bmcweb: Fix a bunch of warnings
bmcweb classically has not taken a strong opinion on warnings. With
this commit, that policy is changing, and bmcweb will invoke the best
warnings we are able to enable, and turn on -Werror for all builds.
This is intended to reduce the likelihood of hard-to-debug situations
that the compiler coulve caught early on.
Change-Id: I57474410821e82666b3a108cfd0db7d070e8900a
Signed-off-by: Ed Tanous <ed@tanous.net>
diff --git a/include/dbus_monitor.hpp b/include/dbus_monitor.hpp
index 1b82697..cddafc8 100644
--- a/include/dbus_monitor.hpp
+++ b/include/dbus_monitor.hpp
@@ -150,7 +150,7 @@
nlohmann::json::iterator paths = j.find("paths");
if (paths != j.end())
{
- int interfaceCount = thisSession.interfaces.size();
+ size_t interfaceCount = thisSession.interfaces.size();
if (interfaceCount == 0)
{
interfaceCount = 1;
diff --git a/include/dbus_utility.hpp b/include/dbus_utility.hpp
index e45bb9a..947bc86 100644
--- a/include/dbus_utility.hpp
+++ b/include/dbus_utility.hpp
@@ -48,8 +48,8 @@
std::string& result)
{
int count = 0;
- auto first = path.begin();
- auto last = path.end();
+ std::string::const_iterator first = path.begin();
+ std::string::const_iterator last = path.end();
for (auto it = path.begin(); it < path.end(); it++)
{
// skip first character as it's either a leading slash or the first
@@ -80,7 +80,8 @@
{
first++;
}
- result = path.substr(first - path.begin(), last - first);
+ result = path.substr(static_cast<size_t>(first - path.begin()),
+ static_cast<size_t>(last - first));
return true;
}
diff --git a/include/openbmc_dbus_rest.hpp b/include/openbmc_dbus_rest.hpp
index ab35bb2..e596920 100644
--- a/include/openbmc_dbus_rest.hpp
+++ b/include/openbmc_dbus_rest.hpp
@@ -570,8 +570,9 @@
{
return -1;
}
- r = sd_bus_message_append_basic(m, argCode[0],
- (void *)stringValue->c_str());
+ r = sd_bus_message_append_basic(
+ m, argCode[0],
+ reinterpret_cast<const void *>(stringValue->c_str()));
if (r < 0)
{
return r;
@@ -737,13 +738,13 @@
}
nlohmann::json::const_iterator it = j->begin();
- for (const std::string &argCode : dbusArgSplit(arg_type))
+ for (const std::string &argCode2 : dbusArgSplit(arg_type))
{
if (it == j->end())
{
return -1;
}
- r = convertJsonToDbus(m, argCode, *it);
+ r = convertJsonToDbus(m, argCode2, *it);
if (r < 0)
{
return r;
diff --git a/include/pam_authenticate.hpp b/include/pam_authenticate.hpp
index f211a29..1469aef 100644
--- a/include/pam_authenticate.hpp
+++ b/include/pam_authenticate.hpp
@@ -25,7 +25,7 @@
std::strcpy(pass, appPass);
*resp = reinterpret_cast<pam_response*>(
- calloc(numMsg, sizeof(struct pam_response)));
+ calloc(static_cast<size_t>(numMsg), sizeof(struct pam_response)));
if (resp == nullptr)
{
diff --git a/include/persistent_data_middleware.hpp b/include/persistent_data_middleware.hpp
index b384f02..4cd75e8 100644
--- a/include/persistent_data_middleware.hpp
+++ b/include/persistent_data_middleware.hpp
@@ -24,7 +24,7 @@
{
// todo(ed) should read this from a fixed location somewhere, not CWD
static constexpr const char* filename = "bmcweb_persistent_data.json";
- int jsonRevision = 1;
+ uint64_t jsonRevision = 1;
public:
struct Context
@@ -58,7 +58,7 @@
void readData()
{
std::ifstream persistentFile(filename);
- int fileRevision = 0;
+ uint64_t fileRevision = 0;
if (persistentFile.is_open())
{
// call with exceptions disabled
diff --git a/include/sessions.hpp b/include/sessions.hpp
index 6bc1c99..d55b199 100644
--- a/include/sessions.hpp
+++ b/include/sessions.hpp
@@ -119,22 +119,22 @@
// https://www.owasp.org/index.php/Session_Management_Cheat_Sheet#Session_ID_Entropy
std::string sessionToken;
sessionToken.resize(20, '0');
- std::uniform_int_distribution<int> dist(0, alphanum.size() - 1);
- for (int i = 0; i < sessionToken.size(); ++i)
+ std::uniform_int_distribution<size_t> dist(0, alphanum.size() - 1);
