diff options
author | Matt Caswell <matt@openssl.org> | 2015-03-19 11:35:33 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-03-19 13:00:45 +0000 |
commit | b78c9e4a2b3503e06fdee6272427f142d860ed47 (patch) | |
tree | 84dc0ea20d2dfe9ca61d8a7251ba0c5d42915200 | |
parent | c380bff888bfd5e48c4b24250ba1996b0fd1a5e3 (diff) |
Fix unsigned/signed warnings
Fix some unsigned/signed warnings introduced as part of the fix
for CVE-2015-0293
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
-rw-r--r-- | ssl/s2_srvr.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c index 0788be57af..ba8c8e8858 100644 --- a/ssl/s2_srvr.c +++ b/ssl/s2_srvr.c @@ -369,7 +369,8 @@ int ssl2_accept(SSL *s) static int get_client_master_key(SSL *s) { - int is_export, i, n, keya, ek; + int is_export, i, n, keya; + unsigned int ek; unsigned long len; unsigned char *p; SSL_CIPHER *cp; @@ -486,7 +487,7 @@ static int get_client_master_key(SSL *s) * must be zero). */ if ((!is_export && s->s2->tmp.clear != 0) || - (is_export && s->s2->tmp.clear + ek != EVP_CIPHER_key_length(c))) { + (is_export && s->s2->tmp.clear + ek != (unsigned int)EVP_CIPHER_key_length(c))) { ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH); return -1; @@ -497,7 +498,7 @@ static int get_client_master_key(SSL *s) * bytes to fit the key in the buffer, stop now. */ if ((is_export && s->s2->tmp.enc < ek) || - (!is_export && s->s2->tmp.enc < EVP_CIPHER_key_length(c))) { + (!is_export && s->s2->tmp.enc < (unsigned int)EVP_CIPHER_key_length(c))) { ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT); return -1; @@ -516,7 +517,7 @@ static int get_client_master_key(SSL *s) * secret (Bleichenbacher attack) */ if ((i < 0) || ((!is_export && i != EVP_CIPHER_key_length(c)) - || (is_export && i != ek))) { + || (is_export && i != (int)ek))) { ERR_clear_error(); if (is_export) i = ek; |