Aaron Jones [Wed, 1 Jun 2016 20:55:32 +0000 (20:55 +0000)]
Preliminary code tidying complete.
These issues (commits 47a66e15 through 906fd91f inclusive) were
identified with the Clang compiler. Please raise concerns about
them on the issue tracker or in the support channel.
Aaron Jones [Wed, 1 Jun 2016 19:50:09 +0000 (19:50 +0000)]
librb: silence some fairly harmless compiler warnings
These include warnings about "break" statements that will never be
executed (because they are after "return" statements), unused macros
(lost to code refactoring or never even used in the first place),
functions that call abort() or loop indefinitely but aren't marked with
the "noreturn" attribute, and use of variables possibly uninitialised
(a false positive).
Aaron Jones [Wed, 1 Jun 2016 20:46:43 +0000 (20:46 +0000)]
Preliminary code tidying complete.
These issues (commits 92706fd5 through 707bc7cd inclusive) were
identified with the Clang compiler. Please raise concerns about
them on the issue tracker or in the support channel.
Aaron Jones [Wed, 1 Jun 2016 19:50:09 +0000 (19:50 +0000)]
librb: silence some fairly harmless compiler warnings
These include warnings about "break" statements that will never be
executed (because they are after "return" statements), unused macros
(lost to code refactoring or never even used in the first place),
functions that call abort() or loop indefinitely but aren't marked with
the "noreturn" attribute, and use of variables possibly uninitialised
(a false positive).
Aaron Jones [Wed, 1 Jun 2016 17:54:43 +0000 (17:54 +0000)]
openssl: More LibreSSL compatibility
LibreSSL does not have the new version macros & functions that OpenSSL
1.1.0 implements. This causes a compile-time failure against LibreSSL.
Further, the runtime function for returning the library version returns
the wrong number (the hardcoded constant number SSLEAY_VERSION_NUMBER
aka OPENSSL_VERSION_NUMBER, instead of LIBRESSL_VERSION_NUMBER).
Aaron Jones [Wed, 1 Jun 2016 17:54:43 +0000 (17:54 +0000)]
openssl: More LibreSSL compatibility
LibreSSL does not have the new version macros & functions that OpenSSL
1.1.0 implements. This causes a compile-time failure against LibreSSL.
Further, the runtime function for returning the library version returns
the wrong number (the hardcoded constant number SSLEAY_VERSION_NUMBER
aka OPENSSL_VERSION_NUMBER, instead of LIBRESSL_VERSION_NUMBER).
Aaron Jones [Wed, 25 May 2016 21:46:34 +0000 (21:46 +0000)]
openssl: change how we load DH parameters
The code already assumes the presence of fopen(3) and errno, and, by
extension, fclose(3) and strerror(3), so just use those instead of the
BIO wrappers.
Additionally, don't fail to initialise if the DH file does exist but
parsing it fails, as per the pre-existing comment about them being
optional.
Aaron Jones [Wed, 25 May 2016 21:46:34 +0000 (21:46 +0000)]
openssl: change how we load DH parameters
The code already assumes the presence of fopen(3) and errno, and, by
extension, fclose(3) and strerror(3), so just use those instead of the
BIO wrappers.
Additionally, don't fail to initialise if the DH file does exist but
parsing it fails, as per the pre-existing comment about them being
optional.
Aaron Jones [Thu, 5 May 2016 03:31:32 +0000 (03:31 +0000)]
[mbedtls] Various fixes and improvements
* Move certificate, key, DH parameters and configuration to heap
(Documentation states that setting new configuration, e.g.
during a rehash, is unsupported while connections using that
configuration are active)
This is the same approach as the fix for #186
Refcount these structures so as to not introduce a memory leak
On rehash, it will use new structures only if there are no
errors in constructing them
* Make fingerprint generation work for TLS connections
See the comments in the newly created file for an explanation
* Fix memory leak when generating a fingerprint from a file
* Add better error-reporting (strings in addition to numbers)
where possible
* Coalesce several connection memory allocations into one function
* Reduce boilerplate where possible (Charybdis targets C99)
* Support private key being in certificate file, and having no
DH parameters file
Simon Arlott [Sun, 1 May 2016 10:12:34 +0000 (11:12 +0100)]
authd: fix auth->cid type sizes
* long is too small on 32-bit systems, use unsigned long long if we want
to check for out of range values
* UINT32_MAX is a valid cid, and 0 isn't
* make auth->cid a uint32_t not uint16_t
Elizabeth Myers [Sun, 1 May 2016 08:43:55 +0000 (03:43 -0500)]
m_alias: restore old behaviour of joining all parameters.
There are two important caveats here, however:
1) Aliased commands have more than 8 parameters will be truncated;
there's nothing I can do about this.
2) Parameters with colons will not be handled as you expect. Again,
nothing I can do about this.