Rainer Orth wrote:
> With the introduction of public key cryptography into the Network Time
> Protocol (NTP v4, cf. http://www.ntp.org/), the current version of NTP
> became a heavy user of OpenSSL.
>
> NTP developers strive to keep the sources warning-free with gcc (using
> -Wall -Wcast-qual -Wmissing-prototypes -Wpointer-arith -Wshadow
> -Wstrict-prototypes). Without OpenSSL, we've been fairly successfull, but
> the introduction of OpenSSL worsened the situation alot. This is primarily
> due to the -Wmissing-prototypes -Wstrict-prototypes switches above.
>
> The following patch (relative to OpenSSL 0.9.6g) fixes this and introduces
> function prototypes where they used to be missing.
>
> It consists mainly of introducing typedefs for the various function pointer
> arguments and structure members that were declared without any arguments.
> Many of those functions have one (leading) arg of varying pointer type:
> I've chosen the corresponding void * (or void **) to represent those. To
> avoid warnings, I needed to cast functions to this generic type in
> assignments and functions calls.
>
> Most of this stuff should be obvious, with two exceptions where this effort
> pointed out real errors, so this patch clearly has it's merrits:
>
> * In crypto/pem/pem_lib.c (PEM_ASN1_read_bio), the d2i function argument is
> called with four arguments in one place, but with only three (as the
> prototype suggests) in another. Removing the last argument in the first
> two calls allowed the testsuite to complete successfully, but the types
> don't match the prototype, so this is clearly wrong. Someone really
> familiar with this code needs to have a look.
>
> * The other mismatch occurs in crypto/asn1/a_set.c (d2i_ASN1_SET) where d2i
> is called with a superfluous fourth argument.
>
> Besides, x509.h declared an X509_OBJECTS structure with two function
> pointer members. This type isn't used anywhere, so I have no idea what
> parameter lists those functions should have. To remove the warning, I've
> commented this definition for the time being.
This patch removes typesafety by using casts with gay abandon. Why is
this necessary? More to the point, IMO it should not be necessary. I'm
not keen on introducing a patch with so many casts in it.
I'm also slightly puzzled by this:
> RCS file: crypto/asn1/RCS/a_set.c,v
> retrieving revision 1.1
> diff -up -r1.1 crypto/asn1/a_set.c
> --- crypto/asn1/a_set.c 2002/08/08 21:14:32 1.1
> +++ crypto/asn1/a_set.c 2002/08/15 18:35:21
> @@ -83,8 +83,8 @@ static int SetBlobCmp(const void *elem1,
> }
>
> /* int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */
> -int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
> - int ex_class, int is_set)
> +int i2d_ASN1_SET(STACK *a, unsigned char **pp, ASN1_METHOD_I2D *func,
> + int ex_tag, int ex_class, int is_set)
> {
> int ret=0,r;
> int i;
> @@ -152,7 +152,7 @@ SetBlob
> }
>
> STACK *d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
> - char *(*func)(), void (*free_func)(void *), int ex_tag, int ex_class)
> + ASN1_METHOD_D2I *func, void (*free_func)(void *), int ex_tag, int
>ex_class)
> {
> ASN1_CTX c;
> STACK *ret=NULL;
> @@ -193,7 +193,7 @@ STACK *d2i_ASN1_SET(STACK **a, unsigned
> char *s;
>
> if (M_ASN1_D2I_end_sequence()) break;
> - if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL)
> + if ((s=func(NULL,&c.p,c.slen)) == NULL)
Why has an argument gone?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
Available for contract work.
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
