diff options
author | Daniel Stenberg <daniel@haxx.se> | 2019-08-20 11:30:25 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2019-08-20 19:55:06 +0200 |
commit | 3e8a9bfd17b4c3b7b9f822739b6afc9ed6b92208 (patch) | |
tree | c30fe7c78fe3e83d3218f4b24bf9eb4870ac107e /lib | |
parent | 84c2793be4ff076f41b18c4204e436fac56d6b5c (diff) |
openssl: build warning free with boringssl
Closes #4244
Diffstat (limited to 'lib')
-rw-r--r-- | lib/vtls/openssl.c | 32 |
1 files changed, 27 insertions, 5 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index c2d195656..20eae6c9e 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -391,7 +391,11 @@ static const char *SSL_ERROR_to_str(int err) */ static char *ossl_strerror(unsigned long error, char *buf, size_t size) { +#ifdef OPENSSL_IS_BORINGSSL + ERR_error_string_n((uint32_t)error, buf, size); +#else ERR_error_string_n(error, buf, size); +#endif return buf; } @@ -1529,8 +1533,13 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) altnames = X509_get_ext_d2i(server_cert, NID_subject_alt_name, NULL, NULL); if(altnames) { +#ifdef OPENSSL_IS_BORINGSSL + size_t numalts; + size_t i; +#else int numalts; int i; +#endif bool dnsmatched = FALSE; bool ipmatched = FALSE; @@ -2147,8 +2156,14 @@ get_ssl_version_txt(SSL *ssl) } #endif +#ifdef OPENSSL_IS_BORINGSSL +typedef uint32_t ctx_option_t; +#else +typedef long ctx_option_t; +#endif + static CURLcode -set_ssl_version_min_max(long *ctx_options, struct connectdata *conn, +set_ssl_version_min_max(ctx_option_t *ctx_options, struct connectdata *conn, int sockindex) { #if (OPENSSL_VERSION_NUMBER < 0x1000100FL) || !defined(TLS1_3_VERSION) @@ -2287,7 +2302,8 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) X509_LOOKUP *lookup = NULL; curl_socket_t sockfd = conn->sock[sockindex]; struct ssl_connect_data *connssl = &conn->ssl[sockindex]; - long ctx_options = 0; + ctx_option_t ctx_options = 0; + #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME bool sni; const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name : @@ -3031,6 +3047,12 @@ static int X509V3_ext(struct Curl_easy *data, return 0; /* all is fine */ } +#ifdef OPENSSL_IS_BORINGSSL +typedef size_t numcert_t; +#else +typedef int numcert_t; +#endif + static CURLcode get_cert_chain(struct connectdata *conn, struct ssl_connect_data *connssl) @@ -3039,7 +3061,7 @@ static CURLcode get_cert_chain(struct connectdata *conn, STACK_OF(X509) *sk; int i; struct Curl_easy *data = conn->data; - int numcerts; + numcert_t numcerts; BIO *mem; sk = SSL_get_peer_cert_chain(BACKEND->handle); @@ -3049,14 +3071,14 @@ static CURLcode get_cert_chain(struct connectdata *conn, numcerts = sk_X509_num(sk); - result = Curl_ssl_init_certinfo(data, numcerts); + result = Curl_ssl_init_certinfo(data, (int)numcerts); if(result) { return result; } mem = BIO_new(BIO_s_mem()); - for(i = 0; i < numcerts; i++) { + for(i = 0; i < (int)numcerts; i++) { ASN1_INTEGER *num; X509 *x = sk_X509_value(sk, i); EVP_PKEY *pubkey = NULL; |