From 6c61726b2af78a1985178d31e551351231b54b10 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 27 Apr 2005 16:27:14 +0000 Subject: [PATCH] Lots of Win32 fixes for DTLS. 1. "unsigned long long" isn't portable changed: to BN_ULLONG. 2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used. 2. Avoid lots of compiler warnings about signed/unsigned mismatches. 3. Include new library directory pqueue in mk1mf build system. 4. Update symbols. --- apps/s_client.c | 4 +-- crypto/bio/bss_dgram.c | 19 ++++++++----- crypto/pqueue/pqueue.c | 7 ++--- crypto/pqueue/pqueue.h | 6 ++--- ssl/d1_both.c | 14 +++++----- ssl/d1_pkt.c | 60 +++++++++++++++++++++--------------------- ssl/dtls1.h | 6 ++--- ssl/s3_srvr.c | 2 +- ssl/ssl3.h | 2 +- ssl/ssl_locl.h | 12 ++++----- util/libeay.num | 12 +++++++++ util/mkdef.pl | 1 + util/mkfiles.pl | 1 + 13 files changed, 83 insertions(+), 63 deletions(-) diff --git a/apps/s_client.c b/apps/s_client.c index d468778cd1..eaa9269610 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -275,7 +275,7 @@ int MAIN(int argc, char **argv) #endif struct sockaddr peer; - socklen_t peerlen = sizeof(peer); + int peerlen = sizeof(peer); int enable_timeouts = 0 ; long mtu = 0; @@ -643,7 +643,7 @@ re_start: struct timeval timeout; sbio=BIO_new_dgram(s,BIO_NOCLOSE); - if (getsockname(s, &peer, &peerlen) < 0) + if (getsockname(s, &peer, (void *)&peerlen) < 0) { BIO_printf(bio_err, "getsockname:errno=%d\n", get_last_socket_error()); diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c index fa6d27adc7..a0cb29b3dc 100644 --- a/crypto/bio/bss_dgram.c +++ b/crypto/bio/bss_dgram.c @@ -64,8 +64,6 @@ #define USE_SOCKETS #include "cryptlib.h" -#include - #include #define IP_MTU 14 /* linux is lame */ @@ -174,13 +172,18 @@ static int dgram_read(BIO *b, char *out, int outl) bio_dgram_data *data = (bio_dgram_data *)b->ptr; struct sockaddr peer; - socklen_t peerlen = sizeof(peer); + int peerlen = sizeof(peer); if (out != NULL) { clear_socket_error(); memset(&peer, 0x00, peerlen); - ret=recvfrom(b->num,out,outl,0,&peer,&peerlen); + /* Last arg in recvfrom is signed on some platforms and + * unsigned on others. It is of type socklen_t on some + * but this is not universal. Cast to (void *) to avoid + * compiler warnings. + */ + ret=recvfrom(b->num,out,outl,0,&peer,(void *)&peerlen); if ( ! data->connected && ret > 0) BIO_ctrl(b, BIO_CTRL_DGRAM_CONNECT, 0, &peer); @@ -303,7 +306,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) #endif case BIO_CTRL_DGRAM_QUERY_MTU: sockopt_len = sizeof(sockopt_val); - if ((ret = getsockopt(b->num, IPPROTO_IP, IP_MTU, &sockopt_val, + if ((ret = getsockopt(b->num, IPPROTO_IP, IP_MTU, (void *)&sockopt_val, &sockopt_len)) < 0 || sockopt_val < 0) { ret = 0; } else @@ -345,7 +348,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) break; case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT: if ( getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, - ptr, (socklen_t *)&ret) < 0) + ptr, (void *)&ret) < 0) { perror("getsockopt"); ret = -1; } break; case BIO_CTRL_DGRAM_SET_SEND_TIMEOUT: @@ -355,7 +358,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) break; case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT: if ( getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, - ptr, (socklen_t *)&ret) < 0) + ptr, (void *)&ret) < 0) { perror("getsockopt"); ret = -1; } break; case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP: @@ -369,6 +372,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) else ret = 0; break; +#ifdef EMSGSIZE case BIO_CTRL_DGRAM_MTU_EXCEEDED: if ( data->_errno == EMSGSIZE) { @@ -378,6 +382,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr) else ret = 0; break; +#endif default: ret=0; break; diff --git a/crypto/pqueue/pqueue.c b/crypto/pqueue/pqueue.c index 4cd9987919..f4fa37fe64 100644 --- a/crypto/pqueue/pqueue.c +++ b/crypto/pqueue/pqueue.c @@ -57,8 +57,9 @@ * */ +#include "cryptlib.h" +#include #include "pqueue.h" -#include "crypto.h" typedef struct _pqueue { @@ -67,7 +68,7 @@ typedef struct _pqueue } pqueue_s; pitem * -pitem_new(unsigned long long priority, void *data) +pitem_new(BN_ULLONG priority, void *data) { pitem *item = (pitem *) OPENSSL_malloc(sizeof(pitem)); if (item == NULL) return NULL; @@ -160,7 +161,7 @@ pqueue_pop(pqueue_s *pq) } pitem * -pqueue_find(pqueue_s *pq, unsigned long long priority) +pqueue_find(pqueue_s *pq, BN_ULLONG priority) { pitem *next, *prev = NULL; pitem *found = NULL; diff --git a/crypto/pqueue/pqueue.h b/crypto/pqueue/pqueue.h index 22459508a9..2ac31e21f0 100644 --- a/crypto/pqueue/pqueue.h +++ b/crypto/pqueue/pqueue.h @@ -68,14 +68,14 @@ typedef struct _pqueue *pqueue; typedef struct _pitem { - unsigned long long priority; + BN_ULLONG priority; void *data; struct _pitem *next; } pitem; typedef struct _pitem *piterator; -pitem *pitem_new(unsigned long long priority, void *data); +pitem *pitem_new(BN_ULLONG priority, void *data); void pitem_free(pitem *item); pqueue pqueue_new(void); @@ -84,7 +84,7 @@ void pqueue_free(pqueue pq); pitem *pqueue_insert(pqueue pq, pitem *item); pitem *pqueue_peek(pqueue pq); pitem *pqueue_pop(pqueue pq); -pitem *pqueue_find(pqueue pq, unsigned long long priority); +pitem *pqueue_find(pqueue pq, BN_ULLONG priority); pitem *pqueue_iterator(pqueue pq); pitem *pqueue_next(piterator *iter); diff --git a/ssl/d1_both.c b/ssl/d1_both.c index 40d71e29d2..6b8dd8080e 100644 --- a/ssl/d1_both.c +++ b/ssl/d1_both.c @@ -222,7 +222,7 @@ int dtls1_do_write(SSL *s, int type) if ( s->init_off == 0 && type == SSL3_RT_HANDSHAKE) OPENSSL_assert(s->init_num == - s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH); + (int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH); frag_off = 0; while( s->init_num) @@ -289,7 +289,7 @@ int dtls1_do_write(SSL *s, int type) /* bad if this assert fails, only part of the handshake * message got sent. but why would this happen? */ - OPENSSL_assert(len == ret); + OPENSSL_assert(len == (unsigned int)ret); if (type == SSL3_RT_HANDSHAKE && ! s->d1->retransmitting) /* should not be done for 'Hello Request's, but in that case @@ -360,7 +360,7 @@ long dtls1_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok) else if ( i <= 0 && !