From 62c3421a73053af5cf09d110f927632dd19f00aa Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 26 Jun 2017 15:07:48 -1000 Subject: enable wconversion and finish fixes (#3728) * enable wconversion and finish fixes * don't pass -Wconversion if it's win32 --- src/_cffi_src/build_openssl.py | 24 ++++++++++++++++++++++++ src/_cffi_src/openssl/ecdh.py | 4 ++-- src/_cffi_src/openssl/evp.py | 4 ++-- src/_cffi_src/openssl/ssl.py | 2 +- 4 files changed, 29 insertions(+), 5 deletions(-) (limited to 'src/_cffi_src') diff --git a/src/_cffi_src/build_openssl.py b/src/_cffi_src/build_openssl.py index 853f4488..86ee5007 100644 --- a/src/_cffi_src/build_openssl.py +++ b/src/_cffi_src/build_openssl.py @@ -36,6 +36,22 @@ def _get_openssl_libraries(platform): return ["ssl", "crypto"] +def _extra_compile_args(platform): + """ + We set -Wconversion args here so that we only do Wconversion checks on the + code we're compiling and not on cffi itself (as passing -Wconversion in + CFLAGS would do). We set no error on sign conversion because some + function signatures in OpenSSL have changed from long -> unsigned long + in the past. Since that isn't a precision issue we don't care. + When we drop support for CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 we can + revisit this. + """ + if platform != "win32": + return ["-Wconversion", "-Wno-error=sign-conversion"] + else: + return [] + + ffi = build_ffi_for_binding( module_name="_openssl", module_prefix="_cffi_src.openssl.", @@ -79,5 +95,13 @@ ffi = build_ffi_for_binding( "callbacks", ], libraries=_get_openssl_libraries(sys.platform), + # These args are passed here so that we only do Wconversion checks on the + # code we're compiling and not on cffi itself (as passing -Wconversion in + # CFLAGS would do). We set no error on sign convesrion because some + # function signatures in OpenSSL have changed from long -> unsigned long + # in the past. Since that isn't a precision issue we don't care. + # When we drop support for CRYPTOGRAPHY_OPENSSL_LESS_THAN_110 we can + # revisit this. + extra_compile_args=_extra_compile_args(sys.platform), extra_link_args=extra_link_args(compiler_type()), ) diff --git a/src/_cffi_src/openssl/ecdh.py b/src/_cffi_src/openssl/ecdh.py index 5ed426aa..7f658808 100644 --- a/src/_cffi_src/openssl/ecdh.py +++ b/src/_cffi_src/openssl/ecdh.py @@ -19,7 +19,7 @@ FUNCTIONS = """ MACROS = """ int ECDH_compute_key(void *, size_t, const EC_POINT *, EC_KEY *, void *(*)(const void *, size_t, void *, size_t *)); -int SSL_CTX_set_ecdh_auto(SSL_CTX *, int); +long SSL_CTX_set_ecdh_auto(SSL_CTX *, int); """ CUSTOMIZATIONS = """ @@ -27,7 +27,7 @@ static const long Cryptography_HAS_ECDH = 1; #ifndef SSL_CTX_set_ecdh_auto static const long Cryptography_HAS_SET_ECDH_AUTO = 0; -int (*SSL_CTX_set_ecdh_auto)(SSL_CTX *, int) = NULL; +long (*SSL_CTX_set_ecdh_auto)(SSL_CTX *, int) = NULL; #else static const long Cryptography_HAS_SET_ECDH_AUTO = 1; #endif diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py index 0f538286..a4edfc5a 100644 --- a/src/_cffi_src/openssl/evp.py +++ b/src/_cffi_src/openssl/evp.py @@ -230,8 +230,8 @@ static const long Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint = 1; #else static const long Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint = 0; size_t (*EVP_PKEY_get1_tls_encodedpoint)(EVP_PKEY *, unsigned char **) = NULL; -size_t (*EVP_PKEY_set1_tls_encodedpoint)(EVP_PKEY *, const unsigned char *, - size_t) = NULL; +int (*EVP_PKEY_set1_tls_encodedpoint)(EVP_PKEY *, const unsigned char *, + size_t) = NULL; #endif /* OpenSSL 1.1.0+ does this define for us, but if not present we'll do it */ diff --git a/src/_cffi_src/openssl/ssl.py b/src/_cffi_src/openssl/ssl.py index 99d67bb1..116a54d4 100644 --- a/src/_cffi_src/openssl/ssl.py +++ b/src/_cffi_src/openssl/ssl.py @@ -611,7 +611,7 @@ static const long Cryptography_HAS_DTLS = 1; long Cryptography_DTLSv1_get_timeout(SSL *ssl, time_t *ptv_sec, long *ptv_usec) { struct timeval tv = { 0 }; - int r = DTLSv1_get_timeout(ssl, &tv); + long r = DTLSv1_get_timeout(ssl, &tv); if (r == 1) { if (ptv_sec) { -- cgit v1.2.3