diff --git a/ctaocrypt/benchmark/benchmark.c b/ctaocrypt/benchmark/benchmark.c index c344868b3..d7ef9200d 100644 --- a/ctaocrypt/benchmark/benchmark.c +++ b/ctaocrypt/benchmark/benchmark.c @@ -421,12 +421,12 @@ void bench_rsa(void) word32 idx = 0; byte message[] = "Everyone gets Friday off."; - byte cipher[512]; /* for up to 4096 bit */ + byte enc[512]; /* for up to 4096 bit */ byte* output; const int len = (int)strlen((char*)message); double start, total, each, milliEach; - RsaKey key; + RsaKey rsaKey; FILE* file = fopen("./certs/rsa2048.der", "rb"); if (!file) { @@ -437,13 +437,13 @@ void bench_rsa(void) InitRng(&rng); bytes = fread(tmp, 1, sizeof(tmp), file); - InitRsaKey(&key, 0); - bytes = RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes); + InitRsaKey(&rsaKey, 0); + bytes = RsaPrivateKeyDecode(tmp, &idx, &rsaKey, (word32)bytes); start = current_time(); for (i = 0; i < times; i++) - bytes = RsaPublicEncrypt(message,len,cipher,sizeof(cipher), &key, &rng); + bytes = RsaPublicEncrypt(message,len,enc,sizeof(enc), &rsaKey, &rng); total = current_time() - start; each = total / times; /* per second */ @@ -455,7 +455,7 @@ void bench_rsa(void) start = current_time(); for (i = 0; i < times; i++) - RsaPrivateDecryptInline(cipher, (word32)bytes, &output, &key); + RsaPrivateDecryptInline(enc, (word32)bytes, &output, &rsaKey); total = current_time() - start; each = total / times; /* per second */ @@ -465,7 +465,7 @@ void bench_rsa(void) " iterations\n", milliEach, times); fclose(file); - FreeRsaKey(&key); + FreeRsaKey(&rsaKey); } @@ -484,7 +484,7 @@ void bench_dh(void) byte agree[256]; /* for 2048 bit */ double start, total, each, milliEach; - DhKey key; + DhKey dhKey; FILE* file = fopen("./certs/dh2048.der", "rb"); if (!file) { @@ -494,13 +494,13 @@ void bench_dh(void) } bytes = fread(tmp, 1, sizeof(tmp), file); - InitDhKey(&key); - bytes = DhKeyDecode(tmp, &idx, &key, (word32)bytes); + InitDhKey(&dhKey); + bytes = DhKeyDecode(tmp, &idx, &dhKey, (word32)bytes); start = current_time(); for (i = 0; i < times; i++) - DhGenerateKeyPair(&key, &rng, priv, &privSz, pub, &pubSz); + DhGenerateKeyPair(&dhKey, &rng, priv, &privSz, pub, &pubSz); total = current_time() - start; each = total / times; /* per second */ @@ -509,11 +509,11 @@ void bench_dh(void) printf("DH 2048 key generation %6.2f milliseconds, avg over %d" " iterations\n", milliEach, times); - DhGenerateKeyPair(&key, &rng, priv2, &privSz2, pub2, &pubSz2); + DhGenerateKeyPair(&dhKey, &rng, priv2, &privSz2, pub2, &pubSz2); start = current_time(); for (i = 0; i < times; i++) - DhAgree(&key, agree, &agreeSz, priv, privSz, pub2, pubSz2); + DhAgree(&dhKey, agree, &agreeSz, priv, privSz, pub2, pubSz2); total = current_time() - start; each = total / times; /* per second */ @@ -523,7 +523,7 @@ void bench_dh(void) " iterations\n", milliEach, times); fclose(file); - FreeDhKey(&key); + FreeDhKey(&dhKey); } #endif diff --git a/ctaocrypt/test/test.c b/ctaocrypt/test/test.c index ce1d6c6f4..66598f93e 100644 --- a/ctaocrypt/test/test.c +++ b/ctaocrypt/test/test.c @@ -83,8 +83,8 @@ typedef struct testVector { - char* input; - char* output; + const