From c0c98c8f6497b649d1d422acd8d649d455b15ee0 Mon Sep 17 00:00:00 2001 From: David Garske Date: Thu, 11 May 2017 14:32:21 -0700 Subject: [PATCH 1/4] Fixes to address build warnings for GCC 7. Used `-Wimplicit-fallthrough=0` to suppress all switch fall-through warnings. --- configure.ac | 7 +++++++ src/ssl.c | 6 ++++-- src/tls13.c | 6 ++++-- wolfcrypt/test/test.c | 4 ++-- wolfssl/test.h | 4 ++-- 5 files changed, 19 insertions(+), 8 deletions(-) diff --git a/configure.ac b/configure.ac index 800f10e533..3a2c8b8d5f 100644 --- a/configure.ac +++ b/configure.ac @@ -113,6 +113,7 @@ OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET -DTFM_HUGE_SET" DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_WOLFSSL" LIB_ADD= LIB_STATIC_ADD= +SWITCH_FALLTHROUGH="-Wimplicit-fallthrough=0" thread_ls_on=no # Thread local storage @@ -3422,6 +3423,10 @@ case $host_os in fi ;; esac +# add workaround for switch fall-through +CFLAGS="$CFLAGS $SWITCH_FALLTHROUGH" + + # add user C_EXTRA_FLAGS back # For distro disable custom build options that interfere with symbol generation if test "$ENABLED_DISTRO" = "no" @@ -3430,6 +3435,8 @@ then fi OPTION_FLAGS="$USER_CFLAGS $USER_C_EXTRA_FLAGS $AM_CFLAGS" + + CREATE_HEX_VERSION AC_SUBST([AM_CPPFLAGS]) AC_SUBST([AM_CFLAGS]) diff --git a/src/ssl.c b/src/ssl.c index bfb41d5beb..2297c4e4e5 100755 --- a/src/ssl.c +++ b/src/ssl.c @@ -8509,12 +8509,14 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, case KEY_EXCHANGE_SENT : #ifndef NO_CERTS - if (!ssl->options.resuming) - if (ssl->options.verifyPeer) + if (!ssl->options.resuming) { + if (ssl->options.verifyPeer) { if ( (ssl->error = SendCertificateRequest(ssl)) != 0) { WOLFSSL_ERROR(ssl->error); return SSL_FATAL_ERROR; } + } + } #endif ssl->options.acceptState = CERT_REQ_SENT; WOLFSSL_MSG("accept state CERT_REQ_SENT"); diff --git a/src/tls13.c b/src/tls13.c index 6995428472..b3208edea6 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -5404,13 +5404,15 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) WOLFSSL_MSG("accept state SERVER_EXTENSIONS_SENT"); case SERVER_EXTENSIONS_SENT : #ifndef NO_CERTS - if (!ssl->options.resuming) - if (ssl->options.verifyPeer) + if (!ssl->options.resuming) { + if (ssl->options.verifyPeer) { ssl->error = SendTls13CertificateRequest(ssl); if (ssl->error != 0) { WOLFSSL_ERROR(ssl->error); return SSL_FATAL_ERROR; } + } + } #endif ssl->options.acceptState = CERT_REQ_SENT; WOLFSSL_MSG("accept state CERT_REQ_SENT"); diff --git a/wolfcrypt/test/test.c b/wolfcrypt/test/test.c index b2f32f0a1f..0ae6173d89 100644 --- a/wolfcrypt/test/test.c +++ b/wolfcrypt/test/test.c @@ -3642,9 +3642,9 @@ int aes_test(void) byte iv[] = "1234567890abcdef "; /* align */ #ifdef WOLFSSL_ASYNC_CRYPT - if (wc_AesAsyncInit(&enc, devId) != 0) + if (wc_AesInit(&enc, HEAP_HINT, devId) != 0) return -4200; - if (wc_AesAsyncInit(&dec, devId) != 0) + if (wc_AesInit(&dec, HEAP_HINT, devId) != 0) return -4201; #endif diff --git a/wolfssl/test.h b/wolfssl/test.h index a68fafe573..ebca22aba2 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -597,7 +597,7 @@ static INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer, #ifndef TEST_IPV6 /* peer could be in human readable form */ - if ( (peer != INADDR_ANY) && isalpha((int)peer[0])) { + if ( ((size_t)peer != INADDR_ANY) && isalpha((int)peer[0])) { #if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET) int err; struct hostent* entry = gethostbyname(peer, &err); @@ -627,7 +627,7 @@ static INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer, addr->sin_family = AF_INET_V; #endif addr->sin_port = XHTONS(port); - if (peer == INADDR_ANY) + if ((size_t)peer == INADDR_ANY) addr->sin_addr.s_addr = INADDR_ANY; else { if (!useLookup) From 562db08c3dbadff53f90ed171eaabf1d96281ef1 Mon Sep 17 00:00:00 2001 From: David Garske Date: Thu, 11 May 2017 15:15:19 -0700 Subject: [PATCH 2/4] Implemented strict switch fall-through handling using new macro `FALL_THROUGH`. --- configure.ac | 4 +-- src/internal.c | 53 ++++++++++++++++++++++++++++++++++++--- src/ssl.c | 27 ++++++++++++++++++++ src/tls.c | 2 +- src/tls13.c | 31 +++++++++++++++++++++++ wolfcrypt/src/asn.c | 12 ++++----- wolfcrypt/src/ecc.c | 8 +++--- wolfcrypt/src/rsa.c | 10 +++++--- wolfcrypt/src/signature.c | 3 ++- wolfssl/wolfcrypt/types.h | 8 ++++++ 10 files changed, 137 insertions(+), 21 deletions(-) diff --git a/configure.ac b/configure.ac index 3a2c8b8d5f..3a369b1dff 100644 --- a/configure.ac +++ b/configure.ac @@ -113,7 +113,7 @@ OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET -DTFM_HUGE_SET" DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_WOLFSSL" LIB_ADD= LIB_STATIC_ADD= -SWITCH_FALLTHROUGH="-Wimplicit-fallthrough=0" +SWITCH_FALLTHROUGH="-Wimplicit-fallthrough=5" thread_ls_on=no # Thread local storage @@ -3423,7 +3423,7 @@ case $host_os in fi ;; esac -# add workaround for switch fall-through +# add strict checking for switch fall-through CFLAGS="$CFLAGS $SWITCH_FALLTHROUGH" diff --git a/src/internal.c b/src/internal.c index 505fb41c71..798c24d763 100755 --- a/src/internal.c +++ b/src/internal.c @@ -7084,6 +7084,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 totalSz /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_BUILD; } /* case TLS_ASYNC_BEGIN */ + FALL_THROUGH; case TLS_ASYNC_BUILD: { @@ -7308,6 +7309,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 totalSz /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_DO; } /* case TLS_ASYNC_BUILD */ + FALL_THROUGH; case TLS_ASYNC_DO: { @@ -7513,6 +7515,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 totalSz /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_VERIFY; } /* case TLS_ASYNC_DO */ + FALL_THROUGH; case TLS_ASYNC_VERIFY: { @@ -7697,6 +7700,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 totalSz /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_FINALIZE; } /* case TLS_ASYNC_VERIFY */ + FALL_THROUGH; case TLS_ASYNC_FINALIZE: { @@ -7826,6 +7830,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 totalSz /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_END; } /* case TLS_ASYNC_FINALIZE */ + FALL_THROUGH; case TLS_ASYNC_END: { @@ -9593,6 +9598,8 @@ static INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input, word16 sz, /* Advance state and proceed */ ssl->encrypt.state = CIPHER_STATE_DO; } + FALL_THROUGH; + case CIPHER_STATE_DO: { ret = EncryptDo(ssl, out, input, sz, asyncOkay); @@ -9607,6 +9614,7 @@ static INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input, word16 sz, } #endif } + FALL_THROUGH; case CIPHER_STATE_END: { @@ -9826,6 +9834,7 @@ static INLINE int Decrypt(WOLFSSL* ssl, byte* plain, const byte* input, /* Advance state and proceed */ ssl->decrypt.state = CIPHER_STATE_DO; } + FALL_THROUGH; case CIPHER_STATE_DO: { ret = DecryptDo(ssl, plain, input, sz); @@ -9840,7 +9849,7 @@ static INLINE int Decrypt(WOLFSSL* ssl, byte* plain, const byte* input, } #endif } - + FALL_THROUGH; case CIPHER_STATE_END: { #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM) @@ -10527,6 +10536,7 @@ int ProcessReply(WOLFSSL* ssl) ssl->options.processReply = getRecordLayerHeader; continue; } + FALL_THROUGH; /* in the WOLFSSL_SERVER case, run the old client hello */ case runProcessOldClientHello: @@ -10561,6 +10571,7 @@ int ProcessReply(WOLFSSL* ssl) } #endif /* OLD_HELLO_ALLOWED */ + FALL_THROUGH; /* get the record layer header */ case getRecordLayerHeader: @@ -10588,6 +10599,7 @@ int ProcessReply(WOLFSSL* ssl) return ret; ssl->options.processReply = getData; + FALL_THROUGH; /* retrieve record layer data */ case getData: @@ -10609,6 +10621,7 @@ int ProcessReply(WOLFSSL* ssl) ssl->options.processReply = decryptMessage; startIdx = ssl->buffers.inputBuffer.idx; /* in case > 1 msg per */ + FALL_THROUGH; /* decrypt message */ case decryptMessage: @@ -10679,6 +10692,7 @@ int ProcessReply(WOLFSSL* ssl) } ssl->options.processReply = verifyMessage; + FALL_THROUGH; /* verify digest of message */ case verifyMessage: @@ -10713,6 +10727,7 @@ int ProcessReply(WOLFSSL* ssl) } ssl->options.processReply = runProcessingOneMessage; + FALL_THROUGH; /* the record layer is here */ case runProcessingOneMessage: @@ -11351,7 +11366,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, ssl->options.buildMsgState = BUILD_MSG_SIZE; } - + FALL_THROUGH; case BUILD_MSG_SIZE: { args->digestSz = ssl->specs.hash_size; @@ -11430,6 +11445,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, ssl->options.buildMsgState = BUILD_MSG_HASH; } + FALL_THROUGH; case BUILD_MSG_HASH: { word32 i; @@ -11448,6 +11464,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, ssl->options.buildMsgState = BUILD_MSG_VERIFY_MAC; } + FALL_THROUGH; case BUILD_MSG_VERIFY_MAC: { /* User Record Layer Callback handling */ @@ -11499,6 +11516,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, ssl->options.buildMsgState = BUILD_MSG_ENCRYPT; } + FALL_THROUGH; case BUILD_MSG_ENCRYPT: { ret = Encrypt(ssl, output + args->headerSz, output + args->headerSz, args->size, @@ -11982,7 +12000,7 @@ static int BuildCertificateStatus(WOLFSSL* ssl, byte type, buffer* status, switch (type) { case WOLFSSL_CSR2_OCSP_MULTI: length += OPAQUE24_LEN; - /* followed by */ + FALL_THROUGH; /* followed by */ case WOLFSSL_CSR2_OCSP: for (i = 0; i < count; i++) @@ -16134,6 +16152,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_BUILD; } /* case TLS_ASYNC_BEGIN */ + FALL_THROUGH; case TLS_ASYNC_BUILD: { @@ -16307,6 +16326,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_DO; } /* case TLS_ASYNC_BUILD */ + FALL_THROUGH; case TLS_ASYNC_DO: { @@ -16405,6 +16425,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_VERIFY; } /* case TLS_ASYNC_DO */ + FALL_THROUGH; case TLS_ASYNC_VERIFY: { @@ -16500,6 +16521,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_FINALIZE; } /* case TLS_ASYNC_VERIFY */ + FALL_THROUGH; case TLS_ASYNC_FINALIZE: { @@ -16536,6 +16558,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_END; } /* case TLS_ASYNC_FINALIZE */ + FALL_THROUGH; case TLS_ASYNC_END: { @@ -17153,6 +17176,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_BUILD; } /* case TLS_ASYNC_BEGIN */ + FALL_THROUGH; case TLS_ASYNC_BUILD: { @@ -17403,6 +17427,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_DO; } /* case TLS_ASYNC_BUILD */ + FALL_THROUGH; case TLS_ASYNC_DO: { @@ -17535,6 +17560,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_VERIFY; } /* case TLS_ASYNC_DO */ + FALL_THROUGH; case TLS_ASYNC_VERIFY: { @@ -17645,6 +17671,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_FINALIZE; } /* case TLS_ASYNC_VERIFY */ + FALL_THROUGH; case TLS_ASYNC_FINALIZE: { @@ -17748,6 +17775,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_END; } /* case TLS_ASYNC_FINALIZE */ + FALL_THROUGH; case TLS_ASYNC_END: { @@ -18026,6 +18054,7 @@ int SendCertificateVerify(WOLFSSL* ssl) /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_BUILD; } /* case TLS_ASYNC_BEGIN */ + FALL_THROUGH; case TLS_ASYNC_BUILD: { @@ -18150,6 +18179,7 @@ int SendCertificateVerify(WOLFSSL* ssl) /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_DO; } /* case TLS_ASYNC_BUILD */ + FALL_THROUGH; case TLS_ASYNC_DO: { @@ -18201,6 +18231,7 @@ int SendCertificateVerify(WOLFSSL* ssl) /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_VERIFY; } /* case TLS_ASYNC_DO */ + FALL_THROUGH; case TLS_ASYNC_VERIFY: { @@ -18248,6 +18279,7 @@ int SendCertificateVerify(WOLFSSL* ssl) /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_FINALIZE; } /* case TLS_ASYNC_VERIFY */ + FALL_THROUGH; case TLS_ASYNC_FINALIZE: { @@ -18282,6 +18314,7 @@ int SendCertificateVerify(WOLFSSL* ssl) /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_END; } /* case TLS_ASYNC_FINALIZE */ + FALL_THROUGH; case TLS_ASYNC_END: { @@ -18955,6 +18988,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_BUILD; } /* case TLS_ASYNC_BEGIN */ + FALL_THROUGH; case TLS_ASYNC_BUILD: { @@ -19737,6 +19771,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_DO; } /* case TLS_ASYNC_BUILD */ + FALL_THROUGH; case TLS_ASYNC_DO: { @@ -19859,6 +19894,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_VERIFY; } /* case TLS_ASYNC_DO */ + FALL_THROUGH; case TLS_ASYNC_VERIFY: { @@ -19988,6 +20024,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_FINALIZE; } /* case TLS_ASYNC_VERIFY */ + FALL_THROUGH; case TLS_ASYNC_FINALIZE: { @@ -20057,6 +20094,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_END; } /* case TLS_ASYNC_FINALIZE */ + FALL_THROUGH; case TLS_ASYNC_END: { @@ -21028,6 +21066,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_BUILD; } /* case TLS_ASYNC_BEGIN */ + FALL_THROUGH; case TLS_ASYNC_BUILD: { @@ -21106,6 +21145,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_DO; } /* case