From: Matt Caswell Date: Thu, 19 Mar 2015 11:35:33 +0000 (+0000) Subject: Fix unsigned/signed warnings X-Git-Tag: OpenSSL_0_9_8zf~2 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=b78c9e4a2b3503e06fdee6272427f142d860ed47;p=oweals%2Fopenssl.git Fix unsigned/signed warnings Fix some unsigned/signed warnings introduced as part of the fix for CVE-2015-0293 Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte --- diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c index 0788be57af..ba8c8e8858 100644 --- a/ssl/s2_srvr.c +++ b/ssl/s2_srvr.c @@ -369,7 +369,8 @@ int ssl2_accept(SSL *s) static int get_client_master_key(SSL *s) { - int is_export, i, n, keya, ek; + int is_export, i, n, keya; + unsigned int ek; unsigned long len; unsigned char *p; SSL_CIPHER *cp; @@ -486,7 +487,7 @@ static int get_client_master_key(SSL *s) * must be zero). */ if ((!is_export && s->s2->tmp.clear != 0) || - (is_export && s->s2->tmp.clear + ek != EVP_CIPHER_key_length(c))) { + (is_export && s->s2->tmp.clear + ek != (unsigned int)EVP_CIPHER_key_length(c))) { ssl2_return_error(s, SSL2_PE_UNDEFINED_ERROR); SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_LENGTH); return -1; @@ -497,7 +498,7 @@ static int get_client_master_key(SSL *s) * bytes to fit the key in the buffer, stop now. */ if ((is_export && s->s2->tmp.enc < ek) || - (!is_export && s->s2->tmp.enc < EVP_CIPHER_key_length(c))) { + (!is_export && s->s2->tmp.enc < (unsigned int)EVP_CIPHER_key_length(c))) { ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR); SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_LENGTH_TOO_SHORT); return -1; @@ -516,7 +517,7 @@ static int get_client_master_key(SSL *s) * secret (Bleichenbacher attack) */ if ((i < 0) || ((!is_export && i != EVP_CIPHER_key_length(c)) - || (is_export && i != ek))) { + || (is_export && i != (int)ek))) { ERR_clear_error(); if (is_export) i = ek;