diff options
author | Lev Stipakov | 2018-10-11 14:51:42 +0300 |
---|---|---|
committer | Gert Doering | 2018-10-11 20:03:38 +0200 |
commit | 62eb234c810533c7ea13d8a9faa28eebe07f2e82 (patch) | |
tree | a6df504674f6431927e925cd62e24156b0daf436 /src/openvpn | |
parent | 9de7fe0a7bf1111ebea9ca9e28b2def9ae3e53ff (diff) | |
download | openvpn-62eb234c810533c7ea13d8a9faa28eebe07f2e82.zip openvpn-62eb234c810533c7ea13d8a9faa28eebe07f2e82.tar.gz |
options.c: fix broken unary minus usage
In Visual Studio when unary minus is applied to unsigned,
result is still unsigned. This means that when we use result
as function formal parameter, we pass incorrect value.
Fix by introducing frame_remove_from_extra_frame(),
which makes code semantically more clear and eliminates
the need in negative value and cast.
Since GCC didn't complain (and users too :), it probably performed
cast to signed automatically.
Signed-off-by: Lev Stipakov <lev@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1539258702-15427-1-git-send-email-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17739.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
(cherry picked from commit ed31cf2ab718d879615dea81e6a17d26537ab43a)
Diffstat (limited to 'src/openvpn')
-rw-r--r-- | src/openvpn/crypto.c | 6 | ||||
-rw-r--r-- | src/openvpn/crypto.h | 2 | ||||
-rw-r--r-- | src/openvpn/mtu.h | 8 | ||||
-rw-r--r-- | src/openvpn/options.c | 2 | ||||
-rw-r--r-- | src/openvpn/ssl.c | 2 |
5 files changed, 13 insertions, 7 deletions
diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c index dba3aa5..59e5ac5 100644 --- a/src/openvpn/crypto.c +++ b/src/openvpn/crypto.c @@ -721,7 +721,7 @@ crypto_adjust_frame_parameters(struct frame *frame, bool packet_id, bool packet_id_long_form) { - size_t crypto_overhead = 0; + unsigned int crypto_overhead = 0; if (packet_id) { @@ -749,10 +749,10 @@ crypto_adjust_frame_parameters(struct frame *frame, frame_add_to_extra_frame(frame, crypto_overhead); msg(D_MTU_DEBUG, "%s: Adjusting frame parameters for crypto by %u bytes", - __func__, (unsigned int) crypto_overhead); + __func__, crypto_overhead); } -size_t +unsigned int crypto_max_overhead(void) { return packet_id_size(true) + OPENVPN_MAX_IV_LENGTH diff --git a/src/openvpn/crypto.h b/src/openvpn/crypto.h index e42f697..185bfd3 100644 --- a/src/openvpn/crypto.h +++ b/src/openvpn/crypto.h @@ -426,7 +426,7 @@ void crypto_adjust_frame_parameters(struct frame *frame, bool packet_id_long_form); /** Return the worst-case OpenVPN crypto overhead (in bytes) */ -size_t crypto_max_overhead(void); +unsigned int crypto_max_overhead(void); /* Minimum length of the nonce used by the PRNG */ #define NONCE_SECRET_LEN_MIN 16 diff --git a/src/openvpn/mtu.h b/src/openvpn/mtu.h index a82154a..cfa8d2f 100644 --- a/src/openvpn/mtu.h +++ b/src/openvpn/mtu.h @@ -271,12 +271,18 @@ frame_add_to_link_mtu(struct frame *frame, const int increment) } static inline void -frame_add_to_extra_frame(struct frame *frame, const int increment) +frame_add_to_extra_frame(struct frame *frame, const unsigned int increment) { frame->extra_frame += increment; } static inline void +frame_remove_from_extra_frame(struct frame *frame, const unsigned int decrement) +{ + frame->extra_frame -= decrement; +} + +static inline void frame_add_to_extra_tun(struct frame *frame, const int increment) { frame->extra_tun += increment; diff --git a/src/openvpn/options.c b/src/openvpn/options.c index f964210..0257a6b 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -3500,7 +3500,7 @@ calc_options_string_link_mtu(const struct options *o, const struct frame *frame) struct key_type fake_kt; init_key_type(&fake_kt, o->ciphername, o->authname, o->keysize, true, false); - frame_add_to_extra_frame(&fake_frame, -(crypto_max_overhead())); + frame_remove_from_extra_frame(&fake_frame, crypto_max_overhead()); crypto_adjust_frame_parameters(&fake_frame, &fake_kt, o->use_iv, o->replay, cipher_kt_mode_ofb_cfb(fake_kt.cipher)); frame_finalize(&fake_frame, o->ce.link_mtu_defined, o->ce.link_mtu, diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 7284f46..26d581d 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -1994,7 +1994,7 @@ tls_session_update_crypto_params(struct tls_session *session, } /* Update frame parameters: undo worst-case overhead, add actual overhead */ - frame_add_to_extra_frame(frame, -(crypto_max_overhead())); + frame_remove_from_extra_frame(frame, crypto_max_overhead()); crypto_adjust_frame_parameters(frame, &session->opt->key_type, options->use_iv, options->replay, packet_id_long_form); frame_finalize(frame, options->ce.link_mtu_defined, options->ce.link_mtu, |