*ok) return i; - if (s->d1->r_msg_hdr.msg_len == s->init_num - DTLS1_HM_HEADER_LENGTH) + if (s->d1->r_msg_hdr.msg_len == (unsigned int)s->init_num - DTLS1_HM_HEADER_LENGTH) { memset(&(s->d1->r_msg_hdr), 0x00, sizeof(struct hm_header_st)); @@ -413,7 +413,7 @@ dtls1_retrieve_buffered_fragment(SSL *s, unsigned long *copied) frag = (hm_fragment *)item->data; if ( s->d1->handshake_read_seq == frag->msg_header.seq && - frag->msg_header.frag_off <= s->init_num - DTLS1_HM_HEADER_LENGTH) + frag->msg_header.frag_off <= (unsigned int)s->init_num - DTLS1_HM_HEADER_LENGTH) { pqueue_pop(s->d1->buffered_messages); overlap = s->init_num - DTLS1_HM_HEADER_LENGTH @@ -685,7 +685,7 @@ dtls1_get_message_fragment(SSL *s, int st1, int stn, long max, int *ok) /* XDTLS: an incorrectly formatted fragment should cause the * handshake to fail */ - OPENSSL_assert(i == frag_len); + OPENSSL_assert(i == (int)frag_len); #if 0 /* Successfully read a fragment. @@ -1049,12 +1049,12 @@ dtls1_buffer_message(SSL *s, int is_ccs) if ( is_ccs) { OPENSSL_assert(s->d1->w_msg_hdr.msg_len + - DTLS1_CCS_HEADER_LENGTH == s->init_num); + DTLS1_CCS_HEADER_LENGTH == (unsigned int)s->init_num); } else { OPENSSL_assert(s->d1->w_msg_hdr.msg_len + - DTLS1_HM_HEADER_LENGTH == s->init_num); + DTLS1_HM_HEADER_LENGTH == (unsigned int)s->init_num); } frag->msg_header.msg_len = s->d1->w_msg_hdr.msg_len; diff --git a/ssl/d1_pkt.c b/ssl/d1_pkt.c index af71e38954..09f1626313 100644 --- a/ssl/d1_pkt.c +++ b/ssl/d1_pkt.c @@ -124,7 +124,7 @@ static int have_handshake_fragment(SSL *s, int type, unsigned char *buf, int len, int peek); static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap, - unsigned long long *seq_num); + BN_ULLONG *seq_num); static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap); static DTLS1_BITMAP *dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch); @@ -133,10 +133,10 @@ static int dtls1_record_needs_buffering(SSL *s, SSL3_RECORD *rr, unsigned short *priority, unsigned long *offset); #endif static int dtls1_buffer_record(SSL *s, record_pqueue *q, - unsigned long long priority); + BN_ULLONG priority); static int dtls1_process_record(SSL *s); -static unsigned long long bytes_to_long_long(unsigned char *bytes); -static void long_long_to_bytes(unsigned long long num, unsigned char *bytes); +static BN_ULLONG bytes_to_long_long(unsigned char *bytes); +static void long_long_to_bytes(BN_ULLONG num, unsigned char *bytes); static void dtls1_clear_timeouts(SSL *s); @@ -161,7 +161,7 @@ dtls1_copy_record(SSL *s, pitem *item) static int -dtls1_buffer_record(SSL *s, record_pqueue *queue, unsigned long long priority) +dtls1_buffer_record(SSL *s, record_pqueue *queue, BN_ULLONG priority) { DTLS1_RECORD_DATA *rdata; pitem *item; @@ -275,9 +275,9 @@ static int dtls1_get_buffered_record(SSL *s) { pitem *item; - unsigned long long priority = - (((unsigned long long)s->d1->handshake_read_seq) << 32) | - ((unsigned long long)s->d1->r_msg_hdr.frag_off); + BN_ULLONG priority = + (((BN_ULLONG)s->d1->handshake_read_seq) << 32) | + ((BN_ULLONG)s->d1->r_msg_hdr.frag_off); if ( ! SSL_in_init(s)) /* if we're not (re)negotiating, nothing buffered */ @@ -482,7 +482,7 @@ int dtls1_get_record(SSL *s) unsigned char *p; short version; DTLS1_BITMAP *bitmap; - unsigned long long read_sequence; + BN_ULLONG read_sequence; unsigned int is_next_epoch; rr= &(s->s3->rrec); @@ -1243,7 +1243,7 @@ int dtls1_write_bytes(SSL *s, int type, const void *buf_, int len) return i; } - if ( s->s3->wnum + i == len) + if ( (int)s->s3->wnum + i == len) s->s3->wnum = 0; else s->s3->wnum += i; @@ -1419,7 +1419,7 @@ int do_dtls1_write(SSL *s, int type, const unsigned char *buf, unsigned