Revert "bmcweb: Fix a bunch of warnings"
This reverts commit 6ea007a2faec52ad62680015d2a3f00371a1e351.
Reason for revert: Reports of bmcweb seg faults.
Change-Id: I408f1bb29c2f8e427a6621cdaac8c31b847ebf06
diff --git a/include/dbus_monitor.hpp b/include/dbus_monitor.hpp
index cddafc8..1b82697 100644
--- a/include/dbus_monitor.hpp
+++ b/include/dbus_monitor.hpp
@@ -150,7 +150,7 @@
nlohmann::json::iterator paths = j.find("paths");
if (paths != j.end())
{
- size_t interfaceCount = thisSession.interfaces.size();
+ int interfaceCount = thisSession.interfaces.size();
if (interfaceCount == 0)
{
interfaceCount = 1;
diff --git a/include/dbus_utility.hpp b/include/dbus_utility.hpp
index 947bc86..e45bb9a 100644
--- a/include/dbus_utility.hpp
+++ b/include/dbus_utility.hpp
@@ -48,8 +48,8 @@
std::string& result)
{
int count = 0;
- std::string::const_iterator first = path.begin();
- std::string::const_iterator last = path.end();
+ auto first = path.begin();
+ auto last = path.end();
for (auto it = path.begin(); it < path.end(); it++)
{
// skip first character as it's either a leading slash or the first
@@ -80,8 +80,7 @@
{
first++;
}
- result = path.substr(static_cast<size_t>(first - path.begin()),
- static_cast<size_t>(last - first));
+ result = path.substr(first - path.begin(), last - first);
return true;
}
diff --git a/include/openbmc_dbus_rest.hpp b/include/openbmc_dbus_rest.hpp
index e596920..ab35bb2 100644
--- a/include/openbmc_dbus_rest.hpp
+++ b/include/openbmc_dbus_rest.hpp
@@ -570,9 +570,8 @@
{
return -1;
}
- r = sd_bus_message_append_basic(
- m, argCode[0],
- reinterpret_cast<const void *>(stringValue->c_str()));
+ r = sd_bus_message_append_basic(m, argCode[0],
+ (void *)stringValue->c_str());
if (r < 0)
{
return r;
@@ -738,13 +737,13 @@
}
nlohmann::json::const_iterator it = j->begin();
- for (const std::string &argCode2 : dbusArgSplit(arg_type))
+ for (const std::string &argCode : dbusArgSplit(arg_type))
{
if (it == j->end())
{
return -1;
}
- r = convertJsonToDbus(m, argCode2, *it);
+ r = convertJsonToDbus(m, argCode, *it);
if (r < 0)
{
return r;
diff --git a/include/pam_authenticate.hpp b/include/pam_authenticate.hpp
index 1469aef..f211a29 100644
--- a/include/pam_authenticate.hpp
+++ b/include/pam_authenticate.hpp
@@ -25,7 +25,7 @@
std::strcpy(pass, appPass);
*resp = reinterpret_cast<pam_response*>(
- calloc(static_cast<size_t>(numMsg), sizeof(struct pam_response)));
+ calloc(numMsg, sizeof(struct pam_response)));
if (resp == nullptr)
{
diff --git a/include/persistent_data_middleware.hpp b/include/persistent_data_middleware.hpp
index 4cd75e8..b384f02 100644
--- a/include/persistent_data_middleware.hpp
+++ b/include/persistent_data_middleware.hpp
@@ -24,7 +24,7 @@
{
// todo(ed) should read this from a fixed location somewhere, not CWD
static constexpr const char* filename = "bmcweb_persistent_data.json";
- uint64_t jsonRevision = 1;
+ int jsonRevision = 1;
public:
struct Context
@@ -58,7 +58,7 @@
void readData()
{
std::ifstream persistentFile(filename);
- uint64_t fileRevision = 0;
+ int fileRevision = 0;
if (persistentFile.is_open())
{
// call with exceptions disabled
diff --git a/include/sessions.hpp b/include/sessions.hpp
index d55b199..6bc1c99 100644
--- a/include/sessions.hpp
+++ b/include/sessions.hpp
@@ -119,22 +119,22 @@
// https://www.owasp.org/index.php/Session_Management_Cheat_Sheet#Session_ID_Entropy
std::string sessionToken;
sessionToken.resize(20, '0');
- std::uniform_int_distribution<size_t> dist(0, alphanum.size() - 1);
- for (size_t i = 0; i < sessionToken.size(); ++i)
+ std::uniform_int_distribution<int> dist(0, alphanum.size() - 1);
+ for (int i = 0; i < sessionToken.size(); ++i)
{
sessionToken[i] = alphanum[dist(rd)];
