Call va_end soon after using variable length variable

- This fix MSVC compiler warning C4702 "unreachable code".
Reconsider MSVC warning list
2018-01-07 16:23:41 -06:00 · 2018-01-07 16:23:41 -06:00 · 2018-01-07 16:23:41 -06:00 · 2017-12-11 04:57:42 -06:00 · 2017-12-11 04:32:06 -06:00 · 2017-11-23 09:38:41 -06:00
9 changed files with 58 additions and 28 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -107,26 +107,23 @@ if(MSVC)
 	message(STATUS "Using [${CMAKE_C_COMPILER_ID}] compiler")
 	if(CMAKE_C_COMPILER_ID MATCHES "MSVC")
 		set(MSVC_DISABLED_WARNINGS_LIST
-			"C4057" # C4057: 'initializing' : 'unsigned char *' differs in
-		        	# indirection to slightly different base types from 'char [2]'
-			"C4018" # '>=': signed/unsigned mismatch
-			"C4100" # 'exarg' : unreferenced formal parameter
+			"C4018" # 'expression' : signed/unsigned mismatch
+			"C4057" # 'operator' : 'identifier1' indirection to
+		        	# slightly different base types from 'identifier2'
+			"C4100" # 'identifier' : unreferenced formal parameter
 			"C4127" # conditional expression is constant
-			"C4146" # unary minus operator applied to unsigned
-			        # type, result still unsigned
-			"C4242" # 'function' : conversion from 'int' to 'uint8_t',
-			        # possible loss of data
-			"C4244" # 'function' : conversion from 'int' to 'uint8_t',
-			        # possible loss of data
-			"C4245" # 'initializing': conversion from 'long' to
-			        # 'unsigned long', signed/unsigned mismatch
-			"C4267" # conversion from 'size_t' to 'some type that is almost
-				# certainly safe to convert a size_t to'.
-			"C4389" # '!=': signed/unsigned mismatch
+			"C4146" # unary minus operator applied to unsigned type,
+				# result still unsigned
+			"C4244" # 'argument' : conversion from 'type1' to 'type2',
+				# possible loss of data
+			"C4245" # 'conversion' : conversion from 'type1' to 'type2',
+				# signed/unsigned mismatch
+			"C4267" # 'var' : conversion from 'size_t' to 'type',
+				# possible loss of data
+			"C4389" # 'operator' : signed/unsigned mismatch
 			"C4706" # assignment within conditional expression
-			"C4820" # 'bytes' bytes padding added after construct 'member_name'
-			"C4996" # 'read': The POSIX name for this item is deprecated. Instead,
-			        # use the ISO C++ conformant name: _read.
+			"C4996" # The POSIX name for this item is deprecated.
+				# Instead, use the ISO C and C++ conformant name
 		)
 	elseif(CMAKE_C_COMPILER_ID MATCHES "Intel")
 		add_definitions(-D_CRT_SUPPRESS_RESTRICT)
--- a/21
+++ b/21
@ -28,6 +28,27 @@ history is also available from Git.

 LibreSSL Portable Release Notes:

+2.6.4 - Bug fixes
+
+	* Make tls_config_parse_protocols() work correctly when passed a NULL
+	  pointer for a protocol string. Issue found by semarie@, who also
+	  provided the diff.
+
+	* Correct TLS extensions handling when no extensions are present.
+	  If no TLS extensions are present in a client hello or server hello,
+	  omit the entire extensions block, rather than including it with a
+	  length of zero. Thanks to Eric Elena <eric at voguemerry dot com> for
+	  providing packet captures and testing the fix.
+
+	* Fixed portable builds on older Android systems, and systems with out
+	  IPV6_TCLASS support.
+
+2.6.3 - OpenBSD 6.2 Release
+
+	* No core changes from LibreSSL 2.6.2
+
+	* Minor compatibility fixes in portable version.
+
 2.6.2 - Bug fixes

 	* Provide a useful error with libtls if there are no OCSP URLs in a
--- a/2
+++ b/2
@ -1 +1 @@
-master
+OPENBSD_6_2
--- a/apps/openssl/CMakeLists.txt
+++ b/apps/openssl/CMakeLists.txt
@ -88,5 +88,5 @@ else()
 endif()
 if(ENABLE_LIBRESSL_INSTALL)
 	install(FILES cert.pem openssl.cnf x509v3.cnf DESTINATION ${CONF_DIR})
-	install(DIRECTORY DESTINATION ${CONF_DIR}/cert)
+	install(DIRECTORY DESTINATION ${CONF_DIR}/certs)
 endif(ENABLE_LIBRESSL_INSTALL)
--- a/include/compat/err.h
+++ b/include/compat/err.h
@ -34,9 +34,9 @@ err(int eval, const char *fmt, ...)
 		vfprintf(stderr, fmt, ap);
 		fprintf(stderr, ": ");
 	}
+	va_end(ap);
 	fprintf(stderr, "%s\n", strerror(sverrno));
 	exit(eval);
-	va_end(ap);
 }

