From: Frank Lichtenheld <[email protected]> * Make it more readable by removing a level of negation * Fix an off-by-one error. It accepted one char fewer than allowed. * Slightly improve the UT.
Change-Id: Ib0d2b9520e4a77a9f4bf70ce092f76ca73608537 Signed-off-by: Frank Lichtenheld <[email protected]> Acked-by: Arne Schwabe <[email protected]> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1503 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1503 This mail reflects revision 5 of this Change. Acked-by according to Gerrit (reflected above): Arne Schwabe <[email protected]> diff --git a/src/openvpn/ssl_ncp.c b/src/openvpn/ssl_ncp.c index 500e09d..fdac6925 100644 --- a/src/openvpn/ssl_ncp.c +++ b/src/openvpn/ssl_ncp.c @@ -92,11 +92,6 @@ } } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic push -#pragma GCC diagnostic ignored "-Wsign-compare" -#endif - char * mutate_ncp_cipher_list(const char *list, struct gc_arena *gc) { @@ -168,7 +163,7 @@ } /* Ensure buffer has capacity for cipher name + : + \0 */ - if (!(buf_forward_capacity(&new_list) > strlen(ovpn_cipher_name) + 2)) + if (buf_forward_capacity(&new_list) < (int)strlen(ovpn_cipher_name) + 2) { msg(M_WARN, "Length of --data-ciphers is over the " "limit of 127 chars"); @@ -207,10 +202,6 @@ o->ncp_ciphers = ncp_ciphers; } -#if defined(__GNUC__) || defined(__clang__) -#pragma GCC diagnostic pop -#endif - bool tls_item_in_cipher_list(const char *item, const char *list) { diff --git a/tests/unit_tests/openvpn/test_ncp.c b/tests/unit_tests/openvpn/test_ncp.c index 9f569a7..52a41ee 100644 --- a/tests/unit_tests/openvpn/test_ncp.c +++ b/tests/unit_tests/openvpn/test_ncp.c @@ -123,10 +123,23 @@ assert_ptr_equal(mutate_ncp_cipher_list("AES-256-GCM:vollbit", &gc), NULL); assert_ptr_equal(mutate_ncp_cipher_list("", &gc), NULL); - assert_ptr_equal(mutate_ncp_cipher_list("ChaCha20-Poly1305:ChaCha20-Poly1305:ChaCha20-Poly1305:" - "ChaCha20-Poly1305:ChaCha20-Poly1305:ChaCha20-Poly1305:" - "ChaCha20-Poly1305", - &gc), + const char long_string[MAX_NCP_CIPHERS_LENGTH] = + "CHACHA20-POLY1305:CHACHA20-POLY1305:CHACHA20-POLY1305:" + "CHACHA20-POLY1305:CHACHA20-POLY1305:CHACHA20-POLY1305:" + "CHACHA20-POLY1305"; + const char longer_string[MAX_NCP_CIPHERS_LENGTH + 1] = + "CHACHA20-POLY1305:CHACHA20-POLY1305:CHACHA20-POLY1305:" + "CHACHA20-POLY1305:CHACHA20-POLY1305:CHACHA20-POLY1305:" + "CHACHA20-POLY1305:"; + const char longest_string[] = + "CHACHA20-POLY1305:CHACHA20-POLY1305:CHACHA20-POLY1305:" + "CHACHA20-POLY1305:CHACHA20-POLY1305:CHACHA20-POLY1305:" + "CHACHA20-POLY1305:CHACHA20-POLY1305"; + assert_string_equal(mutate_ncp_cipher_list(long_string, &gc), + long_string); + assert_string_equal(mutate_ncp_cipher_list(longer_string, &gc), + long_string); + assert_ptr_equal(mutate_ncp_cipher_list(longest_string, &gc), NULL); #ifdef ENABLE_CRYPTO_OPENSSL _______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
