Warning fixes from Christos Zoulas
- shadowed variables - signed/unsigned confusion - const lossage - incomplete structure initializations - unused code
This commit is contained in:
Love Hornquist Astrand
@@ -266,7 +266,7 @@ hx509_ca_tbs_set_template(hx509_context context,
|
||||
}
|
||||
if (flags & HX509_CA_TEMPLATE_EKU) {
|
||||
ExtKeyUsage eku;
|
||||
int i;
|
||||
size_t i;
|
||||
ret = _hx509_cert_get_eku(context, cert, &eku);
|
||||
if (ret)
|
||||
return ret;
|
||||
@@ -689,7 +689,7 @@ add_utf8_san(hx509_context context,
|
||||
const heim_oid *oid,
|
||||
const char *string)
|
||||
{
|
||||
const PKIXXmppAddr ustring = (const PKIXXmppAddr)string;
|
||||
const PKIXXmppAddr ustring = (const PKIXXmppAddr)(intptr_t)string;
|
||||
heim_octet_string os;
|
||||
size_t size;
|
||||
int ret;
|
||||
|
||||
@@ -362,7 +362,8 @@ hx509_cms_unenvelope(hx509_context context,
|
||||
heim_octet_string *params, params_data;
|
||||
heim_octet_string ivec;
|
||||
size_t size;
|
||||
int ret, i, matched = 0, findflags = 0;
|
||||
int ret, matched = 0, findflags = 0;
|
||||
size_t i;
|
||||
|
||||
|
||||
memset(&key, 0, sizeof(key));
|
||||
@@ -718,7 +719,8 @@ out:
|
||||
static int
|
||||
any_to_certs(hx509_context context, const SignedData *sd, hx509_certs certs)
|
||||
{
|
||||
int ret, i;
|
||||
int ret;
|
||||
size_t i;
|
||||
|
||||
if (sd->certificates == NULL)
|
||||
return 0;
|
||||
@@ -744,7 +746,7 @@ any_to_certs(hx509_context context, const SignedData *sd, hx509_certs certs)
|
||||
static const Attribute *
|
||||
find_attribute(const CMSAttributes *attr, const heim_oid *oid)
|
||||
{
|
||||
int i;
|
||||
size_t i;
|
||||
for (i = 0; i < attr->len; i++)
|
||||
if (der_heim_oid_cmp(&attr->val[i].type, oid) == 0)
|
||||
return &attr->val[i];
|
||||
@@ -790,7 +792,8 @@ hx509_cms_verify_signed(hx509_context context,
|
||||
hx509_certs certs = NULL;
|
||||
SignedData sd;
|
||||
size_t size;
|
||||
int ret, i, found_valid_sig;
|
||||
int ret, found_valid_sig;
|
||||
size_t i;
|
||||
|
||||
*signer_certs = NULL;
|
||||
content->data = NULL;
|
||||
|
||||
@@ -253,7 +253,8 @@ _hx509_collector_collect_certs(hx509_context context,
|
||||
hx509_certs *ret_certs)
|
||||
{
|
||||
hx509_certs certs;
|
||||
int ret, i;
|
||||
int ret;
|
||||
size_t i;
|
||||
|
||||
*ret_certs = NULL;
|
||||
|
||||
@@ -286,7 +287,7 @@ _hx509_collector_collect_private_keys(hx509_context context,
|
||||
struct hx509_collector *c,
|
||||
hx509_private_key **keys)
|
||||
{
|
||||
int i, nkeys;
|
||||
size_t i, nkeys;
|
||||
|
||||
*keys = NULL;
|
||||
|
||||
@@ -315,7 +316,7 @@ _hx509_collector_collect_private_keys(hx509_context context,
|
||||
void
|
||||
_hx509_collector_free(struct hx509_collector *c)
|
||||
{
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
if (c->unenvelop_certs)
|
||||
hx509_certs_free(&c->unenvelop_certs);
|
||||
|
||||
@@ -589,7 +589,7 @@ rsa_verify_signature(hx509_context context,
|
||||
}
|
||||
|
||||
/* Check for extra data inside the sigature */
|
||||
if (size != retsize) {
|
||||
if (size != (size_t)retsize) {
|
||||
ret = HX509_CRYPTO_SIG_INVALID_FORMAT;
|
||||
hx509_set_error_string(context, 0, ret, "size from decryption mismatch");
|
||||
goto out;
|
||||
@@ -620,7 +620,7 @@ rsa_verify_signature(hx509_context context,
|
||||
data,
|
||||
&di.digest);
|
||||
} else {
|
||||
if (retsize != data->length ||
|
||||
if ((size_t)retsize != data->length ||
|
||||
ct_memcmp(to, data->data, retsize) != 0)
|
||||
{
|
||||
ret = HX509_CRYPTO_SIG_INVALID_FORMAT;
|
||||
@@ -739,7 +739,7 @@ rsa_create_signature(hx509_context context,
|
||||
"RSA private encrypt failed: %d", ret);
|
||||
return ret;
|
||||
}
|
||||
if (ret > sig->length)
|
||||
if ((size_t)ret > sig->length)
|
||||
_hx509_abort("RSA signature prelen longer the output len");
|
||||
|
||||
sig->length = ret;
|
||||
@@ -1256,7 +1256,8 @@ static const struct signature_alg heim_rsa_pkcs1_x509 = {
|
||||
0,
|
||||
NULL,
|
||||
rsa_verify_signature,
|
||||
rsa_create_signature
|
||||
rsa_create_signature,
|
||||
0
|
||||
};
|
||||
|
||||
static const struct signature_alg pkcs1_rsa_sha1_alg = {
|
||||
@@ -1269,7 +1270,8 @@ static const struct signature_alg pkcs1_rsa_sha1_alg = {
|
||||
0,
|
||||
NULL,
|
||||
rsa_verify_signature,
|
||||
rsa_create_signature
|
||||
rsa_create_signature,
|
||||
0
|
||||
};
|
||||
|
||||
static const struct signature_alg rsa_with_sha512_alg = {
|
||||
@@ -1282,7 +1284,8 @@ static const struct signature_alg rsa_with_sha512_alg = {
|
||||
0,
|
||||
NULL,
|
||||
rsa_verify_signature,
|
||||
rsa_create_signature
|
||||
rsa_create_signature,
|
||||
0
|
||||
};
|
||||
|
||||
static const struct signature_alg rsa_with_sha384_alg = {
|
||||
@@ -1295,7 +1298,8 @@ static const struct signature_alg rsa_with_sha384_alg = {
|
||||
0,
|
||||
NULL,
|
||||
rsa_verify_signature,
|
||||
rsa_create_signature
|
||||
rsa_create_signature,
|
||||
0
|
||||
};
|
||||
|
||||
static const struct signature_alg rsa_with_sha256_alg = {