char* input; + const char* output; size_t inLen; size_t outLen; } testVector; diff --git a/cyassl/test.h b/cyassl/test.h index 7302d63d5..c1d51e00a 100644 --- a/cyassl/test.h +++ b/cyassl/test.h @@ -160,7 +160,7 @@ static INLINE void err_sys(const char* msg) extern int myoptind; extern char* myoptarg; -static INLINE int mygetopt(int argc, char** argv, char* optstring) +static INLINE int mygetopt(int argc, char** argv, const char* optstring) { static char* next = NULL; @@ -238,7 +238,6 @@ static INLINE int PasswordCallBack(char* passwd, int sz, int rw, void* userdata) static INLINE void showPeer(CYASSL* ssl) { - (void)ssl; #ifdef OPENSSL_EXTRA CYASSL_CIPHER* cipher; @@ -300,7 +299,7 @@ static INLINE void showPeer(CYASSL* ssl) } } #endif - + (void)ssl; } @@ -432,9 +431,9 @@ static INLINE int udp_read_connect(SOCKET_T sockfd) static INLINE void udp_accept(SOCKET_T* sockfd, int* clientfd, func_args* args) { - (void)args; SOCKADDR_IN_T addr; + (void)args; tcp_socket(sockfd, &addr, yasslIP, yasslPort, 1); diff --git a/examples/client/client.c b/examples/client/client.c index d74d82672..ad4b3782f 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -116,7 +116,7 @@ void client_test(void* args) int port = yasslPort; char* host = (char*)yasslIP; - char* domain = "www.yassl.com"; + char* domain = (char*)"www.yassl.com"; int ch; int version = CLIENT_DEFAULT_VERSION; diff --git a/examples/echoclient/echoclient.c b/examples/echoclient/echoclient.c index ff61635ab..1b26571e0 100644 --- a/examples/echoclient/echoclient.c +++ b/examples/echoclient/echoclient.c @@ -38,7 +38,7 @@ void echoclient_test(void* args) int inCreated = 0; int outCreated = 0; - char send[1024]; + char msg[1024]; char reply[1024]; SSL_METHOD* method = 0; @@ -109,19 +109,19 @@ void echoclient_test(void* args) #endif if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed"); - while (fgets(send, sizeof(send), fin)) { + while (fgets(msg, sizeof(msg), fin)) { - sendSz = (int)strlen(send); + sendSz = (int)strlen(msg); - if (SSL_write(ssl, send, sendSz) != sendSz) + if (SSL_write(ssl, msg, sendSz) != sendSz) err_sys("SSL_write failed"); - if (strncmp(send, "quit", 4) == 0) { + if (strncmp(msg, "quit", 4) == 0) { fputs("sending server shutdown command: quit!\n", fout); break; } - if (strncmp(send, "break", 5) == 0) { + if (strncmp(msg, "break", 5) == 0) { fputs("sending server session close: break!\n", fout); break; } @@ -139,10 +139,10 @@ void echoclient_test(void* args) } #ifdef CYASSL_DTLS - strncpy(send, "break", 6); - sendSz = (int)strlen(send); + strncpy(msg, "break", 6); + sendSz = (int)strlen(msg); /* try to tell server done */ - SSL_write(ssl, send, sendSz); + SSL_write(ssl, msg, sendSz); #else SSL_shutdown(ssl); #endif diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c index 49dd7f266..9731832f9 100644 --- a/examples/echoserver/echoserver.c +++ b/examples/echoserver/echoserver.c @@ -40,7 +40,6 @@ static void SignalReady(void* args) { - (void)args; #if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) /* signal ready to tcp_accept */ func_args* server_args = (func_args*)args; @@ -50,6 +49,7 @@ static