cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: GnuTLS improvements [Re: weak cipher suites with OpenSSL, SecureTransport and... ?]

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Sun, 19 Jan 2014 20:05:24 +0100 (CET)

On Sun, 19 Jan 2014, Fabian Frank wrote:

> The attached patch addresses all four issues and requests consistent
> settings both for newer and older GnuTLS versions. I also think it makes the
> code easier to understand, by combining the close-by but different ifdefs
> into one ifdef. Feedback is greatly appreciated and I’m happy to send an
> updated version of the patch if necessary.

Thanks!

Consider using 'configure --enable-debug' as that switches on picky compiler
warnings (I personally also use --enable-werror to really notice warnings). I
got these:

vtls/gtls.c: In function 'gtls_connect_step1':
vtls/gtls.c:525:3: error: ISO C90 forbids mixed declarations and code
[-Werror=pedantic]
    char* prioritylist;
    ^
vtls/gtls.c:530:20: error: assignment discards 'const' qualifier from pointer
target type [-Werror]
        prioritylist = GNUTLS_CIPHERS ":-VERS-TLS-ALL:+VERS-SSL3.0";
                     ^
vtls/gtls.c:535:20: error: assignment discards 'const' qualifier from pointer
target type [-Werror]
        prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0";
                     ^
vtls/gtls.c:538:20: error: assignment discards 'const' qualifier from pointer
target type [-Werror]
        prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
                     ^
vtls/gtls.c:542:20: error: assignment discards 'const' qualifier from pointer
target type [-Werror]
        prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
                     ^
vtls/gtls.c:546:20: error: assignment discards 'const' qualifier from pointer
target type [-Werror]
        prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
                     ^
vtls/gtls.c: In function 'Curl_gtls_md5sum':
vtls/gtls.c:1167:3: error: conversion to 'unsigned int' from 'size_t' may
alter its value [-Werror=conversion]
    md5_update(&MD5pw, tmplen, tmp);
    ^
vtls/gtls.c:1168:3: error: conversion to 'unsigned int' from 'size_t' may
alter its value [-Werror=conversion]
    md5_digest(&MD5pw, md5len, md5sum);
    ^
cc1: all warnings being treated as errors

-- 
  / daniel.haxx.se

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-01-19