diff options
author | Ed Tanous <ed@tanous.net> | 2019-02-14 09:48:25 +0300 |
---|---|---|
committer | Ed Tanous <ed.tanous@intel.com> | 2019-03-23 01:04:15 +0300 |
commit | 6ea007a2faec52ad62680015d2a3f00371a1e351 (patch) | |
tree | 587875f7488b745a1f33952ba8952e5869f0f6a6 /include | |
parent | 8bd25ccda8030e5725ecdf5fa64d6083040ddf8a (diff) | |
download | bmcweb-6ea007a2faec52ad62680015d2a3f00371a1e351.tar.xz |
bmcweb: Fix a bunch of warnings
bmcweb classically has not taken a strong opinion on warnings. With
this commit, that policy is changing, and bmcweb will invoke the best
warnings we are able to enable, and turn on -Werror for all builds.
This is intended to reduce the likelihood of hard-to-debug situations
that the compiler coulve caught early on.
Change-Id: I57474410821e82666b3a108cfd0db7d070e8900a
Signed-off-by: Ed Tanous <ed@tanous.net>
Diffstat (limited to 'include')
-rw-r--r-- | include/dbus_monitor.hpp | 2 | ||||
-rw-r--r-- | include/dbus_utility.hpp | 7 | ||||
-rw-r--r-- | include/openbmc_dbus_rest.hpp | 9 | ||||
-rw-r--r-- | include/pam_authenticate.hpp | 2 | ||||
-rw-r--r-- | include/persistent_data_middleware.hpp | 4 | ||||
-rw-r--r-- | include/sessions.hpp | 10 | ||||
-rw-r--r-- | include/ssl_key_handler.hpp | 97 |
7 files changed, 61 insertions, 70 deletions
diff --git a/include/dbus_monitor.hpp b/include/dbus_monitor.hpp index 1b82697f7a..cddafc8c06 100644 --- a/include/dbus_monitor.hpp +++ b/include/dbus_monitor.hpp @@ -150,7 +150,7 @@ template <typename... Middlewares> void requestRoutes(Crow<Middlewares...>& app) nlohmann::json::iterator paths = j.find("paths"); if (paths != j.end()) { - int interfaceCount = thisSession.interfaces.size(); + size_t interfaceCount = thisSession.interfaces.size(); if (interfaceCount == 0) { interfaceCount = 1; diff --git a/include/dbus_utility.hpp b/include/dbus_utility.hpp index e45bb9ac50..947bc86eaf 100644 --- a/include/dbus_utility.hpp +++ b/include/dbus_utility.hpp @@ -48,8 +48,8 @@ inline bool getNthStringFromPath(const std::string& path, int index, std::string& result) { int count = 0; - auto first = path.begin(); - auto last = path.end(); + std::string::const_iterator first = path.begin(); + std::string::const_iterator last = path.end(); for (auto it = path.begin(); it < path.end(); it++) { // skip first character as it's either a leading slash or the first @@ -80,7 +80,8 @@ inline bool getNthStringFromPath(const std::string& path, int index, { first++; } - result = path.substr(first - path.begin(), last - first); + result = path.substr(static_cast<size_t>(first - path.begin()), + static_cast<size_t>(last - first)); return true; } diff --git a/include/openbmc_dbus_rest.hpp b/include/openbmc_dbus_rest.hpp index ab35bb2efc..e59692020b 100644 --- a/include/openbmc_dbus_rest.hpp +++ b/include/openbmc_dbus_rest.hpp @@ -570,8 +570,9 @@ int convertJsonToDbus(sd_bus_message *m, const std::string &arg_type, { return -1; } - r = sd_bus_message_append_basic(m, argCode[0], - (void *)stringValue->c_str()); + r = sd_bus_message_append_basic( + m, argCode[0], + reinterpret_cast<const