TLS_ASYNC_BUILD */ + FALL_THROUGH; case TLS_ASYNC_DO: { @@ -21160,6 +21200,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_VERIFY; } /* case TLS_ASYNC_DO */ + FALL_THROUGH; case TLS_ASYNC_VERIFY: { @@ -21253,6 +21294,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_FINALIZE; } /* case TLS_ASYNC_VERIFY */ + FALL_THROUGH; case TLS_ASYNC_FINALIZE: { @@ -21825,6 +21867,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_BUILD; } /* TLS_ASYNC_BEGIN */ + FALL_THROUGH; case TLS_ASYNC_BUILD: { @@ -22232,6 +22275,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_DO; } /* TLS_ASYNC_BUILD */ + FALL_THROUGH; case TLS_ASYNC_DO: { @@ -22350,6 +22394,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_VERIFY; } /* TLS_ASYNC_DO */ + FALL_THROUGH; case TLS_ASYNC_VERIFY: { @@ -22478,6 +22523,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_FINALIZE; } /* TLS_ASYNC_VERIFY */ + FALL_THROUGH; case TLS_ASYNC_FINALIZE: { @@ -22516,6 +22562,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_END; } /* TLS_ASYNC_FINALIZE */ + FALL_THROUGH; case TLS_ASYNC_END: { diff --git a/src/ssl.c b/src/ssl.c index 2297c4e4e5..31a2efcad2 100755 --- a/src/ssl.c +++ b/src/ssl.c @@ -8095,6 +8095,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, } ssl->options.connectState = CLIENT_HELLO_SENT; WOLFSSL_MSG("connect state: CLIENT_HELLO_SENT"); + FALL_THROUGH; case CLIENT_HELLO_SENT : neededState = ssl->options.resuming ? SERVER_FINISHED_COMPLETE : @@ -8124,6 +8125,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, ssl->options.connectState = HELLO_AGAIN; WOLFSSL_MSG("connect state: HELLO_AGAIN"); + FALL_THROUGH; case HELLO_AGAIN : if (ssl->options.certOnly) @@ -8150,6 +8152,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, ssl->options.connectState = HELLO_AGAIN_REPLY; WOLFSSL_MSG("connect state: HELLO_AGAIN_REPLY"); + FALL_THROUGH; case HELLO_AGAIN_REPLY : #ifdef WOLFSSL_DTLS @@ -8173,6 +8176,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, ssl->options.connectState = FIRST_REPLY_DONE; WOLFSSL_MSG("connect state: FIRST_REPLY_DONE"); + FALL_THROUGH; case FIRST_REPLY_DONE : #ifndef NO_CERTS @@ -8187,6 +8191,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #endif ssl->options.connectState = FIRST_REPLY_FIRST; WOLFSSL_MSG("connect state: FIRST_REPLY_FIRST"); + FALL_THROUGH; case FIRST_REPLY_FIRST : if (!ssl->options.resuming) { @@ -8199,6 +8204,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, ssl->options.connectState = FIRST_REPLY_SECOND; WOLFSSL_MSG("connect state: FIRST_REPLY_SECOND"); + FALL_THROUGH; case FIRST_REPLY_SECOND : #ifndef NO_CERTS @@ -8212,6 +8218,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #endif ssl->options.connectState = FIRST_REPLY_THIRD; WOLFSSL_MSG("connect state: FIRST_REPLY_THIRD"); + FALL_THROUGH; case FIRST_REPLY_THIRD : if ( (ssl->error = SendChangeCipher(ssl)) != 0) { @@ -8221,6 +8228,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, WOLFSSL_MSG("sent: change cipher spec"); ssl->options.connectState = FIRST_REPLY_FOURTH; WOLFSSL_MSG("connect state: FIRST_REPLY_FOURTH"); + FALL_THROUGH; case FIRST_REPLY_FOURTH : if ( (ssl->error = SendFinished(ssl)) != 0) { @@ -8230,6 +8238,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, WOLFSSL_MSG("sent: finished"); ssl->options.connectState = FINISHED_DONE; WOLFSSL_MSG("connect state: FINISHED_DONE"); + FALL_THROUGH; case FINISHED_DONE : /* get response */ @@ -8241,6 +8250,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, ssl->options.connectState = SECOND_REPLY_DONE; WOLFSSL_MSG("connect state: SECOND_REPLY_DONE"); + FALL_THROUGH; case SECOND_REPLY_DONE: #ifndef NO_HANDSHAKE_DONE_CB @@ -8441,6 +8451,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #ifdef WOLFSSL_TLS13 ssl->options.acceptState = ACCEPT_CLIENT_HELLO_DONE; WOLFSSL_MSG("accept state ACCEPT_CLIENT_HELLO_DONE"); + FALL_THROUGH; case ACCEPT_CLIENT_HELLO_DONE : if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) { @@ -8451,6 +8462,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, } ssl->options.acceptState = ACCEPT_HELLO_RETRY_REQUEST_DONE; WOLFSSL_MSG("accept state ACCEPT_HELLO_RETRY_REQUEST_DONE"); + FALL_THROUGH; case ACCEPT_HELLO_RETRY_REQUEST_DONE : if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) { @@ -8462,6 +8474,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #endif ssl->options.acceptState = ACCEPT_FIRST_REPLY_DONE; WOLFSSL_MSG("accept state ACCEPT_FIRST_REPLY_DONE"); + FALL_THROUGH; case ACCEPT_FIRST_REPLY_DONE : #ifdef WOLFSSL_TLS13 @@ -8475,6 +8488,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, } ssl->options.acceptState = SERVER_HELLO_SENT; WOLFSSL_MSG("accept state SERVER_HELLO_SENT"); + FALL_THROUGH; case SERVER_HELLO_SENT : #ifndef NO_CERTS @@ -8486,6 +8500,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #endif ssl->options.acceptState = CERT_SENT; WOLFSSL_MSG("accept state CERT_SENT"); + FALL_THROUGH; case CERT_SENT : #ifndef NO_CERTS @@ -8497,6 +8512,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #endif ssl->options.acceptState = CERT_STATUS_SENT; WOLFSSL_MSG("accept state CERT_STATUS_SENT"); + FALL_THROUGH; case CERT_STATUS_SENT : if (!ssl->options.resuming) @@ -8506,6 +8522,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, } ssl->options.acceptState = KEY_EXCHANGE_SENT; WOLFSSL_MSG("accept state KEY_EXCHANGE_SENT"); + FALL_THROUGH; case KEY_EXCHANGE_SENT : #ifndef NO_CERTS @@ -8520,6 +8537,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #endif ssl->options.acceptState = CERT_REQ_SENT; WOLFSSL_MSG("accept state CERT_REQ_SENT"); + FALL_THROUGH; case CERT_REQ_SENT : if (!ssl->options.resuming) @@ -8529,6 +8547,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, } ssl->options.acceptState = SERVER_HELLO_DONE; WOLFSSL_MSG("accept state SERVER_HELLO_DONE"); + FALL_THROUGH; case SERVER_HELLO_DONE : if (!ssl->options.resuming) { @@ -8540,6 +8559,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, } ssl->options.acceptState = ACCEPT_SECOND_REPLY_DONE; WOLFSSL_MSG("accept state ACCEPT_SECOND_REPLY_DONE"); + FALL_THROUGH; case ACCEPT_SECOND_REPLY_DONE : #ifdef HAVE_SESSION_TICKET @@ -8552,6 +8572,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, #endif /* HAVE_SESSION_TICKET */ ssl->options.acceptState = TICKET_SENT; WOLFSSL_MSG("accept state TICKET_SENT"); + FALL_THROUGH; case TICKET_SENT: if ( (ssl->error = SendChangeCipher(ssl)) != 0) { @@ -8560,6 +8581,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, } ssl->options.acceptState = CHANGE_CIPHER_SENT; WOLFSSL_MSG("accept state CHANGE_CIPHER_SENT"); + FALL_THROUGH; case CHANGE_CIPHER_SENT : if ( (ssl->error = SendFinished(ssl)) != 0) { @@ -8569,6 +8591,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, ssl->options.acceptState = ACCEPT_FINISHED_DONE; WOLFSSL_MSG("accept state ACCEPT_FINISHED_DONE"); + FALL_THROUGH; case ACCEPT_FINISHED_DONE : if (ssl->options.resuming) @@ -8580,6 +8603,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, ssl->options.acceptState = ACCEPT_THIRD_REPLY_DONE; WOLFSSL_MSG("accept state ACCEPT_THIRD_REPLY_DONE"); + FALL_THROUGH; case ACCEPT_THIRD_REPLY_DONE : #ifndef NO_HANDSHAKE_DONE_CB @@ -24017,10 +24041,13 @@ int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a) switch (a->data[i++] - 0x80) { case 4: len |= a->data[i++] << 24; + FALL_THROUGH; case 3: len |= a->data[i++] << 16; + FALL_THROUGH; case 2: len |= a->data[i++] << 8; + FALL_THROUGH; case 1: len |= a->data[i++]; break; diff --git a/src/tls.c b/src/tls.c index 4bc2b6d733..a8442b360e 100755 --- a/src/tls.c +++ b/src/tls.c @@ -2666,7 +2666,7 @@ int TLSX_CSR2_InitRequests(TLSX* extensions, DecodedCert* cert, byte isPeer, if (!isPeer || csr2->requests != 0) break; - /* followed by */ + FALL_THROUGH; /* followed by */ case WOLFSSL_CSR2_OCSP_MULTI: { if (csr2->requests < 1 + MAX_CHAIN_DEPTH) { diff --git a/src/tls13.c b/src/tls13.c index b3208edea6..85a1791624 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -3557,6 +3557,7 @@ int SendTls13CertificateVerify(WOLFSSL* ssl) /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_BUILD; } /* case TLS_ASYNC_BEGIN */ + FALL_THROUGH; case TLS_ASYNC_BUILD: { @@ -3618,6 +3619,7 @@ int SendTls13CertificateVerify(WOLFSSL* ssl) /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_DO; } /* case TLS_ASYNC_BUILD */ + FALL_THROUGH; case TLS_ASYNC_DO: { @@ -3666,6 +3668,7 @@ int SendTls13CertificateVerify(WOLFSSL* ssl) /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_VERIFY; } /* case