diff --git a/src/internal.c b/src/internal.c index d7d4e2b0b..5a362b637 100644 --- a/src/internal.c +++ b/src/internal.c @@ -6911,7 +6911,7 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup) } } /* writeDup check */ - if (ctx->mask != 0 && wolfSSL_set_options(ssl, ctx->mask) == 0) { + if (ctx->mask != 0 && wolfSSL_set_options(ssl, (long)ctx->mask) == 0) { WOLFSSL_MSG("wolfSSL_set_options error"); return BAD_FUNC_ARG; } @@ -7813,7 +7813,7 @@ void FreeKey(WOLFSSL* ssl, int type, void** pKey) int AllocKey(WOLFSSL* ssl, int type, void** pKey) { int ret = WC_NO_ERR_TRACE(BAD_FUNC_ARG); - int sz = 0; + size_t sz = 0; #ifdef HAVE_ECC ecc_key* eccKey; #endif /* HAVE_ECC */ @@ -8095,7 +8095,7 @@ void FreeKeyExchange(WOLFSSL* ssl) } /* Free handshake key */ - FreeKey(ssl, ssl->hsType, &ssl->hsKey); + FreeKey(ssl, (int)ssl->hsType, &ssl->hsKey); #ifdef WOLFSSL_DUAL_ALG_CERTS FreeKey(ssl, ssl->hsAltType, &ssl->hsAltKey); #endif /* WOLFSSL_DUAL_ALG_CERTS */ @@ -10359,7 +10359,7 @@ static int SendHandshakeMsg(WOLFSSL* ssl, byte* input, word32 inputSz, fragSz = inputSz - ssl->fragOffset; /* check for available size */ - outputSz = headerSz + fragSz; + outputSz = headerSz + (int)fragSz; if (IsEncryptionOn(ssl, 1)) outputSz += cipherExtraData(ssl); if ((ret = CheckAvailableSize(ssl, outputSz)) != 0) @@ -10417,7 +10417,7 @@ static int SendHandshakeMsg(WOLFSSL* ssl, byte* input, word32 inputSz, } #endif } - ssl->buffers.outputBuffer.length += outputSz; + ssl->buffers.outputBuffer.length += (word32)outputSz; #if defined(WOLFSSL_CALLBACKS) || defined(OPENSSL_EXTRA) if (ssl->hsInfoOn) { AddPacketName(ssl, packetName); @@ -10585,8 +10585,8 @@ void ShrinkOutputBuffer(WOLFSSL* ssl) * calls ShrinkInputBuffer itself when it is safe to do so. Don't overuse it. */ void ShrinkInputBuffer(WOLFSSL* ssl, int forcedFree) { - int usedLength = ssl->buffers.inputBuffer.length - - ssl->buffers.inputBuffer.idx; + int usedLength = (int)(ssl->buffers.inputBuffer.length - + ssl->buffers.inputBuffer.idx); if (!forcedFree && (usedLength > STATIC_BUFFER_LEN || ssl->buffers.clearOutputBuffer.length > 0)) return; @@ -10693,8 +10693,8 @@ retry: return SEND_OOB_READ_E; } - ssl->buffers.outputBuffer.idx += sent; - ssl->buffers.outputBuffer.length -= sent; + ssl->buffers.outputBuffer.idx += (word32)sent; + ssl->buffers.outputBuffer.length -= (word32)sent; } ssl->buffers.outputBuffer.idx = 0; @@ -10817,7 +10817,7 @@ int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength) return BAD_FUNC_ARG; } - tmp = (byte*)XMALLOC(size + usedLength + align, + tmp = (byte*)XMALLOC((size_t)(size + usedLength + align), ssl->heap, DYNAMIC_TYPE_IN_BUFFER); WOLFSSL_MSG("growing input buffer"); @@ -10861,7 +10861,7 @@ int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength) ssl->buffers.inputBuffer.offset = 0; ssl->buffers.inputBuffer.buffer = tmp; - ssl->buffers.inputBuffer.bufferSize = size + usedLength; + ssl->buffers.inputBuffer.bufferSize = (word32)(size + usedLength); ssl->buffers.inputBuffer.idx = 0; ssl->buffers.inputBuffer.length = (word32)usedLength; @@ -20312,7 +20312,7 @@ int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int macSz, /* 4th