[Openvpn-devel] [S] Change in openvpn[master]: crypto_backend: fix type of enc parameter
cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/548?usp=email ) Change subject: crypto_backend: fix type of enc parameter .. crypto_backend: fix type of enc parameter We had parts of a abstraction, but it wasn't consistent. GCC 13 now complains about the type mismatch with mbedtls now: crypto_mbedtls.c:568:1: error: conflicting types for ‘cipher_ctx_init’ due to enum/integer mismatch; have ‘void(mbedtls_cipher_context_t *, const uint8_t *, const char *, const mbedtls_operation_t)’ [...] [-Werror=enum-int-mismatch] crypto_backend.h:341:6: note: previous declaration of ‘cipher_ctx_init’ with type ‘void(cipher_ctx_t *, const uint8_t *, const char *, int)’ [...] Previous compiler versions did not complain. v2: - clean solution instead of quick solution. Fix the actual API definition Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Signed-off-by: Frank Lichtenheld Acked-by: Arne Schwabe Message-Id: <20240327162621.1792414-1-fr...@lichtenheld.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28498.html Signed-off-by: Gert Doering --- M src/openvpn/crypto_backend.h M src/openvpn/crypto_mbedtls.c M src/openvpn/crypto_mbedtls.h M src/openvpn/crypto_openssl.c M src/openvpn/crypto_openssl.h 5 files changed, 9 insertions(+), 5 deletions(-) diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h index 8d37e64..c454c64 100644 --- a/src/openvpn/crypto_backend.h +++ b/src/openvpn/crypto_backend.h @@ -336,10 +336,10 @@ * @param key Buffer containing the key to use * @param ciphernameCiphername of the cipher to use * @param enc Whether to encrypt or decrypt (either - * \c MBEDTLS_OP_ENCRYPT or \c MBEDTLS_OP_DECRYPT). + * \c OPENVPN_OP_ENCRYPT or \c OPENVPN_OP_DECRYPT). */ void cipher_ctx_init(cipher_ctx_t *ctx, const uint8_t *key, - const char *cipername, int enc); + const char *cipername, crypto_operation_t enc); /** * Returns the size of the IV used by the cipher, in bytes, or 0 if no IV is diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index 1a39752..c230292 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -566,7 +566,7 @@ void cipher_ctx_init(mbedtls_cipher_context_t *ctx, const uint8_t *key, -const char *ciphername, const mbedtls_operation_t operation) +const char *ciphername, crypto_operation_t enc) { ASSERT(NULL != ciphername && NULL != ctx); CLEAR(*ctx); @@ -580,7 +580,7 @@ msg(M_FATAL, "mbed TLS cipher context init #1"); } -if (!mbed_ok(mbedtls_cipher_setkey(ctx, key, (int)key_bitlen, operation))) +if (!mbed_ok(mbedtls_cipher_setkey(ctx, key, (int)key_bitlen, enc))) { msg(M_FATAL, "mbed TLS cipher set key"); } diff --git a/src/openvpn/crypto_mbedtls.h b/src/openvpn/crypto_mbedtls.h index 46f76e2..48d1e20 100644 --- a/src/openvpn/crypto_mbedtls.h +++ b/src/openvpn/crypto_mbedtls.h @@ -63,6 +63,8 @@ /** Cipher is in GCM mode */ #define OPENVPN_MODE_GCMMBEDTLS_MODE_GCM +typedef mbedtls_operation_t crypto_operation_t; + /** Cipher should encrypt */ #define OPENVPN_OP_ENCRYPT MBEDTLS_ENCRYPT diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index 50683b6..bfc5e37 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -840,7 +840,7 @@ void cipher_ctx_init(EVP_CIPHER_CTX *ctx, const uint8_t *key, -const char *ciphername, int enc) +const char *ciphername, crypto_operation_t enc) { ASSERT(NULL != ciphername && NULL != ctx); evp_cipher_type *kt = cipher_get(ciphername); diff --git a/src/openvpn/crypto_openssl.h b/src/openvpn/crypto_openssl.h index c0e95b4..4cd988a 100644 --- a/src/openvpn/crypto_openssl.h +++ b/src/openvpn/crypto_openssl.h @@ -85,6 +85,8 @@ /** Cipher is in GCM mode */ #define OPENVPN_MODE_GCMEVP_CIPH_GCM_MODE +typedef int crypto_operation_t; + /** Cipher should encrypt */ #define OPENVPN_OP_ENCRYPT 1 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/548?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Gerrit-Change-Number: 548 Gerrit-PatchSet: 4 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-CC: ordex Gerrit-MessageType: merged ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: crypto_backend: fix type of enc parameter
