /* fall through */ + FALLTHROUGH; case STATE112: /* can enter from STATE108 */ ret = _gnutls13_recv_finished(session); STATE = STATE112; IMED_RET("recv finished", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE113: /* If we did request a client certificate, then we can * only send the tickets here */ @@ -493,7 +493,7 @@ int _gnutls13_handshake_server(gnutls_session_t session) ret = _tls13_read_connection_state_init(session, STAGE_APP); IMED_RET_FATAL("set read app keys", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE114: if (!(session->internals.hsk_flags & (HSK_TLS13_TICKET_SENT|HSK_EARLY_START_USED))) { ret = _gnutls13_send_session_ticket(session, TICKETS_TO_SEND, @@ -677,7 +677,7 @@ int gnutls_session_ticket_send(gnutls_session_t session, unsigned nr, unsigned f gnutls_assert(); return ret; } - /* fall through */ + FALLTHROUGH; case TICKET_STATE1: ret = _gnutls13_send_session_ticket(session, nr, TICKET_STATE==TICKET_STATE1?1:0); diff --git a/lib/handshake.c b/lib/handshake.c index 2c7524016e..99967a2ffd 100644 --- a/lib/handshake.c +++ b/lib/handshake.c @@ -2806,7 +2806,7 @@ static int handshake_client(gnutls_session_t session) ret = send_client_hello(session, AGAIN(STATE1)); STATE = STATE1; IMED_RET("send hello", ret, 1); - /* fall through */ + FALLTHROUGH; case STATE2: if (IS_DTLS(session)) { ret = @@ -2833,7 +2833,7 @@ static int handshake_client(gnutls_session_t session) return 1; } } - /* fall through */ + FALLTHROUGH; case STATE3: /* receive the server hello */ ret = @@ -2842,7 +2842,7 @@ static int handshake_client(gnutls_session_t session) 0, NULL); STATE = STATE3; IMED_RET("recv hello", ret, 1); - /* fall through */ + FALLTHROUGH; case STATE4: ver = get_version(session); if (ver->tls13_sem) { /* TLS 1.3 state machine */ @@ -2853,21 +2853,21 @@ static int handshake_client(gnutls_session_t session) ret = _gnutls_ext_sr_verify(session); STATE = STATE4; IMED_RET_FATAL("recv hello", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE5: if (session->security_parameters.do_recv_supplemental) { ret = _gnutls_recv_supplemental(session); STATE = STATE5; IMED_RET("recv supplemental", ret, 1); } - /* fall through */ + FALLTHROUGH; case STATE6: /* RECV CERTIFICATE */ if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ ret = _gnutls_recv_server_certificate(session); STATE = STATE6; IMED_RET("recv server certificate", ret, 1); - /* fall through */ + FALLTHROUGH; case STATE7: #ifdef ENABLE_OCSP /* RECV CERTIFICATE STATUS */ @@ -2878,7 +2878,7 @@ static int handshake_client(gnutls_session_t session) STATE = STATE7; IMED_RET("recv server certificate", ret, 1); #endif - /* fall through */ + FALLTHROUGH; case STATE8: ret = _gnutls_run_verify_callback(session, GNUTLS_CLIENT); STATE = STATE8; @@ -2892,7 +2892,7 @@ static int handshake_client(gnutls_session_t session) ret = _gnutls_recv_server_kx_message(session); STATE = STATE9; IMED_RET("recv server kx message", ret, 1); - /* fall through */ + FALLTHROUGH; case STATE10: /* receive the server certificate request - if any */ @@ -2902,7 +2902,7 @@ static int handshake_client(gnutls_session_t session) STATE = STATE10; IMED_RET("recv server certificate request message", ret, 1); - /* fall through */ + FALLTHROUGH; case STATE11: /* receive the server hello done */ if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ @@ -2912,7 +2912,7 @@ static int handshake_client(gnutls_session_t session) 0, NULL); STATE = STATE11; IMED_RET("recv server hello