- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 3875e99..8b87668 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -42,7 +42,6 @@
#include "polarssl/debug.h"
#include "polarssl/ssl.h"
-#include <string.h>
#include <stdlib.h>
#include <time.h>
@@ -53,12 +52,12 @@
/*
* Key material generation
*/
-static int tls1_prf( unsigned char *secret, int slen, char *label,
- unsigned char *random, int rlen,
- unsigned char *dstbuf, int dlen )
+static int tls1_prf( unsigned char *secret, size_t slen, char *label,
+ unsigned char *random, size_t rlen,
+ unsigned char *dstbuf, size_t dlen )
{
- int nb, hs;
- int i, j, k;
+ size_t nb, hs;
+ size_t i, j, k;
unsigned char *S1, *S2;
unsigned char tmp[128];
unsigned char h_i[20];
@@ -139,7 +138,7 @@
*/
if( ssl->resume == 0 )
{
- int len = ssl->pmslen;
+ size_t len = ssl->pmslen;
SSL_DEBUG_BUF( 3, "premaster secret", ssl->premaster, len );
@@ -431,7 +430,7 @@
* SSLv3.0 MAC functions
*/
static void ssl_mac_md5( unsigned char *secret,
- unsigned char *buf, int len,
+ unsigned char *buf, size_t len,
unsigned char *ctr, int type )
{
unsigned char header[11];
@@ -460,7 +459,7 @@
}
static void ssl_mac_sha1( unsigned char *secret,
- unsigned char *buf, int len,
+ unsigned char *buf, size_t len,
unsigned char *ctr, int type )
{
unsigned char header[11];
@@ -493,7 +492,7 @@
*/
static int ssl_encrypt_buf( ssl_context *ssl )
{
- int i, padlen;
+ size_t i, padlen;
SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) );
@@ -530,8 +529,8 @@
ssl->out_msglen += ssl->maclen;
- for( i = 7; i >= 0; i-- )
- if( ++ssl->out_ctr[i] != 0 )
+ for( i = 8; i > 0; i-- )
+ if( ++ssl->out_ctr[i - 1] != 0 )
break;
if( ssl->ivlen == 0 )
@@ -556,7 +555,7 @@
else
{
unsigned char *enc_msg;
- int enc_msglen;
+ size_t enc_msglen;
padlen = ssl->ivlen - ( ssl->out_msglen + 1 ) % ssl->ivlen;
if( padlen == ssl->ivlen )
@@ -615,29 +614,29 @@
case 16:
#if defined(POLARSSL_AES_C)
- if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
- ssl->session->ciphersuite == SSL_RSA_AES_256_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA)
- {
+ if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
+ ssl->session->ciphersuite == SSL_RSA_AES_256_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA)
+ {
aes_crypt_cbc( (aes_context *) ssl->ctx_enc,
AES_ENCRYPT, enc_msglen,
ssl->iv_enc, enc_msg, enc_msg);
break;
- }
+ }
#endif
#if defined(POLARSSL_CAMELLIA_C)
- if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
- {
+ if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
+ ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
+ {
camellia_crypt_cbc( (camellia_context *) ssl->ctx_enc,
CAMELLIA_ENCRYPT, enc_msglen,
ssl->iv_enc, enc_msg, enc_msg );
break;
- }
+ }
#endif
default:
@@ -652,7 +651,7 @@
static int ssl_decrypt_buf( ssl_context *ssl )
{
- int i, padlen;
+ size_t i, padlen;
unsigned char tmp[20];
SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) );
@@ -679,7 +678,7 @@
{
unsigned char *dec_msg;
unsigned char *dec_msg_result;
- int dec_msglen;
+ size_t dec_msglen;
/*
* Decrypt and check the padding
@@ -720,29 +719,29 @@
case 16:
#if defined(POLARSSL_AES_C)
- if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
- ssl->session->ciphersuite == SSL_RSA_AES_256_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA)
- {
+ if ( ssl->session->ciphersuite == SSL_RSA_AES_128_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_AES_128_SHA ||
