upstream/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2026-02-16 00:58:14 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

- fixes for splint cleanliness, long vs int in SSL set_mode.

Browse source
This commit is contained in:
W.C.A. Wijngaards 2019-11-13 15:16:27 +01:00
parent d4c904d091
commit d05d6b959a
14 changed files with 32 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
daemon/daemon.c
View file

@ -221,7 +221,9 @@ daemon_init(void)
(void)sldns_key_EVP_load_gost_id();
# endif
# if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO)
# ifndef S_SPLINT_S
OpenSSL_add_all_algorithms();
# endif
# else
OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
| OPENSSL_INIT_ADD_ALL_DIGESTS

2
daemon/remote.c
View file

@ -499,7 +499,7 @@ int remote_accept_callback(struct comm_point* c, void* arg, int err,
goto close_exit;
}
SSL_set_accept_state(n->ssl);
(void)SSL_set_mode(n->ssl, SSL_MODE_AUTO_RETRY);
(void)SSL_set_mode(n->ssl, (long)SSL_MODE_AUTO_RETRY);
if(!SSL_set_fd(n->ssl, newfd)) {
log_crypto_err("could not SSL_set_fd");
SSL_free(n->ssl);

1
doc/Changelog
View file

@ -1,6 +1,7 @@
13 November 2019: Wouter
- iana portlist updated.
- contrib/fastrpz.patch updated to apply for current code.
- fixes for splint cleanliness, long vs int in SSL set_mode.
11 November 2019: Wouter
- Fix #109: check number of arguments for stdin-pipes in

8
services/authzone.c
View file

@ -5971,15 +5971,15 @@ xfr_probe_send_probe(struct auth_xfer* xfr, struct module_env* env,
}
if (auth_name != NULL) {
if (addr.ss_family == AF_INET
&& ntohs(((struct sockaddr_in *)&addr)->sin_port)
&& (int)ntohs(((struct sockaddr_in *)&addr)->sin_port)
== env->cfg->ssl_port)
((struct sockaddr_in *)&addr)->sin_port
= htons(env->cfg->port);
= htons((uint16_t)env->cfg->port);
else if (addr.ss_family == AF_INET6
&& ntohs(((struct sockaddr_in6 *)&addr)->sin6_port)
&& (int)ntohs(((struct sockaddr_in6 *)&addr)->sin6_port)
== env->cfg->ssl_port)
((struct sockaddr_in6 *)&addr)->sin6_port
= htons(env->cfg->port);
= htons((uint16_t)env->cfg->port);
}
}

4
smallapp/unbound-anchor.c
View file

@ -782,7 +782,7 @@ TLS_initiate(SSL_CTX* sslctx, int fd)
return NULL;
}
SSL_set_connect_state(ssl);
(void)SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
(void)SSL_set_mode(ssl, (long)SSL_MODE_AUTO_RETRY);
if(!SSL_set_fd(ssl, fd)) {
if(verb) printf("SSL_set_fd error\n");
SSL_free(ssl);
@ -2379,7 +2379,9 @@ int main(int argc, char* argv[])
ERR_load_SSL_strings();
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO)
# ifndef S_SPLINT_S
OpenSSL_add_all_algorithms();
# endif
#else
OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
| OPENSSL_INIT_ADD_ALL_DIGESTS

4
smallapp/unbound-control.c
View file

@ -615,7 +615,7 @@ setup_ssl(SSL_CTX* ctx, int fd)
if(!ssl)
ssl_err("could not SSL_new");
SSL_set_connect_state(ssl);
(void)SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
(void)SSL_set_mode(ssl, (long)SSL_MODE_AUTO_RETRY);
if(!SSL_set_fd(ssl, fd))
ssl_err("could not SSL_set_fd");
while(1) {
@ -888,7 +888,9 @@ int main(int argc, char* argv[])
ERR_load_SSL_strings();
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO)
# ifndef S_SPLINT_S
OpenSSL_add_all_algorithms();
# endif
#else
OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
| OPENSSL_INIT_ADD_ALL_DIGESTS

2
smallapp/unbound-host.c
View file

@ -505,7 +505,9 @@ int main(int argc, char* argv[])
ERR_load_SSL_strings();
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO)
# ifndef S_SPLINT_S
OpenSSL_add_all_algorithms();
# endif
#else
OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
| OPENSSL_INIT_ADD_ALL_DIGESTS

2
testcode/asynclook.c
View file

@ -482,7 +482,9 @@ int main(int argc, char** argv)
ERR_load_SSL_strings();
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO)
# ifndef S_SPLINT_S
OpenSSL_add_all_algorithms();
# endif
#else
OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
| OPENSSL_INIT_ADD_ALL_DIGESTS

