diff options
| author | Paul Moore <pmoore2@cisco.com> | 2021-03-09 12:15:00 -0500 |
|---|---|---|
| committer | Peter Jones <pjones@redhat.com> | 2021-03-10 15:54:20 -0500 |
| commit | f5493df9c626a7436803d1e68b0118f4d041e0fa (patch) | |
| tree | d2431ec75b3d566001f4563eac3d012fe058aaee /Cryptlib/OpenSSL | |
| parent | bbdfa72a0a5f8d5a8dd4a47e67195504a22ece5b (diff) | |
| download | efi-boot-shim-f5493df9c626a7436803d1e68b0118f4d041e0fa.tar.gz efi-boot-shim-f5493df9c626a7436803d1e68b0118f4d041e0fa.zip | |
openssl: fix various build errors and warnings
There were a couple cases of "uninitialized variable" warnings in the
imported OpenSSL code; I used the current OpenSSL code as a guide for
picking the default values used here.
On my dev system there is one remaining build warning in OpenSSL's
crypto/asn1/x_pkey.c:X509_PKEY_new() function. Unfortunately it
involves some preprocessor crimes and the fix would be a bit ugly.
Fortunately it appears the warning here is harmless and can be
ignored.
As a point of reference, my build system is a current Arch install
with GCC v10.2.0 and GNU-EFI v 3.0.12.
Signed-off-by: Paul Moore <pmoore2@cisco.com>
Diffstat (limited to 'Cryptlib/OpenSSL')
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c | 3 | ||||
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/rsa/rsa_ameth.c | 2 | ||||
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/x509/x509_vfy.c | 3 |
3 files changed, 5 insertions, 3 deletions
diff --git a/Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c b/Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c index 1269a146..b27b0f68 100644 --- a/Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c +++ b/Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c @@ -530,7 +530,8 @@ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) { BIO *tmpmem; - int ret, i; + int ret = 0; /* current openssl sets 'ret' to zero here */ + int i; char *buf = NULL; if (!p7) { diff --git a/Cryptlib/OpenSSL/crypto/rsa/rsa_ameth.c b/Cryptlib/OpenSSL/crypto/rsa/rsa_ameth.c index 951e1d5c..ddead3d7 100644 --- a/Cryptlib/OpenSSL/crypto/rsa/rsa_ameth.c +++ b/Cryptlib/OpenSSL/crypto/rsa/rsa_ameth.c @@ -768,6 +768,7 @@ static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, return 2; } +#ifndef OPENSSL_NO_CMS static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg, X509_ALGOR **pmaskHash) { @@ -791,7 +792,6 @@ static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg, return pss; } -#ifndef OPENSSL_NO_CMS static int rsa_cms_decrypt(CMS_RecipientInfo *ri) { EVP_PKEY_CTX *pkctx; diff --git a/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c b/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c index 5bf3f07a..96f306b2 100644 --- a/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c +++ b/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c @@ -984,7 +984,8 @@ static int check_cert(X509_STORE_CTX *ctx) { X509_CRL *crl = NULL, *dcrl = NULL; X509 *x; - int ok, cnum; + int ok = 0; /* current openssl sets 'ok' to zero here */ + int cnum; unsigned int last_reasons; cnum = ctx->error_depth; x = sk_X509_value(ctx->chain, cnum); |