+ ssl->session->ciphersuite == SSL_RSA_AES_256_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_AES_256_SHA)
+ {
aes_crypt_cbc( (aes_context *) ssl->ctx_dec,
AES_DECRYPT, dec_msglen,
ssl->iv_dec, dec_msg, dec_msg_result );
break;
- }
+ }
#endif
#if defined(POLARSSL_CAMELLIA_C)
- if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
- ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA ||
- ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
- {
+ if ( ssl->session->ciphersuite == SSL_RSA_CAMELLIA_128_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_128_SHA ||
+ ssl->session->ciphersuite == SSL_RSA_CAMELLIA_256_SHA ||
+ ssl->session->ciphersuite == SSL_EDH_RSA_CAMELLIA_256_SHA)
+ {
camellia_crypt_cbc( (camellia_context *) ssl->ctx_dec,
CAMELLIA_DECRYPT, dec_msglen,
ssl->iv_dec, dec_msg, dec_msg_result );
break;
- }
+ }
#endif
default:
@@ -851,8 +850,8 @@
else
ssl->nb_zero = 0;
- for( i = 7; i >= 0; i-- )
- if( ++ssl->in_ctr[i] != 0 )
+ for( i = 8; i > 0; i-- )
+ if( ++ssl->in_ctr[i - 1] != 0 )
break;
SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) );
@@ -863,9 +862,10 @@
/*
* Fill the input message buffer
*/
-int ssl_fetch_input( ssl_context *ssl, int nb_want )
+int ssl_fetch_input( ssl_context *ssl, size_t nb_want )
{
- int ret, len;
+ int ret;
+ size_t len;
SSL_DEBUG_MSG( 2, ( "=> fetch input" ) );
@@ -924,7 +924,8 @@
*/
int ssl_write_record( ssl_context *ssl )
{
- int ret, len = ssl->out_msglen;
+ int ret;
+ size_t len = ssl->out_msglen;
SSL_DEBUG_MSG( 2, ( "=> write record" ) );
@@ -1181,7 +1182,8 @@
*/
int ssl_write_certificate( ssl_context *ssl )
{
- int ret, i, n;
+ int ret;
+ size_t i, n;
const x509_cert *crt;
SSL_DEBUG_MSG( 2, ( "=> write certificate" ) );
@@ -1277,7 +1279,8 @@
int ssl_parse_certificate( ssl_context *ssl )
{
- int ret, i, n;
+ int ret;
+ size_t i, n;
SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) );
@@ -1621,10 +1624,11 @@
int ssl_parse_finished( ssl_context *ssl )
{
- int ret, hash_len;
- md5_context md5;
- sha1_context sha1;
+ int ret;
+ unsigned int hash_len;
unsigned char buf[36];
+ md5_context md5;
+ sha1_context sha1;
SSL_DEBUG_MSG( 2, ( "=> parse finished" ) );
@@ -1758,8 +1762,8 @@
}
void ssl_set_bio( ssl_context *ssl,
- int (*f_recv)(void *, unsigned char *, int), void *p_recv,
- int (*f_send)(void *, unsigned char *, int), void *p_send )
+ int (*f_recv)(void *, unsigned char *, size_t), void *p_recv,
+ int (*f_send)(void *, unsigned char *, size_t), void *p_send )
{
ssl->f_recv = f_recv;
ssl->f_send = f_send;
@@ -1869,7 +1873,7 @@
/*
* SSL get accessors
*/
-int ssl_get_bytes_avail( const ssl_context *ssl )
+size_t ssl_get_bytes_avail( const ssl_context *ssl )
{
return( ssl->in_offt == NULL ? 0 : ssl->in_msglen );
}
@@ -2064,9 +2068,10 @@
/*
* Receive application data decrypted from the SSL layer
*/
-int ssl_read( ssl_context *ssl, unsigned char *buf, int len )
+int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len )
{
- int ret, n;
+ int ret;
+ size_t n;
SSL_DEBUG_MSG( 2, ( "=> read" ) );
@@ -2124,15 +2129,16 @@
SSL_DEBUG_MSG( 2, ( "<= read" ) );
- return( n );
+ return( (int) n );
}
/*
* Send application data to be encrypted by the SSL layer
*/
-int ssl_write( ssl_context *ssl, const unsigned char *buf, int len )
+int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len )
{
- int ret, n;
+ int ret;
+ size_t n;
SSL_DEBUG_MSG( 2, ( "=> write" ) );
@@ -2169,7 +2175,7 @@
SSL_DEBUG_MSG( 2, ( "<= write" ) );
- return( n );
+ return( (int) n );
}
/*