cron2 has uploaded a new patch set (#4) to the change originally created by flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/548?usp=email ) The following approvals got outdated and were removed: Code-Review+2 by plaisthos Change subject: crypto_backend: fix type of enc parameter .. crypto_backend: fix type of enc parameter We had parts of a abstraction, but it wasn't consistent. GCC 13 now complains about the type mismatch with mbedtls now: crypto_mbedtls.c:568:1: error: conflicting types for ‘cipher_ctx_init’ due to enum/integer mismatch; have ‘void(mbedtls_cipher_context_t *, const uint8_t *, const char *, const mbedtls_operation_t)’ [...] [-Werror=enum-int-mismatch] crypto_backend.h:341:6: note: previous declaration of ‘cipher_ctx_init’ with type ‘void(cipher_ctx_t *, const uint8_t *, const char *, int)’ [...] Previous compiler versions did not complain. v2: - clean solution instead of quick solution. Fix the actual API definition Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Signed-off-by: Frank Lichtenheld Acked-by: Arne Schwabe Message-Id: <20240327162621.1792414-1-fr...@lichtenheld.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28498.html Signed-off-by: Gert Doering --- M src/openvpn/crypto_backend.h M src/openvpn/crypto_mbedtls.c M src/openvpn/crypto_mbedtls.h M src/openvpn/crypto_openssl.c M src/openvpn/crypto_openssl.h 5 files changed, 9 insertions(+), 5 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/48/548/4 diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h index 8d37e64..c454c64 100644 --- a/src/openvpn/crypto_backend.h +++ b/src/openvpn/crypto_backend.h @@ -336,10 +336,10 @@ * @param key Buffer containing the key to use * @param ciphernameCiphername of the cipher to use * @param enc Whether to encrypt or decrypt (either - * \c MBEDTLS_OP_ENCRYPT or \c MBEDTLS_OP_DECRYPT). + * \c OPENVPN_OP_ENCRYPT or \c OPENVPN_OP_DECRYPT). */ void cipher_ctx_init(cipher_ctx_t *ctx, const uint8_t *key, - const char *cipername, int enc); + const char *cipername, crypto_operation_t enc); /** * Returns the size of the IV used by the cipher, in bytes, or 0 if no IV is diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index 1a39752..c230292 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -566,7 +566,7 @@ void cipher_ctx_init(mbedtls_cipher_context_t *ctx, const uint8_t *key, -const char *ciphername, const mbedtls_operation_t operation) +const char *ciphername, crypto_operation_t enc) { ASSERT(NULL != ciphername && NULL != ctx); CLEAR(*ctx); @@ -580,7 +580,7 @@ msg(M_FATAL, "mbed TLS cipher context init #1"); } -if (!mbed_ok(mbedtls_cipher_setkey(ctx, key, (int)key_bitlen, operation))) +if (!mbed_ok(mbedtls_cipher_setkey(ctx, key, (int)key_bitlen, enc))) { msg(M_FATAL, "mbed TLS cipher set key"); } diff --git a/src/openvpn/crypto_mbedtls.h b/src/openvpn/crypto_mbedtls.h index 46f76e2..48d1e20 100644 --- a/src/openvpn/crypto_mbedtls.h +++ b/src/openvpn/crypto_mbedtls.h @@ -63,6 +63,8 @@ /** Cipher is in GCM mode */ #define OPENVPN_MODE_GCMMBEDTLS_MODE_GCM +typedef mbedtls_operation_t crypto_operation_t; + /** Cipher should encrypt */ #define OPENVPN_OP_ENCRYPT MBEDTLS_ENCRYPT diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index 50683b6..bfc5e37 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -840,7 +840,7 @@ void cipher_ctx_init(EVP_CIPHER_CTX *ctx, const uint8_t *key, -const char *ciphername, int enc) +const char *ciphername, crypto_operation_t enc) { ASSERT(NULL != ciphername && NULL != ctx); evp_cipher_type *kt = cipher_get(ciphername); diff --git a/src/openvpn/crypto_openssl.h b/src/openvpn/crypto_openssl.h index c0e95b4..4cd988a 100644 --- a/src/openvpn/crypto_openssl.h +++ b/src/openvpn/crypto_openssl.h @@ -85,6 +85,8 @@ /** Cipher is in GCM mode */ #define OPENVPN_MODE_GCMEVP_CIPH_GCM_MODE +typedef int crypto_operation_t; + /** Cipher should encrypt */ #define OPENVPN_OP_ENCRYPT 1 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/548?