TLS_ASYNC_DO */ + FALL_THROUGH; case TLS_ASYNC_VERIFY: { @@ -3699,6 +3702,7 @@ int SendTls13CertificateVerify(WOLFSSL* ssl) /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_FINALIZE; } /* case TLS_ASYNC_VERIFY */ + FALL_THROUGH; case TLS_ASYNC_FINALIZE: { @@ -3723,6 +3727,7 @@ int SendTls13CertificateVerify(WOLFSSL* ssl) /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_END; } /* case TLS_ASYNC_FINALIZE */ + FALL_THROUGH; case TLS_ASYNC_END: { @@ -3868,6 +3873,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_BUILD; } /* case TLS_ASYNC_BEGIN */ + FALL_THROUGH; case TLS_ASYNC_BUILD: { @@ -3933,6 +3939,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_DO; } /* case TLS_ASYNC_BUILD */ + FALL_THROUGH; case TLS_ASYNC_DO: { @@ -3983,6 +3990,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_VERIFY; } /* case TLS_ASYNC_DO */ + FALL_THROUGH; case TLS_ASYNC_VERIFY: { @@ -3998,6 +4006,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input, /* Advance state and proceed */ ssl->options.asyncState = TLS_ASYNC_FINALIZE; } /* case TLS_ASYNC_VERIFY */ + FALL_THROUGH; case TLS_ASYNC_FINALIZE: { @@ -5024,6 +5033,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl) ssl->options.connectState = CLIENT_HELLO_SENT; WOLFSSL_MSG("connect state: CLIENT_HELLO_SENT"); + FALL_THROUGH; case CLIENT_HELLO_SENT: neededState = ssl->options.resuming ? SERVER_FINISHED_COMPLETE : @@ -5043,6 +5053,8 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl) ssl->options.connectState = HELLO_AGAIN; WOLFSSL_MSG("connect state: HELLO_AGAIN"); + FALL_THROUGH; + case HELLO_AGAIN: if (ssl->options.certOnly) return SSL_SUCCESS; @@ -5061,6 +5073,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl) ssl->options.connectState = HELLO_AGAIN_REPLY; WOLFSSL_MSG("connect state: HELLO_AGAIN_REPLY"); + FALL_THROUGH; case HELLO_AGAIN_REPLY: if (ssl->options.serverState == NULL_STATE) { @@ -5083,6 +5096,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl) ssl->options.connectState = FIRST_REPLY_DONE; WOLFSSL_MSG("connect state: FIRST_REPLY_DONE"); + FALL_THROUGH; case FIRST_REPLY_DONE: #ifndef NO_CERTS @@ -5098,6 +5112,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl) ssl->options.connectState = FIRST_REPLY_FIRST; WOLFSSL_MSG("connect state: FIRST_REPLY_FIRST"); + FALL_THROUGH; case FIRST_REPLY_FIRST: #ifndef NO_CERTS @@ -5113,6 +5128,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl) ssl->options.connectState = FIRST_REPLY_SECOND; WOLFSSL_MSG("connect state: FIRST_REPLY_SECOND"); + FALL_THROUGH; case FIRST_REPLY_SECOND: if ((ssl->error = SendTls13Finished(ssl)) != 0) { @@ -5123,6 +5139,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl) ssl->options.connectState = FINISHED_DONE; WOLFSSL_MSG("connect state: FINISHED_DONE"); + FALL_THROUGH; case FINISHED_DONE: #ifndef NO_HANDSHAKE_DONE_CB @@ -5366,6 +5383,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) ssl->options.acceptState = ACCEPT_CLIENT_HELLO_DONE; WOLFSSL_MSG("accept state ACCEPT_CLIENT_HELLO_DONE"); + FALL_THROUGH; case ACCEPT_CLIENT_HELLO_DONE : if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) { @@ -5376,6 +5394,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) } ssl->options.acceptState = ACCEPT_HELLO_RETRY_REQUEST_DONE; WOLFSSL_MSG("accept state ACCEPT_HELLO_RETRY_REQUEST_DONE"); + FALL_THROUGH; case ACCEPT_HELLO_RETRY_REQUEST_DONE : if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST) { @@ -5386,6 +5405,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) } ssl->options.acceptState = ACCEPT_FIRST_REPLY_DONE; WOLFSSL_MSG("accept state ACCEPT_FIRST_REPLY_DONE"); + FALL_THROUGH; case ACCEPT_FIRST_REPLY_DONE : if ((ssl->error = SendTls13ServerHello(ssl)) != 0) { @@ -5394,6 +5414,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) } ssl->options.acceptState = SERVER_HELLO_SENT; WOLFSSL_MSG("accept state SERVER_HELLO_SENT"); + FALL_THROUGH; case SERVER_HELLO_SENT : if ((ssl->error = SendTls13EncryptedExtensions(ssl)) != 0) { @@ -5402,6 +5423,8 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) } ssl->options.acceptState = SERVER_EXTENSIONS_SENT; WOLFSSL_MSG("accept state SERVER_EXTENSIONS_SENT"); + FALL_THROUGH; + case SERVER_EXTENSIONS_SENT : #ifndef NO_CERTS if (!ssl->options.resuming) { @@ -5416,6 +5439,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) #endif ssl->options.acceptState = CERT_REQ_SENT; WOLFSSL_MSG("accept state CERT_REQ_SENT"); + FALL_THROUGH; case CERT_REQ_SENT : ssl->options.acceptState = KEY_EXCHANGE_SENT; @@ -5429,6 +5453,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) #endif ssl->options.acceptState = CERT_SENT; WOLFSSL_MSG("accept state CERT_SENT"); + FALL_THROUGH; case CERT_SENT : #ifndef NO_CERTS @@ -5441,6 +5466,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) #endif ssl->options.acceptState = CERT_STATUS_SENT; WOLFSSL_MSG("accept state CERT_STATUS_SENT"); + FALL_THROUGH; case CERT_VERIFY_SENT : if ((ssl->error = SendTls13Finished(ssl)) != 0) { @@ -5450,6 +5476,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) ssl->options.acceptState = ACCEPT_FINISHED_DONE; WOLFSSL_MSG("accept state ACCEPT_FINISHED_DONE"); + FALL_THROUGH; case ACCEPT_FINISHED_DONE : #ifdef HAVE_SESSION_TICKET @@ -5464,6 +5491,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) #endif /* HAVE_SESSION_TICKET */ ssl->options.acceptState = TICKET_SENT; WOLFSSL_MSG("accept state TICKET_SENT"); + FALL_THROUGH; case TICKET_SENT: while (ssl->options.clientState < CLIENT_FINISHED_COMPLETE) @@ -5474,6 +5502,8 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) ssl->options.acceptState = ACCEPT_SECOND_REPLY_DONE; WOLFSSL_MSG("accept state ACCEPT_SECOND_REPLY_DONE"); + FALL_THROUGH; + case ACCEPT_SECOND_REPLY_DONE : #ifdef HAVE_SESSION_TICKET if (!ssl->options.resuming && ssl->options.verifyPeer && @@ -5486,6 +5516,7 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) #endif /* HAVE_SESSION_TICKET */ ssl->options.acceptState = ACCEPT_THIRD_REPLY_DONE; WOLFSSL_MSG("accept state ACCEPT_THIRD_REPLY_DONE"); + FALL_THROUGH; case ACCEPT_THIRD_REPLY_DONE: #ifndef NO_HANDSHAKE_DONE_CB diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index 4d03a700db..8d9901c12e 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -4472,9 +4472,9 @@ static int ConfirmSignature(SignatureCtx* sigCtx, ERROR_OUT(MEMORY_E, exit_cs); } - /* fall through */ sigCtx->state = SIG_STATE_HASH; } /* SIG_STATE_BEGIN */ + FALL_THROUGH; case SIG_STATE_HASH: { @@ -4550,9 +4550,9 @@ static int ConfirmSignature(SignatureCtx* sigCtx, goto exit_cs; } - /* fall through */ sigCtx->state = SIG_STATE_KEY; } /* SIG_STATE_HASH */ + FALL_THROUGH; case SIG_STATE_KEY: { @@ -4625,9 +4625,9 @@ static int ConfirmSignature(SignatureCtx* sigCtx, goto exit_cs; } - /* fall through */ sigCtx->state = SIG_STATE_DO; } /* SIG_STATE_KEY */ + FALL_THROUGH; case SIG_STATE_DO: { @@ -4667,9 +4667,9 @@ static int ConfirmSignature(SignatureCtx* sigCtx, goto exit_cs; } - /* fall through */ sigCtx->state = SIG_STATE_CHECK; } /* SIG_STATE_DO */ + FALL_THROUGH; case SIG_STATE_CHECK: { @@ -8207,8 +8207,8 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buffer, int sz, if (ret != 0) { goto exit_ms; } + FALL_THROUGH; - /* fall-through */ case CERTSIGN_STATE_ENCODE: #ifndef NO_RSA if (rsaKey) { @@ -8223,8 +8223,8 @@ static int MakeSignature(CertSignCtx* certSignCtx, const byte* buffer, int sz, certSignCtx->digest, digestSz, typeH); } #endif /* !NO_RSA */ + FALL_THROUGH; - /* fall-through */ case CERTSIGN_STATE_DO: certSignCtx->state = CERTSIGN_STATE_DO; ret = ALGO_ID_E; /* default to error */ diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index f371e6bfbc..0d91570bf2 100755 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -2900,8 +2900,8 @@ int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point, if (err < 0) { break; } + FALL_THROUGH; - /* fall through */ case ECC_STATE_SHARED_SEC_RES: private_key->state = ECC_STATE_SHARED_SEC_RES; err = 0; @@ -3393,8 +3393,8 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, } #endif /* WOLFSSL_ATECC508A */ + FALL_THROUGH; - /* fall through */ case ECC_STATE_SIGN_ENCODE: key->state = ECC_STATE_SIGN_ENCODE; @@ -3924,8 +3924,8 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, if (err < 0) { break; } + FALL_THROUGH; - /* fall through */ case ECC_STATE_VERIFY_DO: key->state = ECC_STATE_VERIFY_DO; @@ -3933,8 +3933,8 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, if (err < 