diff options
| author | Ed Tanous <ed.tanous@intel.com> | 2019-07-10 02:24:22 +0300 |
|---|---|---|
| committer | Ed Tanous <ed.tanous@intel.com> | 2019-10-11 02:25:26 +0300 |
| commit | 271584ab78b4c1926f766aa26ddfde7da329059f (patch) | |
| tree | 08001912ea542de88b9c31f5d53f195dedd56988 /include/ssl_key_handler.hpp | |
| parent | 70ee8cbd4f3ec5b3e3c18967de221a9f3a70cd38 (diff) | |
| download | bmcweb-271584ab78b4c1926f766aa26ddfde7da329059f.tar.xz | |
Fix a bunch of warnings
using the list of warnings from here:
https://github.com/lefticus/cppbestpractices/blob/e73393f25a85f83fed7399d8b65cb117d00b2231/02-Use_the_Tools_Available.md#L100
Seems like a good place to start, and would improve things a bit
type-wise. This patchset attempts to correct all the issues in one
shot.
Tested:
It builds. Will test various subsystems that have been touched
Signed-off-by: Ed Tanous <ed.tanous@intel.com>
Change-Id: I588c26440e5a97f718a0f0ea74cc84107d53aa1e
Diffstat (limited to 'include/ssl_key_handler.hpp')
| -rw-r--r-- | include/ssl_key_handler.hpp | 59 |
1 files changed, 1 insertions, 58 deletions
diff --git a/include/ssl_key_handler.hpp b/include/ssl_key_handler.hpp index ce6d9fa2f1..d634d6375e 100644 --- a/include/ssl_key_handler.hpp +++ b/include/ssl_key_handler.hpp @@ -17,10 +17,7 @@ namespace ensuressl { static void initOpenssl(); -static void cleanupOpenssl(); -static EVP_PKEY *createRsaKey(); static EVP_PKEY *createEcKey(); -static void handleOpensslError(); // Trust chain related errors.` inline bool isTrustChainError(int errnum) @@ -112,7 +109,6 @@ inline bool verifyOpensslKeyCert(const std::string &filepath) if (file != NULL) { EVP_PKEY *pkey = PEM_read_PrivateKey(file, NULL, NULL, NULL); - int rc; if (pkey != nullptr) { RSA *rsa = EVP_PKEY_get1_RSA(pkey); @@ -200,7 +196,7 @@ inline void generateSslCertificate(const std::string &filepath) // number If this is not random, regenerating certs throws broswer // errors std::random_device rd; - int serial = rd(); + int serial = static_cast<int>(rd()); ASN1_INTEGER_set(X509_get_serialNumber(x509), serial); @@ -254,45 +250,6 @@ inline void generateSslCertificate(const std::string &filepath) // cleanup_openssl(); } -EVP_PKEY *createRsaKey() -{ - RSA *pRSA = NULL; -#if OPENSSL_VERSION_NUMBER < 0x00908000L - pRSA = RSA_generate_key(2048, RSA_3, NULL, NULL); -#else - RSA_generate_key_ex(pRSA, 2048, NULL, NULL); -#endif - - EVP_PKEY *pKey = EVP_PKEY_new(); - if ((pRSA != nullptr) && (pKey != nullptr) && - EVP_PKEY_assign_RSA(pKey, pRSA)) - { - /* pKey owns pRSA from now */ - if (RSA_check_key(pRSA) <= 0) - { - fprintf(stderr, "RSA_check_key failed.\n"); - handleOpensslError(); - EVP_PKEY_free(pKey); - pKey = NULL; - } - } - else - { - handleOpensslError(); - if (pRSA != nullptr) - { - RSA_free(pRSA); - pRSA = NULL; - } - if (pKey != nullptr) - { - EVP_PKEY_free(pKey); - pKey = NULL; - } - } - return pKey; -} - EVP_PKEY *createEcKey() { EVP_PKEY *pKey = NULL; @@ -329,20 +286,6 @@ void initOpenssl() #endif } -void cleanupOpenssl() -{ - CRYPTO_cleanup_all_ex_data(); - ERR_free_strings(); -#if OPENSSL_VERSION_NUMBER < 0x10100000L - ERR_remove_thread_state(0); -#endif - EVP_cleanup(); -} - -void handleOpensslError() -{ - ERR_print_errors_fp(stderr); -} inline void ensureOpensslKeyPresentAndValid(const std::string &filepath) { bool pemFileValid = false; |