|
||||
@@ -1308,7 +1312,8 @@ static const struct signature_alg rsa_with_sha256_alg = {
|
||||
0,
|
||||
NULL,
|
||||
rsa_verify_signature,
|
||||
rsa_create_signature
|
||||
rsa_create_signature,
|
||||
0
|
||||
};
|
||||
|
||||
static const struct signature_alg rsa_with_sha1_alg = {
|
||||
@@ -1321,7 +1326,8 @@ static const struct signature_alg rsa_with_sha1_alg = {
|
||||
0,
|
||||
NULL,
|
||||
rsa_verify_signature,
|
||||
rsa_create_signature
|
||||
rsa_create_signature,
|
||||
0
|
||||
};
|
||||
|
||||
static const struct signature_alg rsa_with_sha1_alg_secsig = {
|
||||
@@ -1334,7 +1340,8 @@ static const struct signature_alg rsa_with_sha1_alg_secsig = {
|
||||
0,
|
||||
NULL,
|
||||
rsa_verify_signature,
|
||||
rsa_create_signature
|
||||
rsa_create_signature,
|
||||
0
|
||||
};
|
||||
|
||||
static const struct signature_alg rsa_with_md5_alg = {
|
||||
@@ -1347,7 +1354,8 @@ static const struct signature_alg rsa_with_md5_alg = {
|
||||
1230739889,
|
||||
NULL,
|
||||
rsa_verify_signature,
|
||||
rsa_create_signature
|
||||
rsa_create_signature,
|
||||
0
|
||||
};
|
||||
|
||||
static const struct signature_alg dsa_sha1_alg = {
|
||||
@@ -1361,6 +1369,7 @@ static const struct signature_alg dsa_sha1_alg = {
|
||||
NULL,
|
||||
dsa_verify_signature,
|
||||
/* create_signature */ NULL,
|
||||
0
|
||||
};
|
||||
|
||||
static const struct signature_alg sha512_alg = {
|
||||
@@ -1373,7 +1382,8 @@ static const struct signature_alg sha512_alg = {
|
||||
0,
|
||||
EVP_sha512,
|
||||
evp_md_verify_signature,
|
||||
evp_md_create_signature
|
||||
evp_md_create_signature,
|
||||
0
|
||||
};
|
||||
|
||||
static const struct signature_alg sha384_alg = {
|
||||
@@ -1386,7 +1396,8 @@ static const struct signature_alg sha384_alg = {
|
||||
0,
|
||||
EVP_sha384,
|
||||
evp_md_verify_signature,
|
||||
evp_md_create_signature
|
||||
evp_md_create_signature,
|
||||
0
|
||||
};
|
||||
|
||||
static const struct signature_alg sha256_alg = {
|
||||
@@ -1399,7 +1410,8 @@ static const struct signature_alg sha256_alg = {
|
||||
0,
|
||||
EVP_sha256,
|
||||
evp_md_verify_signature,
|
||||
evp_md_create_signature
|
||||
evp_md_create_signature,
|
||||
0
|
||||
};
|
||||
|
||||
static const struct signature_alg sha1_alg = {
|
||||
@@ -1412,7 +1424,8 @@ static const struct signature_alg sha1_alg = {
|
||||
0,
|
||||
EVP_sha1,
|
||||
evp_md_verify_signature,
|
||||
evp_md_create_signature
|
||||
evp_md_create_signature,
|
||||
0
|
||||
};
|
||||
|
||||
static const struct signature_alg md5_alg = {
|
||||
@@ -1425,7 +1438,8 @@ static const struct signature_alg md5_alg = {
|
||||
0,
|
||||
EVP_md5,
|
||||
evp_md_verify_signature,
|
||||
NULL
|
||||
NULL,
|
||||
0
|
||||
};
|
||||
|
||||
/*
|
||||
@@ -1748,7 +1762,7 @@ hx509_private_key_private_decrypt(hx509_context context,
|
||||
"Failed to decrypt using private key: %d", ret);
|
||||
return HX509_CRYPTO_RSA_PRIVATE_DECRYPT;
|
||||
}
|
||||
if (cleartext->length < ret)
|
||||
if (cleartext->length < (size_t)ret)
|
||||
_hx509_abort("internal rsa decryption failure: ret > tosize");
|
||||
|
||||
cleartext->length = ret;
|
||||
@@ -2339,7 +2353,7 @@ static const struct hx509cipher ciphers[] = {
|
||||
static const struct hx509cipher *
|
||||
find_cipher_by_oid(const heim_oid *oid)
|
||||
{
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
for (i = 0; i < sizeof(ciphers)/sizeof(ciphers[0]); i++)
|
||||
if (der_heim_oid_cmp(oid, ciphers[i].oid) == 0)
|
||||
@@ -2351,7 +2365,7 @@ find_cipher_by_oid(const heim_oid *oid)
|
||||
static const struct hx509cipher *
|
||||
find_cipher_by_name(const char *name)
|
||||
{
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
for (i = 0; i < sizeof(ciphers)/sizeof(ciphers[0]); i++)
|
||||
if (strcasecmp(name, ciphers[i].name) == 0)
|
||||
@@ -2461,7 +2475,7 @@ hx509_crypto_set_padding(hx509_crypto crypto, int padding_type)
|
||||
int
|
||||
hx509_crypto_set_key_data(hx509_crypto crypto, const void *data, size_t length)
|
||||
{
|
||||
if (EVP_CIPHER_key_length(crypto->c) > length)
|
||||
if (EVP_CIPHER_key_length(crypto->c) > (int)length)
|
||||
return HX509_CRYPTO_INTERNAL_ERROR;
|
||||
|
||||
if (crypto->key.data) {
|
||||
@@ -2558,7 +2572,7 @@ hx509_crypto_encrypt(hx509_crypto crypto,
|
||||
(crypto->flags & ALLOW_WEAK) == 0)
|
||||
return HX509_CRYPTO_ALGORITHM_BEST_BEFORE;
|
||||
|
||||
assert(EVP_CIPHER_iv_length(crypto->c) == ivec->length);
|
||||
assert(EVP_CIPHER_iv_length(crypto->c) == (int)ivec->length);
|
||||
|
||||
EVP_CIPHER_CTX_init(&evp);
|
||||
|
||||
@@ -2598,7 +2612,7 @@ hx509_crypto_encrypt(hx509_crypto crypto,
|
||||
|
||||
memcpy((*ciphertext)->data, data, length);
|
||||
if (padsize) {
|
||||
int i;
|
||||
size_t i;
|
||||
unsigned char *p = (*ciphertext)->data;
|
||||
p += length;
|
||||
for (i = 0; i < padsize; i++)
|
||||
@@ -2647,7 +2661,7 @@ hx509_crypto_decrypt(hx509_crypto crypto,
|
||||
(crypto->flags & ALLOW_WEAK) == 0)
|
||||
return HX509_CRYPTO_ALGORITHM_BEST_BEFORE;
|