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Gerrit-Change-Number: 548 Gerrit-PatchSet: 4 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-CC: ordex Gerrit-MessageType: newpatchset ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net
[Openvpn-devel] [S] Change in openvpn[master]: crypto_backend: fix type of enc parameter
Attention is currently required from: flichtenheld, ordex. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/548?usp=email ) Change subject: crypto_backend: fix type of enc parameter .. Patch Set 3: (1 comment) File src/openvpn/crypto_mbedtls.c: http://gerrit.openvpn.net/c/openvpn/+/548/comment/997ae8f4_a9d0ede6 : PS3, Line 569: const char *ciphername, crypto_operation_t enc) > Acknowledged There is a -1 state in OpenSSL that mean "don't change when reinitialising" that we do not use. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/548?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Gerrit-Change-Number: 548 Gerrit-PatchSet: 3 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-CC: ordex Gerrit-Attention: flichtenheld Gerrit-Attention: ordex Gerrit-Comment-Date: Wed, 27 Mar 2024 18:44:04 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: plaisthos Comment-In-Reply-To: flichtenheld Comment-In-Reply-To: ordex Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: crypto_backend: fix type of enc parameter
Attention is currently required from: ordex, plaisthos. flichtenheld has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/548?usp=email ) Change subject: crypto_backend: fix type of enc parameter .. Patch Set 3: (1 comment) File src/openvpn/crypto_mbedtls.c: http://gerrit.openvpn.net/c/openvpn/+/548/comment/54a6d210_d1fef5e2 : PS3, Line 569: const char *ciphername, crypto_operation_t enc) > still dirty if you ask me, but it's a nit pick Acknowledged -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/548?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Gerrit-Change-Number: 548 Gerrit-PatchSet: 3 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-CC: ordex Gerrit-Attention: plaisthos Gerrit-Attention: ordex Gerrit-Comment-Date: Wed, 27 Mar 2024 16:25:43 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: plaisthos Comment-In-Reply-To: flichtenheld Comment-In-Reply-To: ordex Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: crypto_backend: fix type of enc parameter
Attention is currently required from: flichtenheld, plaisthos. ordex has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/548?usp=email ) Change subject: crypto_backend: fix type of enc parameter .. Patch Set 3: (1 comment) File src/openvpn/crypto_mbedtls.c: http://gerrit.openvpn.net/c/openvpn/+/548/comment/c7af8f42_1c7d88cd : PS3, Line 569: const char *ciphername, crypto_operation_t enc) > Also, in practice it is a boolean. […] still dirty if you ask me, but it's a nit pick -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/548?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Gerrit-Change-Number: 548 Gerrit-PatchSet: 3 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-CC: ordex Gerrit-Attention: plaisthos Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Wed, 27 Mar 2024 15:25:50 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: plaisthos Comment-In-Reply-To: flichtenheld Comment-In-Reply-To: ordex Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: crypto_backend: fix type of enc parameter