 #if defined(_MSC_VER)
@ -52,9 +52,9 @@ errx(int eval, const char *fmt, ...)
 	va_start(ap, fmt);
 	if (fmt != NULL)
 		vfprintf(stderr, fmt, ap);
+	va_end(ap);
 	fprintf(stderr, "\n");
 	exit(eval);
-	va_end(ap);
 }

 static inline void
@ -68,8 +68,8 @@ warn(const char *fmt, ...)
 		vfprintf(stderr, fmt, ap);
 		fprintf(stderr, ": ");
 	}
-	fprintf(stderr, "%s\n", strerror(sverrno));
 	va_end(ap);
+	fprintf(stderr, "%s\n", strerror(sverrno));
 }

 static inline void
@ -80,8 +80,8 @@ warnx(const char *fmt, ...)
 	va_start(ap, fmt);
 	if (fmt != NULL)
 		vfprintf(stderr, fmt, ap);
-	fprintf(stderr, "\n");
 	va_end(ap);
+	fprintf(stderr, "\n");
 }

 #endif
--- a/m4/check-libc.m4
+++ b/m4/check-libc.m4
@ -2,10 +2,23 @@ AC_DEFUN([CHECK_LIBC_COMPAT], [
 # Check for libc headers
 AC_CHECK_HEADERS([err.h readpassphrase.h])
 # Check for general libc functions
-AC_CHECK_FUNCS([asprintf freezero getpagesize inet_ntop inet_pton memmem])
+AC_CHECK_FUNCS([asprintf freezero inet_ntop inet_pton memmem])
 AC_CHECK_FUNCS([readpassphrase reallocarray recallocarray])
 AC_CHECK_FUNCS([strlcat strlcpy strndup strnlen strsep strtonum])
 AC_CHECK_FUNCS([timegm _mkgmtime])
+AC_CACHE_CHECK([for getpagesize], ac_cv_func_getpagesize, [
+	AC_LINK_IFELSE([AC_LANG_PROGRAM([[
+// Since Android NDK v16 getpagesize is defined as inline inside unistd.h
+#ifdef __ANDROID__
+#	include <unistd.h>
+#endif
+		]], [[
+	getpagesize();
+]])],
+	[ ac_cv_func_getpagesize="yes" ],
+	[ ac_cv_func_getpagesize="no"
+	])
+])
 AM_CONDITIONAL([HAVE_ASPRINTF], [test "x$ac_cv_func_asprintf" = xyes])
 AM_CONDITIONAL([HAVE_FREEZERO], [test "x$ac_cv_func_freezero" = xyes])
 AM_CONDITIONAL([HAVE_GETPAGESIZE], [test "x$ac_cv_func_getpagesize" = xyes])
--- a/patches/netcat.c.patch
+++ b/patches/netcat.c.patch
@ -134,7 +134,7 @@
 			err(1, "set IPv6 traffic class");
 +#else
 +		else if (af == AF_INET6) {
-+			errno = ENOPROTOOPT
+			errno = ENOPROTOOPT;
 +			err(1, "set IPv6 traffic class not supported");
 +		}
 +#endif
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@ -177,7 +177,6 @@ exptest_SOURCES = exptest.c
 # freenull
 TESTS += freenull
 check_PROGRAMS += freenull
-freenull_CPPFLAGS = $(AM_CPPFLAGS) -ULIBRESSL_INTERNAL
 freenull_SOURCES = freenull.c

 # gcm128test
@ -359,7 +358,6 @@ timingsafe_SOURCES = timingsafe.c
 # tlsexttest
 TESTS += tlsexttest
 check_PROGRAMS += tlsexttest
-tlsexttest_CPPFLAGS = $(AM_CPPFLAGS) -ULIBRESSL_INTERNAL
 tlsexttest_SOURCES = tlsexttest.c

 # tlstest
--- a/update.sh
+++ b/update.sh
@ -13,6 +13,7 @@ if [ ! -d openbsd ]; then
 	fi
 fi
 (cd openbsd
+ git fetch
 git checkout $openbsd_branch
 git pull --rebase)
Author	SHA1	Message	Date
kinichiro	90898c9686	Call va_end soon after using variable length variable - This fix MSVC compiler warning C4702 "unreachable code".	2018-01-07 16:23:41 -06:00
kinichiro	339074b924	Reconsider MSVC warning list - Remove C4242 and C4820 - Warning explanation from manual - Sort by warning code	2018-01-07 16:23:41 -06:00
kinichiro	0a583bd21d	Remove unneeded -ULIBRESSL_INTERNAL	2018-01-07 16:23:41 -06:00
Brent Cook	190bd346e7	add release notes	2017-12-11 04:57:42 -06:00
Kyle J. McKay	ac9a73f695	netcat.c.patch: eliminate syntax error from patch If the target system does not define IPV6_TCLASS, this part of the patch handles that with an ENOPROTOOPT error rather than failing to compile. Unfortunately it's missing a trailing semicolon leading to a compilation error. Add the missing semicolon to fix the problem. Signed-off-by: Kyle J. McKay <mackyle@gmail.com>	2017-12-11 04:32:06 -06:00
Evgen Bodunov	71d9fd9709	Fixed getpagesize detection on Android	2017-11-23 09:38:41 -06:00
Aric Belsito	6cb4aa08ab	Create correct directory in CMake install. Was creating ${CONFDIR}/cert instead of ${CONFDIR}/certs.	2017-11-23 05:42:25 -06:00
Brent Cook	68a99284c3	fetch before update to grab new branches	2017-11-05 17:14:28 -06:00
Brent Cook	fe8a52a0d9	update changelog	2017-11-05 17:13:06 -06:00
Brent Cook	727aeabdd8	make OPENBSD_6_2 branch	2017-11-02 05:59:08 -05:00