||||
|
||||
if (ivec && EVP_CIPHER_iv_length(crypto->c) < ivec->length)
|
||||
if (ivec && EVP_CIPHER_iv_length(crypto->c) < (int)ivec->length)
|
||||
return HX509_CRYPTO_INTERNAL_ERROR;
|
||||
|
||||
if (crypto->key.data == NULL)
|
||||
@@ -2683,7 +2697,7 @@ hx509_crypto_decrypt(hx509_crypto crypto,
|
||||
unsigned char *p;
|
||||
int j, bsize = EVP_CIPHER_block_size(crypto->c);
|
||||
|
||||
if (clear->length < bsize) {
|
||||
if ((int)clear->length < bsize) {
|
||||
ret = HX509_CMS_PADDING_ERROR;
|
||||
goto out;
|
||||
}
|
||||
@@ -2854,7 +2868,8 @@ _hx509_pbe_decrypt(hx509_context context,
|
||||
const EVP_CIPHER *c;
|
||||
const EVP_MD *md;
|
||||
PBE_string2key_func s2k;
|
||||
int i, ret = 0;
|
||||
int ret = 0;
|
||||
size_t i;
|
||||
|
||||
memset(&key, 0, sizeof(key));
|
||||
memset(&iv, 0, sizeof(iv));
|
||||
|
||||
@@ -45,9 +45,9 @@ static int version_flag;
|
||||
static int help_flag;
|
||||
|
||||
struct getargs args[] = {
|
||||
{ "statistic-file", 0, arg_string, &stat_file_string },
|
||||
{ "version", 0, arg_flag, &version_flag },
|
||||
{ "help", 0, arg_flag, &help_flag }
|
||||
{ "statistic-file", 0, arg_string, &stat_file_string, NULL, NULL },
|
||||
{ "version", 0, arg_flag, &version_flag, NULL, NULL },
|
||||
{ "help", 0, arg_flag, &help_flag, NULL, NULL }
|
||||
};
|
||||
int num_args = sizeof(args) / sizeof(args[0]);
|
||||
|
||||
@@ -80,15 +80,15 @@ lock_strings(hx509_lock lock, getarg_strings *pass)
|
||||
*/
|
||||
|
||||
static void
|
||||
certs_strings(hx509_context context, const char *type, hx509_certs certs,
|
||||
certs_strings(hx509_context contextp, const char *type, hx509_certs certs,
|
||||
hx509_lock lock, const getarg_strings *s)
|
||||
{
|
||||
int i, ret;
|
||||
|
||||
for (i = 0; i < s->num_strings; i++) {
|
||||
ret = hx509_certs_append(context, certs, lock, s->strings[i]);
|
||||
ret = hx509_certs_append(contextp, certs, lock, s->strings[i]);
|
||||
if (ret)
|
||||
hx509_err(context, 1, ret,
|
||||
hx509_err(contextp, 1, ret,
|
||||
"hx509_certs_append: %s %s", type, s->strings[i]);
|
||||
}
|
||||
}
|
||||
@@ -114,16 +114,16 @@ parse_oid(const char *str, const heim_oid *def, heim_oid *oid)
|
||||
*/
|
||||
|
||||
static void
|
||||
peer_strings(hx509_context context,
|
||||
peer_strings(hx509_context contextp,
|
||||
hx509_peer_info *peer,
|
||||
const getarg_strings *s)
|
||||
{
|
||||
AlgorithmIdentifier *val;
|
||||
int ret, i;
|
||||
|
||||
ret = hx509_peer_info_alloc(context, peer);
|
||||
ret = hx509_peer_info_alloc(contextp, peer);
|
||||
if (ret)
|
||||
hx509_err(context, 1, ret, "hx509_peer_info_alloc");
|
||||
hx509_err(contextp, 1, ret, "hx509_peer_info_alloc");
|
||||
|
||||
val = calloc(s->num_strings, sizeof(*val));
|
||||
if (val == NULL)
|
||||
@@ -132,9 +132,9 @@ peer_strings(hx509_context context,
|
||||
for (i = 0; i < s->num_strings; i++)
|
||||
parse_oid(s->strings[i], NULL, &val[i].algorithm);
|
||||
|
||||
ret = hx509_peer_info_set_cms_algs(context, *peer, val, s->num_strings);
|
||||
ret = hx509_peer_info_set_cms_algs(contextp, *peer, val, s->num_strings);
|
||||
if (ret)
|
||||
hx509_err(context, 1, ret, "hx509_peer_info_set_cms_algs");
|
||||
hx509_err(contextp, 1, ret, "hx509_peer_info_set_cms_algs");
|
||||
|
||||
for (i = 0; i < s->num_strings; i++)
|
||||
free_AlgorithmIdentifier(&val[i]);
|
||||
@@ -151,7 +151,7 @@ struct pem_data {
|
||||
};
|
||||
|
||||
static int
|
||||
pem_reader(hx509_context context, const char *type,
|
||||
pem_reader(hx509_context contextp, const char *type,
|
||||
const hx509_pem_header *headers,
|
||||
const void *data , size_t length, void *ctx)
|
||||
{
|
||||
@@ -211,22 +211,22 @@ cms_verify_sd(struct cms_verify_sd_options *opt, int argc, char **argv)
|
||||
certs_strings(context, "store", store, lock, &opt->certificate_strings);
|
||||
|
||||
if (opt->pem_flag) {
|
||||
struct pem_data p;
|
||||
struct pem_data pd;
|
||||
FILE *f;
|
||||
|
||||
p.os = &co;
|
||||
p.detached_data = 0;
|
||||
pd.os = &co;
|
||||
pd.detached_data = 0;
|
||||
|
||||
f = fopen(argv[0], "r");
|
||||
if (f == NULL)
|
||||
err(1, "Failed to open file %s", argv[0]);
|
||||
|
||||
ret = hx509_pem_read(context, f, pem_reader, &p);
|
||||
ret = hx509_pem_read(context, f, pem_reader, &pd);
|
||||
fclose(f);
|
||||
if (ret)
|
||||
errx(1, "PEM reader failed: %d", ret);
|
||||
|
||||
if (p.detached_data && opt->signed_content_string == NULL) {
|
||||
if (pd.detached_data && opt->signed_content_string == NULL) {
|
||||
char *r = strrchr(argv[0], '.');
|
||||
if (r && strcasecmp(r, ".pem") == 0) {
|
||||
char *s = strdup(argv[0]);
|
||||
@@ -331,7 +331,7 @@ cms_verify_sd(struct cms_verify_sd_options *opt, int argc, char **argv)
|
||||
}
|
||||
|
||||
static int
|
||||
print_signer(hx509_context context, void *ctx, hx509_cert cert)
|
||||
print_signer(hx509_context contextp, void *ctx, hx509_cert cert)
|
||||
{
|
||||
hx509_pem_header **header = ctx;
|
||||
char *signer_name = NULL;
|
||||