Attention is currently required from: ordex, plaisthos. flichtenheld has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/548?usp=email ) Change subject: crypto_backend: fix type of enc parameter .. Patch Set 3: (1 comment) File src/openvpn/crypto_mbedtls.c: http://gerrit.openvpn.net/c/openvpn/+/548/comment/dc2be5d0_47f83eb9 : PS3, Line 569: const char *ciphername, crypto_operation_t enc) > It matches the OpenSSL API, it also uses int enc ... Also, in practice it is a boolean. The third state is only for indicating error when used as a return value. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/548?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Gerrit-Change-Number: 548 Gerrit-PatchSet: 3 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-CC: ordex Gerrit-Attention: plaisthos Gerrit-Attention: ordex Gerrit-Comment-Date: Wed, 27 Mar 2024 15:19:32 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: plaisthos Comment-In-Reply-To: ordex Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: crypto_backend: fix type of enc parameter
Attention is currently required from: flichtenheld, ordex. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/548?usp=email ) Change subject: crypto_backend: fix type of enc parameter .. Patch Set 3: (1 comment) File src/openvpn/crypto_mbedtls.c: http://gerrit.openvpn.net/c/openvpn/+/548/comment/4014ab83_686bac9b : PS3, Line 569: const char *ciphername, crypto_operation_t enc) > may I argue that the name "operation" (or just "op") is more appropriate as > this is not a bool (encr […] It matches the OpenSSL API, it also uses int enc ... -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/548?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Gerrit-Change-Number: 548 Gerrit-PatchSet: 3 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-CC: ordex Gerrit-Attention: flichtenheld Gerrit-Attention: ordex Gerrit-Comment-Date: Wed, 27 Mar 2024 13:34:00 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Comment-In-Reply-To: ordex Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: crypto_backend: fix type of enc parameter
Attention is currently required from: flichtenheld. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/548?usp=email ) Change subject: crypto_backend: fix type of enc parameter .. Patch Set 3: Code-Review+2 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/548?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Gerrit-Change-Number: 548 Gerrit-PatchSet: 3 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-CC: ordex Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Wed, 27 Mar 2024 13:32:50 + Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: crypto_backend: fix type of enc parameter
Attention is currently required from: flichtenheld, plaisthos. ordex has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/548?usp=email ) Change subject: crypto_backend: fix type of enc parameter .. Patch Set 3: (2 comments) Patchset: PS3: Thanks for introducing the typedef - this looks much cleaner, as Arne also suggested. However, I have a nit pick about the arg naming. File src/openvpn/crypto_mbedtls.c: http://gerrit.openvpn.net/c/openvpn/+/548/comment/f5ffc802_2b16c413 : PS3, Line 569: const char *ciphername, crypto_operation_t enc) may I argue that the name "operation" (or just "op") is more appropriate as this is not a bool (encrypt or not encrypt), but rather an enum being assigned some op? -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/548?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Gerrit-Change-Number: 548 Gerrit-PatchSet: 3 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-CC: ordex Gerrit-Attention: plaisthos Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Wed, 27 Mar 2024 13:24:24 + Gerrit-HasComments: Yes Gerrit-Has-Labels: No Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: crypto_backend: fix type of enc parameter