argument has potential to underflow, ssl->hmac function should * either increment the size by (macSz + padLen + 1) before use or check on * the size to make sure is valid. */ - ret = ssl->hmac(ssl, verify, input, pLen - macSz - padLen - 1, padLen, + ret = ssl->hmac(ssl, verify, input, (word32)(pLen - macSz - padLen - 1), padLen, content, 1, PEER_ORDER); good |= MaskMac(input, pLen, ssl->specs.hash_size, verify); @@ -20414,7 +20414,7 @@ int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx, int sniff) ivExtra = AESGCM_EXP_IV_SZ; } - dataSz = msgSz - ivExtra - ssl->keys.padSz; + dataSz = (int)(msgSz - (word32)ivExtra - ssl->keys.padSz); #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY) if (ssl->options.startedETMRead) dataSz -= MacSize(ssl); @@ -20450,7 +20450,7 @@ int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx, int sniff) if (dataSz < 0) return dataSz; } #endif - idx += rawSz; + idx += (word32)rawSz; ssl->buffers.clearOutputBuffer.buffer = rawData; ssl->buffers.clearOutputBuffer.length = (unsigned int)dataSz; @@ -20711,7 +20711,7 @@ static int DoAlert(WOLFSSL* ssl, byte* input, word32* inOutIdx, int* type) #endif if (IsEncryptionOn(ssl, 0)) { - int ivExtra = 0; + word32 ivExtra = 0; #ifndef WOLFSSL_AEAD_ONLY if (ssl->specs.cipher_type == block) { if (ssl->options.tls1_1) @@ -20790,9 +20790,9 @@ static int GetInputData(WOLFSSL *ssl, word32 size) /* check max input length */ - usedLength = ssl->buffers.inputBuffer.length - ssl->buffers.inputBuffer.idx; - maxLength = ssl->buffers.inputBuffer.bufferSize - usedLength; - inSz = (int)(size - usedLength); /* from last partial read */ + usedLength = (int)(ssl->buffers.inputBuffer.length - ssl->buffers.inputBuffer.idx); + maxLength = (int)(ssl->buffers.inputBuffer.bufferSize - (word32)usedLength); + inSz = (int)(size - (word32)usedLength); /* from last partial read */ #ifdef WOLFSSL_DTLS if (ssl->options.dtls && IsDtlsNotSctpMode(ssl)) { @@ -20814,7 +20814,7 @@ static int GetInputData(WOLFSSL *ssl, word32 size) } if (inSz > maxLength) { - if (GrowInputBuffer(ssl, size + dtlsExtra, usedLength) < 0) + if (GrowInputBuffer(ssl, (int)(size + (word32)dtlsExtra), usedLength) < 0) return MEMORY_E; } @@ -20847,7 +20847,7 @@ static int GetInputData(WOLFSSL *ssl, word32 size) return RECV_OVERFLOW_E; } - ssl->buffers.inputBuffer.length += in; + ssl->buffers.inputBuffer.length += (word32)in; inSz -= in; } while (ssl->buffers.inputBuffer.length < size); @@ -20933,8 +20933,8 @@ static WC_INLINE int VerifyMac(WOLFSSL* ssl, const byte* input, word32 msgSz, if (!ssl->ctx->VerifyMacCb || ret == WC_NO_ERR_TRACE(PROTOCOLCB_UNAVAILABLE)) #endif - ret = TimingPadVerify(ssl, input, pad, digestSz, msgSz - ivExtra, - content); + ret = TimingPadVerify(ssl, input, (int)pad, (int)digestSz, + (int)(msgSz - (word32)ivExtra), content); if (ret != 0) return ret; } @@ -21467,13 +21467,14 @@ default: /* Mask on indicates this is expected to be a * padding byte. */ - padding &= ctMaskLTE(i, ssl->keys.padSz); + padding &= ctMaskLTE((int)i, + (int)ssl->keys.padSz); /* When this is a padding byte and not equal * to length then mask is set. */ invalid |= padding & ctMaskNotEq(in->buffer[off - i], - ssl->keys.padSz); + (int)ssl->keys.padSz); } /* If mask is set then there was an error. */ if (invalid) { @@ -22287,7 +22288,7 @@ int SendChangeCipher(WOLFSSL* ssl) return ret; } #endif - ssl->buffers.outputBuffer.length += sendSz; + ssl->buffers.outputBuffer.length += (word32)sendSz; #ifdef WOLFSSL_TLS13 if (!ssl->options.tls1_3) @@ -22703,7 +22704,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, ssl->options.buildMsgState = BUILD_MSG_BEGIN; XMEMSET(args, 0, sizeof(BuildMsgArgs)); - args->sz = RECORD_HEADER_SZ + inSz; + args->sz = RECORD_HEADER_SZ + (word32)inSz; args->idx = RECORD_HEADER_SZ; args->headerSz = RECORD_HEADER_SZ; } @@ -22861,7 +22862,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, args->idx += min(args->ivSz, MAX_IV_SZ); } XMEMCPY(output + args->idx, input, inSz); - args->idx += inSz; + args->idx += (word32)inSz; ssl->options.buildMsgState = BUILD_MSG_HASH; } @@ -22873,7 +22874,8 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, goto exit_buildmsg; if (type == handshake && hashOutput) { - ret = HashOutput(ssl, output, args->headerSz + inSz, args->ivSz); + ret = HashOutput(ssl, output, + (int)(args->headerSz + (word32)inSz), (int)args->ivSz); if (ret != 0) goto exit_buildmsg; } @@ -23088,7 +23090,8 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, { ret = ssl->hmac(ssl, output + args->idx + args->pad + 1, output + args->headerSz, - args->ivSz + inSz + args->pad + 1, -1, type, + args->ivSz + (word32)inSz + args->pad + 1, + -1, type, 0, epochOrder); } } @@ -23183,7 +23186,8 @@ int SendFinished(WOLFSSL* ssl) /* get output buffer */ output = GetOutputBuffer(ssl); - AddHandShakeHeader(input, finishedSz, 0, finishedSz, finished, ssl); + AddHandShakeHeader(input, (word32)finishedSz, 0, + (word32)finishedSz, finished, ssl); /* make finished hashes */ hashes = (Hashes*)&input[headerSz]; @@ -23273,7 +23277,7 @@ int SendFinished(WOLFSSL* ssl) } #endif - ssl->buffers.outputBuffer.length += sendSz; + ssl->buffers.outputBuffer.length += (word32)sendSz; ret = SendBuffered(ssl); @@ -23705,7 +23709,7 @@ int SendCertificate(WOLFSSL* ssl) } if (inputSz > 0) { /* clang thinks could be zero, let's help */ - input = (byte*)XMALLOC(inputSz, ssl->heap, + input = (byte*)XMALLOC((size_t)inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); if (input == NULL) return MEMORY_E; @@ -23758,7 +23762,7 @@ int SendCertificate(WOLFSSL* ssl) } #endif - ssl->buffers.outputBuffer.length += sendSz; + ssl->buffers.outputBuffer.length += (word32)sendSz; if (!ssl->options.groupMessages) ret = SendBuffered(ssl); } @@ -23931,14 +23935,16 @@ int SendCertificateRequest(WOLFSSL* ssl) return BUFFER_E; } - input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); + input = (byte*)XMALLOC((size_t)inputSz, ssl->heap, + DYNAMIC_TYPE_IN_BUFFER); if (input == NULL) return MEMORY_E; XMEMCPY(input, output + recordHeaderSz, inputSz); #ifdef WOLFSSL_DTLS if (IsDtlsNotSctpMode(ssl) && - (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz, certificate_request)) != 0) { + (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz, + certificate_request)) != 0) { XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); return