@@ -801,10 +801,10 @@ certificate_copy(struct certificate_copy_options *opt, int argc, char **argv)
|
||||
hx509_err(context, 1, ret, "hx509_certs_init");
|
||||
|
||||
while(argc-- > 1) {
|
||||
int ret;
|
||||
ret = hx509_certs_append(context, certs, inlock, argv[0]);
|
||||
if (ret)
|
||||
hx509_err(context, 1, ret, "hx509_certs_append");
|
||||
int retx;
|
||||
retx = hx509_certs_append(context, certs, inlock, argv[0]);
|
||||
if (retx)
|
||||
hx509_err(context, 1, retx, "hx509_certs_append");
|
||||
argv++;
|
||||
}
|
||||
|
||||
@@ -1534,7 +1534,7 @@ hxtool_hex(struct hex_options *opt, int argc, char **argv)
|
||||
len = hex_decode(p, buf2, strlen(p));
|
||||
if (len < 0)
|
||||
errx(1, "hex_decode failed");
|
||||
if (fwrite(buf2, 1, len, stdout) != len)
|
||||
if (fwrite(buf2, 1, len, stdout) != (size_t)len)
|
||||
errx(1, "fwrite failed");
|
||||
}
|
||||
} else {
|
||||
@@ -1558,38 +1558,38 @@ struct cert_type_opt {
|
||||
|
||||
|
||||
static int
|
||||
https_server(hx509_context context, hx509_ca_tbs tbs, struct cert_type_opt *opt)
|
||||
https_server(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt)
|
||||
{
|
||||
return hx509_ca_tbs_add_eku(context, tbs, &asn1_oid_id_pkix_kp_serverAuth);
|
||||
return hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkix_kp_serverAuth);
|
||||
}
|
||||
|
||||
static int
|
||||
https_client(hx509_context context, hx509_ca_tbs tbs, struct cert_type_opt *opt)
|
||||
https_client(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt)
|
||||
{
|
||||
return hx509_ca_tbs_add_eku(context, tbs, &asn1_oid_id_pkix_kp_clientAuth);
|
||||
return hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkix_kp_clientAuth);
|
||||
}
|
||||
|
||||
static int
|
||||
peap_server(hx509_context context, hx509_ca_tbs tbs, struct cert_type_opt *opt)
|
||||
peap_server(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt)
|
||||
{
|
||||
return hx509_ca_tbs_add_eku(context, tbs, &asn1_oid_id_pkix_kp_serverAuth);
|
||||
return hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkix_kp_serverAuth);
|
||||
}
|
||||
|
||||
static int
|
||||
pkinit_kdc(hx509_context context, hx509_ca_tbs tbs, struct cert_type_opt *opt)
|
||||
pkinit_kdc(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt)
|
||||
{
|
||||
opt->pkinit++;
|
||||
return hx509_ca_tbs_add_eku(context, tbs, &asn1_oid_id_pkkdcekuoid);
|
||||
return hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkkdcekuoid);
|
||||
}
|
||||
|
||||
static int
|
||||
pkinit_client(hx509_context context, hx509_ca_tbs tbs, struct cert_type_opt *opt)
|
||||
pkinit_client(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt)
|
||||
{
|
||||
int ret;
|
||||
|
||||
opt->pkinit++;
|
||||
|
||||
ret = hx509_ca_tbs_add_eku(context, tbs, &asn1_oid_id_pkekuoid);
|
||||
ret = hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkekuoid);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
@@ -1601,9 +1601,9 @@ pkinit_client(hx509_context context, hx509_ca_tbs tbs, struct cert_type_opt *opt
|
||||
}
|
||||
|
||||
static int
|
||||
email_client(hx509_context context, hx509_ca_tbs tbs, struct cert_type_opt *opt)
|
||||
email_client(hx509_context contextp, hx509_ca_tbs tbs, struct cert_type_opt *opt)
|
||||
{
|
||||
return hx509_ca_tbs_add_eku(context, tbs, &asn1_oid_id_pkix_kp_emailProtection);
|
||||
return hx509_ca_tbs_add_eku(contextp, tbs, &asn1_oid_id_pkix_kp_emailProtection);
|
||||
}
|
||||
|
||||
struct {
|
||||
@@ -1663,12 +1663,13 @@ print_eval_types(FILE *out)
|
||||
}
|
||||
|
||||
static int
|
||||
eval_types(hx509_context context,
|
||||
eval_types(hx509_context contextp,
|
||||
hx509_ca_tbs tbs,
|
||||
const struct certificate_sign_options *opt)
|
||||
{
|
||||
struct cert_type_opt ctopt;
|
||||
unsigned i, j;
|
||||
int i;
|
||||
size_t j;
|
||||
int ret;
|
||||
|
||||
memset(&ctopt, 0, sizeof(ctopt));
|
||||
@@ -1678,9 +1679,9 @@ eval_types(hx509_context context,
|
||||
|
||||
for (j = 0; j < sizeof(certtypes)/sizeof(certtypes[0]); j++) {
|
||||
if (strcasecmp(type, certtypes[j].type) == 0) {
|
||||
ret = (*certtypes[j].eval)(context, tbs, &ctopt);
|
||||
ret = (*certtypes[j].eval)(contextp, tbs, &ctopt);
|
||||
if (ret)
|
||||
hx509_err(context, 1, ret,
|
||||
hx509_err(contextp, 1, ret,
|
||||
"Failed to evaluate cert type %s", type);
|
||||
break;
|
||||
}
|
||||
@@ -1697,47 +1698,47 @@ eval_types(hx509_context context,
|
||||
if (!ctopt.pkinit)
|
||||
errx(1, "pk-init principal given but no pk-init oid");
|
||||
|
||||
ret = hx509_ca_tbs_add_san_pkinit(context, tbs,
|
||||
ret = hx509_ca_tbs_add_san_pkinit(contextp, tbs,
|
||||
opt->pk_init_principal_string);
|
||||
if (ret)
|
||||
hx509_err(context, 1, ret, "hx509_ca_tbs_add_san_pkinit");
|
||||
hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_san_pkinit");
|
||||
}
|
||||
|
||||
if (opt->ms_upn_string) {
|
||||
if (!ctopt.pkinit)
|
||||
errx(1, "MS upn given but no pk-init oid");
|
||||
|
||||
ret = hx509_ca_tbs_add_san_ms_upn(context, tbs, opt->ms_upn_string);