Attention is currently required from: flichtenheld, plaisthos. Hello plaisthos, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/548?usp=email to look at the new patch set (#3). Change subject: crypto_backend: fix type of enc parameter .. crypto_backend: fix type of enc parameter We had parts of a abstraction, but it wasn't consistent. GCC 13 now complains about the type mismatch with mbedtls now: crypto_mbedtls.c:568:1: error: conflicting types for ‘cipher_ctx_init’ due to enum/integer mismatch; have ‘void(mbedtls_cipher_context_t *, const uint8_t *, const char *, const mbedtls_operation_t)’ [...] [-Werror=enum-int-mismatch] crypto_backend.h:341:6: note: previous declaration of ‘cipher_ctx_init’ with type ‘void(cipher_ctx_t *, const uint8_t *, const char *, int)’ [...] Previous compiler versions did not complain. v2: - clean solution instead of quick solution. Fix the actual API definition Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Signed-off-by: Frank Lichtenheld --- M src/openvpn/crypto_backend.h M src/openvpn/crypto_mbedtls.c M src/openvpn/crypto_mbedtls.h M src/openvpn/crypto_openssl.c M src/openvpn/crypto_openssl.h 5 files changed, 9 insertions(+), 5 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/48/548/3 diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h index 8d37e64..c454c64 100644 --- a/src/openvpn/crypto_backend.h +++ b/src/openvpn/crypto_backend.h @@ -336,10 +336,10 @@ * @param key Buffer containing the key to use * @param ciphernameCiphername of the cipher to use * @param enc Whether to encrypt or decrypt (either - * \c MBEDTLS_OP_ENCRYPT or \c MBEDTLS_OP_DECRYPT). + * \c OPENVPN_OP_ENCRYPT or \c OPENVPN_OP_DECRYPT). */ void cipher_ctx_init(cipher_ctx_t *ctx, const uint8_t *key, - const char *cipername, int enc); + const char *cipername, crypto_operation_t enc); /** * Returns the size of the IV used by the cipher, in bytes, or 0 if no IV is diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index 1a39752..c230292 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -566,7 +566,7 @@ void cipher_ctx_init(mbedtls_cipher_context_t *ctx, const uint8_t *key, -const char *ciphername, const mbedtls_operation_t operation) +const char *ciphername, crypto_operation_t enc) { ASSERT(NULL != ciphername && NULL != ctx); CLEAR(*ctx); @@ -580,7 +580,7 @@ msg(M_FATAL, "mbed TLS cipher context init #1"); } -if (!mbed_ok(mbedtls_cipher_setkey(ctx, key, (int)key_bitlen, operation))) +if (!mbed_ok(mbedtls_cipher_setkey(ctx, key, (int)key_bitlen, enc))) { msg(M_FATAL, "mbed TLS cipher set key"); } diff --git a/src/openvpn/crypto_mbedtls.h b/src/openvpn/crypto_mbedtls.h index 46f76e2..48d1e20 100644 --- a/src/openvpn/crypto_mbedtls.h +++ b/src/openvpn/crypto_mbedtls.h @@ -63,6 +63,8 @@ /** Cipher is in GCM mode */ #define OPENVPN_MODE_GCMMBEDTLS_MODE_GCM +typedef mbedtls_operation_t crypto_operation_t; + /** Cipher should encrypt */ #define OPENVPN_OP_ENCRYPT MBEDTLS_ENCRYPT diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index 50683b6..bfc5e37 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -840,7 +840,7 @@ void cipher_ctx_init(EVP_CIPHER_CTX *ctx, const uint8_t *key, -const char *ciphername, int enc) +const char *ciphername, crypto_operation_t enc) { ASSERT(NULL != ciphername && NULL != ctx); evp_cipher_type *kt = cipher_get(ciphername); diff --git a/src/openvpn/crypto_openssl.h b/src/openvpn/crypto_openssl.h index c0e95b4..4cd988a 100644 --- a/src/openvpn/crypto_openssl.h +++ b/src/openvpn/crypto_openssl.h @@ -85,6 +85,8 @@ /** Cipher is in GCM mode */ #define OPENVPN_MODE_GCMEVP_CIPH_GCM_MODE +typedef int crypto_operation_t; + /** Cipher should encrypt */ #define OPENVPN_OP_ENCRYPT 1 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/548?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Gerrit-Change-Number: 548 Gerrit-PatchSet: 3 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-Attention: flichtenheld Gerrit-MessageType: newpatchset ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [S] Change in openvpn[master]: crypto_backend: fix type of enc parameter