ret; } @@ -23953,7 +23959,8 @@ int SendCertificateRequest(WOLFSSL* ssl) sendSz = (int)i; #ifdef WOLFSSL_DTLS if (IsDtlsNotSctpMode(ssl)) { - if ((ret = DtlsMsgPoolSave(ssl, output, (word32)sendSz, certificate_request)) != 0) + if ((ret = DtlsMsgPoolSave(ssl, output, (word32)sendSz, + certificate_request)) != 0) return ret; } if (ssl->options.dtls) @@ -23974,7 +23981,7 @@ int SendCertificateRequest(WOLFSSL* ssl) return ret; } #endif - ssl->buffers.outputBuffer.length += sendSz; + ssl->buffers.outputBuffer.length += (word32)sendSz; if (ssl->options.groupMessages) ret = 0; else @@ -24708,7 +24715,7 @@ int SendData(WOLFSSL* ssl, const void* data, int sz) #ifdef WOLFSSL_ASYNC_CRYPT FreeAsyncCtx(ssl, 0); #endif - ssl->buffers.outputBuffer.length += sendSz; + ssl->buffers.outputBuffer.length += (word32)sendSz; if ( (ssl->error = SendBuffered(ssl)) < 0) { WOLFSSL_ERROR(ssl->error); @@ -24885,12 +24892,12 @@ startScr: #endif } - size = min(sz, (int)ssl->buffers.clearOutputBuffer.length); + size = (int)min((word32)sz, ssl->buffers.clearOutputBuffer.length); XMEMCPY(output, ssl->buffers.clearOutputBuffer.buffer, size); if (peek == 0) { - ssl->buffers.clearOutputBuffer.length -= size; + ssl->buffers.clearOutputBuffer.length -= (word32)size; ssl->buffers.clearOutputBuffer.buffer += size; } @@ -25075,7 +25082,7 @@ static int SendAlert_ex(WOLFSSL* ssl, int severity, int type) } } - ssl->buffers.outputBuffer.length += sendSz; + ssl->buffers.outputBuffer.length += (word32)sendSz; ret = SendBuffered(ssl); @@ -28372,7 +28379,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word32* length) #ifndef NO_RSA if (ssl->buffers.keyType == rsa_sa_algo || ssl->buffers.keyType == 0) { ssl->hsType = DYNAMIC_TYPE_RSA; - ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey); + ret = AllocKey(ssl, (int)ssl->hsType, &ssl->hsKey); if (ret != 0) { goto exit_dpk; } @@ -28421,7 +28428,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word32* length) #ifdef HAVE_ECC #ifndef NO_RSA - FreeKey(ssl, ssl->hsType, (void**)&ssl->hsKey); + FreeKey(ssl, (int)ssl->hsType, (void**)&ssl->hsKey); #endif /* !NO_RSA */ if (ssl->buffers.keyType == ecc_dsa_sa_algo || ssl->buffers.keyType == 0 @@ -28430,7 +28437,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word32* length) #endif ) { ssl->hsType = DYNAMIC_TYPE_ECC; - ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey); + ret = AllocKey(ssl, (int)ssl->hsType, &ssl->hsKey); if (ret != 0) { goto exit_dpk; } @@ -29583,14 +29590,16 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType, if (ssl->options.dtls) recordHeaderSz += DTLS_RECORD_EXTRA; inputSz -= recordHeaderSz; - input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); + input = (byte*)XMALLOC((size_t)inputSz, ssl->heap, + DYNAMIC_TYPE_IN_BUFFER); if (input == NULL) return MEMORY_E; XMEMCPY(input, output + recordHeaderSz, inputSz); #ifdef WOLFSSL_DTLS if (IsDtlsNotSctpMode(ssl) && - (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz, client_hello)) != 0) { + (ret = DtlsMsgPoolSave(ssl, input, (word32)inputSz, + client_hello)) != 0) { XFREE(input, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); return