4
testcode/petal.c
View file

@ -301,7 +301,7 @@ setup_ssl(int s, SSL_CTX* ctx)
SSL* ssl = SSL_new(ctx);
if(!ssl) return NULL;
SSL_set_accept_state(ssl);
(void)SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
(void)SSL_set_mode(ssl, (long)SSL_MODE_AUTO_RETRY);
if(!SSL_set_fd(ssl, s)) {
SSL_free(ssl);
return NULL;
@ -657,7 +657,9 @@ int main(int argc, char* argv[])
ERR_load_SSL_strings();
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO)
# ifndef S_SPLINT_S
OpenSSL_add_all_algorithms();
# endif
#else
OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
| OPENSSL_INIT_ADD_ALL_DIGESTS

2
testcode/streamtcp.c
View file

@ -485,7 +485,9 @@ int main(int argc, char** argv)
ERR_load_SSL_strings();
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO)
# ifndef S_SPLINT_S
OpenSSL_add_all_algorithms();
# endif
#else
OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
| OPENSSL_INIT_ADD_ALL_DIGESTS

4
util/net_help.c
View file

@ -1045,7 +1045,7 @@ void* incoming_ssl_fd(void* sslctx, int fd)
return NULL;
}
SSL_set_accept_state(ssl);
(void)SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
(void)SSL_set_mode(ssl, (long)SSL_MODE_AUTO_RETRY);
if(!SSL_set_fd(ssl, fd)) {
log_crypto_err("could not SSL_set_fd");
SSL_free(ssl);
@ -1067,7 +1067,7 @@ void* outgoing_ssl_fd(void* sslctx, int fd)
return NULL;
}
SSL_set_connect_state(ssl);
(void)SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
(void)SSL_set_mode(ssl, (long)SSL_MODE_AUTO_RETRY);
if(!SSL_set_fd(ssl, fd)) {
log_crypto_err("could not SSL_set_fd");
SSL_free(ssl);

2
util/netevent.c
View file

@ -1309,7 +1309,7 @@ ssl_handle_write(struct comm_point* c)
return 1;
}
/* ignore return, if fails we may simply block */
(void)SSL_set_mode(c->ssl, SSL_MODE_ENABLE_PARTIAL_WRITE);
(void)SSL_set_mode(c->ssl, (long)SSL_MODE_ENABLE_PARTIAL_WRITE);
if(c->tcp_byte_count < sizeof(uint16_t)) {
uint16_t len = htons(sldns_buffer_limit(c->buffer));
ERR_clear_error();

4
validator/autotrust.c
View file

@ -1175,7 +1175,9 @@ void autr_write_file(struct module_env* env, struct trust_anchor* tp)
{
FILE* out;
char* fname = tp->autr->file;
#ifndef S_SPLINT_S
long long llvalue;
#endif
char tempf[2048];
log_assert(tp->autr);
if(!env) {
@ -1184,6 +1186,7 @@ void autr_write_file(struct module_env* env, struct trust_anchor* tp)
}
/* unique name with pid number, thread number, and struct pointer
* (the pointer uniquifies for multiple libunbound contexts) */
#ifndef S_SPLINT_S
#if defined(SIZE_MAX) && defined(UINT32_MAX) && (UINT32_MAX == SIZE_MAX || INT32_MAX == SIZE_MAX)
/* avoid warning about upcast on 32bit systems */
llvalue = (unsigned long)tp;
@ -1197,6 +1200,7 @@ void autr_write_file(struct module_env* env, struct trust_anchor* tp)
snprintf(tempf, sizeof(tempf), "%s.%d-%d-%I64x", fname, (int)getpid(),
env->worker?*(int*)env->worker:0, llvalue);
#endif
#endif /* S_SPLINT_S */
verbose(VERB_ALGO, "autotrust: write to disk: %s", tempf);
out = fopen(tempf, "w");
if(!out) {

2
validator/val_secalgo.c
View file

@ -326,8 +326,10 @@ setup_dsa_sig(unsigned char** sig, unsigned int* len)
#ifdef HAVE_DSA_SIG_SET0
if(!DSA_SIG_set0(dsasig, R, S)) return 0;
#else
# ifndef S_SPLINT_S
dsasig->r = R;
dsasig->s = S;
# endif /* S_SPLINT_S */
#endif
*sig = NULL;
newlen = i2d_DSA_SIG(dsasig, sig);