}
// Only need csrf tokens for cookie based auth, token doesn't matter
std::string csrfToken;
csrfToken.resize(20, '0');
- for (size_t i = 0; i < csrfToken.size(); ++i)
+ for (int i = 0; i < csrfToken.size(); ++i)
{
csrfToken[i] = alphanum[dist(rd)];
}
std::string uniqueId;
uniqueId.resize(10, '0');
- for (size_t i = 0; i < uniqueId.size(); ++i)
+ for (int i = 0; i < uniqueId.size(); ++i)
{
uniqueId[i] = alphanum[dist(rd)];
}
@@ -205,7 +205,7 @@
{
return needWrite;
}
- long getTimeoutInSeconds() const
+ int getTimeoutInSeconds() const
{
return std::chrono::seconds(timeoutInMinutes).count();
};
diff --git a/include/ssl_key_handler.hpp b/include/ssl_key_handler.hpp
index 133d40d..34a7c04 100644
--- a/include/ssl_key_handler.hpp
+++ b/include/ssl_key_handler.hpp
@@ -17,7 +17,9 @@
namespace ensuressl
{
static void initOpenssl();
-static EVP_PKEY *createKey();
+static void cleanupOpenssl();
+static EVP_PKEY *createRsaKey();
+static EVP_PKEY *createEcKey();
static void handleOpensslError();
inline bool verifyOpensslKeyCert(const std::string &filepath)
@@ -108,7 +110,7 @@
// EVP_PKEY *pRsaPrivKey = create_rsa_key();
std::cerr << "Generating EC key\n";
- EVP_PKEY *pRsaPrivKey = createKey();
+ EVP_PKEY *pRsaPrivKey = createEcKey();
if (pRsaPrivKey != nullptr)
{
std::cerr << "Generating x509 Certificate\n";
@@ -175,16 +177,9 @@
// cleanup_openssl();
}
-EVP_PKEY *createKey()
+
+EVP_PKEY *createRsaKey()
{
- EVP_PKEY *pKey = NULL;
- pKey = EVP_PKEY_new();
- if (pKey == nullptr)
- {
- handleOpensslError();
- return nullptr;
- }
-#if BMCWEB_RSA_KEY
RSA *pRSA = NULL;
#if OPENSSL_VERSION_NUMBER < 0x00908000L
pRSA = RSA_generate_key(2048, RSA_3, NULL, NULL);
@@ -192,54 +187,60 @@
RSA_generate_key_ex(pRSA, 2048, NULL, NULL);
#endif
- if ((pRSA != nullptr) || EVP_PKEY_assign_RSA(pKey, pRSA) != 1)
+ EVP_PKEY *pKey = EVP_PKEY_new();
+ if ((pRSA != nullptr) && (pKey != nullptr) &&
+ EVP_PKEY_assign_RSA(pKey, pRSA))
+ {
+ /* pKey owns pRSA from now */
+ if (RSA_check_key(pRSA) <= 0)
+ {
+ fprintf(stderr, "RSA_check_key failed.\n");
+ handleOpensslError();
+ EVP_PKEY_free(pKey);
+ pKey = NULL;
+ }
+ }
+ else
{
handleOpensslError();
if (pRSA != nullptr)
{
RSA_free(pRSA);
+ pRSA = NULL;
}
if (pKey != nullptr)
{
EVP_PKEY_free(pKey);
+ pKey = NULL;
}
- return nullptr;
}
+ return pKey;
+}
- /* pKey owns pRSA from now */
- if (RSA_check_key(pRSA) != 1)
- {
- fprintf(stderr, "RSA_check_key failed.\n");
- handleOpensslError();
- EVP_PKEY_free(pKey);
- return nullptr;
- }
+EVP_PKEY *createEcKey()
+{
+ EVP_PKEY *pKey = NULL;
+ int eccgrp = 0;
+ eccgrp = OBJ_txt2nid("prime256v1");
-#else
- int eccgrp = OBJ_txt2nid("prime256v1");
EC_KEY *myecc = EC_KEY_new_by_curve_name(eccgrp);
- if (myecc == nullptr)
+ if (myecc != nullptr)
{
- handleOpensslError();
- return nullptr;
+ EC_KEY_set_asn1_flag(myecc, OPENSSL_EC_NAMED_CURVE);
+ EC_KEY_generate_key(myecc);
+ pKey = EVP_PKEY_new();
+ if (pKey != nullptr)
+ {
+ if (EVP_PKEY_assign_EC_KEY(pKey, myecc))
+ {
+ /* pKey owns pRSA from now */
+ if (EC_KEY_check_key(myecc) <= 0)
+ {
+ fprintf(stderr, "EC_check_key failed.\n");
+ }
+ }
+ }
}
-
- EC_KEY_set_asn1_flag(myecc, OPENSSL_EC_NAMED_CURVE);
- if (EC_KEY_generate_key(myecc) != 1)
- {
- handleOpensslError();
- EC_KEY_free(myecc);
- return nullptr;
- }
-
- if (EVP_PKEY_assign_EC_KEY(pKey, myecc) != 1)
- {
- handleOpensslError();
- EC_KEY_free(myecc);
- return nullptr;
- }
-
-#endif
return pKey;
}
@@ -252,6 +253,16 @@
#endif
}
+void cleanupOpenssl()
+{
+ CRYPTO_cleanup_all_ex_data();
+ ERR_free_strings();
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ ERR_remove_thread_state(0);
+#endif
+ EVP_cleanup();
+}
+
void handleOpensslError()
{
ERR_print_errors_fp(stderr);