done", ret, 1); - /* fall through */ + FALLTHROUGH; case STATE12: if (session->security_parameters.do_send_supplemental) { ret = @@ -2921,7 +2921,7 @@ static int handshake_client(gnutls_session_t session) STATE = STATE12; IMED_RET("send supplemental", ret, 0); } - /* fall through */ + FALLTHROUGH; case STATE13: /* send our certificate - if any and if requested */ @@ -2932,7 +2932,7 @@ static int handshake_client(gnutls_session_t session) (STATE13)); STATE = STATE13; IMED_RET("send client certificate", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE14: if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ ret = @@ -2940,7 +2940,7 @@ static int handshake_client(gnutls_session_t session) AGAIN(STATE14)); STATE = STATE14; IMED_RET("send client kx", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE15: /* send client certificate verify */ if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ @@ -2950,7 +2950,7 @@ static int handshake_client(gnutls_session_t session) (STATE15)); STATE = STATE15; IMED_RET("send client certificate verify", ret, 1); - /* fall through */ + FALLTHROUGH; case STATE16: STATE = STATE16; if (session->internals.resumed == RESUME_FALSE) { @@ -2961,7 +2961,7 @@ static int handshake_client(gnutls_session_t session) IMED_RET("recv handshake new session ticket", ret, 1); } - /* fall through */ + FALLTHROUGH; case STATE17: STATE = STATE17; if (session->internals.resumed == RESUME_FALSE && (session->internals.flags & GNUTLS_ENABLE_FALSE_START) && can_send_false_start(session)) { @@ -2975,7 +2975,7 @@ static int handshake_client(gnutls_session_t session) return 0; } - /* fall through */ + FALLTHROUGH; case STATE18: STATE = STATE18; @@ -2987,7 +2987,7 @@ static int handshake_client(gnutls_session_t session) ret = recv_handshake_final(session, TRUE); IMED_RET("recv handshake final", ret, 1); } - /* fall through */ + FALLTHROUGH; case STATE19: STATE = STATE19; if (session->internals.resumed == RESUME_FALSE) { @@ -2999,7 +2999,7 @@ static int handshake_client(gnutls_session_t session) } STATE = STATE0; - /* fall through */ + FALLTHROUGH; default: break; } @@ -3117,7 +3117,7 @@ static int send_handshake_final(gnutls_session_t session, int init) return ret; } - /* fall through */ + FALLTHROUGH; case STATE2: /* send the finished message */ ret = _gnutls_send_finished(session, FAGAIN(STATE2)); @@ -3128,7 +3128,7 @@ static int send_handshake_final(gnutls_session_t session, int init) } FINAL_STATE = STATE0; - /* fall through */ + FALLTHROUGH; default: break; } @@ -3201,7 +3201,7 @@ static int recv_handshake_final(gnutls_session_t session, int init) gnutls_assert(); return ret; } - /* fall through */ + FALLTHROUGH; case STATE31: FINAL_STATE = STATE31; @@ -3219,7 +3219,7 @@ static int recv_handshake_final(gnutls_session_t session, int init) return ret; } FINAL_STATE = STATE0; - /* fall through */ + FALLTHROUGH; default: break; } @@ -3265,13 +3265,13 @@ static int handshake_server(gnutls_session_t session) } IMED_RET("recv hello", ret, 1); - /* fall through */ + FALLTHROUGH; case STATE2: ret = _gnutls_ext_sr_verify(session); STATE = STATE2; IMED_RET_FATAL("recv hello", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE3: ret = _gnutls_send_server_hello(session, AGAIN(STATE3)); STATE = STATE3; @@ -3283,7 +3283,7 @@ static int handshake_server(gnutls_session_t session) goto reset; } - /* fall through */ + FALLTHROUGH; case STATE4: if (session->security_parameters.do_send_supplemental) { ret = @@ -3293,7 +3293,7 @@ static int handshake_server(gnutls_session_t session) IMED_RET("send supplemental data", ret, 0); } /* SEND CERTIFICATE + KEYEXCHANGE + CERTIFICATE_REQUEST */ - /* fall through */ + FALLTHROUGH; case STATE5: /* NOTE: these should not be send if we are resuming */ @@ -3303,7 +3303,7 @@ static int handshake_server(gnutls_session_t session) AGAIN(STATE5)); STATE = STATE5; IMED_RET("send server certificate", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE6: #ifdef ENABLE_OCSP if (session->internals.resumed == RESUME_FALSE) @@ -3314,7 +3314,7 @@ static int handshake_server(gnutls_session_t session) STATE = STATE6; IMED_RET("send server certificate status", ret, 0); #endif - /* fall through */ + FALLTHROUGH; case STATE7: /* send server key exchange (A) */ if (session->internals.resumed == RESUME_FALSE) @@ -3323,7 +3323,7 @@ static int handshake_server(gnutls_session_t session) AGAIN(STATE7)); STATE = STATE7; IMED_RET("send server kx", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE8: /* Send certificate request - if requested to */ if (session->internals.resumed == RESUME_FALSE) @@ -3332,7 +3332,7 @@ static int handshake_server(gnutls_session_t session) AGAIN(STATE8)); STATE = STATE8; IMED_RET("send server cert request", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE9: /* send the server hello done */ if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ @@ -3342,7 +3342,7 @@ static int handshake_server(gnutls_session_t session) AGAIN(STATE9)); STATE = STATE9; IMED_RET("send server hello done", ret, 1); - /* fall through */ + FALLTHROUGH; case STATE10: if (session->security_parameters.do_recv_supplemental) { ret = _gnutls_recv_supplemental(session); @@ -3350,27 +3350,27 @@ static int handshake_server(gnutls_session_t session) IMED_RET("recv client supplemental", ret, 1); } /* RECV CERTIFICATE + KEYEXCHANGE + CERTIFICATE_VERIFY */ - /* fall through */ + FALLTHROUGH; case STATE11: /* receive the client certificate message */ if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ ret = _gnutls_recv_client_certificate(session); STATE = STATE11; IMED_RET("recv client certificate", ret, 1); - /* fall through */ + FALLTHROUGH; case STATE12: ret = _gnutls_run_verify_callback(session, GNUTLS_SERVER); STATE = STATE12; if (ret < 0) return gnutls_assert_val(ret); - /* fall through */ + FALLTHROUGH; case STATE13: /* receive the client key exchange message */ if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ ret = _gnutls_recv_client_kx_message(session); STATE = STATE13; IMED_RET("recv client kx", ret, 1); - /* fall through */ + FALLTHROUGH; case STATE14: /* receive the client certificate verify message */ if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ @@ -3379,7 +3379,7 @@ static int handshake_server(gnutls_session_t session) (session); STATE = STATE14; IMED_RET("recv client certificate verify", ret, 1); - /* fall through */ + FALLTHROUGH; case STATE15: STATE = STATE15; if (session->internals.resumed == RESUME_FALSE) { /* if we are not resuming */ @@ -3389,14 +3389,14 @@ static int handshake_server(gnutls_session_t session) ret = send_handshake_final(session, TRUE); IMED_RET("send handshake final 2", ret, 1); } - /* fall through */ + FALLTHROUGH; case STATE16: ret = _gnutls_send_new_session_ticket(session, AGAIN(STATE16)); STATE = STATE16; IMED_RET("send handshake new session ticket", ret, 0); - /* fall through */ + FALLTHROUGH; case STATE17: STATE = STATE17; if (session->internals.resumed == RESUME_FALSE) { /* if we are not resuming */ @@ -3416,7 +3416,7 @@ static int handshake_server(gnutls_session_t session) } STATE = STATE0; - /* fall through */ + FALLTHROUGH; default: break; } diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index bfcafa926c..6dcd2fdd08 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -1724,7 +1724,7 @@ gnutls_x509_spki_st spki; free(sig.data); sig.data = NULL; - /* fallthrough */ + FALLTHROUGH; case GNUTLS_PK_EC: /* we only do keys for ECDSA */ case GNUTLS_PK_EDDSA_ED25519: case GNUTLS_PK_DSA: @@ -1839,7 +1839,7 @@ wrap_nettle_pk_generate_keys(gnutls_pk_algorithm_t algo, break; } #endif - /* fallthrough */ + FALLTHROUGH; case GNUTLS_PK_DH: { struct dsa_params pub; diff --git a/lib/pkcs11.c b/lib/pkcs11.c index 844bfebdcf..6f9274856e 100644 --- a/lib/pkcs11.c +++ b/lib/pkcs11.c @@ -568,7 +568,8 @@ gnutls_pkcs11_obj_set_info(gnutls_pkcs11_obj_t obj, } data = tmp; data_size = size; - /* fallthrough */ + + FALLTHROUGH; case GNUTLS_PKCS11_OBJ_ID: a[0].type = CKA_ID; a[0].value = (void*)data; diff --git a/lib/pubkey.c b/lib/pubkey.c index 8fc42b95a5..ae6fb5cb2b 100644 --- a/lib/pubkey.c +++ b/lib/pubkey.c @@ -301,7 +301,7 @@ gnutls_pubkey_get_preferred_hash_algorithm(gnutls_pubkey_t key, case GNUTLS_PK_DSA: if (mand) *mand = 1; - /* fallthrough */ + FALLTHROUGH; case GNUTLS_PK_ECDSA: me = _gnutls_dsa_q_to_hash(&key->params, NULL); diff --git a/lib/record.c b/lib/record.c index 96bf5736a9..f0bf192cb8 100644 --- a/lib/record.c +++ b/lib/record.c @@ -293,7 +293,7 @@ int gnutls_bye(gnutls_session_t session, gnutls_close_request_t how) gnutls_assert(); return ret; } - /* fall through */ + FALLTHROUGH; case BYE_STATE1: ret = gnutls_alert_send(session, GNUTLS_AL_WARNING, @@ -303,7 +303,7 @@ int gnutls_bye(gnutls_session_t session, gnutls_close_request_t how) gnutls_assert(); return ret; } - /* fall through */ + FALLTHROUGH; case BYE_STATE2: BYE_STATE = BYE_STATE2; if (how == GNUTLS_SHUT_RDWR) { @@ -1615,7 +1615,6 @@ check_session_status(gnutls_session_t session, unsigned ms) session->internals.recv_state = RECV_STATE_0; - /* Fall through: */ FALLTHROUGH; case RECV_STATE_0: @@ -1903,14 +1902,14 @@ gnutls_record_send2(gnutls_session_t session, const void *data, return gnutls_assert_val(ret); session->internals.rsend_state = RECORD_SEND_KEY_UPDATE_2; - /* fall-through */ + FALLTHROUGH; case RECORD_SEND_KEY_UPDATE_2: ret = gnutls_session_key_update(session, 0); if (ret < 0) return gnutls_assert_val(ret); session->internals.rsend_state = RECORD_SEND_KEY_UPDATE_3; - /* fall-through */ + FALLTHROUGH; case RECORD_SEND_KEY_UPDATE_3: ret = _gnutls_send_int(session, GNUTLS_APPLICATION_DATA, -1, EPOCH_WRITE_CURRENT, diff --git a/lib/tls13/post_handshake.c b/lib/tls13/post_handshake.c index c550c198a7..ca0ed53b0a 100644 --- a/lib/tls13/post_handshake.c +++ b/lib/tls13/post_handshake.c @@ -99,23 +99,23 @@ int _gnutls13_reauth_client(gnutls_session_t session) if (ret < 0) return gnutls_assert_val(ret); - /* fall through */ + FALLTHROUGH; case REAUTH_STATE1: ret = _gnutls13_recv_certificate_request_int(session, &session->internals.reauth_buffer); REAUTH_STATE = REAUTH_STATE1; IMED_RET("recv certificate request", ret, 0); - /* fall through */ + FALLTHROUGH; case REAUTH_STATE2: ret = _gnutls13_send_certificate(session, AGAIN(REAUTH_STATE2)); REAUTH_STATE = REAUTH_STATE2; IMED_RET("send certificate", ret, 0); - /* fall through */ + FALLTHROUGH; case REAUTH_STATE3: ret = _gnutls13_send_certificate_verify(session, AGAIN(REAUTH_STATE3)); REAUTH_STATE = REAUTH_STATE3; IMED_RET("send certificate verify", ret, 0); - /* fall through */ + FALLTHROUGH; case REAUTH_STATE4: ret = _gnutls13_send_finished(session, AGAIN(REAUTH_STATE4)); REAUTH_STATE = REAUTH_STATE4; @@ -160,29 +160,29 @@ int _gnutls13_reauth_server(gnutls_session_t session) session->internals.handshake_hash_buffer_prev_len = session->internals.handshake_hash_buffer.length; - /* fall through */ + FALLTHROUGH; case REAUTH_STATE1: ret = _gnutls13_send_certificate_request(session, AGAIN(REAUTH_STATE1)); REAUTH_STATE = REAUTH_STATE1; IMED_RET("send certificate request", ret, 0); - /* fall through */ + FALLTHROUGH; case REAUTH_STATE2: /* here we should tolerate application data */ ret = _gnutls13_recv_certificate(session); REAUTH_STATE = REAUTH_STATE2; IMED_RET("recv certificate", ret, 0); - /* fall through */ + FALLTHROUGH; case REAUTH_STATE3: ret = _gnutls13_recv_certificate_verify(session); REAUTH_STATE = REAUTH_STATE3; IMED_RET("recv certificate verify", ret, 0); - /* fall through */ + FALLTHROUGH; case REAUTH_STATE4: ret = _gnutls_run_verify_callback(session, GNUTLS_CLIENT); REAUTH_STATE = REAUTH_STATE4; if (ret < 0) return gnutls_assert_val(ret); - /* fall through */ + FALLTHROUGH; case REAUTH_STATE5: ret = _gnutls13_recv_finished(session); REAUTH_STATE = REAUTH_STATE5; diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c index 7164820a8d..414f9aa3d3 100644 --- a/lib/x509/pkcs12.c +++ b/lib/x509/pkcs12.c @@ -1645,7 +1645,7 @@ gnutls_pkcs12_simple_parse(gnutls_pkcs12_t p12, goto done; } - /* fallthrough */ + FALLTHROUGH; case GNUTLS_BAG_PKCS8_KEY: if (*key != NULL) { /* too simple to continue */ gnutls_assert(); diff --git a/lib/x509/x509.c b/lib/x509/x509.c index 721a1a0a93..4aff55eba9 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -3979,7 +3979,7 @@ legacy_parse_aia(ASN1_TYPE src, case GNUTLS_IA_CAISSUERS_URI: oid = GNUTLS_OID_AD_CAISSUERS; - /* fall through */ + FALLTHROUGH; case GNUTLS_IA_OCSP_URI: if (oid == NULL) @@ -4007,7 +4007,7 @@ legacy_parse_aia(ASN1_TYPE src, gnutls_assert_val (GNUTLS_E_UNKNOWN_ALGORITHM); } - /* fall through */ + FALLTHROUGH; case GNUTLS_IA_URI: snprintf(nptr, sizeof(nptr), diff --git a/tests/tls13/key_update.c b/tests/tls13/key_update.c index bed8a682b4..9abfa8afed 100644 --- a/tests/tls13/key_update.c +++ b/tests/tls13/key_update.c @@ -145,7 +145,7 @@ static void run(const char *name, unsigned test) if (test != 0) break; sec_sleep(2); - /* fall-through */ + FALLTHROUGH; case 2: success("%s: updating server's key\n", name); @@ -162,7 +162,7 @@ static void run(const char *name, unsigned test) if (test != 0) break; sec_sleep(2); - /* fall-through */ + FALLTHROUGH; case 3: success("%s: updating client's key and asking server\n", name); do { @@ -178,7 +178,7 @@ static void run(const char *name, unsigned test) if (test != 0) break; sec_sleep(2); - /* fall-through */ + FALLTHROUGH; case 4: success("%s: updating server's key and asking client\n", name); do { diff --git a/tests/utils.h b/tests/utils.h index 58e9aef8a2..d5409d661d 100644 --- a/tests/utils.h +++ b/tests/utils.h @@ -40,6 +40,14 @@ # error tests cannot be compiled with NDEBUG defined #endif +#if _GNUTLS_GCC_VERSION >= 70100 +#define FALLTHROUGH __attribute__ ((fallthrough)) +#endif + +#ifndef FALLTHROUGH +# define FALLTHROUGH +#endif + inline static int global_init(void) { #ifdef ENABLE_PKCS11 -- cgit v1.2.1