Hi Manu, this series is giving me two build warnings :
src/ssl_sock.c: In function 'ssl_sock_load_multi_cert': src/ssl_sock.c:3143:3: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] src/ssl_sock.c: In function 'ssl_sock_load_cert_chain_file': src/ssl_sock.c:3215:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] I could easily address them with this : @@ -3080,6 +3080,7 @@ static int ssl_sock_load_multi_cert(const char *path, struct bind_conf *bind_con while (node) { SSL_CTX *cur_ctx; char cur_file[MAXPATHLEN+1]; + const struct pkey_info kinfo = { .sig = TLSEXT_signature_anonymous, .bits = 0 }; str = (char *)container_of(node, struct sni_keytype, name)->name.key; i = container_of(node, struct sni_keytype, name)->keytypes; @@ -3140,9 +3141,8 @@ static int ssl_sock_load_multi_cert(const char *path, struct bind_conf *bind_con /* Update key_combos */ key_combos[i-1].ctx = cur_ctx; } - struct pkey_info kinfo; - kinfo.sig = TLSEXT_signature_anonymous; - kinfo.bits = 0; /* Update SNI Tree */ key_combos[i-1].order = ssl_sock_add_cert_sni(cur_ctx, bind_conf, ssl_conf, @@ -3207,9 +3207,7 @@ static int ssl_sock_load_cert_chain_file(SSL_CTX *ctx, const char *file, struct pem_password_cb *passwd_cb; void *passwd_cb_userdata; EVP_PKEY *pkey; - struct pkey_info kinfo; - kinfo.sig = TLSEXT_signature_anonymous; - kinfo.bits = 0; + struct pkey_info kinfo = { .sig = TLSEXT_signature_anonymous, .bits = 0 }; #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME STACK_OF(GENERAL_NAME) *names; That made me wonder if we'd rather have an initialization constant for pkey_info, but it doesn't seem used a lot so it would probably only obfuscate the code. I can merge it after applying the small changes above, unless you have a different idea. Just let me know. Thanks, Willy