From f5493df9c626a7436803d1e68b0118f4d041e0fa Mon Sep 17 00:00:00 2001 From: Paul Moore Date: Tue, 9 Mar 2021 12:15:00 -0500 Subject: openssl: fix various build errors and warnings There were a couple cases of "uninitialized variable" warnings in the imported OpenSSL code; I used the current OpenSSL code as a guide for picking the default values used here. On my dev system there is one remaining build warning in OpenSSL's crypto/asn1/x_pkey.c:X509_PKEY_new() function. Unfortunately it involves some preprocessor crimes and the fix would be a bit ugly. Fortunately it appears the warning here is harmless and can be ignored. As a point of reference, my build system is a current Arch install with GCC v10.2.0 and GNU-EFI v 3.0.12. Signed-off-by: Paul Moore --- Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c | 3 ++- Cryptlib/OpenSSL/crypto/rsa/rsa_ameth.c | 2 +- Cryptlib/OpenSSL/crypto/x509/x509_vfy.c | 3 ++- 3 files changed, 5 insertions(+), 3 deletions(-) (limited to 'Cryptlib/OpenSSL') diff --git a/Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c b/Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c index 1269a146..b27b0f68 100644 --- a/Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c +++ b/Cryptlib/OpenSSL/crypto/pkcs7/pk7_smime.c @@ -530,7 +530,8 @@ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags) { BIO *tmpmem; - int ret, i; + int ret = 0; /* current openssl sets 'ret' to zero here */ + int i; char *buf = NULL; if (!p7) { diff --git a/Cryptlib/OpenSSL/crypto/rsa/rsa_ameth.c b/Cryptlib/OpenSSL/crypto/rsa/rsa_ameth.c index 951e1d5c..ddead3d7 100644 --- a/Cryptlib/OpenSSL/crypto/rsa/rsa_ameth.c +++ b/Cryptlib/OpenSSL/crypto/rsa/rsa_ameth.c @@ -768,6 +768,7 @@ static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, return 2; } +#ifndef OPENSSL_NO_CMS static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg, X509_ALGOR **pmaskHash) { @@ -791,7 +792,6 @@ static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg, return pss; } -#ifndef OPENSSL_NO_CMS static int rsa_cms_decrypt(CMS_RecipientInfo *ri) { EVP_PKEY_CTX *pkctx; diff --git a/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c b/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c index 5bf3f07a..96f306b2 100644 --- a/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c +++ b/Cryptlib/OpenSSL/crypto/x509/x509_vfy.c @@ -984,7 +984,8 @@ static int check_cert(X509_STORE_CTX *ctx) { X509_CRL *crl = NULL, *dcrl = NULL; X509 *x; - int ok, cnum; + int ok = 0; /* current openssl sets 'ok' to zero here */ + int cnum; unsigned int last_reasons; cnum = ctx->error_depth; x = sk_X509_value(ctx->chain, cnum); -- cgit v1.2.3