diff options
author | Ed Tanous <ed.tanous@intel.com> | 2019-03-25 22:25:26 +0300 |
---|---|---|
committer | Ed Tanous <ed.tanous@intel.com> | 2019-03-25 22:25:26 +0300 |
commit | b01bf2991955ef267ce2be8e7a18eac984990de8 (patch) | |
tree | f34f5fe0ce9c786ddee196f5082e46090c0ccfcf /include | |
parent | 6ea007a2faec52ad62680015d2a3f00371a1e351 (diff) | |
download | bmcweb-b01bf2991955ef267ce2be8e7a18eac984990de8.tar.xz |
Revert "bmcweb: Fix a bunch of warnings"
This reverts commit 6ea007a2faec52ad62680015d2a3f00371a1e351.
Reason for revert: Reports of bmcweb seg faults.
Change-Id: I408f1bb29c2f8e427a6621cdaac8c31b847ebf06
Diffstat (limited to 'include')
-rw-r--r-- | include/dbus_monitor.hpp | 2 | ||||
-rw-r--r-- | include/dbus_utility.hpp | 7 | ||||
-rw-r--r-- | include/openbmc_dbus_rest.hpp | 9 | ||||
-rw-r--r-- | include/pam_authenticate.hpp | 2 | ||||
-rw-r--r-- | include/persistent_data_middleware.hpp | 4 | ||||
-rw-r--r-- | include/sessions.hpp | 10 | ||||
-rw-r--r-- | include/ssl_key_handler.hpp | 97 |
7 files changed, 70 insertions, 61 deletions
diff --git a/include/dbus_monitor.hpp b/include/dbus_monitor.hpp index cddafc8c06..1b82697f7a 100644 --- a/include/dbus_monitor.hpp +++ b/include/dbus_monitor.hpp @@ -150,7 +150,7 @@ template <typename... Middlewares> void requestRoutes(Crow<Middlewares...>& app) nlohmann::json::iterator paths = j.find("paths"); if (paths != j.end()) { - size_t interfaceCount = thisSession.interfaces.size(); + int interfaceCount = thisSession.interfaces.size(); if (interfaceCount == 0) { interfaceCount = 1; diff --git a/include/dbus_utility.hpp b/include/dbus_utility.hpp index 947bc86eaf..e45bb9ac50 100644 --- a/include/dbus_utility.hpp +++ b/include/dbus_utility.hpp @@ -48,8 +48,8 @@ inline bool getNthStringFromPath(const std::string& path, int index, std::string& result) { int count = 0; - std::string::const_iterator first = path.begin(); - std::string::const_iterator last = path.end(); + auto first = path.begin(); + auto last = path.end(); for (auto it = path.begin(); it < path.end(); it++) { // skip first character as it's either a leading slash or the first @@ -80,8 +80,7 @@ inline bool getNthStringFromPath(const std::string& path, int index, { first++; } - result = path.substr(static_cast<size_t>(first - path.begin()), - static_cast<size_t>(last - first)); + result = path.substr(first - path.begin(), last - first); return true; } diff --git a/include/openbmc_dbus_rest.hpp b/include/openbmc_dbus_rest.hpp index e59692020b..ab35bb2efc 100644 --- a/include/openbmc_dbus_rest.hpp +++ b/include/openbmc_dbus_rest.hpp @@ -570,9 +570,8 @@ int convertJsonToDbus(sd_bus_message *m, const std::string &arg_type, { return -1; } - r = sd_bus_message_append_basic( - m, argCode[0], - reinterpret_cast<const void *>(stringValue->c_str())); + r = sd_bus_message_append_basic(m, argCode[0], + (void *)stringValue->c_str()); if (r < 0) { return r; @@ -738,13 +737,13 @@ int convertJsonToDbus(sd_bus_message *m, const std::string &arg_type, } nlohmann::json::const_iterator it = j->begin(); - for (const std::string &argCode2 : dbusArgSplit(arg_type)) + for (const std::string &argCode : dbusArgSplit(arg_type)) { if (it == j->end()) { return -1; } - r = convertJsonToDbus(m, argCode2, *it); + r = convertJsonToDbus(m, argCode, *it); if (r < 0) { return r; diff --git a/include/pam_authenticate.hpp b/include/pam_authenticate.hpp index 1469aef728..f211a29ec7 100644 --- a/include/pam_authenticate.hpp +++ b/include/pam_authenticate.hpp @@ -25,7 +25,7 @@ inline int pamFunctionConversation(int numMsg, const struct pam_message** msg, std::strcpy(pass, appPass); *resp = reinterpret_cast<pam_response*>( - calloc(static_cast<size_t>(numMsg), sizeof(struct pam_response))); + calloc(numMsg, sizeof(struct pam_response))); if (resp == nullptr) { diff --git a/include/persistent_data_middleware.hpp b/include/persistent_data_middleware.hpp index 4cd75e889d..b384f02304 100644 --- a/include/persistent_data_middleware.hpp +++ b/include/persistent_data_middleware.hpp @@ -24,7 +24,7 @@ class Middleware { // todo(ed) should read this from a fixed location somewhere, not CWD static constexpr const char* filename = "bmcweb_persistent_data.json"; - uint64_t jsonRevision = 1; + int jsonRevision = 1; public: struct Context @@ -58,7 +58,7 @@ class Middleware void readData() { std::ifstream persistentFile(filename); - uint64_t fileRevision = 0; + int fileRevision = 0; if (persistentFile.is_open()) { // call with exceptions disabled diff --git a/include/sessions.hpp b/include/sessions.hpp index d55b1992d4..6bc1c99f04 100644 --- a/include/sessions.hpp +++ b/include/sessions.hpp @@ -119,22 +119,22 @@ class SessionStore // https://www.owasp.org/index.php/Session_Management_Cheat_Sheet#Session_ID_Entropy std::string sessionToken; sessionToken.resize(20, '0'); - std::uniform_int_distribution<size_t> dist(0, alphanum.size() - 1); - for (size_t i = 0; i < sessionToken.size(); ++i) + std::uniform_int_distribution<int> dist(0, alphanum.size() - 1); + for (int i = 0; i < sessionToken.size(); ++i) { sessionToken[i] = alphanum[dist(rd)]; } // Only need csrf tokens for cookie based auth, token doesn't matter std::string csrfToken; csrfToken.resize(20, '0'); - for (size_t i = 0; i < csrfToken.size(); ++i) + for (int i = 0; i < csrfToken.size(); ++i) { csrfToken[i] = alphanum[dist(rd)]; } std::string uniqueId; uniqueId.resize(10, '0'); - for (size_t i = 0; i < uniqueId.size(); ++i) + for (int i = 0; i < uniqueId.size(); ++i) { uniqueId[i] = alphanum[dist(rd)]; } @@ -205,7 +205,7 @@ class SessionStore { return needWrite; } - long getTimeoutInSeconds() const + int getTimeoutInSeconds() const { return std::chrono::seconds(timeoutInMinutes).count(); }; diff --git a/include/ssl_key_handler.hpp b/include/ssl_key_handler.hpp index 133d40da5f..34a7c04409 100644 --- a/include/ssl_key_handler.hpp +++ b/include/ssl_key_handler.hpp @@ -17,7 +17,9 @@ namespace ensuressl { static void initOpenssl(); -static EVP_PKEY *createKey(); +static void cleanupOpenssl(); +static EVP_PKEY *createRsaKey(); +static EVP_PKEY *createEcKey(); static void handleOpensslError(); inline bool verifyOpensslKeyCert(const std::string &filepath) @@ -108,7 +110,7 @@ inline void generateSslCertificate(const std::string &filepath) // EVP_PKEY *pRsaPrivKey = create_rsa_key(); std::cerr << "Generating EC key\n"; - EVP_PKEY *pRsaPrivKey = createKey(); + EVP_PKEY *pRsaPrivKey = createEcKey(); if (pRsaPrivKey != nullptr) { std::cerr << "Generating x509 Certificate\n"; @@ -175,16 +177,9 @@ inline void generateSslCertificate(const std::string &filepath) // cleanup_openssl(); } -EVP_PKEY *createKey() + +EVP_PKEY *createRsaKey() { - EVP_PKEY *pKey = NULL; - pKey = EVP_PKEY_new(); - if (pKey == nullptr) - { - handleOpensslError(); - return nullptr; - } -#if BMCWEB_RSA_KEY RSA *pRSA = NULL; #if OPENSSL_VERSION_NUMBER < 0x00908000L pRSA = RSA_generate_key(2048, RSA_3, NULL, NULL); @@ -192,54 +187,60 @@ EVP_PKEY *createKey() RSA_generate_key_ex(pRSA, 2048, NULL, NULL); #endif - if ((pRSA != nullptr) || EVP_PKEY_assign_RSA(pKey, pRSA) != 1) + EVP_PKEY *pKey = EVP_PKEY_new(); + if ((pRSA != nullptr) && (pKey != nullptr) && + EVP_PKEY_assign_RSA(pKey, pRSA)) + { + /* pKey owns pRSA from now */ + if (RSA_check_key(pRSA) <= 0) + { + fprintf(stderr, "RSA_check_key failed.\n"); + handleOpensslError(); + EVP_PKEY_free(pKey); + pKey = NULL; + } + } + else { handleOpensslError(); if (pRSA != nullptr) { RSA_free(pRSA); + pRSA = NULL; } if (pKey != nullptr) { EVP_PKEY_free(pKey); + pKey = NULL; } - return nullptr; } + return pKey; +} - /* pKey owns pRSA from now */ - if (RSA_check_key(pRSA) != 1) - { - fprintf(stderr, "RSA_check_key failed.\n"); - handleOpensslError(); - EVP_PKEY_free(pKey); - return nullptr; - } +EVP_PKEY *createEcKey() +{ + EVP_PKEY *pKey = NULL; + int eccgrp = 0; + eccgrp = OBJ_txt2nid("prime256v1"); -#else - int eccgrp = OBJ_txt2nid("prime256v1"); EC_KEY *myecc = EC_KEY_new_by_curve_name(eccgrp); - if (myecc == nullptr) + if (myecc != nullptr) { - handleOpensslError(); - return nullptr; - } - - EC_KEY_set_asn1_flag(myecc, OPENSSL_EC_NAMED_CURVE); - if (EC_KEY_generate_key(myecc) != 1) - { - handleOpensslError(); - EC_KEY_free(myecc); - return nullptr; - } - - if (EVP_PKEY_assign_EC_KEY(pKey, myecc) != 1) - { - handleOpensslError(); - EC_KEY_free(myecc); - return nullptr; + EC_KEY_set_asn1_flag(myecc, OPENSSL_EC_NAMED_CURVE); + EC_KEY_generate_key(myecc); + pKey = EVP_PKEY_new(); + if (pKey != nullptr) + { + if (EVP_PKEY_assign_EC_KEY(pKey, myecc)) + { + /* pKey owns pRSA from now */ + if (EC_KEY_check_key(myecc) <= 0) + { + fprintf(stderr, "EC_check_key failed.\n"); + } + } + } } - -#endif return pKey; } @@ -252,6 +253,16 @@ void initOpenssl() #endif } +void cleanupOpenssl() +{ + CRYPTO_cleanup_all_ex_data(); + ERR_free_strings(); +#if OPENSSL_VERSION_NUMBER < 0x10100000L + ERR_remove_thread_state(0); +#endif + EVP_cleanup(); +} + void handleOpensslError() { ERR_print_errors_fp(stderr); |