|
||||
ret = hx509_ca_tbs_add_san_ms_upn(contextp, tbs, opt->ms_upn_string);
|
||||
if (ret)
|
||||
hx509_err(context, 1, ret, "hx509_ca_tbs_add_san_ms_upn");
|
||||
hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_san_ms_upn");
|
||||
}
|
||||
|
||||
|
||||
for (i = 0; i < opt->hostname_strings.num_strings; i++) {
|
||||
const char *hostname = opt->hostname_strings.strings[i];
|
||||
|
||||
ret = hx509_ca_tbs_add_san_hostname(context, tbs, hostname);
|
||||
ret = hx509_ca_tbs_add_san_hostname(contextp, tbs, hostname);
|
||||
if (ret)
|
||||
hx509_err(context, 1, ret, "hx509_ca_tbs_add_san_hostname");
|
||||
hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_san_hostname");
|
||||
}
|
||||
|
||||
for (i = 0; i < opt->email_strings.num_strings; i++) {
|
||||
const char *email = opt->email_strings.strings[i];
|
||||
|
||||
ret = hx509_ca_tbs_add_san_rfc822name(context, tbs, email);
|
||||
ret = hx509_ca_tbs_add_san_rfc822name(contextp, tbs, email);
|
||||
if (ret)
|
||||
hx509_err(context, 1, ret, "hx509_ca_tbs_add_san_hostname");
|
||||
hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_san_hostname");
|
||||
|
||||
ret = hx509_ca_tbs_add_eku(context, tbs,
|
||||
ret = hx509_ca_tbs_add_eku(contextp, tbs,
|
||||
&asn1_oid_id_pkix_kp_emailProtection);
|
||||
if (ret)
|
||||
hx509_err(context, 1, ret, "hx509_ca_tbs_add_eku");
|
||||
hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_eku");
|
||||
}
|
||||
|
||||
if (opt->jid_string) {
|
||||
ret = hx509_ca_tbs_add_san_jid(context, tbs, opt->jid_string);
|
||||
ret = hx509_ca_tbs_add_san_jid(contextp, tbs, opt->jid_string);
|
||||
if (ret)
|
||||
hx509_err(context, 1, ret, "hx509_ca_tbs_add_san_jid");
|
||||
hx509_err(contextp, 1, ret, "hx509_ca_tbs_add_san_jid");
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
||||
@@ -202,16 +202,12 @@ dir_iter_end(hx509_context context,
|
||||
|
||||
|
||||
static struct hx509_keyset_ops keyset_dir = {
|
||||
"DIR",
|
||||
0,
|
||||
dir_init,
|
||||
NULL,
|
||||
dir_free,
|
||||
NULL,
|
||||
NULL,
|
||||
dir_iter_start,
|
||||
dir_iter,
|
||||
dir_iter_end
|
||||
.name = "DIR",
|
||||
.init = dir_init,
|
||||
.free = dir_free,
|
||||
.iter_start = dir_iter_start,
|
||||
.iter = dir_iter,
|
||||
.iter_end = dir_iter_end,
|
||||
};
|
||||
|
||||
void
|
||||
|
||||
@@ -177,7 +177,8 @@ parse_pem_private_key(hx509_context context, const char *fn,
|
||||
const EVP_CIPHER *cipher;
|
||||
const struct _hx509_password *pw;
|
||||
hx509_lock lock;
|
||||
int i, decrypted = 0;
|
||||
int decrypted = 0;
|
||||
size_t i;
|
||||
|
||||
lock = _hx509_collector_get_lock(c);
|
||||
if (lock == NULL) {
|
||||
@@ -329,7 +330,8 @@ pem_func(hx509_context context, const char *type,
|
||||
const void *data, size_t len, void *ctx)
|
||||
{
|
||||
struct pem_ctx *pem_ctx = (struct pem_ctx*)ctx;
|
||||
int ret = 0, j;
|
||||
int ret = 0;
|
||||
size_t j;
|
||||
|
||||
for (j = 0; j < sizeof(formats)/sizeof(formats[0]); j++) {
|
||||
const char *q = formats[j].name;
|
||||
@@ -436,7 +438,7 @@ file_init_common(hx509_context context,
|
||||
else if (ret == HX509_PARSING_KEY_FAILED) {
|
||||
size_t length;
|
||||
void *ptr;
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
ret = rk_undumpdata(p, &ptr, &length);
|
||||
if (ret) {
|
||||
|
||||
@@ -152,7 +152,7 @@ p11_rsa_private_encrypt(int flen,
|
||||
}
|
||||
|
||||
ret = P11FUNC(p11rsa->p, Sign,
|
||||
(session, (CK_BYTE *)from, flen, to, &ck_sigsize));
|
||||
(session, (CK_BYTE *)(intptr_t)from, flen, to, &ck_sigsize));
|
||||
p11_put_session(p11rsa->p, p11rsa->slot, session);
|
||||
if (ret != CKR_OK)
|
||||
return -1;
|
||||
@@ -190,7 +190,7 @@ p11_rsa_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
|
||||
}
|
||||
|
||||
ret = P11FUNC(p11rsa->p, Decrypt,
|
||||
(session, (CK_BYTE *)from, flen, to, &ck_sigsize));
|
||||
(session, (CK_BYTE *)(intptr_t)from, flen, to, &ck_sigsize));
|
||||
p11_put_session(p11rsa->p, p11rsa->slot, session);
|
||||
if (ret != CKR_OK)
|
||||
return -1;
|
||||
@@ -878,7 +878,8 @@ p11_init(hx509_context context,
|
||||
|
||||
{
|
||||
CK_SLOT_ID_PTR slot_ids;
|
||||
int i, num_tokens = 0;
|
||||
int num_tokens = 0;
|
||||
size_t i;
|
||||
|
||||
slot_ids = malloc(p->num_slots * sizeof(*slot_ids));
|
||||
if (slot_ids == NULL) {
|
||||
@@ -933,7 +934,7 @@ p11_init(hx509_context context,
|
||||
static void
|
||||
p11_release_module(struct p11_module *p)
|
||||
{
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
if (p->ref == 0)
|
||||
_hx509_abort("pkcs11 ref to low");
|
||||
@@ -957,7 +958,7 @@ p11_release_module(struct p11_module *p)
|
||||
free(p->slot[i].mechs.list);
|
||||
|
||||
if (p->slot[i].mechs.infos) {
|
||||
int j;
|
||||
size_t j;
|
||||
|
||||
for (j = 0 ; j < p->slot[i].mechs.num ; j++)
|
||||
free(p->slot[i].mechs.infos[j]);
|
||||
@@ -981,7 +982,7 @@ static int
|
||||
p11_free(hx509_certs certs, void *data)
|
||||
{
|
||||
struct p11_module *p = data;