int len, /* buffer the record, making it easy to handle retransmits */ if ( type == SSL3_RT_HANDSHAKE || type == SSL3_RT_CHANGE_CIPHER_SPEC) dtls1_buffer_record(s, wr->data, wr->length, - *((unsigned long long *)&(s->s3->write_sequence[0]))); + *((BN_ULLONG *)&(s->s3->write_sequence[0]))); #endif ssl3_record_sequence_update(&(s->s3->write_sequence[0])); @@ -1451,10 +1451,10 @@ err: static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap, - unsigned long long *seq_num) + BN_ULLONG *seq_num) { - unsigned long long mask = 0x0000000000000001LL; - unsigned long long rcd_num; + BN_ULLONG mask = 0x0000000000000001L; + BN_ULLONG rcd_num; rcd_num = bytes_to_long_long(s->s3->read_sequence); @@ -1479,17 +1479,17 @@ static int dtls1_record_replay_check(SSL *s, DTLS1_BITMAP *bitmap, static void dtls1_record_bitmap_update(SSL *s, DTLS1_BITMAP *bitmap) { unsigned int shift; - unsigned long long mask = 0x0000000000000001L; - unsigned long long rcd_num; + BN_ULLONG mask = 0x0000000000000001L; + BN_ULLONG rcd_num; rcd_num = bytes_to_long_long(s->s3->read_sequence); if (rcd_num >= bitmap->max_seq_num) { - shift = rcd_num - bitmap->max_seq_num + 1; + shift = (unsigned int)(rcd_num - bitmap->max_seq_num) + 1; bitmap->max_seq_num = rcd_num + 1; bitmap->map <<= shift; - bitmap->map |= 0x0000000000000001LL; + bitmap->map |= 0x0000000000000001L; } else { @@ -1570,7 +1570,7 @@ dtls1_get_bitmap(SSL *s, SSL3_RECORD *rr, unsigned int *is_next_epoch) return &s->d1->bitmap; /* Only HM and ALERT messages can be from the next epoch */ - else if (rr->epoch == s->d1->r_epoch + 1 && + else if (rr->epoch == (unsigned long)(s->d1->r_epoch + 1) && (rr->type == SSL3_RT_HANDSHAKE || rr->type == SSL3_RT_ALERT)) { @@ -1669,25 +1669,25 @@ dtls1_reset_seq_numbers(SSL *s, int rw) } -static unsigned long long +static BN_ULLONG bytes_to_long_long(unsigned char *bytes) { - unsigned long long num; + BN_ULLONG num; - num = (((unsigned long long)bytes[0]) << 56) | - (((unsigned long long)bytes[1]) << 48) | - (((unsigned long long)bytes[2]) << 40) | - (((unsigned long long)bytes[3]) << 32) | - (((unsigned long long)bytes[4]) << 24) | - (((unsigned long long)bytes[5]) << 16) | - (((unsigned long long)bytes[6]) << 8) | - (((unsigned long long)bytes[7]) ); + num = (((BN_ULLONG)bytes[0]) << 56) | + (((BN_ULLONG)bytes[1]) << 48) | + (((BN_ULLONG)bytes[2]) << 40) | + (((BN_ULLONG)bytes[3]) << 32) | + (((BN_ULLONG)bytes[4]) << 24) | + (((BN_ULLONG)bytes[5]) << 16) | + (((BN_ULLONG)bytes[6]) << 8) | + (((BN_ULLONG)bytes[7]) ); return num; } static void -long_long_to_bytes(unsigned long long num, unsigned char *bytes) +long_long_to_bytes(BN_ULLONG num, unsigned char *bytes) { bytes[0] = (unsigned char)((num >> 56)&0xff); bytes[1] = (unsigned char)((num >> 48)&0xff); diff --git a/ssl/dtls1.h b/ssl/dtls1.h index 4543ef75bb..5ec13720cd 100644 --- a/ssl/dtls1.h +++ b/ssl/dtls1.h @@ -90,9 +90,9 @@ extern "C" { typedef struct dtls1_bitmap_st { - unsigned long long map; + BN_ULLONG map; unsigned long length; /* sizeof the bitmap in bits */ - unsigned long long max_seq_num; /* max record number seen so far */ + BN_ULLONG max_seq_num; /* max record number seen so far */ } DTLS1_BITMAP; struct hm_header_st @@ -163,7 +163,7 @@ typedef struct dtls1_state_st unsigned short handshake_read_seq; /* only