Call va_end soon after using variable length variable

- This fix MSVC compiler warning C4702 "unreachable code".

.gitignore

@@ -53,7 +53,6 @@ test-driver
 *.trs
 tests/aes_wrap*
 tests/arc4random_fork*
-tests/asn1evp*
 tests/asn1time*
 tests/cipher*
 tests/explicit_bzero*

ChangeLog

@@ -28,17 +28,6 @@ history is also available from Git.
 
 LibreSSL Portable Release Notes:
 
-2.7.0 - Bug fixes and improvements
-
-	* Merged more DTLS support into the regular TLS code path, removing
-	  duplicated code.
-
-	* Converted ssl3_send_client_hello(), ssl3_send_server_hello() to CBB.
-
-	* Rewrite ASN1_TYPE_{get,set}_octetstring() using templated ASN.1.
-	  This removes the last remaining use of the old M_ASN1_* macros
-	  (asn1_mac.h) from API that needs to continue to exist.
-
 2.6.4 - Bug fixes
 
 	* Make tls_config_parse_protocols() work correctly when passed a NULL

OPENBSD_BRANCH

@@ -1 +1 @@
-master
+OPENBSD_6_2

apps/openssl/apps_win.c

@@ -13,7 +13,7 @@
 #include "apps.h"
 
 double
-app_timer_user(int stop)
+app_tminterval(int stop, int usertime)
 {
 	static unsigned __int64 tmstart;
 	union {
@@ -22,11 +22,13 @@ app_timer_user(int stop)
 	} ct, et, kt, ut;
 
 	GetProcessTimes(GetCurrentProcess(), &ct.ft, &et.ft, &kt.ft, &ut.ft);
-	if (stop)
-		return (ut.u64 + kt.u64 - tmstart) / (double) 10000000;
 
-	tmstart = ut.u64 + kt.u64;
-	return 0.0;
+	if (stop == TM_START) {
+		tmstart = ut.u64 + kt.u64;
+	} else {
+		return (ut.u64 + kt.u64 - tmstart) / (double) 10000000;
+	}
+	return 0;
 }
 
 int

include/compat/sys/time.h

@@ -13,20 +13,4 @@ int gettimeofday(struct timeval *tp, void *tzp);
 #include_next <sys/time.h>
 #endif
 
-#ifndef CLOCK_MONOTONIC
-#define CLOCK_MONOTONIC CLOCK_REALTIME
-#endif
-
-#ifndef timersub
-#define timersub(tvp, uvp, vvp)                                         \
-	do {                                                            \
-		(vvp)->tv_sec = (tvp)->tv_sec - (uvp)->tv_sec;          \
-		(vvp)->tv_usec = (tvp)->tv_usec - (uvp)->tv_usec;       \
-		if ((vvp)->tv_usec < 0) {                               \
-			(vvp)->tv_sec--;                                \
-			(vvp)->tv_usec += 1000000;                      \
-		}                                                       \
-	} while (0)
-#endif
-
 #endif

include/compat/time.h

@@ -21,15 +21,3 @@ struct tm *__gmtime_r(const time_t * t, struct tm * tm);
 #ifndef HAVE_TIMEGM
 time_t timegm(struct tm *tm);
 #endif
-
-#ifndef timespecsub
-#define timespecsub(tsp, usp, vsp)                                      \
-        do {                                                            \
-                (vsp)->tv_sec = (tsp)->tv_sec - (usp)->tv_sec;          \
-                (vsp)->tv_nsec = (tsp)->tv_nsec - (usp)->tv_nsec;       \
-                if ((vsp)->tv_nsec < 0) {                               \
-                        (vsp)->tv_sec--;                                \
-                        (vsp)->tv_nsec += 1000000000L;                  \
-                }                                                       \
-        } while (0)
-#endif

man/links

@@ -2052,7 +2052,6 @@ tls_config_verify.3,tls_config_insecure_noverifytime.3
 tls_conn_version.3,tls_conn_alpn_selected.3
 tls_conn_version.3,tls_conn_cipher.3
 tls_conn_version.3,tls_conn_servername.3
-tls_conn_version.3,tls_peer_cert_chain_pem.3
 tls_conn_version.3,tls_peer_cert_contains_name.3
 tls_conn_version.3,tls_peer_cert_hash.3
 tls_conn_version.3,tls_peer_cert_issuer.3

patches/tlsexttest.c.patch

@@ -1,6 +1,6 @@
---- tests/tlsexttest.c.orig	2017-12-30 20:03:09.279079726 +0900
-+++ tests/tlsexttest.c	2017-12-30 20:07:21.849939140 +0900
-@@ -1676,7 +1676,9 @@ static unsigned char tlsext_sni_clienthe
+--- tests/tlsexttest.c.orig	Sun Sep  3 00:44:51 2017
++++ tests/tlsexttest.c	Sun Sep  3 00:47:06 2017
+@@ -1676,7 +1676,9 @@ static unsigned char tlsext_sni_clienthello[] = {
  };
  
  static unsigned char tlsext_sni_serverhello[] = {
@@ -39,73 +39,3 @@
  	if (!tlsext_sni_serverhello_parse(ssl, &cbs, &alert)) {
  		FAIL("failed to parse serverhello SNI\n");
  		goto err;
-@@ -2741,7 +2743,10 @@ unsigned char tlsext_clienthello_default
- 	0x03, 0x01, 0x03, 0x03, 0x02, 0x01, 0x02, 0x03,
- };
- 
--unsigned char tlsext_clienthello_disabled[] = {};
-+unsigned char tlsext_clienthello_disabled[] = {
-+	0x00
-+};
-+const size_t sizeof_tlsext_clienthello_disabled = 0;
- 
- static int
- test_tlsext_clienthello_build(void)
-@@ -2806,18 +2811,18 @@ test_tlsext_clienthello_build(void)
- 	if (!CBB_finish(&cbb, &data, &dlen))
- 		errx(1, "failed to finish CBB");
- 
--	if (dlen != sizeof(tlsext_clienthello_disabled)) {
-+	if (dlen != sizeof_tlsext_clienthello_disabled) {
- 		FAIL("got clienthello extensions with length %zu, "
- 		    "want length %zu\n", dlen,
--		    sizeof(tlsext_clienthello_disabled));
-+		    sizeof_tlsext_clienthello_disabled);
- 		compare_data(data, dlen, tlsext_clienthello_disabled,
--		    sizeof(tlsext_clienthello_disabled));
-+		    sizeof_tlsext_clienthello_disabled);
- 		goto err;
- 	}
- 	if (memcmp(data, tlsext_clienthello_disabled, dlen) != 0) {
- 		FAIL("clienthello extensions differs:\n");
- 		compare_data(data, dlen, tlsext_clienthello_disabled,
--		    sizeof(tlsext_clienthello_disabled));
-+		    sizeof_tlsext_clienthello_disabled);
- 		goto err;
- 	}
- 
-@@ -2832,7 +2837,10 @@ test_tlsext_clienthello_build(void)
- 	return (failure);
- }
- 
--unsigned char tlsext_serverhello_default[] = {};
-+unsigned char tlsext_serverhello_default[] = {
-+	0x00
-+};
-+const size_t sizeof_tlsext_serverhello_default = 0;
- 
- unsigned char tlsext_serverhello_enabled[] = {
- 	0x00, 0x13, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00,
-@@ -2872,18 +2880,18 @@ test_tlsext_serverhello_build(void)
- 	if (!CBB_finish(&cbb, &data, &dlen))
- 		errx(1, "failed to finish CBB");
- 
--	if (dlen != sizeof(tlsext_serverhello_default)) {
-+	if (dlen != sizeof_tlsext_serverhello_default) {
- 		FAIL("got serverhello extensions with length %zu, "
- 		    "want length %zu\n", dlen,
--		    sizeof(tlsext_serverhello_default));
-+		    sizeof_tlsext_serverhello_default);
- 		compare_data(data, dlen, tlsext_serverhello_default,
--		    sizeof(tlsext_serverhello_default));
-+		    sizeof_tlsext_serverhello_default);
- 		goto err;
- 	}
- 	if (memcmp(data, tlsext_serverhello_default, dlen) != 0) {
- 		FAIL("serverhello extensions differs:\n");
- 		compare_data(data, dlen, tlsext_serverhello_default,
--		    sizeof(tlsext_serverhello_default));
-+		    sizeof_tlsext_serverhello_default);
- 		goto err;
- 	}
- 

tests/CMakeLists.txt

@@ -41,11 +41,6 @@ if(NOT CMAKE_HOST_WIN32 AND NOT CMAKE_SYSTEM_NAME MATCHES "MINGW")
 	add_test(arc4randomforktest ${CMAKE_CURRENT_SOURCE_DIR}/arc4randomforktest.sh)
 endif()
 
-# asn1evp
-add_executable(asn1evp asn1evp.c)
-target_link_libraries(asn1evp ${TESTS_LIBS})
-add_test(asn1evp asn1evp)
-
 # asn1test
 add_executable(asn1test asn1test.c)
 target_link_libraries(asn1test ${TESTS_LIBS})
@@ -110,11 +105,6 @@ add_executable(clienttest clienttest.c)
 target_link_libraries(clienttest ${TESTS_LIBS})
 add_test(clienttest clienttest)
 
-# configtest
-add_executable(configtest configtest.c)
-target_link_libraries(configtest ${TESTS_LIBS})
-add_test(configtest configtest)
-
 # cts128test
 add_executable(cts128test cts128test.c)
 target_link_libraries(cts128test ${TESTS_LIBS})

tests/Makefile.am

@@ -43,11 +43,6 @@ arc4randomforktest_SOURCES = arc4randomforktest.c
 endif
 EXTRA_DIST += arc4randomforktest.sh
 
-# asn1evp
-TESTS += asn1evp
-check_PROGRAMS += asn1evp
-asn1evp_SOURCES = asn1evp.c
-
 # asn1test
 TESTS += asn1test
 check_PROGRAMS += asn1test
@@ -113,11 +108,6 @@ TESTS += clienttest
 check_PROGRAMS += clienttest
 clienttest_SOURCES = clienttest.c
 
-# configtest
-TESTS += configtest
-check_PROGRAMS += configtest
-configtest_SOURCES = configtest.c
-
 # cts128test
 TESTS += cts128test
 check_PROGRAMS += cts128test