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
for (i = 0; i < p->num_slots; i++) {
|
||||
if (p->slot[i].certs)
|
||||
@@ -1002,7 +1003,8 @@ p11_iter_start(hx509_context context,
|
||||
{
|
||||
struct p11_module *p = data;
|
||||
struct p11_cursor *c;
|
||||
int ret, i;
|
||||
int ret;
|
||||
size_t i;
|
||||
|
||||
c = malloc(sizeof(*c));
|
||||
if (c == NULL) {
|
||||
@@ -1103,7 +1105,7 @@ p11_printinfo(hx509_context context,
|
||||
void *ctx)
|
||||
{
|
||||
struct p11_module *p = data;
|
||||
int i, j;
|
||||
size_t i, j;
|
||||
|
||||
_hx509_pi_printf(func, ctx, "pkcs11 driver with %d slot%s",
|
||||
p->num_slots, p->num_slots > 1 ? "s" : "");
|
||||
|
||||
@@ -56,7 +56,7 @@ parse_pkcs12_type(hx509_context, struct hx509_collector *, const heim_oid *,
|
||||
static const PKCS12_Attribute *
|
||||
find_attribute(const PKCS12_Attributes *attrs, const heim_oid *oid)
|
||||
{
|
||||
int i;
|
||||
size_t i;
|
||||
if (attrs == NULL)
|
||||
return NULL;
|
||||
for (i = 0; i < attrs->len; i++)
|
||||
@@ -168,7 +168,7 @@ certBag_parser(hx509_context context,
|
||||
const heim_oid *oids[] = {
|
||||
&asn1_oid_id_pkcs_9_at_localKeyId, &asn1_oid_id_pkcs_9_at_friendlyName
|
||||
};
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
for (i = 0; i < sizeof(oids)/sizeof(oids[0]); i++) {
|
||||
const heim_oid *oid = oids[i];
|
||||
@@ -190,7 +190,8 @@ parse_safe_content(hx509_context context,
|
||||
const unsigned char *p, size_t len)
|
||||
{
|
||||
PKCS12_SafeContents sc;
|
||||
int ret, i;
|
||||
int ret;
|
||||
size_t i;
|
||||
|
||||
memset(&sc, 0, sizeof(sc));
|
||||
|
||||
@@ -310,7 +311,7 @@ parse_pkcs12_type(hx509_context context,
|
||||
const void *data, size_t length,
|
||||
const PKCS12_Attributes *attrs)
|
||||
{
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
for (i = 0; i < sizeof(bagtypes)/sizeof(bagtypes[0]); i++)
|
||||
if (der_heim_oid_cmp(bagtypes[i].oid, oid) == 0)
|
||||
@@ -327,7 +328,8 @@ p12_init(hx509_context context,
|
||||
void *buf;
|
||||
PKCS12_PFX pfx;
|
||||
PKCS12_AuthenticatedSafe as;
|
||||
int ret, i;
|
||||
int ret;
|
||||
size_t i;
|
||||
struct hx509_collector *c;
|
||||
|
||||
*data = NULL;
|
||||
|
||||
@@ -121,7 +121,7 @@ _hx509_lock_unlock_certs(hx509_lock lock)
|
||||
void
|
||||
hx509_lock_reset_passwords(hx509_lock lock)
|
||||
{
|
||||
int i;
|
||||
size_t i;
|
||||
for (i = 0; i < lock->password.len; i++)
|
||||
free(lock->password.val[i]);
|
||||
free(lock->password.val);
|
||||
|
||||
@@ -66,17 +66,17 @@ static const struct {
|
||||
const heim_oid *o;
|
||||
wind_profile_flags flags;
|
||||
} no[] = {
|
||||
{ "C", &asn1_oid_id_at_countryName },
|
||||
{ "CN", &asn1_oid_id_at_commonName },
|
||||
{ "DC", &asn1_oid_id_domainComponent },
|
||||
{ "L", &asn1_oid_id_at_localityName },
|
||||
{ "O", &asn1_oid_id_at_organizationName },
|
||||
{ "OU", &asn1_oid_id_at_organizationalUnitName },
|
||||
{ "S", &asn1_oid_id_at_stateOrProvinceName },
|
||||
{ "STREET", &asn1_oid_id_at_streetAddress },
|
||||
{ "UID", &asn1_oid_id_Userid },
|
||||
{ "emailAddress", &asn1_oid_id_pkcs9_emailAddress },
|
||||
{ "serialNumber", &asn1_oid_id_at_serialNumber }
|
||||
{ "C", &asn1_oid_id_at_countryName, 0 },
|
||||
{ "CN", &asn1_oid_id_at_commonName, 0 },
|
||||
{ "DC", &asn1_oid_id_domainComponent, 0 },
|
||||
{ "L", &asn1_oid_id_at_localityName, 0 },
|
||||
{ "O", &asn1_oid_id_at_organizationName, 0 },
|
||||
{ "OU", &asn1_oid_id_at_organizationalUnitName, 0 },
|
||||
{ "S", &asn1_oid_id_at_stateOrProvinceName, 0 },
|
||||
{ "STREET", &asn1_oid_id_at_streetAddress, 0 },
|
||||
{ "UID", &asn1_oid_id_Userid, 0 },
|
||||
{ "emailAddress", &asn1_oid_id_pkcs9_emailAddress, 0 },
|
||||
{ "serialNumber", &asn1_oid_id_at_serialNumber, 0 }
|
||||
};
|
||||
|
||||
static char *
|
||||
@@ -159,7 +159,8 @@ oidtostring(const heim_oid *type)
|
||||
static int
|
||||
stringtooid(const char *name, size_t len, heim_oid *oid)
|
||||
{
|
||||
int i, ret;
|
||||
int ret;
|
||||
size_t i;
|
||||
char *s;
|
||||
|
||||
memset(oid, 0, sizeof(*oid));
|
||||
@@ -200,14 +201,16 @@ int
|
||||
_hx509_Name_to_string(const Name *n, char **str)
|
||||
{
|
||||
size_t total_len = 0;
|
||||
int i, j, ret;
|
||||
size_t i, j, m;
|
||||
int ret;
|
||||
|
||||
*str = strdup("");
|
||||
if (*str == NULL)
|
||||
return ENOMEM;
|
||||
|
||||
for (i = n->u.rdnSequence.len - 1 ; i >= 0 ; i--) {
|
||||
for (m = n->u.rdnSequence.len; m > 0; m--) {
|
||||
size_t len;
|
||||
i = m - 1;
|
||||
|
||||
for (j = 0; j < n->u.rdnSequence.val[i].len; j++) {
|
||||
DirectoryString *ds = &n->u.rdnSequence.val[i].val[j].value;
|
||||
@@ -438,7 +441,8 @@ _hx509_name_ds_cmp(const DirectoryString *ds1,
|
||||
int
|
||||
_hx509_name_cmp(const Name *n1, const Name *n2, int *c)
|
||||
{
|
||||
int ret, i, j;
|
||||
int ret;
|
||||
size_t i, j;
|
||||
|
||||
*c = n1->u.rdnSequence.len - n2->u.rdnSequence.len;
|
||||
if (*c)
|
||||
@@ -610,7 +614,7 @@ hx509_parse_name(hx509_context context, const char *str, hx509_name *name)
