From bf3103c33698128a8674c408478803f375af2649 Mon Sep 17 00:00:00 2001 From: Anthony Hu Date: Tue, 7 Jul 2026 14:06:41 -0400 Subject: [PATCH] C89 compliance items - Flexible array members ("type name[];") fixup - avoid empty asn_orig.c when building standalone - avoid trailing comma on the last enumerator - drop some consts to match function prototypes --- src/internal.c | 6 +++--- wolfcrypt/src/asn.c | 10 ++++++++++ wolfcrypt/src/asn_orig.c | 3 +++ wolfssl/internal.h | 29 ++++++++++++++++++----------- wolfssl/wolfcrypt/types.h | 9 +++++++++ 5 files changed, 43 insertions(+), 14 deletions(-) diff --git a/src/internal.c b/src/internal.c index 3e0e55bbe5..5455581abd 100644 --- a/src/internal.c +++ b/src/internal.c @@ -658,7 +658,7 @@ int IsAtLeastTLSv1_2(const WOLFSSL* ssl) return 0; } -int IsAtLeastTLSv1_3(const ProtocolVersion pv) +int IsAtLeastTLSv1_3(ProtocolVersion pv) { int ret; ret = (pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_3_MINOR); @@ -29107,7 +29107,7 @@ int GetCipherNamesSize(void) } -const char* GetCipherNameInternal(const byte cipherSuite0, const byte cipherSuite) +const char* GetCipherNameInternal(byte cipherSuite0, byte cipherSuite) { int i; const char* nameInternal = "None"; @@ -29434,7 +29434,7 @@ int SetCipherBits(const char* enc) { } #endif /* WOLFSSL_QT || OPENSSL_ALL */ -const char* GetCipherNameIana(const byte cipherSuite0, const byte cipherSuite) +const char* GetCipherNameIana(byte cipherSuite0, byte cipherSuite) { #ifndef NO_ERROR_STRINGS int i; diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 5d961fc9aa..4357373484 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -34005,6 +34005,7 @@ enum { SINGLERESPONSEASN_IDX_NEXTUPDATE, SINGLERESPONSEASN_IDX_NEXTUPDATE_GT, SINGLERESPONSEASN_IDX_EXT, + WOLF_ENUM_DUMMY_LAST_ELEMENT(SINGLERESPONSEASN_IDX) }; /* Number of items in ASN.1 template for OCSP single response. */ @@ -34030,6 +34031,7 @@ enum { CERTIDASN_IDX_CID_ISSUERHASH, CERTIDASN_IDX_CID_ISSUERKEYHASH, CERTIDASN_IDX_CID_SERIAL, + WOLF_ENUM_DUMMY_LAST_ELEMENT(CERTIDASN_IDX) }; #define certidasn_Length (sizeof(certIDASNItems) / sizeof(ASNItem)) @@ -34405,6 +34407,7 @@ static const ASNItem respExtHdrASN[] = { enum { RESPEXTHDRASN_IDX_EXT = 0, RESPEXTHDRASN_IDX_EXT_SEQ, + WOLF_ENUM_DUMMY_LAST_ELEMENT(RESPEXTHDRASN_IDX) }; /* Number of items in ASN.1 template for OCSP response extension header. */ @@ -34499,6 +34502,7 @@ enum { OCSPNONCEEXTASN_IDX_EXT_OID, OCSPNONCEEXTASN_IDX_EXT_VAL, OCSPNONCEEXTASN_IDX_EXT_NONCE, + WOLF_ENUM_DUMMY_LAST_ELEMENT(OCSPNONCEEXTASN_IDX) }; /* Number of items in ASN.1 template for OCSP nonce extension. */ @@ -34576,6 +34580,7 @@ enum { OCSPRESPDATAASN_IDX_PA, OCSPRESPDATAASN_IDX_RESP, OCSPRESPDATAASN_IDX_RESPEXT, + WOLF_ENUM_DUMMY_LAST_ELEMENT(OCSPRESPDATAASN_IDX) }; /* Number of items in ASN.1 template for OCSP ResponseData. */ @@ -34859,6 +34864,7 @@ enum { OCSPBASICRESPASN_IDX_SIGNATURE, OCSPBASICRESPASN_IDX_CERTS, OCSPBASICRESPASN_IDX_CERTS_SEQ, + WOLF_ENUM_DUMMY_LAST_ELEMENT(OCSPBASICRESPASN_IDX) }; /* Number of items in ASN.1 template for BasicOCSPResponse. */ @@ -35312,6 +35318,7 @@ enum { OCSPRESPONSEASN_IDX_BYTES_TYPE, OCSPRESPONSEASN_IDX_BYTES_VAL, + WOLF_ENUM_DUMMY_LAST_ELEMENT(OCSPRESPONSEASN_IDX) }; /* Number of items in ASN.1 template for OCSPResponse. */ @@ -35589,6 +35596,7 @@ enum { OCSPREQUESTASN_IDX_TBS_REQ_SERIAL, OCSPREQUESTASN_IDX_TBS_REQEXT, OCSPREQUESTASN_IDX_OPT_SIG, + WOLF_ENUM_DUMMY_LAST_ELEMENT(OCSPREQUESTASN_IDX) }; /* Number of items in ASN.1 template for OCSPRequest. */ @@ -36146,6 +36154,7 @@ enum { REVOKEDASN_IDX_TIME_UTC, REVOKEDASN_IDX_TIME_GT, REVOKEDASN_IDX_TIME_EXT, + WOLF_ENUM_DUMMY_LAST_ELEMENT(REVOKEDASN_IDX) }; /* Number of items in ASN.1 template for revoked certificates. */ @@ -36743,6 +36752,7 @@ enum { CRLASN_IDX_SIGALGO_PARAMS, #endif CRLASN_IDX_SIGNATURE, + WOLF_ENUM_DUMMY_LAST_ELEMENT(CRLASN_IDX) }; /* Number of items in ASN.1 template for a CRL- CertificateList. */ diff --git a/wolfcrypt/src/asn_orig.c b/wolfcrypt/src/asn_orig.c index 747c699ac2..979bf53bc0 100644 --- a/wolfcrypt/src/asn_orig.c +++ b/wolfcrypt/src/asn_orig.c @@ -34,6 +34,9 @@ #ifndef WOLFSSL_IGNORE_FILE_WARN #warning asn_orig.c does not need to be compiled separately from asn.c #endif + /* An empty translation unit is a constraint violation in C89, so emit a + * harmless typedef to keep it well-formed. */ + typedef int wolfssl_asn_orig_dummy_decl; #else /* Forward declarations for static functions defined later in this file. */ diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 8be44884f7..06f839690e 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -2090,7 +2090,7 @@ enum states { #ifdef WOLFSSL_DTLS13 SERVER_FINISHED_ACKED, #endif /* WOLFSSL_DTLS13 */ - + WOLF_ENUM_DUMMY_LAST_ELEMENT(states) }; /* SSL Version */ @@ -3082,10 +3082,10 @@ typedef enum { #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_DUAL_ALG_CERTS) TLSX_CKS = TLSXT_CKS, #endif - TLSX_RENEGOTIATION_INFO = TLSXT_RENEGOTIATION_INFO, #ifdef WOLFSSL_QUIC TLSX_KEY_QUIC_TP_PARAMS_DRAFT = TLSXT_KEY_QUIC_TP_PARAMS_DRAFT, #endif + TLSX_RENEGOTIATION_INFO = TLSXT_RENEGOTIATION_INFO } TLSX_Type; /* TLS Certificate type defined RFC7250 @@ -3446,7 +3446,8 @@ typedef struct SignatureAlgorithms { #ifdef _MSC_VER #pragma warning(disable: 4200) #endif - byte hashSigAlgo[]; /* sig/algo to offer */ + /* sig/algo to offer */ + byte hashSigAlgo[WC_FLEXIBLE_ARRAY_MEMBER]; } SignatureAlgorithms; WOLFSSL_LOCAL SignatureAlgorithms* TLSX_SignatureAlgorithms_New( @@ -3626,11 +3627,11 @@ typedef struct InternalTicket { /* RFC 5077 defines this for session tickets. All members need to be a byte or * array of byte to avoid alignment issues */ typedef struct ExternalTicket { - byte key_name[WOLFSSL_TICKET_NAME_SZ]; /* key context name - 16 */ - byte iv[WOLFSSL_TICKET_IV_SZ]; /* this ticket's iv - 16 */ - byte enc_len[OPAQUE16_LEN]; /* encrypted