void SignalReady(void* args) pthread_cond_signal(&ready->cond); pthread_mutex_unlock(&ready->mutex); #endif + (void)args; } @@ -61,13 +61,10 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) int doDTLS = 0; int outCreated = 0; - (void)outCreated; - int shutdown = 0; + int shutDown = 0; int useAnyAddr = 0; int argc = ((func_args*)args)->argc; - (void)argc; char** argv = ((func_args*)args)->argv; - (void)argv; #ifdef ECHO_OUT FILE* fout = stdout; @@ -77,6 +74,9 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) } if (!fout) err_sys("can't open output file"); #endif + (void)outCreated; + (void)argc; + (void)argv; ((func_args*)args)->return_code = -1; /* error state */ @@ -112,7 +112,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) != SSL_SUCCESS) err_sys("can't load ntru key file, " "Please run from CyaSSL home dir"); - #elif HAVE_ECC + #elif defined(HAVE_ECC) /* ecc */ if (CyaSSL_CTX_use_certificate_file(ctx, eccCert, SSL_FILETYPE_PEM) != SSL_SUCCESS) @@ -147,7 +147,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) SignalReady(args); - while (!shutdown) { + while (!shutDown) { CYASSL* ssl = 0; char command[1024]; int echoSz = 0; @@ -199,7 +199,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) if ( strncmp(command, "quit", 4) == 0) { printf("client sent quit command: shutting down!\n"); - shutdown = 1; + shutDown = 1; break; } if ( strncmp(command, "break", 5) == 0) { diff --git a/m4/ax_harden_compiler_flags.m4 b/m4/ax_harden_compiler_flags.m4 index b24217f2d..383f1a3f3 100644 --- a/m4/ax_harden_compiler_flags.m4 +++ b/m4/ax_harden_compiler_flags.m4 @@ -52,6 +52,7 @@ # AX_APPEND_COMPILE_FLAGS([-Wstack-protector]) -- Issues on 32bit compile # AX_APPEND_COMPILE_FLAGS([-fstack-protector-all]) -- Issues on 32bit compile # AX_APPEND_COMPILE_FLAGS([-Wlong-long]) -- Don't turn on for compatibility issues memcached_stat_st +# AX_APPEND_COMPILE_FLAGS([-Wold-style-definition]) -- Mixed with -Werror either before or after is a problem because tests use main() instead of main(void) #serial 2 AC_DEFUN([AX_HARDEN_LINKER_FLAGS], [ @@ -75,23 +76,45 @@ AX_APPEND_COMPILE_FLAGS([-O2]) ]) - AX_APPEND_COMPILE_FLAGS([-Wall]) - AX_APPEND_COMPILE_FLAGS([-Wextra]) - AX_APPEND_COMPILE_FLAGS([-std=c99]) - AX_APPEND_COMPILE_FLAGS([-Wbad-function-cast]) - AX_APPEND_COMPILE_FLAGS([-Wmissing-prototypes]) - AX_APPEND_COMPILE_FLAGS([-Wnested-externs]) - AX_APPEND_COMPILE_FLAGS([-Wold-style-definition]) - AX_APPEND_COMPILE_FLAGS([-Woverride-init]) - AX_APPEND_COMPILE_FLAGS([-Wstrict-prototypes]) - AX_APPEND_COMPILE_FLAGS([-Wlogical-op]) - ac_cv_warnings_as_errors=no AS_IF([test "$ac_cv_vcs_checkout" = yes], [ AX_APPEND_COMPILE_FLAGS([-Werror]) ac_cv_warnings_as_errors=yes ]) + AX_APPEND_COMPILE_FLAGS([-Wall]) + AX_APPEND_COMPILE_FLAGS([-Wextra]) + AX_APPEND_COMPILE_FLAGS([-std=c99]) + AX_APPEND_COMPILE_FLAGS([-Wbad-function-cast]) + AX_APPEND_COMPILE_FLAGS([-Wmissing-prototypes]) + AX_APPEND_COMPILE_FLAGS([-Wnested-externs]) + AX_APPEND_COMPILE_FLAGS([-Woverride-init]) + AX_APPEND_COMPILE_FLAGS([-Wstrict-prototypes]) + AX_APPEND_COMPILE_FLAGS([-Wlogical-op]) + AX_APPEND_COMPILE_FLAGS([-Wno-strict-aliasing]) + AX_APPEND_COMPILE_FLAGS([-Wfloat-equal]) + AX_APPEND_COMPILE_FLAGS([-Wundef]) + AX_APPEND_COMPILE_FLAGS([-Wpointer-arith]) + AX_APPEND_COMPILE_FLAGS([-Wwrite-strings]) + AX_APPEND_COMPILE_FLAGS([-Wredundant-decls]) + AX_APPEND_COMPILE_FLAGS([-Wchar-subscripts]) + AX_APPEND_COMPILE_FLAGS([-Wcomment]) + AX_APPEND_COMPILE_FLAGS([-Wformat=2]) + AX_APPEND_COMPILE_FLAGS([-Wmissing-declarations]) + AX_APPEND_COMPILE_FLAGS([-Wswitch-enum]) + AX_APPEND_COMPILE_FLAGS([-Winit-self]) + AX_APPEND_COMPILE_FLAGS([-Wmissing-field-initializers]) + AX_APPEND_COMPILE_FLAGS([-Wdeclaration-after-statement]) + AX_APPEND_COMPILE_FLAGS([-Waddress]) + AX_APPEND_COMPILE_FLAGS([-Wmissing-noreturn]) + AX_APPEND_COMPILE_FLAGS([-Wnormalized=id]) + AX_APPEND_COMPILE_FLAGS([-Wstrict-overflow=1]) + AX_APPEND_COMPILE_FLAGS([-Wformat]) + AX_APPEND_COMPILE_FLAGS([-Wformat-security]) + AX_APPEND_COMPILE_FLAGS([-Wpointer-sign]) + AX_APPEND_COMPILE_FLAGS([-Wshadow]) + AX_APPEND_COMPILE_FLAGS([-Wswitch-default]) + AX_APPEND_COMPILE_FLAGS([-Warray-bounds]) AC_LANG_POP ]) diff --git a/tests/api.c b/tests/api.c index d476d06c5..647b86c1c 100644 --- a/tests/api.c +++ b/tests/api.c @@ -58,8 +58,8 @@ void test_client_nofail(void*); #endif static const char* bogusFile = "/dev/null"; -static const char* testingFmt = " %s:"; -static const char* resultFmt = " %s\n"; +#define testingFmt " %s:" +#define resultFmt " %s\n" static const char* passed = "passed"; static const char* failed = "failed"; @@ -661,8 +661,8 @@ void test_client_nofail(void* args) int msgSz = strlen(msg); int argc = ((func_args*)args)->argc; - (void)argc; char** argv = ((func_args*)args)->argv; + (void)argc; (void)argv; ((func_args*)args)->return_code = TEST_FAIL; diff --git a/tests/hash.c b/tests/hash.c index b3a6cc962..9c12dff9f 100644 --- a/tests/hash.c +++ b/tests/hash.c @@ -36,8 +36,8 @@ #include typedef struct testVector { - char* input; - char* output; + const char* input; + const char* output; size_t inLen; size_t outLen; } testVector; diff --git a/tests/suites.c b/tests/suites.c index 6702a3de9..a60eae971 100644 --- a/tests/suites.c +++ b/tests/suites.c @@ -96,7 +96,7 @@ static void test_harness(void* vargs) int cliArgsSz; char* cursor; char* comment; - char* fname = "tests/test.conf"; + const char* fname = "tests/test.conf"; if (args->argc == 1) { diff --git a/tests/unit.c b/tests/unit.c index f84fc1dc5..c53be3997 100644 --- a/tests/unit.c +++ b/tests/unit.c @@ -9,10 +9,10 @@ char* myoptarg = NULL; int main(int argc, char** argv) { - (void)argc; - (void)argv; int ret; + (void)argc; + (void)argv; printf("staring unit tests...\n"); if ( (ret = ApiTest()) != 0) { diff --git a/testsuite/testsuite.c b/testsuite/testsuite.c index 091f512ae..a4b305904 100644 --- a/testsuite/testsuite.c +++ b/testsuite/testsuite.c @@ -41,7 +41,7 @@ void client_test(void*); -void file_test(char* file, byte* hash); +void file_test(const char* file, byte* hash); enum { NUMARGS = 3 @@ -207,7 +207,7 @@ void FreeTcpReady(tcp_ready* ready) } -void file_test(char* file, byte* check) +void file_test(const char* file, byte* check) { FILE* f; int i = 0, j;