|
||||
goto out;
|
||||
}
|
||||
|
||||
if ((q - p) > len) {
|
||||
if ((size_t)(q - p) > len) {
|
||||
ret = HX509_PARSING_NAME_FAILED;
|
||||
hx509_set_error_string(context, 0, ret, " = after , in %s", p);
|
||||
goto out;
|
||||
@@ -727,7 +731,7 @@ hx509_name_expand(hx509_context context,
|
||||
hx509_env env)
|
||||
{
|
||||
Name *n = &name->der_name;
|
||||
int i, j;
|
||||
size_t i, j;
|
||||
|
||||
if (env == NULL)
|
||||
return 0;
|
||||
|
||||
@@ -163,7 +163,7 @@ void
|
||||
hx509_bitstring_print(const heim_bit_string *b,
|
||||
hx509_vprint_func func, void *ctx)
|
||||
{
|
||||
int i;
|
||||
size_t i;
|
||||
print_func(func, ctx, "\tlength: %d\n\t", b->length);
|
||||
for (i = 0; i < (b->length + 7) / 8; i++)
|
||||
print_func(func, ctx, "%02x%s%s",
|
||||
@@ -481,7 +481,8 @@ check_CRLDistributionPoints(hx509_validate_ctx ctx,
|
||||
{
|
||||
CRLDistributionPoints dp;
|
||||
size_t size;
|
||||
int ret, i;
|
||||
int ret;
|
||||
size_t i;
|
||||
|
||||
check_Null(ctx, status, cf, e);
|
||||
|
||||
@@ -499,7 +500,7 @@ check_CRLDistributionPoints(hx509_validate_ctx ctx,
|
||||
if (dp.val[i].distributionPoint) {
|
||||
DistributionPointName dpname;
|
||||
heim_any *data = dp.val[i].distributionPoint;
|
||||
int j;
|
||||
size_t j;
|
||||
|
||||
ret = decode_DistributionPointName(data->data, data->length,
|
||||
&dpname, NULL);
|
||||
@@ -565,7 +566,8 @@ check_altName(hx509_validate_ctx ctx,
|
||||
{
|
||||
GeneralNames gn;
|
||||
size_t size;
|
||||
int ret, i;
|
||||
int ret;
|
||||
size_t i;
|
||||
|
||||
check_Null(ctx, status, cf, e);
|
||||
|
||||
@@ -717,7 +719,8 @@ check_authorityInfoAccess(hx509_validate_ctx ctx,
|
||||
{
|
||||
AuthorityInfoAccessSyntax aia;
|
||||
size_t size;
|
||||
int ret, i;
|
||||
int ret;
|
||||
size_t i;
|
||||
|
||||
check_Null(ctx, status, cf, e);
|
||||
|
||||
@@ -773,7 +776,7 @@ struct {
|
||||
{ ext(certificateIssuer, Null), M_C },
|
||||
{ ext(nameConstraints, Null), M_C },
|
||||
{ ext(cRLDistributionPoints, CRLDistributionPoints), S_N_C },
|
||||
{ ext(certificatePolicies, Null) },
|
||||
{ ext(certificatePolicies, Null), 0 },
|
||||
{ ext(policyMappings, Null), M_N_C },
|
||||
{ ext(authorityKeyIdentifier, authorityKeyIdentifier), M_N_C },
|
||||
{ ext(policyConstraints, Null), D_C },
|
||||
@@ -789,7 +792,7 @@ struct {
|
||||
check_Null, D_C },
|
||||
{ "Netscape cert comment", &asn1_oid_id_netscape_cert_comment,
|
||||
check_Null, D_C },
|
||||
{ NULL }
|
||||
{ NULL, NULL, NULL, 0 }
|
||||
};
|
||||
|
||||
/**
|
||||
@@ -936,7 +939,7 @@ hx509_validate_cert(hx509_context context,
|
||||
free(str);
|
||||
|
||||
if (t->extensions) {
|
||||
int i, j;
|
||||
size_t i, j;
|
||||
|
||||
if (t->extensions->len == 0) {
|
||||
validate_print(ctx,
|
||||
|
||||
@@ -349,7 +349,7 @@ load_ocsp(hx509_context context, struct revoke_ocsp *ocsp)
|
||||
}
|
||||
|
||||
if (basic.certs) {
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
ret = hx509_certs_init(context, "MEMORY:ocsp-certs", 0,
|
||||
NULL, &certs);
|
||||
@@ -760,8 +760,7 @@ hx509_revoke_verify(hx509_context context,
|
||||
if (ocsp->ocsp.tbsResponseData.responses.val[j].nextUpdate) {
|
||||
if (*ocsp->ocsp.tbsResponseData.responses.val[j].nextUpdate < now)
|
||||
continue;
|
||||
} else
|
||||
/* Should force a refetch, but can we ? */;
|
||||
} /* else should force a refetch, but can we ? */
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -1076,7 +1075,8 @@ int
|
||||
hx509_revoke_ocsp_print(hx509_context context, const char *path, FILE *out)
|
||||
{
|
||||
struct revoke_ocsp ocsp;
|
||||
int ret, i;
|
||||
int ret;
|
||||
size_t i;
|
||||
|
||||
if (out == NULL)
|
||||
out = stdout;
|
||||
@@ -1141,7 +1141,7 @@ hx509_revoke_ocsp_print(hx509_context context, const char *path, FILE *out)
|
||||
status = "element unknown";
|
||||
}
|
||||
|
||||
fprintf(out, "\t%d. status: %s\n", i, status);
|
||||
fprintf(out, "\t%zu. status: %s\n", i, status);
|
||||
|
||||
fprintf(out, "\tthisUpdate: %s\n",
|
||||
printable_time(ocsp.ocsp.tbsResponseData.responses.val[i].thisUpdate));
|
||||
@@ -1188,7 +1188,8 @@ hx509_ocsp_verify(hx509_context context,
|
||||
{
|
||||
const Certificate *c = _hx509_get_cert(cert);
|
||||
OCSPBasicOCSPResponse basic;
|
||||
int ret, i;
|
||||
int ret;
|
||||
size_t i;
|
||||
|
||||
if (now == 0)
|
||||
now = time(NULL);
|
||||
|
||||
@@ -223,7 +223,7 @@ _hx509_expr_parse(const char *buf)
|
||||
}
|
||||
|
||||
void
|
||||
_hx509_sel_yyerror (char *s)
|
||||
_hx509_sel_yyerror (const char *s)
|
||||
{
|
||||
if (_hx509_expr_input.error)
|
||||
free(_hx509_expr_input.error);
|
||||
|
||||
@@ -78,5 +78,5 @@ extern struct hx_expr_input _hx509_expr_input;
|
||||
|
||||
int _hx509_sel_yyparse(void);
|
||||
int _hx509_sel_yylex(void);
|
||||
void _hx509_sel_yyerror(char *);
|
||||
void _hx509_sel_yyerror(const char *);
|
||||
|
||||
|
||||
@@ -140,9 +140,9 @@ snprintf_fill(char *str, size_t size, char fillchar, const char *fmt, ...)