length - 2 */ - byte enc_ticket[]; /* encrypted ticket - var length - * + total mac - 32 */ + byte key_name[WOLFSSL_TICKET_NAME_SZ]; /* key context name - 16 */ + byte iv[WOLFSSL_TICKET_IV_SZ]; /* this ticket's iv - 16 */ + byte enc_len[OPAQUE16_LEN]; /* encrypted length - 2 */ + byte enc_ticket[WC_FLEXIBLE_ARRAY_MEMBER]; /* encrypted ticket - var length + * + total mac - 32 */ } ExternalTicket; /* Fixed portion of external ticket (key_name + iv + enc_len) */ @@ -3714,7 +3715,7 @@ typedef struct Cookie { #ifdef _MSC_VER #pragma warning(disable: 4200) #endif - byte data[]; + byte data[WC_FLEXIBLE_ARRAY_MEMBER]; } Cookie; WOLFSSL_LOCAL int TLSX_Cookie_Use(const WOLFSSL* ssl, const byte* data, @@ -3778,6 +3779,7 @@ enum PskDecryptReturn { PSK_DECRYPT_OK, PSK_DECRYPT_CREATE, PSK_DECRYPT_FAIL, + WOLF_ENUM_DUMMY_LAST_ELEMENT(PskDecryptReturn) }; #ifdef HAVE_SESSION_TICKET @@ -4510,6 +4512,7 @@ enum SigAlgRsaPss { pss_sha256 = 0x09, pss_sha384 = 0x0a, pss_sha512 = 0x0b, + WOLF_ENUM_DUMMY_LAST_ELEMENT(SigAlgRsaPss) }; #ifdef WOLFSSL_SM2 @@ -4545,6 +4548,7 @@ enum ClientCertificateType { ecdsa_fixed_ecdh = 66, falcon_sign = 67, mldsa_sign = 68, + WOLF_ENUM_DUMMY_LAST_ELEMENT(ClientCertificateType) }; /* Maximum number of ClientCertificateType bytes the server emits in a @@ -5091,6 +5095,7 @@ enum buildMsgState { BUILD_MSG_VERIFY_MAC, BUILD_MSG_ENCRYPT, BUILD_MSG_ENCRYPTED_VERIFY_MAC, + WOLF_ENUM_DUMMY_LAST_ELEMENT(buildMsgState) }; /* sub-states for cipher operations */ @@ -5098,6 +5103,7 @@ enum cipherState { CIPHER_STATE_BEGIN = 0, CIPHER_STATE_DO, CIPHER_STATE_END, + WOLF_ENUM_DUMMY_LAST_ELEMENT(cipherState) }; struct Options { @@ -5454,7 +5460,7 @@ typedef enum { STACK_TYPE_X509_NAME_ENTRY = 17, STACK_TYPE_X509_REQ_ATTR = 18, STACK_TYPE_GENERAL_SUBTREE = 19, - STACK_TYPE_X509_REVOKED = 20, + STACK_TYPE_X509_REVOKED = 20 } WOLF_STACK_TYPE; #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) @@ -5765,7 +5771,7 @@ typedef struct DtlsFragBucket { #ifdef _MSC_VER #pragma warning(disable: 4200) #endif - byte buf[]; + byte buf[WC_FLEXIBLE_ARRAY_MEMBER]; } DtlsFragBucket; typedef struct DtlsMsg { @@ -6786,6 +6792,7 @@ enum ContentType { #ifdef WOLFSSL_DTLS13 ack = 26, #endif /* WOLFSSL_DTLS13 */ + WOLF_ENUM_DUMMY_LAST_ELEMENT(ContentType) }; diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index cdbc989a36..3f3a7839fa 100644 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -221,6 +221,15 @@ typedef const char wcchar[]; #define WOLF_ENUM_DUMMY_LAST_ELEMENT(prefix) /* null expansion */ #endif +#if defined(WOLF_C89) + /* C99 flexible array member, or the C89 "struct hack" fallback. + * See http://c-faq.com/struct/structhack.html */ + #define WC_FLEXIBLE_ARRAY_MEMBER 1 +#else + /* empty: C99 flexible array member */ + #define WC_FLEXIBLE_ARRAY_MEMBER +#endif + /* try to set SIZEOF_LONG or SIZEOF_LONG_LONG if user didn't */ #if defined(_WIN32) || defined(HAVE_LIMITS_H) #include