ret; } @@ -29634,7 +29643,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType, ssl->options.buildingMsg = 0; - ssl->buffers.outputBuffer.length += sendSz; + ssl->buffers.outputBuffer.length += (word32)sendSz; ret = SendBuffered(ssl); @@ -32208,7 +32217,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) /* create ephemeral private key */ ssl->hsType = DYNAMIC_TYPE_ECC; - ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey); + ret = AllocKey(ssl, (int)ssl->hsType, &ssl->hsKey); if (ret != 0) { goto exit_scke; } @@ -33032,8 +33041,8 @@ int SendClientKeyExchange(WOLFSSL* ssl) if (ssl->options.dtls) recordHeaderSz += DTLS_RECORD_EXTRA; - args->inputSz = idx - recordHeaderSz; /* buildmsg adds rechdr */ - args->input = (byte*)XMALLOC(args->inputSz, ssl->heap, + args->inputSz = (int)idx - recordHeaderSz; /* buildmsg adds rechdr */ + args->input = (byte*)XMALLOC((size_t)args->inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); if (args->input == NULL) { ERROR_OUT(MEMORY_E, exit_scke); @@ -33096,7 +33105,7 @@ int SendClientKeyExchange(WOLFSSL* ssl) } #endif - ssl->buffers.outputBuffer.length += args->sendSz; + ssl->buffers.outputBuffer.length += (word32)args->sendSz; if (!ssl->options.groupMessages) { ret = SendBuffered(ssl); @@ -33276,7 +33285,7 @@ int SendCertificateVerify(WOLFSSL* ssl) } /* Use tmp buffer */ - args->input = (byte*)XMALLOC(args->sendSz, + args->input = (byte*)XMALLOC((size_t)args->sendSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); if (args->input == NULL) ERROR_OUT(MEMORY_E, exit_scv); @@ -34211,7 +34220,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (ssl->options.dtls) recordHeaderSz += DTLS_RECORD_EXTRA; inputSz -= recordHeaderSz; - input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); + input = (byte*)XMALLOC((size_t)inputSz, ssl->heap, + DYNAMIC_TYPE_IN_BUFFER); if (input == NULL) return MEMORY_E; @@ -34256,7 +34266,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ssl->options.serverState = SERVER_HELLO_COMPLETE; ssl->options.buildingMsg = 0; - ssl->buffers.outputBuffer.length += sendSz; + ssl->buffers.outputBuffer.length += (word32)sendSz; if (ssl->options.groupMessages) ret = 0; @@ -34279,7 +34289,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return 0; } - return (byte)GetCurveByOID(key->dp->oidSum); + return (byte)GetCurveByOID((int)key->dp->oidSum); } #endif /* HAVE_ECC */ @@ -37752,7 +37762,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, inputSz += DTLS_HANDSHAKE_EXTRA; } - input = (byte*)XMALLOC(inputSz, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); + input = (byte*)XMALLOC((size_t)inputSz, ssl->heap, + DYNAMIC_TYPE_IN_BUFFER); if (input == NULL) return MEMORY_E; @@ -37797,7 +37808,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ssl->options.serverState = SERVER_HELLODONE_COMPLETE; ssl->options.buildingMsg = 0; - ssl->buffers.outputBuffer.length += sendSz; + ssl->buffers.outputBuffer.length += (word32)sendSz; ret = SendBuffered(ssl); @@ -41484,7 +41495,8 @@ static int DoAppleNativeCertValidation(const WOLFSSL_BUFFER_INFO* certs, } for (i = 0; i < totalCerts; i++) { - secCert = ConvertToSecCertificateRef(certs[i].buffer, certs[i].length); + secCert = ConvertToSecCertificateRef(certs[i].buffer, + (int)certs[i].length); if (!secCert) { WOLFSSL_MSG("Error: can't convert DER cert to SecCertificateRef"); ret = 0; diff --git a/src/ssl.c b/src/ssl.c index 6ddf317c2..1eca6af16 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1708,7 +1708,7 @@ const char* wolfSSL_get_shared_ciphers(WOLFSSL* ssl, char* buf, int len) return NULL; cipher = wolfSSL_get_cipher_name_iana(ssl); - len = (int)min((word32)len, (int)(XSTRLEN(cipher) + 1)); + len = (int)min((word32)len, (word32)(XSTRLEN(cipher) + 1)); XMEMCPY(buf, cipher, len); return buf; } @@ -4698,7 +4698,7 @@ int wolfSSL_pending(WOLFSSL* ssl) if (ssl == NULL) return WOLFSSL_FAILURE; - return ssl->buffers.clearOutputBuffer.length; + return (int)ssl->buffers.clearOutputBuffer.length; } int wolfSSL_has_pending(const WOLFSSL* ssl) @@ -10454,7 +10454,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl) sending += (int)iov[i].iov_len; if (sending > (int)sizeof(staticBuffer)) { - myBuffer = (byte*)XMALLOC(sending, ssl->heap, + myBuffer = (byte*)XMALLOC((size_t)sending, ssl->heap, DYNAMIC_TYPE_WRITEV); if (!myBuffer) return MEMORY_ERROR; @@ -11797,7 +11797,7 @@ cleanup: WOLFSSL_MSG("wolfSSL options are set through API calls and macros"); if(ctx == NULL) return BAD_FUNC_ARG; - return ctx->mask; + return (long)ctx->mask; } /* forward declaration */ @@ -11810,7 +11810,7 @@ cleanup: if (ctx == NULL) return BAD_FUNC_ARG; - ctx->mask = wolf_set_options(ctx->mask, opt); + ctx->mask = (unsigned long)wolf_set_options((long)ctx->mask, opt); #if defined(HAVE_SESSION_TICKET) && (defined(OPENSSL_EXTRA) \ || defined(HAVE_WEBSERVER) || defined(WOLFSSL_WPAS_SMALL)) if ((ctx->mask & WOLFSSL_OP_NO_TICKET) == WOLFSSL_OP_NO_TICKET) { @@ -11826,7 +11826,7 @@ cleanup: #endif */ #endif - return ctx->mask; + return (long)ctx->mask; } long wolfSSL_CTX_clear_options(WOLFSSL_CTX* ctx, long opt) @@ -11834,8 +11834,8 @@ cleanup: WOLFSSL_ENTER("wolfSSL_CTX_clear_options"); if(ctx == NULL) return BAD_FUNC_ARG; - ctx->mask &= ~opt; - return ctx->mask; + ctx->mask &= (unsigned long)~opt; + return (long)ctx->mask; } #ifdef OPENSSL_EXTRA @@ -14341,7 +14341,7 @@ word32 wolfSSL_CIPHER_get_id(const WOLFSSL_CIPHER* cipher) WOLFSSL_ENTER("wolfSSL_CIPHER_get_id"); if (cipher && cipher->ssl) { - cipher_id = (cipher->ssl->options.cipherSuite0 << 8) | + cipher_id = (word16)(cipher->ssl->options.cipherSuite0 << 8) | cipher->ssl->options.cipherSuite; } @@ -16031,7 +16031,7 @@ long wolfSSL_set_options(WOLFSSL* ssl, long op) return 0; } - ssl->options.mask = wolf_set_options(ssl->options.mask, op); + ssl->options.mask = (unsigned long)wolf_set_options((long)ssl->options.mask, op); if ((ssl->options.mask & WOLFSSL_OP_NO_TLSv1_3) == WOLFSSL_OP_NO_TLSv1_3) { WOLFSSL_MSG("Disabling TLS 1.3"); @@ -16134,7 +16134,7 @@ long wolfSSL_set_options(WOLFSSL* ssl, long op) } } - return ssl->options.mask; + return (long)ssl->options.mask; } @@ -16143,7 +16143,7 @@ long wolfSSL_get_options(const WOLFSSL* ssl) WOLFSSL_ENTER("wolfSSL_get_options"); if(ssl == NULL) return WOLFSSL_FAILURE; - return ssl->options.mask; + return (long)ssl->options.mask; } #if defined(HAVE_SECURE_RENEGOTIATION) \ diff --git a/src/ssl_load.c b/src/ssl_load.c index 31e47bb3d..d27295c65 100644 --- a/src/ssl_load.c +++ b/src/ssl_load.c @@ -1561,7 +1561,7 @@ static void ProcessBufferCertSetHave(WOLFSSL_CTX* ctx, WOLFSSL* ssl, #endif #ifndef WC_STRICT_SIG if ((ctx != NULL) || (ssl != NULL)) { - wolfssl_set_have_from_key_oid(ctx, ssl, cert->keyOID); + wolfssl_set_have_from_key_oid(ctx, ssl, (int)cert->keyOID); } #else /* Set whether ECC is available based on signature available. */ @@ -5272,8 +5272,8 @@ int wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz, if (ret == 1) { /* Allocate buffers for p and g to be assigned into SSL. */ - pAlloc = (byte*)XMALLOC(pSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); - gAlloc = (byte*)XMALLOC(gSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); + pAlloc = (byte*)XMALLOC((size_t)pSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); + gAlloc = (byte*)XMALLOC((size_t)gSz, ssl->heap, DYNAMIC_TYPE_PUBLIC_KEY); if ((pAlloc == NULL) || (gAlloc == NULL)) { /* Memory will be freed below in the (ret != 1) block */ ret = MEMORY_E; @@ -5332,7 +5332,7 @@ static int wolfssl_check_dh_key(unsigned char* p, int pSz, unsigned char* g, /* Initialize a DH object. */ if ((ret = wc_InitDhKey(checkKey)) == 0) { /* Check DH parameters. */ - ret = wc_DhSetCheckKey(checkKey, p, (word32)pSz, g, gSz, NULL, 0, 0, &rng); + ret = wc_DhSetCheckKey(checkKey, p, (word32)pSz, g, (word32)gSz, NULL, 0, 0, &rng); /* Dispose of DH object. */ wc_FreeDhKey(checkKey); } @@ -5431,8 +5431,8 @@ int wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX* ctx, const unsigned char* p, int pSz, if (ret == 1) { /* Allocate buffers for p and g to be assigned into SSL context. */ - pAlloc = (byte*)XMALLOC(pSz, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY); - gAlloc = (byte*)XMALLOC(gSz, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY); + pAlloc = (byte*)XMALLOC((size_t)pSz, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY); + gAlloc = (byte*)XMALLOC((size_t)gSz, ctx->heap, DYNAMIC_TYPE_PUBLIC_KEY); if ((pAlloc == NULL) || (gAlloc == NULL)) { ret = MEMORY_E; } @@ -5687,11 +5687,11 @@ static int ws_ctx_ssl_set_tmp_dh(WOLFSSL_CTX* ctx, WOLFSSL* ssl, } else if (ssl != NULL) { /* Set p and g into SSL. */ - res = wolfssl_set_tmp_dh(ssl, p, (int)pSz, g, gSz); + res = wolfssl_set_tmp_dh(ssl, p, (int)pSz, g, (int)gSz); } else { /* Set p and g into SSL context. */ - res = wolfssl_ctx_set_tmp_dh(ctx, p, (int)pSz, g, gSz); + res = wolfssl_ctx_set_tmp_dh(ctx, p, (int)pSz, g, (int)gSz); } } diff --git a/src/ssl_sess.c b/src/ssl_sess.c index b11925eab..0df3ab62b 100644 --- a/src/ssl_sess.c +++ b/src/ssl_sess.c @@ -1004,7 +1004,7 @@ WOLFSSL_SESSION* wolfSSL_GetSessionClient(WOLFSSL* ssl, const byte* id, int len) #else current = &sessRow->Sessions[clSess[idx].serverIdx]; #endif - if (current && XMEMCMP(current->serverID, id, len) == 0) { + if (current && XMEMCMP(current->serverID, id, (unsigned long)len) == 0) { WOLFSSL_MSG("Found a serverid match for client"); if (LowResTimer() < (current->bornOn + current->timeout)) { WOLFSSL_MSG("Session valid");