+ for (size_t i = 0; i < sessionToken.size(); ++i)
{
sessionToken[i] = alphanum[dist(rd)];
}
// Only need csrf tokens for cookie based auth, token doesn't matter
std::string csrfToken;
csrfToken.resize(20, '0');
- for (int i = 0; i < csrfToken.size(); ++i)
+ for (size_t i = 0; i < csrfToken.size(); ++i)
{
csrfToken[i] = alphanum[dist(rd)];
}
std::string uniqueId;
uniqueId.resize(10, '0');
- for (int i = 0; i < uniqueId.size(); ++i)
+ for (size_t i = 0; i < uniqueId.size(); ++i)
{
uniqueId[i] = alphanum[dist(rd)];
}
@@ -205,7 +205,7 @@
{
return needWrite;
}
- int getTimeoutInSeconds() const
+ long getTimeoutInSeconds() const
{
return std::chrono::seconds(timeoutInMinutes).count();
};
diff --git a/include/ssl_key_handler.hpp b/include/ssl_key_handler.hpp
index 34a7c04..133d40d 100644
--- a/include/ssl_key_handler.hpp
+++ b/include/ssl_key_handler.hpp
@@ -17,9 +17,7 @@
namespace ensuressl
{
static void initOpenssl();
-static void cleanupOpenssl();
-static EVP_PKEY *createRsaKey();
-static EVP_PKEY *createEcKey();
+static EVP_PKEY *createKey();
static void handleOpensslError();
inline bool verifyOpensslKeyCert(const std::string &filepath)
@@ -110,7 +108,7 @@
// EVP_PKEY *pRsaPrivKey = create_rsa_key();
std::cerr << "Generating EC key\n";
- EVP_PKEY *pRsaPrivKey = createEcKey();
+ EVP_PKEY *pRsaPrivKey = createKey();
if (pRsaPrivKey != nullptr)
{
std::cerr << "Generating x509 Certificate\n";
@@ -177,9 +175,16 @@
// cleanup_openssl();
}
-
-EVP_PKEY *createRsaKey()
+EVP_PKEY *createKey()
{
+ EVP_PKEY *pKey = NULL;
+ pKey = EVP_PKEY_new();
+ if (pKey == nullptr)
+ {
+ handleOpensslError();
+ return nullptr;
+ }
+#if BMCWEB_RSA_KEY
RSA *pRSA = NULL;
#if OPENSSL_VERSION_NUMBER < 0x00908000L
pRSA = RSA_generate_key(2048, RSA_3, NULL, NULL);
@@ -187,60 +192,54 @@
RSA_generate_key_ex(pRSA, 2048, NULL, NULL);
#endif
- EVP_PKEY *pKey = EVP_PKEY_new();
- if ((pRSA != nullptr) && (pKey != nullptr) &&
- EVP_PKEY_assign_RSA(pKey, pRSA))
- {
- /* pKey owns pRSA from now */
- if (RSA_check_key(pRSA) <= 0)
- {
- fprintf(stderr, "RSA_check_key failed.\n");
- handleOpensslError();
- EVP_PKEY_free(pKey);
- pKey = NULL;
- }
- }
- else
+ if ((pRSA != nullptr) || EVP_PKEY_assign_RSA(pKey, pRSA) != 1)
{
handleOpensslError();
if (pRSA != nullptr)
{
RSA_free(pRSA);
- pRSA = NULL;
}
if (pKey != nullptr)
{
EVP_PKEY_free(pKey);
- pKey = NULL;
}
+ return nullptr;
}
- return pKey;
-}
-EVP_PKEY *createEcKey()
-{
- EVP_PKEY *pKey = NULL;
- int eccgrp = 0;
- eccgrp = OBJ_txt2nid("prime256v1");
-
- EC_KEY *myecc = EC_KEY_new_by_curve_name(eccgrp);
- if (myecc != nullptr)
+ /* pKey owns pRSA from now */
+ if (RSA_check_key(pRSA) != 1)
{
- EC_KEY_set_asn1_flag(myecc, OPENSSL_EC_NAMED_CURVE);
- EC_KEY_generate_key(myecc);
- pKey = EVP_PKEY_new();
- if (pKey != nullptr)
- {
- if (EVP_PKEY_assign_EC_KEY(pKey, myecc))
- {
- /* pKey owns pRSA from now */
- if (EC_KEY_check_key(myecc) <= 0)
- {
- fprintf(stderr, "EC_check_key failed.\n");
- }
- }
- }
+ fprintf(stderr, "RSA_check_key failed.\n");
+ handleOpensslError();
+ EVP_PKEY_free(pKey);
+ return nullptr;
}
+
+#else
+ int eccgrp = OBJ_txt2nid("prime256v1");
+ EC_KEY *myecc = EC_KEY_new_by_curve_name(eccgrp);
+ if (myecc == nullptr)
+ {
+ handleOpensslError();
+ return nullptr;
+ }
+
+ EC_KEY_set_asn1_flag(myecc, OPENSSL_EC_NAMED_CURVE);
+ if (EC_KEY_generate_key(myecc) != 1)
+ {
+ handleOpensslError();
+ EC_KEY_free(myecc);
+ return nullptr;
+ }
+
+ if (EVP_PKEY_assign_EC_KEY(pKey, myecc) != 1)
+ {
+ handleOpensslError();
+ EC_KEY_free(myecc);
+ return nullptr;
+ }
+
+#endif
return pKey;
}
@@ -253,16 +252,6 @@
#endif
}
-void cleanupOpenssl()
-{
- CRYPTO_cleanup_all_ex_data();
- ERR_free_strings();
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
- ERR_remove_thread_state(0);
-#endif
- EVP_cleanup();
-}
-
void handleOpensslError()
{
ERR_print_errors_fp(stderr);