|
||||
va_start(ap, fmt);
|
||||
len = vsnprintf(str, size, fmt, ap);
|
||||
va_end(ap);
|
||||
if (len < 0 || len > size)
|
||||
if (len < 0 || (size_t)len > size)
|
||||
return;
|
||||
while(len < size)
|
||||
while ((size_t)len < size)
|
||||
str[len++] = fillchar;
|
||||
}
|
||||
|
||||
@@ -152,9 +152,9 @@ snprintf_fill(char *str, size_t size, char fillchar, const char *fmt, ...)
|
||||
|
||||
#define VERIFY_SESSION_HANDLE(s, state) \
|
||||
{ \
|
||||
CK_RV ret; \
|
||||
ret = verify_session_handle(s, state); \
|
||||
if (ret != CKR_OK) { \
|
||||
CK_RV xret; \
|
||||
xret = verify_session_handle(s, state); \
|
||||
if (xret != CKR_OK) { \
|
||||
/* return CKR_OK */; \
|
||||
} \
|
||||
}
|
||||
@@ -163,7 +163,7 @@ static CK_RV
|
||||
verify_session_handle(CK_SESSION_HANDLE hSession,
|
||||
struct session_state **state)
|
||||
{
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
for (i = 0; i < MAX_NUM_SESSION; i++){
|
||||
if (soft_token.state[i].session_handle == hSession)
|
||||
@@ -421,6 +421,7 @@ struct foo {
|
||||
static int
|
||||
add_cert(hx509_context hxctx, void *ctx, hx509_cert cert)
|
||||
{
|
||||
static char empty[] = "";
|
||||
struct foo *foo = (struct foo *)ctx;
|
||||
struct st_object *o = NULL;
|
||||
CK_OBJECT_CLASS type;
|
||||
@@ -520,8 +521,8 @@ add_cert(hx509_context hxctx, void *ctx, hx509_cert cert)
|
||||
|
||||
add_object_attribute(o, 0, CKA_KEY_TYPE, &key_type, sizeof(key_type));
|
||||
add_object_attribute(o, 0, CKA_ID, foo->id, strlen(foo->id));
|
||||
add_object_attribute(o, 0, CKA_START_DATE, "", 1); /* XXX */
|
||||
add_object_attribute(o, 0, CKA_END_DATE, "", 1); /* XXX */
|
||||
add_object_attribute(o, 0, CKA_START_DATE, empty, 1); /* XXX */
|
||||
add_object_attribute(o, 0, CKA_END_DATE, empty, 1); /* XXX */
|
||||
add_object_attribute(o, 0, CKA_DERIVE, &bool_false, sizeof(bool_false));
|
||||
add_object_attribute(o, 0, CKA_LOCAL, &bool_false, sizeof(bool_false));
|
||||
mech_type = CKM_RSA_X_509;
|
||||
@@ -557,8 +558,8 @@ add_cert(hx509_context hxctx, void *ctx, hx509_cert cert)
|
||||
|
||||
add_object_attribute(o, 0, CKA_KEY_TYPE, &key_type, sizeof(key_type));
|
||||
add_object_attribute(o, 0, CKA_ID, foo->id, strlen(foo->id));
|
||||
add_object_attribute(o, 0, CKA_START_DATE, "", 1); /* XXX */
|
||||
add_object_attribute(o, 0, CKA_END_DATE, "", 1); /* XXX */
|
||||
add_object_attribute(o, 0, CKA_START_DATE, empty, 1); /* XXX */
|
||||
add_object_attribute(o, 0, CKA_END_DATE, empty, 1); /* XXX */
|
||||
add_object_attribute(o, 0, CKA_DERIVE, &bool_false, sizeof(bool_false));
|
||||
add_object_attribute(o, 0, CKA_LOCAL, &bool_false, sizeof(bool_false));
|
||||
mech_type = CKM_RSA_X_509;
|
||||
@@ -859,7 +860,7 @@ C_Initialize(CK_VOID_PTR a)
|
||||
{
|
||||
CK_C_INITIALIZE_ARGS_PTR args = a;
|
||||
CK_RV ret;
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
st_logf("Initialize\n");
|
||||
|
||||
@@ -916,7 +917,7 @@ C_Initialize(CK_VOID_PTR a)
|
||||
CK_RV
|
||||
C_Finalize(CK_VOID_PTR args)
|
||||
{
|
||||
int i;
|
||||
size_t i;
|
||||
|
||||
INIT_CONTEXT();
|
||||
|
||||
@@ -1112,7 +1113,7 @@ C_OpenSession(CK_SLOT_ID slotID,
|
||||
CK_NOTIFY Notify,
|
||||
CK_SESSION_HANDLE_PTR phSession)
|
||||
{
|
||||
int i;
|
||||
size_t i;
|
||||
INIT_CONTEXT();
|
||||
st_logf("OpenSession: slot: %d\n", (int)slotID);
|
||||
|
||||
@@ -1155,7 +1156,7 @@ C_CloseSession(CK_SESSION_HANDLE hSession)
|
||||
CK_RV
|
||||
C_CloseAllSessions(CK_SLOT_ID slotID)
|
||||
{
|
||||
int i;
|
||||
size_t i;
|
||||
INIT_CONTEXT();
|
||||
|
||||
st_logf("CloseAllSessions\n");
|
||||
@@ -1429,7 +1430,7 @@ commonInit(CK_ATTRIBUTE *attr_match, int attr_match_len,
|
||||
|
||||
|
||||
static CK_RV
|
||||
dup_mechanism(CK_MECHANISM_PTR *dup, const CK_MECHANISM_PTR pMechanism)
|
||||
dup_mechanism(CK_MECHANISM_PTR *dp, const CK_MECHANISM_PTR pMechanism)
|
||||
{
|
||||
CK_MECHANISM_PTR p;
|
||||
|
||||
@@ -1437,9 +1438,9 @@ dup_mechanism(CK_MECHANISM_PTR *dup, const CK_MECHANISM_PTR pMechanism)
|
||||
if (p == NULL)
|
||||
return CKR_DEVICE_MEMORY;
|
||||
|
||||
if (*dup)
|
||||
free(*dup);
|
||||
*dup = p;
|
||||
if (*dp)
|
||||
free(*dp);
|
||||
*dp = p;
|
||||
memcpy(p, pMechanism, sizeof(*p));
|
||||
|
||||
return CKR_OK;
|
||||
|
||||
Reference in New Issue
Block a user