matters for handshake messages */ - unsigned long long next_expected_seq_num; + BN_ULLONG next_expected_seq_num; /* Received handshake records (processed and unprocessed) */ record_pqueue unprocessed_rcds; diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index db6986877f..b9ff6319a8 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -677,7 +677,7 @@ int ssl3_check_client_hello(SSL *s) int ssl3_get_client_hello(SSL *s) { int i,j,ok,al,ret= -1; - int cookie_len; + unsigned int cookie_len; long n; unsigned long id; unsigned char *p,*d,*q; diff --git a/ssl/ssl3.h b/ssl/ssl3.h index 437e3b62b2..162bc79e04 100644 --- a/ssl/ssl3.h +++ b/ssl/ssl3.h @@ -295,7 +295,7 @@ typedef struct ssl3_record_st /*rw*/ unsigned char *input; /* where the decode bytes are */ /*r */ unsigned char *comp; /* only used with decompression - malloc()ed */ /*r */ unsigned long epoch; /* epoch number, needed by DTLS1 */ -/*r */ unsigned long long seq_num; /* sequence number, needed by DTLS1 */ +/*r */ BN_ULLONG seq_num; /* sequence number, needed by DTLS1 */ } SSL3_RECORD; typedef struct ssl3_buffer_st diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 054d8b2b8d..54b34d48ac 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -183,12 +183,12 @@ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ *((c)++)=(unsigned char)(((l) )&0xff)) -#define n2l6(c,l) (l =((unsigned long long)(*((c)++)))<<40, \ - l|=((unsigned long long)(*((c)++)))<<32, \ - l|=((unsigned long long)(*((c)++)))<<24, \ - l|=((unsigned long long)(*((c)++)))<<16, \ - l|=((unsigned long long)(*((c)++)))<< 8, \ - l|=((unsigned long long)(*((c)++)))) +#define n2l6(c,l) (l =((BN_ULLONG)(*((c)++)))<<40, \ + l|=((BN_ULLONG)(*((c)++)))<<32, \ + l|=((BN_ULLONG)(*((c)++)))<<24, \ + l|=((BN_ULLONG)(*((c)++)))<<16, \ + l|=((BN_ULLONG)(*((c)++)))<< 8, \ + l|=((BN_ULLONG)(*((c)++)))) /* NOTE - c is not incremented as per l2c */ #define l2cn(l1,l2,c,n) { \ diff --git a/util/libeay.num b/util/libeay.num index b9485abf4f..559ca3085c 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -3313,3 +3313,15 @@ BN_BLINDING_set_flags 3712 EXIST::FUNCTION: BN_BLINDING_invert_ex 3713 EXIST::FUNCTION: BN_BLINDING_get_thread_id 3714 EXIST::FUNCTION: BN_BLINDING_get_flags 3715 EXIST::FUNCTION: +pitem_new 3716 EXIST::FUNCTION: +pqueue_iterator 3717 EXIST::FUNCTION: +pqueue_print 3718 EXIST::FUNCTION: +pqueue_find 3719 EXIST::FUNCTION: +pqueue_peek 3720 EXIST::FUNCTION: +pqueue_pop 3721 EXIST::FUNCTION: +BN_MONT_CTX_set_locked 3722 EXIST::FUNCTION: +pqueue_free 3723 EXIST::FUNCTION: +pqueue_next 3724 EXIST::FUNCTION: +pqueue_new 3725 EXIST::FUNCTION: +pqueue_insert 3726 EXIST::FUNCTION: +pitem_free 3727 EXIST::FUNCTION: diff --git a/util/mkdef.pl b/util/mkdef.pl index d026361632..fa5848ace6 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -277,6 +277,7 @@ $crypto.=" crypto/ui/ui.h crypto/ui/ui_compat.h"; $crypto.=" crypto/krb5/krb5_asn.h"; $crypto.=" crypto/tmdiff.h"; $crypto.=" crypto/store/store.h"; +$crypto.=" crypto/pqueue/pqueue.h"; my $symhacks="crypto/symhacks.h"; diff --git a/util/mkfiles.pl b/util/mkfiles.pl index f0daaecde7..cb0e282fa8 100755 --- a/util/mkfiles.pl +++ b/util/mkfiles.pl @@ -54,6 +54,7 @@ my @dirs = ( "crypto/ui", "crypto/krb5", "crypto/store", +"crypto/pqueue", "ssl", "apps", "engines",