diff options
author | Matt Caswell <matt@openssl.org> | 2015-03-19 11:35:33 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-03-19 12:59:31 +0000 |
commit | 8ca79fcbf45ea2ed505679be20e1a8a4c3df07cf (patch) | |
tree | 7d0342dfc23bfeac7d354613c3197395e7a553c6 | |
parent | a4517be9e348634ac64f9cf093131e13e8c03e38 (diff) | |
download | openssl-new-8ca79fcbf45ea2ed505679be20e1a8a4c3df07cf.tar.gz |
Fix unsigned/signed warnings
Fix some unsigned/signed warnings introduced as part of the fix
for CVE-2015-0293
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
-rw-r--r-- | ssl/s2_srvr.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c index 4046697b26..19bb48c9cd 100644 --- a/ssl/s2_srvr.c +++ b/ssl/s2_srvr.c @@ -371,7 +371,8 @@ int ssl2_accept(SSL *s) static int get_client_master_key(SSL *s) { - int is_export, i, n, keya, ek; + int is_export, i, n, keya; + unsigned int ek; unsigned long len; unsigned char *p; const SSL_CIPHER *cp; @@ -488,7 +489,7 @@ static int get_client_master_key(SSL *s) * must be zero). */ if ((!is_export && s->s2->tmp.clear != 0) || - (is_export && s->s2->tmp.clear + ek != EVP_CIPHER_key_length(c))) { + (is_export && s->s2->tmp.clear + ek != (unsigned int)EVP_CIPHER_key_length(c))) { ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH); return -1; @@ -499,7 +500,7 @@ static int get_client_master_key(SSL *s) * bytes to fit the key in the buffer, stop now. */ if ((is_export && s->s2->tmp.enc < ek) || - (!is_export && s->s2->tmp.enc < EVP_CIPHER_key_length(c))) { + (!is_export && s->s2->tmp.enc < (unsigned int)EVP_CIPHER_key_length(c))) { ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT); return -1; @@ -518,7 +519,7 @@ static int get_client_master_key(SSL *s) * secret (Bleichenbacher attack) */ if ((i < 0) || ((!is_export && i != EVP_CIPHER_key_length(c)) - || (is_export && i != ek))) { + || (is_export && i != (int)ek))) { ERR_clear_error(); if (is_export) i = ek; |