void *>(stringValue->c_str())); if (r < 0) { return r; @@ -737,13 +738,13 @@ int convertJsonToDbus(sd_bus_message *m, const std::string &arg_type, } nlohmann::json::const_iterator it = j->begin(); - for (const std::string &argCode : dbusArgSplit(arg_type)) + for (const std::string &argCode2 : dbusArgSplit(arg_type)) { if (it == j->end()) { return -1; } - r = convertJsonToDbus(m, argCode, *it); + r = convertJsonToDbus(m, argCode2, *it); if (r < 0) { return r; diff --git a/include/pam_authenticate.hpp b/include/pam_authenticate.hpp index f211a29ec7..1469aef728 100644 --- a/include/pam_authenticate.hpp +++ b/include/pam_authenticate.hpp @@ -25,7 +25,7 @@ inline int pamFunctionConversation(int numMsg, const struct pam_message** msg, std::strcpy(pass, appPass); *resp = reinterpret_cast<pam_response*>( - calloc(numMsg, sizeof(struct pam_response))); + calloc(static_cast<size_t>(numMsg), sizeof(struct pam_response))); if (resp == nullptr) { diff --git a/include/persistent_data_middleware.hpp b/include/persistent_data_middleware.hpp index b384f02304..4cd75e889d 100644 --- a/include/persistent_data_middleware.hpp +++ b/include/persistent_data_middleware.hpp @@ -24,7 +24,7 @@ class Middleware { // todo(ed) should read this from a fixed location somewhere, not CWD static constexpr const char* filename = "bmcweb_persistent_data.json"; - int jsonRevision = 1; + uint64_t jsonRevision = 1; public: struct Context @@ -58,7 +58,7 @@ class Middleware void readData() { std::ifstream persistentFile(filename); - int fileRevision = 0; + uint64_t fileRevision = 0; if (persistentFile.is_open()) { // call with exceptions disabled diff --git a/include/sessions.hpp b/include/sessions.hpp index 6bc1c99f04..d55b1992d4 100644 --- a/include/sessions.hpp +++ b/include/sessions.hpp @@ -119,22 +119,22 @@ class SessionStore // https://www.owasp.org/index.php/Session_Management_Cheat_Sheet#Session_ID_Entropy std::string sessionToken; sessionToken.resize(20, '0'); - std::uniform_int_distribution<int> dist(0, alphanum.size() - 1); - for (int i = 0; i < sessionToken.size(); ++i) + std::uniform_int_distribution<size_t> dist(0, alphanum.size() - 1); + for (size_t i = 0; i < sessionToken.size(); ++i) { sessionToken[i] = alphanum[dist(rd)]; } // Only need csrf tokens for cookie based auth, token doesn't matter std::string csrfToken; csrfToken.resize(20, '0'); - for (int i = 0; i < csrfToken.size(); ++i) + for (size_t i = 0; i < csrfToken.size(); ++i) { csrfToken[i] = alphanum[dist(rd)]; } std::string uniqueId; uniqueId.resize(10, '0'); - for (int i = 0; i < uniqueId.size(); ++i) + for (size_t i = 0; i < uniqueId.size(); ++i) { uniqueId[i] = alphanum[dist(rd)]; } @@ -205,7 +205,7 @@ class SessionStore { return needWrite; } - int getTimeoutInSeconds() const + long getTimeoutInSeconds() const { return std::chrono::seconds(timeoutInMinutes).count(); }; diff --git a/include/ssl_key_handler.hpp b/include/ssl_key_handler.hpp index 34a7c04409..133d40da5f 100644 --- a/include/ssl_key_handler.hpp +++ b/include/ssl_key_handler.hpp @@ -17,9 +17,7 @@ namespace ensuressl { static void initOpenssl(); -static void cleanupOpenssl(); -static EVP_PKEY *createRsaKey(); -static EVP_PKEY *createEcKey(); +static EVP_PKEY *createKey(); static void handleOpensslError(); inline bool verifyOpensslKeyCert(const std::string &filepath) @@ -110,7 +108,7 @@ inline void generateSslCertificate(const std::string &filepath) // EVP_PKEY *pRsaPrivKey = create_rsa_key(); std::cerr << "Generating EC key\n"; - EVP_PKEY *pRsaPrivKey = createEcKey(); + EVP_PKEY *pRsaPrivKey = createKey(); if (pRsaPrivKey != nullptr) { std::cerr << "Generating x509 Certificate\n"; @@ -177,9 +175,16 @@ inline void generateSslCertificate(const std::string &filepath) // cleanup_openssl(); } - -EVP_PKEY *createRsaKey() +EVP_PKEY *createKey() { + EVP_PKEY *pKey = NULL; + pKey = EVP_PKEY_new(); + if (pKey == nullptr) + { + handleOpensslError(); + return nullptr; + } +#if BMCWEB_RSA_KEY RSA *pRSA = NULL; #if OPENSSL_VERSION_NUMBER < 0x00908000L pRSA = RSA_generate_key(2048, RSA_3, NULL, NULL); @@ -187,60 +192,54 @@ EVP_PKEY *createRsaKey() RSA_generate_key_ex(pRSA, 2048, NULL, NULL); #endif - EVP_PKEY *pKey = EVP_PKEY_new(); - if ((pRSA != nullptr) && (pKey != nullptr) && - EVP_PKEY_assign_RSA(pKey, pRSA)) - { - /* pKey owns pRSA from now */ - if (RSA_check_key(pRSA) <= 0) - { - fprintf(stderr, "RSA_check_key failed.\n"); - handleOpensslError(); - EVP_PKEY_free(pKey); - pKey = NULL; - } - } - else + if ((pRSA != nullptr) || EVP_PKEY_assign_RSA(pKey, pRSA) != 1) { handleOpensslError(); if (pRSA != nullptr) { RSA_free(pRSA); - pRSA = NULL; } if (pKey != nullptr) { EVP_PKEY_free(pKey); - pKey = NULL; } + return nullptr; } - return pKey; -} -EVP_PKEY *createEcKey() -{ - EVP_PKEY *pKey = NULL; - int eccgrp = 0; - eccgrp = OBJ_txt2nid("prime256v1"); + /* pKey owns pRSA from now */ + if (RSA_check_key(pRSA) != 1) + { + fprintf(stderr, "RSA_check_key failed.\n"); + handleOpensslError(); + EVP_PKEY_free(pKey); + return nullptr; + } +#else + int eccgrp = OBJ_txt2nid("prime256v1"); EC_KEY *myecc = EC_KEY_new_by_curve_name(eccgrp); - if (myecc != nullptr) + if (myecc == nullptr) { - EC_KEY_set_asn1_flag(myecc, OPENSSL_EC_NAMED_CURVE); - EC_KEY_generate_key(myecc); - pKey = EVP_PKEY_new(); - if (pKey != nullptr) - { - if (EVP_PKEY_assign_EC_KEY(pKey, myecc)) - { - /* pKey owns pRSA from now */ - if (EC_KEY_check_key(myecc) <= 0) - { - fprintf(stderr, "EC_check_key failed.\n"); - } - } - } + handleOpensslError(); + return nullptr; + } + + EC_KEY_set_asn1_flag(myecc, OPENSSL_EC_NAMED_CURVE); + if (EC_KEY_generate_key(myecc) != 1) + { + handleOpensslError(); + EC_KEY_free(myecc); + return nullptr; + } + + if (EVP_PKEY_assign_EC_KEY(pKey, myecc) != 1) + { + handleOpensslError(); + EC_KEY_free(myecc); + return nullptr; } + +#endif return pKey; } @@ -253,16 +252,6 @@ void initOpenssl() #endif } -void cleanupOpenssl() -{ - CRYPTO_cleanup_all_ex_data(); - ERR_free_strings(); -#if OPENSSL_VERSION_NUMBER < 0x10100000L - ERR_remove_thread_state(0); -#endif - EVP_cleanup(); -} - void handleOpensslError() { ERR_print_errors_fp(stderr); |