0) { break; } + FALL_THROUGH; - /* fall through */ case ECC_STATE_VERIFY_RES: key->state = ECC_STATE_VERIFY_RES; err = 0; diff --git a/wolfcrypt/src/rsa.c b/wolfcrypt/src/rsa.c index 089f874346..7f9da78b73 100755 --- a/wolfcrypt/src/rsa.c +++ b/wolfcrypt/src/rsa.c @@ -1282,7 +1282,8 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out, } key->state = RSA_STATE_ENCRYPT_EXPTMOD; - /* fall through */ + + FALL_THROUGH; case RSA_STATE_ENCRYPT_EXPTMOD: @@ -1296,7 +1297,7 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out, break; } - /* fall through */ + FALL_THROUGH; case RSA_STATE_ENCRYPT_RES: ret = key->dataLen; @@ -1402,7 +1403,7 @@ static int RsaPrivateDecryptEx(byte* in, word32 inLen, byte* out, break; } - /* fall through */ + FALL_THROUGH; case RSA_STATE_DECRYPT_UNPAD: { @@ -1426,7 +1427,8 @@ static int RsaPrivateDecryptEx(byte* in, word32 inLen, byte* out, } key->state = RSA_STATE_DECRYPT_RES; - /* fall through */ + + FALL_THROUGH; } case RSA_STATE_DECRYPT_RES: #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_RSA) && \ diff --git a/wolfcrypt/src/signature.c b/wolfcrypt/src/signature.c index 247d5d931f..5d430d3de3 100644 --- a/wolfcrypt/src/signature.c +++ b/wolfcrypt/src/signature.c @@ -206,6 +206,7 @@ int wc_SignatureVerify( /* Otherwise fall-through and perform normal RSA verify against updated * DER encoding + hash */ #endif + FALL_THROUGH; case WC_SIGNATURE_TYPE_RSA: { @@ -338,7 +339,7 @@ int wc_SignatureGenerate( /* Otherwise fall-through and perform normal RSA sign against updated * DER encoding + hash */ #endif - + FALL_THROUGH; case WC_SIGNATURE_TYPE_RSA: #ifndef NO_RSA /* Create signature using provided RSA key */ diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index e993329e02..f7bcd837cf 100755 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -161,6 +161,14 @@ #define THREAD_LS_T #endif + /* GCC 7 has new switch() fall-through detection */ + #ifndef FALL_THROUGH + #if defined(__GNUC__) + #define FALL_THROUGH __attribute__ ((fallthrough)) + #else + #define FALL_THROUGH + #endif + #endif /* Micrium will use Visual Studio for compilation but not the Win32 API */ #if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \ From 7c7503449f507dae82fee01e42445d1b8b432d50 Mon Sep 17 00:00:00 2001 From: David Garske Date: Thu, 11 May 2017 15:28:49 -0700 Subject: [PATCH 3/4] =?UTF-8?q?Removed=20the=20`-Wimplicit-fallthrough=3D5?= =?UTF-8?q?`=20from=20autogen.sh,=20since=20older=20GCC=20throws=20?= =?UTF-8?q?=E2=80=9Cerror:=20unknown=20warning=20option=E2=80=9D.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- configure.ac | 4 ---- 1 file changed, 4 deletions(-) diff --git a/configure.ac b/configure.ac index 3a369b1dff..503776da40 100644 --- a/configure.ac +++ b/configure.ac @@ -113,7 +113,6 @@ OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET -DTFM_HUGE_SET" DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_WOLFSSL" LIB_ADD= LIB_STATIC_ADD= -SWITCH_FALLTHROUGH="-Wimplicit-fallthrough=5" thread_ls_on=no # Thread local storage @@ -3423,9 +3422,6 @@ case $host_os in fi ;; esac -# add strict checking for switch fall-through -CFLAGS="$CFLAGS $SWITCH_FALLTHROUGH" - # add user C_EXTRA_FLAGS back # For distro disable custom build options that interfere with symbol generation From 53a837b2305153653c860490cf9a1b10efa9b3ee Mon Sep 17 00:00:00 2001 From: David Garske Date: Thu, 11 May 2017 15:52:32 -0700 Subject: [PATCH 4/4] Fix to only use FALL_THROUGH macro for GCC 7.1 or later. --- wolfssl/wolfcrypt/types.h | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h index f7bcd837cf..7a1a57d77c 100755 --- a/wolfssl/wolfcrypt/types.h +++ b/wolfssl/wolfcrypt/types.h @@ -162,13 +162,14 @@ #endif /* GCC 7 has new switch() fall-through detection */ - #ifndef FALL_THROUGH - #if defined(__GNUC__) - #define FALL_THROUGH __attribute__ ((fallthrough)) - #else - #define FALL_THROUGH + #if defined(__GNUC__) + #if ((__GNUC__ > 7) || ((__GNUC__ == 7) && (__GNUC_MINOR__ >= 1))) + #define FALL_THROUGH __attribute__ ((fallthrough)); #endif #endif + #ifndef FALL_THROUGH + #define FALL_THROUGH + #endif /* Micrium will use Visual Studio for compilation but not the Win32 API */ #if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) && \