Attention is currently required from: flichtenheld, plaisthos. Hello plaisthos, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/548?usp=email to look at the new patch set (#2). The following approvals got outdated and were removed: Code-Review-1 by plaisthos Change subject: crypto_backend: fix type of enc parameter .. crypto_backend: fix type of enc parameter We had parts of a abstraction, but it wasn't consistent. GCC 13 now complains about the type mismatch with mbedtls now: crypto_mbedtls.c:568:1: error: conflicting types for ‘cipher_ctx_init’ due to enum/integer mismatch; have ‘void(mbedtls_cipher_context_t *, const uint8_t *, const char *, const mbedtls_operation_t)’ [...] [-Werror=enum-int-mismatch] crypto_backend.h:341:6: note: previous declaration of ‘cipher_ctx_init’ with type ‘void(cipher_ctx_t *, const uint8_t *, const char *, int)’ [...] Previous compiler versions did not complain. Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Signed-off-by: Frank Lichtenheld --- M src/openvpn/crypto_backend.h M src/openvpn/crypto_mbedtls.c M src/openvpn/crypto_mbedtls.h M src/openvpn/crypto_openssl.h 4 files changed, 8 insertions(+), 3 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/48/548/2 diff --git a/src/openvpn/crypto_backend.h b/src/openvpn/crypto_backend.h index 8d37e64..c454c64 100644 --- a/src/openvpn/crypto_backend.h +++ b/src/openvpn/crypto_backend.h @@ -336,10 +336,10 @@ * @param key Buffer containing the key to use * @param ciphernameCiphername of the cipher to use * @param enc Whether to encrypt or decrypt (either - * \c MBEDTLS_OP_ENCRYPT or \c MBEDTLS_OP_DECRYPT). + * \c OPENVPN_OP_ENCRYPT or \c OPENVPN_OP_DECRYPT). */ void cipher_ctx_init(cipher_ctx_t *ctx, const uint8_t *key, - const char *cipername, int enc); + const char *cipername, crypto_operation_t enc); /** * Returns the size of the IV used by the cipher, in bytes, or 0 if no IV is diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index 1a39752..91485cb 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -566,11 +566,12 @@ void cipher_ctx_init(mbedtls_cipher_context_t *ctx, const uint8_t *key, -const char *ciphername, const mbedtls_operation_t operation) +const char *ciphername, int enc) { ASSERT(NULL != ciphername && NULL != ctx); CLEAR(*ctx); +const mbedtls_operation_t operation = (mbedtls_operation_t)enc; const mbedtls_cipher_info_t *kt = cipher_get(ciphername); ASSERT(kt); size_t key_bitlen = mbedtls_cipher_info_get_key_bitlen(kt); diff --git a/src/openvpn/crypto_mbedtls.h b/src/openvpn/crypto_mbedtls.h index 46f76e2..48d1e20 100644 --- a/src/openvpn/crypto_mbedtls.h +++ b/src/openvpn/crypto_mbedtls.h @@ -63,6 +63,8 @@ /** Cipher is in GCM mode */ #define OPENVPN_MODE_GCMMBEDTLS_MODE_GCM +typedef mbedtls_operation_t crypto_operation_t; + /** Cipher should encrypt */ #define OPENVPN_OP_ENCRYPT MBEDTLS_ENCRYPT diff --git a/src/openvpn/crypto_openssl.h b/src/openvpn/crypto_openssl.h index c0e95b4..4cd988a 100644 --- a/src/openvpn/crypto_openssl.h +++ b/src/openvpn/crypto_openssl.h @@ -85,6 +85,8 @@ /** Cipher is in GCM mode */ #define OPENVPN_MODE_GCMEVP_CIPH_GCM_MODE +typedef int crypto_operation_t; + /** Cipher should encrypt */ #define OPENVPN_OP_ENCRYPT 1 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/548?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: If0dcdde30879fd6185efb2ad31399c1629c04d22 Gerrit-Change-Number: 548 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-Attention: flichtenheld Gerrit-MessageType: newpatchset ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel