int ssl2_connect(SSL *s)
{
- unsigned long l=time(NULL);
+ unsigned long l=(unsigned long)time(NULL);
BUF_MEM *buf=NULL;
int ret= -1;
void (*cb)(const SSL *ssl,int type,int val)=NULL;
return(-1);
}
- sk_SSL_CIPHER_set_cmp_func(sk,ssl_cipher_ptr_id_cmp);
+ (void)sk_SSL_CIPHER_set_cmp_func(sk,ssl_cipher_ptr_id_cmp);
/* get the array of ciphers we will accept */
cl=SSL_get_ciphers(s);
- sk_SSL_CIPHER_set_cmp_func(cl,ssl_cipher_ptr_id_cmp);
+ (void)sk_SSL_CIPHER_set_cmp_func(cl,ssl_cipher_ptr_id_cmp);
/*
* If server preference flag set, choose the first
CRYPTO_add(&s->session->peer->references, 1, CRYPTO_LOCK_X509);
}
- if (s->session->peer != s->session->sess_cert->peer_key->x509)
+ if (s->session->sess_cert == NULL
+ || s->session->peer != s->session->sess_cert->peer_key->x509)
/* can't happen */
{
ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR);
s->msg_callback(0, s->version, 0, p, len, s, s->msg_callback_arg); /* SERVER-VERIFY */
p += 1;
- if (memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0)
+ if (CRYPTO_memcmp(p,s->s2->challenge,s->s2->challenge_length) != 0)
{
ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT);
i=ssl_verify_cert_chain(s,sk);
- if ((s->verify_mode != SSL_VERIFY_NONE) && (!i))
+ if ((s->verify_mode != SSL_VERIFY_NONE) && (i <= 0))
{
SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
goto err;